* Re: what is the closest alternative to red hat's ABRT in OE?
From: Burton, Ross @ 2016-12-07 13:43 UTC (permalink / raw)
To: Robert P. J. Day; +Cc: OE Core mailing list
In-Reply-To: <alpine.LFD.2.20.1612070835310.2008@ca624034.mitel.com>
[-- Attachment #1: Type: text/plain, Size: 302 bytes --]
On 7 December 2016 at 13:37, Robert P. J. Day <rpjday@crashcourse.ca> wrote:
> and pretty sure i asked this before ... is there some reasonable
> equivalent to "sosreport" for OE?
>
For people who don't run Fedora, you might have better luck saying what
functionality you're after.
Ross
[-- Attachment #2: Type: text/html, Size: 758 bytes --]
^ permalink raw reply
* Re: what is the closest alternative to red hat's ABRT in OE?
From: Robert P. J. Day @ 2016-12-07 13:37 UTC (permalink / raw)
To: Maciej Borzęcki; +Cc: OE Core mailing list
In-Reply-To: <CAD4b0_+EACruAvA839=YTu8=FHAjGcuMzFbaLugJZQD6NOjf2Q@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1100 bytes --]
On Tue, 6 Dec 2016, Maciej Borzęcki wrote:
> On Tue, Dec 6, 2016 at 3:49 PM, Robert P. J. Day <rpjday@crashcourse.ca> wrote:
> >
> > as in:
> >
> > https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/ch-abrt.html
> >
> > specifically, to manage core files? i would have thought judicious use
> > of "ulimit" would be the solution. others?
> >
>
> If you're using systemd there is systemd-coredump(8).
already looking into that ... is it safe to say that RH's "abrt" is,
well, exclusive to RH?
and pretty sure i asked this before ... is there some reasonable
equivalent to "sosreport" for OE?
rday
--
========================================================================
Robert P. J. Day Ottawa, Ontario, CANADA
http://crashcourse.ca
Twitter: http://twitter.com/rpjday
LinkedIn: http://ca.linkedin.com/in/rpjday
========================================================================
^ permalink raw reply
* Re: [PATCH v2] less: 481 -> 487
From: Alexander Kanavin @ 2016-12-07 12:46 UTC (permalink / raw)
To: openembedded-core
In-Reply-To: <1481134274-52328-1-git-send-email-huangqy.fnst@cn.fujitsu.com>
On 12/07/2016 08:11 PM, Huang Qiyu wrote:
> Upgrade less from 481 to 487.
>
> License checksum changes are not related to license changes.
You should still say what has caused them, however.
Alex
^ permalink raw reply
* Re: [PATCH] less: 481 -> 487
From: Alexander Kanavin @ 2016-12-07 12:44 UTC (permalink / raw)
To: openembedded-core
In-Reply-To: <1481065505-49663-1-git-send-email-huangqy.fnst@cn.fujitsu.com>
On 12/07/2016 01:05 AM, Huang Qiyu wrote:
> LICENSE = "GPLv3+ | BSD-2-Clause"
> LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \
> - file://LICENSE;md5=48c26a307f91af700e1f00585f215aaf"
> + file://LICENSE;md5=2ef3e4b8dafc85612bc5254b8081e234"
Why did the LICENSE change? You should explain this in the commit message.
Alex
^ permalink raw reply
* Re: [PATCH] gstreamer1.0-plugins-bad: Add PKG_CONFIG_SYSROOT_DIR to output of pkg-config
From: Jussi Kukkonen @ 2016-12-07 12:25 UTC (permalink / raw)
To: Khem Raj; +Cc: Patches and discussions about the oe-core layer
In-Reply-To: <6D6B8004-668B-4C5B-96BE-7A231F365788@gmail.com>
[-- Attachment #1: Type: text/plain, Size: 5449 bytes --]
On 5 December 2016 at 21:08, Khem Raj <raj.khem@gmail.com> wrote:
>
> On Dec 5, 2016, at 5:20 AM, Jussi Kukkonen <jussi.kukkonen@intel.com>
> wrote:
>
>
>
> On 1 December 2016 at 10:37, Khem Raj <raj.khem@gmail.com> wrote:
>
>> When configure pokes for wayland-protocols isntallations it ended up
>> using the ones from host, which is because it did not account for sysroot
>> prefix
>>
>> Signed-off-by: Khem Raj <raj.khem@gmail.com>
>> ---
>> .../gstreamer/gstreamer1.0-plugins-bad.inc | 2 +-
>> ...G_CONFIG_SYSROOT_DIR-to-pkg-config-output.patch | 37
>> ++++++++++++++++++++++
>> .../gstreamer/gstreamer1.0-plugins-bad_1.10.1.bb | 1 +
>> 3 files changed, 39 insertions(+), 1 deletion(-)
>> create mode 100644 meta/recipes-multimedia/gstrea
>> mer/gstreamer1.0-plugins-bad/0001-Prepend-PKG_CONFIG_
>> SYSROOT_DIR-to-pkg-config-output.patch
>>
>> diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad.inc
>> b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad.inc
>> index d26a6a9..d3c5326 100644
>> --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad.inc
>> +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad.inc
>> @@ -64,7 +64,7 @@ PACKAGECONFIG[srtp] =
>> "--enable-srtp,--disable-srtp,libsrtp"
>> PACKAGECONFIG[uvch264] = "--enable-uvch264,--disable-uvch264,libusb1
>> libgudev"
>> PACKAGECONFIG[voaacenc] = "--enable-voaacenc,--disable-v
>> oaacenc,vo-aacenc"
>> PACKAGECONFIG[voamrwbenc] = "--enable-voamrwbenc,--disable
>> -voamrwbenc,vo-amrwbenc"
>> -PACKAGECONFIG[wayland] = "--enable-wayland,--disable-wayland,wayland-native
>> wayland"
>> +PACKAGECONFIG[wayland] = "--enable-wayland,--disable-wayland,wayland-native
>> wayland wayland-protocols"
>> PACKAGECONFIG[webp] = "--enable-webp,--disable-webp,libwebp"
>>
>> # these plugins have not been ported to 1.0 (yet):
>> diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-
>> bad/0001-Prepend-PKG_CONFIG_SYSROOT_DIR-to-pkg-config-output.patch
>> b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-
>> bad/0001-Prepend-PKG_CONFIG_SYSROOT_DIR-to-pkg-config-output.patch
>> new file mode 100644
>> index 0000000..eb789df
>> --- /dev/null
>> +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-
>> bad/0001-Prepend-PKG_CONFIG_SYSROOT_DIR-to-pkg-config-output.patch
>> @@ -0,0 +1,37 @@
>> +From c271503d7e233428ac0323c51d6517113e26bef7 Mon Sep 17 00:00:00 2001
>> +From: Khem Raj <raj.khem@gmail.com>
>> +Date: Thu, 1 Dec 2016 00:27:13 -0800
>> +Subject: [PATCH] Prepend PKG_CONFIG_SYSROOT_DIR to pkg-config output
>> +
>> +In cross environment we have to prepend the sysroot to the path found by
>> +pkgconfig since the path returned from pkgconfig does not have sysroot
>> prefixed
>> +it ends up using the files from host system. If build host has wayland
>> installed
>> +the build will succeed but if you dont have wayland-protocols installed
>> on build host then
>> +it wont find the files on build host
>> +
>> +This should work ok with non sysrooted builds too since in those cases
>> PKG_CONFIG_SYSROOT_DIR
>> +will be empty
>> +
>> +Upstream-Status: Pending
>> +
>> +Signed-off-by: Khem Raj <raj.khem@gmail.com>
>> +---
>> + configure.ac | 2 +-
>> + 1 file changed, 1 insertion(+), 1 deletion(-)
>> +
>> +diff --git a/configure.ac b/configure.ac
>> +index f8ac96b..dc87b08 100644
>> +--- a/configure.ac
>> ++++ b/configure.ac
>> +@@ -2233,7 +2233,7 @@ AG_GST_CHECK_FEATURE(WAYLAND, [wayland sink],
>> wayland , [
>> + PKG_CHECK_MODULES(WAYLAND_PROTOCOLS, wayland-protocols >= 1.4, [
>> + if test "x$wayland_scanner" != "x"; then
>> + HAVE_WAYLAND="yes"
>> +- AC_SUBST(WAYLAND_PROTOCOLS_DATADIR, `$PKG_CONFIG
>> --variable=pkgdatadir wayland-protocols`)
>> ++ AC_SUBST(WAYLAND_PROTOCOLS_DATADIR,
>> ${PKG_CONFIG_SYSROOT_DIR}`$PKG_CONFIG --variable=pkgdatadir
>> wayland-protocols`)
>>
>
> I believe this breaks multilib because wayland-protocols is allarch so
> PKG_CONFIG_SYSROOT_DIR may then be incorrect.
>
>
> Realized my last reply is too terse. expanding on it a bit more.
> this is not really the case. Since PKG_CONFIG_SYSROOT_DIR is set to
> STAGING_DIR_HOST which is then set to ${STAGING_DIR}/${MACHINE} so
> effectively its just
> reusing an existing var compared to your case where a new redundant
> variable is introduced.
>
> having said that, there could be a multilib issue if pkgdatadir thats in
> .pc file from wayland-protocols package is using variables like ${libdir}
> which then are
> multilib dependent, if this is the case then we need to fix .pc file.
> however when I look at the <target-sysroot>/usr/share/pkgconfig/wayland-protocols.pc
> it has
>
> prefix=/usr
> datarootdir=${prefix}/share
> pkgdatadir=/usr/share/wayland-protocols
>
> seems to be free of multilib deps.
>
>
It's not about the .pc file, the issue is that if you build
lib32-gstreamer1.0-plugins-bad WAYLAND_PROTOCOLS_DATADIR will end up as (as
an example)
$TMPDIR/sysroots/lib32-qemux86-64/usr/share/wayland-protocols/
but that's not where wayland protocols are. The actual path is
$TMPDIR/sysroots/qemux86-64/usr/share/wayland-protocols/
Maybe there should be a generic multilib fix for this but I can't figure
out what it would be...
Jussi
[-- Attachment #2: Type: text/html, Size: 8511 bytes --]
^ permalink raw reply
* Re: [PATCH 00/33] Accumulated patches for deb packaging
From: Alexander Kanavin @ 2016-12-07 12:25 UTC (permalink / raw)
To: openembedded-core
In-Reply-To: <1481024991-5882-1-git-send-email-obi@opendreambox.org>
On 12/06/2016 01:49 PM, Andreas Oberritter wrote:
> These are most of my patches which accumulated since our distro
> switched from opkg to dpkg and apt two years ago. They were tested
> thoroughly on dora and krogoth and just a little bit on master.
How about updating apt and dpkg to latest upstream releases at the same
time?
Alex
^ permalink raw reply
* Re: tiff: fix several tiff CVE issues
From: Alexander Kanavin @ 2016-12-07 12:22 UTC (permalink / raw)
To: openembedded-core
In-Reply-To: <1481097673-8896-1-git-send-email-mingli.yu@windriver.com>
On 12/07/2016 10:01 AM, mingli.yu@windriver.com wrote:
> These commits fix several tiff CVE issues:
> CVE-2016-9533, CVE-2016-9534, CVE-2016-9535,
> CVE-2016-9536, CVE-2016-9537 and CVE-2016-9538
Please update tiff to latest upstream version (see
http://packages.yoctoproject.org/), and then apply any CVE fixes which
are still necessary.
