* [PATCH 0/2] Misc Fixes @ 2011-07-21 9:29 nitin.a.kamble 2011-07-21 9:29 ` [PATCH 1/2] python: fix security vulnerability nitin.a.kamble 2011-07-21 9:29 ` [PATCH 2/2] glib-2.0: fix a compilation issue due to dtrace nitin.a.kamble 0 siblings, 2 replies; 16+ messages in thread From: nitin.a.kamble @ 2011-07-21 9:29 UTC (permalink / raw) To: openembedded-core From: Nitin A Kamble <nitin.a.kamble@intel.com> The following changes since commit 35f20c5aacc9b23affe0380e8451ccc41cbc1799: eglibc: Tighten LICENSE Fields (2011-07-19 17:34:21 +0100) are available in the git repository at: git://git.pokylinux.org/poky-contrib nitin/misc http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=nitin/misc Nitin A Kamble (2): python: fix security vulnerability glib-2.0: fix a compilation issue due to dtrace meta/recipes-core/glib-2.0/glib-2.0_2.28.8.bb | 1 - meta/recipes-core/glib-2.0/glib.inc | 2 +- meta/recipes-devtools/python/python.inc | 2 +- .../python/python/security_issue_2254_fix.patch | 184 ++++++++++++++++++++ meta/recipes-devtools/python/python_2.6.6.bb | 3 +- 5 files changed, 188 insertions(+), 4 deletions(-) create mode 100644 meta/recipes-devtools/python/python/security_issue_2254_fix.patch -- 1.7.6 ^ permalink raw reply [flat|nested] 16+ messages in thread
* [PATCH 1/2] python: fix security vulnerability 2011-07-21 9:29 [PATCH 0/2] Misc Fixes nitin.a.kamble @ 2011-07-21 9:29 ` nitin.a.kamble 2011-07-21 18:55 ` Khem Raj 2011-07-21 9:29 ` [PATCH 2/2] glib-2.0: fix a compilation issue due to dtrace nitin.a.kamble 1 sibling, 1 reply; 16+ messages in thread From: nitin.a.kamble @ 2011-07-21 9:29 UTC (permalink / raw) To: openembedded-core From: Nitin A Kamble <nitin.a.kamble@intel.com> This Fixes bug: [Yocto #1254] http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1015 Issue #2254: Fix CGIHTTPServer information disclosure. Relative paths are now collapsed within the url properly before looking in cgi_directories. Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com> --- meta/recipes-devtools/python/python.inc | 2 +- .../python/python/security_issue_2254_fix.patch | 184 ++++++++++++++++++++ meta/recipes-devtools/python/python_2.6.6.bb | 3 +- 3 files changed, 187 insertions(+), 2 deletions(-) create mode 100644 meta/recipes-devtools/python/python/security_issue_2254_fix.patch diff --git a/meta/recipes-devtools/python/python.inc b/meta/recipes-devtools/python/python.inc index 25a458e..a6cc917 100644 --- a/meta/recipes-devtools/python/python.inc +++ b/meta/recipes-devtools/python/python.inc @@ -3,7 +3,7 @@ HOMEPAGE = "http://www.python.org" LICENSE = "PSF" SECTION = "devel/python" # bump this on every change in contrib/python/generate-manifest-2.6.py -INC_PR = "nk2" +INC_PR = "r2" DEFAULT_PREFERENCE = "-26" diff --git a/meta/recipes-devtools/python/python/security_issue_2254_fix.patch b/meta/recipes-devtools/python/python/security_issue_2254_fix.patch new file mode 100644 index 0000000..0d2274a --- /dev/null +++ b/meta/recipes-devtools/python/python/security_issue_2254_fix.patch @@ -0,0 +1,184 @@ +UpstreamStatus: Backport +http://svn.python.org/view?view=revision&revision=71303 + +Issue #2254: Fix CGIHTTPServer information disclosure. Relative paths are + now collapsed within the url properly before looking in cgi_directories. +Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> +2011/07/19 + +Index: Python-2.6.6/Lib/CGIHTTPServer.py +=================================================================== +--- Python-2.6.6.orig/Lib/CGIHTTPServer.py ++++ Python-2.6.6/Lib/CGIHTTPServer.py +@@ -70,27 +70,20 @@ class CGIHTTPRequestHandler(SimpleHTTPSe + return SimpleHTTPServer.SimpleHTTPRequestHandler.send_head(self) + + def is_cgi(self): +- """Test whether self.path corresponds to a CGI script, +- and return a boolean. ++ """Test whether self.path corresponds to a CGI script. + +- This function sets self.cgi_info to a tuple (dir, rest) +- when it returns True, where dir is the directory part before +- the CGI script name. Note that rest begins with a +- slash if it is not empty. +- +- The default implementation tests whether the path +- begins with one of the strings in the list +- self.cgi_directories (and the next character is a '/' +- or the end of the string). ++ Returns True and updates the cgi_info attribute to the tuple ++ (dir, rest) if self.path requires running a CGI script. ++ Returns False otherwise. ++ ++ The default implementation tests whether the normalized url ++ path begins with one of the strings in self.cgi_directories ++ (and the next character is a '/' or the end of the string). + """ +- +- path = self.path +- +- for x in self.cgi_directories: +- i = len(x) +- if path[:i] == x and (not path[i:] or path[i] == '/'): +- self.cgi_info = path[:i], path[i+1:] +- return True ++ splitpath = _url_collapse_path_split(self.path) ++ if splitpath[0] in