[yocto] Nettle from release Fido fails to build
Leon Anavi
leon.anavi at konsulko.com
Fri Mar 11 01:45:33 PST 2016
Hi,
Yesterday I noticed that the build of recipe nettle 2.7.1 from release
Fido fails:
https://gist.github.com/leon-anavi/dfd3afab567a9dc9fa2f
The build machine is with Ubuntu 14.04 (Trusty Tahr). I am build Poky
with nettle for qemux86-64.
My investigation shows that nettle fails due to a couple of security
fixes (CVE-2015-8804, CVE-2015-8803 and CVE-2015-8805) which have been
applied to branch Fido recently:
https://git.yoctoproject.org/cgit/cgit.cgi/poky/tree/meta/recipes-support/nettle/nettle_2.7.1.bb?h=fido#n13
The same patches are present in Jethro but the versions of nettle in
Jethro and Fido are different. The version in Fido is 2.7.1. Jethro has
recipes for both 2.7.1 and 3.1.1. As far as I can see in Jethro the
patches are applied only for version 3.1.1.Therefore in my opinion these
patches are for a newer versions of nettle and they are not compatible
with version 2.7.1 from release Fido.
Could you please have a look and let me know if I am doing something
wrong or if this is a bug that can be fixed for release Fido?
Best regards, Leon
--
Leon Anavi
Software Engineer
konsulko.com
More information about the yocto
mailing list