Some readline-6.3 upstream patches was missing. Also ensure that the
upstream patches are applied in the same way as in readline-5.2.
Remove 'readline-dispatch-multikey.patch' and
'readline-cve-2014-2524.patch' since they are already included in
upstream patches 'readline63-002' and 'readline63-003'.
[YOCTO #8451]
(From OE-Core rev: 7b1fde3f65b674f5973800731c0c284f7d415248)
Signed-off-by: Petter Mabäcker <petter@technux.se>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upstream patches are always preferred to be applied first (before
integration patches). In order to apply readline-6.3 specific upstream
patches in a preferred order we need to apply the integration-patches
at the end in the 6.3 specific recipe (this is already the case
for readline-5.2).
Also take the oppertunity to move 'norpath.patch' to readline-6.3 dir
since this patch is not shared between the 5.2 and 6.3 recipe.
[YOCTO #8451]
(From OE-Core rev: d454d1c06247b658c6b7d12de610eb6ac72cd7d4)
Signed-off-by: Petter Mabäcker <petter@technux.se>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
To help automated scanning of CVEs, put the CVE ID in the filename.
(From OE-Core rev: 211bce4f23230c7898cccdb73b582420f830f977)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This file wasn't named as a patch, nor told to apply explicity, so it was just
unpacked to the work directory and not applied. Rename the file so the patch is
applied correctly.
(thanks to Petter Mabäcker <petter@technux.se> for spotting this)
(From OE-Core rev: 02be728762c77962f9c3034cd7995ad51afaee95)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The _rl_tropen function in util.c in GNU readline before 6.3 patch 3
allows local users to create or overwrite arbitrary files via a symlink
attack on a /var/tmp/rltrace.[PID] file.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2524
(From OE-Core rev: 0e95eef8817f51504dcc50d855dcbef172cfc897)
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
readline hand-maintains config.h.in so exclude autoheader and re-use a patch
from readline-6.3 to fix a typo in variable names.
See oe-core 8c37d32d6133c6ad2b9142e7a42775e7a979b570 against readline-6.3 for
further rationale.
(From OE-Core rev: 8281133c6dcb2f31666d76e282d02bafe65e15d7)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
readline maintains config.h.in by hand but several symbols are incorrect. Fix
these so that the test results are reflected in config.h.
(From OE-Core rev: bc0d0c71eca48be05490209261b88b1f92bcf847)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The configure-fix.patch is used to patch configure.in in 6.2 (or 5.2),
but configure.ac in 6.3
(From OE-Core rev: 11798d94419392dc5639a770792aaee0b7920035)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Petter Mabäcker
Ross Burton
Saul Wold
Kai Kang
Hongxu Jia