From: "Randy MacLeod" <randy.macleod@windriver.com>
To: Sakib Sajal <sakib.sajal@windriver.com>,
openembedded-devel@lists.openembedded.org
Subject: Re: [oe] [meta-oe][hardknott][PATCH] gd: upgrade 2.3.2 -> 2.3.3
Date: Tue, 21 Sep 2021 17:26:23 -0400 [thread overview]
Message-ID: <f55d4edf-2390-31f8-200e-263c39293159@windriver.com> (raw)
In-Reply-To: <20210921200820.8490-1-sakib.sajal@windriver.com>
On 2021-09-21 4:08 p.m., Sakib Sajal wrote:
> Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
> ---
> ...-of-bands-in-reading-tga-header-file.patch | 33 -------------------
> .../gd/{gd_2.3.2.bb => gd_2.3.3.bb} | 7 ++--
Wow, that's lots of changes:
$ git log --oneline gd-2.3.2..gd-2.3.3 | wc -l
416
but it does seem to be bug fixes since
1. upstream maintains per release branches and
2. on: https://github.com/libgd/libgd upstream devs say:
GD 2.3 (Branch GD-2.3) serie is in active support for bug fixes.
No new additions will be added.
3. a quick review suggests that these are all bug fixes
https://github.com/libgd/libgd/commits/GD-2.3
$ git diff gd-2.3.2..gd-2.3.3 | diffstat | tail -1
111 files changed, 2495 insertions(+), 2638 deletions(-)
Looking only at the src changes:
$ git diff gd-2.3.2..gd-2.3.3 src | diffstat | tail -1
36 files changed, 738 insertions(+), 577 deletions(-)
A quick review of the first 10 commits suggests that these changes
are ABI comptible.
So looks good to me.
../Randy
> 2 files changed, 3 insertions(+), 37 deletions(-)
> delete mode 100644 meta-oe/recipes-support/gd/gd/0001-fix-read-out-of-bands-in-reading-tga-header-file.patch
> rename meta-oe/recipes-support/gd/{gd_2.3.2.bb => gd_2.3.3.bb} (84%)
>
> diff --git a/meta-oe/recipes-support/gd/gd/0001-fix-read-out-of-bands-in-reading-tga-header-file.patch b/meta-oe/recipes-support/gd/gd/0001-fix-read-out-of-bands-in-reading-tga-header-file.patch
> deleted file mode 100644
> index 649b9b744..000000000
> --- a/meta-oe/recipes-support/gd/gd/0001-fix-read-out-of-bands-in-reading-tga-header-file.patch
> +++ /dev/null
> @@ -1,33 +0,0 @@
> -From 8b111b2b4a4842179be66db68d84dda91a246032 Mon Sep 17 00:00:00 2001
> -From: maryam ebrahimzadeh <maryam.ebr@student.sharif.edu>
> -Date: Mon, 19 Jul 2021 10:07:13 +0430
> -Subject: [PATCH] fix read out-of-bands in reading tga header file
> -
> -CVE: CVE-2021-38115
> -Upstream-Status: Backport [8b111b2b4a4842179be66db68d84dda91a246032]
> -
> -Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
> ----
> - src/gd_tga.c | 6 +++++-
> - 1 file changed, 5 insertions(+), 1 deletion(-)
> -
> -diff --git a/src/gd_tga.c b/src/gd_tga.c
> -index cae9428..286febb 100644
> ---- a/src/gd_tga.c
> -+++ b/src/gd_tga.c
> -@@ -191,7 +191,11 @@ int read_header_tga(gdIOCtx *ctx, oTga *tga)
> - return -1;
> - }
> -
> -- gdGetBuf(tga->ident, tga->identsize, ctx);
> -+
> -+ if (gdGetBuf(tga->ident, tga->identsize, ctx) != tga->identsize) {
> -+ gd_error("fail to read header ident");
> -+ return -1;
> -+ }
> - }
> -
> - return 1;
> ---
> -2.25.1
> -
> diff --git a/meta-oe/recipes-support/gd/gd_2.3.2.bb b/meta-oe/recipes-support/gd/gd_2.3.3.bb
> similarity index 84%
> rename from meta-oe/recipes-support/gd/gd_2.3.2.bb
> rename to meta-oe/recipes-support/gd/gd_2.3.3.bb
> index 557b45dc4..e129dc5a9 100644
> --- a/meta-oe/recipes-support/gd/gd_2.3.2.bb
> +++ b/meta-oe/recipes-support/gd/gd_2.3.3.bb
> @@ -9,15 +9,14 @@ HOMEPAGE = "http://libgd.github.io/"
>
> SECTION = "libs"
> LICENSE = "GD"
> -LIC_FILES_CHKSUM = "file://COPYING;md5=8e5bc8627b9494741c905d65238c66b7"
> +LIC_FILES_CHKSUM = "file://COPYING;md5=ace63adfdac78400fc30fa22ee9c1bb1"
>
> DEPENDS = "freetype libpng jpeg zlib tiff"
>
> -SRC_URI = "git://github.com/libgd/libgd.git;branch=master \
> - file://0001-fix-read-out-of-bands-in-reading-tga-header-file.patch \
> +SRC_URI = "git://github.com/libgd/libgd.git;nobranch=1\
> "
>
> -SRCREV = "2e40f55bfb460fc9d8cbcd290a0c9eb908d5af7e"
> +SRCREV = "b5319a41286107b53daa0e08e402aa1819764bdc"
>
> S = "${WORKDIR}/git"
>
>
>
>
>
>
--
# Randy MacLeod
# Wind River Linux
next prev parent reply other threads:[~2021-09-21 21:26 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-21 20:08 [meta-oe][hardknott][PATCH] gd: upgrade 2.3.2 -> 2.3.3 Sakib Sajal
2021-09-21 21:26 ` Randy MacLeod [this message]
2021-09-26 20:23 ` [oe] " akuster808
2021-09-27 14:25 ` Sakib Sajal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f55d4edf-2390-31f8-200e-263c39293159@windriver.com \
--to=randy.macleod@windriver.com \
--cc=openembedded-devel@lists.openembedded.org \
--cc=sakib.sajal@windriver.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.