mirror of
https://github.com/openembedded/meta-openembedded.git
synced 2026-06-14 05:49:57 +00:00
Soumya
7f5ded2c88
Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c
and /elf/elf.c, which allows the attacker to cause a denial of service via a
crafted file.
References:
https://github.com/yasm/yasm/issues/233
https://nvd.nist.gov/vuln/detail/CVE-2023-37732
Signed-off-by: Soumya <soumya.sambu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 41fffef6b0)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
32 lines
953 B
BlitzBasic
32 lines
953 B
BlitzBasic
SUMMARY = "x86 (SSE) assembler supporting NASM and GAS-syntaxes"
|
|
LICENSE = "MIT"
|
|
HOMEPAGE = "http://www.tortall.net/projects/yasm/"
|
|
|
|
LIC_FILES_CHKSUM = "file://COPYING;md5=a12d8903508fb6bfd49d8d82c6170dd9"
|
|
|
|
DEPENDS += "flex-native bison-native xmlto-native"
|
|
|
|
PV = "1.3.0+git${SRCPV}"
|
|
# v1.3.0
|
|
SRCREV = "ba463d3c26c0ece2e797b8d6381b161633b5971a"
|
|
SRC_URI = "git://github.com/yasm/yasm.git;branch=master;protocol=https \
|
|
file://0001-Do-not-use-AC_HEADER_STDC.patch \
|
|
file://CVE-2023-31975.patch \
|
|
file://CVE-2023-37732.patch \
|
|
"
|
|
|
|
S = "${WORKDIR}/git"
|
|
|
|
inherit autotools gettext python3native
|
|
|
|
CACHED_CONFIGUREVARS = "CCLD_FOR_BUILD='${CC_FOR_BUILD}'"
|
|
|
|
BBCLASSEXTEND = "native"
|
|
|
|
PARALLEL_MAKE = ""
|
|
|
|
do_configure:prepend() {
|
|
# Don't include $CC (which includes path to sysroot) in generated header.
|
|
sed -i -e "s/^echo \"\/\* generated \$ac_cv_stdint_message \*\/\" >>\$ac_stdint$"// ${S}/m4/ax_create_stdint_h.m4
|
|
}
|