openembedded-core.git/meta/recipes-core/libxml/libxml2.inc, branch 2015-4 Mirror of openembedded-core libxml2: upgrade to 2.9.2 2014-12-24T17:48:57+00:00 Hongxu Jia hongxu.jia@windriver.com 2014-12-23T05:09:54+00:00 06f555fa5a36dbf63b26c3734dbbd0b5af16dc33 - Rebase python-sitepackages-dir.patch to 2.9.2 - Drop libxml2-CVE-2014-3660.patch which has been merged to 2.9.2. - Add configure.ac-fix-cross-compiling-warning.patch to fix cross compilation failure. - Tweak do_configure_prepend, use configure.ac to instead of configure.in - Add cmake files to ${PN}-dev Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
- Rebase python-sitepackages-dir.patch to 2.9.2

- Drop libxml2-CVE-2014-3660.patch which has been merged to 2.9.2.

- Add configure.ac-fix-cross-compiling-warning.patch to fix cross
  compilation failure.

- Tweak do_configure_prepend, use configure.ac to instead of configure.in

- Add cmake files to ${PN}-dev

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libxml2: fix CVE-2014-3660 2014-10-24T16:31:58+00:00 Joe MacDonald joe_macdonald@mentor.com 2014-10-20T17:51:21+00:00 643597a5c432b2e02033d0cefa3ba4da980d078f It was discovered that the patch for CVE-2014-0191 for libxml2 is incomplete. It is still possible to have libxml2 incorrectly perform entity substituton even when the application using libxml2 explicitly disables the feature. This can allow a remote denial-of-service attack on systems with libxml2 prior to 2.9.2. References: http://www.openwall.com/lists/oss-security/2014/10/17/7 https://www.ncsc.nl/actueel/nieuwsberichten/kwetsbaarheid-ontdekt-in-libxml2.html Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
It was discovered that the patch for CVE-2014-0191 for libxml2 is
incomplete.  It is still possible to have libxml2 incorrectly perform
entity substituton even when the application using libxml2 explicitly
disables the feature.  This can allow a remote denial-of-service attack on
systems with libxml2 prior to 2.9.2.

References:
    http://www.openwall.com/lists/oss-security/2014/10/17/7
    https://www.ncsc.nl/actueel/nieuwsberichten/kwetsbaarheid-ontdekt-in-libxml2.html

Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
recipes: Remove references to eglibc 2014-09-01T17:00:31+00:00 Khem Raj raj.khem@gmail.com 2014-08-28T06:13:57+00:00 fd15d6e0c8da75951a91d4467eda23c229b1026d change use of eglibc related variabled to glibc equivalents Signed-off-by: Khem Raj <raj.khem@gmail.com> 
change use of eglibc related variabled to glibc equivalents

Signed-off-by: Khem Raj <raj.khem@gmail.com>
meta: fix RDEPNEDS for the test related pkgs 2014-08-28T14:11:11+00:00 Robert Yang liezhi.yang@windriver.com 2014-08-27T15:57:08+00:00 d081a85fc76e2b7a469c6c70175ecf7aed9de053 Add bash, python or perl to the ptest pkgs to fix the RDEPENDS issues. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Add bash, python or perl to the ptest pkgs to fix the RDEPENDS issues.

Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libxml2: Explicitly enable zlib support 2014-08-25T09:23:27+00:00 Otavio Salvador otavio@ossystems.com.br 2014-08-24T19:39:15+00:00 7d056397ab9912316064db850aae05aacabc726c The zlib support is a must if you are using RPM backend. So this explicitly enable it and adds a comment in the recipe to avoid its removal by mistake. Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
The zlib support is a must if you are using RPM backend. So this
explicitly enable it and adds a comment in the recipe to avoid its
removal by mistake.

Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libxml2: port AM_PATH_XML2 to use pkg-config 2014-08-15T17:19:56+00:00 Ross Burton ross.burton@intel.com 2014-08-15T12:11:46+00:00 3ea77e69a839572a948ff6f1e51d3ca789ad8eed Upstream AM_PATH_XML2 uses xml2-config which we disable, so port this macro to use pkg-config. Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Upstream AM_PATH_XML2 uses xml2-config which we disable, so port this macro to
use pkg-config.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libxml2: enable catalog support 2014-07-16T09:18:18+00:00 Hongxu Jia hongxu.jia@windriver.com 2014-07-09T10:16:54+00:00 1ea74a265b3c8f36e07c3cf2c26d8e60518da5a7 It let the environment variable XML_CATALOG_FILES could work which was required by xmlto. [YOCTO #2416] Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
It let the environment variable XML_CATALOG_FILES could work
which was required by xmlto.

[YOCTO #2416]

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
binconfig-disabled: Add class and use 2014-06-16T14:30:49+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2014-05-22T09:59:33+00:00 5870bd272b0b077d0826fb900b251884c1c05061 This adds a binconfig-disabled class which can be used by recipes where a -config file is installed but we wish to disable it and just rely on the .pc files instead. Rather than simply deleting it, we make the script "exit 1" so that it can be found in PATH and raise a build error rather than something silently falling back to the build system for example. Rather than randomly finding -config files, this adds in the specification of a list of binconfig scripts which is more deterministic and maintainable moving forward. This patch converts various users in OE-Core to use this, a world build of OE-Core tests out ok with this change. There will likely be issues in other layers however, hence this being a RFT. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
This adds a binconfig-disabled class which can be used by recipes where
a -config file is installed but we wish to disable it and just rely on
the .pc files instead.

Rather than simply deleting it, we make the script "exit 1" so that it
can be found in PATH and raise a build error rather than something
silently falling back to the build system for example.

Rather than randomly finding -config files, this adds in the
specification of a list of binconfig scripts which is more deterministic
and maintainable moving forward.

This patch converts various users in OE-Core to use this, a world build
of OE-Core tests out ok with this change. There will likely be issues in
other layers however, hence this being a RFT.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libxml2: fix python packaging for nativesdk 2014-06-06T08:25:24+00:00 Paul Eggleton paul.eggleton@linux.intel.com 2014-06-05T09:46:17+00:00 e3d06aa104065748367e1479138f824da5d9951f We enable the python module in nativesdk-libxml2, but the python binary used is in the native sysroot and thus you get the module installed in the wrong path. Even with that fixed the python files are still unpackaged, so create an ${PN}-python package and add them to it. (This does not affect the libxml target build at all since python is disabled for that.) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
We enable the python module in nativesdk-libxml2, but the python binary
used is in the native sysroot and thus you get the module installed in
the wrong path. Even with that fixed the python files are still
unpackaged, so create an ${PN}-python package and add them to it. (This
does not affect the libxml target build at all since python is disabled
for that.)

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libxml2: fix CVE-2014-0191 2014-05-08T12:00:23+00:00 Maxin B. John maxin.john@enea.com 2014-05-07T12:24:15+00:00 674bd59d5e357a4aba18c472ac21712a660a84af It was discovered that libxml2, a library providing support to read, modify and write XML files, incorrectly performs entity substituton in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote attacker could provide a specially-crafted XML file that, when processed, would lead to the exhaustion of CPU and memory resources or file descriptors. Reference: https://access.redhat.com/security/cve/CVE-2014-0191 Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> 
It was discovered that libxml2, a library providing support to read,
modify and write XML files, incorrectly performs entity substituton in
the doctype prolog, even if the application using libxml2 disabled any
entity substitution. A remote attacker could provide a
specially-crafted XML file that, when processed, would lead to the
exhaustion of CPU and memory resources or file descriptors.

Reference: https://access.redhat.com/security/cve/CVE-2014-0191

Signed-off-by: Maxin B. John <maxin.john@enea.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>