From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pg0-f67.google.com (mail-pg0-f67.google.com [74.125.83.67]) by mail.openembedded.org (Postfix) with ESMTP id 857197833B for ; Fri, 24 Nov 2017 20:36:07 +0000 (UTC) Received: by mail-pg0-f67.google.com with SMTP id m4so6064426pgc.4 for ; Fri, 24 Nov 2017 12:36:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language; bh=meh7OeIUlQyKbFexar5PiB1Uh/njYJId7NsEFXwKiqQ=; b=pAoVcCOXto9D+3DTpy1vuXGNoeXi8PfKhMBNWBBVdXiuC2oyXiLAoJfz30r81MpfWg fJ0GoS6ZDN73RUAlSmHN7UZQhG7TgRKMmNhTQ1p0JrPm6AtHLTOkdVl87cv9PDcbVAb8 mRzP2qFQ48lCuMsGR6UXcsxk3+UsIYk8BGldKhdwfEgWX4jb2gw5ZuuJcssxjQpMPDqm nuaFRanNS2km4/U8WnEX5vHZu1M2KMFb/BkzIju73fwBF5/xKut+VaxX4k4urIqizhgq z4UOW0An8W3QFURZrnF88LRw5jNwmSBcd4KuASOTt2ucGBiqaHuflQ0PowfqrkCOMbHW kOew== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=meh7OeIUlQyKbFexar5PiB1Uh/njYJId7NsEFXwKiqQ=; b=uoYz7PuQpAfqzwsWsFTpzTWxqYfxbrJQyn0A4z6SCfLiSjCGX3vZnNS8TYRQzVXEJk kFNjSKP/ioobjUgLOrSaIed8sjhO9UQ3kDSXX0A7yBkD5K4iwO75a62ZlYPTxidA3u3n D/ISL36zQB9HdPXBDRKrmWlO+ncaOXWycigDVmMclEl6kC6hpeQtmmLwlMHAPxf4gZ20 F7ZOXoMGDXxBr7xPgWJjxV8RkgrtoY95+eJYzSR0c4tRQ9KbodtUiG+dDGicWu7bDROF EYsUaaHlS+Edfvjye8pWD3jaXoE4J2yOFPbaN3Bfd6zgZJUTHjOKOC6CyCYMfI9L3Ghw /FkQ== X-Gm-Message-State: AJaThX7fTVTDRFRA3FL11dbcLfy0ilEzVrQggm16izIW6dwQtK93Cpvv tGV3hFfbP7kBlCDfrlaL2UZ+cA== X-Google-Smtp-Source: AGs4zMasC1Ab2KqSQ/STV2PZ1/wkRo20vLspkKxUDgjzeEibxv/fD+oK4zxebA6bxIZ0SrbtvYzuEA== X-Received: by 10.99.7.8 with SMTP id 8mr6632173pgh.264.1511555768332; Fri, 24 Nov 2017 12:36:08 -0800 (PST) Received: from ?IPv6:2601:202:4001:9ea0:2178:58dc:281c:c010? ([2601:202:4001:9ea0:2178:58dc:281c:c010]) by smtp.gmail.com with ESMTPSA id g10sm18320204pfe.77.2017.11.24.12.36.07 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 24 Nov 2017 12:36:07 -0800 (PST) To: "Burton, Ross" References: <6e486fe6-1f4a-a36d-5885-34cfe9ff1d1c@gmail.com> From: akuster808 Message-ID: <201de6dd-7ff5-7fdd-db73-dadd7c174473@gmail.com> Date: Fri, 24 Nov 2017 12:36:06 -0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: Cc: OE-core Subject: Re: [PATCH 5/5] curl: update to 7.56.1 X-BeenThere: openembedded-core@lists.openembedded.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Patches and discussions about the oe-core layer List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Nov 2017 20:36:07 -0000 Content-Type: multipart/alternative; boundary="------------AD069DF0DDF8602EF8AC0888" Content-Language: en-US --------------AD069DF0DDF8602EF8AC0888 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit On 11/24/2017 08:59 AM, Burton, Ross wrote: > I haven't looked into it further than verifying that reverting the > curl upgrade makes it work again. > > dnf -> python -> gnutls -> curl. k. I am setting up an env to rep this issue. thanks, Armin > > Ross > > On 24 November 2017 at 16:57, akuster808 > wrote: > > > > On 11/24/2017 04:49 AM, Burton, Ross wrote: >> Now I remember why this was rejected last time: it breaks dnf in >> musl >> (https://autobuilder.yocto.io/builders/nightly-musl/builds/616 >> ). > is it bugged? > > - armin > >> >> Ross >> >> On 21 November 2017 at 20:01, Armin Kuster > > wrote: >> >> From: Armin Kuster > > >> >> v2] - remove inherit >> >> curlbuild.h removed from sources >> >> includes: >> CVE-2017-1000257 >> >> removed patches for the following cve fixs: >> CVE-2017-1000254 >> CVE-2017-1000101 >> CVE-2017-1000100 >> CVE-2017-1000099 >> >> Signed-off-by: Armin Kuster > > >> --- >>  .../curl/{curl_7.54.1.bb => >> curl_7.56.1.bb }                | 14 >> +++----------- >>  1 file changed, 3 insertions(+), 11 deletions(-) >>  rename meta/recipes-support/curl/{curl_7.54.1.bb >> => curl_7.56.1.bb >> } (87%) >> >> diff --git a/meta/recipes-support/curl/curl_7.54.1.bb >> >> b/meta/recipes-support/curl/curl_7.56.1.bb >> >> similarity index 87% >> rename from meta/recipes-support/curl/curl_7.54.1.bb >> >> rename to meta/recipes-support/curl/curl_7.56.1.bb >> >> index 58f0531..830f350 100644 >> --- a/meta/recipes-support/curl/curl_7.54.1.bb >> >> +++ b/meta/recipes-support/curl/curl_7.56.1.bb >> >> @@ -7,10 +7,6 @@ LIC_FILES_CHKSUM = >> "file://COPYING;beginline=8;md5=3a34942f4ae3fbf1a303160714e66 >> >>  SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 >> \ >>             >> file://0001-replace-krb5-config-with-pkg-config.patch \ >> -           file://CVE-2017-1000099.patch \ >> -           file://CVE-2017-1000100.patch \ >> -           file://CVE-2017-1000101.patch \ >> -           file://CVE-2017-1000254.patch \ >>  " >> >>  SRC_URI_append_class-target = " \ >> @@ -22,11 +18,11 @@ SRC_URI_append_class-target = " \ >>  # >>  SRC_URI += " file://configure_ac.patch" >> >> -SRC_URI[md5sum] = "6b6eb722f512e7a24855ff084f54fe55" >> -SRC_URI[sha256sum] = >> "fdfc4df2d001ee0c44ec071186e770046249263c491fcae48df0e1a3ca8f25a0" >> +SRC_URI[md5sum] = "428de25834ef8c04076906d6d5c0498e" >> +SRC_URI[sha256sum] = >> "2594670367875e7d87b0f129b5e4690150780884d90244ba0fe3e74a778b5f90" >> >>  CVE_PRODUCT = "libcurl" >> -inherit autotools pkgconfig binconfig multilib_header >> +inherit autotools pkgconfig binconfig >> >>  PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', >> 'ipv6', d)} gnutls proxy threaded-resolver zlib" >>  PACKAGECONFIG_class-native = "ipv6 proxy ssl >> threaded-resolver zlib" >> @@ -64,10 +60,6 @@ EXTRA_OECONF = " \ >>      --without-libpsl \ >>  " >> >> -do_install_append() { >> -       oe_multilib_header curl/curlbuild.h >> -} >> - >>  do_install_append_class-target() { >>         # cleanup buildpaths from curl-config >>         sed -i \ >> -- >> 2.7.4 >> >> -- >> _______________________________________________ >> Openembedded-core mailing list >> Openembedded-core@lists.openembedded.org >> >> http://lists.openembedded.org/mailman/listinfo/openembedded-core >> >> >> > > --------------AD069DF0DDF8602EF8AC0888 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit



On 11/24/2017 08:59 AM, Burton, Ross wrote:
I haven't looked into it further than verifying that reverting the curl upgrade makes it work again.

dnf -> python -> gnutls -> curl.
k. I am setting up an env to rep this issue.

thanks,
Armin

Ross

On 24 November 2017 at 16:57, akuster808 <akuster808@gmail.com> wrote:



On 11/24/2017 04:49 AM, Burton, Ross wrote:
Now I remember why this was rejected last time: it breaks dnf in musl (https://autobuilder.yocto.io/builders/nightly-musl/builds/616).
 is it bugged?

- armin


Ross

On 21 November 2017 at 20:01, Armin Kuster <akuster808@gmail.com> wrote:
From: Armin Kuster <akuster@mvista.com>

v2] - remove inherit

curlbuild.h removed from sources

includes:
CVE-2017-1000257

removed patches for the following cve fixs:
CVE-2017-1000254
CVE-2017-1000101
CVE-2017-1000100
CVE-2017-1000099

Signed-off-by: Armin Kuster <akuster@mvista.com>
---
 .../curl/{curl_7.54.1.bb => curl_7.56.1.bb}                | 14 +++-----------
 1 file changed, 3 insertions(+), 11 deletions(-)
 rename meta/recipes-support/curl/{curl_7.54.1.bb => curl_7.56.1.bb} (87%)

diff --git a/meta/recipes-support/curl/curl_7.54.1.bb b/meta/recipes-support/curl/curl_7.56.1.bb
similarity index 87%
rename from meta/recipes-support/curl/curl_7.54.1.bb
rename to meta/recipes-support/curl/curl_7.56.1.bb
index 58f0531..830f350 100644
--- a/meta/recipes-support/curl/curl_7.54.1.bb
+++ b/meta/recipes-support/curl/curl_7.56.1.bb
@@ -7,10 +7,6 @@ LIC_FILES_CHKSUM = "file://COPYING;beginline=8;md5=3a34942f4ae3fbf1a303160714e66

 SRC_URI = "http://curl.haxx.se/download/curl-${PV}.tar.bz2 \
            file://0001-replace-krb5-config-with-pkg-config.patch \
-           file://CVE-2017-1000099.patch \
-           file://CVE-2017-1000100.patch \
-           file://CVE-2017-1000101.patch \
-           file://CVE-2017-1000254.patch \
 "

 SRC_URI_append_class-target = " \
@@ -22,11 +18,11 @@ SRC_URI_append_class-target = " \
 #
 SRC_URI += " file://configure_ac.patch"

-SRC_URI[md5sum] = "6b6eb722f512e7a24855ff084f54fe55"
-SRC_URI[sha256sum] = "fdfc4df2d001ee0c44ec071186e770046249263c491fcae48df0e1a3ca8f25a0"
+SRC_URI[md5sum] = "428de25834ef8c04076906d6d5c0498e"
+SRC_URI[sha256sum] = "2594670367875e7d87b0f129b5e4690150780884d90244ba0fe3e74a778b5f90"

 CVE_PRODUCT = "libcurl"
-inherit autotools pkgconfig binconfig multilib_header
+inherit autotools pkgconfig binconfig

 PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} gnutls proxy threaded-resolver zlib"
 PACKAGECONFIG_class-native = "ipv6 proxy ssl threaded-resolver zlib"
@@ -64,10 +60,6 @@ EXTRA_OECONF = " \
     --without-libpsl \
 "

-do_install_append() {
-       oe_multilib_header curl/curlbuild.h
-}
-
 do_install_append_class-target() {
        # cleanup buildpaths from curl-config
        sed -i \
--
2.7.4

--
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core




--------------AD069DF0DDF8602EF8AC0888--