* [honister][PATCH 0/3] Patch review
@ 2022-03-21 13:40 Anuj Mittal
2022-03-21 13:40 ` [honister][PATCH 1/3] ghostscript: fix CVE-2021-3781 Anuj Mittal
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Anuj Mittal @ 2022-03-21 13:40 UTC (permalink / raw)
To: openembedded-core
Final set of changes before 3.4.3. Please review.
No problems seen while testing on the autobuilder.
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3396
Thanks,
Anuj
The following changes since commit 427f4ef11beb8ceee007b5c7e152f2383a114aca:
patch.py: Prevent git repo reinitialization (2022-03-11 10:55:24 +0800)
are available in the Git repository at:
git://push.openembedded.org/openembedded-core-contrib anujm/honister
Chee Yang Lee (2):
ghostscript: fix CVE-2021-3781
go: update to 1.16.15
Sakib Sajal (1):
go: upgrade 1.16.13 -> 1.16.14
.../go/{go-1.16.13.inc => go-1.16.15.inc} | 4 +-
...1.16.13.bb => go-binary-native_1.16.15.bb} | 4 +-
....16.13.bb => go-cross-canadian_1.16.15.bb} | 0
...o-cross_1.16.13.bb => go-cross_1.16.15.bb} | 0
...ssdk_1.16.13.bb => go-crosssdk_1.16.15.bb} | 0
...native_1.16.13.bb => go-native_1.16.15.bb} | 0
...ntime_1.16.13.bb => go-runtime_1.16.15.bb} | 0
.../go/{go_1.16.13.bb => go_1.16.15.bb} | 0
.../ghostscript/CVE-2021-3781.patch | 236 ++++++++++++++++++
.../ghostscript/ghostscript_9.54.0.bb | 1 +
10 files changed, 241 insertions(+), 4 deletions(-)
rename meta/recipes-devtools/go/{go-1.16.13.inc => go-1.16.15.inc} (90%)
rename meta/recipes-devtools/go/{go-binary-native_1.16.13.bb => go-binary-native_1.16.15.bb} (83%)
rename meta/recipes-devtools/go/{go-cross-canadian_1.16.13.bb => go-cross-canadian_1.16.15.bb} (100%)
rename meta/recipes-devtools/go/{go-cross_1.16.13.bb => go-cross_1.16.15.bb} (100%)
rename meta/recipes-devtools/go/{go-crosssdk_1.16.13.bb => go-crosssdk_1.16.15.bb} (100%)
rename meta/recipes-devtools/go/{go-native_1.16.13.bb => go-native_1.16.15.bb} (100%)
rename meta/recipes-devtools/go/{go-runtime_1.16.13.bb => go-runtime_1.16.15.bb} (100%)
rename meta/recipes-devtools/go/{go_1.16.13.bb => go_1.16.15.bb} (100%)
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2021-3781.patch
--
2.35.1
^ permalink raw reply [flat|nested] 4+ messages in thread* [honister][PATCH 1/3] ghostscript: fix CVE-2021-3781 2022-03-21 13:40 [honister][PATCH 0/3] Patch review Anuj Mittal @ 2022-03-21 13:40 ` Anuj Mittal 2022-03-21 13:40 ` [honister][PATCH 2/3] go: upgrade 1.16.13 -> 1.16.14 Anuj Mittal 2022-03-21 13:40 ` [honister][PATCH 3/3] go: update to 1.16.15 Anuj Mittal 2 siblings, 0 replies; 4+ messages in thread From: Anuj Mittal @ 2022-03-21 13:40 UTC (permalink / raw) To: openembedded-core From: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> --- .../ghostscript/CVE-2021-3781.patch | 236 ++++++++++++++++++ .../ghostscript/ghostscript_9.54.0.bb | 1 + 2 files changed, 237 insertions(+) create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2021-3781.patch diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2021-3781.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2021-3781.patch new file mode 100644 index 0000000000..27ef83bb85 --- /dev/null +++ b/meta/recipes-extended/ghostscript/ghostscript/CVE-2021-3781.patch @@ -0,0 +1,236 @@ +From a9bd3dec9fde03327a4a2c69dad1036bf9632e20 Mon Sep 17 00:00:00 2001 +From: Chris Liddell <chris.liddell@artifex.com> +Date: Tue, 7 Sep 2021 20:36:12 +0100 +Subject: [PATCH] Bug 704342: Include device specifier strings in access + validation + +for the "%pipe%", %handle%" and %printer% io devices. + +We previously validated only the part after the "%pipe%" Postscript device +specifier, but this proved insufficient. + +This rebuilds the original file name string, and validates it complete. The +slight complication for "%pipe%" is it can be