[oe-commits] [openembedded-core] 13/17: libyaml: update to 0.1.7
git at git.openembedded.org
git at git.openembedded.org
Tue Aug 30 15:40:15 UTC 2016
rpurdie pushed a commit to branch master-next
in repository openembedded-core.
commit d02f31ec1df01e4dd48a4383cd2d3b3dd7726303
Author: Alexander Kanavin <alexander.kanavin at linux.intel.com>
AuthorDate: Tue Aug 30 15:26:53 2016 +0300
libyaml: update to 0.1.7
Drop backported libyaml-CVE-2014-9130.patch
Signed-off-by: Alexander Kanavin <alexander.kanavin at linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
---
.../libyaml/files/libyaml-CVE-2014-9130.patch | 33 ----------------------
.../libyaml/{libyaml_0.1.6.bb => libyaml_0.1.7.bb} | 5 ++--
2 files changed, 2 insertions(+), 36 deletions(-)
diff --git a/meta/recipes-support/libyaml/files/libyaml-CVE-2014-9130.patch b/meta/recipes-support/libyaml/files/libyaml-CVE-2014-9130.patch
deleted file mode 100644
index 61fa7e5..0000000
--- a/meta/recipes-support/libyaml/files/libyaml-CVE-2014-9130.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-# HG changeset patch
-# User Kirill Simonov <xi at resolvent.net>
-# Date 1417197312 21600
-# Node ID 2b9156756423e967cfd09a61d125d883fca6f4f2
-# Parent 053f53a381ff6adbbc93a31ab7fdee06a16c8a33
-Removed invalid simple key assertion (thank to Jonathan Gray).
-
-The patch comes from
-
-https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2
-
-Upstream-Status: Backport
-CVE: CVE-2014-9130
-
-Signed-off-by: Yue Tao <yue.tao at windriver.com>
-
-diff -r 053f53a381ff -r 2b9156756423 src/scanner.c
---- a/src/scanner.c Wed Mar 26 13:55:54 2014 -0500
-+++ b/src/scanner.c Fri Nov 28 11:55:12 2014 -0600
-@@ -1106,13 +1106,6 @@
- && parser->indent == (ptrdiff_t)parser->mark.column);
-
- /*
-- * A simple key is required only when it is the first token in the current
-- * line. Therefore it is always allowed. But we add a check anyway.
-- */
--
-- assert(parser->simple_key_allowed || !required); /* Impossible. */
--
-- /*
- * If the current position may start a simple key, save it.
- */
-
diff --git a/meta/recipes-support/libyaml/libyaml_0.1.6.bb b/meta/recipes-support/libyaml/libyaml_0.1.7.bb
similarity index 72%
rename from meta/recipes-support/libyaml/libyaml_0.1.6.bb
rename to meta/recipes-support/libyaml/libyaml_0.1.7.bb
index b015577..5c422ef 100644
--- a/meta/recipes-support/libyaml/libyaml_0.1.6.bb
+++ b/meta/recipes-support/libyaml/libyaml_0.1.7.bb
@@ -8,11 +8,10 @@ LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE;md5=6015f088759b10e0bc2bf64898d4ae17"
SRC_URI = "http://pyyaml.org/download/libyaml/yaml-${PV}.tar.gz \
- file://libyaml-CVE-2014-9130.patch \
"
-SRC_URI[md5sum] = "5fe00cda18ca5daeb43762b80c38e06e"
-SRC_URI[sha256sum] = "7da6971b4bd08a986dd2a61353bc422362bd0edcc67d7ebaac68c95f74182749"
+SRC_URI[md5sum] = "1abf45bd3a96374fa55ca63b32f9f2f9"
+SRC_URI[sha256sum] = "8088e457264a98ba451a90b8661fcb4f9d6f478f7265d48322a196cec2480729"
S = "${WORKDIR}/yaml-${PV}"
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list