This applies to any other package as well.
Alex
^ permalink raw reply
* Re: [PATCH] xkeyboard-config: 2.18 -> 2.19
From: Jussi Kukkonen @ 2016-12-07 11:20 UTC (permalink / raw)
To: zhengrq.fnst; +Cc: OE-core
In-Reply-To: <CAJTo0Lbv+uXP4hy7huVCsW+3Lhf8NZRWX=iEquAbnG2YvqDpvg@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 4722 bytes --]
Since you're already resending: please set "diff.renames" in your git
configuration to get smaller diffs.
Example from my ~/.gitconfig:
[diff]
renames = true
Thanks,
Jussi
On 7 December 2016 at 13:05, Burton, Ross <ross.burton@intel.com> wrote:
> Can you resend with a proper From: address please not just root?
>
> Ross
>
> On 7 December 2016 at 10:33, root <zhengrq.fnst@cn.fujitsu.com> wrote:
>
>> Upgrade xkeyboard-config from 2.18 to 2.19
>>
>> Signed-off-by: zhengruoqin <zhengrq.fnst@cn.fujitsu.com>
>> ---
>> .../xorg-lib/xkeyboard-config_2.18.bb | 31
>> ----------------------
>> .../xorg-lib/xkeyboard-config_2.19.bb | 31
>> ++++++++++++++++++++++
>> 2 files changed, 31 insertions(+), 31 deletions(-)
>> delete mode 100644 meta/recipes-graphics/xorg-lib/
>> xkeyboard-config_2.18.bb
>> create mode 100644 meta/recipes-graphics/xorg-lib/
>> xkeyboard-config_2.19.bb
>>
>> diff --git a/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.18.bb
>> b/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.18.bb
>> deleted file mode 100644
>> index 79fcbd8..0000000
>> --- a/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.18.bb
>> +++ /dev/null
>> @@ -1,31 +0,0 @@
>> -SUMMARY = "Keyboard configuration database for X Window"
>> -
>> -DESCRIPTION = "The non-arch keyboard configuration database for X \
>> -Window. The goal is to provide the consistent, well-structured, \
>> -frequently released open source of X keyboard configuration data for X \
>> -Window System implementations. The project is targeted to XKB-based \
>> -systems."
>> -
>> -HOMEPAGE = "http://freedesktop.org/wiki/Software/XKeyboardConfig"
>> -BUGTRACKER = "https://bugs.freedesktop.org/
>> enter_bug.cgi?product=xkeyboard-config"
>> -
>> -LICENSE = "MIT & MIT-style"
>> -LIC_FILES_CHKSUM = "file://COPYING;md5=0e7f21ca7db975c63467d2e7624a12f9"
>> -
>> -SRC_URI = "${XORG_MIRROR}/individual/data/xkeyboard-config/${BPN}-${
>> PV}.tar.bz2"
>> -SRC_URI[md5sum] = "c28cf45616bfec276879360bc36c6b27"
>> -SRC_URI[sha256sum] = "c41d917d6c8a59feb7ccbda51c40a
>> 6ada824fdd1e9684b52dd48c9530617ddd0"
>> -
>> -SECTION = "x11/libs"
>> -DEPENDS = "intltool-native virtual/gettext util-macros libxslt-native"
>> -
>> -EXTRA_OECONF = "--with-xkb-rules-symlink=xorg --disable-runtime-deps"
>> -
>> -FILES_${PN} += "${datadir}/X11/xkb"
>> -
>> -inherit autotools pkgconfig gettext
>> -
>> -do_install_append () {
>> - install -d ${D}${datadir}/X11/xkb/compiled
>> - cd ${D}${datadir}/X11/xkb/rules && ln -sf base xorg
>> -}
>> diff --git a/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.19.bb
>> b/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.19.bb
>> new file mode 100644
>> index 0000000..79fcbd8
>> --- /dev/null
>> +++ b/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.19.bb
>> @@ -0,0 +1,31 @@
>> +SUMMARY = "Keyboard configuration database for X Window"
>> +
>> +DESCRIPTION = "The non-arch keyboard configuration database for X \
>> +Window. The goal is to provide the consistent, well-structured, \
>> +frequently released open source of X keyboard configuration data for X \
>> +Window System implementations. The project is targeted to XKB-based \
>> +systems."
>> +
>> +HOMEPAGE = "http://freedesktop.org/wiki/Software/XKeyboardConfig"
>> +BUGTRACKER = "https://bugs.freedesktop.org/
>> enter_bug.cgi?product=xkeyboard-config"
>> +
>> +LICENSE = "MIT & MIT-style"
>> +LIC_FILES_CHKSUM = "file://COPYING;md5=0e7f21ca7db975c63467d2e7624a12f9"
>> +
>> +SRC_URI = "${XORG_MIRROR}/individual/data/xkeyboard-config/${BPN}-${
>> PV}.tar.bz2"
>> +SRC_URI[md5sum] = "c28cf45616bfec276879360bc36c6b27"
>> +SRC_URI[sha256sum] = "c41d917d6c8a59feb7ccbda51c40a
>> 6ada824fdd1e9684b52dd48c9530617ddd0"
>> +
>> +SECTION = "x11/libs"
>> +DEPENDS = "intltool-native virtual/gettext util-macros libxslt-native"
>> +
>> +EXTRA_OECONF = "--with-xkb-rules-symlink=xorg --disable-runtime-deps"
>> +
>> +FILES_${PN} += "${datadir}/X11/xkb"
>> +
>> +inherit autotools pkgconfig gettext
>> +
>> +do_install_append () {
>> + install -d ${D}${datadir}/X11/xkb/compiled
>> + cd ${D}${datadir}/X11/xkb/rules && ln -sf base xorg
>> +}
>> --
>> 2.7.4
>>
>>
>>
>> --
>> _______________________________________________
>> Openembedded-core mailing list
>> Openembedded-core@lists.openembedded.org
>> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>>
>
>
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>
>
[-- Attachment #2: Type: text/html, Size: 7971 bytes --]
^ permalink raw reply
* Re: [PATCH] xkeyboard-config: 2.18 -> 2.19
From: Burton, Ross @ 2016-12-07 11:05 UTC (permalink / raw)
To: root; +Cc: OE-core
In-Reply-To: <1481106793-126356-1-git-send-email-zhengrq.fnst@cn.fujitsu.com>
[-- Attachment #1: Type: text/plain, Size: 4116 bytes --]
Can you resend with a proper From: address please not just root?
Ross
On 7 December 2016 at 10:33, root <zhengrq.fnst@cn.fujitsu.com> wrote:
> Upgrade xkeyboard-config from 2.18 to 2.19
>
> Signed-off-by: zhengruoqin <zhengrq.fnst@cn.fujitsu.com>
> ---
> .../xorg-lib/xkeyboard-config_2.18.bb | 31
> ----------------------
> .../xorg-lib/xkeyboard-config_2.19.bb | 31
> ++++++++++++++++++++++
> 2 files changed, 31 insertions(+), 31 deletions(-)
> delete mode 100644 meta/recipes-graphics/xorg-lib/
> xkeyboard-config_2.18.bb
> create mode 100644 meta/recipes-graphics/xorg-lib/
> xkeyboard-config_2.19.bb
>
> diff --git a/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.18.bb
> b/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.18.bb
> deleted file mode 100644
> index 79fcbd8..0000000
> --- a/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.18.bb
> +++ /dev/null
> @@ -1,31 +0,0 @@
> -SUMMARY = "Keyboard configuration database for X Window"
> -
> -DESCRIPTION = "The non-arch keyboard configuration database for X \
> -Window. The goal is to provide the consistent, well-structured, \
> -frequently released open source of X keyboard configuration data for X \
> -Window System implementations. The project is targeted to XKB-based \
> -systems."
> -
> -HOMEPAGE = "http://freedesktop.org/wiki/Software/XKeyboardConfig"
> -BUGTRACKER = "https://bugs.freedesktop.org/enter_bug.cgi?product=
> xkeyboard-config"
> -
> -LICENSE = "MIT & MIT-style"
> -LIC_FILES_CHKSUM = "file://COPYING;md5=0e7f21ca7db975c63467d2e7624a12f9"
> -
> -SRC_URI = "${XORG_MIRROR}/individual/data/xkeyboard-config/${BPN}-$
> {PV}.tar.bz2"
> -SRC_URI[md5sum] = "c28cf45616bfec276879360bc36c6b27"
> -SRC_URI[sha256sum] = "c41d917d6c8a59feb7ccbda51c40a6
> ada824fdd1e9684b52dd48c9530617ddd0"
> -
> -SECTION = "x11/libs"
> -DEPENDS = "intltool-native virtual/gettext util-macros libxslt-native"
> -
> -EXTRA_OECONF = "--with-xkb-rules-symlink=xorg --disable-runtime-deps"
> -
> -FILES_${PN} += "${datadir}/X11/xkb"
> -
> -inherit autotools pkgconfig gettext
> -
> -do_install_append () {
> - install -d ${D}${datadir}/X11/xkb/compiled
> - cd ${D}${datadir}/X11/xkb/rules && ln -sf base xorg
> -}
> diff --git a/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.19.bb
> b/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.19.bb
> new file mode 100644
> index 0000000..79fcbd8
> --- /dev/null
> +++ b/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.19.bb
> @@ -0,0 +1,31 @@
> +SUMMARY = "Keyboard configuration database for X Window"
> +
> +DESCRIPTION = "The non-arch keyboard configuration database for X \
> +Window. The goal is to provide the consistent, well-structured, \
> +frequently released open source of X keyboard configuration data for X \
> +Window System implementations. The project is targeted to XKB-based \
> +systems."
> +
> +HOMEPAGE = "http://freedesktop.org/wiki/Software/XKeyboardConfig"
> +BUGTRACKER = "https://bugs.freedesktop.org/enter_bug.cgi?product=
> xkeyboard-config"
> +
> +LICENSE = "MIT & MIT-style"
> +LIC_FILES_CHKSUM = "file://COPYING;md5=0e7f21ca7db975c63467d2e7624a12f9"
> +
> +SRC_URI = "${XORG_MIRROR}/individual/data/xkeyboard-config/${BPN}-$
> {PV}.tar.bz2"
> +SRC_URI[md5sum] = "c28cf45616bfec276879360bc36c6b27"
> +SRC_URI[sha256sum] = "c41d917d6c8a59feb7ccbda51c40a6
> ada824fdd1e9684b52dd48c9530617ddd0"
> +
> +SECTION = "x11/libs"
> +DEPENDS = "intltool-native virtual/gettext util-macros libxslt-native"
> +
> +EXTRA_OECONF = "--with-xkb-rules-symlink=xorg --disable-runtime-deps"
> +
> +FILES_${PN} += "${datadir}/X11/xkb"
> +
> +inherit autotools pkgconfig gettext
> +
> +do_install_append () {
> + install -d ${D}${datadir}/X11/xkb/compiled
> + cd ${D}${datadir}/X11/xkb/rules && ln -sf base xorg
> +}
> --
> 2.7.4
>
>
>
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>
[-- Attachment #2: Type: text/html, Size: 6603 bytes --]
^ permalink raw reply
* [PATCH] xkeyboard-config: 2.18 -> 2.19
From: root @ 2016-12-07 10:33 UTC (permalink / raw)
To: openembedded-core
Upgrade xkeyboard-config from 2.18 to 2.19
Signed-off-by: zhengruoqin <zhengrq.fnst@cn.fujitsu.com>
---
.../xorg-lib/xkeyboard-config_2.18.bb | 31 ----------------------
.../xorg-lib/xkeyboard-config_2.19.bb | 31 ++++++++++++++++++++++
2 files changed, 31 insertions(+), 31 deletions(-)
delete mode 100644 meta/recipes-graphics/xorg-lib/xkeyboard-config_2.18.bb
create mode 100644 meta/recipes-graphics/xorg-lib/xkeyboard-config_2.19.bb
diff --git a/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.18.bb b/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.18.bb
deleted file mode 100644
index 79fcbd8..0000000
--- a/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.18.bb
+++ /dev/null
@@ -1,31 +0,0 @@
-SUMMARY = "Keyboard configuration database for X Window"
-
-DESCRIPTION = "The non-arch keyboard configuration database for X \
-Window. The goal is to provide the consistent, well-structured, \
-frequently released open source of X keyboard configuration data for X \
-Window System implementations. The project is targeted to XKB-based \
-systems."
