From 213cb2696d00a85cd48d356cb5131824a302d828 Mon Sep 17 00:00:00 2001 From: Patrick Williams Date: Sat, 7 Aug 2021 19:21:33 -0500 Subject: subtree updates MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit meta-raspberrypi: 8dc3a31088..c7f4c739a3: Khem Raj (5): linux-raspberrypi: Upgrade to 5.10.52 userland: Update to latest master branch raspberrypi-firmware: Update to latest raspberrypi-tools: Update to latest sdcard_image-rpi.bbclass: Fix IMAGE_TYPEDEP override to use new syntax Martin Jansa (4): Convert to new override syntax Manually fix conversion layer.conf: Update to honister userland: package man pages in PN-doc Pierre-Jean Texier (2): kas: local.conf: bump CONF_VERSION variable kas: local.conf: disable prelink poky: 17aabc0127..492205ea83: Alexander Kanavin (17): llvm: update 12.0.0 -> 12.0.1 systemd: update 248.3 -> 249.1 python3-testools: update 2.4.0 -> 2.5.0 libuv: update 1.41.0 -> 1.42.0 gnu-config: update to latest revision vulkan-samples: update to latest revision cmake: update 3.20.5 -> 3.21.0 cmake: update 3.21.0 -> 3.21.1 mtools: update 4.0.32 -> 4.0.34 util-linux: update 2.37 -> 2.37.1 iputils: update 20210202 -> 20210722 freetype: update 2.10.4 -> 2.11.0 devtool: print a warning on upgrades if PREFERRED_VERSION is set rpm: do not RRECOMMEND rpm-build selftest: add core-image-weston to no-gpl3-no-meta-gpl2 image test shadow: update 4.8.1 -> 4.9 local.conf.sample: disable prelink Bernhard Rosenkränzer (1): gcc: update 11.1 -> 11.2 Bruce Ashfield (6): linux-yocto/5.10: update to v5.10.53 linux-yocto/5.13: update to v5.13.5 linux-yocto/5.4: update to v5.4.135 linux-yocto-rt/5.10: update to -rt47 linux-yocto/5.13: enable TYPEC_TCPCI in usbc fragment linux-yocto/5.10: enable TYPEC_TCPCI in usbc fragment Changqing Li (1): archiver.bbclass: fix do_ar_configured failure for kernel Chen Qi (3): zstd: fix CVE_PRODUCT insane.bbclass: fix the file-rdeps QA message for the new override syntax iputils: fix do_configure failure of missing ip command Damian Wrobel (1): rootfs: remove ldconfig auxiliary cache where appropriate Denys Dmytriyenko (4): meta: convert nested overrides leftovers to new syntax convert-overrides.py: handle few more cases of overrides libwpe: remove rpi-specific custom code poky-tiny: drop uclibc override Jon Mason (1): parselogs.py: qemuarm should be qemuarmv5 Joshua Watt (4): mesa: Fix v3d & vc4 dmabuf import bitbake: bitbake: asyncrpc: Catch early SIGTERM libxft: Fix bad PKG value bitbake: contrib: vim: Update for new override syntax Kai Kang (2): u-boot_2021.07: set UBOOT_MACHINE for qemumips and qemumips64 python3-pytest: display correct version info Kevin Hao (2): meta-yocto-bsp: Introduce the v5.13 bbappend meta-yocto-bsp: Bump to the v5.10.55 Khem Raj (10): binutils: Upgrade to 2.37 branch texinfo: Update gnulib to fix build with glibc 2.34 systemd: Fix build on musl stress-ng: Drop defining daddr_t stress-ng: Detemine minimal stack size via sysconf mesa: Define a fallback for DRIDRIVERS libssh2: Fix syntax for using ptest override toaster-managed-mode.json: Correctly specify term with new override syntax distrooverrides.bbclass: Correct override syntax devtool.py: Correct override syntax Lee Chee Yang (1): aspell: fix CVE-2019-25051 Marek Vasut (2): image_types: Restore pre-btrfs-tools 4.14.1 mkfs.btrfs shrink behavior kernel-uboot: Handle gzip and lzo compression options Martin Jansa (6): convert-overrides.py: show processed file and version of this script convert-overrides.py: remove base_dep_prepend and autotools_dep_prepend exception convert-overrides.py: 0.9.1 include '(' as delimiter for shortvars convert-overrides.py: allow specifying multiple target dirs convert-overrides.py: allow dots before override in vars_re and shortvars_re systemd-boot: use ld.bfd as efi-ld even when gold or lld is used in ${LD} Matthias