diff options
Diffstat (limited to 'meta/recipes-extended/unzip')
11 files changed, 502 insertions, 7 deletions
diff --git a/meta/recipes-extended/unzip/unzip/0001-configure-Add-correct-system-headers-and-prototypes-.patch b/meta/recipes-extended/unzip/unzip/0001-configure-Add-correct-system-headers-and-prototypes-.patch new file mode 100644 index 0000000000..f7e0854cd9 --- /dev/null +++ b/meta/recipes-extended/unzip/unzip/0001-configure-Add-correct-system-headers-and-prototypes-.patch @@ -0,0 +1,112 @@ +From 5ac5885d35257888d0e4a9dda903405314f9fc84 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Wed, 10 Aug 2022 17:53:13 -0700 +Subject: [PATCH] configure: Add correct system headers and prototypes to tests + +Newer compilers e.g. clang-15+ have turned stricter towards these +warnings and turned them into errors which results in subtle failures +during build, therefore make the testcases use the needed headers and +modern C + +Upstream-Status: Inactive-Upstream + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + unix/configure | 51 +++++++++++++++++++++++++++++++++++++++----------- + 1 file changed, 40 insertions(+), 11 deletions(-) + +diff --git a/unix/configure b/unix/configure +index 49579f3..8fd82dd 100755 +--- a/unix/configure ++++ b/unix/configure +@@ -379,14 +379,37 @@ $CC $CFLAGS -c conftest.c >/dev/null 2>/dev/null + + # Check for missing functions + # add NO_'function_name' to flags if missing +-for func in fchmod fchown lchown nl_langinfo +-do +- echo Check for $func +- echo "int main(){ $func(); return 0; }" > conftest.c +- $CC $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null +- [ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DNO_`echo $func | tr '[a-z]' '[A-Z]'`" +-done ++echo Check for fchmod ++cat > conftest.c << _EOF_ ++#include <sys/stat.h> ++int main(){ fchmod(0,0); return 0; } ++_EOF_ ++$CC $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null ++[ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DNO_FCHMOD" + ++echo Check for fchown ++cat > conftest.c << _EOF_ ++#include <unistd.h> ++int main(){ fchown(0,0,0); return 0; } ++_EOF_ ++$CC $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null ++[ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DNO_FCHOWN" ++ ++echo Check for lchown ++cat > conftest.c << _EOF_ ++#include <unistd.h> ++int main(){ lchown(NULL,0,0); return 0; } ++_EOF_ ++$CC $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null ++[ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DNO_LCHOWN" ++ ++echo Check for nl_langinfo ++cat > conftest.c << _EOF_ ++#include <langinfo.h> ++int main(){ nl_langinfo(0); return 0; } ++_EOF_ ++$CC $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null ++[ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DNO_NL_LANGINFO" + # Check (seriously) for a working lchmod. + echo 'Check for lchmod' + temp_file="/tmp/unzip_test_$$" +@@ -401,14 +424,17 @@ ln -s "${temp_link}" "${temp_file}" && \ + rm -f "${temp_file}" + + echo Check for memset +-echo "int main(){ char k; memset(&k,0,0); return 0; }" > conftest.c ++cat > conftest.c << _EOF_ ++#include <string.h> ++int main(){ char k; memset(&k,0,0); return 0; } ++_EOF_ + $CC $CFLAGS $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null + [ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DZMEM" + + echo Check for errno declaration + cat > conftest.c << _EOF_ + #include <errno.h> +-main() ++int main() + { + errno = 0; + return 0; +@@ -419,6 +445,8 @@ $CC $CFLAGS -c conftest.c >/dev/null 2>/dev/null + + echo Check for directory libraries + cat > conftest.c << _EOF_ ++#include <sys/types.h> ++#include <dirent.h> + int main() { return closedir(opendir(".")); } + _EOF_ + +@@ -523,10 +551,11 @@ fi + # needed for AIX (and others ?) when mmap is used + echo Check for valloc + cat > conftest.c << _EOF_ +-main() ++#include <stdlib.h> ++int main() + { + #ifdef MMAP +- valloc(); ++ valloc(0); + #endif + } + _EOF_ +-- +2.37.1 + diff --git a/meta/recipes-extended/unzip/unzip/0001-configure-Pass-LDFLAGS-to-tests-doing-link-step.patch b/meta/recipes-extended/unzip/unzip/0001-configure-Pass-LDFLAGS-to-tests-doing-link-step.patch new file mode 100644 index 0000000000..5a6d1946f6 --- /dev/null +++ b/meta/recipes-extended/unzip/unzip/0001-configure-Pass-LDFLAGS-to-tests-doing-link-step.patch @@ -0,0 +1,137 @@ +From da29ba6a27d8e78562052c79061476848915eb2a Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Wed, 9 Mar 2022 12:13:28 -0800 +Subject: [PATCH] configure: Pass LDFLAGS to tests doing link step + +Ensures that right flags from recipes are honored, otherwise tests fail +which otherwise should not. + +Upstream-Status: Inactive-Upstream +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + unix/configure | 28 ++++++++++++++-------------- + 1 file changed, 14 insertions(+), 14 deletions(-) + +diff --git a/unix/configure b/unix/configure +index d4b0a8e..49579f3 100755 +--- a/unix/configure ++++ b/unix/configure +@@ -116,7 +116,7 @@ _EOF_ + # Special Mac OS X shared library "ld" option? + if test ` uname -s 2> /dev/null ` = 'Darwin'; then + lf='-Wl,-search_paths_first' +- $CC $CFLAGS $lf conftest.c > /dev/null 2>/dev/null ++ $CC $CFLAGS $LDFLAGS $lf conftest.c > /dev/null 2>/dev/null + if test $? -eq 0; then + BZLF=${lf} + fi +@@ -276,7 +276,7 @@ int main() + } + _EOF_ + # compile it +-$CC -o conftest conftest.c >/dev/null 2>/dev/null ++$CC $CFLAGS $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null + if [ $? -ne 0 ]; then + echo -- no Large File Support + else +@@ -322,7 +322,7 @@ int main() + } + _EOF_ + # compile it +-$CC -o conftest conftest.c >/dev/null 2>/dev/null ++$CC $CFLAGS $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null + if [ $? -ne 0 ]; then + echo "-- no Unicode (wchar_t) support" + else +@@ -383,7 +383,7 @@ for func in fchmod fchown lchown nl_langinfo + do + echo Check for $func + echo "int main(){ $func(); return 0; }" > conftest.c +- $CC $BFLAG -o conftest conftest.c >/dev/null 2>/dev/null ++ $CC $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null + [ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DNO_`echo $func | tr '[a-z]' '[A-Z]'`" + done + +@@ -395,14 +395,14 @@ temp_link="link_$$" + echo "int main() { lchmod(\"${temp_file}\", 0666); }" \ + ) > conftest.c + ln -s "${temp_link}" "${temp_file}" && \ +- $CC $BFLAG -o conftest conftest.c >/dev/null 2>/dev/null && \ ++ $CC $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null && \ + ./conftest + [ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DNO_LCHMOD" + rm -f "${temp_file}" + + echo Check for memset + echo "int main(){ char k; memset(&k,0,0); return 0; }" > conftest.c +-$CC -o conftest conftest.c >/dev/null 2>/dev/null ++$CC $CFLAGS $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null + [ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DZMEM" + + echo Check for errno declaration +@@ -422,12 +422,12 @@ cat > conftest.c << _EOF_ + int main() { return closedir(opendir(".")); } + _EOF_ + +-$CC -o conftest conftest.c >/dev/null 2>/dev/null ++$CC $CFLAGS $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null + if [ $? -ne 0 ]; then + OPT="" + for lib in ndir dir ucb bsd BSD PW x dirent + do +- $CC -o conftest conftest.c -l$lib >/dev/null 2>/dev/null ++ $CC $CLFAGS $LDFLAGS -o conftest conftest.c -l$lib >/dev/null 2>/dev/null + [ $? -eq 0 ] && OPT=-l$lib && break + done + if [ ${OPT} ]; then +@@ -440,9 +440,9 @@ fi + # Dynix/ptx 1.3 needed this + echo Check for readlink + echo "int main(){ return readlink(); }" > conftest.c +-$CC -o conftest conftest.c >/dev/null 2>/dev/null ++$CC $CFLAGS $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null + if [ $? -ne 0 ]; then +- $CC -o conftest conftest.c -lseq >/dev/null 2>/dev/null ++ $CC $CFLAGS $LDFLAGS -o conftest conftest.c -lseq >/dev/null 2>/dev/null + [ $? -eq 0 ] && LFLAGS2="${LFLAGS2} -lseq" + fi + +@@ -501,7 +501,7 @@ int main() + } + _EOF_ + # compile it +-$CC ${CFLAGS} ${CFLAGSR} -o conftest conftest.c >/dev/null 2>/dev/null ++$CC ${CFLAGS} ${CFLAGSR} $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null + if [ $? -ne 0 ]; then + echo "-- no MBCS support" + CFLAGSR="${CFLAGSR} -DNO_MBCS" +@@ -515,7 +515,7 @@ else + do + echo Check for MBCS $func + echo "int main() { $func(); return 0; }" > conftest.c +- $CC $BFLAG -o conftest conftest.c >/dev/null 2>/dev/null ++ $CC $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null + [ $? -eq 0 ] && CFLAGSR="${CFLAGSR} -D`echo $func | tr '[a-z]' '[A-Z]'`=$func" + done + fi +@@ -557,7 +557,7 @@ elif [ -f /xenix ]; then + elif uname -X >/dev/null 2>/dev/null; then + # SCO shared library check + echo "int main() { return 0;}" > conftest.c +- $CC -o conftest conftest.c -lc_s -nointl >/dev/null 2> /dev/null ++ $CC $CFLAGS $LDFLAGS -o conftest conftest.c -lc_s -nointl >/dev/null 2> /dev/null + [ $? -eq 0 ] && LFLAGS2="-lc_s -nointl" + else + SYSTEM=`uname -s 2>/dev/null` || SYSTEM="unknown" +@@ -565,7 +565,7 @@ else + case $SYSTEM in + OSF1|ULTRIX) + echo Check for -Olimit option +- $CC ${CFLAGS} -Olimit 1000 -o conftest conftest.c >/dev/null 2>/dev/null ++ $CC ${CFLAGS} ${LDFLAGS} -Olimit 1000 -o conftest conftest.c >/dev/null 2>/dev/null + [ $? -eq 0 ] && CFLAGSR="${CFLAGSR} -Olimit 1000" + ;; + ### HP-UX) +-- +2.35.1 + diff --git a/meta/recipes-extended/unzip/unzip/0001-unix-configure-fix-detection-for-cross-compilation.patch b/meta/recipes-extended/unzip/unzip/0001-unix-configure-fix-detection-for-cross-compilation.patch new file mode 100644 index 0000000000..2fa7f481b7 --- /dev/null +++ b/meta/recipes-extended/unzip/unzip/0001-unix-configure-fix-detection-for-cross-compilation.patch @@ -0,0 +1,103 @@ +From 5cbf901b5c3b6a7d1d0ed91b6df4194bb6d25a40 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Thu, 15 Jun 2023 07:14:17 -0700 +Subject: [PATCH] unix/configure: fix detection for cross compilation + +We're doing cross compilation, running a cross-compiled problem +on host to detemine feature is not correct. So we change runtime +check into compile-time check to detect the features. + +Upstream-Status: Inactive-Upstream + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + unix/configure | 44 +++++++++++++++----------------------------- + 1 file changed, 15 insertions(+), 29 deletions(-) + +diff --git a/unix/configure b/unix/configure +index 8fd82dd..68dee98 100755 +--- a/unix/configure ++++ b/unix/configure +@@ -259,6 +259,10 @@ cat > conftest.c << _EOF_ + #include <sys/stat.h> + #include <unistd.h> + #include <stdio.h> ++ ++_Static_assert(sizeof(off_t) < 8, "sizeof off_t < 8 failed"); ++_Static_assert(sizeof((struct stat){0}.st_size) < 8, "sizeof st_size < 8 failed"); ++ + int main() + { + off_t offset; +@@ -278,21 +282,10 @@ _EOF_ + # compile it + $CC $CFLAGS $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null + if [ $? -ne 0 ]; then +- echo -- no Large File Support ++ echo -- yes