self.cgi_directories: ++ self.cgi_info = splitpath ++ return True + return False + + cgi_directories = ['/cgi-bin', '/htbin'] +@@ -299,6 +292,46 @@ class CGIHTTPRequestHandler(SimpleHTTPSe + self.log_message("CGI script exited OK") + + ++# TODO(gregory.p.smith): Move this into an appropriate library. ++def _url_collapse_path_split(path): ++ """ ++ Given a URL path, remove extra '/'s and '.' path elements and collapse ++ any '..' references. ++ ++ Implements something akin to RFC-2396 5.2 step 6 to parse relative paths. ++ ++ Returns: A tuple of (head, tail) where tail is everything after the final / ++ and head is everything before it. Head will always start with a '/' and, ++ if it contains anything else, never have a trailing '/'. ++ ++ Raises: IndexError if too many '..' occur within the path. ++ """ ++ # Similar to os.path.split(os.path.normpath(path)) but specific to URL ++ # path semantics rather than local operating system semantics. ++ path_parts = [] ++ for part in path.split('/'): ++ if part == '.': ++ path_parts.append('') ++ else: ++ path_parts.append(part) ++ # Filter out blank non trailing parts before consuming the '..'. ++ path_parts = [part for part in path_parts[:-1] if part] + path_parts[-1:] ++ if path_parts: ++ tail_part = path_parts.pop() ++ else: ++ tail_part = '' ++ head_parts = [] ++ for part in path_parts: ++ if part == '..': ++ head_parts.pop() ++ else: ++ head_parts.append(part) ++ if tail_part and tail_part == '..': ++ head_parts.pop() ++ tail_part = '' ++ return ('/' + '/'.join(head_parts), tail_part) ++ ++ + nobody = None + + def nobody_uid(): +Index: Python-2.6.6/Lib/test/test_httpservers.py +=================================================================== +--- Python-2.6.6.orig/Lib/test/test_httpservers.py ++++ Python-2.6.6/Lib/test/test_httpservers.py +@@ -7,6 +7,7 @@ Josip Dzolonga, and Michael Otteneder fo + from BaseHTTPServer import BaseHTTPRequestHandler, HTTPServer + from SimpleHTTPServer import SimpleHTTPRequestHandler + from CGIHTTPServer import CGIHTTPRequestHandler ++import CGIHTTPServer + + import os + import sys +@@ -324,6 +325,45 @@ class CGIHTTPServerTestCase(BaseTestCase + finally: + BaseTestCase.tearDown(self) + ++ def test_url_collapse_path_split(self): ++ test_vectors = { ++ '': ('/', ''), ++ '..': IndexError, ++ '/.//..': IndexError, ++ '/': ('/', ''), ++ '//': ('/', ''), ++ '/\\': ('/', '\\'), ++ '/.//': ('/', ''), ++ 'cgi-bin/file1.py': ('/cgi-bin', 'file1.py'), ++ '/cgi-bin/file1.py': ('/cgi-bin', 'file1.py'), ++ 'a': ('/', 'a'), ++ '/a': ('/', 'a'), ++ '//a': ('/', 'a'), ++ './a': ('/', 'a'), ++ './C:/': ('/C:', ''), ++ '/a/b': ('/a', 'b'), ++ '/a/b/': ('/a/b', ''), ++ '/a/b/c/..': ('/a/b', ''), ++ '/a/b/c/../d': ('/a/b', 'd'), ++ '/a/b/c/../d/e/../f': ('/a/b/d', 'f'), ++ '/a/b/c/../d/e/../../f': ('/a/b', 'f'), ++ '/a/b/c/../d/e/.././././..//f': ('/a/b', 'f'), ++ '../a/b/c/../d/e/.././././..//f': IndexError, ++ '/a/b/c/../d/e/../../../f': ('/a', 'f'), ++ '/a/b/c/../d/e/../../../../f': ('/', 'f'), ++ '/a/b/c/../d/e/../../../../../f': IndexError, ++ '/a/b/c/../d/e/../../../../f/..': ('/', ''), ++ } ++ for path, expected in test_vectors.iteritems(): ++ if isinstance(expected, type) and issubclass(expected, Exception): ++ self.assertRaises(expected, ++ CGIHTTPServer._url_collapse_path_split, path) ++ else: ++ actual = CGIHTTPServer._url_collapse_path_split(path) ++ self.assertEquals(expected, actual, ++ msg='path = %r\nGot: %r\nWanted: %r' % ( ++ path, actual, expected)) ++ + def test_headers_and_content(self): + res = self.request('/cgi-bin/file1.py') + self.assertEquals(('Hello World\n', 'text/html', 200), \ +@@ -348,6 +388,12 @@ class CGIHTTPServerTestCase(BaseTestCase + self.assertEquals(('Hello World\n', 'text/html', 200), \ + (res.read(), res.getheader('Content-type'), res.status)) + ++ def test_no_leading_slash(self): ++ # http://bugs.python.org/issue2254 ++ res = self.request('cgi-bin/file1.py') ++ self.assertEquals(('Hello World\n', 'text/html', 200), ++ (res.read(), res.getheader('Content-type'), res.status)) ++ + + def test_main(verbose=None): + cwd = os.getcwd() +Index: Python-2.6.6/Misc/NEWS +=================================================================== +--- Python-2.6.6.orig/Misc/NEWS ++++ Python-2.6.6/Misc/NEWS +@@ -137,6 +137,9 @@ C-API + Library + ------- + ++- Issue #2254: Fix CGIHTTPServer information disclosure. Relative paths are ++ now collapsed within the url properly before looking in cgi_directories. ++ + - Issue #8447: Make distutils.sysconfig follow symlinks in the path to + the interpreter executable. This fixes a failure of test_httpservers + on OS X. diff --git a/meta/recipes-devtools/python/python_2.6.6.bb b/meta/recipes-devtools/python/python_2.6.6.bb index 800ba04..d5e7d22 100644 --- a/meta/recipes-devtools/python/python_2.6.6.bb +++ b/meta/recipes-devtools/python/python_2.6.6.bb @@ -1,7 +1,7 @@ require python.inc DEPENDS = "python-native db gdbm openssl readline sqlite3 zlib" DEPENDS_sharprom = "python-native db readline zlib gdbm openssl" -PR = "${INC_PR}.8" +PR = "${INC_PR}.9" LIC_FILES_CHKSUM = "file://LICENSE;md5=38fdd546420fab09ac6bd3d8a1c83eb6" DISTRO_SRC_URI ?= "file://sitecustomize.py" @@ -18,6 +18,7 @@ SRC_URI = "\ file://99-ignore-optimization-flag.patch \ ${DISTRO_SRC_URI} \ file://multilib.patch \ + file://security_issue_2254_fix.patch \ " SRC_URI[md5sum] = "cf4e6881bb84a7ce6089e4a307f71f14" -- 1.7.6 ^ permalink raw reply related [flat|nested] 16+ messages in thread