Klein (2): runqemu: Fix typo in error message runqemu: decouple bios and kernel options Matthias Schiffer (3): initscripts: populate-volatile.sh: do not log to tty0 initscripts: populate-volatile.sh: run create_file synchronously initscripts: fix creation order for /var/log with VOLATILE_LOG_DIR=true Michael Halstead (1): releases: update to include 3.3.1 Michael Opdenacker (18): oe-setup-builddir: update YP docs and OE URLs conf-notes.txt: now suggesting to run 'runqemu qemux86-64' test-manual: document LTO related reproducibility bug quick start manual: update "source oe-init-build-env" output dev-manual: fix wrong reference to class documentation/README: improve BitBake manual referencing guidelines manuals: simplify references to BitBake manual manuals: remove explicit BitBake variable references meta-skeleton: add recipe examples from documentation sources bitbake: doc: bitbake-user-manual: fix syntax in example and improve description bitbake: doc: bitbake-user-manual: update bitbake option help bitbake: doc: bitbake-user-manual: grammar fix for the number of "metadata" manuals: initial documentation for CVE management ref-manual: remove example recipe source files profile-manual: document how to build perf manpages on target cve-check: fix comments cve-check: update link to NVD website for CVE details cve-check: improve comment about CVE patch file names Mingli Yu (2): perlcross: not break build if already patched curl: Upgrade to 7.78.0 Nicolas Dechesne (4): yocto-check-layer: improve missed dependencies checklayer: new function get_layer_dependencies() checklayer: rename _find_layer_depends yocto-check-layer: ensure that all layer dependencies are tested too Oleksandr Kravchuk (1): bitbake.conf: change GNOME_MIRROR to new one Patrick Williams (1): pixman: re-disable iwmmxt Paul Barker (4): bitbake: asyncrpc: Fix bad message error in client bitbake: asyncrpc: Set timeout when waiting for reply from server bitbake: parse/ast: Substitute '~' when naming anonymous functions kernel-yocto: Simplify no git repo case in do_kernel_checkout Quentin Schulz (4): bitbake: doc: Makefile: turn warnings into errors by default bitbake: doc: bitbake-user-manual: ref-variables: order alphabetically the glossary sources bitbake: doc: bitbake-user-manual: ref-variables: force glossary output to be alphabetically sorted bitbake: doc: bitbake-user-manual: replace ``FOO`` by :term:`FOO` where possible Richard Purdie (49): Add MAINTAINERS.md file yocto-check-layer: Remove duplicated code libubootenv: Drop default-env RRECOMMENDS bitbake: data_smart: Allow colon in variable expansion regex meta-poky/meta-yocto-bsp: Convert to new override syntax layer.conf: Update to honister autotools/base/icecc: Remove prepend from function names scripts/contrib: Add override conversion script systemtap: Fix headers issue with x86 and 5.13 headers migration-guides: Add start of 3.4 guide with override migration notes common-tasks: Fix conversion error in npm example bitbake: bitbake: Switch to using new override syntax bitbake: doc/lib: Update to use new override syntax containing colons bitbake: doc/lib: Add fixes for issues missed by the automated conversion bitbake: bitbake: Update to version 1.51.1 layer.conf: Override changes mean we're only compatible with honister Convert to new override syntax meta: Manual override fixes local.conf.sample: Bump version so users update their config sanity.conf: Require bitbake 1.51.1 dropbear: Fix incorrect package override for postrm convert-overrides: Allow script to handle patch/diffs sdk: Decouple default install path from built in path sstate: Fix rebuilds when changing layer config populate_sdk_ext: Fix handling of TOOLCHAIN_HOST_TASK in the eSDK case local.conf.sample: Bump version so users update their config poky: Use SDKPATHINSTALL instead