we have Large File Support! ++ CFLAGSR="${CFLAGSR} -DLARGE_FILE_SUPPORT" + else +-# run it +- ./conftest +- r=$? +- if [ $r -eq 1 ]; then +- echo -- no Large File Support - no 64-bit off_t +- elif [ $r -eq 2 ]; then +- echo -- no Large File Support - no 64-bit stat +- elif [ $r -eq 3 ]; then +- echo -- yes we have Large File Support! +- CFLAGSR="${CFLAGSR} -DLARGE_FILE_SUPPORT" +- else +- echo -- no Large File Support - conftest returned $r +- fi ++ echo -- no Large File Support + fi + + # Added 11/24/2005 EG +@@ -302,6 +295,11 @@ cat > conftest.c << _EOF_ + #include <stdlib.h> + #include <stdio.h> + #include <wchar.h> ++ ++#ifndef __STDC_ISO_10646__ ++#error "__STDC_ISO_10646__ not defined ++#endif ++ + int main() + { + size_t wsize; +@@ -327,19 +325,8 @@ if [ $? -ne 0 ]; then + echo "-- no Unicode (wchar_t) support" + else + # have wide char support +-# run it +- ./conftest +- r=$? +- if [ $r -eq 0 ]; then +- echo -- no Unicode wchar_t support - wchar_t allocation error +- elif [ $r -eq 1 ]; then +- echo -- no Unicode support - wchar_t encoding unspecified +- elif [ $r -eq 2 ]; then +- echo -- have wchar_t with known UCS encoding - enabling Unicode support! +- CFLAGSR="${CFLAGSR} -DUNICODE_SUPPORT -DUNICODE_WCHAR" +- else +- echo "-- no Unicode (wchar_t) support - conftest returned $r" +- fi ++ echo -- have wchar_t with known UCS encoding - enabling Unicode support! ++ CFLAGSR="${CFLAGSR} -DUNICODE_SUPPORT -DUNICODE_WCHAR" + fi + + echo "Check for setlocale support (needed for UNICODE Native check)" +@@ -418,8 +405,7 @@ temp_link="link_$$" + echo "int main() { lchmod(\"${temp_file}\", 0666); }" \ + ) > conftest.c + ln -s "${temp_link}" "${temp_file}" && \ +- $CC $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null 2>/dev/null && \ +- ./conftest ++ $CC -Werror=implicit-function-declaration $BFLAG $LDFLAGS -o conftest conftest.c >/dev/null + [ $? -ne 0 ] && CFLAGSR="${CFLAGSR} -DNO_LCHMOD" + rm -f "${temp_file}" + +-- +2.34.1 + diff --git a/meta/recipes-extended/unzip/unzip/CVE-2021-4217.patch b/meta/recipes-extended/unzip/unzip/CVE-2021-4217.patch new file mode 100644 index 0000000000..c0103444fc --- /dev/null +++ b/meta/recipes-extended/unzip/unzip/CVE-2021-4217.patch @@ -0,0 +1,67 @@ +From 731d698377dbd1f5b1b90efeb8094602ed59fc40 Mon Sep 17 00:00:00 2001 +From: Nils Bars <nils.bars@t-online.de> +Date: Mon, 17 Jan 2022 16:53:16 +0000 +Subject: [PATCH] Fix null pointer dereference and use of uninitialized data + +This fixes a bug that causes use of uninitialized heap data if `readbuf` fails +to read as many bytes as indicated by the extra field length attribute. +Furthermore, this fixes a null pointer dereference if an archive contains an +`EF_UNIPATH` extra field but does not have a filename set. +--- + fileio.c | 5 ++++- + process.c | 6 +++++- + 2 files changed, 9 insertions(+), 2 deletions(-) +--- + +Patch from: +https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/1957077 +https://launchpadlibrarian.net/580782282/0001-Fix-null-pointer-dereference-and-use-of-uninitialized-data.patch +Regenerated to apply without offsets. + +CVE: CVE-2021-4217 + +Upstream-Status: Inactive-Upstream [infozip upstream inactive] + +Signed-off-by: Joe Slater <joe.slater@windriver.com> + + +diff --git a/fileio.c b/fileio.c +index 14460f3..1dc319e 100644 +--- a/fileio.c ++++ b/fileio.c +@@ -2301,8 +2301,11 @@ int do_string(__G__ length, option) /* return PK-type error code */ + seek_zipf(__G__ G.cur_zipfile_bufstart - G.extra_bytes + + (G.inptr-G.inbuf) + length); + } else { +- if (readbuf(__G__ (char *)G.extra_field, length) == 0) ++ unsigned bytes_read = readbuf(__G__ (char *)G.extra_field, length); ++ if (bytes_read == 0) + return PK_EOF; ++ if (bytes_read != length) ++ return PK_ERR; + /* Looks like here is where extra fields are read */ + if (getZip64Data(__G__ G.extra_field, length) != PK_COOL) + { +diff --git a/process.c b/process.c +index 5f8f6c6..de843a5 100644 +--- a/process.c ++++ b/process.c +@@ -2058,10 +2058,14 @@ int getUnicodeData(__G__ ef_buf, ef_len) + G.unipath_checksum = makelong(offset + ef_buf); + offset += 4; + ++ if (!G.filename_full) { ++ /* Check if we have a unicode extra section but no filename set */ ++ return PK_ERR; ++ } ++ + /* + * Compute 32-bit crc + */ +- + chksum = crc32(chksum, (uch *)(G.filename_full), + strlen(G.filename_full)); + +-- +2.32.0 + diff --git a/meta/recipes-extended/unzip/unzip/CVE-2022-0529.patch b/meta/recipes-extended/unzip/unzip/CVE-2022-0529.patch new file mode 100644 index 0000000000..1c1e120deb --- /dev/null +++ b/meta/recipes-extended/unzip/unzip/CVE-2022-0529.patch @@ -0,0 +1,39 @@ +https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010355 + +CVE: CVE-2022-0529 +Upstream-Status: Inactive-Upstream [need a new release] + +diff --git a/process.c b/process.c +index d2a846e..99b9c7b 100644 +--- a/process.c ++++ b/process.c +@@ -2507,13 +2507,15 @@ char *wide_to_local_string(wide_string, escape_all) + char buf[9]; + char *buffer = NULL; + char *local_string = NULL; ++ size_t buffer_size; + + for (wsize = 0; wide_string[wsize]; wsize++) ; + + if (max_bytes < MAX_ESCAPE_BYTES) + max_bytes = MAX_ESCAPE_BYTES; + +- if ((buffer = (char *)malloc(wsize * max_bytes + 1)) == NULL) { ++ buffer_size = wsize * max_bytes + 1; ++ if ((buffer = (char *)malloc(buffer_size)) == NULL) { + return NULL; + } + +@@ -2552,7 +2554,11 @@ char *wide_to_local_string(wide_string, escape_all) + /* no MB for this wide */ + /* use escape for wide character */ + char *escape_string = wide_to_escape_string(wide_string[i]); +- strcat(buffer, escape_string); ++ size_t buffer_len = strlen(buffer); ++ size_t escape_string_len = strlen(escape_string); ++ if (buffer_len + escape_string_len + 1 > buffer_size) ++ escape_string_len = buffer_size - buffer_len - 1; ++ strncat(buffer, escape_string, escape_string_len); + free(escape_string); + } + } diff --git a/meta/recipes-extended/unzip/unzip/CVE-2022-0530.patch b/meta/recipes-extended/unzip/unzip/CVE-2022-0530.patch new file mode 100644 index 0000000000..363dafddc9 --- /dev/null +++ b/meta/recipes-extended/unzip/unzip/CVE-2022-0530.patch @@ -0,0 +1,33 @@ +https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010355 + +CVE: CVE-2022-0530 +Upstream-Status: Inactive-Upstream [need a new release] + +diff --git a/fileio.c b/fileio.c +index 6290824..77e4b5f 100644 +--- a/fileio.c ++++ b/fileio.c +@@ -2361,6 +2361,9 @@ int do_string(__G__ length, option) /* return PK-type error code */ + /* convert UTF-8 to local character set */ + fn = utf8_to_local_string(G.unipath_filename, + G.unicode_escape_all); ++ if (fn == NULL) ++ return PK_ERR; ++ + /* make sure filename is short enough */ + if (strlen(fn) >= FILNAMSIZ) { + fn[FILNAMSIZ - 1] = '\0'; +diff --git a/process.c b/process.c +index d2a846e..715bc0f 100644 +--- a/process.c ++++ b/process.c +@@ -2605,6 +2605,8 @@ char *utf8_to_local_string(utf8_string, escape_all) + int escape_all; + { + zwchar *wide = utf8_to_wide_string(utf8_string); ++ if (wide == NULL) ++ return NULL; + char *loc = wide_to_local_string(wide, escape_all); + free(wide); + return loc; + diff --git a/meta/recipes-extended/unzip/unzip/avoid-strip.patch b/meta/recipes-extended/unzip/unzip/avoid-strip.patch index e0c89d81b7..70bedc8381 