Re: [OE-core] [PATCH][Resend] apt: upgrade to 1.0.9.9
On 2015年05月21日 00:39, Aníbal Limón wrote: Hi Roy, When try to compile your upgrade using qemux86-64 fails with, WARNING: QA Issue: apt rdepends on liblzma, but it isn't a build dependency? [build-deps] WARNING: QA Issue: /usr/bin/apt-cdrom_apt contained in package apt requires libapt-private.so.0.0()(64bit), but no providers found in its RDEPENDS [file-rdeps] ERROR: Unable to update the package index files. Command '['/home/alimon/repos/poky/build-x86-64/tmp/sysroots/x86_64-linux/usr/bin/apt-get', 'update']' returned 127: /home/alimon/repos/poky/build-x86-64/tmp/sysroots/x86_64-linux/usr/bin/apt-get: symbol lookup error: /home/alimon/repos/poky/build-x86-64/tmp/sysroots/x86_64-linux/usr/bin/apt-get: undefined symbol: _Z11InitSignalsv ERROR: Function failed: do_rootfs ERROR: Logfile of failure stored in: /home/alimon/repos/poky/build-x86-64/tmp/work/qemux86_64-poky-linux/core-image-full-cmdline/1.0-r0/temp/log.do_rootfs.15118 ERROR: Task 7 (/home/alimon/repos/poky/meta/recipes-extended/images/core-image-full-cmdline.bb, do_rootfs) failed with exit code '1 Regards, alimon After 0.9.11, libapt-private.so* is installed into bin dir, and apt-get is using the host libapt-private.so*, and not from sysroot. I will install libapt-private.so* into /usr/lib/ of sysroot to fix this issue. ChangLog: - install libapt-private* into the apt binary -Roy On 12/05/15 21:23, rongqing...@windriver.com wrote: From: Roy Li rongqing...@windriver.com Upgrade to fix the several CVEs: CVE-2014-0488, CVE-2014-0490 Remove apt-0.9.9.4-CVE-2014-0478.patch, which was backport. Romve no-ko-translation.patch, apt-1.0.9.9 has ko translation Update use-host.patch no-curl.patch db_linking_hack.patch and noconfigure.patch Not build the test cases since it requires gtest Signed-off-by: Roy Li rongqing...@windriver.com --- .../apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch| 193 - .../apt/apt-0.9.9.4/no-ko-translation.patch| 11 -- .../disable-configure-in-makefile.patch| 0 .../apt/apt-1.0.9.9/disable-test.patch | 58 +++ .../fix-gcc-4.6-null-not-defined.patch | 0 .../{apt-0.9.9.4 = apt-1.0.9.9}/makerace.patch| 0 .../{apt-0.9.9.4 = apt-1.0.9.9}/no-nls-dpkg.patch | 0 .../{apt-0.9.9.4 = apt-1.0.9.9}/noconfigure.patch | 17 +- .../apt/{apt-0.9.9.4 = apt-1.0.9.9}/nodoc.patch | 0 .../truncate-filename.patch| 0 .../{apt-0.9.9.4 = apt-1.0.9.9}/use-host.patch| 6 +- ...apt-native_0.9.9.4.bb = apt-native_1.0.9.9.bb} | 4 +- meta/recipes-devtools/apt/apt.inc | 5 +- .../apt/{apt_0.9.9.4.bb = apt_1.0.9.9.bb} | 4 +- .../apt/files/db_linking_hack.patch| 6 +- meta/recipes-devtools/apt/files/no-curl.patch | 8 +- 16 files changed, 83 insertions(+), 229 deletions(-) delete mode 100644 meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch delete mode 100644 meta/recipes-devtools/apt/apt-0.9.9.4/no-ko-translation.patch rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/disable-configure-in-makefile.patch (100%) create mode 100644 meta/recipes-devtools/apt/apt-1.0.9.9/disable-test.patch rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/fix-gcc-4.6-null-not-defined.patch (100%) rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/makerace.patch (100%) rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/no-nls-dpkg.patch (100%) rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/noconfigure.patch (54%) rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/nodoc.patch (100%) rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/truncate-filename.patch (100%) rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/use-host.patch (84%) rename meta/recipes-devtools/apt/{apt-native_0.9.9.4.bb = apt-native_1.0.9.9.bb} (55%) rename meta/recipes-devtools/apt/{apt_0.9.9.4.bb = apt_1.0.9.9.bb} (74%) diff --git a/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch b/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch deleted file mode 100644 index 79a6897..000 --- a/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch +++ /dev/null @@ -1,193 +0,0 @@ -This patch comes from: -https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=73;filename=apt_0.9.7.9%2Bdeb7u2.debdiff;att=1;bug=749795 - -Upstream-Status: Backport - -Signed-off-by: Wenlin Kang wenlin.k...@windriver.com -Signed-off-by: Chong Lu chong...@windriver.com - -diff -uarN apt-0.9.9.4-org/cmdline/apt-get.cc apt-0.9.9.4/cmdline/apt-get.cc apt-0.9.9.4-org/cmdline/apt-get.cc2014-08-29 15:37:42.587156134 +0800 -+++ apt-0.9.9.4/cmdline/apt-get.cc2014-08-29 15:51:16.672334086 +0800 -@@ -1046,25 +1046,8 @@ -return true; - } - /*}}}*/ --// CheckAuth - check if each download comes form a
Re: [OE-core] [PATCH][Resend] apt: upgrade to 1.0.9.9
Hi Roy, When try to compile your upgrade using qemux86-64 fails with, WARNING: QA Issue: apt rdepends on liblzma, but it isn't a build dependency? [build-deps] WARNING: QA Issue: /usr/bin/apt-cdrom_apt contained in package apt requires libapt-private.so.0.0()(64bit), but no providers found in its RDEPENDS [file-rdeps] ERROR: Unable to update the package index files. Command '['/home/alimon/repos/poky/build-x86-64/tmp/sysroots/x86_64-linux/usr/bin/apt-get', 'update']' returned 127: /home/alimon/repos/poky/build-x86-64/tmp/sysroots/x86_64-linux/usr/bin/apt-get: symbol lookup error: /home/alimon/repos/poky/build-x86-64/tmp/sysroots/x86_64-linux/usr/bin/apt-get: undefined symbol: _Z11InitSignalsv ERROR: Function failed: do_rootfs ERROR: Logfile of failure stored in: /home/alimon/repos/poky/build-x86-64/tmp/work/qemux86_64-poky-linux/core-image-full-cmdline/1.0-r0/temp/log.do_rootfs.15118 ERROR: Task 7 (/home/alimon/repos/poky/meta/recipes-extended/images/core-image-full-cmdline.bb, do_rootfs) failed with exit code '1 Regards, alimon On 12/05/15 21:23, rongqing...@windriver.com wrote: From: Roy Li rongqing...@windriver.com Upgrade to fix the several CVEs: CVE-2014-0488, CVE-2014-0490 Remove apt-0.9.9.4-CVE-2014-0478.patch, which was backport. Romve no-ko-translation.patch, apt-1.0.9.9 has ko translation Update use-host.patch no-curl.patch db_linking_hack.patch and noconfigure.patch Not build the test cases since it requires gtest Signed-off-by: Roy Li rongqing...@windriver.com --- .../apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch| 193 - .../apt/apt-0.9.9.4/no-ko-translation.patch| 11 -- .../disable-configure-in-makefile.patch| 0 .../apt/apt-1.0.9.9/disable-test.patch | 58 +++ .../fix-gcc-4.6-null-not-defined.patch | 0 .../{apt-0.9.9.4 = apt-1.0.9.9}/makerace.patch| 0 .../{apt-0.9.9.4 = apt-1.0.9.9}/no-nls-dpkg.patch | 0 .../{apt-0.9.9.4 = apt-1.0.9.9}/noconfigure.patch | 17 +- .../apt/{apt-0.9.9.4 = apt-1.0.9.9}/nodoc.patch | 0 .../truncate-filename.patch| 0 .../{apt-0.9.9.4 = apt-1.0.9.9}/use-host.patch| 6 +- ...apt-native_0.9.9.4.bb = apt-native_1.0.9.9.bb} | 4 +- meta/recipes-devtools/apt/apt.inc | 5 +- .../apt/{apt_0.9.9.4.bb = apt_1.0.9.9.bb} | 4 +- .../apt/files/db_linking_hack.patch| 6 +- meta/recipes-devtools/apt/files/no-curl.patch | 8 +- 16 files changed, 83 insertions(+), 229 deletions(-) delete mode 100644 meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch delete mode 100644 meta/recipes-devtools/apt/apt-0.9.9.4/no-ko-translation.patch rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/disable-configure-in-makefile.patch (100%) create mode 100644 meta/recipes-devtools/apt/apt-1.0.9.9/disable-test.patch rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/fix-gcc-4.6-null-not-defined.patch (100%) rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/makerace.patch (100%) rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/no-nls-dpkg.patch (100%) rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/noconfigure.patch (54%) rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/nodoc.patch (100%) rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/truncate-filename.patch (100%) rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/use-host.patch (84%) rename meta/recipes-devtools/apt/{apt-native_0.9.9.4.bb = apt-native_1.0.9.9.bb} (55%) rename meta/recipes-devtools/apt/{apt_0.9.9.4.bb = apt_1.0.9.9.bb} (74%) diff --git a/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch b/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch deleted file mode 100644 index 79a6897..000 --- a/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch +++ /dev/null @@ -1,193 +0,0 @@ -This patch comes from: -https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=73;filename=apt_0.9.7.9%2Bdeb7u2.debdiff;att=1;bug=749795 - -Upstream-Status: Backport - -Signed-off-by: Wenlin Kang wenlin.k...@windriver.com -Signed-off-by: Chong Lu chong...@windriver.com - -diff -uarN apt-0.9.9.4-org/cmdline/apt-get.cc apt-0.9.9.4/cmdline/apt-get.cc apt-0.9.9.4-org/cmdline/apt-get.cc 2014-08-29 15:37:42.587156134 +0800 -+++ apt-0.9.9.4/cmdline/apt-get.cc 2014-08-29 15:51:16.672334086 +0800 -@@ -1046,25 +1046,8 @@ -return true; - } - /*}}}*/ --// CheckAuth - check if each download comes form a trusted source /*{{{*/ --// - --/* */ --static bool CheckAuth(pkgAcquire Fetcher) -+static bool AuthPrompt(std::string UntrustedList, bool const PromptUser) - { -- string UntrustedList; -- for
[OE-core] [PATCH][Resend] apt: upgrade to 1.0.9.9
From: Roy Li rongqing...@windriver.com Upgrade to fix the several CVEs: CVE-2014-0488, CVE-2014-0490 Remove apt-0.9.9.4-CVE-2014-0478.patch, which was backport. Romve no-ko-translation.patch, apt-1.0.9.9 has ko translation Update use-host.patch no-curl.patch db_linking_hack.patch and noconfigure.patch Not build the test cases since it requires gtest Signed-off-by: Roy Li rongqing...@windriver.com --- .../apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch| 193 - .../apt/apt-0.9.9.4/no-ko-translation.patch| 11 -- .../disable-configure-in-makefile.patch| 0 .../apt/apt-1.0.9.9/disable-test.patch | 58 +++ .../fix-gcc-4.6-null-not-defined.patch | 0 .../{apt-0.9.9.4 = apt-1.0.9.9}/makerace.patch| 0 .../{apt-0.9.9.4 = apt-1.0.9.9}/no-nls-dpkg.patch | 0 .../{apt-0.9.9.4 = apt-1.0.9.9}/noconfigure.patch | 17 +- .../apt/{apt-0.9.9.4 = apt-1.0.9.9}/nodoc.patch | 0 .../truncate-filename.patch| 0 .../{apt-0.9.9.4 = apt-1.0.9.9}/use-host.patch| 6 +- ...apt-native_0.9.9.4.bb = apt-native_1.0.9.9.bb} | 4 +- meta/recipes-devtools/apt/apt.inc | 5 +- .../apt/{apt_0.9.9.4.bb = apt_1.0.9.9.bb} | 4 +- .../apt/files/db_linking_hack.patch| 6 +- meta/recipes-devtools/apt/files/no-curl.patch | 8 +- 16 files changed, 83 insertions(+), 229 deletions(-) delete mode 100644 meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch delete mode 100644 meta/recipes-devtools/apt/apt-0.9.9.4/no-ko-translation.patch rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/disable-configure-in-makefile.patch (100%) create mode 100644 meta/recipes-devtools/apt/apt-1.0.9.9/disable-test.patch rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/fix-gcc-4.6-null-not-defined.patch (100%) rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/makerace.patch (100%) rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/no-nls-dpkg.patch (100%) rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/noconfigure.patch (54%) rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/nodoc.patch (100%) rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/truncate-filename.patch (100%) rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/use-host.patch (84%) rename meta/recipes-devtools/apt/{apt-native_0.9.9.4.bb = apt-native_1.0.9.9.bb} (55%) rename meta/recipes-devtools/apt/{apt_0.9.9.4.bb = apt_1.0.9.9.bb} (74%) diff --git a/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch b/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch deleted file mode 100644 index 79a6897..000 --- a/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch +++ /dev/null @@ -1,193 +0,0 @@ -This patch comes from: -https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=73;filename=apt_0.9.7.9%2Bdeb7u2.debdiff;att=1;bug=749795 - -Upstream-Status: Backport - -Signed-off-by: Wenlin Kang wenlin.k...@windriver.com -Signed-off-by: Chong Lu chong...@windriver.com - -diff -uarN apt-0.9.9.4-org/cmdline/apt-get.cc apt-0.9.9.4/cmdline/apt-get.cc apt-0.9.9.4-org/cmdline/apt-get.cc 2014-08-29 15:37:42.587156134 +0800 -+++ apt-0.9.9.4/cmdline/apt-get.cc 2014-08-29 15:51:16.672334086 +0800 -@@ -1046,25 +1046,8 @@ -return true; - } - /*}}}*/ --// CheckAuth - check if each download comes form a trusted source /*{{{*/ --// - --/* */ --static bool CheckAuth(pkgAcquire Fetcher) -+static bool AuthPrompt(std::string UntrustedList, bool const PromptUser) - { -- string UntrustedList; -- for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin(); I Fetcher.ItemsEnd(); ++I) -- { -- if (!(*I)-IsTrusted()) -- { -- UntrustedList += string((*I)-ShortDesc()) + ; -- } -- } -- -- if (UntrustedList == ) -- { -- return true; -- } -- -ShowList(c2out,_(WARNING: The following packages cannot be authenticated!),UntrustedList,); - -if (_config-FindB(APT::Get::AllowUnauthenticated,false) == true) -@@ -1073,6 +1056,9 @@ - return true; -} - -+ if (PromptUser == false) -+ return _error-Error(_(Some packages could not be authenticated)); -+ -if (_config-FindI(quiet,0) 2 - _config-FindB(APT::Get::Assume-Yes,false) == false) -{ -@@ -1090,6 +1076,28 @@ -return _error-Error(_(There are problems and -y was used without --force-yes)); - } - /*}}}*/ -+// CheckAuth - check if each download comes form a trusted source /*{{{*/ -+// - -+/* */ -+static bool CheckAuth(pkgAcquire Fetcher, bool PromptUser=true) -+{ -+ string