of SDKPATH vim: Clarify where RDEPENDS/RRECOMMENDS apply bitbake: data_smart: Fix inactive overide accidental variable value corruption local.conf.sample: Fix missed override conversion license: Exclude COPYING.MIT from pseudo meta: Convert IMAGE_TYPEDEP to use override syntax uboot-extlinux-config: Fix missing override conversion image/image_types: Convert CONVERSION_CMD/COMPRESS_CMD to new override syntax image: Drop COMPRESS_CMD devupstream: Allow support of native class extensions diffoscope: Upgrade 178 -> 179 strace: Upgrade 5.12 -> 5.13 valgrind: Add patches for glibc 2.34 support bitbake: runqueue: Improve multiconfig deferred task issues elfutils: Add patch from upstream for glibc 2.34 ptest fixes bitbake: doc: Fix append/prepend/remove references bitbake: fetch/tests/toaster: Override conversion fixups bitbake: process: Improve traceback error reporting from main loop bitbake: command: Ensure we catch/handle exceptions bitbake: ui/taskexp: Improve startup exception handling bitbake: ui/taskexp: Fix to work with empty build directories oeqa/runtime/cases/ptest: Increase test timeout from 300s to 450s packagedata: Fix after override syntax change Ross Burton (2): glew: fix Makefile race libx11: fix xkb compilation with _EVDEVK symbols Saul Wold (1): MAINTAINERS: Saul will cover devtool and eSDK Stefan Wiehler (1): dev-manual: fix source release example script Stefano Babic (1): mtd-utils: upgrade 2.1.2 -> 2.1.3 Tim Orling (2): python3-hypothesis: upgrade 6.14.3 -> 6.14.5 python3-importlib-metadata: upgrade 4.6.1 -> 4.6.3 Tony Battersby (2): lto.inc: disable LTO for grub gcc: Backport patch to make LTO builds more reproducible Tony Tascioglu (6): ffmpeg: fix-CVE-2020-20446 ffmpeg: fix CVE-2020-20453 ffmpeg: fix CVE-2020-22015 ffmpeg: fix CVE-2020-22021 ffmpeg: fix CVE-2020-22033 and CVE-2020-22019 ffmpeg: fix CVE-2021-33815 Trevor Woerner (1): ffmpeg: add libatomic for armv5 Ulrich Ölmann (2): initramfs-framework: fix whitespace issue initramfs-framework/setup-live: fix shebang Vinay Kumar (1): glibc: Fix CVE-2021-33574 Vivien Didelot (1): init-manager-systemd: define weak dev manager Zqiang (1): python3: use monotonic clock for condvar if possible hongxu (1): createrepo-c: fix createrepo-c failed in nativesdk leimaohui (1): archiver.bbclass: Fix patch error for recipes that inherit dos2unix. wangmy (3): bind: upgrade 9.16.18 -> 9.16.19 i2c-tools: upgrade 4.2 -> 4.3 diffoscope: upgrade 177 -> 178 zangrc (2): python3-dbus: upgrade 1.2.16 -> 1.2.18 python3-pip: upgrade 21.1.3 -> 21.2.1 meta-openembedded: 8fbcfb9f02..3cf2475ea0: Anastasios Kavoukis (1): pm-qa: fix paths for shell scripts Andreas Müller (3): mozjs/0001-Port-build-to-python3.patch: Fix typos in description jack: upgrade 1.19.18 -> 1.19.19 fluidsynth: upgrade 2.2.1 -> 2.2.2 Andrej Valek (1): thrift: upgrade to 0.14.2 Andrew Jeffery (2): python3-gmpy: Add native support python3-ecdsa: Add native support Armin Kuster (2): hiawatha: fix url. wireshark: update to 3.4.7 Ben Brown (1): android-tools: fix install of adb client when TOOLS is overridden Changqing Li (1): apache2: upgrade 2.4.46 -> 2.4.48 Devendra Tewari (1): Suppress eol in functionfs setup scripts (#147) Gianfranco (1): vboxguestdrivers: upgrade 6.1.22 -> 6.1.24 Joe Slater (2): php: move to version 7.4.21 gtksourceview4: work around dependency deficiency Johannes Obermüller (1): evtest: fix timestamps in output Kai Kang (2): python3-blivet: 3.1.4 -> 3.4.0 python3-blivetgui: 2.1.10 -> 2.2.1 Khem Raj (23): netperf: Update to latest netperf: Add systemd unit file packagegroup-meta-oe: Add lmdb packagegroup-meta-oe: Add mbw addcli: check for ns_get16 and ns_get32 fuse: Define closefrom if not available autofs: Fix build with glibc 2.34+ ntp: Do not use PTHREAD_STACK_MIN on glibc ntp: Fix make check mongodb: Upgrade to 4.4.7 vboxguestdrivers: Remove __divmoddi4 patch packagegroup-meta-oe: Add jemalloc apitrace: Exclude from builds with glibc 2.34+ libhugetlbfs: Disable build with glibc 2.34+ fvwm: Package extra files and man pages luajit: Fix override syntax lua: Drop uclibc patch packagegroup-meta-oe: Correct override name and fix syntax recipes: Fix override syntax emacs,libgpiod,cockpit: Fix override syntax in using FILES_${PN} fvwm: Fix build time paths in target perl/python scripts nis: Drop uclibc check in anon python function jemalloc: Fix build on musl Leon Anavi (3): python3-networkx: Upgrade 2.6.1 -> 2.6.2 python3-pysonos: Upgrade 0.0.53 -> 0.0.54 python3-zeroconf: Upgrade 0.33.1 -> 0.33.2 Li Wang (1): openlldp: fix segfault Maksym Sloyko (1): libusbgx: Configure the Devices Used Martin Jansa (5): Convert to new override syntax layer.conf: Update to honister mariadb: manually fix the conversion packagegroup-meta-oe: manually finish override syntax conversion klibc.bbclass, image_types_sparse.bbclass, packagegroup-meta-oe.bb: update the overrides syntax conversion Mingli Yu (4): mariadb: redefine log-error item jemalloc: add new recipe hdf5: improve reproducibility mariadb: Update SRC_URI Nicolas Dechesne (1): mbw: add new recipe Paulo Neves (1): htop: Add ncurses-terminfo-base to RDEPENDS Sakib Sajal (1): lmdb: add recipe Salman Ahmed (2): nginx: upgrade 1.18.0 -> 1.20.1 nginx: upgrade 1.19.6 -> 1.21.1 Tony Battersby (1): net-snmp: fix QA Issue after LDFLAGS change Yi Zhao (3): postfix: upgrade 3.6.1 -> 3.6.2 audit: upgrade 3.0.2 -> 3.0.3 audit: fix compile error for 2.8.5 Zang Ruochen (1): python3-robotframework: upgrade 4.0.3 -> 4.1 wangmy (17): evince: upgrade 40.2 -> 40.4 gnome-backgrounds: upgrade 3.36.0 -> 3.38.0 gnome-desktop3: upgrade 3.36.6 -> 3.38.8 cmark: upgrade 0.30.0 -> 0.30.1 ctags: upgrade 5.9.20210711.0 -> 5.9.20210718.0 libnet-dns-perl: upgrade 1.31 -> 1.32 libtalloc: upgrade 2.3.2 -> 2.3.3 nghttp2: upgrade 1.43.0 -> 1.44.0 bats: upgrade 1.3.0 -> 1.4.1 networkmanager: upgrade 1.32.2 -> 1.32.4 gensio: upgrade 2.2.7 -> 2.2.8 libmbim: upgrade 1.24.8 -> 1.26.0 fetchmail: upgrade 6.4.19 -> 6.4.20 ctags: upgrade 5.9.20210718.0 -> 5.9.20210801.0 libblockdev: upgrade 2.25 -> 2.26 libqmi: upgrade 1.28.6 -> 1.28.8 monit: upgrade 5.28.0 -> 5.28.1 zangrc (15): python3-qrcode: upgrade 7.1 -> 7.2 python3-rdflib: upgrade 5.0.0 -> 6.0.0 python3-simplejson: upgrade 3.17.2 -> 3.17.3 python3-bitstring: upgrade 3.1.7 -> 3.1.9 python3-iso8601: upgrade 0.1.14 -> 0.1.16 python3-gmqtt: upgrade 0.6.9 -> 0.6.10 python3-graphviz: upgrade 0.16 -> 0.17 python3-smbus: upgrade 4.2 -> 4.3 python3-pandas: upgrade 1.3.0 -> 1.3.1 python3-progress: upgrade 1.5 -> 1.6 python3-sentry-sdk: upgrade 1.3.0 -> 1.3.1 python3-socketio: upgrade 5.3.0 -> 5.4.0 python3-tqdm: upgrade 4.61.2 -> 4.62.0 python3-twisted: upgrade 21.2.0 -> 21.7.0 python3-xlsxwriter: upgrade 1.4.4 -> 1.4.5 zhengruoqin (15): live555: upgrade 20210710 -> 20210720 libtest-warnings-perl: upgrade 0.030 -> 0.031 python3-pybind11: upgrade 2.6.2 -> 2.7.0 python3-pymongo: upgrade 3.11.4 -> 3.12.0 python3-sqlalchemy: upgrade 1.4.20 -> 1.4.22 python3-sentry-sdk: upgrade 1.2.0 -> 1.3.0 libcurses-perl: upgrade 1.37 -> 1.38 libdbd-sqlite-perl: upgrade 1.66 -> 1.68 libencode-perl: upgrade 3.10 -> 3.11 python3-bitarray: upgrade 2.2.2 -> 2.2.3 python3-cbor2: upgrade 5.4.0 -> 5.4.1 python3-gast: upgrade 0.5.0 -> 0.5.1 poppler: upgrade 21.07.0 -> 21.08.0 valijson: upgrade 0.4 -> 0.5 xwd: upgrade 1.0.7 -> 1.0.8 meta-security: 152cdb506b..c885d399cd: Armin Kuster (18): suricata.inc: exclude ppc in rust version suricata: Drop 4.1.x its EOL add meta-rust crowdsec: add pkg packagegroup-core-security.bb: fix suricat-ptest inclusion gitlab-ci.yml: streamline builds matrix krill: Add new pkg clamav: fix branch name and update meta-security: Convert to new override