-
-HOMEPAGE = "http://freedesktop.org/wiki/Software/XKeyboardConfig"
-BUGTRACKER = "https://bugs.freedesktop.org/enter_bug.cgi?product=xkeyboard-config"
-
-LICENSE = "MIT & MIT-style"
-LIC_FILES_CHKSUM = "file://COPYING;md5=0e7f21ca7db975c63467d2e7624a12f9"
-
-SRC_URI = "${XORG_MIRROR}/individual/data/xkeyboard-config/${BPN}-${PV}.tar.bz2"
-SRC_URI[md5sum] = "c28cf45616bfec276879360bc36c6b27"
-SRC_URI[sha256sum] = "c41d917d6c8a59feb7ccbda51c40a6ada824fdd1e9684b52dd48c9530617ddd0"
-
-SECTION = "x11/libs"
-DEPENDS = "intltool-native virtual/gettext util-macros libxslt-native"
-
-EXTRA_OECONF = "--with-xkb-rules-symlink=xorg --disable-runtime-deps"
-
-FILES_${PN} += "${datadir}/X11/xkb"
-
-inherit autotools pkgconfig gettext
-
-do_install_append () {
- install -d ${D}${datadir}/X11/xkb/compiled
- cd ${D}${datadir}/X11/xkb/rules && ln -sf base xorg
-}
diff --git a/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.19.bb b/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.19.bb
new file mode 100644
index 0000000..79fcbd8
--- /dev/null
+++ b/meta/recipes-graphics/xorg-lib/xkeyboard-config_2.19.bb
@@ -0,0 +1,31 @@
+SUMMARY = "Keyboard configuration database for X Window"
+
+DESCRIPTION = "The non-arch keyboard configuration database for X \
+Window. The goal is to provide the consistent, well-structured, \
+frequently released open source of X keyboard configuration data for X \
+Window System implementations. The project is targeted to XKB-based \
+systems."
+
+HOMEPAGE = "http://freedesktop.org/wiki/Software/XKeyboardConfig"
+BUGTRACKER = "https://bugs.freedesktop.org/enter_bug.cgi?product=xkeyboard-config"
+
+LICENSE = "MIT & MIT-style"
+LIC_FILES_CHKSUM = "file://COPYING;md5=0e7f21ca7db975c63467d2e7624a12f9"
+
+SRC_URI = "${XORG_MIRROR}/individual/data/xkeyboard-config/${BPN}-${PV}.tar.bz2"
+SRC_URI[md5sum] = "c28cf45616bfec276879360bc36c6b27"
+SRC_URI[sha256sum] = "c41d917d6c8a59feb7ccbda51c40a6ada824fdd1e9684b52dd48c9530617ddd0"
+
+SECTION = "x11/libs"
+DEPENDS = "intltool-native virtual/gettext util-macros libxslt-native"
+
+EXTRA_OECONF = "--with-xkb-rules-symlink=xorg --disable-runtime-deps"
+
+FILES_${PN} += "${datadir}/X11/xkb"
+
+inherit autotools pkgconfig gettext
+
+do_install_append () {
+ install -d ${D}${datadir}/X11/xkb/compiled
+ cd ${D}${datadir}/X11/xkb/rules && ln -sf base xorg
+}
--
2.7.4
^ permalink raw reply related
* [PATCH v2] cups: 2.1.4 -> 2.2.1
From: Huang Qiyu @ 2016-12-07 18:16 UTC (permalink / raw)
To: openembedded-core
Upgrade cups from 2.1.4 to 2.2.1.
License checksum changes are not related to license changes.
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
---
meta/recipes-extended/cups/cups.inc | 2 +-
meta/recipes-extended/cups/cups_2.1.4.bb | 6 ------
meta/recipes-extended/cups/cups_2.2.1.bb | 6 ++++++
3 files changed, 7 insertions(+), 7 deletions(-)
delete mode 100644 meta/recipes-extended/cups/cups_2.1.4.bb
create mode 100644 meta/recipes-extended/cups/cups_2.2.1.bb
diff --git a/meta/recipes-extended/cups/cups.inc b/meta/recipes-extended/cups/cups.inc
index 02b6358..e18980b 100644
--- a/meta/recipes-extended/cups/cups.inc
+++ b/meta/recipes-extended/cups/cups.inc
@@ -3,7 +3,7 @@ SECTION = "console/utils"
LICENSE = "GPLv2 & LGPLv2"
DEPENDS = "gnutls libpng jpeg dbus dbus-glib zlib libusb"
-SRC_URI = "https://github.com/apple/cups/releases/download/release-${PV}/${BP}-source.tar.gz \
+SRC_URI = "https://github.com/apple/cups/releases/download/v${PV}/${BP}-source.tar.gz \
file://use_echo_only_in_init.patch \
file://0001-don-t-try-to-run-generated-binaries.patch \
file://cups_serverbin.patch \
diff --git a/meta/recipes-extended/cups/cups_2.1.4.bb b/meta/recipes-extended/cups/cups_2.1.4.bb
deleted file mode 100644
index 0fab806..0000000
--- a/meta/recipes-extended/cups/cups_2.1.4.bb
+++ /dev/null
@@ -1,6 +0,0 @@
-require cups.inc
-
-LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=6c5a350596fba02754bd96eb6df3afd0"
-
-SRC_URI[md5sum] = "9f9bf6e3b9c20a3519b4dc409666d6e7"
-SRC_URI[sha256sum] = "4b14fd833180ac529ebebea766a09094c2568bf8426e219cb3a1715304ef728d"
diff --git a/meta/recipes-extended/cups/cups_2.2.1.bb b/meta/recipes-extended/cups/cups_2.2.1.bb
new file mode 100644
index 0000000..7c5e776
--- /dev/null
+++ b/meta/recipes-extended/cups/cups_2.2.1.bb
@@ -0,0 +1,6 @@
+require cups.inc
+
+LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=f212b4338db0da8cb892e94bf2949460"
+
+SRC_URI[md5sum] = "a94da2a1e9dbdccb4f3836a38a431931"
+SRC_URI[sha256sum] = "83b8730aa977cc055e7410df6a3a682548994c113994ca630a16513017e419d5"
--
2.7.4
^ permalink raw reply related
* [PATCH] cups: 2.1.4 -> 2.2.1
From: Huang Qiyu @ 2016-12-07 18:11 UTC (permalink / raw)
To: openembedded-core
Upgrade cups from 2.1.4 to 2.1.1.
License checksum changes are not related to license changes.
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
---
meta/recipes-extended/cups/cups.inc | 2 +-
meta/recipes-extended/cups/cups_2.1.4.bb | 6 ------
meta/recipes-extended/cups/cups_2.2.1.bb | 6 ++++++
3 files changed, 7 insertions(+), 7 deletions(-)
delete mode 100644 meta/recipes-extended/cups/cups_2.1.4.bb
create mode 100644 meta/recipes-extended/cups/cups_2.2.1.bb
diff --git a/meta/recipes-extended/cups/cups.inc b/meta/recipes-extended/cups/cups.inc
index 02b6358..e18980b 100644
--- a/meta/recipes-extended/cups/cups.inc
+++ b/meta/recipes-extended/cups/cups.inc
@@ -3,7 +3,7 @@ SECTION = "console/utils"
LICENSE = "GPLv2 & LGPLv2"
DEPENDS = "gnutls libpng jpeg dbus dbus-glib zlib libusb"
-SRC_URI = "https://github.com/apple/cups/releases/download/release-${PV}/${BP}-source.tar.gz \
+SRC_URI = "https://github.com/apple/cups/releases/download/v${PV}/${BP}-source.tar.gz \
file://use_echo_only_in_init.patch \
file://0001-don-t-try-to-run-generated-binaries.patch \
file://cups_serverbin.patch \
diff --git a/meta/recipes-extended/cups/cups_2.1.4.bb b/meta/recipes-extended/cups/cups_2.1.4.bb
deleted file mode 100644
index 0fab806..0000000
--- a/meta/recipes-extended/cups/cups_2.1.4.bb
+++ /dev/null
@@ -1,6 +0,0 @@
-require cups.inc
-
-LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=6c5a350596fba02754bd96eb6df3afd0"
-
-SRC_URI[md5sum] = "9f9bf6e3b9c20a3519b4dc409666d6e7"
-SRC_URI[sha256sum] = "4b14fd833180ac529ebebea766a09094c2568bf8426e219cb3a1715304ef728d"
diff --git a/meta/recipes-extended/cups/cups_2.2.1.bb b/meta/recipes-extended/cups/cups_2.2.1.bb
new file mode 100644
index 0000000..7c5e776
--- /dev/null
+++ b/meta/recipes-extended/cups/cups_2.2.1.bb
@@ -0,0 +1,6 @@
+require cups.inc
+
+LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=f212b4338db0da8cb892e94bf2949460"
+
+SRC_URI[md5sum] = "a94da2a1e9dbdccb4f3836a38a431931"
+SRC_URI[sha256sum] = "83b8730aa977cc055e7410df6a3a682548994c113994ca630a16513017e419d5"
--
2.7.4
^ permalink raw reply related
* [PATCH v2] less: 481 -> 487
From: Huang Qiyu @ 2016-12-07 18:11 UTC (permalink / raw)
To: openembedded-core
Upgrade less from 481 to 487.
License checksum changes are not related to license changes.
