Re: [OE-core] [PATCH][Resend] apt: upgrade to 1.0.9.9
On 2015年05月21日 00:39, Aníbal Limón wrote:
Hi Roy,
When try to compile your upgrade using qemux86-64 fails with,
WARNING: QA Issue: apt rdepends on liblzma, but it isn't a build
dependency? [build-deps]
WARNING: QA Issue: /usr/bin/apt-cdrom_apt contained in package apt
requires libapt-private.so.0.0()(64bit), but no providers found in its
RDEPENDS [file-rdeps]
ERROR: Unable to update the package index files. Command
'['/home/alimon/repos/poky/build-x86-64/tmp/sysroots/x86_64-linux/usr/bin/apt-get',
'update']' returned 127:
/home/alimon/repos/poky/build-x86-64/tmp/sysroots/x86_64-linux/usr/bin/apt-get:
symbol lookup error:
/home/alimon/repos/poky/build-x86-64/tmp/sysroots/x86_64-linux/usr/bin/apt-get:
undefined symbol: _Z11InitSignalsv
ERROR: Function failed: do_rootfs
ERROR: Logfile of failure stored in:
/home/alimon/repos/poky/build-x86-64/tmp/work/qemux86_64-poky-linux/core-image-full-cmdline/1.0-r0/temp/log.do_rootfs.15118
ERROR: Task 7
(/home/alimon/repos/poky/meta/recipes-extended/images/core-image-full-cmdline.bb,
do_rootfs) failed with exit code '1
Regards,
alimon
After 0.9.11, libapt-private.so* is installed into bin dir, and apt-get
is using the host libapt-private.so*, and not from sysroot.
I will install libapt-private.so* into /usr/lib/ of sysroot to fix this
issue.
ChangLog:
- install libapt-private* into the apt binary
-Roy
On 12/05/15 21:23, rongqing...@windriver.com wrote:
From: Roy Li rongqing...@windriver.com
Upgrade to fix the several CVEs: CVE-2014-0488, CVE-2014-0490
Remove apt-0.9.9.4-CVE-2014-0478.patch, which was backport.
Romve no-ko-translation.patch, apt-1.0.9.9 has ko translation
Update use-host.patch no-curl.patch db_linking_hack.patch and
noconfigure.patch
Not build the test cases since it requires gtest
Signed-off-by: Roy Li rongqing...@windriver.com
---
.../apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch| 193
-
.../apt/apt-0.9.9.4/no-ko-translation.patch| 11 --
.../disable-configure-in-makefile.patch| 0
.../apt/apt-1.0.9.9/disable-test.patch | 58 +++
.../fix-gcc-4.6-null-not-defined.patch | 0
.../{apt-0.9.9.4 = apt-1.0.9.9}/makerace.patch| 0
.../{apt-0.9.9.4 = apt-1.0.9.9}/no-nls-dpkg.patch | 0
.../{apt-0.9.9.4 = apt-1.0.9.9}/noconfigure.patch | 17 +-
.../apt/{apt-0.9.9.4 = apt-1.0.9.9}/nodoc.patch | 0
.../truncate-filename.patch| 0
.../{apt-0.9.9.4 = apt-1.0.9.9}/use-host.patch| 6 +-
...apt-native_0.9.9.4.bb = apt-native_1.0.9.9.bb} | 4 +-
meta/recipes-devtools/apt/apt.inc | 5 +-
.../apt/{apt_0.9.9.4.bb = apt_1.0.9.9.bb} | 4 +-
.../apt/files/db_linking_hack.patch| 6 +-
meta/recipes-devtools/apt/files/no-curl.patch | 8 +-
16 files changed, 83 insertions(+), 229 deletions(-)
delete mode 100644
meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch
delete mode 100644
meta/recipes-devtools/apt/apt-0.9.9.4/no-ko-translation.patch
rename meta/recipes-devtools/apt/{apt-0.9.9.4 =
apt-1.0.9.9}/disable-configure-in-makefile.patch (100%)
create mode 100644
meta/recipes-devtools/apt/apt-1.0.9.9/disable-test.patch
rename meta/recipes-devtools/apt/{apt-0.9.9.4 =
apt-1.0.9.9}/fix-gcc-4.6-null-not-defined.patch (100%)
rename meta/recipes-devtools/apt/{apt-0.9.9.4 =
apt-1.0.9.9}/makerace.patch (100%)
rename meta/recipes-devtools/apt/{apt-0.9.9.4 =
apt-1.0.9.9}/no-nls-dpkg.patch (100%)
rename meta/recipes-devtools/apt/{apt-0.9.9.4 =
apt-1.0.9.9}/noconfigure.patch (54%)
rename meta/recipes-devtools/apt/{apt-0.9.9.4 =
apt-1.0.9.9}/nodoc.patch (100%)
rename meta/recipes-devtools/apt/{apt-0.9.9.4 =
apt-1.0.9.9}/truncate-filename.patch (100%)
rename meta/recipes-devtools/apt/{apt-0.9.9.4 =
apt-1.0.9.9}/use-host.patch (84%)
rename meta/recipes-devtools/apt/{apt-native_0.9.9.4.bb =
apt-native_1.0.9.9.bb} (55%)
rename meta/recipes-devtools/apt/{apt_0.9.9.4.bb = apt_1.0.9.9.bb}
(74%)
diff --git
a/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch
b/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch
deleted file mode 100644
index 79a6897..000
---
a/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch
+++ /dev/null
@@ -1,193 +0,0 @@
-This patch comes from:
-https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=73;filename=apt_0.9.7.9%2Bdeb7u2.debdiff;att=1;bug=749795
-
-Upstream-Status: Backport
-
-Signed-off-by: Wenlin Kang wenlin.k...@windriver.com
-Signed-off-by: Chong Lu chong...@windriver.com
-
-diff -uarN apt-0.9.9.4-org/cmdline/apt-get.cc
apt-0.9.9.4/cmdline/apt-get.cc
apt-0.9.9.4-org/cmdline/apt-get.cc2014-08-29
15:37:42.587156134 +0800
-+++ apt-0.9.9.4/cmdline/apt-get.cc2014-08-29 15:51:16.672334086
+0800
-@@ -1046,25 +1046,8 @@
-return true;
- }
- /*}}}*/
--// CheckAuth - check if each download comes form a
Re: [OE-core] [PATCH][Resend] apt: upgrade to 1.0.9.9
Hi Roy,
When try to compile your upgrade using qemux86-64 fails with,
WARNING: QA Issue: apt rdepends on liblzma, but it isn't a build
dependency? [build-deps]
WARNING: QA Issue: /usr/bin/apt-cdrom_apt contained in package apt
requires libapt-private.so.0.0()(64bit), but no providers found in its
RDEPENDS [file-rdeps]
ERROR: Unable to update the package index files. Command
'['/home/alimon/repos/poky/build-x86-64/tmp/sysroots/x86_64-linux/usr/bin/apt-get',
'update']' returned 127:
/home/alimon/repos/poky/build-x86-64/tmp/sysroots/x86_64-linux/usr/bin/apt-get:
symbol lookup error:
/home/alimon/repos/poky/build-x86-64/tmp/sysroots/x86_64-linux/usr/bin/apt-get:
undefined symbol: _Z11InitSignalsv
ERROR: Function failed: do_rootfs
ERROR: Logfile of failure stored in:
/home/alimon/repos/poky/build-x86-64/tmp/work/qemux86_64-poky-linux/core-image-full-cmdline/1.0-r0/temp/log.do_rootfs.15118
ERROR: Task 7
(/home/alimon/repos/poky/meta/recipes-extended/images/core-image-full-cmdline.bb,
do_rootfs) failed with exit code '1
Regards,
alimon
On 12/05/15 21:23, rongqing...@windriver.com wrote:
From: Roy Li rongqing...@windriver.com
Upgrade to fix the several CVEs: CVE-2014-0488, CVE-2014-0490
Remove apt-0.9.9.4-CVE-2014-0478.patch, which was backport.
Romve no-ko-translation.patch, apt-1.0.9.9 has ko translation
Update use-host.patch no-curl.patch db_linking_hack.patch and
noconfigure.patch
Not build the test cases since it requires gtest
Signed-off-by: Roy Li rongqing...@windriver.com
---
.../apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch| 193 -
.../apt/apt-0.9.9.4/no-ko-translation.patch| 11 --
.../disable-configure-in-makefile.patch| 0
.../apt/apt-1.0.9.9/disable-test.patch | 58 +++
.../fix-gcc-4.6-null-not-defined.patch | 0
.../{apt-0.9.9.4 = apt-1.0.9.9}/makerace.patch| 0
.../{apt-0.9.9.4 = apt-1.0.9.9}/no-nls-dpkg.patch | 0
.../{apt-0.9.9.4 = apt-1.0.9.9}/noconfigure.patch | 17 +-
.../apt/{apt-0.9.9.4 = apt-1.0.9.9}/nodoc.patch | 0
.../truncate-filename.patch| 0
.../{apt-0.9.9.4 = apt-1.0.9.9}/use-host.patch| 6 +-
...apt-native_0.9.9.4.bb = apt-native_1.0.9.9.bb} | 4 +-
meta/recipes-devtools/apt/apt.inc | 5 +-
.../apt/{apt_0.9.9.4.bb = apt_1.0.9.9.bb} | 4 +-
.../apt/files/db_linking_hack.patch| 6 +-
meta/recipes-devtools/apt/files/no-curl.patch | 8 +-
16 files changed, 83 insertions(+), 229 deletions(-)
delete mode 100644
meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch
delete mode 100644
meta/recipes-devtools/apt/apt-0.9.9.4/no-ko-translation.patch
rename meta/recipes-devtools/apt/{apt-0.9.9.4 =
apt-1.0.9.9}/disable-configure-in-makefile.patch (100%)
create mode 100644 meta/recipes-devtools/apt/apt-1.0.9.9/disable-test.patch
rename meta/recipes-devtools/apt/{apt-0.9.9.4 =
apt-1.0.9.9}/fix-gcc-4.6-null-not-defined.patch (100%)
rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/makerace.patch
(100%)
rename meta/recipes-devtools/apt/{apt-0.9.9.4 =
apt-1.0.9.9}/no-nls-dpkg.patch (100%)
rename meta/recipes-devtools/apt/{apt-0.9.9.4 =
apt-1.0.9.9}/noconfigure.patch (54%)
rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/nodoc.patch
(100%)
rename meta/recipes-devtools/apt/{apt-0.9.9.4 =
apt-1.0.9.9}/truncate-filename.patch (100%)
rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/use-host.patch
(84%)
rename meta/recipes-devtools/apt/{apt-native_0.9.9.4.bb =
apt-native_1.0.9.9.bb} (55%)
rename meta/recipes-devtools/apt/{apt_0.9.9.4.bb = apt_1.0.9.9.bb} (74%)
diff --git
a/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch
b/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch
deleted file mode 100644
index 79a6897..000
--- a/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch
+++ /dev/null
@@ -1,193 +0,0 @@
-This patch comes from:
-https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=73;filename=apt_0.9.7.9%2Bdeb7u2.debdiff;att=1;bug=749795
-
-Upstream-Status: Backport
-
-Signed-off-by: Wenlin Kang wenlin.k...@windriver.com
-Signed-off-by: Chong Lu chong...@windriver.com
-
-diff -uarN apt-0.9.9.4-org/cmdline/apt-get.cc apt-0.9.9.4/cmdline/apt-get.cc
apt-0.9.9.4-org/cmdline/apt-get.cc 2014-08-29 15:37:42.587156134 +0800
-+++ apt-0.9.9.4/cmdline/apt-get.cc 2014-08-29 15:51:16.672334086 +0800
-@@ -1046,25 +1046,8 @@
-return true;
- }
- /*}}}*/
--// CheckAuth - check if each download comes form a trusted source /*{{{*/
--// -
--/* */
--static bool CheckAuth(pkgAcquire Fetcher)
-+static bool AuthPrompt(std::string UntrustedList, bool const PromptUser)
- {
-- string UntrustedList;
-- for
[OE-core] [PATCH][Resend] apt: upgrade to 1.0.9.9
From: Roy Li rongqing...@windriver.com
Upgrade to fix the several CVEs: CVE-2014-0488, CVE-2014-0490
Remove apt-0.9.9.4-CVE-2014-0478.patch, which was backport.
Romve no-ko-translation.patch, apt-1.0.9.9 has ko translation
Update use-host.patch no-curl.patch db_linking_hack.patch and
noconfigure.patch
Not build the test cases since it requires gtest
Signed-off-by: Roy Li rongqing...@windriver.com
---
.../apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch| 193 -
.../apt/apt-0.9.9.4/no-ko-translation.patch| 11 --
.../disable-configure-in-makefile.patch| 0
.../apt/apt-1.0.9.9/disable-test.patch | 58 +++
.../fix-gcc-4.6-null-not-defined.patch | 0
.../{apt-0.9.9.4 = apt-1.0.9.9}/makerace.patch| 0
.../{apt-0.9.9.4 = apt-1.0.9.9}/no-nls-dpkg.patch | 0
.../{apt-0.9.9.4 = apt-1.0.9.9}/noconfigure.patch | 17 +-
.../apt/{apt-0.9.9.4 = apt-1.0.9.9}/nodoc.patch | 0
.../truncate-filename.patch| 0
.../{apt-0.9.9.4 = apt-1.0.9.9}/use-host.patch| 6 +-
...apt-native_0.9.9.4.bb = apt-native_1.0.9.9.bb} | 4 +-
meta/recipes-devtools/apt/apt.inc | 5 +-
.../apt/{apt_0.9.9.4.bb = apt_1.0.9.9.bb} | 4 +-
.../apt/files/db_linking_hack.patch| 6 +-
meta/recipes-devtools/apt/files/no-curl.patch | 8 +-
16 files changed, 83 insertions(+), 229 deletions(-)
delete mode 100644
meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch
delete mode 100644
meta/recipes-devtools/apt/apt-0.9.9.4/no-ko-translation.patch
rename meta/recipes-devtools/apt/{apt-0.9.9.4 =
apt-1.0.9.9}/disable-configure-in-makefile.patch (100%)
create mode 100644 meta/recipes-devtools/apt/apt-1.0.9.9/disable-test.patch
rename meta/recipes-devtools/apt/{apt-0.9.9.4 =
apt-1.0.9.9}/fix-gcc-4.6-null-not-defined.patch (100%)
rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/makerace.patch
(100%)
rename meta/recipes-devtools/apt/{apt-0.9.9.4 =
apt-1.0.9.9}/no-nls-dpkg.patch (100%)
rename meta/recipes-devtools/apt/{apt-0.9.9.4 =
apt-1.0.9.9}/noconfigure.patch (54%)
rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/nodoc.patch
(100%)
rename meta/recipes-devtools/apt/{apt-0.9.9.4 =
apt-1.0.9.9}/truncate-filename.patch (100%)
rename meta/recipes-devtools/apt/{apt-0.9.9.4 = apt-1.0.9.9}/use-host.patch
(84%)
rename meta/recipes-devtools/apt/{apt-native_0.9.9.4.bb =
apt-native_1.0.9.9.bb} (55%)
rename meta/recipes-devtools/apt/{apt_0.9.9.4.bb = apt_1.0.9.9.bb} (74%)
diff --git
a/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch
b/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch
deleted file mode 100644
index 79a6897..000
--- a/meta/recipes-devtools/apt/apt-0.9.9.4/apt-0.9.9.4-CVE-2014-0478.patch
+++ /dev/null
@@ -1,193 +0,0 @@
-This patch comes from:
-https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=73;filename=apt_0.9.7.9%2Bdeb7u2.debdiff;att=1;bug=749795
-
-Upstream-Status: Backport
-
-Signed-off-by: Wenlin Kang wenlin.k...@windriver.com
-Signed-off-by: Chong Lu chong...@windriver.com
-
-diff -uarN apt-0.9.9.4-org/cmdline/apt-get.cc apt-0.9.9.4/cmdline/apt-get.cc
apt-0.9.9.4-org/cmdline/apt-get.cc 2014-08-29 15:37:42.587156134 +0800
-+++ apt-0.9.9.4/cmdline/apt-get.cc 2014-08-29 15:51:16.672334086 +0800
-@@ -1046,25 +1046,8 @@
-return true;
- }
- /*}}}*/
--// CheckAuth - check if each download comes form a trusted source /*{{{*/
--// -
--/* */
--static bool CheckAuth(pkgAcquire Fetcher)
-+static bool AuthPrompt(std::string UntrustedList, bool const PromptUser)
- {
-- string UntrustedList;
-- for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin(); I
Fetcher.ItemsEnd(); ++I)
-- {
-- if (!(*I)-IsTrusted())
-- {
-- UntrustedList += string((*I)-ShortDesc()) + ;
-- }
-- }
--
-- if (UntrustedList == )
-- {
-- return true;
-- }
--
-ShowList(c2out,_(WARNING: The following packages cannot be
authenticated!),UntrustedList,);
-
-if (_config-FindB(APT::Get::AllowUnauthenticated,false) == true)
-@@ -1073,6 +1056,9 @@
- return true;
-}
-
-+ if (PromptUser == false)
-+ return _error-Error(_(Some packages could not be authenticated));
-+
-if (_config-FindI(quiet,0) 2
- _config-FindB(APT::Get::Assume-Yes,false) == false)
-{
-@@ -1090,6 +1076,28 @@
-return _error-Error(_(There are problems and -y was used without
--force-yes));
- }
- /*}}}*/
-+// CheckAuth - check if each download comes form a trusted source /*{{{*/
-+// -
-+/* */
-+static bool CheckAuth(pkgAcquire Fetcher, bool PromptUser=true)
-+{
-+ string
