openembedded-core.git/meta/recipes-devtools/squashfs-tools, branch 2015-4 Mirror of openembedded-core squashfs-tools_4.3: modify SPDX_S variable 2014-09-29T16:49:12+00:00 leimaohui leimaohui@cn.fujitsu.com 2014-09-23T09:48:16+00:00 1d79bea9dadd7e78fd558046497cb48b7d9b46e9 Modify SPDX_S to the source tree of squashfs instead of ${S}. Signed-off-by: leimaohui <leimaohui@cn.fujitsu.com> 
Modify SPDX_S to the source tree of squashfs instead of ${S}.

Signed-off-by: leimaohui <leimaohui@cn.fujitsu.com>
squashfs-tools: Add support for LZO and LZ4 compression 2014-08-15T17:19:54+00:00 Mike Looijmans mike.looijmans@topic.nl 2014-08-12T07:54:58+00:00 6c95440ed5c181754bb7c04da678081498840683 For systems that want to optimize for speed rather than size, LZO is usually a better choice than gzip or XZ. Kernel support for LZO has been available since 2.6.29. LZ4 support isn't in the mainline kernel yet, but we might as well add it now for those who want to experiment with it. Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
For systems that want to optimize for speed rather than size, LZO is
usually a better choice than gzip or XZ. Kernel support for LZO has
been available since 2.6.29.

LZ4 support isn't in the mainline kernel yet, but we might as well add
it now for those who want to experiment with it.

Signed-off-by: Mike Looijmans <mike.looijmans@topic.nl>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
squashfs-tools: Add nativesdk in BBCLASSEXTEND 2014-07-23T20:47:36+00:00 Richard Tollerton rich.tollerton@ni.com 2014-07-22T22:26:15+00:00 f4d288881d7b1b2390a0f1234724fdd5d7a84b57 Necessary for including it in meta-toolchain. Signed-off-by: Richard Tollerton <rich.tollerton@ni.com> Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Necessary for including it in meta-toolchain.

Signed-off-by: Richard Tollerton <rich.tollerton@ni.com>
Signed-off-by: Ben Shelton <ben.shelton@ni.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
squashfs-tools: Upgrade to 4.3 2014-07-17T11:28:08+00:00 Saul Wold sgw@linux.intel.com 2014-07-15T20:24:45+00:00 518d6b32aa9d84e572ccd6d04368f4c5bdb222ec Remove patches that are now implemented upstream COPYING file has formating change no change to licence itself Signed-off-by: Saul Wold <sgw@linux.intel.com> 
Remove patches that are now implemented upstream
COPYING file has formating change no change to licence itself

Signed-off-by: Saul Wold <sgw@linux.intel.com>
squashfs-tools: set SUMMARY instead of DESCRIPTION 2013-12-03T17:08:46+00:00 Paul Eggleton paul.eggleton@linux.intel.com 2013-11-25T18:22:23+00:00 a8e7efe23a5962610fb5818a9a802e737fca918f Also tidy up value a little bit. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Also tidy up value a little bit.

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
squashfs-tools: drop FILESPATHPKG 2013-12-03T17:08:33+00:00 Paul Eggleton paul.eggleton@linux.intel.com 2013-05-24T14:34:52+00:00 694d95c94d03fb1e63d6c52840a5149c3b166c2a Drop FILESPATHPKG setting since it seems to be superfluous. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Drop FILESPATHPKG setting since it seems to be superfluous.

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
squashfs-tools: remove FILESEXTRAPATH and move patches directory 2013-11-20T14:02:54+00:00 Saul Wold sgw@linux.intel.com 2013-11-14T17:43:53+00:00 60375dd8d0a849a7a23badb0f195a662c93a4922 Signed-off-by: Saul Wold <sgw@linux.intel.com> 
Signed-off-by: Saul Wold <sgw@linux.intel.com>
squashfs: fix CVE-2012-4025 2012-12-14T23:17:20+00:00 yanjun.zhu yanjun.zhu@windriver.com 2012-12-11T10:00:32+00:00 bb1611d4830bb7aff2371afdb2a77a4ca7298c7d CQID:WIND00366813 Reference: http://squashfs.git.sourceforge.net/git/gitweb.cgi? p=squashfs/squashfs;a=patch;h=8515b3d420f502c5c0236b86e2d6d7e3b23c190e Integer overflow in the queue_init function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted block_log field in the superblock of a .sqsh file, leading to a heap-based buffer overflow. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4025 Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> [YOCTO #3564] Signed-off-by: Saul Wold <sgw@linux.intel.com> 
CQID:WIND00366813