* Re: [PATCH 1/2] python: fix security vulnerability 2011-07-21 9:29 ` [PATCH 1/2] python: fix security vulnerability nitin.a.kamble @ 2011-07-21 18:55 ` Khem Raj 2011-07-22 3:32 ` Kamble, Nitin A 0 siblings, 1 reply; 16+ messages in thread From: Khem Raj @ 2011-07-21 18:55 UTC (permalink / raw) To: Patches and discussions about the oe-core layer On Thu, Jul 21, 2011 at 2:29 AM, <nitin.a.kamble@intel.com> wrote: > From: Nitin A Kamble <nitin.a.kamble@intel.com> > > This Fixes bug: [Yocto #1254] > > http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1015 > > Issue #2254: Fix CGIHTTPServer information disclosure. Relative paths are > now collapsed within the url properly before looking in cgi_directories. > > Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com> > --- > meta/recipes-devtools/python/python.inc | 2 +- > .../python/python/security_issue_2254_fix.patch | 184 ++++++++++++++++++++ > meta/recipes-devtools/python/python_2.6.6.bb | 3 +- > 3 files changed, 187 insertions(+), 2 deletions(-) > create mode 100644 meta/recipes-devtools/python/python/security_issue_2254_fix.patch > > diff --git a/meta/recipes-devtools/python/python.inc b/meta/recipes-devtools/python/python.inc > index 25a458e..a6cc917 100644 > --- a/meta/recipes-devtools/python/python.inc > +++ b/meta/recipes-devtools/python/python.inc > @@ -3,7 +3,7 @@ HOMEPAGE = "http://www.python.org" > LICENSE = "PSF" > SECTION = "devel/python" > # bump this on every change in contrib/python/generate-manifest-2.6.py > -INC_PR = "nk2" > +INC_PR = "r2" > > DEFAULT_PREFERENCE = "-26" > > diff --git a/meta/recipes-devtools/python/python/security_issue_2254_fix.patch b/meta/recipes-devtools/python/python/security_issue_2254_fix.patch > new file mode 100644 > index 0000000..0d2274a > --- /dev/null > +++ b/meta/recipes-devtools/python/python/security_issue_2254_fix.patch > @@ -0,0 +1,184 @@ > +UpstreamStatus: Backport This should be Upstream-Status I guess to match other patches that said there are few more anomalies meta/recipes-devtools/dosfstools/dosfstools/dosfstools-2.10-kernel-2.6.patch: "Upstream Status" meta/recipes-devtools/btrfs-tools/btrfs-tools/fix_use_of_gcc.patch:UpstreamStatus: Pending meta/recipes-devtools/elfutils/elfutils/fix_for_gcc-4.7.patch:UpstreamStatus: pending > +http://svn.python.org/view?view=revision&revision=71303 > + > +Issue #2254: Fix CGIHTTPServer information disclosure. Relative paths are > + now collapsed within the url properly before looking in cgi_directories. > +Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> > +2011/07/19 > + > +Index: Python-2.6.6/Lib/CGIHTTPServer.py > +=================================================================== > +--- Python-2.6.6.orig/Lib/CGIHTTPServer.py > ++++ Python-2.6.6/Lib/CGIHTTPServer.py > +@@ -70,27 +70,20 @@ class CGIHTTPRequestHandler(SimpleHTTPSe > + return SimpleHTTPServer.SimpleHTTPRequestHandler.send_head(self) > + > + def is_cgi(self): > +- """Test whether self.path corresponds to a CGI script, > +- and return a boolean. > ++ """Test whether self.path corresponds to a CGI script. > + > +- This function sets self.cgi_info to a tuple (dir, rest) > +- when it returns True, where dir is the directory part before > +- the CGI script name. Note that rest begins with a > +- slash if it is not empty. > +- > +- The default implementation tests whether the path > +- begins with one of the strings in the list > +- self.cgi_directories (and the next character is a '/' > +- or the end of the string). > ++ Returns True and updates the cgi_info attribute to the tuple > ++ (dir, rest) if self.path requires running a CGI script. > ++ Returns False otherwise. > ++ > ++ The default implementation tests whether the normalized url > ++ path begins with one of the strings in self.cgi_directories > ++ (and the next character is a '/' or the end of the string). > + """ > +- > +- path = self.path > +- > +- for x in self.cgi_directories: > +- i = len(x) > +- if path[:i] == x and (not path[i:] or path[i] == '/'): > +- self.cgi_info = path[:i], path[i+1:] > +- return True > ++ splitpath = _url_collapse_path_split(self.path) > ++ if splitpath[0] in self.cgi_directories: > ++ self.cgi_info = splitpath > ++ return True > + return False > + > + cgi_directories = ['/cgi-bin', '/htbin'] > +@@ -299,6 +292,46 @@ class CGIHTTPRequestHandler(SimpleHTTPSe > + self.log_message("CGI script exited OK") > + > + > ++# TODO(gregory.p.smith): Move this into an appropriate library. > ++def _url_collapse_path_split(path): > ++ """ > ++ Given a URL path, remove extra '/'s and '.' path elements and collapse > ++ any '..' references. > ++ > ++ Implements something akin to RFC-2396 5.2 step 6 to parse relative paths. > ++ > ++ Returns: A tuple of (head, tail) where tail is everything after the final / > ++ and head is everything before it. Head will always start with a '/' and, > ++ if it contains anything else, never have a trailing '/'. > ++ > ++ Raises: IndexError if too many '..' occur within the path. > ++ """ > ++ # Similar to os.path.split(os.path.normpath(path)) but specific to URL > ++ # path semantics rather than local operating system semantics. > ++ path_parts = [] > ++ for part in path.split('/'): > ++ if part == '.': > ++ path_parts.append('') > ++ else: > ++ path_parts.append(part) > ++ # Filter out blank non trailing parts before consuming the '..'. > ++ path_parts = [part for part in path_parts[:-1] if part] + path_parts[-1:] > ++ if path_parts: > ++ tail_part = path_parts.pop() > ++ else: > ++ tail_part = '' > ++ head_parts = [] > ++ for part in path_parts: > ++ if part == '..': > ++ head_parts.pop() > ++ else: > ++ head_parts.append(part) > ++ if tail_part and tail_part == '..': > ++ head_parts.pop() > ++ tail_part = '' > ++ return ('/' + '/'.join(head_parts), tail_part) > ++ > ++ > + nobody = None > + > + def nobody_uid(): > +Index: Python-2.6.6/Lib/test/test_httpservers.py > +=================================================================== > +--- Python-2.6.6.orig/Lib/test/test_httpservers.py > ++++ Python-2.6.6/Lib/test/test_httpservers.py > +@@ -7,6 +7,7 @@ Josip Dzolonga, and Michael Otteneder fo > + from BaseHTTPServer import BaseHTTPRequestHandler, HTTPServer > + from SimpleHTTPServer import SimpleHTTPRequestHandler > + from CGIHTTPServer import CGIHTTPRequestHandler > ++import CGIHTTPServer > + > + import os > + import sys > +@@ -324,6 +325,45 @@ class CGIHTTPServerTestCase(BaseTestCase > + finally: > + BaseTestCase.tearDown(self) > + > ++ def test_url_collapse_path_split(self): > ++ test_vectors = { > ++ '': ('/', ''), > ++ '..': IndexError, > ++ '/.//..': IndexError, > ++ '/': ('/', ''), > ++ '//': ('/', ''), > ++ '/\\': ('/', '\\'), > ++ '/.//': ('/', ''), > ++ 'cgi-bin/file1.py': ('/cgi-bin', 'file1.py'), > ++ '/cgi-bin/file1.py': ('/cgi-bin', 'file1.py'), > ++ 'a': ('/', 'a'), > ++ '/a': ('/', 'a'), > ++ '//a': ('/', 'a'), > ++ './a': ('/', 'a'), > ++ './C:/': ('/C:', ''), > ++ '/a/b': ('/a', 'b'), > ++ '/a/b/': ('/a/b', ''), > ++ '/a/b/c/..': ('/a/b', ''), > ++ '/a/b/c/../d': ('/a/b', 'd'), > ++ '/a/b/c/../d/e/../f': ('/a/b/d', 'f'), > ++ '/a/b/c/../d/e/../../f': ('/a/b', 'f'), > ++ '/a/b/c/../d/e/.././././..//f': ('/a/b', 'f'), > ++ '../a/b/c/../d/e/.././././..//f': IndexError, > ++ '/a/b/c/../d/e/../../../f': ('/a', 'f'), > ++ '/a/b/c/../d/e/../../../../f': ('/', 'f'), > ++ '/a/b/c/../d/e/../../../../../f': IndexError, > ++ '/a/b/c/../d/e/../../../../f/..': ('/', ''), > ++ } > ++ for path, expected in test_vectors.iteritems(): > ++ if isinstance(expected, type) and issubclass(expected, Exception): > ++ self.assertRaises(expected, > ++ CGIHTTPServer._url_collapse_path_split, path) > ++ else: > ++ actual = CGIHTTPServer._url_collapse_path_split(path) > ++ self.assertEquals(expected, actual, > ++ msg='path = %r\nGot: %r\nWanted: %r' % ( > ++ path, actual, expected)) > ++ > + def test_headers_and_content(self): > + res = self.request('/cgi-bin/file1.py') > + self.assertEquals(('Hello World\n', 'text/html', 200), \ > +@@ -348,6 +388,12 @@ class CGIHTTPServerTestCase(BaseTestCase > + self.assertEquals(('Hello World\n', 'text/html', 200), \ > + (res.read(), res.getheader('Content-type'), res.status)) > + > ++ def test_no_leading_slash(self): > ++ # http://bugs.python.org/issue2254 > ++ res = self.request('cgi-bin/file1.py') > ++ self.assertEquals(('Hello World\n', 'text/html', 200), > ++ (res.read(), res.getheader('Content-type'), res.status)) > ++ > + > + def test_main(verbose=None): > + cwd = os.getcwd() > +Index: Python-2.6.6/Misc/NEWS > +=================================================================== > +--- Python-2.6.6.orig/Misc/NEWS > ++++ Python-2.6.6/Misc/NEWS > +@@ -137,6 +137,9 @@ C-API > + Library > + ------- > + > ++- Issue #2254: Fix CGIHTTPServer information disclosure. Relative paths are > ++ now collapsed within the url properly before looking in cgi_directories. > ++ > + - Issue #8447: Make distutils.sysconfig follow symlinks in the path to > + the interpreter executable. This fixes a failure of test_httpservers > + on OS X. > diff --git a/meta/recipes-devtools/python/python_2.6.6.bb b/meta/recipes-devtools/python/python_2.6.6.bb > index 800ba04..d5e7d22 100644 > --- a/meta/recipes-devtools/python/python_2.6.6.bb > +++ b/meta/recipes-devtools/python/python_2.6.6.bb > @@ -1,7 +1,7 @@ > require python.inc > DEPENDS = "python-native db gdbm openssl readline sqlite3 zlib" > DEPENDS_sharprom = "python-native db readline zlib gdbm openssl" > -PR = "${INC_PR}.8" > +PR = "${INC_PR}.9" > LIC_FILES_CHKSUM = "file://LICENSE;md5=38fdd546420fab09ac6bd3d8a1c83eb6" > > DISTRO_SRC_URI ?