mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-07-16 04:17:25 +00:00
yasm: update to latest git revision
Last tag is from 2014, but bugfixing continued and last commit is from year 2024. Additional 87 commits are present, mostly bugfixes. PV already has "+git" although it was exactly on tag, no edit needed. Drop 3 patches which are included in current git version. Add CVE_STATUS for 2 CVEs from those patches. Also mark one additional CVE as fixed: CVE-2021-33454. Stack trace from https://github.com/yasm/yasm/issues/166 References the same line of code as corrected in https://github.com/yasm/yasm/pull/244 Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
@@ -8,12 +8,9 @@ DEPENDS += "flex-native bison-native"
|
||||
PACKAGECONFIG[docs] = ",,xmlto-native,"
|
||||
|
||||
PV = "1.3.0+git"
|
||||
# v1.3.0
|
||||
SRCREV = "ba463d3c26c0ece2e797b8d6381b161633b5971a"
|
||||
# v1.3.0-87
|
||||
SRCREV = "121ab150b3577b666c79a79f4a511798d7ad2432"
|
||||
SRC_URI = "git://github.com/yasm/yasm.git;branch=master;protocol=https \
|
||||
file://0001-Do-not-use-AC_HEADER_STDC.patch \
|
||||
file://CVE-2023-31975.patch \
|
||||
file://CVE-2023-37732.patch \
|
||||
file://0001-yasm-Set-build-date-to-SOURCE_DATE_EPOCH.patch \
|
||||
file://0002-yasm-Use-BUILD_DATE-for-reproducibility.patch \
|
||||
"
|
||||
@@ -33,3 +30,6 @@ do_configure:prepend() {
|
||||
sed -i -e "s/^echo \"\/\* generated \$ac_cv_stdint_message \*\/\" >>\$ac_stdint$"// ${S}/m4/ax_create_stdint_h.m4
|
||||
}
|
||||
|
||||
CVE_STATUS_GROUPS += "CVE_STATUS_HASH_UPDATE"
|
||||
CVE_STATUS_HASH_UPDATE = "CVE-2021-33454 CVE-2023-31975 CVE-2023-37732"
|
||||
CVE_STATUS_HASH_UPDATE[status] = "fixed-version: patched in current git hash"
|
||||
|
||||
Reference in New Issue
Block a user