syntax meta-tpm: Convert to new override syntax meta-integrity: Convert to new override syntax meta-hardening: Convert to new override syntax meta-security-isafw: Convert to new override syntax meta-parsec: Convert to new override syntax meta-security-compliance: Convert to new override syntax dynamix-layers: Convert to new override syntax kas: Convert to new override syntax packagegroup-core-security.bb: only include suricat-ptest if rust is included Martin Jansa (1): layer.conf: Update to honister Signed-off-by: Patrick Williams Change-Id: Iec7301cf1c43b7cec462dcf88292a8b1b12a5045 --- .../recipes-scanners/clamav/clamav_0.104.0.bb | 44 ++++---- .../clamav/files/fix2_libcurl_check.patch | 122 +++++++++++++++++++++ .../clamav/files/fix_systemd_socket.patch | 4 +- .../clamav/files/headers_fixup.patch | 8 +- .../clamav/files/oe_cmake_fixup.patch | 2 +- .../recipes-scanners/clamav/files/test.patch | 24 ++++ 6 files changed, 175 insertions(+), 29 deletions(-) create mode 100644 meta-security/recipes-scanners/clamav/files/fix2_libcurl_check.patch create mode 100644 meta-security/recipes-scanners/clamav/files/test.patch (limited to 'meta-security/recipes-scanners/clamav') diff --git a/meta-security/recipes-scanners/clamav/clamav_0.104.0.bb b/meta-security/recipes-scanners/clamav/clamav_0.104.0.bb index 4f203095c..0d3a678e2 100644 --- a/meta-security/recipes-scanners/clamav/clamav_0.104.0.bb +++ b/meta-security/recipes-scanners/clamav/clamav_0.104.0.bb @@ -8,10 +8,10 @@ DEPENDS = "glibc llvm libtool db openssl zlib curl libxml2 bison pcre2 json-c li LIC_FILES_CHKSUM = "file://COPYING.txt;beginline=2;endline=3;md5=f7029fbbc5898b273d5902896f7bbe17" -# May 15th -SRCREV = "fe96de86bb90c489aa509ee9135f776b7a2a7eb4" +# July 27th +SRCREV = "c389dfa4c3af92b006ada4f7595bbc3e6df3f356" -SRC_URI = "git://github.com/vrtadmin/clamav-devel;branch=dev/0.104 \ +SRC_URI = "git://github.com/vrtadmin/clamav-devel;branch=rel/0.104 \ file://clamd.conf \ file://freshclam.conf \ file://volatiles.03_clamav \ @@ -52,7 +52,7 @@ PACKAGECONFIG[systemd] = "-DENABLE_SYSTEMD=ON -DSYSTEMD_UNIT_DIR=${systemd_syste export OECMAKE_C_FLAGS += " -I${STAGING_INCDIR} -L ${RECIPE_SYSROOT}${nonarch_libdir} -L${STAGING_LIBDIR} -lpthread" -do_install_append () { +do_install:append () { install -d ${D}/${sysconfdir} install -d ${D}/${localstatedir}/lib/clamav install -d ${D}${sysconfdir}/clamav ${D}${sysconfdir}/default/volatiles @@ -76,7 +76,7 @@ do_install_append () { oe_multilib_header clamav-types.h } -pkg_postinst_${PN} () { +pkg_postinst:${PN} () { if [ -z "$D" ]; then if command -v systemd-tmpfiles >/dev/null; then systemd-tmpfiles --create ${sysconfdir}/tmpfiles.d/clamav.conf @@ -89,17 +89,17 @@ pkg_postinst_${PN} () { PACKAGES += "${PN}-daemon ${PN}-clamdscan ${PN}-freshclam ${PN}-libclamav" -FILES_${PN} = "${bindir}/clambc ${bindir}/clamscan ${bindir}/clamsubmit ${sbindir}/clamonacc \ +FILES:${PN} = "${bindir}/clambc ${bindir}/clamscan ${bindir}/clamsubmit ${sbindir}/clamonacc \ ${bindir}/*sigtool ${mandir}/man1/clambc* ${mandir}/man1/clamscan* \ ${mandir}/man1/sigtool* ${mandir}/man1/clambsubmit* \ ${docdir}/clamav/*" -FILES_${PN}-clamdscan = " ${bindir}/clamdscan \ +FILES:${PN}-clamdscan = " ${bindir}/clamdscan \ ${docdir}/clamdscan/* \ ${mandir}/man1/clamdscan* \ " -FILES_${PN}-daemon = "${bindir}/clamconf ${bindir}/clamdtop ${sbindir}/clamd \ +FILES:${PN}-daemon = "${bindir}/clamconf ${bindir}/clamdtop ${sbindir}/clamd \ ${mandir}/man1/clamconf* ${mandir}/man1/clamdtop* \ ${mandir}/man5/clamd* ${mandir}/man8/clamd* \ ${sysconfdir}/clamd.conf* \ @@ -111,7 +111,7 @@ FILES_${PN}-daemon = "${bindir}/clamconf ${bindir}/clamdtop ${sbindir}/clamd \ ${systemd_system_unitdir}/clamav-clamonacc.service \ " -FILES_${PN}-freshclam = "${bindir}/freshclam \ +FILES:${PN}-freshclam = "${bindir}/freshclam \ ${sysconfdir}/freshclam.conf* \ /usr/etc/freshclam.conf* \ ${sysconfdir}/clamav ${sysconfdir}/default/volatiles \ @@ -121,33 +121,33 @@ FILES_${PN}-freshclam = "${bindir}/freshclam \ ${mandir}/man5/freshclam.conf.