= "file://sitecustomize.py" > @@ -18,6 +18,7 @@ SRC_URI = "\ > file://99-ignore-optimization-flag.patch \ > ${DISTRO_SRC_URI} \ > file://multilib.patch \ > + file://security_issue_2254_fix.patch \ > " > > SRC_URI[md5sum] = "cf4e6881bb84a7ce6089e4a307f71f14" > -- > 1.7.6 > > > _______________________________________________ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core > ^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [PATCH 1/2] python: fix security vulnerability 2011-07-21 18:55 ` Khem Raj @ 2011-07-22 3:32 ` Kamble, Nitin A 0 siblings, 0 replies; 16+ messages in thread From: Kamble, Nitin A @ 2011-07-22 3:32 UTC (permalink / raw) To: Patches and discussions about the oe-core layer > devtools/python/python/security_issue_2254_fix.patch > > @@ -0,0 +1,184 @@ > > +UpstreamStatus: Backport > > This should be Upstream-Status I guess to match other patches that > said there are few more anomalies > > meta/recipes-devtools/dosfstools/dosfstools/dosfstools-2.10-kernel- > 2.6.patch: > "Upstream Status" > meta/recipes-devtools/btrfs-tools/btrfs- > tools/fix_use_of_gcc.patch:UpstreamStatus: > Pending > meta/recipes-devtools/elfutils/elfutils/fix_for_gcc- > 4.7.patch:UpstreamStatus: > pending > Thanks Khem for catching these. I have sending fixes for these. Nitin ^ permalink raw reply [flat|nested] 16+ messages in thread
* [PATCH 2/2] glib-2.0: fix a compilation issue due to dtrace 2011-07-21 9:29 [PATCH 0/2] Misc Fixes nitin.a.kamble 2011-07-21 9:29 ` [PATCH 1/2] python: fix security vulnerability nitin.a.kamble @ 2011-07-21 9:29 ` nitin.a.kamble 2011-07-21 15:57 ` Koen Kooi 2011-07-21 16:00 ` Phil Blundell 1 sibling, 2 replies; 16+ messages in thread From: nitin.a.kamble @ 2011-07-21 9:29 UTC (permalink / raw) To: openembedded-core From: Nitin A Kamble <nitin.a.kamble@intel.com> Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com> --- meta/recipes-core/glib-2.0/glib-2.0_2.28.8.bb | 1 - meta/recipes-core/glib-2.0/glib.inc | 2 +- 2 files changed, 1 insertions(+), 2 deletions(-) diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.28.8.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.28.8.bb index a2e609f..7d095c1 100644 --- a/meta/recipes-core/glib-2.0/glib-2.0_2.28.8.bb +++ b/meta/recipes-core/glib-2.0/glib-2.0_2.28.8.bb @@ -19,4 +19,3 @@ SRC_URI[md5sum] = "789e7520f71c6a4bf08bc683ec764d24" SRC_URI[sha256sum] = "222f3055d6c413417b50901008c654865e5a311c73f0ae918b0a9978d1f9466f" BBCLASSEXTEND = "native" - diff --git a/meta/recipes-core/glib-2.0/glib.inc b/meta/recipes-core/glib-2.0/glib.inc index e25db3d..9768284 100644 --- a/meta/recipes-core/glib-2.0/glib.inc +++ b/meta/recipes-core/glib-2.0/glib.inc @@ -25,7 +25,7 @@ inherit autotools pkgconfig gettext S = "${WORKDIR}/glib-${PV}" -EXTRA_OECONF = "--disable-debug --enable-included-printf=no" +EXTRA_OECONF = "--disable-debug --enable-included-printf=no --enable-dtrace=no" EXTRA_OECONF_virtclass-native = "" EXTRA_OECONF_linuxstdbase = "--enable-included-printf=no" -- 1.7.6 ^ permalink raw reply related [flat|nested] 16+ messages in thread
* Re: [PATCH 2/2] glib-2.0: fix a compilation issue due to dtrace 2011-07-21 9:29 ` [PATCH 2/2] glib-2.0: fix a compilation issue due to dtrace nitin.a.kamble @ 2011-07-21 15:57 ` Koen Kooi 2011-07-21 16:00 ` Phil Blundell 1 sibling, 0 replies; 16+ messages in thread From: Koen Kooi @ 2011-07-21 15:57 UTC (permalink / raw) To: Patches and discussions about the oe-core layer Op 21 jul. 2011, om 11:29 heeft nitin.a.kamble@intel.com het volgende geschreven: > From: Nitin A Kamble <nitin.a.kamble@intel.com> > > Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com> > --- > meta/recipes-core/glib-2.0/glib-2.0_2.28.8.bb | 1 - > meta/recipes-core/glib-2.0/glib.inc | 2 +- > 2 files changed, 1 insertions(+), 2 deletions(-) > > diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.28.8.