mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-05-05 20:27:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
104f728b6504c558ffbc5fa102c1cd8862a75b46
poky/meta/recipes-core/zlib/zlib_1.2.11.bb
Divya Chellam 68c9f9f449 zlib: fix CVE-2014-9485 
Directory traversal vulnerability in the do_extract_currentfile
function in miniunz.c in miniunzip in minizip before 1.1-5 might
allow remote attackers to write to arbitrary files via a crafted
entry in a ZIP archive.

Reference:
https://security-tracker.debian.org/tracker/CVE-2014-9485

Upstream-patch:
14a5f8f266

(From OE-Core rev: 32c4b28fc06e39ab8ef86aebc5e1e1ae19934495)

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-04-04 08:42:47 -07:00

61 lines
1.7 KiB
BlitzBasic
Raw Blame History

SUMMARY = "Zlib Compression Library"
DESCRIPTION = "Zlib is a general-purpose, patent-free, lossless data compression \
library which is used by many different programs."
HOMEPAGE = "http://zlib.net/"
SECTION = "libs"
LICENSE = "Zlib"
LIC_FILES_CHKSUM = "file://zlib.h;beginline=6;endline=23;md5=5377232268e952e9ef63bc555f7aa6c0"
SRC_URI = "${SOURCEFORGE_MIRROR}/libpng/${BPN}/${PV}/${BPN}-${PV}.tar.xz \
file://ldflags-tests.patch \
file://0001-configure-Pass-LDFLAGS-to-link-tests.patch \
file://CVE-2018-25032.patch \
file://run-ptest \
file://CVE-2022-37434.patch \
file://CVE-2023-45853.patch \
file://CVE-2014-9485.patch \
"
UPSTREAM_CHECK_URI = "http://zlib.net/"
SRC_URI[md5sum] = "85adef240c5f370b308da8c938951a68"
SRC_URI[sha256sum] = "4ff941449631ace0d4d203e3483be9dbc9da454084111f97ea0a2114e19bf066"
CFLAGS += "-D_REENTRANT"
RDEPENDS:${PN}-ptest += "make"
inherit ptest
do_configure() {
LDCONFIG=true ./configure --prefix=${prefix} --shared --libdir=${libdir} --uname=GNU
}
do_compile() {
oe_runmake shared
}
do_install() {
oe_runmake DESTDIR=${D} install
}
do_install_ptest() {
install ${B}/examplesh ${D}${PTEST_PATH}
}
# Move zlib shared libraries for target builds to $base_libdir so the library
# can be used in early boot before $prefix is mounted.
do_install:append:class-target() {
if [ ${base_libdir} != ${libdir} ]
then
mkdir -p ${D}/${base_libdir}
mv ${D}/${libdir}/libz.so.* ${D}/${base_libdir}
libname=`readlink ${D}/${libdir}/libz.so`
ln -sf ${@oe.path.relative("${libdir}", "${base_libdir}")}/$libname ${D}${libdir}/libz.so
fi
}
BBCLASSEXTEND = "native nativesdk"
# this CVE is for cloudflare zlib
CVE_CHECK_IGNORE += "CVE-2023-6992"
Reference in New Issue View Git Blame Copy Permalink