mirror of
https://git.yoctoproject.org/poky
synced 2026-03-11 01:39:40 +01:00
4ebaec2ca3
CVE-2024-37535: GNOME VTE before 0.76.3 allows an attacker to cause a denial of service (memory consumption) via a window resize escape sequence, a related issue to CVE-2000-0476. Reference: [https://nvd.nist.gov/vuln/detail/CVE-2024-37535] Upstream patches: [036bc3ddcb] [c313849c2e] (From OE-Core rev: 132a5168b125d6f4fb9391d982bc64d73429ab8f) Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
68 lines
2.3 KiB
BlitzBasic
68 lines
2.3 KiB
BlitzBasic
SUMMARY = "Virtual terminal emulator GTK+ widget library"
|
|
DESCRIPTION = "VTE provides a virtual terminal widget for GTK applications."
|
|
HOMEPAGE = "https://wiki.gnome.org/Apps/Terminal/VTE"
|
|
BUGTRACKER = "https://bugzilla.gnome.org/buglist.cgi?product=vte"
|
|
LICENSE = "GPL-3.0-only & LGPL-3.0-or-later & MIT"
|
|
LICENSE:libvte = "LGPL-3.0-or-later"
|
|
|
|
LIC_FILES_CHKSUM = " \
|
|
file://COPYING.GPL3;md5=cc702cf3444d1f19680c794cc61948f9 \
|
|
file://COPYING.LGPL3;md5=b52f2d57d10c4f7ee67a7eb9615d5d24 \
|
|
file://COPYING.XTERM;md5=d7fc3a23c16c039afafe2e042030f057 \
|
|
"
|
|
|
|
DEPENDS = "glib-2.0 gtk+3 libpcre2 libxml2-native gperf-native icu"
|
|
|
|
GNOMEBASEBUILDCLASS = "meson"
|
|
GIR_MESON_OPTION = 'gir'
|
|
|
|
inherit gnomebase gtk-doc features_check upstream-version-is-even gobject-introspection
|
|
|
|
# vapigen.m4 is required when vala is not present (but the one from vala should be used normally)
|
|
SRC_URI += " \
|
|
file://0001-Add-W_EXITCODE-macro-for-non-glibc-systems.patch \
|
|
file://0001-Makefile.docs-correctly-substitute-gtkdoc-qemu-wrapp.patch \
|
|
file://CVE-2024-37535-0001.patch \
|
|
file://CVE-2024-37535-0002.patch \
|
|
"
|
|
|
|
SRC_URI[archive.sha256sum] = "e89974673a72a0a06edac6d17830b82bb124decf0cb3b52cebc92ec3ff04d976"
|
|
|
|
ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}"
|
|
|
|
# Instead of "inherit vala" we do the relevant settings here so we can
|
|
# set DEPENDS based on PACKAGECONFIG.
|
|
|
|
# Our patched version of Vala looks in STAGING_DATADIR for .vapi files
|
|
export STAGING_DATADIR
|
|
# Upstream Vala >= 0.11 looks in XDG_DATA_DIRS for .vapi files
|
|
export XDG_DATA_DIRS = "${STAGING_DATADIR}"
|
|
|
|
# Help g-ir-scanner find the .so for linking
|
|
do_compile:prepend() {
|
|
export GIR_EXTRA_LIBS_PATH="${B}/src/.libs"
|
|
}
|
|
|
|
# Package additional files
|
|
FILES:${PN}-dev += "${datadir}/vala/vapi/*"
|
|
|
|
PACKAGECONFIG ??= "gnutls"
|
|
PACKAGECONFIG[vala] = "-Dvapi=true,-Dvapi=false,vala-native vala"
|
|
PACKAGECONFIG[gnutls] = "-Dgnutls=true,-Dgnutls=false,gnutls"
|
|
PACKAGECONFIG[systemd] = "-D_systemd=true,-D_systemd=false,systemd"
|
|
# vala requires gir
|
|
PACKAGECONFIG:remove:class-native = "vala"
|
|
|
|
CFLAGS += "-D_GNU_SOURCE"
|
|
|
|
PACKAGES =+ "libvte ${PN}-prompt"
|
|
FILES:libvte = "${libdir}/*.so.* ${libdir}/girepository-1.0/*"
|
|
FILES:${PN}-prompt = " \
|
|
${sysconfdir}/profile.d \
|
|
${libexecdir}/vte-urlencode-cwd \
|
|
"
|
|
|
|
FILES:${PN}-dev += "${datadir}/glade/"
|
|
|
|
BBCLASSEXTEND = "native nativesdk"
|