[OE-core] [PATCH 1/7] gnupg: Update to 2.0.20

[Saul Wold]

Removed obsolete patch

Signed-off-by: Saul Wold <s...@linux.intel.com>
---
 .../gnupg/gnupg-2.0.19/GnuPG2-CVE-2012-6085.patch  | 63 ----------------------
 .../gnupg/{gnupg_2.0.19.bb => gnupg_2.0.20.bb}     |  8 ++-
 2 files changed, 3 insertions(+), 68 deletions(-)
 delete mode 100644 
meta/recipes-support/gnupg/gnupg-2.0.19/GnuPG2-CVE-2012-6085.patch
 rename meta/recipes-support/gnupg/{gnupg_2.0.19.bb => gnupg_2.0.20.bb} (80%)

diff --git a/meta/recipes-support/gnupg/gnupg-2.0.19/GnuPG2-CVE-2012-6085.patch 
b/meta/recipes-support/gnupg/gnupg-2.0.19/GnuPG2-CVE-2012-6085.patch
deleted file mode 100644
index 64c3034..0000000
--- a/meta/recipes-support/gnupg/gnupg-2.0.19/GnuPG2-CVE-2012-6085.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-commit 498882296ffac7987c644aaf2a0aa108a2925471
-Author: Werner Koch <w...@gnupg.org>
-Date:   Thu Dec 20 09:43:41 2012 +0100
-
-    gpg: Import only packets which are allowed in a keyblock.
-    
-    * g10/import.c (valid_keyblock_packet): New.
-    (read_block): Store only valid packets.
-    --
-    
-    A corrupted key, which for example included a mangled public key
-    encrypted packet, used to corrupt the keyring.  This change skips all
-    packets which are not allowed in a keyblock.
-    
-    GnuPG-bug-id: 1455
-    
-    (cherry-picked from commit 3a4b96e665fa639772854058737ee3d54ba0694e)
-
-Upstream-Status: Backport
-
-Signed-off-by: Saul Wold <s...@linux.intel.com>
-
-diff --git a/g10/import.c b/g10/import.c
-index ba2439d..ad112d6 100644
---- a/g10/import.c
-+++ b/g10/import.c
-@@ -347,6 +347,27 @@ import_print_stats (void *hd)
- }
- 
- 
-+/* Return true if PKTTYPE is valid in a keyblock.  */
-+static int
-+valid_keyblock_packet (int pkttype)
-+{
-+  switch (pkttype)
-+    {
-+    case PKT_PUBLIC_KEY:
-+    case PKT_PUBLIC_SUBKEY:
-+    case PKT_SECRET_KEY:
-+    case PKT_SECRET_SUBKEY:
-+    case PKT_SIGNATURE:
-+    case PKT_USER_ID:
-+    case PKT_ATTRIBUTE:
-+    case PKT_RING_TRUST:
-+      return 1;
-+    default:
-+      return 0;
-+    }
-+}
-+
-+
- /****************
-  * Read the next keyblock from stream A.
-  * PENDING_PKT should be initialzed to NULL
-@@ -424,7 +445,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE 
*ret_root )
-           }
-           in_cert = 1;
-         default:
--          if( in_cert ) {
-+          if (in_cert && valid_keyblock_packet (pkt->pkttype)) {
-               if( !root )
-                   root = new_kbnode( pkt );
-               else
diff --git a/meta/recipes-support/gnupg/gnupg_2.0.19.bb 
b/meta/recipes-support/gnupg/gnupg_2.0.20.bb
similarity index 80%
rename from meta/recipes-support/gnupg/gnupg_2.0.19.bb
rename to meta/recipes-support/gnupg/gnupg_2.0.20.bb
index 593250a..87acd00 100644
--- a/meta/recipes-support/gnupg/gnupg_2.0.19.bb
+++ b/meta/recipes-support/gnupg/gnupg_2.0.20.bb
@@ -7,15 +7,13 @@ LIC_FILES_CHKSUM = 
"file://COPYING;md5=f27defe1e96c2e1ecd4e0c9be8967949 \
 DEPENDS = "${PTH} libassuan libksba zlib bzip2 readline libgcrypt"
 PTH = "pth"
 PTH_libc-uclibc = "npth"
-PR = "r5"
 
 inherit autotools gettext
 
-SRC_URI = "ftp://ftp.gnupg.org/gcrypt/${BPN}/${BPN}-${PV}.tar.bz2 \
-           file://GnuPG2-CVE-2012-6085.patch"
+SRC_URI = "ftp://ftp.gnupg.org/gcrypt/${BPN}/${BPN}-${PV}.tar.bz2";
 
-SRC_URI[md5sum] = "6a8589381ca1b0c1a921e9955f42b016"
-SRC_URI[sha256sum] = 
"efa23a8a925adb51c7d3b708c25b6d000300f5ce37de9bdec6453be7b419c622"
+SRC_URI[md5sum] = "9d18ee71bb0b10d40d1c8a393bdd7a89"
+SRC_URI[sha256sum] = 
"6e949b7f062cab8a3cf0910f91ecf04cabaad458c0aeeec66298651b8b04b79a"
 
 EXTRA_OECONF = "--disable-ldap \
                --disable-ccid-driver \
-- 
1.8.1.4

_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core