createrepo: For compatibility w/ RPM 5.4.9 remove RPMVSF_NOSIGNATURES flag
The RPMVSF_NOSIGNATURES flag was removed from RPM5 - 5.4.9 as a result of additional -requires- package validation to help protect from malicious packages. The createrepo "dump" script has been updated to no longer use this flag. This remains compatible with prior versions of RPM. (From OE-Core rev: 24786ccbbdd1188aad4d8508e1757d38798b6f81) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
parent
43dd3512aa
commit
f182f53cc3
|
@ -0,0 +1,19 @@
|
|||
dumpMetadata.py: Fix for RPM5 - 5.4.9 integration
|
||||
|
||||
RPM5 no longer has a switch to disable signature validation. (Due to security
|
||||
validation concerns.)
|
||||
|
||||
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
||||
|
||||
diff -u createrepo-0.4.11.orig/dumpMetadata.py createrepo-0.4.11/dumpMetadata.py
|
||||
--- createrepo-0.4.11.orig/dumpMetadata.py 2012-06-05 10:12:55.687964222 -0500
|
||||
+++ createrepo-0.4.11/dumpMetadata.py 2012-06-05 10:40:08.154060600 -0500
|
||||
@@ -92,7 +92,7 @@
|
||||
fdno = package # let's assume this is an fdno and go with it :)
|
||||
except OSError:
|
||||
raise MDError, "Error opening file"
|
||||
- ts.setVSFlags((rpm._RPMVSF_NOSIGNATURES|rpm.RPMVSF_NOMD5|rpm.RPMVSF_NEEDPAYLOAD))
|
||||
+ ts.setVSFlags((rpm.RPMVSF_NOMD5|rpm.RPMVSF_NEEDPAYLOAD))
|
||||
try:
|
||||
hdr = ts.hdrFromFdno(fdno)
|
||||
except rpm.error:
|
|
@ -4,11 +4,12 @@ HOMEPAGE = "http://createrepo.baseurl.org/"
|
|||
LICENSE = "GPLv2+"
|
||||
LIC_FILES_CHKSUM = "file://COPYING;md5=18810669f13b87348459e611d31ab760"
|
||||
|
||||
PR = "r2"
|
||||
PR = "r3"
|
||||
|
||||
SRC_URI= "http://createrepo.baseurl.org/download/${BP}.tar.gz \
|
||||
file://fix-native-install.patch \
|
||||
file://python-scripts-should-use-interpreter-from-env.patch \
|
||||
file://createrepo-rpm549.patch \
|
||||
"
|
||||
|
||||
SRC_URI[md5sum] = "3e9ccf4abcffe3f49af078c83611eda2"
|
||||
|
|
Loading…
Reference in New Issue