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
---
meta/recipes-extended/less/{less_481.bb => less_487.bb} | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
rename meta/recipes-extended/less/{less_481.bb => less_487.bb} (83%)
diff --git a/meta/recipes-extended/less/less_481.bb b/meta/recipes-extended/less/less_487.bb
similarity index 83%
rename from meta/recipes-extended/less/less_481.bb
rename to meta/recipes-extended/less/less_487.bb
index 0fcd819..23ae484 100644
--- a/meta/recipes-extended/less/less_481.bb
+++ b/meta/recipes-extended/less/less_487.bb
@@ -21,14 +21,14 @@ SECTION = "console/utils"
LICENSE = "GPLv3+ | BSD-2-Clause"
LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \
- file://LICENSE;md5=48c26a307f91af700e1f00585f215aaf"
+ file://LICENSE;md5=2ef3e4b8dafc85612bc5254b8081e234"
DEPENDS = "ncurses"
SRC_URI = "http://www.greenwoodsoftware.com/${BPN}/${BPN}-${PV}.tar.gz \
"
-SRC_URI[md5sum] = "50ef46065c65257141a7340123527767"
-SRC_URI[sha256sum] = "3fa38f2cf5e9e040bb44fffaa6c76a84506e379e47f5a04686ab78102090dda5"
+SRC_URI[md5sum] = "dcc8bf183a83b362d37fe9ef8df1fb60"
+SRC_URI[sha256sum] = "f3dc8455cb0b2b66e0c6b816c00197a71bf6d1787078adeee0bcf2aea4b12706"
UPSTREAM_CHECK_URI = "http://www.greenwoodsoftware.com/less/download.html"
--
2.7.4
^ permalink raw reply related
* Re: [PATCH] kern-tools: update to avoid kernel_metadata failures
From: Burton, Ross @ 2016-12-07 10:10 UTC (permalink / raw)
To: Awais Belal; +Cc: OE-core
In-Reply-To: <1481104213-12403-1-git-send-email-awais_belal@mentor.com>
[-- Attachment #1: Type: text/plain, Size: 1494 bytes --]
Bruce already sent this, and it's in staging now.
Ross
On 7 December 2016 at 09:50, Awais Belal <awais_belal@mentor.com> wrote:
> Update kernel native tools to avoid do_kernel_metadata
> failures. This is mainly to bring in
> https://git.yoctoproject.org/cgit/cgit.cgi/yocto-kernel-tools/commit/?id=
> a287da4bfe0b4acb8f2b0627bd8e7abd1a1dde26
> but we should pick up whatever enhancements are currently
> available. Without this builds with no specific metadata
> branches fail.
>
> Signed-off-by: Awais Belal <awais_belal@mentor.com>
> ---
> meta/recipes-kernel/kern-tools/kern-tools-native_git.bb | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb
> b/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb
> index 88b1aee..0f8a786 100644
> --- a/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb
> +++ b/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb
> @@ -4,7 +4,7 @@ LIC_FILES_CHKSUM = "file://git/tools/kgit;
> beginline=5;endline=9;md5=a6c2fa8aef1b
>
> DEPENDS = "git-native"
>
> -SRCREV = "b36f6f9a5695f2084b83823393e13ca42284bed9"
> +SRCREV = "bd9e1d6c9b0a34ff3e19a06999aaf57ffadfd04c"
> PR = "r12"
> PV = "0.2+git${SRCPV}"
>
> --
> 1.9.1
>
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
>
[-- Attachment #2: Type: text/html, Size: 2863 bytes --]
^ permalink raw reply
* [PATCH] kern-tools: update to avoid kernel_metadata failures
From: Awais Belal @ 2016-12-07 9:50 UTC (permalink / raw)
To: openembedded-core
Update kernel native tools to avoid do_kernel_metadata
failures. This is mainly to bring in
https://git.yoctoproject.org/cgit/cgit.cgi/yocto-kernel-tools/commit/?id=a287da4bfe0b4acb8f2b0627bd8e7abd1a1dde26
but we should pick up whatever enhancements are currently
available. Without this builds with no specific metadata
branches fail.
Signed-off-by: Awais Belal <awais_belal@mentor.com>
---
meta/recipes-kernel/kern-tools/kern-tools-native_git.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb b/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb
index 88b1aee..0f8a786 100644
--- a/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb
+++ b/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb
@@ -4,7 +4,7 @@ LIC_FILES_CHKSUM = "file://git/tools/kgit;beginline=5;endline=9;md5=a6c2fa8aef1b
DEPENDS = "git-native"
-SRCREV = "b36f6f9a5695f2084b83823393e13ca42284bed9"
+SRCREV = "bd9e1d6c9b0a34ff3e19a06999aaf57ffadfd04c"
PR = "r12"
PV = "0.2+git${SRCPV}"
--
1.9.1
^ permalink raw reply related
* [PATCH] pciutils: 3.5.1 -> 3.5.2
From: Huang Qiyu @ 2016-12-07 17:18 UTC (permalink / raw)
To: openembedded-core
Upgrade pciutils from 3.5.1 to 3.5.2.
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
---
meta/recipes-bsp/pciutils/{pciutils_3.5.1.bb => pciutils_3.5.2.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-bsp/pciutils/{pciutils_3.5.1.bb => pciutils_3.5.2.bb} (92%)
diff --git a/meta/recipes-bsp/pciutils/pciutils_3.5.1.bb b/meta/recipes-bsp/pciutils/pciutils_3.5.2.bb
similarity index 92%
rename from meta/recipes-bsp/pciutils/pciutils_3.5.1.bb
rename to meta/recipes-bsp/pciutils/pciutils_3.5.2.bb
index d32b119..9a7297e 100644
--- a/meta/recipes-bsp/pciutils/pciutils_3.5.1.bb
+++ b/meta/recipes-bsp/pciutils/pciutils_3.5.2.bb
@@ -13,8 +13,8 @@ SRC_URI = "${KERNELORG_MIRROR}/software/utils/pciutils/pciutils-${PV}.tar.xz \
file://guess-fix.patch \
file://makefile.patch"
-SRC_URI[md5sum] = "0879a8f7ac51f4e874cfc6b3521a13cc"
-SRC_URI[sha256sum] = "2bf3a4605a562fb6b8b7673bff85a474a5cf383ed7e4bd8886b4f0939013d42f"
+SRC_URI[md5sum] = "1bf5b068bd9f7512e8c68b060b25a1b2"
+SRC_URI[sha256sum] = "3a99141a9f40528d0a0035665a06dc37ddb1ae341658e51b50a76ecf86235efc"
inherit multilib_header
--
2.7.4
^ permalink raw reply related
* [PATCH v2] dhcp: 4.3.4 -> 4.3.5
From: Huang Qiyu @ 2016-12-07 16:45 UTC (permalink / raw)
To: openembedded-core
Upgrade dhcp from 4.3.4 to 4.3.5.
Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com>
---
meta/recipes-connectivity/dhcp/{dhcp_4.3.4.bb => dhcp_4.3.5.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-connectivity/dhcp/{dhcp_4.3.4.bb => dhcp_4.3.5.bb} (81%)
diff --git a/meta/recipes-connectivity/dhcp/dhcp_4.3.4.bb b/meta/recipes-connectivity/dhcp/dhcp_4.3.5.bb
similarity index 81%
rename from meta/recipes-connectivity/dhcp/dhcp_4.3.4.bb
rename to meta/recipes-connectivity/dhcp/dhcp_4.3.5.bb
index 4151eb1..678c29a 100644
--- a/meta/recipes-connectivity/dhcp/dhcp_4.3.4.bb
+++ b/meta/recipes-connectivity/dhcp/dhcp_4.3.5.bb
@@ -11,8 +11,8 @@ SRC_URI += "file://dhcp-3.0.3-dhclient-dbus.patch;striplevel=0 \
file://remove-dhclient-script-bash-dependency.patch \
"
-SRC_URI[md5sum] = "0138319fe2b788cf4bdf34fbeaf9ff54"
-SRC_URI[sha256sum] = "f5115aee3dd3e6925de4ba47b80ab732ba48b481c8364b6ebade2d43698d607e"
+SRC_URI[md5sum] = "2b5e5b2fa31c2e27e487039d86f83d3f"
+SRC_URI[sha256sum] = "eb95936bf15d2393c55dd505bc527d1d4408289cec5a9fa8abb99f7577e7f954"
PACKAGECONFIG ?= ""
PACKAGECONFIG[bind-httpstats] = "--with-libxml2,--without-libxml2,libxml2"
--
2.7.4
^ permalink raw reply related
* [PATCH 3/3] tiff: Fix several CVE issues
From: mingli.yu @ 2016-12-07 8:01 UTC (permalink / raw)
To: openembedded-core
In-Reply-To: <1481097673-8896-1-git-send-email-mingli.yu@windriver.com>
From: Mingli Yu <Mingli.Yu@windriver.com>
Fix CVE-2016-9533, CVE-2016-9534, CVE-2016-9536 and
CVE-2016-9537
External References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9533
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9534
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9536
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9537
Patch from:
https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-c8b4b355f9b5c06d585b23138e1c185f
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
---
.../libtiff/files/Fix_several_CVE_issues.patch | 281 +++++++++++++++++++++
meta/recipes-multimedia/libtiff/tiff_4.0.6.bb | 1 +
2 files changed, 282 insertions(+)
create mode 100644 meta/recipes-multimedia/libtiff/files/Fix_several_CVE_issues.patch
diff --git a/meta/recipes-multimedia/libtiff/files/Fix_several_CVE_issues.patch b/meta/recipes-multimedia/libtiff/files/Fix_several_CVE_issues.patch
new file mode 100644
index 0000000..bd587e6
--- /dev/null
+++ b/meta/recipes-multimedia/libtiff/files/Fix_several_CVE_issues.patch
@@ -0,0 +1,281 @@
+From 83a4b92815ea04969d494416eaae3d4c6b338e4a Mon Sep 17 00:00:00 2001
+From: erouault <erouault>
+Date: Fri, 23 Sep 2016 22:12:18 +0000
+Subject: [PATCH] Fix several CVE issues
+
+Fix CVE-2016-9533, CVE-2016-9534, CVE-2016-9536 and CVE-2016-9537
+
+* tools/tiffcrop.c: fix various out-of-bounds write
+ vulnerabilities in heap or stack allocated buffers. Reported as MSVR 35093,
+ MSVR 35096 and MSVR 35097. Discovered by Axel Souchet and Vishal Chauhan from
+ the MSRC Vulnerabilities & Mitigations team. * tools/tiff2pdf.c: fix
+ out-of-bounds write vulnerabilities in heap allocate buffer in
+ t2p_process_jpeg_strip(). Reported as MSVR 35098. Discovered by Axel Souchet
+ and Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team. *
+ libtiff/tif_pixarlog.c: fix out-of-bounds write vulnerabilities in heap
+ allocated buffers. Reported as MSVR 35094. Discovered by Axel Souchet and
+ Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team. *
+ libtiff/tif_write.c: fix issue in error code path of TIFFFlushData1() that
+ didn't reset the tif_rawcc and tif_rawcp members. I'm not completely sure if
+ that could happen in practice outside of the odd behaviour of t2p_seekproc()
+ of tiff2pdf). The report points that a better fix could be to check the
+ return value of TIFFFlushData1() in places where it isn't done currently, but
+ it seems this patch is enough. Reported as MSVR 35095. Discovered by Axel
+ Souchet & Vishal Chauhan & Suha Can from the MSRC Vulnerabilities &
+ Mitigations team.
