* Re: [CONSOLIDATED PULL 00/16] CVE Patches and updates
@ 2014-05-22 6:57 Jacob Kroon
2014-05-22 9:58 ` Sebastian Wiegand
0 siblings, 1 reply; 5+ messages in thread
From: Jacob Kroon @ 2014-05-22 6:57 UTC (permalink / raw)
To: Saul Wold, sebastian.wiegand; +Cc: openembedded-core
[-- Attachment #1: Type: text/plain, Size: 1886 bytes --]
Hi,
On Wed, May 21, 2014 at 8:01 PM, Saul Wold <sgw@linux.intel.com> wrote:
> Richard,
>
> Another set of CVE fixes and some Updates.
>
> Thanks
> Sau!
>
> The following changes since commit
> 7decf9dce56868e39902dac5957eb72f6e1e9acd:
>
> cups: fix for cups not building without avahi (2014-05-21 09:08:11 +0100)
>
> are available in the git repository at:
>
> git://git.openembedded.org/openembedded-core-contrib sgw/stage
>
> http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=sgw/stage
>
> Chong Lu (3):
> flex: Update to 2.5.39 version
> byacc: Update to 20140422 version
> guile: Update to 2.0.11 version
>
> Sebastian Wiegand (1):
> distro_features_check.bbclass: fix wrong indentation
>
>
Doesn't this commit, 986db87a3931edce8be79f309d07497e4179a810, only check
that the first required distro feature found is available, and skips
checking the remaining ?
Shouldnt we do something like this
diff --git a/meta/classes/distro_features_check.bbclass
b/meta/classes/distro_features_check.bbclass
index 61b11b7..b728bdc 100644
--- a/meta/classes/distro_features_check.bbclass
+++ b/meta/classes/distro_features_check.bbclass
@@ -14,9 +14,9 @@ python () {
distro_features = (d.getVar('DISTRO_FEATURES', True) or "").split()
for f in required_distro_features:
if f in distro_features:
- break
- else:
- raise bb.parse.SkipPackage("missing required distro feature %s
(not in DISTRO_FEATURES)" % required_distro_features)
+ continue
+ else:
+ raise bb.parse.SkipPackage("missing required distro
feature %s (not in DISTRO_FEATURES)" % required_distro_features)
conflict_distro_features = d.getVar('CONFLICT_DISTRO_FEATURES', True)
if conflict_distro_features:
/Jacob
[-- Attachment #2: Type: text/html, Size: 2762 bytes --]
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [CONSOLIDATED PULL 00/16] CVE Patches and updates
2014-05-22 6:57 [CONSOLIDATED PULL 00/16] CVE Patches and updates Jacob Kroon
@ 2014-05-22 9:58 ` Sebastian Wiegand
2014-05-22 10:10 ` Burton, Ross
0 siblings, 1 reply; 5+ messages in thread
From: Sebastian Wiegand @ 2014-05-22 9:58 UTC (permalink / raw)
To: Jacob Kroon, Saul Wold; +Cc: openembedded-core
Hi,
On Thursday, 22.05.2014 08:57 +0200, Jacob Kroon wrote:
> Hi,
>
> On Wed, May 21, 2014 at 8:01 PM, Saul Wold <sgw@linux.intel.com
> <mailto:sgw@linux.intel.com>> wrote:
>
> Richard,
>
> Another set of CVE fixes and some Updates.
>
> Thanks
> Sau!
>
> The following changes since commit
> 7decf9dce56868e39902dac5957eb72f6e1e9acd:
>
> cups: fix for cups not building without avahi (2014-05-21
> 09:08:11 +0100)
>
> are available in the git repository at:
>
> git://git.openembedded.org/openembedded-core-contrib
> <http://git.openembedded.org/openembedded-core-contrib> sgw/stage
> http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=sgw/stage
>
> Chong Lu (3):
> flex: Update to 2.5.39 version
> byacc: Update to 20140422 version
> guile: Update to 2.0.11 version
>
> Sebastian Wiegand (1):
> distro_features_check.bbclass: fix wrong indentation
>
>
> Doesn't this commit, 986db87a3931edce8be79f309d07497e4179a810, only
> check that the first required distro feature found is available, and
> skips checking the remaining ?
>
> Shouldnt we do something like this
>
> diff --git a/meta/classes/distro_features_check.bbclass
> b/meta/classes/distro_features_check.bbclass
> index 61b11b7..b728bdc 100644
> --- a/meta/classes/distro_features_check.bbclass
> +++ b/meta/classes/distro_features_check.bbclass
> @@ -14,9 +14,9 @@ python () {
> distro_features = (d.getVar('DISTRO_FEATURES', True) or
> "").split()
> for f in required_distro_features:
> if f in distro_features:
> - break
> - else:
> - raise bb.parse.SkipPackage("missing required distro
> feature %s (not in DISTRO_FEATURES)" % required_distro_features)
> + continue
> + else:
> + raise bb.parse.SkipPackage("missing required distro
> feature %s (not in DISTRO_FEATURES)" % required_distro_features)
>
> conflict_distro_features = d.getVar('CONFLICT_DISTRO_FEATURES', True)
> if conflict_distro_features:
>
> /Jacob
Reworked and fixed the error message, too.
Search whole list of REQUIRED_DISTRO_FEATURES.
Print only the missing/conflicting feature on error.
---
meta/classes/distro_features_check.bbclass | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/meta/classes/distro_features_check.bbclass
b/meta/classes/distro_features_check.bbclass
index 8a0ecb7..1f1d6fb 100644
--- a/meta/classes/distro_features_check.bbclass
+++ b/meta/classes/distro_features_check.bbclass
@@ -14,9 +14,9 @@ python () {
distro_features = (d.getVar('DISTRO_FEATURES', True) or
"").split()
for f in required_distro_features:
if f in distro_features:
- break
+ continue
else:
- raise bb.parse.SkipPackage("missing required distro
feature %s (not in DISTRO_FEATURES)" % required_distro_features)
+ raise bb.parse.SkipPackage("missing required distro
feature '%s' (not in DISTRO_FEATURES)" % f)
conflict_distro_features = d.getVar('CONFLICT_DISTRO_FEATURES', True)
if conflict_distro_features:
@@ -24,5 +24,5 @@ python () {
distro_features = (d.getVar('DISTRO_FEATURES', True) or
"").split()
for f in conflict_distro_features:
if f in distro_features:
- raise bb.parse.SkipPackage("conflicting distro feature
%s (in DISTRO_FEATURES)" % conflict_distro_features)
+ raise bb.parse.SkipPackage("conflicting distro feature
'%s' (in DISTRO_FEATURES)" % f)
}
--
Cheers,
Sebastian
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [CONSOLIDATED PULL 00/16] CVE Patches and updates
2014-05-22 9:58 ` Sebastian Wiegand
@ 2014-05-22 10:10 ` Burton, Ross
2014-05-22 10:34 ` Sebastian Wiegand
0 siblings, 1 reply; 5+ messages in thread
From: Burton, Ross @ 2014-05-22 10:10 UTC (permalink / raw)
To: Sebastian Wiegand; +Cc: openembedded-core
On 22 May 2014 10:58, Sebastian Wiegand <sebastian.wiegand@gersys.de> wrote:
> Reworked and fixed the error message, too.
Can you send this patch using e.g. git format-patch so the commit
message is correct, and add a signed-off-by.
Ross
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [CONSOLIDATED PULL 00/16] CVE Patches and updates
2014-05-22 10:10 ` Burton, Ross
@ 2014-05-22 10:34 ` Sebastian Wiegand
0 siblings, 0 replies; 5+ messages in thread
From: Sebastian Wiegand @ 2014-05-22 10:34 UTC (permalink / raw)
To: Burton, Ross; +Cc: openembedded-core
On Thursday, 22.05.2014 12:10 +0200, Burton, Ross
<ross.burton@intel.com> wrote:
> On 22 May 2014 10:58, Sebastian Wiegand <sebastian.wiegand@gersys.de> wrote:
>> Reworked and fixed the error message, too.
> Can you send this patch using e.g. git format-patch so the commit
> message is correct, and add a signed-off-by.
>
> Ross
From: Sebastian Wiegand <sebastian.wiegand@gersys.de>
Date: Thu, 22 May 2014 12:24:16 +0200
Subject: [PATCH] distro_features_check.bbclass: fix searching whole list
Search whole list of REQUIRED_DISTRO_FEATURES.
Print only the missing/conflicting feature on error.
Signed-off-by: Sebastian Wiegand <sebastian.wiegand@gersys.de>
---
meta/classes/distro_features_check.bbclass | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/meta/classes/distro_features_check.bbclass
b/meta/classes/distro_features_check.bbclass
index 8a0ecb7..1f1d6fb 100644
--- a/meta/classes/distro_features_check.bbclass
+++ b/meta/classes/distro_features_check.bbclass
@@ -14,9 +14,9 @@ python () {
distro_features = (d.getVar('DISTRO_FEATURES', True) or
"").split()
for f in required_distro_features:
if f in distro_features:
- break
+ continue
else:
- raise bb.parse.SkipPackage("missing required distro
feature %s (not in DISTRO_FEATURES)" % required_distro_features)
+ raise bb.parse.SkipPackage("missing required distro
feature '%s' (not in DISTRO_FEATURES)" % f)
conflict_distro_features = d.getVar('CONFLICT_DISTRO_FEATURES', True)
if conflict_distro_features:
@@ -24,5 +24,5 @@ python () {
distro_features = (d.getVar('DISTRO_FEATURES', True) or
"").split()
for f in conflict_distro_features:
if f in distro_features:
- raise bb.parse.SkipPackage("conflicting distro feature
%s (in DISTRO_FEATURES)" % conflict_distro_features)
+ raise bb.parse.SkipPackage("conflicting distro feature
'%s' (in DISTRO_FEATURES)" % f)
}
--
1.7.9.5
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [CONSOLIDATED PULL 00/16] CVE Patches and updates
@ 2014-05-21 18:01 Saul Wold
0 siblings, 0 replies; 5+ messages in thread
From: Saul Wold @ 2014-05-21 18:01 UTC (permalink / raw)
To: openembedded-core
Richard,
Another set of CVE fixes and some Updates.
Thanks
Sau!
The following changes since commit 7decf9dce56868e39902dac5957eb72f6e1e9acd:
cups: fix for cups not building without avahi (2014-05-21 09:08:11 +0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib sgw/stage
http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=sgw/stage
Chong Lu (3):
flex: Update to 2.5.39 version
byacc: Update to 20140422 version
guile: Update to 2.0.11 version
Sebastian Wiegand (1):
distro_features_check.bbclass: fix wrong indentation
Yue Tao (12):
gst-ffmpeg: fix for Security Advisory CVE-2014-2263
gst-ffmpeg: fix for Security Advisory CVE-2013-0865
gst-ffmpeg: fix for Security Advisory CVE-2014-2099
gst-ffmpeg: fix for Security Advisory CVE-2013-0868
gst-ffmpeg: fix for Security Advisory CVE-2013-0845
gst-ffmpeg: fix for Security Advisory CVE-2013-0852
gst-ffmpeg: fix for Security Advisory CVE-2013-0858
gst-ffmpeg: fix for Security Advisory CVE-2013-0851
gst-ffmpeg: fix for Security Advisory CVE-2013-0854
gst-ffmpeg: fix for Security Advisory CVE-2013-0856
gst-ffmpeg: fix for Security Advisory CVE-2013-0850
gst-ffmpeg: fix for Security Advisory CVE-2013-0849
meta/classes/distro_features_check.bbclass | 4 +-
.../flex/{flex_2.5.38.bb => flex_2.5.39.bb} | 4 +-
.../guile/files/guile_2.0.9_fix_noreturn.patch | 65 ----------------
.../guile/{guile_2.0.9.bb => guile_2.0.11.bb} | 5 +-
.../byacc/{byacc_20140101.bb => byacc_20140422.bb} | 4 +-
.../0001-alac-fix-nb_samples-order-case.patch | 30 ++++++++
.../0001-alsdec-check-block-length.patch | 61 +++++++++++++++
...ac3dec-Check-coding-mode-against-channels.patch | 37 +++++++++
...le-use-av_image_get_linesize-to-calculate.patch | 50 +++++++++++++
...egtsenc-Check-data-array-size-in-mpegts_w.patch | 69 +++++++++++++++++
.../0001-eamad-fix-out-of-array-accesses.patch | 29 ++++++++
...t-ref-count-check-and-limit-fix-out-of-ar.patch | 29 ++++++++
...01-huffyuvdec-Check-init_vlc-return-codes.patch | 87 ++++++++++++++++++++++
.../0001-huffyuvdec-Skip-len-0-cases.patch | 61 +++++++++++++++
.../0001-mjpegdec-check-SE.patch | 32 ++++++++
...heck-RLE-size-before-copying.-Fix-out-of-.patch | 34 +++++++++
...001-roqvideodec-check-dimensions-validity.patch | 36 +++++++++
...o-check-chunk-sizes-before-reading-chunks.patch | 51 +++++++++++++
.../gstreamer/gst-ffmpeg_0.10.13.bb | 13 ++++
19 files changed, 627 insertions(+), 74 deletions(-)
rename meta/recipes-devtools/flex/{flex_2.5.38.bb => flex_2.5.39.bb} (57%)
delete mode 100644 meta/recipes-devtools/guile/files/guile_2.0.9_fix_noreturn.patch
rename meta/recipes-devtools/guile/{guile_2.0.9.bb => guile_2.0.11.bb} (95%)
rename meta/recipes-extended/byacc/{byacc_20140101.bb => byacc_20140422.bb} (74%)
create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-alac-fix-nb_samples-order-case.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-alsdec-check-block-length.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-atrac3dec-Check-coding-mode-against-channels.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-avcodec-msrle-use-av_image_get_linesize-to-calculate.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-avformat-mpegtsenc-Check-data-array-size-in-mpegts_w.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-eamad-fix-out-of-array-accesses.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-h264-correct-ref-count-check-and-limit-fix-out-of-ar.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-huffyuvdec-Check-init_vlc-return-codes.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-huffyuvdec-Skip-len-0-cases.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-mjpegdec-check-SE.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-pgssubdec-check-RLE-size-before-copying.-Fix-out-of-.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-roqvideodec-check-dimensions-validity.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gst-ffmpeg-0.10.13/0001-vqavideo-check-chunk-sizes-before-reading-chunks.patch
--
1.8.3.1
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2014-05-22 10:34 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-05-22 6:57 [CONSOLIDATED PULL 00/16] CVE Patches and updates Jacob Kroon
2014-05-22 9:58 ` Sebastian Wiegand
2014-05-22 10:10 ` Burton, Ross
2014-05-22 10:34 ` Sebastian Wiegand
-- strict thread matches above, loose matches on Subject: below --
2014-05-21 18:01 Saul Wold
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.