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.28.8.bb > index a2e609f..7d095c1 100644 > --- a/meta/recipes-core/glib-2.0/glib-2.0_2.28.8.bb > +++ b/meta/recipes-core/glib-2.0/glib-2.0_2.28.8.bb > @@ -19,4 +19,3 @@ SRC_URI[md5sum] = "789e7520f71c6a4bf08bc683ec764d24" > SRC_URI[sha256sum] = "222f3055d6c413417b50901008c654865e5a311c73f0ae918b0a9978d1f9466f" > > BBCLASSEXTEND = "native" > - Missing PR bump > diff --git a/meta/recipes-core/glib-2.0/glib.inc b/meta/recipes-core/glib-2.0/glib.inc > index e25db3d..9768284 100644 > --- a/meta/recipes-core/glib-2.0/glib.inc > +++ b/meta/recipes-core/glib-2.0/glib.inc > @@ -25,7 +25,7 @@ inherit autotools pkgconfig gettext > > S = "${WORKDIR}/glib-${PV}" > > -EXTRA_OECONF = "--disable-debug --enable-included-printf=no" > +EXTRA_OECONF = "--disable-debug --enable-included-printf=no --enable-dtrace=no" > EXTRA_OECONF_virtclass-native = "" > EXTRA_OECONF_linuxstdbase = "--enable-included-printf=no" > > -- > 1.7.6 > > > _______________________________________________ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core ^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [PATCH 2/2] glib-2.0: fix a compilation issue due to dtrace 2011-07-21 9:29 ` [PATCH 2/2] glib-2.0: fix a compilation issue due to dtrace nitin.a.kamble 2011-07-21 15:57 ` Koen Kooi @ 2011-07-21 16:00 ` Phil Blundell 2011-07-21 16:38 ` Kamble, Nitin A 1 sibling, 1 reply; 16+ messages in thread From: Phil Blundell @ 2011-07-21 16:00 UTC (permalink / raw) To: Patches and discussions about the oe-core layer On Thu, 2011-07-21 at 02:29 -0700, nitin.a.kamble@intel.com wrote: > From: Nitin A Kamble <nitin.a.kamble@intel.com> > > Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com> Could you add some text to the commit message explaining what the compilation issue was and under what circumstances it occurred? It might also be good to know why bumping PR isn't necessary. Also: > diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.28.8.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.28.8.bb > index a2e609f..7d095c1 100644 > --- a/meta/recipes-core/glib-2.0/glib-2.0_2.28.8.bb > +++ b/meta/recipes-core/glib-2.0/glib-2.0_2.28.8.bb > @@ -19,4 +19,3 @@ SRC_URI[md5sum] = "789e7520f71c6a4bf08bc683ec764d24" > SRC_URI[sha256sum] = "222f3055d6c413417b50901008c654865e5a311c73f0ae918b0a9978d1f9466f" > > BBCLASSEXTEND = "native" > - ... I guess this part of the patch can be omitted. p. ^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [PATCH 2/2] glib-2.0: fix a compilation issue due to dtrace 2011-07-21 16:00 ` Phil Blundell @ 2011-07-21 16:38 ` Kamble, Nitin A 0 siblings, 0 replies; 16+ messages in thread From: Kamble, Nitin A @ 2011-07-21 16:38 UTC (permalink / raw) To: Patches and discussions about the oe-core layer > -----Original Message----- > From: openembedded-core-bounces@lists.openembedded.org > [mailto:openembedded-core-bounces@lists.openembedded.org] On Behalf Of > Phil Blundell > Sent: Thursday, July 21, 2011 9:00 AM > To: Patches and discussions about the oe-core layer > Subject: Re: [OE-core] [PATCH 2/2] glib-2.0: fix a compilation issue > due to dtrace > > On Thu, 2011-07-21 at 02:29 -0700, nitin.a.kamble@intel.com wrote: > > From: Nitin A Kamble <nitin.a.kamble@intel.com> > > > > Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com> > > Could you add some text to the commit message explaining what the > compilation issue was and under what circumstances it occurred? It > might also be good to know why bumping PR isn't necessary. > Phil, I felt the PR bump was not necessary, as it was fixing the compilation issue. I will add more information to the commit and resend it. > Also: > > > diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.28.8.bb > b/meta/recipes-core/glib-2.0/glib-2.0_2.28.8.bb > > index a2e609f..7d095c1 100644 > > --- a/meta/recipes-core/glib-2.0/glib-2.0_2.28.8.bb > > +++ b/meta/recipes-core/glib-2.0/glib-2.0_2.28.8.bb > > @@ -19,4 +19,3 @@ SRC_URI[md5sum] = > "789e7520f71c6a4bf08bc683ec764d24" > > SRC_URI[sha256sum] = > "222f3055d6c413417b50901008c654865e5a311c73f0ae918b0a9978d1f9466f" > > > > BBCLASSEXTEND = "native" > > - > > ... I guess this part of the patch can be omitted. Noted down. Thanks, Nitin > > p. > > > > _______________________________________________ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core ^ permalink raw reply [flat|nested] 16+ messages in thread
* [PATCH 0/2] Misc Fixes @ 2011-07-21 21:08 nitin.a.kamble 2011-07-22 15:41 ` Saul Wold 0 siblings, 1 reply; 16+ messages in thread From: nitin.a.kamble @ 2011-07-21 21:08 UTC (permalink / raw) To: openembedded-core From: Nitin A Kamble <nitin.a.kamble@intel.com> The following changes since commit 8bd302b16dbd708fb9446fdc534ac64d873a34f5: glib-2.0: fix a compilation issue due to dtrace (2011-07-21 14:01:33 -0700) are available in the git repository at: git://git.pokylinux.org/poky-contrib nitin/misc http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=nitin/misc Nitin A Kamble (2): python: fix security vulnerability fix Upstream-Status line for few patches .../btrfs-tools/btrfs-tools/fix_use_of_gcc.patch | 2 +- .../dosfstools/dosfstools-2.10-kernel-2.6.patch | 2 +- .../elfutils/elfutils/fix_for_gcc-4.7.patch | 2 +- meta/recipes-devtools/python/python.inc | 2 +- .../python/python/security_issue_2254_fix.patch | 184 ++++++++++++++++++++ meta/recipes-devtools/python/python_2.6.6.bb | 3 +- 6 files changed, 190 insertions(+), 5 deletions(-) create mode 100644 meta/recipes-devtools/python/python/security_issue_2254_fix.patch -- 1.7.6 ^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [PATCH 0/2] Misc Fixes 2011-07-21 21:08 [PATCH 0/2] Misc Fixes nitin.a.kamble @ 2011-07-22 15:41 ` Saul Wold 0 siblings, 0 replies; 16+ messages in thread From: Saul Wold @ 2011-07-22 15:41 UTC (permalink / raw) To: Patches and discussions about the oe-core layer On 07/21/2011 02:08 PM, nitin.a.kamble@intel.com wrote: > From: Nitin A Kamble<nitin.a.kamble@intel.com> > > The following changes since commit 8bd302b16dbd708fb9446fdc534ac64d873a34f5: > > glib-2.0: fix a compilation issue due to dtrace (2011-07-21 14:01:33 -0700) > > are available in the git repository at: > git://git.pokylinux.org/poky-contrib nitin/misc > http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=nitin/misc > > Nitin A Kamble (2): > python: fix security vulnerability > fix Upstream-Status line for few patches > > .../btrfs-tools/btrfs-tools/fix_use_of_gcc.patch | 2 +- > .../dosfstools/dosfstools-2.10-kernel-2.6.patch | 2 +- > .../elfutils/elfutils/fix_for_gcc-4.7.patch | 2 +- > meta/recipes-devtools/python/python.inc | 2 +- > .../python/python/security_issue_2254_fix.patch | 184 ++++++++++++++++++++ > meta/recipes-devtools/python/python_2.6.6.bb | 3 +- > 6 files changed, 190 insertions(+), 5 deletions(-) > create mode 100644 meta/recipes-devtools/python/python/security_issue_2254_fix.patch > Merged into OE-Core Thanks Sau! ^ permalink raw reply [flat|nested] 16+ messages in thread
* [PATCH 0/2] Misc fixes @ 2012-01-19 13:59 Paul Eggleton 0 siblings, 0 replies; 16+ messages in thread From: Paul Eggleton @ 2012-01-19 13:59 UTC (permalink / raw) To: openembedded-core A fix for the patch error backtrace as well as removing PRIORITY from the recently upgraded hdparm recipe. The following changes since commit a0f5dd25a37fe3b8664c2133e80b6214559f93f6: package_rpm.bbclass: Add support for filenames with spaces (2012-01-17 16:20:46 +0000) are available in the git repository at: git://git.openembedded.org/openembedded-core-contrib paule/fixes11 http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=paule/fixes11 Paul Eggleton (2): classes/patch: avoid backtrace when patch does not apply hdparm: remove PRIORITY meta/classes/patch.bbclass | 5 ++++- meta/lib/oe/patch.py | 10 +++++----- meta/recipes-extended/hdparm/hdparm_9.37.bb | 1 - 3 files changed, 9 insertions(+), 7 deletions(-) -- 1.7.5.4 ^ permalink raw reply [flat|nested] 16+ messages in thread
* [PATCH 0/2] Misc Fixes @ 2012-04-13 4:43 nitin.a.kamble 0 siblings, 0 replies; 16+ messages in thread From: nitin.a.kamble @ 2012-04-13 4:43 UTC (permalink / raw) To: openembedded-core From: Nitin A Kamble <nitin.a.kamble@intel.com> Misc Fixes. These are tested on 64bit fedora 17 alpha system for qemux86 machine Nitin The following changes since commit b8f45af0c477b23b85ea8eb02f3c9e46a666a422: mklibs-native: fix for gcc-4.7 (2012-04-12 15:25:04 -0700) are available in the git repository at: git://git.pokylinux.org/poky-contrib nitin/bugfixes http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=nitin/bugfixes Nitin A Kamble (2): eglibc: fix perl path in target scripts on fedora 17 alpha eglibc: clean up the common code from 2.1[35] versions meta/recipes-core/eglibc/eglibc.inc | 2 ++ meta/recipes-core/eglibc/eglibc_2.13.bb | 5 +---- meta/recipes-core/eglibc/eglibc_2.15.bb | 4 +--- 3 files changed, 4 insertions(+), 7 deletions(-) -- 1.7.7 ^ permalink raw reply [flat|nested] 16+ messages in thread
* [PATCH 0/2] Misc fixes @ 2012-04-26 22:53 nitin.a.kamble 2012-05-01 18:32 ` Saul Wold 0 siblings, 1 reply; 16+ messages in thread From: nitin.a.kamble @ 2012-04-26 22:53 UTC (permalink / raw) To: openembedded-core From: Nitin A Kamble <nitin.a.kamble@intel.com> This fixes are for issues discovered with gcc-4.7 & eglibc-2.15 Nitin The following changes since commit c84c6bc074e0fdeaebce99152cdb4b1e7e92543d: tcmode-default: make eglibc 2.15 as the default libc (2012-04-26 12:49:25 -0700) are available in the git repository at: git://git.pokylinux.org/poky-contrib nitin/misc http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=nitin/misc Nitin A Kamble (2): eglibc: package mtrace separately tcl: fix target recipe build issue on older distros meta/recipes-core/eglibc/eglibc-package.inc | 8 ++- meta/recipes-core/eglibc/eglibc_2.13.bb | 2 +- meta/recipes-core/eglibc/eglibc_2.15.bb | 2 +- .../tcl/fix_issue_with_old_distro_glibc.patch | 109 ++++++++++++++++++++ meta/recipes-devtools/tcltk/tcl_8.5.11.bb | 5 +- 5 files changed, 121 insertions(+), 5 deletions(-) create mode 100644 meta/recipes-devtools/tcltk/tcl/fix_issue_with_old_distro_glibc.patch -- 1.7.7 ^ permalink raw reply [flat|nested] 16+ messages in thread
* Re: [PATCH 0/2] Misc fixes 2012-04-26 22:53 [PATCH 0/2] Misc fixes nitin.a.kamble @ 2012-05-01 18:32 ` Saul Wold 0 siblings, 0 replies; 16+ messages in thread From: Saul Wold @ 2012-05-01 18:32 UTC (permalink / raw) To: Patches and discussions about the oe-core layer On 04/26/2012 03:53 PM, nitin.a.kamble@intel.com wrote: > From: Nitin A Kamble<nitin.a.kamble@intel.com> > > This fixes are for issues discovered with gcc-4.7& eglibc-2.15 > > Nitin > > The following changes since commit c84c6bc074e0fdeaebce99152cdb4b1e7e92543d: > > tcmode-default: make eglibc 2.15 as the default libc (2012-04-26 12:49:25 -0700) > > are available in the git repository at: > git://git.pokylinux.org/poky-contrib nitin/misc > http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=nitin/misc > > Nitin A Kamble (2): > eglibc: package mtrace separately This needs a comment update and check that it really installs to the *-sdk images. > tcl: fix target recipe build issue on older distros > Merged TCL to OE-Core Thanks Sau! > meta/recipes-core/eglibc/eglibc-package.inc | 8 ++- > meta/recipes-core/eglibc/eglibc_2.13.bb | 2 +- > meta/recipes-core/eglibc/eglibc_2.15.bb | 2 +- > .../tcl/fix_issue_with_old_distro_glibc.patch | 109 ++++++++++++++++++++ > meta/recipes-devtools/tcltk/tcl_8.5.11.bb | 5 +- > 5 files changed, 121 insertions(+), 5 deletions(-) > create mode 100644 meta/recipes-devtools/tcltk/tcl/fix_issue_with_old_distro_glibc.patch > ^ permalink raw reply [flat|nested] 16+ messages in thread
* [PATCH 0/2] Misc fixes @ 2012-05-16 18:11 nitin.a.kamble 0 siblings, 0 replies; 16+ messages in thread From: nitin.a.kamble @ 2012-05-16 18:11 UTC (permalink / raw) To: openembedded-core From: Nitin A Kamble <nitin.a.kamble@intel.com> Here are few misc fixes: Nitin The following changes since commit d4e265661517f8dd4e1648fdc56bac5973f986f6: poky.conf: Change WARNS -> ERRORS (2012-05-16 07:35:20 +0100) are available in the git repository at: git://git.pokylinux.org/poky-contrib nitin/work http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=nitin/work Nitin A Kamble (2): eglibc: package mtrace separately gcc: fix DEPENDS to avoid a build issue meta/recipes-core/eglibc/eglibc-package.inc | 7 ++++++- meta/recipes-core/eglibc/eglibc_2.13.bb | 2 +- meta/recipes-core/eglibc/eglibc_2.15.bb | 2 +- meta/recipes-core/tasks/task-core-tools-debug.bb | 1 + meta/recipes-devtools/gcc/gcc-4.7.inc | 4 ++-- 5 files changed, 11 insertions(+), 5 deletions(-) -- 1.7.7 ^ permalink raw reply [flat|nested] 16+ messages in thread
* [PATCH 0/2] Misc fixes @ 2017-03-23 3:37 Khem Raj 0 siblings, 0 replies; 16+ messages in thread From: Khem Raj @ 2017-03-23 3:37 UTC (permalink / raw) To: openembedded-core clang finds couple of more issues to weed out The following changes since commit d1d55041e38b12d40f896834b56475ea19a6047f: sstate: Ensure installation directory is empty before execution (2017-03-22 10:12:10 +0000) are available in the git repository at: git://git.openembedded.org/openembedded-core-contrib kraj/pu http://cgit.openembedded.org/openembedded-core-contrib/log/?h=kraj/pu Khem Raj (2): db: Fix atomic function namespace clash with clang builtins libvorbis: Contain gcc specific compiler flags using configure option .../libvorbis/0001-configure-Check-for-clang.patch | 56 ++++++++++++++++++++++ .../libvorbis/libvorbis_1.3.5.bb | 4 +- ...me-local-__atomic_compare_exchange-to-avo.patch | 45 +++++++++++++++++ meta/recipes-support/db/db_5.3.28.bb | 1 + 4 files changed, 105 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-multimedia/libvorbis/libvorbis/0001-configure-Check-for-clang.patch create mode 100644 meta/recipes-support/db/db/0001-atomic-Rename-local-__atomic_compare_exchange-to-avo.patch -- 2.12.1 ^ permalink raw reply [flat|nested] 16+ messages in thread
end of thread, other threads:[~2017-03-23 3:38 UTC | newest] Thread overview: 16+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2011-07-21 9:29 [PATCH 0/2] Misc Fixes nitin.a.kamble 2011-07-21 9:29 ` [PATCH 1/2] python: fix security vulnerability nitin.a.kamble 2011-07-21 18:55 ` Khem Raj 2011-07-22 3:32 ` Kamble, Nitin A 2011-07-21 9:29 ` [PATCH 2/2] glib-2.0: fix a compilation issue due to dtrace nitin.a.kamble 2011-07-21 15:57 ` Koen Kooi 2011-07-21 16:00 ` Phil Blundell 2011-07-21 16:38 ` Kamble, Nitin A -- strict thread matches above, loose matches on Subject: below -- 2011-07-21 21:08 [PATCH 0/2] Misc Fixes nitin.a.kamble 2011-07-22 15:41 ` Saul Wold 2012-01-19 13:59 [PATCH 0/2] Misc fixes Paul Eggleton 2012-04-13 4:43 [PATCH 0/2] Misc Fixes nitin.a.kamble 2012-04-26 22:53 [PATCH 0/2] Misc fixes nitin.a.kamble 2012-05-01 18:32 ` Saul Wold 2012-05-16 18:11 nitin.a.kamble 2017-03-23 3:37 Khem Raj
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox