gnutls: upgrade to 2.12.23

Importantly, this fixes CVE-2013-1619. Upstream doesn't use GNU as a host, so update the SRC_URI. remove-gets.patch isn't required anymore, obsolete_automake_macros.patch is merged upstream, and gnutls_fix_for_automake_1.12.1.patch doesn't seem to be needed. It was merged and reverted upstream, and my build without it succeeded. (From OE-Core rev: 9a6395076984350b1dd7005453f97233bbb43132) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-01-29 21:08:42 +01:00 · 2013-05-08 13:14:45 +01:00
parent 1abffd2ac8
commit 77d00c58bb
5 changed files with 6 additions and 129 deletions
--- a/meta/recipes-support/gnutls/gnutls.inc
+++ b/meta/recipes-support/gnutls/gnutls.inc
@@ -15,7 +15,9 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \
                    file://lib/COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343 \
                    file://libextra/COPYING;md5=d32239bcb673463ab874e80d47fae504"

-SRC_URI = "${GNU_MIRROR}/gnutls/gnutls-${PV}.tar.bz2"
+SHRT_VER = "${@d.getVar('PV',1).split('.')[0]}.${@d.getVar('PV',1).split('.')[1]}"
+
+SRC_URI = "ftp://ftp.gnutls.org/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar.bz2"

 inherit autotools binconfig pkgconfig gettext lib_package

--- a/meta/recipes-support/gnutls/gnutls/gnutls_fix_for_automake_1.12.1.patch
+++ b/meta/recipes-support/gnutls/gnutls/gnutls_fix_for_automake_1.12.1.patch
@@ -1,43 +0,0 @@
-Upstream-Status: Pending
-
-Avoids these kind of warnings:
-Warning: 'libgnutls.la': linking libtool libraries using a non-POSIX archiver requires 'AM_PROG_AR' in 'configure.ac'
-
-Signed-Off-by: Nitin A Kamble <nitin.a.kamble@intel.com>
-Date: 2012/07/09
-Index: gnutls-2.12.19/configure.ac
-===================================================================
--- gnutls-2.12.19.orig/configure.ac
-+++ gnutls-2.12.19/configure.ac
-@@ -28,6 +28,7 @@ AC_CONFIG_MACRO_DIR([m4])
- 
- AM_INIT_AUTOMAKE([1.10 no-dist-gzip dist-bzip2 -Wall -Wno-override])
- m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
-+m4_ifdef([AM_PROG_AR], [AM_PROG_AR]) # required by automake 1.12
- AM_CONFIG_HEADER(config.h)
- 
- AC_MSG_RESULT([***
-Index: gnutls-2.12.19/lib/configure.ac
-===================================================================
--- gnutls-2.12.19.orig/lib/configure.ac
-+++ gnutls-2.12.19/lib/configure.ac
-@@ -28,6 +28,7 @@ AC_CONFIG_MACRO_DIR([m4])
- 
- AM_INIT_AUTOMAKE([1.10 -Wall -Wno-override])
- m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
-+m4_ifdef([AM_PROG_AR], [AM_PROG_AR]) # required by automake 1.12
- AM_CONFIG_HEADER(config.h)
- 
- AC_PROG_CC
-Index: gnutls-2.12.19/libextra/configure.ac
-===================================================================
--- gnutls-2.12.19.orig/libextra/configure.ac
-+++ gnutls-2.12.19/libextra/configure.ac
-@@ -28,6 +28,7 @@ AC_CONFIG_MACRO_DIR([m4])
- 
- AM_INIT_AUTOMAKE([1.10 -Wall -Wno-override])
- m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
-+m4_ifdef([AM_PROG_AR], [AM_PROG_AR]) # required by automake 1.12
- AM_CONFIG_HEADER(config.h)
- 
- AC_PROG_CC
--- a/meta/recipes-support/gnutls/gnutls/obsolete_automake_macros.patch
+++ b/meta/recipes-support/gnutls/gnutls/obsolete_automake_macros.patch
@@ -1,39 +0,0 @@
-Upstream-Status: Submitted [https://savannah.gnu.org/support/index.php?108219]
-
-Signed-off-by: Marko Lindqvist <cazfi74@gmail.com>
-diff -Nurd gnutls-2.12.21/configure.ac gnutls-2.12.21/configure.ac
--- gnutls-2.12.21/configure.ac	2013-01-03 07:52:42.182740682 +0200
-+++ gnutls-2.12.21/configure.ac	2013-01-03 07:53:41.662739378 +0200
-@@ -29,7 +29,7 @@
- AM_INIT_AUTOMAKE([1.10 no-dist-gzip dist-bzip2 -Wall -Wno-override])
- m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
- m4_ifdef([AM_PROG_AR], [AM_PROG_AR]) # required by automake 1.12
-AM_CONFIG_HEADER(config.h)
-+AC_CONFIG_HEADERS(config.h)
-
- AC_MSG_RESULT([***
- *** Checking for compilation programs...
-diff -Nurd gnutls-2.12.21/lib/configure.ac gnutls-2.12.21/lib/configure.ac
--- gnutls-2.12.21/lib/configure.ac	2013-01-03 07:52:42.182740682 +0200
-+++ gnutls-2.12.21/lib/configure.ac	2013-01-03 08:07:38.150721027 +0200
-@@ -29,7 +29,7 @@
- AM_INIT_AUTOMAKE([1.10 -Wall -Wno-override])
- m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
- m4_ifdef([AM_PROG_AR], [AM_PROG_AR]) # required by automake 1.12
-AM_CONFIG_HEADER(config.h)
-+AC_CONFIG_HEADERS(config.h)
-
- AC_PROG_CC
- lgl_EARLY
-diff -Nurd gnutls-2.12.21/libextra/configure.ac gnutls-2.12.21/libextra/configure.ac
--- gnutls-2.12.21/libextra/configure.ac	2013-01-03 07:52:42.182740682 +0200
-+++ gnutls-2.12.21/libextra/configure.ac	2013-01-03 08:10:56.654716669 +0200
-@@ -29,7 +29,7 @@
- AM_INIT_AUTOMAKE([1.10 -Wall -Wno-override])
- m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
- m4_ifdef([AM_PROG_AR], [AM_PROG_AR]) # required by automake 1.12
-AM_CONFIG_HEADER(config.h)
-+AC_CONFIG_HEADERS(config.h)
-
- AC_PROG_CC
- xgl_EARLY
--- a/meta/recipes-support/gnutls/gnutls/remove-gets.patch
+++ b/meta/recipes-support/gnutls/gnutls/remove-gets.patch
@@ -1,41 +0,0 @@
-eglibc 2.16 has removed gets completely
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-
-Upstream-Status: Pending
-Index: gnutls-2.12.20/gl/stdio.in.h
-===================================================================
--- gnutls-2.12.20.orig/gl/stdio.in.h	2012-03-01 07:47:48.000000000 -0800
-+++ gnutls-2.12.20/gl/stdio.in.h	2012-07-03 18:17:57.191637189 -0700
-@@ -710,11 +710,13 @@
- _GL_CXXALIAS_SYS (gets, char *, (char *s));
- #  undef gets
- # endif
-+# if defined gets
- _GL_CXXALIASWARN (gets);
- /* It is very rare that the developer ever has full control of stdin,
-    so any use of gets warrants an unconditional warning.  Assume it is
-    always declared, since it is required by C89.  */
- _GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
-+# endif
- #endif
- 
- 
-Index: gnutls-2.12.20/lib/gl/stdio.in.h
-===================================================================
--- gnutls-2.12.20.orig/lib/gl/stdio.in.h	2012-03-01 07:53:13.000000000 -0800
-+++ gnutls-2.12.20/lib/gl/stdio.in.h	2012-07-03 18:18:56.351639640 -0700
-@@ -710,11 +710,13 @@
- _GL_CXXALIAS_SYS (gets, char *, (char *s));
- #  undef gets
- # endif
-+# if defined gets
- _GL_CXXALIASWARN (gets);
- /* It is very rare that the developer ever has full control of stdin,
-    so any use of gets warrants an unconditional warning.  Assume it is
-    always declared, since it is required by C89.  */
- _GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
-+# endif
- #endif
- 
- 
--- a/meta/recipes-support/gnutls/gnutls_2.12.23.bb
+++ b/meta/recipes-support/gnutls/gnutls_2.12.23.bb
@@ -5,11 +5,9 @@ PR = "${INC_PR}.4"
 SRC_URI += "file://gnutls-openssl.patch \
            file://correct_rpl_gettimeofday_signature.patch \
            file://configure-fix.patch \
-            file://gnutls_fix_for_automake_1.12.1.patch \
            file://avoid_AM_PROG_MKDIR_P_warning_error_with_automake_1.12.patch \
-            file://obsolete_automake_macros.patch \
            ${@['', 'file://fix-gettext-version.patch'][bb.data.inherits_class('native', d) or (not ((d.getVar("INCOMPATIBLE_LICENSE", True) or "").find("GPLv3") != -1))]} \
-            file://remove-gets.patch \
           "
-SRC_URI[md5sum] = "93ffac7507dd39a4c6a672ca6976d397"
-SRC_URI[sha256sum] = "2bd020665951f38a230d6b6d98630f8c47ca6977d7d86977d356ccf17756fbf3"
+
+SRC_URI[md5sum] = "f3c1d34bd5f113395c4be0d5dfc2b7fe"
+SRC_URI[sha256sum] = "dfa67a7e40727eb0913e75f3c44911d5d8cd58d1ead5acfe73dd933fc0d17ed2"