+
+CVE: CVE-2016-9533, CVE-2016-9534, CVE-2016-9536, CVE-2016-9537
+Upstream-Status: Backport
+https://github.com/vadz/libtiff/commit/83a4b92815ea04969d494416eaae3d4c6b338e4a#diff-bdc795f6afeb9558c1012b3cfae729ef
+
+Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
+
+---
+ libtiff/tif_pixarlog.c | 55 +++++++++++++++++++++-----------------------------
+ libtiff/tif_write.c | 7 +++++++
+ tools/tiff2pdf.c | 22 ++++++++++++++++++--
+ tools/tiffcrop.c | 20 +++++++++++++++++-
+ 4 files changed, 92 insertions(+), 35 deletions(-)
+
+diff --git a/libtiff/tif_pixarlog.c b/libtiff/tif_pixarlog.c
+index 1fb8f3b..d1246c3 100644
+--- a/libtiff/tif_pixarlog.c
++++ b/libtiff/tif_pixarlog.c
+@@ -983,17 +983,14 @@ horizontalDifferenceF(float *ip, int n, int stride, uint16 *wp, uint16 *FromLT2)
+ a1 = (int32) CLAMP(ip[3]); wp[3] = (uint16)((a1-a2) & mask); a2 = a1;
+ }
+ } else {
+- ip += n - 1; /* point to last one */
+- wp += n - 1; /* point to last one */
+- n -= stride;
+- while (n > 0) {
+- REPEAT(stride, wp[0] = (uint16) CLAMP(ip[0]);
+- wp[stride] -= wp[0];
+- wp[stride] &= mask;
+- wp--; ip--)
+- n -= stride;
+- }
+- REPEAT(stride, wp[0] = (uint16) CLAMP(ip[0]); wp--; ip--)
++ REPEAT(stride, wp[0] = (uint16) CLAMP(ip[0]); wp++; ip++)
++ n -= stride;
++ while (n > 0) {
++ REPEAT(stride,
++ wp[0] = (uint16)(((int32)CLAMP(ip[0])-(int32)CLAMP(ip[-stride])) & mask);
++ wp++; ip++)
++ n -= stride;
++ }
+ }
+ }
+ }
+@@ -1036,17 +1033,14 @@ horizontalDifference16(unsigned short *ip, int n, int stride,
+ a1 = CLAMP(ip[3]); wp[3] = (uint16)((a1-a2) & mask); a2 = a1;
+ }
+ } else {
+- ip += n - 1; /* point to last one */
+- wp += n - 1; /* point to last one */
++ REPEAT(stride, wp[0] = CLAMP(ip[0]); wp++; ip++)
+ n -= stride;
+ while (n > 0) {
+- REPEAT(stride, wp[0] = CLAMP(ip[0]);
+- wp[stride] -= wp[0];
+- wp[stride] &= mask;
+- wp--; ip--)
+- n -= stride;
+- }
+- REPEAT(stride, wp[0] = CLAMP(ip[0]); wp--; ip--)
++ REPEAT(stride,
++ wp[0] = (uint16)((CLAMP(ip[0])-CLAMP(ip[-stride])) & mask);
++ wp++; ip++)
++ n -= stride;
++ }
+ }
+ }
+ }
+@@ -1089,18 +1083,15 @@ horizontalDifference8(unsigned char *ip, int n, int stride,
+ ip += 4;
+ }
+ } else {
+- wp += n + stride - 1; /* point to last one */
+- ip += n + stride - 1; /* point to last one */
+- n -= stride;
+- while (n > 0) {
+- REPEAT(stride, wp[0] = CLAMP(ip[0]);
+- wp[stride] -= wp[0];
+- wp[stride] &= mask;
+- wp--; ip--)
+- n -= stride;
+- }
+- REPEAT(stride, wp[0] = CLAMP(ip[0]); wp--; ip--)
+- }
++ REPEAT(stride, wp[0] = CLAMP(ip[0]); wp++; ip++)
++ n -= stride;
++ while (n > 0) {
++ REPEAT(stride,
++ wp[0] = (uint16)((CLAMP(ip[0])-CLAMP(ip[-stride])) & mask);
++ wp++; ip++)
++ n -= stride;
++ }
++ }
+ }
+ }
+
+diff --git a/libtiff/tif_write.c b/libtiff/tif_write.c
+index f9a3fc0..d8fa802 100644
+--- a/libtiff/tif_write.c
++++ b/libtiff/tif_write.c
+@@ -798,7 +798,14 @@ TIFFFlushData1(TIFF* tif)
+ if (!TIFFAppendToStrip(tif,
+ isTiled(tif) ? tif->tif_curtile : tif->tif_curstrip,
+ tif->tif_rawdata, tif->tif_rawcc))
++ {
++ /* We update those variables even in case of error since there's */
++ /* code that doesn't really check the return code of this */
++ /* function */
++ tif->tif_rawcc = 0;
++ tif->tif_rawcp = tif->tif_rawdata;
+ return (0);
++ }
+ tif->tif_rawcc = 0;
+ tif->tif_rawcp = tif->tif_rawdata;
+ }
+diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c
+index dcd5a7e..f8df6b5 100644
+--- a/tools/tiff2pdf.c
++++ b/tools/tiff2pdf.c
+@@ -286,7 +286,7 @@ tsize_t t2p_readwrite_pdf_image_tile(T2P*, TIFF*, TIFF*, ttile_t);
+ int t2p_process_ojpeg_tables(T2P*, TIFF*);
+ #endif
+ #ifdef JPEG_SUPPORT
+-int t2p_process_jpeg_strip(unsigned char*, tsize_t*, unsigned char*, tsize_t*, tstrip_t, uint32);
++int t2p_process_jpeg_strip(unsigned char*, tsize_t*, unsigned char*, tsize_t, tsize_t*, tstrip_t, uint32);
+ #endif
+ void t2p_tile_collapse_left(tdata_t, tsize_t, uint32, uint32, uint32);
+ void t2p_write_advance_directory(T2P*, TIFF*);
+@@ -2408,7 +2408,8 @@ tsize_t t2p_readwrite_pdf_image(T2P* t2p, TIFF* input, TIFF* output){
+ if(!t2p_process_jpeg_strip(
+ stripbuffer,
+ &striplength,
+- buffer,
++ buffer,
++ t2p->tiff_datasize,
+ &bufferoffset,
+ i,
+ t2p->tiff_length)){
+@@ -3439,6 +3440,7 @@ int t2p_process_jpeg_strip(
+ unsigned char* strip,
+ tsize_t* striplength,
+ unsigned char* buffer,
++ tsize_t buffersize,
+ tsize_t* bufferoffset,
+ tstrip_t no,
+ uint32 height){
+@@ -3473,6 +3475,8 @@ int t2p_process_jpeg_strip(
+ }
+ switch( strip[i] ){
+ case 0xd8: /* SOI - start of image */
++ if( *bufferoffset + 2 > buffersize )
++ return(0);
+ _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), 2);
+ *bufferoffset+=2;
+ break;
+@@ -3482,12 +3486,18 @@ int t2p_process_jpeg_strip(
+ case 0xc9: /* SOF9 */
+ case 0xca: /* SOF10 */
+ if(no==0){
++ if( *bufferoffset + datalen + 2 + 6 > buffersize )
++ return(0);
+ _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), datalen+2);
++ if( *bufferoffset + 9 >= buffersize )
++ return(0);
+ ncomp = buffer[*bufferoffset+9];
+ if (ncomp < 1 || ncomp > 4)
+ return(0);
+ v_samp=1;
+ h_samp=1;
++ if( *bufferoffset + 11 + 3*(ncomp-1) >= buffersize )
++ return(0);
+ for(j=0;j<ncomp;j++){
+ uint16 samp = buffer[*bufferoffset+11+(3*j)];
+ if( (samp>>4) > h_samp)
+@@ -3519,20 +3529,28 @@ int t2p_process_jpeg_strip(
+ break;
+ case 0xc4: /* DHT */
+ case 0xdb: /* DQT */
++ if( *bufferoffset + datalen + 2 > buffersize )
++ return(0);
+ _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), datalen+2);
+ *bufferoffset+=datalen+2;
+ break;
+ case 0xda: /* SOS */
+ if(no==0){
++ if( *bufferoffset + datalen + 2 > buffersize )
++ return(0);
+ _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), datalen+2);
+ *bufferoffset+=datalen+2;
+ } else {
++ if( *bufferoffset + 2 > buffersize )
++ return(0);
+ buffer[(*bufferoffset)++]=0xff;
+ buffer[(*bufferoffset)++]=
+ (unsigned char)(0xd0 | ((no-1)%8));
+ }
+ i += datalen + 1;
+ /* copy remainder of strip */
++ if( *bufferoffset + *striplength - i > buffersize )
++ return(0);
+ _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i]), *striplength - i);
+ *bufferoffset+= *striplength - i;
+ return(1);
+diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
+index ebc4aba..7685566 100644
+--- a/tools/tiffcrop.c
++++ b/tools/tiffcrop.c
+@@ -5758,7 +5758,8 @@ loadImage(TIFF* in, struct image_data *image, struct dump_opts *dump, unsigned c
+ {
+ uint32 i;
+ float xres = 0.0, yres = 0.0;
+- uint16 nstrips = 0, ntiles = 0, planar = 0;
++ uint32 nstrips = 0, ntiles = 0;
++ uint16 planar = 0;
+ uint16 bps = 0, spp = 0, res_unit = 0;
+ uint16 orientation = 0;
+ uint16 input_compression = 0, input_photometric = 0;
+@@ -6066,11 +6067,23 @@ loadImage(TIFF* in, struct image_data *image, struct dump_opts *dump, unsigned c
+ /* +3 : add a few guard bytes since reverseSamples16bits() can read a bit */
+ /* outside buffer */
+ if (!read_buff)
++ {
++ if( buffsize > 0xFFFFFFFFU - 3 )
++ {
++ TIFFError("loadImage", "Unable to allocate/reallocate read buffer");
++ return (-1);
++ }
+ read_buff = (unsigned char *)_TIFFmalloc(buffsize+3);
++ }
+ else
+ {
+ if (prev_readsize < buffsize)
++ {
++ if( buffsize > 0xFFFFFFFFU - 3 )
+ {
++ TIFFError("loadImage", "Unable to allocate/reallocate read buffer");
++ return (-1);
++ }
+ new_buff = _TIFFrealloc(read_buff, buffsize+3);
+ if (!new_buff)
+ {
+@@ -8912,6 +8925,11 @@ reverseSamplesBytes (uint16 spp, uint16 bps, uint32 width,
+ }
+
+ bytes_per_pixel = ((bps * spp) + 7) / 8;
++ if( bytes_per_pixel > sizeof(swapbuff) )
++ {
++ TIFFError("reverseSamplesBytes","bytes_per_pixel too large");
++ return (1);
++ }
+ switch (bps / 8)
+ {
+ case 8: /* Use memcpy for multiple bytes per sample data */
+--
+2.9.3
+
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.0.6.bb b/meta/recipes-multimedia/libtiff/tiff_4.0.6.bb
index 8521fd7..5fccde9 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.0.6.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.0.6.bb
@@ -22,6 +22,7 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
file://CVE-2016-9535-1.patch \
file://CVE-2016-9535-2.patch \
file://CVE-2016-9538.patch \
+ file://Fix_several_CVE_issues.patch \
"
SRC_URI[md5sum] = "d1d2e940dea0b5ad435f21f03d96dd72"
--
2.8.1
^ permalink raw reply related
* [PATCH 2/3] tiff: Security fix CVE-2016-9538
From: mingli.yu @ 2016-12-07 8:01 UTC (permalink / raw)
To: openembedded-core
In-Reply-To: <1481097673-8896-1-git-send-email-mingli.yu@windriver.com>
From: Mingli Yu <Mingli.Yu@windriver.com>
* tools/tiffcrop.c: fix read of undefined buffer in
readContigStripsIntoBuffer() due to uint16 overflow.
