mirror of
https://git.yoctoproject.org/poky
synced 2026-02-07 17:26:36 +01:00
4f9e22bd67
CVE:CVE-2023-40030
This converts the feature name validation check from a warning to an error
Upstream-Status: Backport from 9835622853
Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-40030
(From OE-Core rev: c55e8f8b1971cc9f311b6a18a34c4c34f732177a)
Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
21 lines
980 B
PHP
21 lines
980 B
PHP
RUST_VERSION ?= "${@d.getVar('PV').split('-')[0]}"
|
|
|
|
SRC_URI += "https://static.rust-lang.org/dist/rustc-${RUST_VERSION}-src.tar.xz;name=rust \
|
|
file://hardcodepaths.patch;patchdir=${RUSTSRC} \
|
|
file://getrandom-open64.patch;patchdir=${RUSTSRC} \
|
|
file://0001-Do-not-use-LFS64-on-linux-with-musl.patch;patchdir=${RUSTSRC} \
|
|
file://zlib-off64_t.patch;patchdir=${RUSTSRC} \
|
|
file://0001-musl-Define-SOCK_SEQPACKET-in-common-place.patch;patchdir=${RUSTSRC} \
|
|
file://bootstrap_fail.patch;patchdir=${RUSTSRC} \
|
|
file://0002-CVE-2023-40030.patch;patchdir=${RUSTSRC} \
|
|
"
|
|
SRC_URI[rust.sha256sum] = "bb8e9c564566b2d3228d95de9063a9254182446a161353f1d843bfbaf5c34639"
|
|
|
|
RUSTSRC = "${WORKDIR}/rustc-${RUST_VERSION}-src"
|
|
|
|
# Used by crossbeam_atomic.patch
|
|
export TARGET_VENDOR
|
|
|
|
UPSTREAM_CHECK_URI = "https://forge.rust-lang.org/infra/other-installation-methods.html"
|
|
UPSTREAM_CHECK_REGEX = "rustc-(?P<pver>\d+(\.\d+)+)-src"
|