100644 --- a/meta/recipes-extended/unzip/unzip/avoid-strip.patch +++ b/meta/recipes-extended/unzip/unzip/avoid-strip.patch @@ -1,4 +1,4 @@ -Upstream-Status: Inappropriate [need a new release] +Upstream-Status: Inactive-Upstream [need a new release] unix/Makefile: remove hard coded strip commands diff --git a/meta/recipes-extended/unzip/unzip/define-ldflags.patch b/meta/recipes-extended/unzip/unzip/define-ldflags.patch index dc554c32cb..dd01c01400 100644 --- a/meta/recipes-extended/unzip/unzip/define-ldflags.patch +++ b/meta/recipes-extended/unzip/unzip/define-ldflags.patch @@ -1,6 +1,6 @@ Pass LDFLAGS to the linker -Upstream-Status: Inappropriate [need a new release] +Upstream-Status: Inactive-Upstream [need a new release] Signed-off-by: Mikhail Durnev <Mikhail_Durnev@mentor.com> diff --git a/meta/recipes-extended/unzip/unzip/fix-security-format.patch b/meta/recipes-extended/unzip/unzip/fix-security-format.patch index ba6ead3b5e..2889c652d4 100644 --- a/meta/recipes-extended/unzip/unzip/fix-security-format.patch +++ b/meta/recipes-extended/unzip/unzip/fix-security-format.patch @@ -5,7 +5,7 @@ Fix security formatting issues related to sprintf parameters expeted. [YOCTO #9551] [https://bugzilla.yoctoproject.org/show_bug.cgi?id=9551] -Upstream-Status: Inappropriate [need a new release] +Upstream-Status: Inactive-Upstream [need a new release] Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com> diff --git a/meta/recipes-extended/unzip/unzip/symlink.patch b/meta/recipes-extended/unzip/unzip/symlink.patch index c1d82ac187..26f1c8ba86 100644 --- a/meta/recipes-extended/unzip/unzip/symlink.patch +++ b/meta/recipes-extended/unzip/unzip/symlink.patch @@ -6,7 +6,7 @@ a symlink entry." This patch is taken from Fedora (https://bugzilla.redhat.com/show_bug.cgi?id=972427) -Upstream-Status: Inappropriate [need a new release] +Upstream-Status: Inactive-Upstream [need a new release] Signed-off-by: Ross Burton <ross.burton@intel.com> --- unzip60/process.c.sav 2013-06-09 12:08:57.070392264 +0200 diff --git a/meta/recipes-extended/unzip/unzip_6.0.bb b/meta/recipes-extended/unzip/unzip_6.0.bb index 0bc6abcd4b..27076d5d9b 100644 --- a/meta/recipes-extended/unzip/unzip_6.0.bb +++ b/meta/recipes-extended/unzip/unzip_6.0.bb @@ -5,7 +5,6 @@ SECTION = "console/utils" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=94caec5a51ef55ef711ee4e8b1c69e29" PE = "1" -PR = "r5" SRC_URI = "${SOURCEFORGE_MIRROR}/infozip/UnZip%206.x%20%28latest%29/UnZip%206.0/unzip60.tar.gz \ file://avoid-strip.patch \ @@ -27,14 +26,19 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/infozip/UnZip%206.x%20%28latest%29/UnZip%206.0/ file://CVE-2019-13232_p2.patch \ file://CVE-2019-13232_p3.patch \ file://unzip_optimization.patch \ + file://0001-configure-Pass-LDFLAGS-to-tests-doing-link-step.patch \ + file://CVE-2021-4217.patch \ + file://CVE-2022-0529.patch \ + file://CVE-2022-0530.patch \ + file://0001-configure-Add-correct-system-headers-and-prototypes-.patch \ + file://0001-unix-configure-fix-detection-for-cross-compilation.patch \ " UPSTREAM_VERSION_UNKNOWN = "1" SRC_URI[md5sum] = "62b490407489521db863b523a7f86375" SRC_URI[sha256sum] = "036d96991646d0449ed0aa952e4fbe21b476ce994abc276e49d30e686708bd37" -# Patch from https://bugzilla.redhat.com/attachment.cgi?id=293893&action=diff applied to 6.0 source -CVE_CHECK_WHITELIST += "CVE-2008-0888" +CVE_STATUS[CVE-2008-0888] = "fixed-version: Patch from https://bugzilla.redhat.com/attachment.cgi?id=293893&action=diff applied to 6.0 source" # exclude version 5.5.2 which triggers a false positive UPSTREAM_CHECK_REGEX = "unzip(?P<pver>(?!552).+)\.tgz" |