[OE-core] [PATCH] dhcp: update 4.4.1
Christopher Larson
kergoth at gmail.com
Fri Jun 29 15:13:21 UTC 2018
On Sun, Jun 24, 2018 at 11:43 AM Armin Kuster <akuster808 at gmail.com> wrote:
> include several CVE fixes.
> CVE: CVE-2018-5733
> CVE: CVE-2018-5732
>
> LIC_CHKSUM_FILE updated to SPFX format
>
> https://kb.isc.org/article/AA-01571
>
> remove several patches now included in update.
> Shared libarary support is now enabled in configure+lt, use it
> and revert to autotools-brokensep
> Refresh patches
>
> alings support with bind 9.11.x
>
> add libxml2 support to configure.ac+lt
>
> Signed-off-by: Armin Kuster <akuster808 at gmail.com>
> ---
> meta/recipes-connectivity/dhcp/dhcp.inc | 19 +-
> ...o-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch | 13 +-
> .../dhcp/dhcp/0003-link-with-lcrypto.patch | 13 +-
> .../dhcp/dhcp/0004-Fix-out-of-tree-builds.patch | 109 +++++------
> .../dhcp/0006-site.h-enable-gentle-shutdown.patch | 13 +-
> ...re-argument-to-make-the-libxml2-dependenc.patch | 40 +++-
> .../dhcp/dhcp/0010-build-shared-libs.patch | 208
> ---------------------
> ...all-to-isc_app_ctxstart-to-not-get-signal.patch | 81 --------
> ...correct-the-intention-for-xml2-lib-search.patch | 13 +-
> .../dhcp/dhcp/CVE-2017-3144.patch | 74 --------
> .../dhcp/{dhcp_4.3.6.bb => dhcp_4.4.1.bb} | 12 +-
> 11 files changed, 120 insertions(+), 475 deletions(-)
> delete mode 100644
> meta/recipes-connectivity/dhcp/dhcp/0010-build-shared-libs.patch
> delete mode 100644
> meta/recipes-connectivity/dhcp/dhcp/0011-Moved-the-call-to-isc_app_ctxstart-to-not-get-signal.patch
> delete mode 100644 meta/recipes-connectivity/dhcp/dhcp/CVE-2017-3144.patch
> rename meta/recipes-connectivity/dhcp/{dhcp_4.3.6.bb => dhcp_4.4.1.bb}
> (65%)
>
> diff --git a/meta/recipes-connectivity/dhcp/dhcp.inc
> b/meta/recipes-connectivity/dhcp/dhcp.inc
> index e943707..2eb3513 100644
> --- a/meta/recipes-connectivity/dhcp/dhcp.inc
> +++ b/meta/recipes-connectivity/dhcp/dhcp.inc
> @@ -8,7 +8,7 @@ easier to administer devices."
> HOMEPAGE = "http://www.isc.org/"
>
> LICENSE = "ISC"
> -LIC_FILES_CHKSUM =
> "file://LICENSE;beginline=4;md5=c5c64d696107f84b56fe337d14da1753"
> +LIC_FILES_CHKSUM =
> "file://LICENSE;beginline=4;md5=004a4db50a1e20972e924a8618747c01"
>
> DEPENDS = "openssl bind"
>
> @@ -24,7 +24,7 @@ SRC_URI = "
> http://ftp.isc.org/isc/dhcp/${PV}/dhcp-${PV}.tar.gz \
> UPSTREAM_CHECK_URI = "ftp://ftp.isc.org/isc/dhcp/"
> UPSTREAM_CHECK_REGEX = "(?P<pver>\d+\.\d+\.(\d+?))/"
>
> -inherit autotools systemd useradd update-rc.d
> +inherit autotools-brokensep systemd useradd update-rc.d
>
> USERADD_PACKAGES = "${PN}-server"
> USERADD_PARAM_${PN}-server = "--system --no-create-home --home-dir
> /var/run/${BPN} --shell /bin/false --user-group ${BPN}"
> @@ -48,11 +48,21 @@ EXTRA_OECONF =
> "--with-srv-lease-file=${localstatedir}/lib/dhcp/dhcpd.leases \
>
> --with-srv6-lease-file=${localstatedir}/lib/dhcp/dhcpd6.leases \
>
> --with-cli-lease-file=${localstatedir}/lib/dhcp/dhclient.leases \
>
> --with-cli6-lease-file=${localstatedir}/lib/dhcp/dhclient6.leases \
> - --with-libbind=${STAGING_LIBDIR}/ \
> --enable-paranoia --disable-static \
> --with-randomdev=/dev/random \
> + --with-libbind=${STAGING_DIR_HOST}/usr \
> + --enable-libtool \
> "
>
> +#Enable shared libs per dhcp README
> +do_configure () {
> + cd ${S}
> + cp configure.ac+lt configure.ac
> + autoreconf -i
> + ./configure ${CONFIGUREOPTS} ${EXTRA_OECONF}
> + automake
>
1. Why run automake when autoreconf already runs automake?
2. Why override do_configure and reproduce what's already in
autotools-brokensep rather than doing the cp in a do_configure_prepend?
--
Christopher Larson
kergoth at gmail dot com
Founder - BitBake, OpenEmbedded, OpenZaurus
Senior Software Engineer, Mentor Graphics
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20180629/8a4c258f/attachment-0002.html>
More information about the Openembedded-core
mailing list