[oe] [meta-oe][PATCH 3/4] audiofile: 0.2.6 -> 0.2.7

Paul Menzel paulepanter at users.sourceforge.net
Sat Jul 2 12:48:58 UTC 2011 

Am Samstag, den 02.07.2011, 14:20 +0200 schrieb Michael Lippautz:
> 0.2.7 fixes various bugs of 0.2.6 and adds further support for WAVE and AIFF-C
> formats.
> 
> * Rebase CVE-2008-5824 to apply again
> * Drop patches already applied by upstream
> 
> Signed-off-by: Michael Lippautz <michael.lippautz at gmail.com>
> ---
>  .../audiofile-0.2.7/CVE-2008-5824-rebased.patch    |   22 ++++++++
>  .../audiofile-0.2.7/audiofile-oldstyle.patch       |   55 ++++++++++++++++++++
>  .../audiofile/audiofile_0.2.7.bb                   |   20 +++++++

I do not see that audiofile_0.2.6 was removed. Please use `git
format-patch -M -C -C -C` next time when sending patches.

>  3 files changed, 97 insertions(+), 0 deletions(-)
>  create mode 100644 meta-oe/recipes-multimedia/audiofile/audiofile-0.2.7/CVE-2008-5824-rebased.patch
>  create mode 100644 meta-oe/recipes-multimedia/audiofile/audiofile-0.2.7/audiofile-oldstyle.patch

Please add patch headers. It sounds scary that a security issues gets
ignored upstream and that some patch is applied for some oldstyle
whatever that is.

>  create mode 100644 meta-oe/recipes-multimedia/audiofile/audiofile_0.2.7.bb

[…]

> diff --git a/meta-oe/recipes-multimedia/audiofile/audiofile_0.2.7.bb b/meta-oe/recipes-multimedia/audiofile/audiofile_0.2.7.bb
> new file mode 100644
> index 0000000..80ad132
> --- /dev/null
> +++ b/meta-oe/recipes-multimedia/audiofile/audiofile_0.2.7.bb
> @@ -0,0 +1,20 @@
> +DESCRIPTION = "The Audio File Library provides a uniform and elegant \
> +API for accessing a variety of audio file formats, such as AIFF/AIFF-C, \
> +WAVE, NeXT/Sun .snd/.au, Berkeley/IRCAM/CARL Sound File, Audio Visual \
> +Research, Amiga IFF/8SVX, and NIST SPHERE."

Please add

HOMEPAGE = "http://www.68k.org/~michael/audiofile/"

> +SECTION = "libs"
> +LICENSE = "LGPLv2 && GPLv2"
> +LIC_FILES_CHKSUM = "file://COPYING;md5=3bf50002aefd002f49e7bb854063f7e7 \
> +                    file://COPYING.GPL;md5=0636e73ff0215e8d672dc4c32c317bb3"
> +PR = "r0"
> +
> +SRC_URI = " \
> +  http://www.68k.org/~michael/audiofile/${PN}-${PV}.tar.gz \
> +  file://audiofile-oldstyle.patch;striplevel=0 \
> +  file://CVE-2008-5824-rebased.patch \
> +"
> +
> +inherit autotools lib_package binconfig
> +
> +SRC_URI[md5sum] = "a39be317a7b1971b408805dc5e371862"
> +SRC_URI[sha256sum] = "a61c4036c2600a645843f16bec4be166093a9df5f15b02c85291213aa9cf15a2"

Please move that up.


Thanks,

Paul
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.openembedded.org/pipermail/openembedded-devel/attachments/20110702/d573514e/attachment-0002.sig>

More information about the Openembedded-devel mailing list