External References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9538
Patch from:
https://github.com/vadz/libtiff/commit/43c0b81a818640429317c80fea1e66771e85024b#diff-c8b4b355f9b5c06d585b23138e1c185f
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
---
.../libtiff/files/CVE-2016-9538.patch | 67 ++++++++++++++++++++++
meta/recipes-multimedia/libtiff/tiff_4.0.6.bb | 1 +
2 files changed, 68 insertions(+)
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-9538.patch
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2016-9538.patch b/meta/recipes-multimedia/libtiff/files/CVE-2016-9538.patch
new file mode 100644
index 0000000..e1141df
--- /dev/null
+++ b/meta/recipes-multimedia/libtiff/files/CVE-2016-9538.patch
@@ -0,0 +1,67 @@
+From 43c0b81a818640429317c80fea1e66771e85024b Mon Sep 17 00:00:00 2001
+From: erouault <erouault>
+Date: Sat, 8 Oct 2016 15:04:31 +0000
+Subject: [PATCH] Fix CVE-2016-9538
+* tools/tiffcp.c: fix read of undefined variable in case of
+ missing required tags. Found on test case of MSVR 35100. * tools/tiffcrop.c:
+ fix read of undefined buffer in readContigStripsIntoBuffer() due to uint16
+ overflow. Probably not a security issue but I can be wrong. Reported as MSVR
+ 35100 by Axel Souchet from the MSRC Vulnerabilities & Mitigations team.
+
+CVE: CVE-2016-9538
+Upstream-Status: Backport
+https://github.com/vadz/libtiff/commit/43c0b81a818640429317c80fea1e66771e85024b#diff-c8b4b355f9b5c06d585b23138e1c185f
+
+Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
+
+---
+ tools/tiffcp.c | 4 ++--
+ tools/tiffcrop.c | 9 ++++++---
+ 2 files changed, 17 insertions(+), 5 deletions(-)
+
+diff --git a/tools/tiffcp.c b/tools/tiffcp.c
+index ba2b715..4ad74d3 100644
+--- a/tools/tiffcp.c
++++ b/tools/tiffcp.c
+@@ -592,8 +592,8 @@ static copyFunc pickCopyFunc(TIFF*, TIFF*, uint16, uint16);
+ static int
+ tiffcp(TIFF* in, TIFF* out)
+ {
+- uint16 bitspersample, samplesperpixel;
+- uint16 input_compression, input_photometric;
++ uint16 bitspersample, samplesperpixel = 1;
++ uint16 input_compression, input_photometric = PHOTOMETRIC_MINISBLACK;
+ copyFunc cf;
+ uint32 width, length;
+ struct cpTag* p;
+diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c
+index 7685566..eb6de77 100644
+--- a/tools/tiffcrop.c
++++ b/tools/tiffcrop.c
+@@ -3628,7 +3628,7 @@ static int readContigStripsIntoBuffer (TIFF* in, uint8* buf)
+ {
+ uint8* bufp = buf;
+ int32 bytes_read = 0;
+- uint16 strip, nstrips = TIFFNumberOfStrips(in);
++ uint32 strip, nstrips = TIFFNumberOfStrips(in);
+ uint32 stripsize = TIFFStripSize(in);
+ uint32 rows = 0;
+ uint32 rps = TIFFGetFieldDefaulted(in, TIFFTAG_ROWSPERSTRIP, &rps);
+@@ -4711,9 +4711,12 @@ static int readSeparateStripsIntoBuffer (TIFF *in, uint8 *obuf, uint32 length,
+ uint32 width, uint16 spp,
+ struct dump_opts *dump)
+ {
+- int i, j, bytes_per_sample, bytes_per_pixel, shift_width, result = 1;
++ int i, bytes_per_sample, bytes_per_pixel, shift_width, result = 1;
++ uint32 j;
+ int32 bytes_read = 0;
+- uint16 bps, nstrips, planar, strips_per_sample;
++ uint16 bps, planar;
++ uint32 nstrips;
++ uint32 strips_per_sample;
+ uint32 src_rowsize, dst_rowsize, rows_processed, rps;
+ uint32 rows_this_strip = 0;
+ tsample_t s;
+--
+2.9.3
+
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.0.6.bb b/meta/recipes-multimedia/libtiff/tiff_4.0.6.bb
index 7b5dd9c..8521fd7 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.0.6.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.0.6.bb
@@ -21,6 +21,7 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
file://CVE-2016-9539.patch \
file://CVE-2016-9535-1.patch \
file://CVE-2016-9535-2.patch \
+ file://CVE-2016-9538.patch \
"
SRC_URI[md5sum] = "d1d2e940dea0b5ad435f21f03d96dd72"
--
2.8.1
^ permalink raw reply related
* [PATCH 1/3] tiff: Security fix CVE-2016-9535
From: mingli.yu @ 2016-12-07 8:01 UTC (permalink / raw)
To: openembedded-core
In-Reply-To: <1481097673-8896-1-git-send-email-mingli.yu@windriver.com>
From: Mingli Yu <Mingli.Yu@windriver.com>
* libtiff/tif_predict.h, libtiff/tif_predict.c:
Replace assertions by runtime checks to avoid assertions in debug mode,
or buffer overflows in release mode. Can happen when dealing with
unusual tile size like YCbCr with subsampling.
External References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9535
Patch from:
https://github.com/vadz/libtiff/commit/3ca657a8793dd011bf869695d72ad31c779c3cc1
https://github.com/vadz/libtiff/commit/6a984bf7905c6621281588431f384e79d11a2e33
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
---
.../libtiff/files/CVE-2016-9535-1.patch | 423 +++++++++++++++++++++
.../libtiff/files/CVE-2016-9535-2.patch | 67 ++++
meta/recipes-multimedia/libtiff/tiff_4.0.6.bb | 2 +
3 files changed, 492 insertions(+)
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-9535-1.patch
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2016-9535-2.patch
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2016-9535-1.patch b/meta/recipes-multimedia/libtiff/files/CVE-2016-9535-1.patch
new file mode 100644
index 0000000..26fd0df
--- /dev/null
+++ b/meta/recipes-multimedia/libtiff/files/CVE-2016-9535-1.patch
@@ -0,0 +1,423 @@
+From 3ca657a8793dd011bf869695d72ad31c779c3cc1 Mon Sep 17 00:00:00 2001
+From: erouault <erouault>
+Date: Mon, 31 Oct 2016 17:24:26 +0000
+Subject: [PATCH 1/2] Fix CVE-2016-9535
+
+* libtiff/tif_predict.h, libtiff/tif_predict.c: Replace
+ assertions by runtime checks to avoid assertions in debug mode, or buffer
+ overflows in release mode. Can happen when dealing with unusual tile size
+ like YCbCr with subsampling. Reported as MSVR 35105 by Axel Souchet &
+ Vishal Chauhan from the MSRC Vulnerabilities & Mitigations team.
+
+CVE: CVE-2016-9535
+Upstream-Status: Backport
+https://github.com/vadz/libtiff/commit/3ca657a8793dd011bf869695d72ad31c779c3cc1
+
+Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
+
+---
+ libtiff/tif_predict.c | 153 +++++++++++++++++++++++++++++++++++---------------
+ libtiff/tif_predict.h | 6 +-
+ 2 files changed, 121 insertions(+), 47 deletions(-)
+
+diff --git a/libtiff/tif_predict.c b/libtiff/tif_predict.c
+index 555f2f9..b829259 100644
+--- a/libtiff/tif_predict.c
++++ b/libtiff/tif_predict.c
+@@ -34,18 +34,18 @@
+
+ #define PredictorState(tif) ((TIFFPredictorState*) (tif)->tif_data)
+
+-static void horAcc8(TIFF* tif, uint8* cp0, tmsize_t cc);
+-static void horAcc16(TIFF* tif, uint8* cp0, tmsize_t cc);
+-static void horAcc32(TIFF* tif, uint8* cp0, tmsize_t cc);
+-static void swabHorAcc16(TIFF* tif, uint8* cp0, tmsize_t cc);
+-static void swabHorAcc32(TIFF* tif, uint8* cp0, tmsize_t cc);
+-static void horDiff8(TIFF* tif, uint8* cp0, tmsize_t cc);
+-static void horDiff16(TIFF* tif, uint8* cp0, tmsize_t cc);
+-static void horDiff32(TIFF* tif, uint8* cp0, tmsize_t cc);
+-static void swabHorDiff16(TIFF* tif, uint8* cp0, tmsize_t cc);
+-static void swabHorDiff32(TIFF* tif, uint8* cp0, tmsize_t cc);
+-static void fpAcc(TIFF* tif, uint8* cp0, tmsize_t cc);
+-static void fpDiff(TIFF* tif, uint8* cp0, tmsize_t cc);
++static int horAcc8(TIFF* tif, uint8* cp0, tmsize_t cc);
++static int horAcc16(TIFF* tif, uint8* cp0, tmsize_t cc);
++static int horAcc32(TIFF* tif, uint8* cp0, tmsize_t cc);
++static int swabHorAcc16(TIFF* tif, uint8* cp0, tmsize_t cc);
++static int swabHorAcc32(TIFF* tif, uint8* cp0, tmsize_t cc);
++static int horDiff8(TIFF* tif, uint8* cp0, tmsize_t cc);
++static int horDiff16(TIFF* tif, uint8* cp0, tmsize_t cc);
++static int horDiff32(TIFF* tif, uint8* cp0, tmsize_t cc);
++static int swabHorDiff16(TIFF* tif, uint8* cp0, tmsize_t cc);
++static int swabHorDiff32(TIFF* tif, uint8* cp0, tmsize_t cc);
++static int fpAcc(TIFF* tif, uint8* cp0, tmsize_t cc);
++static int fpDiff(TIFF* tif, uint8* cp0, tmsize_t cc);
+ static int PredictorDecodeRow(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s);
+ static int PredictorDecodeTile(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s);
+ static int PredictorEncodeRow(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s);
+@@ -273,13 +273,19 @@ PredictorSetupEncode(TIFF* tif)
+ /* - when storing into the byte stream, we explicitly mask with 0xff so */
+ /* as to make icc -check=conversions happy (not necessary by the standard) */
+
+-static void
++static int
+ horAcc8(TIFF* tif, uint8* cp0, tmsize_t cc)
+ {
+ tmsize_t stride = PredictorState(tif)->stride;
+
+ unsigned char* cp = (unsigned char*) cp0;
+- assert((cc%stride)==0);
++ if((cc%stride)!=0)
++ {
++ TIFFErrorExt(tif->tif_clientdata, "horAcc8",
++ "%s", "(cc%stride)!=0");
++ return 0;
++ }
++
+ if (cc > stride) {
+ /*
+ * Pipeline the most common cases.
