From: Saul Wold <sgw@linux.intel.com>
To: openembedded-core@lists.openembedded.org
Subject: [PATCH 1/7] gnupg: Update to 2.0.20
Date: Tue, 21 May 2013 17:40:19 -0700 [thread overview]
Message-ID: <956e704118008aa337ede574febbcc44c43adbf3.1369183108.git.sgw@linux.intel.com> (raw)
In-Reply-To: <cover.1369183108.git.sgw@linux.intel.com>
In-Reply-To: <cover.1369183108.git.sgw@linux.intel.com>
Removed obsolete patch
Signed-off-by: Saul Wold <sgw@linux.intel.com>
---
.../gnupg/gnupg-2.0.19/GnuPG2-CVE-2012-6085.patch | 63 ----------------------
.../gnupg/{gnupg_2.0.19.bb => gnupg_2.0.20.bb} | 8 ++-
2 files changed, 3 insertions(+), 68 deletions(-)
delete mode 100644 meta/recipes-support/gnupg/gnupg-2.0.19/GnuPG2-CVE-2012-6085.patch
rename meta/recipes-support/gnupg/{gnupg_2.0.19.bb => gnupg_2.0.20.bb} (80%)
diff --git a/meta/recipes-support/gnupg/gnupg-2.0.19/GnuPG2-CVE-2012-6085.patch b/meta/recipes-support/gnupg/gnupg-2.0.19/GnuPG2-CVE-2012-6085.patch
deleted file mode 100644
index 64c3034..0000000
--- a/meta/recipes-support/gnupg/gnupg-2.0.19/GnuPG2-CVE-2012-6085.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-commit 498882296ffac7987c644aaf2a0aa108a2925471
-Author: Werner Koch <wk@gnupg.org>
-Date: Thu Dec 20 09:43:41 2012 +0100
-
- gpg: Import only packets which are allowed in a keyblock.
-
- * g10/import.c (valid_keyblock_packet): New.
- (read_block): Store only valid packets.
- --
-
- A corrupted key, which for example included a mangled public key
- encrypted packet, used to corrupt the keyring. This change skips all
- packets which are not allowed in a keyblock.
-
- GnuPG-bug-id: 1455
-
- (cherry-picked from commit 3a4b96e665fa639772854058737ee3d54ba0694e)
-
-Upstream-Status: Backport
-
-Signed-off-by: Saul Wold <sgw@linux.intel.com>
-
-diff --git a/g10/import.c b/g10/import.c
-index ba2439d..ad112d6 100644
---- a/g10/import.c
-+++ b/g10/import.c
-@@ -347,6 +347,27 @@ import_print_stats (void *hd)
- }
-
-
-+/* Return true if PKTTYPE is valid in a keyblock. */
-+static int
-+valid_keyblock_packet (int pkttype)
-+{
-+ switch (pkttype)
-+ {
-+ case PKT_PUBLIC_KEY:
-+ case PKT_PUBLIC_SUBKEY:
-+ case PKT_SECRET_KEY:
-+ case PKT_SECRET_SUBKEY:
-+ case PKT_SIGNATURE:
-+ case PKT_USER_ID:
-+ case PKT_ATTRIBUTE:
-+ case PKT_RING_TRUST:
-+ return 1;
-+ default:
-+ return 0;
-+ }
-+}
-+
-+
- /****************
- * Read the next keyblock from stream A.
- * PENDING_PKT should be initialzed to NULL
-@@ -424,7 +445,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root )
- }
- in_cert = 1;
- default:
-- if( in_cert ) {
-+ if (in_cert && valid_keyblock_packet (pkt->pkttype)) {
- if( !root )
- root = new_kbnode( pkt );
- else
diff --git a/meta/recipes-support/gnupg/gnupg_2.0.19.bb b/meta/recipes-support/gnupg/gnupg_2.0.20.bb
similarity index 80%
rename from meta/recipes-support/gnupg/gnupg_2.0.19.bb
rename to meta/recipes-support/gnupg/gnupg_2.0.20.bb
index 593250a..87acd00 100644
--- a/meta/recipes-support/gnupg/gnupg_2.0.19.bb
+++ b/meta/recipes-support/gnupg/gnupg_2.0.20.bb
@@ -7,15 +7,13 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=f27defe1e96c2e1ecd4e0c9be8967949 \
DEPENDS = "${PTH} libassuan libksba zlib bzip2 readline libgcrypt"
PTH = "pth"
PTH_libc-uclibc = "npth"
-PR = "r5"
inherit autotools gettext
-SRC_URI = "ftp://ftp.gnupg.org/gcrypt/${BPN}/${BPN}-${PV}.tar.bz2 \
- file://GnuPG2-CVE-2012-6085.patch"
+SRC_URI = "ftp://ftp.gnupg.org/gcrypt/${BPN}/${BPN}-${PV}.tar.bz2"
-SRC_URI[md5sum] = "6a8589381ca1b0c1a921e9955f42b016"
-SRC_URI[sha256sum] = "efa23a8a925adb51c7d3b708c25b6d000300f5ce37de9bdec6453be7b419c622"
+SRC_URI[md5sum] = "9d18ee71bb0b10d40d1c8a393bdd7a89"
+SRC_URI[sha256sum] = "6e949b7f062cab8a3cf0910f91ecf04cabaad458c0aeeec66298651b8b04b79a"
EXTRA_OECONF = "--disable-ldap \
--disable-ccid-driver \
--
1.8.1.4
next prev parent reply other threads:[~2013-05-22 0:40 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-05-22 0:40 [PATCH 0/7] Package Updates Saul Wold
2013-05-22 0:40 ` Saul Wold [this message]
2013-05-22 0:40 ` [PATCH 2/7] desktop-file-utils: Update to 0.21 Saul Wold
2013-05-22 0:40 ` [PATCH 3/7] mklibs: Update to 0.1.37 Saul Wold
2013-05-22 0:40 ` [PATCH 4/7] libnl: Update to 3.2.22 Saul Wold
2013-05-22 0:40 ` [PATCH 5/7] mc: Update to 4.8.8 Saul Wold
2013-05-22 0:40 ` [PATCH 6/7] resolvconf: Update to 1.72 Saul Wold
2013-05-22 0:40 ` [PATCH 7/7] cmake: Update to 2.8.11 Saul Wold
2013-05-22 13:13 ` Otavio Salvador
2013-05-22 15:12 ` Saul Wold
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=956e704118008aa337ede574febbcc44c43adbf3.1369183108.git.sgw@linux.intel.com \
--to=sgw@linux.intel.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox