* [PATCH 1/2] libxml2: fix CVE-2018-9251 and CVE-2018-14567
@ 2018-08-17 7:22 Hongxu Jia
2018-08-17 7:22 ` [PATCH 2/2] nasm: fix CVE-2018-8883 & CVE-2018-8882 & CVE-2018-10016 & CVE-2018-10316 Hongxu Jia
2018-08-17 7:32 ` ✗ patchtest: failure for "libxml2: fix CVE-2018-9251 and..." and 1 more Patchwork
0 siblings, 2 replies; 5+ messages in thread
From: Hongxu Jia @ 2018-08-17 7:22 UTC (permalink / raw)
To: openembedded-core
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
---
...1-Fix-infinite-loop-in-LZMA-decompression.patch | 55 ++++++++++++++++++++++
meta/recipes-core/libxml/libxml2_2.9.8.bb | 1 +
2 files changed, 56 insertions(+)
create mode 100644 meta/recipes-core/libxml/libxml2/0001-Fix-infinite-loop-in-LZMA-decompression.patch
diff --git a/meta/recipes-core/libxml/libxml2/0001-Fix-infinite-loop-in-LZMA-decompression.patch b/meta/recipes-core/libxml/libxml2/0001-Fix-infinite-loop-in-LZMA-decompression.patch
new file mode 100644
index 0000000..16c2295
--- /dev/null
+++ b/meta/recipes-core/libxml/libxml2/0001-Fix-infinite-loop-in-LZMA-decompression.patch
@@ -0,0 +1,55 @@
+From 28a9dc642ffd759df1e48be247a114f440a6c16e Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Mon, 30 Jul 2018 13:14:11 +0200
+Subject: [PATCH] Fix infinite loop in LZMA decompression
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Check the liblzma error code more thoroughly to avoid infinite loops.
+
+Closes: https://gitlab.gnome.org/GNOME/libxml2/issues/13
+Closes: https://bugzilla.gnome.org/show_bug.cgi?id=794914
+
+This is CVE-2018-9251 and CVE-2018-14567.
+
+Thanks to Dongliang Mu and Simon Wörner for the reports.
+
+CVE: CVE-2018-9251
+CVE: CVE-2018-14567
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74]
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+---
+ xzlib.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/xzlib.c b/xzlib.c
+index a839169..0ba88cf 100644
+--- a/xzlib.c
++++ b/xzlib.c
+@@ -562,6 +562,10 @@ xz_decomp(xz_statep state)
+ "internal error: inflate stream corrupt");
+ return -1;
+ }
++ /*
++ * FIXME: Remapping a couple of error codes and falling through
++ * to the LZMA error handling looks fragile.
++ */
+ if (ret == Z_MEM_ERROR)
+ ret = LZMA_MEM_ERROR;
+ if (ret == Z_DATA_ERROR)
+@@ -587,6 +591,11 @@ xz_decomp(xz_statep state)
+ xz_error(state, LZMA_PROG_ERROR, "compression error");
+ return -1;
+ }
++ if ((state->how != GZIP) &&
++ (ret != LZMA_OK) && (ret != LZMA_STREAM_END)) {
++ xz_error(state, ret, "lzma error");
++ return -1;
++ }
+ } while (strm->avail_out && ret != LZMA_STREAM_END);
+
+ /* update available output and crc check value */
+--
+2.7.4
+
diff --git a/meta/recipes-core/libxml/libxml2_2.9.8.bb b/meta/recipes-core/libxml/libxml2_2.9.8.bb
index 4ebd2ef..f01cb2c 100644
--- a/meta/recipes-core/libxml/libxml2_2.9.8.bb
+++ b/meta/recipes-core/libxml/libxml2_2.9.8.bb
@@ -22,6 +22,7 @@ SRC_URI = "http://www.xmlsoft.org/sources/libxml2-${PV}.tar.gz;name=libtar \
file://fix-execution-of-ptests.patch \
file://fix-CVE-2017-8872.patch \
file://fix-CVE-2018-14404.patch \
+ file://0001-Fix-infinite-loop-in-LZMA-decompression.patch \
"
SRC_URI[libtar.md5sum] = "b786e353e2aa1b872d70d5d1ca0c740d"
--
2.7.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH 2/2] nasm: fix CVE-2018-8883 & CVE-2018-8882 & CVE-2018-10016 & CVE-2018-10316
2018-08-17 7:22 [PATCH 1/2] libxml2: fix CVE-2018-9251 and CVE-2018-14567 Hongxu Jia
@ 2018-08-17 7:22 ` Hongxu Jia
2018-08-17 7:32 ` ✗ patchtest: failure for "libxml2: fix CVE-2018-9251 and..." and 1 more Patchwork
1 sibling, 0 replies; 5+ messages in thread
From: Hongxu Jia @ 2018-08-17 7:22 UTC (permalink / raw)
To: openembedded-core
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
---
...t-we-are-not-reading-past-end-of-a-buffer.patch | 65 ++++++++++++++++++++++
...001-asm-eval.c-Avoid-possible-divide-by-0.patch | 40 +++++++++++++
.../0001-assemble-Check-global-line-limit.patch | 50 +++++++++++++++++
.../nasm/nasm/0001-fix-CVE-2018-8882.patch | 30 ++++++++++
meta/recipes-devtools/nasm/nasm_2.13.03.bb | 4 ++
5 files changed, 189 insertions(+)
create mode 100644 meta/recipes-devtools/nasm/nasm/0001-Verify-that-we-are-not-reading-past-end-of-a-buffer.patch
create mode 100644 meta/recipes-devtools/nasm/nasm/0001-asm-eval.c-Avoid-possible-divide-by-0.patch
create mode 100644 meta/recipes-devtools/nasm/nasm/0001-assemble-Check-global-line-limit.patch
create mode 100644 meta/recipes-devtools/nasm/nasm/0001-fix-CVE-2018-8882.patch
diff --git a/meta/recipes-devtools/nasm/nasm/0001-Verify-that-we-are-not-reading-past-end-of-a-buffer.patch b/meta/recipes-devtools/nasm/nasm/0001-Verify-that-we-are-not-reading-past-end-of-a-buffer.patch
new file mode 100644
index 0000000..cc755c2
--- /dev/null
+++ b/meta/recipes-devtools/nasm/nasm/0001-Verify-that-we-are-not-reading-past-end-of-a-buffer.patch
@@ -0,0 +1,65 @@
+From c5785fdf1d660eaefb9711284414262d0cfe8843 Mon Sep 17 00:00:00 2001
+From: Adam Majer <amajer@suse.de>
+Date: Fri, 17 Aug 2018 14:48:17 +0800
+Subject: [PATCH] Verify that we are not reading past end of a buffer
+
+Simple reproducer is just,
+
+ ret &d:ep
+
+which triggers a buffer overread due to parsing of an invalid
+segment override.
+
+Signed-off-by: Adam Majer <amajer@suse.de>
+
+Upstream-Status: Cherry pick from upstream bugzilla [https://bugzilla.nasm.us/show_bug.cgi?id=3392447]
+CVE: CVE-2018-8883
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+---
+ include/opflags.h | 2 +-
+ include/tables.h | 1 +
+ x86/regs.pl | 3 ++-
+ 3 files changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/include/opflags.h b/include/opflags.h
+index ef2838c1..8d4b6b1e 100644
+--- a/include/opflags.h
++++ b/include/opflags.h
+@@ -166,7 +166,7 @@
+ #define REG_CLASS_BND GEN_REG_CLASS(9)
+
+ #define is_class(class, op) (!((opflags_t)(class) & ~(opflags_t)(op)))
+-#define is_reg_class(class, reg) is_class((class), nasm_reg_flags[(reg)])
++#define is_reg_class(class, reg) is_class((class), ((reg) < nasm_reg_flags_size ? nasm_reg_flags[(reg)] : 0))
+
+ #define IS_SREG(reg) is_reg_class(REG_SREG, (reg))
+ #define IS_FSGS(reg) is_reg_class(REG_FSGS, (reg))
+diff --git a/include/tables.h b/include/tables.h
+index 24a665e2..458752ce 100644
+--- a/include/tables.h
++++ b/include/tables.h
+@@ -64,6 +64,7 @@ extern const char * const nasm_reg_names[];
+ typedef uint64_t opflags_t;
+ typedef uint16_t decoflags_t;
+ extern const opflags_t nasm_reg_flags[];
++extern const size_t nasm_reg_flags_size;
+ /* regvals.c */
+ extern const int nasm_regvals[];
+
+diff --git a/x86/regs.pl b/x86/regs.pl
+index 3a1b56f5..cb5cea68 100755
+--- a/x86/regs.pl
++++ b/x86/regs.pl
+@@ -158,7 +158,8 @@ if ( $fmt eq 'h' ) {
+ printf " %-15s /* %-5s */\n",
+ $regs{$reg}.',', $reg;
+ }
+- print "};\n";
++ print "};\n\n";
++ print "const size_t nasm_reg_flags_size = sizeof(nasm_reg_flags) / sizeof(opflags_t);\n";
+ } elsif ( $fmt eq 'vc' ) {
+ # Output regvals.c
+ print "/* automatically generated from $file - do not edit */\n\n";
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/nasm/nasm/0001-asm-eval.c-Avoid-possible-divide-by-0.patch b/meta/recipes-devtools/nasm/nasm/0001-asm-eval.c-Avoid-possible-divide-by-0.patch
new file mode 100644
index 0000000..de450d2
--- /dev/null
+++ b/meta/recipes-devtools/nasm/nasm/0001-asm-eval.c-Avoid-possible-divide-by-0.patch
@@ -0,0 +1,40 @@
+From 8ad049cf9ccda2a5133a97506011862bcfc4a0c0 Mon Sep 17 00:00:00 2001
+From: Adam Majer <amajer@suse.de>
+Date: Fri, 17 Aug 2018 14:15:35 +0800
+Subject: [PATCH] asm/eval.c: Avoid possible divide by 0
+
+During a divide operation, we already tested that the
+divisor has is_simple, but then when testing it for 0,
+we again verify that it does not contain any unknown parts.
+This extra check prevents detection of cases when
+reloc_value returns 0.
+
+Use reloc_value instead in detection of 0 divisor.
+
+https://bugzilla.nasm.us/show_bug.cgi?id=3392473
+
+Signed-off-by: Adam Majer <amajer@suse.de>
+
+Upstream-Status: Cherry pick from upstream bugzilla [https://bugzilla.nasm.us/show_bug.cgi?id=3392473]
+CVE: CVE-2018-10016
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+---
+ asm/eval.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/asm/eval.c b/asm/eval.c
+index 816983b9..57c598c5 100644
+--- a/asm/eval.c
++++ b/asm/eval.c
+@@ -585,7 +585,7 @@ static expr *expr5(int critical)
+ " scalar values");
+ return NULL;
+ }
+- if (j != '*' && !is_unknown(f) && reloc_value(f) == 0) {
++ if (j != '*' && reloc_value(f) == 0) {
+ nasm_error(ERR_NONFATAL, "division by zero");
+ return NULL;
+ }
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/nasm/nasm/0001-assemble-Check-global-line-limit.patch b/meta/recipes-devtools/nasm/nasm/0001-assemble-Check-global-line-limit.patch
new file mode 100644
index 0000000..682d4c7
--- /dev/null
+++ b/meta/recipes-devtools/nasm/nasm/0001-assemble-Check-global-line-limit.patch
@@ -0,0 +1,50 @@
+From 7a46d6b9e3a1d8a0ab0d816ef1bf194ad285e082 Mon Sep 17 00:00:00 2001
+From: "Chang S. Bae" <chang.seok.bae@intel.com>
+Date: Fri, 17 Aug 2018 14:26:03 +0800
+Subject: [PATCH] assemble: Check global line limit
+
+Without the limit, the while loop opens to semi-infinite
+that will exhaustively consume the heap space. Also, the
+index value gets into the garbage.
+
+https://bugzilla.nasm.us/show_bug.cgi?id=3392474
+
+Reported-by : Dongliang Mu <mudongliangabcd@gmail.com>
+Signed-off-by: Chang S. Bae <chang.seok.bae@intel.com>
+Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
+
+Upstream-Status: Backport from upstream [http://repo.or.cz/nasm.git]
+CVE: CVE-2018-10316
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+---
+ asm/nasm.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/asm/nasm.c b/asm/nasm.c
+index 8497ec9..81f6cee 100644
+--- a/asm/nasm.c
++++ b/asm/nasm.c
+@@ -99,6 +99,8 @@ static char outname[FILENAME_MAX];
+ static char listname[FILENAME_MAX];
+ static char errname[FILENAME_MAX];
+ static int globallineno; /* for forward-reference tracking */
++#define GLOBALLINENO_MAX INT32_MAX
++
+ /* static int pass = 0; */
+ const struct ofmt *ofmt = &OF_DEFAULT;
+ const struct ofmt_alias *ofmt_alias = NULL;
+@@ -1360,7 +1362,10 @@ static void assemble_file(char *fname, StrList **depend_ptr)
+ location.offset = offs = get_curr_offs();
+
+ while ((line = preproc->getline())) {
+- globallineno++;
++ if (globallineno++ == GLOBALLINENO_MAX)
++ nasm_error(ERR_FATAL,
++ "overall line number reaches the maximum %d\n",
++ GLOBALLINENO_MAX);
+
+ /*
+ * Here we parse our directives; this is not handled by the
+--
+2.7.4
+
diff --git a/meta/recipes-devtools/nasm/nasm/0001-fix-CVE-2018-8882.patch b/meta/recipes-devtools/nasm/nasm/0001-fix-CVE-2018-8882.patch
new file mode 100644
index 0000000..65b5af5
--- /dev/null
+++ b/meta/recipes-devtools/nasm/nasm/0001-fix-CVE-2018-8882.patch
@@ -0,0 +1,30 @@
+From 33438037e00ec750bff020578b1a5b6f75f60555 Mon Sep 17 00:00:00 2001
+From: Adam Majer <amajer@suse.de>
+Date: Fri, 17 Aug 2018 14:41:02 +0800
+Subject: [PATCH] fix CVE-2018-8882
+
+https://bugzilla.nasm.us/show_bug.cgi?id=3392445
+
+Upstream-Status: Cherry pick from upstream bugzilla [https://bugzilla.nasm.us/show_bug.cgi?id=3392445]
+CVE: CVE-2018-8882
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+---
+ asm/float.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/asm/float.c b/asm/float.c
+index dcf69fea..2965d3db 100644
+--- a/asm/float.c
++++ b/asm/float.c
+@@ -608,6 +608,8 @@ static void ieee_shr(fp_limb *mant, int i)
+ if (offs)
+ for (j = MANT_LIMBS-1; j >= offs; j--)
+ mant[j] = mant[j-offs];
++ } else if (MANT_LIMBS-1-offs < 0) {
++ j = MANT_LIMBS-1;
+ } else {
+ n = mant[MANT_LIMBS-1-offs] >> sr;
+ for (j = MANT_LIMBS-1; j > offs; j--) {
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/nasm/nasm_2.13.03.bb b/meta/recipes-devtools/nasm/nasm_2.13.03.bb
index 236d7e5..ae2ad7f 100644
--- a/meta/recipes-devtools/nasm/nasm_2.13.03.bb
+++ b/meta/recipes-devtools/nasm/nasm_2.13.03.bb
@@ -5,6 +5,10 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=90904486f8fbf1861cf42752e1a39efe"
SRC_URI = "http://www.nasm.us/pub/nasm/releasebuilds/${PV}/nasm-${PV}.tar.bz2 \
file://0001-asmlib-Drop-pure-function-attribute-from-seg_init.patch \
+ file://0001-asm-eval.c-Avoid-possible-divide-by-0.patch \
+ file://0001-assemble-Check-global-line-limit.patch \
+ file://0001-fix-CVE-2018-8882.patch \
+ file://0001-Verify-that-we-are-not-reading-past-end-of-a-buffer.patch \
"
SRC_URI[md5sum] = "0c581d482f39d5111879ca9601938f74"
--
2.7.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* ✗ patchtest: failure for "libxml2: fix CVE-2018-9251 and..." and 1 more
2018-08-17 7:22 [PATCH 1/2] libxml2: fix CVE-2018-9251 and CVE-2018-14567 Hongxu Jia
2018-08-17 7:22 ` [PATCH 2/2] nasm: fix CVE-2018-8883 & CVE-2018-8882 & CVE-2018-10016 & CVE-2018-10316 Hongxu Jia
@ 2018-08-17 7:32 ` Patchwork
2018-08-17 7:37 ` Hongxu Jia
1 sibling, 1 reply; 5+ messages in thread
From: Patchwork @ 2018-08-17 7:32 UTC (permalink / raw)
To: Hongxu Jia; +Cc: openembedded-core
== Series Details ==
Series: "libxml2: fix CVE-2018-9251 and..." and 1 more
Revision: 1
URL : https://patchwork.openembedded.org/series/13574/
State : failure
== Summary ==
Thank you for submitting this patch series to OpenEmbedded Core. This is
an automated response. Several tests have been executed on the proposed
series by patchtest resulting in the following failures:
* Issue Upstream-Status is in incorrect format [test_upstream_status_presence_format]
Suggested fix Fix Upstream-Status format in 0001-Verify-that-we-are-not-reading-past-end-of-a-buffer.patch
Current Upstream-Status: Cherry pick from upstream bugzilla [https://bugzilla.nasm.us/show_bug.cgi?id=3392447]
Standard format Upstream-Status: <Valid status>
Valid status Pending, Accepted, Backport, Denied, Inappropriate [reason], Submitted [where]
If you believe any of these test results are incorrect, please reply to the
mailing list (openembedded-core@lists.openembedded.org) raising your concerns.
Otherwise we would appreciate you correcting the issues and submitting a new
version of the patchset if applicable. Please ensure you add/increment the
version number when sending the new version (i.e. [PATCH] -> [PATCH v2] ->
[PATCH v3] -> ...).
---
Guidelines: https://www.openembedded.org/wiki/Commit_Patch_Message_Guidelines
Test framework: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest
Test suite: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest-oe
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: ✗ patchtest: failure for "libxml2: fix CVE-2018-9251 and..." and 1 more
2018-08-17 7:32 ` ✗ patchtest: failure for "libxml2: fix CVE-2018-9251 and..." and 1 more Patchwork
@ 2018-08-17 7:37 ` Hongxu Jia
2018-08-19 22:16 ` Richard Purdie
0 siblings, 1 reply; 5+ messages in thread
From: Hongxu Jia @ 2018-08-17 7:37 UTC (permalink / raw)
To: openembedded-core
On 2018年08月17日 15:32, Patchwork wrote:
> == Series Details ==
>
> Series: "libxml2: fix CVE-2018-9251 and..." and 1 more
> Revision: 1
> URL : https://patchwork.openembedded.org/series/13574/
> State : failure
>
> == Summary ==
>
>
> Thank you for submitting this patch series to OpenEmbedded Core. This is
> an automated response. Several tests have been executed on the proposed
> series by patchtest resulting in the following failures:
>
>
>
> * Issue Upstream-Status is in incorrect format [test_upstream_status_presence_format]
> Suggested fix Fix Upstream-Status format in 0001-Verify-that-we-are-not-reading-past-end-of-a-buffer.patch
> Current Upstream-Status: Cherry pick from upstream bugzilla [https://bugzilla.nasm.us/show_bug.cgi?id=3392447]
> Standard format Upstream-Status: <Valid status>
> Valid status Pending, Accepted, Backport, Denied, Inappropriate [reason], Submitted [where]
I am not sure which one to choose, the patch is not from
upstream, but its bugzilla, so `Backport' is not accurate
//Hongxu
>
>
> If you believe any of these test results are incorrect, please reply to the
> mailing list (openembedded-core@lists.openembedded.org) raising your concerns.
> Otherwise we would appreciate you correcting the issues and submitting a new
> version of the patchset if applicable. Please ensure you add/increment the
> version number when sending the new version (i.e. [PATCH] -> [PATCH v2] ->
> [PATCH v3] -> ...).
>
> ---
> Guidelines: https://www.openembedded.org/wiki/Commit_Patch_Message_Guidelines
> Test framework: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest
> Test suite: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest-oe
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: ✗ patchtest: failure for "libxml2: fix CVE-2018-9251 and..." and 1 more
2018-08-17 7:37 ` Hongxu Jia
@ 2018-08-19 22:16 ` Richard Purdie
0 siblings, 0 replies; 5+ messages in thread
From: Richard Purdie @ 2018-08-19 22:16 UTC (permalink / raw)
To: Hongxu Jia, openembedded-core
On Fri, 2018-08-17 at 15:37 +0800, Hongxu Jia wrote:
> On 2018年08月17日 15:32, Patchwork wrote:
> > == Series Details ==
> >
> > Series: "libxml2: fix CVE-2018-9251 and..." and 1 more
> > Revision: 1
> > URL : https://patchwork.openembedded.org/series/13574/
> > State : failure
> >
> > == Summary ==
> >
> >
> > Thank you for submitting this patch series to OpenEmbedded Core.
> > This is
> > an automated response. Several tests have been executed on the
> > proposed
> > series by patchtest resulting in the following failures:
> >
> >
> >
> > * Issue Upstream-Status is in incorrect format
> > [test_upstream_status_presence_format]
> > Suggested fix Fix Upstream-Status format in 0001-Verify-that-
> > we-are-not-reading-past-end-of-a-buffer.patch
> > Current Upstream-Status: Cherry pick from upstream
> > bugzilla [https://bugzilla.nasm.us/show_bug.cgi?id=3392447]
> > Standard format Upstream-Status: <Valid status>
> > Valid status Pending, Accepted, Backport, Denied,
> > Inappropriate [reason], Submitted [where]
>
> I am not sure which one to choose, the patch is not from
> upstream, but its bugzilla, so `Backport' is not accurate
That would be Submitted since upstream are aware of the patch.
Cheers,
Richard
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2018-08-19 22:17 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-08-17 7:22 [PATCH 1/2] libxml2: fix CVE-2018-9251 and CVE-2018-14567 Hongxu Jia
2018-08-17 7:22 ` [PATCH 2/2] nasm: fix CVE-2018-8883 & CVE-2018-8882 & CVE-2018-10016 & CVE-2018-10316 Hongxu Jia
2018-08-17 7:32 ` ✗ patchtest: failure for "libxml2: fix CVE-2018-9251 and..." and 1 more Patchwork
2018-08-17 7:37 ` Hongxu Jia
2018-08-19 22:16 ` Richard Purdie
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox