From: Mark Hatle Date: Mon, 11 Jun 2012 18:18:58 +0000 (-0500) Subject: createrepo: For compatibility w/ RPM 5.4.9 remove RPMVSF_NOSIGNATURES flag X-Git-Tag: 2015-4~10375 X-Git-Url: https://code.ossystems.io/gitweb?a=commitdiff_plain;h=24786ccbbdd1188aad4d8508e1757d38798b6f81;p=openembedded-core.git createrepo: For compatibility w/ RPM 5.4.9 remove RPMVSF_NOSIGNATURES flag The RPMVSF_NOSIGNATURES flag was removed from RPM5 - 5.4.9 as a result of additional -requires- package validation to help protect from malicious packages. The createrepo "dump" script has been updated to no longer use this flag. This remains compatible with prior versions of RPM. Signed-off-by: Mark Hatle Signed-off-by: Richard Purdie --- diff --git a/meta/recipes-support/createrepo/createrepo/createrepo-rpm549.patch b/meta/recipes-support/createrepo/createrepo/createrepo-rpm549.patch new file mode 100644 index 0000000000..3423c4428c --- /dev/null +++ b/meta/recipes-support/createrepo/createrepo/createrepo-rpm549.patch @@ -0,0 +1,19 @@ +dumpMetadata.py: Fix for RPM5 - 5.4.9 integration + +RPM5 no longer has a switch to disable signature validation. (Due to security +validation concerns.) + +Signed-off-by: Mark Hatle + +diff -u createrepo-0.4.11.orig/dumpMetadata.py createrepo-0.4.11/dumpMetadata.py +--- createrepo-0.4.11.orig/dumpMetadata.py 2012-06-05 10:12:55.687964222 -0500 ++++ createrepo-0.4.11/dumpMetadata.py 2012-06-05 10:40:08.154060600 -0500 +@@ -92,7 +92,7 @@ + fdno = package # let's assume this is an fdno and go with it :) + except OSError: + raise MDError, "Error opening file" +- ts.setVSFlags((rpm._RPMVSF_NOSIGNATURES|rpm.RPMVSF_NOMD5|rpm.RPMVSF_NEEDPAYLOAD)) ++ ts.setVSFlags((rpm.RPMVSF_NOMD5|rpm.RPMVSF_NEEDPAYLOAD)) + try: + hdr = ts.hdrFromFdno(fdno) + except rpm.error: diff --git a/meta/recipes-support/createrepo/createrepo_0.4.11.bb b/meta/recipes-support/createrepo/createrepo_0.4.11.bb index 989a7456e8..060ed597a4 100644 --- a/meta/recipes-support/createrepo/createrepo_0.4.11.bb +++ b/meta/recipes-support/createrepo/createrepo_0.4.11.bb @@ -4,11 +4,12 @@ HOMEPAGE = "http://createrepo.baseurl.org/" LICENSE = "GPLv2+" LIC_FILES_CHKSUM = "file://COPYING;md5=18810669f13b87348459e611d31ab760" -PR = "r2" +PR = "r3" SRC_URI= "http://createrepo.baseurl.org/download/${BP}.tar.gz \ file://fix-native-install.patch \ file://python-scripts-should-use-interpreter-from-env.patch \ + file://createrepo-rpm549.patch \ " SRC_URI[md5sum] = "3e9ccf4abcffe3f49af078c83611eda2"