* \ ${systemd_system_unitdir}/clamav-freshclam.service" -FILES_${PN}-dev = " ${bindir}/clamav-config ${libdir}/*.la \ +FILES:${PN}-dev = " ${bindir}/clamav-config ${libdir}/*.la \ ${libdir}/pkgconfig/*.pc \ ${mandir}/man1/clamav-config.* \ ${includedir}/*.h ${docdir}/libclamav* " -FILES_${PN}-staticdev = "${libdir}/*.a" +FILES:${PN}-staticdev = "${libdir}/*.a" -FILES_${PN}-libclamav = "${libdir}/libclamav.so* ${libdir}/libclammspack.so* \ +FILES:${PN}-libclamav = "${libdir}/libclamav.so* ${libdir}/libclammspack.so* \ ${libdir}/libfreshclam.so* ${docdir}/libclamav/* \ ${libdir}/libmspack* " -FILES_${PN}-doc = "${mandir}/man/* \ +FILES:${PN}-doc = "${mandir}/man/* \ ${datadir}/man/* \ ${docdir}/* " USERADD_PACKAGES = "${PN}" -GROUPADD_PARAM_${PN} = "--system ${CLAMAV_UID}" -USERADD_PARAM_${PN} = "--system -g ${CLAMAV_GID} --home-dir \ +GROUPADD_PARAM:${PN} = "--system ${CLAMAV_UID}" +USERADD_PARAM:${PN} = "--system -g ${CLAMAV_GID} --home-dir \ ${localstatedir}/lib/${BPN} \ --no-create-home --shell /sbin/nologin ${BPN}" -RPROVIDES_${PN} += "${PN}-systemd" -RREPLACES_${PN} += "${PN}-systemd" -RCONFLICTS_${PN} += "${PN}-systemd" +RPROVIDES:${PN} += "${PN}-systemd" +RREPLACES:${PN} += "${PN}-systemd" +RCONFLICTS:${PN} += "${PN}-systemd" SYSTEMD_PACKAGES = "${PN}-daemon ${PN}-freshclam" -SYSTEMD_SERVICE_${PN}-daemon = "clamav-daemon.service" -SYSTEMD_SERVICE_${PN}-freshclam = "clamav-freshclam.service" +SYSTEMD_SERVICE:${PN}-daemon = "clamav-daemon.service" +SYSTEMD_SERVICE:${PN}-freshclam = "clamav-freshclam.service" -RDEPENDS_${PN} = "openssl ncurses-libncurses libxml2 libbz2 ncurses-libtinfo curl libpcre2 clamav-freshclam clamav-libclamav" -RDEPENDS_${PN}-daemon = "clamav" +RDEPENDS:${PN} = "openssl ncurses-libncurses libxml2 libbz2 ncurses-libtinfo curl libpcre2 clamav-freshclam clamav-libclamav" +RDEPENDS:${PN}-daemon = "clamav" diff --git a/meta-security/recipes-scanners/clamav/files/fix2_libcurl_check.patch b/meta-security/recipes-scanners/clamav/files/fix2_libcurl_check.patch new file mode 100644 index 000000000..46406e9d0 --- /dev/null +++ b/meta-security/recipes-scanners/clamav/files/fix2_libcurl_check.patch @@ -0,0 +1,122 @@ +clamav .102.2 tries to find clamav using culf_config. Use EO pkg_config instead + +Upstream-Status: OE specific +Signed-off-by: Armin Kuster + +Index: git/configure +=================================================================== +--- git.orig/configure ++++ git/configure +@@ -28850,39 +28850,14 @@ $as_echo_n "checking for libcurl install + if test "${with_libcurl+set}" = set; then : + withval=$with_libcurl; + find_curl="no" +-if test "X$withval" = "Xyes"; then +- find_curl="yes" +-else +- if test "X$withval" != "Xno"; then +- if test -f "${withval}/bin/curl-config"; then +- LIBCURL_HOME="$withval" +- have_curl="yes" +- fi +- fi +-fi +- +-else +- find_curl="yes" +-fi +- +- +-if test "X$find_curl" = "Xyes"; then +- for p in /usr/local /usr ; do +- if test -f "${p}/bin/curl-config"; then +- LIBCURL_HOME=$p +- have_curl="yes" +- fi +- done +-fi +- +-if test "X$have_curl" = "Xyes"; then +- { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIBCURL_HOME" >&5 +-$as_echo "$LIBCURL_HOME" >&6; } +- if test -f "$LIBCURL_HOME/bin/curl-config"; then ++ #save_LDFLAGS="$LDFLAGS" ++ if test "X$withval" != "Xno"; then ++ LIBCURL_HOME="$withval" ++ if test "${PKG_CONFIG} libcurl --exists"; then + CURL_LDFLAGS="$LDFLAGS" +- CURL_LIBS=$($LIBCURL_HOME/bin/curl-config --libs) +- CURL_CPPFLAGS=$($LIBCURL_HOME/bin/curl-config --cflags) +- else ++ CURL_LIBS=$($PKG_CONFIG libcurl --libs) ++ CURL_CPPFLAGS=$($PKG_CONFIG libcurl --cflags) ++ else + if test "$LIBCURL_HOME" != "/usr"; then + CURL_LDFLAGS="-L$LIBCURL_HOME/lib" + CURL_CPPFLAGS="-I$LIBCURL_HOME/include" +@@ -28891,60 +28866,12 @@ $as_echo "$LIBCURL_HOME" >&6; } + CURL_CPPFLAGS="" + fi + CURL_LIBS="-lcurl" +- fi +- save_LDFLAGS="$LDFLAGS" +- LDFLAGS="$CURL_LDFLAGS $CURL_LIBS" +- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for curl_easy_init in -lcurl" >&5 +-$as_echo_n "checking for curl_easy_init in -lcurl... " >&6; } +-if ${ac_cv_lib_curl_curl_easy_init+:} false; then : +- $as_echo_n "(cached) " >&6 +-else +- ac_check_lib_save_LIBS=$LIBS +-LIBS="-lcurl $CURL_LIBS +- $LIBS" +-cat confdefs.h - <<_ACEOF >conftest.$ac_ext +-/* end confdefs.h. */ +- +-/* Override any GCC internal prototype to avoid an error. +- Use char because int might match the return type of a GCC +- builtin and then its argument prototype would still apply. */ +-#ifdef __cplusplus +-extern "C" +-#endif +-char curl_easy_init (); +-int +-main () +-{ +-return curl_easy_init (); +- ; +- return 0; +-} +-_ACEOF +-if ac_fn_c_try_link "$LINENO"; then : +- ac_cv_lib_curl_curl_easy_init=yes +-else +- ac_cv_lib_curl_curl_easy_init=no +-fi +-rm -f core conftest.err conftest.$ac_objext \ +- conftest$ac_exeext conftest.$ac_ext +-LIBS=$ac_check_lib_save_LIBS +-fi +-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_curl_curl_easy_init" >&5 +-$as_echo "$ac_cv_lib_curl_curl_easy_init" >&6; } +-if test "x$ac_cv_lib_curl_curl_easy_init" = xyes; then : +- +- curl_msg=""; +- have_curl="yes"; +- CLAMSUBMIT_LIBS="$CLAMSUBMIT_LIBS $CURL_LDFLAGS $CURL_LIBS"; +- CLAMSUBMIT_CFLAGS="$CLAMSUBMIT_CFLAGS $CURL_CPPFLAGS"; +- FRESHCLAM_LIBS="$FRESHCLAM_LIBS $CURL_LDFLAGS $CURL_LIBS"; +- FRESHCLAM_CPPFLAGS="$FRESHCLAM_CPPFLAGS $CURL_CPPFLAGS" +- +-else +- +- as_fn_error $? "Your libcurl is misconfigured. libcurl (e.g. libcurl-devel) is required in order to build freshclam and clamsubmit." "$LINENO" 5 ++ fi + +-fi ++ have_curl="yes" ++ LDFLAGS="$save_LDFLAGS" ++ LDFLAGS="$CURL_LDFLAGS $CURL_LIBS" ++ fi + + LDFLAGS="$save_LDFLAGS" + else diff --git a/meta-security/recipes-scanners/clamav/files/fix_systemd_socket.patch b/meta-security/recipes-scanners/clamav/files/fix_systemd_socket.patch index 3e9abe236..334777028 100644 --- a/meta-security/recipes-scanners/clamav/files/fix_systemd_socket.patch +++ b/meta-security/recipes-scanners/clamav/files/fix_systemd_socket.patch @@ -12,9 +12,9 @@ Index: git/clamd/CMakeLists.txt =================================================================== --- git.orig/clamd/CMakeLists.txt +++ git/clamd/CMakeLists.txt -@@ -54,4 +54,10 @@ if(SYSTEMD_FOUND) +@@ -60,4 +60,10 @@ if(SYSTEMD_FOUND) install( - FILES ${CMAKE_CURRENT_BINARY_DIR}/clamav-daemon.service + FILES ${CMAKE_CURRENT_BINARY_DIR}/clamav-daemon.socket DESTINATION ${SYSTEMD_UNIT_DIR}) + configure_file( + ${CMAKE_CURRENT_SOURCE_DIR}/clamav-daemon.socket.in diff --git a/meta-security/recipes-scanners/clamav/files/headers_fixup.patch b/meta-security/recipes-scanners/clamav/files/headers_fixup.patch index 9de0a26db..369aa588e 100644 --- a/meta-security/recipes-scanners/clamav/files/headers_fixup.patch +++ b/meta-security/recipes-scanners/clamav/files/headers_fixup.patch @@ -7,7 +7,7 @@ Index: git/CMakeLists.txt =================================================================== --- git.orig/CMakeLists.txt +++ git/CMakeLists.txt -@@ -374,8 +373,6 @@ check_include_file("stdlib.h" +@@ -443,8 +443,6 @@ check_include_file("stdlib.h" check_include_file("string.h" HAVE_STRING_H) check_include_file("strings.h" HAVE_STRINGS_H) check_include_file("sys/cdefs.h" HAVE_SYS_CDEFS_H) @@ -16,7 +16,7 @@ Index: git/CMakeLists.txt check_include_file("sys/mman.h" HAVE_SYS_MMAN_H) check_include_file("sys/param.h" HAVE_SYS_PARAM_H) check_include_file("sys/queue.h" HAVE_SYS_QUEUE_H) -@@ -410,8 +407,6 @@ endif() +@@ -479,8 +477,6 @@ endif() # int-types variants check_include_file("inttypes.h" HAVE_INTTYPES_H) @@ -25,7 +25,7 @@ Index: git/CMakeLists.txt check_include_file("stdint.h" HAVE_STDINT_H) # this hack required to silence warnings on systems with inttypes.h -@@ -539,17 +528,11 @@ check_type_size("time_t" SIZEOF_TIME_T) +@@ -608,17 +604,11 @@ check_type_size("time_t" SIZEOF_TIME_T) # Checks for library functions. include(CheckSymbolExists) check_symbol_exists(_Exit "stdlib.h" HAVE__EXIT) @@ -44,7 +44,7 @@ Index: git/CMakeLists.txt check_symbol_exists(timegm "time.h" HAVE_TIMEGM) check_symbol_exists(vsnprintf "stdio.h" HAVE_VSNPRINTF) -@@ -563,10 +546,9 @@ else() +@@ -632,10 +622,9 @@ else() check_symbol_exists(fseeko "stdio.h" HAVE_FSEEKO) check_symbol_exists(getaddrinfo "netdb.h" HAVE_GETADDRINFO) check_symbol_exists(getpagesize "unistd.h" HAVE_GETPAGESIZE) diff --git a/meta-security/recipes-scanners/clamav/files/oe_cmake_fixup.patch b/meta-security/recipes-scanners/clamav/files/oe_cmake_fixup.patch index b284915b8..c9c88b930 100644 --- a/meta-security/recipes-scanners/clamav/files/oe_cmake_fixup.patch +++ b/meta-security/recipes-scanners/clamav/files/oe_cmake_fixup.patch @@ -22,7 +22,7 @@ Index: git/CMakeLists.txt if(C_LINUX) if(CMAKE_COMPILER_IS_GNUCXX) # Set _GNU_SOURCE for O_LARGEFILE, O_CLOEXEC, O_DIRECTORY, O_NOFOLLOW, etc flags on older systems -@@ -512,14 +506,8 @@ include(TestInline) +@@ -581,14 +575,8 @@ include(TestInline) include(CheckFileOffsetBits) # Determine how to pack structs on this platform. include(CheckStructPacking) diff --git a/meta-security/recipes-scanners/clamav/files/test.patch b/meta-security/recipes-scanners/clamav/files/test.patch new file mode 100644 index 000000000..a22b45def --- /dev/null +++ b/meta-security/recipes-scanners/clamav/files/test.patch @@ -0,0 +1,24 @@ +Index: clamav-0.103.0/Makefile.am +=================================================================== +--- clamav-0.103.0.orig/Makefile.am ++++ clamav-0.103.0/Makefile.am +@@ -28,7 +28,6 @@ else + SUBDIRS = libltdl libclamav shared libfreshclam clamscan clamd clamdscan freshclam sigtool clamconf database docs etc clamav-milter test clamdtop clambc unit_tests + EXTRA_DIST = examples shared libclamav.pc.in COPYING.bzip2 COPYING.lzma COPYING.unrar COPYING.LGPL COPYING.llvm COPYING.file COPYING.zlib COPYING.getopt COPYING.regex COPYING.YARA COPYING.pcre platform.h.in libclamunrar libclamunrar_iface libclammspack clamdscan/clamdscan.map win32 ChangeLog.md INSTALL.cmake.md INSTALL.autotools.md NEWS.md README.md cmake CMakeLists.txt CMakeOptions.cmake $(top_srcdir)/**/CMakeLists.txt libclammspack/config.h.in.cmake clamav-config.h.cmake.in target.h.cmake.in autogen.sh + +-bin_SCRIPTS=clamav-config + + if BUILD_CLAMONACC + SUBDIRS += clamonacc +Index: clamav-0.103.0/Makefile.in +=================================================================== +--- clamav-0.103.0.orig/Makefile.in ++++ clamav-0.103.0/Makefile.in +@@ -641,7 +641,6 @@ ACLOCAL_AMFLAGS = -I m4 + @BUILD_LIBCLAMAV_ONLY_TRUE@SUBDIRS = libclamav $(am__append_1) \ + @BUILD_LIBCLAMAV_ONLY_TRUE@ $(am__append_2) $(am__append_3) + @BUILD_LIBCLAMAV_ONLY_FALSE@bin_SCRIPTS = clamav-config +-@BUILD_LIBCLAMAV_ONLY_TRUE@bin_SCRIPTS = clamav-config + @BUILD_LIBCLAMAV_ONLY_FALSE@EXTRA_DIST = examples shared libclamav.pc.in COPYING.bzip2 COPYING.lzma COPYING.unrar COPYING.LGPL COPYING.llvm COPYING.file COPYING.zlib COPYING.getopt COPYING.regex COPYING.YARA COPYING.pcre platform.h.in libclamunrar libclamunrar_iface libclammspack clamdscan/clamdscan.map win32 ChangeLog.md INSTALL.cmake.md INSTALL.autotools.md NEWS.md README.md cmake CMakeLists.txt CMakeOptions.cmake $(top_srcdir)/**/CMakeLists.txt libclammspack/config.h.in.cmake clamav-config.h.cmake.in target.h.cmake.in autogen.sh + pkgconfigdir = $(libdir)/pkgconfig + pkgconfig_DATA = libclamav.pc -- cgit v1.2.3