From 2e89010cb4a19d525bc43589d487827dd4bc401d Mon Sep 17 00:00:00 2001 From: Saul Wold Date: Mon, 20 May 2013 14:24:35 -0700 Subject: gnupg: Update to 2.0.20 Removed obsolete patch Signed-off-by: Saul Wold --- .../gnupg/gnupg-2.0.19/GnuPG2-CVE-2012-6085.patch | 63 ---------------------- meta/recipes-support/gnupg/gnupg_2.0.19.bb | 31 ----------- meta/recipes-support/gnupg/gnupg_2.0.20.bb | 29 ++++++++++ 3 files changed, 29 insertions(+), 94 deletions(-) delete mode 100644 meta/recipes-support/gnupg/gnupg-2.0.19/GnuPG2-CVE-2012-6085.patch delete mode 100644 meta/recipes-support/gnupg/gnupg_2.0.19.bb create mode 100644 meta/recipes-support/gnupg/gnupg_2.0.20.bb (limited to 'meta') diff --git a/meta/recipes-support/gnupg/gnupg-2.0.19/GnuPG2-CVE-2012-6085.patch b/meta/recipes-support/gnupg/gnupg-2.0.19/GnuPG2-CVE-2012-6085.patch deleted file mode 100644 index 64c30342cc..0000000000 --- a/meta/recipes-support/gnupg/gnupg-2.0.19/GnuPG2-CVE-2012-6085.patch +++ /dev/null @@ -1,63 +0,0 @@ -commit 498882296ffac7987c644aaf2a0aa108a2925471 -Author: Werner Koch -Date: Thu Dec 20 09:43:41 2012 +0100 - - gpg: Import only packets which are allowed in a keyblock. - - * g10/import.c (valid_keyblock_packet): New. - (read_block): Store only valid packets. - -- - - A corrupted key, which for example included a mangled public key - encrypted packet, used to corrupt the keyring. This change skips all - packets which are not allowed in a keyblock. - - GnuPG-bug-id: 1455 - - (cherry-picked from commit 3a4b96e665fa639772854058737ee3d54ba0694e) - -Upstream-Status: Backport - -Signed-off-by: Saul Wold - -diff --git a/g10/import.c b/g10/import.c -index ba2439d..ad112d6 100644 ---- a/g10/import.c -+++ b/g10/import.c -@@ -347,6 +347,27 @@ import_print_stats (void *hd) - } - - -+/* Return true if PKTTYPE is valid in a keyblock. */ -+static int -+valid_keyblock_packet (int pkttype) -+{ -+ switch (pkttype) -+ { -+ case PKT_PUBLIC_KEY: -+ case PKT_PUBLIC_SUBKEY: -+ case PKT_SECRET_KEY: -+ case PKT_SECRET_SUBKEY: -+ case PKT_SIGNATURE: -+ case PKT_USER_ID: -+ case PKT_ATTRIBUTE: -+ case PKT_RING_TRUST: -+ return 1; -+ default: -+ return 0; -+ } -+} -+ -+ - /**************** - * Read the next keyblock from stream A. - * PENDING_PKT should be initialzed to NULL -@@ -424,7 +445,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root ) - } - in_cert = 1; - default: -- if( in_cert ) { -+ if (in_cert && valid_keyblock_packet (pkt->pkttype)) { - if( !root ) - root = new_kbnode( pkt ); - else diff --git a/meta/recipes-support/gnupg/gnupg_2.0.19.bb b/meta/recipes-support/gnupg/gnupg_2.0.19.bb deleted file mode 100644 index 593250aad7..0000000000 --- a/meta/recipes-support/gnupg/gnupg_2.0.19.bb +++ /dev/null @@ -1,31 +0,0 @@ -DESCRIPTION = "GNU privacy guard - a free PGP replacement (new v2.x)" -HOMEPAGE = "http://www.gnupg.org/" -LICENSE = "GPLv3 & LGPLv3" -LIC_FILES_CHKSUM = "file://COPYING;md5=f27defe1e96c2e1ecd4e0c9be8967949 \ - file://COPYING.LIB;md5=6a6a8e020838b23406c81b19c1d46df6" - -DEPENDS = "${PTH} libassuan libksba zlib bzip2 readline libgcrypt" -PTH = "pth" -PTH_libc-uclibc = "npth" -PR = "r5" - -inherit autotools gettext - -SRC_URI = "ftp://ftp.gnupg.org/gcrypt/${BPN}/${BPN}-${PV}.tar.bz2 \ - file://GnuPG2-CVE-2012-6085.patch" - -SRC_URI[md5sum] = "6a8589381ca1b0c1a921e9955f42b016" -SRC_URI[sha256sum] = "efa23a8a925adb51c7d3b708c25b6d000300f5ce37de9bdec6453be7b419c622" - -EXTRA_OECONF = "--disable-ldap \ - --disable-ccid-driver \ - --without-libcurl \ - --with-zlib=${STAGING_LIBDIR}/.. \ - --with-bzip2=${STAGING_LIBDIR}/.. \ - --with-readline=${STAGING_LIBDIR}/.. \ - " - -do_install_append() { - ln -sf gpg2 ${D}${bindir}/gpg - ln -sf gpgv2 ${D}${bindir}/gpgv -} diff --git a/meta/recipes-support/gnupg/gnupg_2.0.20.bb b/meta/recipes-support/gnupg/gnupg_2.0.20.bb new file mode 100644 index 0000000000..87acd00552 --- /dev/null +++ b/meta/recipes-support/gnupg/gnupg_2.0.20.bb @@ -0,0 +1,29 @@ +DESCRIPTION = "GNU privacy guard - a free PGP replacement (new v2.x)" +HOMEPAGE = "http://www.gnupg.org/" +LICENSE = "GPLv3 & LGPLv3" +LIC_FILES_CHKSUM = "file://COPYING;md5=f27defe1e96c2e1ecd4e0c9be8967949 \ + file://COPYING.LIB;md5=6a6a8e020838b23406c81b19c1d46df6" + +DEPENDS = "${PTH} libassuan libksba zlib bzip2 readline libgcrypt" +PTH = "pth" +PTH_libc-uclibc = "npth" + +inherit autotools gettext + +SRC_URI = "ftp://ftp.gnupg.org/gcrypt/${BPN}/${BPN}-${PV}.tar.bz2" + +SRC_URI[md5sum] = "9d18ee71bb0b10d40d1c8a393bdd7a89" +SRC_URI[sha256sum] = "6e949b7f062cab8a3cf0910f91ecf04cabaad458c0aeeec66298651b8b04b79a" + +EXTRA_OECONF = "--disable-ldap \ + --disable-ccid-driver \ + --without-libcurl \ + --with-zlib=${STAGING_LIBDIR}/.. \ + --with-bzip2=${STAGING_LIBDIR}/.. \ + --with-readline=${STAGING_LIBDIR}/.. \ + " + +do_install_append() { + ln -sf gpg2 ${D}${bindir}/gpg + ln -sf gpgv2 ${D}${bindir}/gpgv +} -- cgit v1.2.3