readline: apply missing upstream patches
Some readline-6.3 upstream patches was missing. Also ensure that the upstream patches are applied in the same way as in readline-5.2. Remove 'readline-dispatch-multikey.patch' and 'readline-cve-2014-2524.patch' since they are already included in upstream patches 'readline63-002' and 'readline63-003'. [YOCTO #8451] (From OE-Core rev: 7b1fde3f65b674f5973800731c0c284f7d415248) Signed-off-by: Petter Mabäcker <petter@technux.se> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
parent
99b9d52ce4
commit
7e3474c1cc
|
@ -1,43 +0,0 @@
|
|||
readline: Security Advisory - readline - CVE-2014-2524
|
||||
|
||||
Upstream-Status: Backport
|
||||
|
||||
Signed-off-by: Yue Tao <yue.tao@windriver.com>
|
||||
|
||||
READLINE PATCH REPORT
|
||||
=====================
|
||||
|
||||
Readline-Release: 6.3
|
||||
Patch-ID: readline63-003
|
||||
|
||||
Bug-Reported-by:
|
||||
Bug-Reference-ID:
|
||||
Bug-Reference-URL:
|
||||
|
||||
Bug-Description:
|
||||
|
||||
There are debugging functions in the readline release that are theoretically
|
||||
exploitable as security problems. They are not public functions, but have
|
||||
global linkage.
|
||||
|
||||
Patch (apply with `patch -p0'):
|
||||
|
||||
*** ../readline-6.3/util.c 2013-09-02 13:36:12.000000000 -0400
|
||||
--- util.c 2014-03-20 10:25:53.000000000 -0400
|
||||
***************
|
||||
*** 477,480 ****
|
||||
--- 479,483 ----
|
||||
}
|
||||
|
||||
+ #if defined (DEBUG)
|
||||
#if defined (USE_VARARGS)
|
||||
static FILE *_rl_tracefp;
|
||||
***************
|
||||
*** 539,542 ****
|
||||
--- 542,546 ----
|
||||
}
|
||||
#endif
|
||||
+ #endif /* DEBUG */
|
||||
|
||||
|
||||
|
|
@ -1,32 +0,0 @@
|
|||
From 8ef852a5be72c75e17f2510bea52455f809b56ce Mon Sep 17 00:00:00 2001
|
||||
From: Chet Ramey <chet.ramey@case.edu>
|
||||
Date: Fri, 28 Mar 2014 14:07:42 -0400
|
||||
Subject: [PATCH 04/10] Readline-6.3 patch 2
|
||||
|
||||
Fixes multi-key issue identified in this thread:
|
||||
http://lists.gnu.org/archive/html/bug-readline/2014-03/msg00010.html
|
||||
|
||||
Upstream-Status: Backport
|
||||
|
||||
Signed-off-by: Saul Wold <sgw@linux.intel.com>
|
||||
---
|
||||
readline.c | 3 ++-
|
||||
1 files changed, 2 insertions(+), 1 deletions(-)
|
||||
|
||||
diff --git a/readline.c b/readline.c
|
||||
index eb4eae3..abb29a0 100644
|
||||
--- a/readline.c
|
||||
+++ b/readline.c
|
||||
@@ -744,7 +744,8 @@ _rl_dispatch_callback (cxt)
|
||||
r = _rl_subseq_result (r, cxt->oldmap, cxt->okey, (cxt->flags & KSEQ_SUBSEQ));
|
||||
|
||||
RL_CHECK_SIGNALS ();
|
||||
- if (r == 0) /* success! */
|
||||
+ /* We only treat values < 0 specially to simulate recursion. */
|
||||
+ if (r >= 0 || (r == -1 && (cxt->flags & KSEQ_SUBSEQ) == 0)) /* success! or failure! */
|
||||
{
|
||||
_rl_keyseq_chain_dispose ();
|
||||