+@@ -321,26 +327,32 @@ horAcc8(TIFF* tif, uint8* cp0, tmsize_t cc)
+ } while (cc>0);
+ }
+ }
++ return 1;
+ }
+
+-static void
++static int
+ swabHorAcc16(TIFF* tif, uint8* cp0, tmsize_t cc)
+ {
+ uint16* wp = (uint16*) cp0;
+ tmsize_t wc = cc / 2;
+
+ TIFFSwabArrayOfShort(wp, wc);
+- horAcc16(tif, cp0, cc);
++ return horAcc16(tif, cp0, cc);
+ }
+
+-static void
++static int
+ horAcc16(TIFF* tif, uint8* cp0, tmsize_t cc)
+ {
+ tmsize_t stride = PredictorState(tif)->stride;
+ uint16* wp = (uint16*) cp0;
+ tmsize_t wc = cc / 2;
+
+- assert((cc%(2*stride))==0);
++ if((cc%(2*stride))!=0)
++ {
++ TIFFErrorExt(tif->tif_clientdata, "horAcc16",
++ "%s", "cc%(2*stride))!=0");
++ return 0;
++ }
+
+ if (wc > stride) {
+ wc -= stride;
+@@ -349,26 +361,32 @@ horAcc16(TIFF* tif, uint8* cp0, tmsize_t cc)
+ wc -= stride;
+ } while (wc > 0);
+ }
++ return 1;
+ }
+
+-static void
++static int
+ swabHorAcc32(TIFF* tif, uint8* cp0, tmsize_t cc)
+ {
+ uint32* wp = (uint32*) cp0;
+ tmsize_t wc = cc / 4;
+
+ TIFFSwabArrayOfLong(wp, wc);
+- horAcc32(tif, cp0, cc);
++ return horAcc32(tif, cp0, cc);
+ }
+
+-static void
++static int
+ horAcc32(TIFF* tif, uint8* cp0, tmsize_t cc)
+ {
+ tmsize_t stride = PredictorState(tif)->stride;
+ uint32* wp = (uint32*) cp0;
+ tmsize_t wc = cc / 4;
+
+- assert((cc%(4*stride))==0);
++ if((cc%(4*stride))!=0)
++ {
++ TIFFErrorExt(tif->tif_clientdata, "horAcc32",
++ "%s", "cc%(4*stride))!=0");
++ return 0;
++ }
+
+ if (wc > stride) {
+ wc -= stride;
+@@ -377,12 +395,13 @@ horAcc32(TIFF* tif, uint8* cp0, tmsize_t cc)
+ wc -= stride;
+ } while (wc > 0);
+ }
++ return 1;
+ }
+
+ /*
+ * Floating point predictor accumulation routine.
+ */
+-static void
++static int
+ fpAcc(TIFF* tif, uint8* cp0, tmsize_t cc)
+ {
+ tmsize_t stride = PredictorState(tif)->stride;
+@@ -392,10 +411,15 @@ fpAcc(TIFF* tif, uint8* cp0, tmsize_t cc)
+ uint8 *cp = (uint8 *) cp0;
+ uint8 *tmp = (uint8 *)_TIFFmalloc(cc);
+
+- assert((cc%(bps*stride))==0);
++ if(cc%(bps*stride)!=0)
++ {
++ TIFFErrorExt(tif->tif_clientdata, "fpAcc",
++ "%s", "cc%(bps*stride))!=0");
++ return 0;
++ }
+
+ if (!tmp)
+- return;
++ return 0;
+
+ while (count > stride) {
+ REPEAT4(stride, cp[stride] =
+@@ -417,6 +441,7 @@ fpAcc(TIFF* tif, uint8* cp0, tmsize_t cc)
+ }
+ }
+ _TIFFfree(tmp);
++ return 1;
+ }
+
+ /*
+@@ -432,8 +457,7 @@ PredictorDecodeRow(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s)
+ assert(sp->decodepfunc != NULL);
+
+ if ((*sp->decoderow)(tif, op0, occ0, s)) {
+- (*sp->decodepfunc)(tif, op0, occ0);
+- return 1;
++ return (*sp->decodepfunc)(tif, op0, occ0);
+ } else
+ return 0;
+ }
+@@ -456,10 +480,16 @@ PredictorDecodeTile(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s)
+ if ((*sp->decodetile)(tif, op0, occ0, s)) {
+ tmsize_t rowsize = sp->rowsize;
+ assert(rowsize > 0);
+- assert((occ0%rowsize)==0);
++ if((occ0%rowsize) !=0)
++ {
++ TIFFErrorExt(tif->tif_clientdata, "PredictorDecodeTile",
++ "%s", "occ0%rowsize != 0");
++ return 0;
++ }
+ assert(sp->decodepfunc != NULL);
+ while (occ0 > 0) {
+- (*sp->decodepfunc)(tif, op0, rowsize);
++ if( !(*sp->decodepfunc)(tif, op0, rowsize) )
++ return 0;
+ occ0 -= rowsize;
+ op0 += rowsize;
+ }
+@@ -468,14 +498,19 @@ PredictorDecodeTile(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s)
+ return 0;
+ }
+
+-static void
++static int
+ horDiff8(TIFF* tif, uint8* cp0, tmsize_t cc)
+ {
+ TIFFPredictorState* sp = PredictorState(tif);
+ tmsize_t stride = sp->stride;
+ unsigned char* cp = (unsigned char*) cp0;
+
+- assert((cc%stride)==0);
++ if((cc%stride)!=0)
++ {
++ TIFFErrorExt(tif->tif_clientdata, "horDiff8",
++ "%s", "(cc%stride)!=0");
++ return 0;
++ }
+
+ if (cc > stride) {
+ cc -= stride;
+@@ -513,9 +548,10 @@ horDiff8(TIFF* tif, uint8* cp0, tmsize_t cc)
+ } while ((cc -= stride) > 0);
+ }
+ }
++ return 1;
+ }
+
+-static void
++static int
+ horDiff16(TIFF* tif, uint8* cp0, tmsize_t cc)
+ {
+ TIFFPredictorState* sp = PredictorState(tif);
+@@ -523,7 +559,12 @@ horDiff16(TIFF* tif, uint8* cp0, tmsize_t cc)
+ uint16 *wp = (uint16*) cp0;
+ tmsize_t wc = cc/2;
+
+- assert((cc%(2*stride))==0);
++ if((cc%(2*stride))!=0)
++ {
++ TIFFErrorExt(tif->tif_clientdata, "horDiff8",
++ "%s", "(cc%(2*stride))!=0");
++ return 0;
++ }
+
+ if (wc > stride) {
+ wc -= stride;
+@@ -533,20 +574,23 @@ horDiff16(TIFF* tif, uint8* cp0, tmsize_t cc)
+ wc -= stride;
+ } while (wc > 0);
+ }
++ return 1;
+ }
+
+-static void
++static int
+ swabHorDiff16(TIFF* tif, uint8* cp0, tmsize_t cc)
+ {
+ uint16* wp = (uint16*) cp0;
+ tmsize_t wc = cc / 2;
+
+- horDiff16(tif, cp0, cc);
++ if( !horDiff16(tif, cp0, cc) )
++ return 0;
+
+ TIFFSwabArrayOfShort(wp, wc);
++ return 1;
+ }
+
+-static void
++static int
+ horDiff32(TIFF* tif, uint8* cp0, tmsize_t cc)
+ {
+ TIFFPredictorState* sp = PredictorState(tif);
+@@ -554,7 +598,12 @@ horDiff32(TIFF* tif, uint8* cp0, tmsize_t cc)
+ uint32 *wp = (uint32*) cp0;
+ tmsize_t wc = cc/4;
+
+- assert((cc%(4*stride))==0);
++ if((cc%(4*stride))!=0)
++ {
++ TIFFErrorExt(tif->tif_clientdata, "horDiff32",
++ "%s", "(cc%(4*stride))!=0");
++ return 0;
++ }
+
+ if (wc > stride) {
+ wc -= stride;
+@@ -564,23 +613,26 @@ horDiff32(TIFF* tif, uint8* cp0, tmsize_t cc)
+ wc -= stride;
+ } while (wc > 0);
+ }
++ return 1;
+ }
+
+-static void
++static int
+ swabHorDiff32(TIFF* tif, uint8* cp0, tmsize_t cc)
+ {
+ uint32* wp = (uint32*) cp0;
+ tmsize_t wc = cc / 4;
+
+- horDiff32(tif, cp0, cc);
++ if( !horDiff32(tif, cp0, cc) )
++ return 0;
+
+ TIFFSwabArrayOfLong(wp, wc);
++ return 1;
+ }
+
+ /*
+ * Floating point predictor differencing routine.
+ */
+-static void
++static int
+ fpDiff(TIFF* tif, uint8* cp0, tmsize_t cc)
+ {
+ tmsize_t stride = PredictorState(tif)->stride;
+@@ -590,10 +642,14 @@ fpDiff(TIFF* tif, uint8* cp0, tmsize_t cc)
+ uint8 *cp = (uint8 *) cp0;
+ uint8 *tmp = (uint8 *)_TIFFmalloc(cc);
+
+- assert((cc%(bps*stride))==0);
+-
++ if((cc%(bps*stride))!=0)
++ {
++ TIFFErrorExt(tif->tif_clientdata, "fpDiff",
++ "%s", "(cc%(bps*stride))!=0");
++ return 0;
++ }
+ if (!tmp)
+- return;
++ return 0;
+
+ _TIFFmemcpy(tmp, cp0, cc);
+ for (count = 0; count < wc; count++) {
+@@ -613,6 +669,7 @@ fpDiff(TIFF* tif, uint8* cp0, tmsize_t cc)
+ cp += cc - stride - 1;
+ for (count = cc; count > stride; count -= stride)
+ REPEAT4(stride, cp[stride] = (unsigned char)((cp[stride] - cp[0])&0xff); cp--)
++ return 1;
+ }
+
+ static int
+@@ -625,7 +682,8 @@ PredictorEncodeRow(TIFF* tif, uint8* bp, tmsize_t cc, uint16 s)
+ assert(sp->encoderow != NULL);
+
+ /* XXX horizontal differencing alters user's data XXX */
+- (*sp->encodepfunc)(tif, bp, cc);
++ if( !(*sp->encodepfunc)(tif, bp, cc) )
++ return 0;
+ return (*sp->encoderow)(tif, bp, cc, s);
+ }
+
+@@ -660,7 +718,12 @@ PredictorEncodeTile(TIFF* tif, uint8* bp0, tmsize_t cc0, uint16 s)
+
+ rowsize = sp->rowsize;
+ assert(rowsize > 0);
+- assert((cc0%rowsize)==0);
++ if((cc0%rowsize)!=0)
++ {
++ TIFFErrorExt(tif->tif_clientdata, "PredictorEncodeTile",
++ "%s", "(cc0%rowsize)!=0");
++ return 0;
++ }
+ while (cc > 0) {
+ (*sp->encodepfunc)(tif, bp, rowsize);
+ cc -= rowsize;
+diff --git a/libtiff/tif_predict.h b/libtiff/tif_predict.h
+index 91330cc..9e485a4 100644
+--- a/libtiff/tif_predict.h
++++ b/libtiff/tif_predict.h
+@@ -30,6 +30,8 @@
+ * ``Library-private'' Support for the Predictor Tag
+ */
+
++typedef int (*TIFFEncodeDecodeMethod)(TIFF* tif, uint8* buf, tmsize_t size);
++
+ /*
+ * Codecs that want to support the Predictor tag must place
+ * this structure first in their private state block so that
+@@ -43,12 +45,12 @@ typedef struct {
+ TIFFCodeMethod encoderow; /* parent codec encode/decode row */
+ TIFFCodeMethod encodestrip; /* parent codec encode/decode strip */
+ TIFFCodeMethod encodetile; /* parent codec encode/decode tile */
+- TIFFPostMethod encodepfunc; /* horizontal differencer */
++ TIFFEncodeDecodeMethod encodepfunc; /* horizontal differencer */
+
+ TIFFCodeMethod decoderow; /* parent codec encode/decode row */
+ TIFFCodeMethod decodestrip; /* parent codec encode/decode strip */
+ TIFFCodeMethod decodetile; /* parent codec encode/decode tile */
+- TIFFPostMethod decodepfunc; /* horizontal accumulator */
++ TIFFEncodeDecodeMethod decodepfunc; /* horizontal accumulator */
+
+ TIFFVGetMethod vgetparent; /* super-class method */
+ TIFFVSetMethod vsetparent; /* super-class method */
+--
+2.9.3
+
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2016-9535-2.patch b/meta/recipes-multimedia/libtiff/files/CVE-2016-9535-2.patch
new file mode 100644
index 0000000..977dbf6
--- /dev/null
+++ b/meta/recipes-multimedia/libtiff/files/CVE-2016-9535-2.patch
@@ -0,0 +1,67 @@
+From 6a984bf7905c6621281588431f384e79d11a2e33 Mon Sep 17 00:00:00 2001
+From: erouault <erouault>
+Date: Fri, 4 Nov 2016 09:19:13 +0000
+Subject: [PATCH 2/2] Fix CVE-2016-9535
+* libtiff/tif_predic.c: fix memory leaks in error code
+ paths added in previous commit (fix for MSVR 35105)
+
+CVE: CVE-2016-9535
+Upstream-Status: Backport
+https://github.com/vadz/libtiff/commit/6a984bf7905c6621281588431f384e79d11a2e33
+
+Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
+
+---
+ libtiff/tif_predict.c | 8 ++++++--
+ 1 files changed, 11 insertions(+), 2 deletions(-)
+
+diff --git a/libtiff/tif_predict.c b/libtiff/tif_predict.c
+index b829259..3f42f3b 100644
+--- a/libtiff/tif_predict.c
++++ b/libtiff/tif_predict.c
+@@ -409,7 +409,7 @@ fpAcc(TIFF* tif, uint8* cp0, tmsize_t cc)
+ tmsize_t wc = cc / bps;
+ tmsize_t count = cc;
+ uint8 *cp = (uint8 *) cp0;
+- uint8 *tmp = (uint8 *)_TIFFmalloc(cc);
++ uint8 *tmp;
+
+ if(cc%(bps*stride)!=0)
+ {
+@@ -418,6 +418,7 @@ fpAcc(TIFF* tif, uint8* cp0, tmsize_t cc)
+ return 0;
+ }
+
++ tmp = (uint8 *)_TIFFmalloc(cc);
+ if (!tmp)
+ return 0;
+
+@@ -640,7 +641,7 @@ fpDiff(TIFF* tif, uint8* cp0, tmsize_t cc)
+ tmsize_t wc = cc / bps;
+ tmsize_t count;
+ uint8 *cp = (uint8 *) cp0;
+- uint8 *tmp = (uint8 *)_TIFFmalloc(cc);
++ uint8 *tmp;
+
+ if((cc%(bps*stride))!=0)
+ {
+@@ -648,6 +649,8 @@ fpDiff(TIFF* tif, uint8* cp0, tmsize_t cc)
+ "%s", "(cc%(bps*stride))!=0");
+ return 0;
+ }
++
++ tmp = (uint8 *)_TIFFmalloc(cc);
+ if (!tmp)
+ return 0;
+
+@@ -722,6 +725,7 @@ PredictorEncodeTile(TIFF* tif, uint8* bp0, tmsize_t cc0, uint16 s)
+ {
+ TIFFErrorExt(tif->tif_clientdata, "PredictorEncodeTile",
+ "%s", "(cc0%rowsize)!=0");
++ _TIFFfree( working_copy );
+ return 0;
+ }
+ while (cc > 0) {
+--
+2.9.3
+
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.0.6.bb b/meta/recipes-multimedia/libtiff/tiff_4.0.6.bb
index 3a7906a..7b5dd9c 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.0.6.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.0.6.bb
@@ -19,6 +19,8 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
file://CVE-2016-3632.patch \
file://CVE-2016-9540.patch \
file://CVE-2016-9539.patch \
+ file://CVE-2016-9535-1.patch \
+ file://CVE-2016-9535-2.patch \
"
SRC_URI[md5sum] = "d1d2e940dea0b5ad435f21f03d96dd72"
--
2.8.1
^ permalink raw reply related
* tiff: fix several tiff CVE issues
From: mingli.yu @ 2016-12-07 8:01 UTC (permalink / raw)
To: openembedded-core
These commits fix several tiff CVE issues:
CVE-2016-9533, CVE-2016-9534, CVE-2016-9535,
CVE-2016-9536, CVE-2016-9537 and CVE-2016-9538
^ permalink raw reply
* [PATCH 2/2] archiver.bbclass: fix do_ar_recipe error for bonnie++ and libsigc++-2.0
From: Dengke Du @ 2016-12-07 1:57 UTC (permalink / raw)
To: openembedded-core
In-Reply-To: <cover.1481075716.git.dengke.du@windriver.com>
When recipes name contains regular expression special characters, such as "++",
in this case, the re.compile function in do_ar_recipe can't recognize it, so we
should associate with re.escape to recognize the special characters in pattern.
Signed-off-by: Dengke Du <dengke.du@windriver.com>
---
meta/classes/archiver.bbclass | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/meta/classes/archiver.bbclass b/meta/classes/archiver.bbclass
index fe8877b..7d89e44 100644
--- a/meta/classes/archiver.bbclass
+++ b/meta/classes/archiver.bbclass
@@ -359,8 +359,9 @@ python do_ar_recipe () {
bbappend_files = d.getVar('BBINCLUDED', True).split()
# If recipe name is aa, we need to match files like aa.bbappend and aa_1.1.bbappend
# Files like aa1.bbappend or aa1_1.1.bbappend must be excluded.
- bbappend_re = re.compile( r".*/%s_[^/]*\.bbappend$" %pn)
- bbappend_re1 = re.compile( r".*/%s\.bbappend$" %pn)
+ # If the "pn" contains regular expression special characters, we should use re.escape to recognize it.
+ bbappend_re = re.compile( r".*/%s_[^/]*\.bbappend$" % re.escape(pn))
+ bbappend_re1 = re.compile( r".*/%s\.bbappend$" % re.escape(pn))
for file in bbappend_files:
if bbappend_re.match(file) or bbappend_re1.match(file):
shutil.copy(file, outdir)
--
2.7.4
^ permalink raw reply related
* [PATCH 1/2] archiver.bbclass: fix do_ar_original error for matchbox-desktop
From: Dengke Du @ 2016-12-07 1:57 UTC (permalink / raw)
To: openembedded-core
In-Reply-To: <cover.1481075716.git.dengke.du@windriver.com>
Error:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ERROR: matchbox-desktop-2.1-r0 do_ar_original: Can not determine archive names
for original source because 'name' URL parameter is unset in more than one URL.
Add it to at least one of these: git://git.yoctoproject.org/matchbox-desktop-2
file://vfolders/%2A
ERROR: matchbox-desktop-2.1-r0 do_ar_original: Function failed: do_ar_original
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In function do_ar_original, when recipes have more than one source, it added the
"name" URL parameter as suffix to identify the created tarball.
But the URL type "file://" that we always used to represent a series of patches,
it didn't have "name" parameter, so it failed.
So set "name" to the folder name to identify the created tarball, for example:
In matchbox-desktop bb file, the SRC_URI contains:
file://vfloders/*
We set "name" to "vfolders" to identify the created tarball.
In connman-gnome bb file, the SRC_URI contains:
file://images/*
We set "name" to "images" to identify the created tarball.
Signed-off-by: Dengke Du <dengke.du@windriver.com>
---
meta/classes/archiver.bbclass | 16 +++++++++++-----
1 file changed, 11 insertions(+), 5 deletions(-)
diff --git a/meta/classes/archiver.bbclass b/meta/classes/archiver.bbclass
index 9239983..fe8877b 100644
--- a/meta/classes/archiver.bbclass
+++ b/meta/classes/archiver.bbclass
@@ -166,12 +166,18 @@ python do_ar_original() {
# to be set when using the git fetcher, otherwise SRCREV cannot
# be set separately for each URL.
params = bb.fetch2.decodeurl(url)[5]
+ type = bb.fetch2.decodeurl(url)[0]
+ location = bb.fetch2.decodeurl(url)[2]
name = params.get('name', '')
- if name in tarball_suffix:
- if not name:
- bb.fatal("Cannot determine archive names for original source because 'name' URL parameter is unset in more than one URL. Add it to at least one of these: %s %s" % (tarball_suffix[name], url))
- else:
- bb.fatal("Cannot determine archive names for original source because 'name=' URL parameter '%s' is used twice. Make it unique in: %s %s" % (tarball_suffix[name], url))
+ if type.lower() == 'file':
+ name_tmp = location.rstrip("*").rstrip("/")
+ name = os.path.basename(name_tmp)
+ else:
+ if name in tarball_suffix:
+ if not name:
+ bb.fatal("Cannot determine archive names for original source because 'name' URL parameter is unset in more than one URL. Add it to at least one of these: %s %s" % (tarball_suffix[name], url))
+ else:
+ bb.fatal("Cannot determine archive names for original source because 'name=' URL parameter '%s' is used twice. Make it unique in: %s %s" % (tarball_suffix[name], url))
tarball_suffix[name] = url
create_tarball(d, tmpdir + '/.', name, ar_outdir)
--
2.7.4
^ permalink raw reply related
* [PATCH 0/2] archiver.bbclass: fix some errors for do_ar_original and do_ar_recipe
From: Dengke Du @ 2016-12-07 1:57 UTC (permalink / raw)
To: openembedded-core
The following changes since commit 9e63f81c78e284c9b325fe04a1b59e61c7ad8a1a:
bitbake: ast: remove BBVERSIONS support (2016-11-30 15:48:10 +0000)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib ddk/fix-some-error-for-archiver-bbclass
http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=ddk/fix-some-error-for-archiver-bbclass
Dengke Du (2):
archiver.bbclass: fix do_ar_original error for matchbox-desktop
archiver.bbclass: fix do_ar_recipe error for bonnie++ and
libsigc++-2.0
meta/classes/archiver.bbclass | 21 ++++++++++++++-------
1 file changed, 14 insertions(+), 7 deletions(-)
--
2.7.4
^ permalink raw reply
* [PATCH 1/1] libarchive: fix ALTERNATIVE_PRIORITY to avoid conflict
From: Chen Qi @ 2016-12-07 1:45 UTC (permalink / raw)
To: openembedded-core
In-Reply-To: <cover.1481075044.git.Qi.Chen@windriver.com>
'tar' utility from tar and bsdtar has the same alternative priority.
'cpio' utility from cpio and bsdcpio has the same alternative priority.
Lower the ALTERNATIVE_PRIORITY to avoid conflict.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
meta/recipes-extended/libarchive/libarchive_3.2.2.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-extended/libarchive/libarchive_3.2.2.bb b/meta/recipes-extended/libarchive/libarchive_3.2.2.bb
index cf66e9d..7917ce7 100644
--- a/meta/recipes-extended/libarchive/libarchive_3.2.2.bb
+++ b/meta/recipes-extended/libarchive/libarchive_3.2.2.bb
@@ -48,7 +48,7 @@ do_configure_prepend() {
cp -R ${STAGING_INCDIR_NATIVE}/ext2fs ${WORKDIR}/extra-includes/
}
-ALTERNATIVE_PRIORITY = "100"
+ALTERNATIVE_PRIORITY = "80"
PACKAGES =+ "bsdtar"
FILES_bsdtar = "${bindir}/bsdtar"
--
1.9.1
^ permalink raw reply related
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox