NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cpio: new package

Browse Source 
Adding the cpio archive utility for the target and host. Patches have
been pulled from ArchLinux and Gentoo to fix CVE issues and compile
issues.

[Thomas: remove host variant of the package, as discussed during the
review of earlier version.]

Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit is contained in:
Clayton Shotwell 2015-07-14 15:20:26 -05:00 committed by Thomas Petazzoni
parent f5f5bd92df
commit 03d3df31f8
4 changed files with 43 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
package/Config.in
View File

@ -150,6 +150,7 @@ endmenu
menu "Filesystem and flash utilities"
source "package/btrfs-progs/Config.in"
source "package/cifs-utils/Config.in"
source "package/cpio/Config.in"
source "package/cramfs/Config.in"
source "package/curlftpfs/Config.in"
source "package/dosfstools/Config.in"

8
package/cpio/Config.in Normal file
View File

@ -0,0 +1,8 @@
config BR2_PACKAGE_CPIO
bool "cpio"
# Need argp.h support
select BR2_PACKAGE_ARGP_STANDALONE if BR2_TOOLCHAIN_USES_UCLIBC
help
cpio archive utility for creation and extraction.
https://www.gnu.org/software/cpio/

9
package/cpio/cpio.hash Normal file
View File

@ -0,0 +1,9 @@
# Locally calculated after checking pgp signature
sha256 601b1d774cd6e4cd39416203c91ec59dbd65dd27d79d75e1a9b89497ea643978 cpio-2.11.tar.gz
# Locally calculated
sha256 903fb87e00813daf257be5d1680ad93770d320c707ab2ec345486958b2e8a21f cpio-2.11-stdio.in.patch
sha256 6b6505a97dda75d24627d9ba461b45ab9ea4764e1a2788d6986eb2978434f25d cpio-2.11-CVE-2014-9112.patch
sha256 0cf7c9749f1c1610aaf46e17eacd6614c5ef8c2114236bcdd08d53e929020ae5 cpio-2.11-testsuite-CVE-2014-9112.patch
sha256 f1f587f70a38363691cbd4dfe89f962c8c57266277f0fbc781910c6a7065be7e cpio-2.11-check_for_symlinks-CVE-2015-1197.patch
sha256 b3d317e3c5705d7f9e503f56540baf3cb6dd1d0e9be0261151a5b08378c2d98c cpio-2.11-stat.patch

25
package/cpio/cpio.mk Normal file
View File

@ -0,0 +1,25 @@
################################################################################
#
# cpio
#
################################################################################
CPIO_VERSION = 2.11
CPIO_SITE = http://ftp.gnu.org/gnu/cpio
CPIO_LICENSE = GPLv3+
CPIO_LICENSE_FILES = COPYING
CPIO_PATCH = \
https://projects.archlinux.org/svntogit/packages.git/plain/cpio/trunk/cpio-2.11-stdio.in.patch \
https://projects.archlinux.org/svntogit/packages.git/plain/cpio/trunk/cpio-2.11-CVE-2014-9112.patch \
https://projects.archlinux.org/svntogit/packages.git/plain/cpio/trunk/cpio-2.11-testsuite-CVE-2014-9112.patch \
https://projects.archlinux.org/svntogit/packages.git/plain/cpio/trunk/cpio-2.11-check_for_symlinks-CVE-2015-1197.patch \
https://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/app-arch/cpio/files/cpio-2.11-stat.patch
# cpio uses argp.h which is not provided by uclibc by default.
# Use the argp-standalone package to provide this but make sure
# the host package does not try to use the host version.
ifeq ($(BR2_TOOLCHAIN_USES_UCLIBC),y)
CPIO_DEPENDENCIES += argp-standalone
endif
$(eval $(autotools-package))