mirror of
https://git.yoctoproject.org/poky
synced 2026-02-26 11:29:40 +01:00
It was discovered that the patch for CVE-2014-0191 for libxml2 is
incomplete. It is still possible to have libxml2 incorrectly perform
entity substituton even when the application using libxml2 explicitly
disables the feature. This can allow a remote denial-of-service attack on
systems with libxml2 prior to 2.9.2.
References:
http://www.openwall.com/lists/oss-security/2014/10/17/7
https://www.ncsc.nl/actueel/nieuwsberichten/kwetsbaarheid-ontdekt-in-libxml2.html
(From OE-Core rev: 643597a5c432b2e02033d0cefa3ba4da980d078f)
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
78 lines
3.3 KiB
PHP
78 lines
3.3 KiB
PHP
SUMMARY = "XML C Parser Library and Toolkit"
|
|
DESCRIPTION = "The XML Parser Library allows for manipulation of XML files. Libxml2 exports Push and Pull type parser interfaces for both XML and HTML. It can do DTD validation at parse time, on a parsed document instance or with an arbitrary DTD. Libxml2 includes complete XPath, XPointer and Xinclude implementations. It also has a SAX like interface, which is designed to be compatible with Expat."
|
|
HOMEPAGE = "http://www.xmlsoft.org/"
|
|
BUGTRACKER = "http://bugzilla.gnome.org/buglist.cgi?product=libxml2"
|
|
SECTION = "libs"
|
|
LICENSE = "MIT"
|
|
LIC_FILES_CHKSUM = "file://Copyright;md5=2044417e2e5006b65a8b9067b683fcf1 \
|
|
file://hash.c;beginline=6;endline=15;md5=96f7296605eae807670fb08947829969 \
|
|
file://list.c;beginline=4;endline=13;md5=cdbfa3dee51c099edb04e39f762ee907 \
|
|
file://trio.c;beginline=5;endline=14;md5=6c025753c86d958722ec76e94cae932e"
|
|
|
|
DEPENDS_class-nativesdk = "nativesdk-python"
|
|
DEPENDS_class-native = "python-native"
|
|
DEPENDS =+ "zlib"
|
|
|
|
SRC_URI = "ftp://xmlsoft.org/libxml2/libxml2-${PV}.tar.gz;name=libtar \
|
|
file://libxml-64bit.patch \
|
|
file://ansidecl.patch \
|
|
file://runtest.patch \
|
|
file://run-ptest \
|
|
file://libxml2-CVE-2014-0191-fix.patch \
|
|
file://python-sitepackages-dir.patch \
|
|
file://libxml-m4-use-pkgconfig.patch \
|
|
file://libxml2-CVE-2014-3660.patch \
|
|
"
|
|
|
|
BINCONFIG = "${bindir}/xml2-config"
|
|
|
|
inherit autotools pkgconfig binconfig-disabled pythonnative ptest
|
|
|
|
RDEPENDS_${PN}-ptest += "python-core"
|
|
|
|
RDEPENDS_${PN}-ptest_append_libc-glibc += "glibc-gconv-ebcdic-us glibc-gconv-ibm1141"
|
|
|
|
# We don't DEPEND on binutils for ansidecl.h so ensure we don't use the header
|
|
do_configure_prepend () {
|
|
sed -i -e '/.*ansidecl.h.*/d' ${S}/configure.in
|
|
}
|
|
|
|
do_configure_prepend_class-nativesdk () {
|
|
# Ensure we get the correct site-packages path
|
|
export PYTHON_SITE_PACKAGES="${PYTHON_SITEPACKAGES_DIR}"
|
|
}
|
|
|
|
# WARNING: zlib is require for RPM use
|
|
EXTRA_OECONF = "--without-python --without-debug --without-legacy --with-catalog --without-docbook --with-c14n --without-lzma --with-fexceptions"
|
|
EXTRA_OECONF_class-native = "--with-python=${STAGING_BINDIR}/python --without-legacy --without-docbook --with-c14n --without-lzma --with-zlib"
|
|
EXTRA_OECONF_class-nativesdk = "--with-python=${STAGING_BINDIR}/python --without-legacy --without-docbook --with-c14n --without-lzma --with-zlib"
|
|
EXTRA_OECONF_linuxstdbase = "--without-python --with-debug --with-legacy --with-docbook --with-c14n --without-lzma --with-zlib"
|
|
|
|
# required for pythong binding
|
|
export HOST_SYS
|
|
export BUILD_SYS
|
|
export STAGING_LIBDIR
|
|
export STAGING_INCDIR
|
|
|
|
export LDFLAGS += "-ldl"
|
|
|
|
python populate_packages_prepend () {
|
|
# autonamer would call this libxml2-2, but we don't want that
|
|
if d.getVar('DEBIAN_NAMES', True):
|
|
d.setVar('PKG_libxml2', '${MLPREFIX}libxml2')
|
|
}
|
|
|
|
PACKAGES += "${PN}-utils ${PN}-python"
|
|
|
|
FILES_${PN}-dbg += "${PYTHON_SITEPACKAGES_DIR}/.debug"
|
|
FILES_${PN}-staticdev += "${PYTHON_SITEPACKAGES_DIR}/*.a"
|
|
FILES_${PN}-dev += "${libdir}/xml2Conf.sh"
|
|
FILES_${PN}-utils += "${bindir}/*"
|
|
FILES_${PN}-python += "${PYTHON_SITEPACKAGES_DIR}"
|
|
|
|
do_install_ptest () {
|
|
cp -r ${WORKDIR}/xmlconf ${D}${PTEST_PATH}
|
|
}
|
|
|
|
BBCLASSEXTEND = "native nativesdk"
|