Reference: http://squashfs.git.sourceforge.net/git/gitweb.cgi?
p=squashfs/squashfs;a=patch;h=8515b3d420f502c5c0236b86e2d6d7e3b23c190e

Integer overflow in the queue_init function in unsquashfs.c in
unsquashfs in Squashfs 4.2 and earlier allows remote attackers
to execute arbitrary code via a crafted block_log field in the
superblock of a .sqsh file, leading to a heap-based buffer overflow.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4025

Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com>

[YOCTO #3564]
Signed-off-by: Saul Wold <sgw@linux.intel.com>
squashfs: fix for CVE-2012-4024 2012-12-03T15:20:34+00:00 yanjun.zhu yanjun.zhu@windriver.com 2012-11-30T11:41:23+00:00 972ea6c674e10cf23bedbbc581b78baa3f7c7b9b Reference:http://squashfs.git.sourceforge.net/git/gitweb.cgi?p= squashfs/squashfs;a=commit;h=19c38fba0be1ce949ab44310d7f49887576cc123 Fix potential stack overflow in get_component() where an individual pathname component in an extract file (specified on the command line or in an extract file) could exceed the 1024 byte sized targname allocated on the stack. Fix by dynamically allocating targname rather than storing it as a fixed size on the stack. [YOCTO #3513] Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Reference:http://squashfs.git.sourceforge.net/git/gitweb.cgi?p=
squashfs/squashfs;a=commit;h=19c38fba0be1ce949ab44310d7f49887576cc123

Fix potential stack overflow in get_component() where an individual
pathname component in an extract file (specified on the command line
or in an extract file) could exceed the 1024 byte sized targname
allocated on the stack.

Fix by dynamically allocating targname rather than storing it as
a fixed size on the stack.

[YOCTO #3513]

Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
OECore license fixes: meta/* 2011-12-08T15:23:49+00:00 Elizabeth Flanagan elizabeth.flanagan@intel.com 2011-12-03T23:48:29+00:00 3083dd70b3a9fa01fcc3cf00373b05502505996e This is a quick audit of only the most obviously wrong licenses found within OECore. These fixes fall into four areas: - LICENSE field had incorrect format so that the parser choked - LICENSE field has a license with no version - LICENSE field was actually incorrect - LICENSE field has an imaginary license that didn't exist This fixes most of the LICENSE warnings thrown, along with my prior commit adding additional licenses to common-licenses and additional SPDXLICENSEMAP entries. HOWEVER..... there is much to be done on the license front. For a list of recipes with licenses that need obvious fixing see: https://wiki.yoctoproject.org/wiki/License_Audit That said, I would suggest another license audit as I've found enough inconsistencies. A good suggestion is when in doubt, look at how openSuse or Gentoo or Debian license the package. Signed-off-by: Elizabeth Flanagan <elizabeth.flanagan@intel.com> 
This is a quick audit of only the most obviously wrong licenses
found within OECore. These fixes fall into four areas:

- LICENSE field had incorrect format so that the parser choked
- LICENSE field has a license with no version
- LICENSE field was actually incorrect
- LICENSE field has an imaginary license that didn't exist

This fixes most of the LICENSE warnings thrown, along with my prior
commit adding additional licenses to common-licenses and additional
SPDXLICENSEMAP entries.

HOWEVER..... there is much to be done on the license front.
For a list of recipes with licenses that need obvious fixing see:

https://wiki.yoctoproject.org/wiki/License_Audit

That said, I would suggest another license audit as I've found
enough inconsistencies. A good suggestion is when in doubt, look at
how openSuse or Gentoo or Debian license the package.

Signed-off-by: Elizabeth Flanagan <elizabeth.flanagan@intel.com>