mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-05-07 05:10:20 +00:00
Gyorgy Sarvari
dc2c6a514e
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-57822 https://nvd.nist.gov/vuln/detail/CVE-2024-57823 Pick the patches mentioned in the github issue[1] mentioned in the NVD advisories (both of them are covered by the same issue) [1]: https://github.com/dajobe/raptor/issues/70 Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
29 lines
1006 B
BlitzBasic
29 lines
1006 B
BlitzBasic
SUMMARY = "Library for parsing and serializing RDF syntaxes"
|
|
LICENSE = "GPL-2.0-only | LGPL-2.1-only | Apache-2.0"
|
|
LIC_FILES_CHKSUM = " \
|
|
file://LICENSE.txt;md5=f7fed8b6ab9289b77f5c14f3f79572cc \
|
|
file://COPYING;md5=751419260aa954499f7abaabaa882bbe \
|
|
file://COPYING.LIB;md5=2d5025d4aa3495befef8f17206a5b0a1 \
|
|
file://LICENSE-2.0.txt;md5=3b83ef96387f14655fc854ddc3c6bd57 \
|
|
"
|
|
|
|
DEPENDS = "bison-native flex-native libxml2 libxslt curl yajl"
|
|
|
|
SRC_URI = " \
|
|
http://download.librdf.org/source/${BPN}-${PV}.tar.gz \
|
|
file://0001-Remove-the-access-to-entities-checked-private-symbol.patch \
|
|
file://raptor-2.0.16-dont_use_curl-config.patch \
|
|
file://CVE-2024-57822.patch \
|
|
file://CVE-2024-57823.patch \
|
|
"
|
|
SRC_URI[sha256sum] = "089db78d7ac982354bdbf39d973baf09581e6904ac4c92a98c5caadb3de44680"
|
|
|
|
inherit autotools pkgconfig gtk-doc perlnative
|
|
|
|
EXTRA_OECONF = " \
|
|
--without-xml2-config \
|
|
--without-xslt-config \
|
|
"
|
|
|
|
CVE_PRODUCT = "librdf:raptor_rdf_syntax_library librdf:raptor"
|