RL_UNSETSTATE (RL_STATE_MULTIKEY);
|
||||
--
|
||||
1.8.3.1
|
||||
|
|
@ -1,11 +1,34 @@
|
|||
require readline.inc
|
||||
|
||||
SRC_URI += "file://configure-fix.patch \
|
||||
SRC_URI += "${GNU_MIRROR}/readline/readline-6.3-patches/readline63-001;name=patch1;apply=yes;striplevel=0 \
|
||||
${GNU_MIRROR}/readline/readline-6.3-patches/readline63-002;name=patch2;apply=yes;striplevel=0 \
|
||||
${GNU_MIRROR}/readline/readline-6.3-patches/readline63-003;name=patch3;apply=yes;striplevel=0 \
|
||||
${GNU_MIRROR}/readline/readline-6.3-patches/readline63-004;name=patch4;apply=yes;striplevel=0 \
|
||||
${GNU_MIRROR}/readline/readline-6.3-patches/readline63-005;name=patch5;apply=yes;striplevel=0 \
|
||||
${GNU_MIRROR}/readline/readline-6.3-patches/readline63-006;name=patch6;apply=yes;striplevel=0 \
|
||||
${GNU_MIRROR}/readline/readline-6.3-patches/readline63-007;name=patch7;apply=yes;striplevel=0 \
|
||||
${GNU_MIRROR}/readline/readline-6.3-patches/readline63-008;name=patch8;apply=yes;striplevel=0 \
|
||||
file://configure-fix.patch \
|
||||
file://config-dirent-symbols.patch \
|
||||
file://norpath.patch \
|
||||
file://readline-cve-2014-2524.patch;striplevel=0 \
|
||||
file://readline-dispatch-multikey.patch"
|
||||
file://norpath.patch"
|
||||
|
||||
SRC_URI[archive.md5sum] = "33c8fb279e981274f485fd91da77e94a"
|
||||
SRC_URI[archive.sha256sum] = "56ba6071b9462f980c5a72ab0023893b65ba6debb4eeb475d7a563dc65cafd43"
|
||||
|
||||
SRC_URI[patch1.md5sum] = "4343f5ea9b0f42447f102fb61576b398"
|
||||
SRC_URI[patch1.sha256sum] = "1a79bbb6eaee750e0d6f7f3d059b30a45fc54e8e388a8e05e9c3ae598590146f"
|
||||
SRC_URI[patch2.md5sum] = "700295212f7e2978577feaee584afddb"
|
||||
SRC_URI[patch2.sha256sum] = "39e304c7a526888f9e112e733848215736fb7b9d540729b9e31f3347b7a1e0a5"
|
||||
SRC_URI[patch3.md5sum] = "af4963862f5156fbf9111c2c6fa86ed7"
|
||||
SRC_URI[patch3.sha256sum] = "ec41bdd8b00fd884e847708513df41d51b1243cecb680189e31b7173d01ca52f"
|
||||
SRC_URI[patch4.md5sum] = "11f9def89803a5052db3ba72394ce14f"
|
||||
SRC_URI[patch4.sha256sum] = "4547b906fb2570866c21887807de5dee19838a60a1afb66385b272155e4355cc"
|
||||
SRC_URI[patch5.md5sum] = "93721c31cd225393f80cb3aadb165544"
|
||||
SRC_URI[patch5.sha256sum] = "877788f9228d1a9907a4bcfe3d6dd0439c08d728949458b41208d9bf9060274b"
|
||||
SRC_URI[patch6.md5sum] = "71dc6ecce66d1489b96595f55d142a52"
|
||||
SRC_URI[patch6.sha256sum] = "5c237ab3c6c97c23cf52b2a118adc265b7fb411b57c93a5f7c221d50fafbe556"
|
||||
SRC_URI[patch7.md5sum] = "062a08ed60679d3c4878710b3d595b65"
|
||||
SRC_URI[patch7.sha256sum] = "4d79b5a2adec3c2e8114cbd3d63c1771f7c6cf64035368624903d257014f5bea"
|
||||
SRC_URI[patch8.md5sum] = "ee1c04072154826870848d8b218d7b04"
|
||||
SRC_URI[patch8.sha256sum] = "3bc093cf526ceac23eb80256b0ec87fa1735540d659742107b6284d635c43787"
|
||||
|
||||
|
|
Loading…
Reference in New Issue