reached implicitly using +"|" so we have to check both prefixes. + +Addresses CVE-2021-3781 + +Upstream-Status: Backport[https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=a9bd3dec9fde03327a4a2c69dad1036bf9632e20] +CVE: CVE-2021-3781 +Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> +--- + base/gdevpipe.c | 22 +++++++++++++++- + base/gp_mshdl.c | 11 +++++++- + base/gp_msprn.c | 10 ++++++- + base/gp_os2pr.c | 13 +++++++++- + base/gslibctx.c | 69 ++++++++++--------------------------------------- + 5 files changed, 65 insertions(+), 60 deletions(-) + +diff --git a/base/gdevpipe.c b/base/gdevpipe.c +index 96d71f5d8..5bdc485be 100644 +--- a/base/gdevpipe.c ++++ b/base/gdevpipe.c +@@ -72,8 +72,28 @@ pipe_fopen(gx_io_device * iodev, const char *fname, const char *access, + #else + gs_lib_ctx_t *ctx = mem->gs_lib_ctx; + gs_fs_list_t *fs = ctx->core->fs; ++ /* The pipe device can be reached in two ways, explicltly with %pipe% ++ or implicitly with "|", so we have to check for both ++ */ ++ char f[gp_file_name_sizeof]; ++ const char *pipestr = "|"; ++ const size_t pipestrlen = strlen(pipestr); ++ const size_t preflen = strlen(iodev->dname); ++ const size_t nlen = strlen(fname); ++ int code1; ++ ++ if (preflen + nlen >= gp_file_name_sizeof) ++ return_error(gs_error_invalidaccess); ++ ++ memcpy(f, iodev->dname, preflen); ++ memcpy(f + preflen, fname, nlen + 1); ++ ++ code1 = gp_validate_path(mem, f, access); ++ ++ memcpy(f, pipestr, pipestrlen); ++ memcpy(f + pipestrlen, fname, nlen + 1); + +- if (gp_validate_path(mem, fname, access) != 0) ++ if (code1 != 0 && gp_validate_path(mem, f, access) != 0 ) + return gs_error_invalidfileaccess; + + /* +diff --git a/base/gp_mshdl.c b/base/gp_mshdl.c +index 2b964ed74..8d87ceadc 100644 +--- a/base/gp_mshdl.c ++++ b/base/gp_mshdl.c +@@ -95,8 +95,17 @@ mswin_handle_fopen(gx_io_device * iodev, const char *fname, const char *access, + long hfile; /* Correct for Win32, may be wrong for Win64 */ + gs_lib_ctx_t *ctx = mem->gs_lib_ctx; + gs_fs_list_t *fs = ctx->core->fs; ++ char f[gp_file_name_sizeof]; ++ const size_t preflen = strlen(iodev->dname); ++ const size_t nlen = strlen(fname); + +- if (gp_validate_path(mem, fname, access) != 0) ++ if (preflen + nlen >= gp_file_name_sizeof) ++ return_error(gs_error_invalidaccess); ++ ++ memcpy(f, iodev->dname, preflen); ++ memcpy(f + preflen, fname, nlen + 1); ++ ++ if (gp_validate_path(mem, f, access) != 0) + return gs_error_invalidfileaccess; + + /* First we try the open_handle method. */ +diff --git a/base/gp_msprn.c b/base/gp_msprn.c +index ed4827968..746a974f7 100644 +--- a/base/gp_msprn.c ++++ b/base/gp_msprn.c +@@ -168,8 +168,16 @@ mswin_printer_fopen(gx_io_device * iodev, const char *fname, const char *access, + uintptr_t *ptid = &((tid_t *)(iodev->state))->tid; + gs_lib_ctx_t *ctx = mem->gs_lib_ctx; + gs_fs_list_t *fs = ctx->core->fs; ++ const size_t preflen = strlen(iodev->dname); ++ const size_t nlen = strlen(fname); + +- if (gp_validate_path(mem, fname, access) != 0) ++ if (preflen + nlen >= gp_file_name_sizeof) ++ return_error(gs_error_invalidaccess); ++ ++ memcpy(pname, iodev->dname, preflen); ++ memcpy(pname + preflen, fname, nlen + 1); ++ ++ if (gp_validate_path(mem, pname, access) != 0) + return gs_error_invalidfileaccess; + + /* First we try the open_printer method. */ +diff --git a/base/gp_os2pr.c b/base/gp_os2pr.c +index f852c71fc..ba54cde66 100644 +--- a/base/gp_os2pr.c ++++ b/base/gp_os2pr.c +@@ -107,9 +107,20 @@ os2_printer_fopen(gx_io_device * iodev, const char *fname, const char *access, + FILE ** pfile, char *rfname, uint rnamelen) + { + os2_printer_t *pr = (os2_printer_t *)iodev->state; +- char driver_name[256]; ++ char driver_name[gp_file_name_sizeof]; + gs_lib_ctx_t *ctx = mem->gs_lib_ctx; + gs_fs_list_t *fs = ctx->core->fs; ++ const size_t preflen = strlen(iodev->dname); ++ const int size_t = strlen(fname); ++ ++ if (preflen + nlen >= gp_file_name_sizeof) ++ return_error(gs_error_invalidaccess); ++ ++ memcpy(driver_name, iodev->dname, preflen); ++ memcpy(driver_name + preflen, fname, nlen + 1); ++ ++ if (gp_validate_path(mem, driver_name, access) != 0) ++ return gs_error_invalidfileaccess; + + /* First we try the open_printer method. */ + /* Note that the loop condition here ensures we don't +diff --git a/base/gslibctx.c b/base/gslibctx.c +index 6dfed6cd5..318039fad 100644 +--- a/base/gslibctx.c ++++ b/base/gslibctx.c +@@ -655,82 +655,39 @@ rewrite_percent_specifiers(char *s) + int + gs_add_outputfile_control_path(gs_memory_t *mem, const char *fname) + { +- char *fp, f[gp_file_name_sizeof]; +- const int pipe = 124; /* ASCII code for '|' */ +- const int len = strlen(fname); +- int i, code; ++ char f[gp_file_name_sizeof]; ++ int code; + + /* Be sure the string copy will fit */ +- if (len >= gp_file_name_sizeof) ++ if (strlen(fname) >= gp_file_name_sizeof) + return gs_error_rangecheck; + strcpy(f, fname); +- fp = f; + /* Try to rewrite any %d (or similar) in the string */ + rewrite_percent_specifiers(f); +- for (i = 0; i < len; i++) { +- if (f[i] == pipe) { +- fp = &f[i + 1]; +- /* Because we potentially have to check file permissions at two levels +- for the output file (gx_device_open_output_file and the low level +- fopen API, if we're using a pipe, we have to add both the full string, +- (including the '|', and just the command to which we pipe - since at +- the pipe_fopen(), the leading '|' has been stripped. +- */ +- code = gs_add_control_path(mem, gs_permit_file_writing, f); +- if (code < 0) +- return code; +- code = gs_add_control_path(mem, gs_permit_file_control, f); +- if (code < 0) +- return code; +- break; +- } +- if (!IS_WHITESPACE(f[i])) +- break; +- } +- code = gs_add_control_path(mem, gs_permit_file_control, fp); ++ ++ code = gs_add_control_path(mem, gs_permit_file_control, f); + if (code < 0) + return code; +- return gs_add_control_path(mem, gs_permit_file_writing, fp); ++ return gs_add_control_path(mem, gs_permit_file_writing, f); + } + + int + gs_remove_outputfile_control_path(gs_memory_t *mem, const char *fname) + { +- char *fp, f[gp_file_name_sizeof]; +- const int pipe = 124; /* ASCII code for '|' */ +- const int len = strlen(fname); +- int i, code; ++ char f[gp_file_name_sizeof]; ++ int code; + + /* Be sure the string copy will fit */ +- if (len >= gp_file_name_sizeof) ++ if (strlen(fname) >= gp_file_name_sizeof) + return gs_error_rangecheck; + strcpy(f, fname); +- fp = f; + /* Try to rewrite any %d (or similar) in the string */ +- for (i = 0; i < len; i++) { +- if (f[i] == pipe) { +- fp = &f[i + 1]; +- /* Because we potentially have to check file permissions at two levels +- for the output file (gx_device_open_output_file and the low level +- fopen API, if we're using a pipe, we have to add both the full string, +- (including the '|', and just the command to which we pipe - since at +- the pipe_fopen(), the leading '|' has been stripped. +- */ +- code = gs_remove_control_path(mem, gs_permit_file_writing, f); +- if (code < 0) +- return code; +- code = gs_remove_control_path(mem, gs_permit_file_control, f); +- if (code < 0) +- return code; +- break; +- } +- if (!IS_WHITESPACE(f[i])) +- break; +- } +- code = gs_remove_control_path(mem, gs_permit_file_control, fp); ++ rewrite_percent_specifiers(f); ++ ++ code = gs_remove_control_path(mem, gs_permit_file_control, f); + if (code < 0) + return code; +- return gs_remove_control_path(mem, gs_permit_file_writing, fp); ++ return gs_remove_control_path(mem, gs_permit_file_writing, f); + } + + int +-- +2.25.1 + diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.54.0.bb b/meta/recipes-extended/ghostscript/ghostscript_9.54.0.bb index d4442a4908..28d064a1a8 100644 --- a/meta/recipes-extended/ghostscript/ghostscript_9.54.0.bb +++ b/meta/recipes-extended/ghostscript/ghostscript_9.54.0.bb @@ -34,6 +34,7 @@ SRC_URI_BASE = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/d file://avoid-host-contamination.patch \ file://mkdir-p.patch \ file://CVE-2021-45949.patch \ + file://CVE-2021-3781.patch \ " SRC_URI = "${SRC_URI_BASE} \ -- 2.35.1 ^ permalink raw reply related [flat|nested] 4+ messages in thread
* [honister][PATCH 2/3] go: upgrade 1.16.13 -> 1.16.14 2022-03-21 13:40 [honister][PATCH 0/3] Patch review Anuj Mittal 2022-03-21 13:40 ` [honister][PATCH 1/3] ghostscript: fix CVE-2021-3781 Anuj Mittal @ 2022-03-21 13:40 ` Anuj Mittal 2022-03-21 13:40 ` [honister][PATCH 3/3] go: update to 1.16.15 Anuj Mittal 2 siblings, 0 replies; 4+ messages in thread From: Anuj Mittal @ 2022-03-21 13:40 UTC (permalink / raw) To: openembedded-core From: Sakib Sajal <sakib.sajal@windriver.com> go 1.16.14 release includes fix for CVE-2022-23806. (From OE-Core rev: 7b5723ae41b7fcdc73a24f04ec0cda4fba8f8622) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> --- meta/recipes-devtools/go/{go-1.16.13.inc => go-1.16.14.inc} | 4 ++-- ...o-binary-native_1.16.13.bb => go-binary-native_1.16.14.bb} | 4 ++-- ...cross-canadian_1.16.13.bb => go-cross-canadian_1.16.14.bb} | 0 .../go/{go-cross_1.16.13.bb => go-cross_1.16.14.bb} | 0 .../go/{go-crosssdk_1.16.13.bb => go-crosssdk_1.16.14.bb} | 0 .../go/{go-native_1.16.13.bb => go-native_1.16.14.bb} | 0 .../go/{go-runtime_1.16.13.bb => go-runtime_1.16.14.bb} | 0 meta/recipes-devtools/go/{go_1.16.13.bb => go_1.16.14.bb} | 0 8 files changed, 4 insertions(+), 4 deletions(-) rename meta/recipes-devtools/go/{go-1.16.13.inc => go-1.16.14.inc} (90%) rename meta/recipes-devtools/go/{go-binary-native_1.16.13.bb => go-binary-native_1.16.14.bb} (83%) rename meta/recipes-devtools/go/{go-cross-canadian_1.16.13.bb => go-cross-canadian_1.16.14.bb} (100%) rename meta/recipes-devtools/go/{go-cross_1.16.13.bb => go-cross_1.16.14.bb} (100%) rename meta/recipes-devtools/go/{go-crosssdk_1.16.13.bb => go-crosssdk_1.16.14.bb} (100%) rename meta/recipes-devtools/go/{go-native_1.16.13.bb => go-native_1.16.14.bb} (100%) rename meta/recipes-devtools/go/{go-runtime_1.16.13.bb => go-runtime_1.16.14.bb} (100%) rename meta/recipes-devtools/go/{go_1.16.13.bb => go_1.16.14.bb} (100%) diff --git a/meta/recipes-devtools/go/go-1.16.13.inc b/meta/recipes-devtools/go/go-1.16.14.inc similarity index 90% rename from meta/recipes-devtools/go/go-1.16.13.inc rename to meta/recipes-devtools/go/go-1.16.14.inc index 46c6528dc4..c6445bccff 100644 --- a/meta/recipes-devtools/go/go-1.16.13.inc +++ b/meta/recipes-devtools/go/go-1.16.14.inc @@ -1,7 +1,7 @@ require go-common.inc GO_BASEVERSION = "1.16" -PV = "1.16.13" +PV = "1.16.14" FILESEXTRAPATHS:prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:" LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707" @@ -17,7 +17,7 @@ SRC_URI += "\ file://0008-use-GOBUILDMODE-to-set-buildmode.patch \ file://0009-Revert-cmd-go-make-sure-CC-and-CXX-are-absolute.patch \ " -SRC_URI[main.sha256sum] = "b0926654eaeb01ef43816638f42d7b1681f2d3f41b9559f07735522b7afad41a" +SRC_URI[main.sha256sum] = "467898cd3a216de54dcb9014f541efe77e9b79a7154dbc1fd2dd778b0c63fb56" # Upstream don't believe it is a signifiant real world issue and will only # fix in 1.17 onwards where we can drop this. diff --git a/meta/recipes-devtools/go/go-binary-native_1.16.13.bb b/meta/recipes-devtools/go/go-binary-native_1.16.14.bb similarity index 83% rename from meta/recipes-devtools/go/go-binary-native_1.16.13.bb rename to meta/recipes-devtools/go/go-binary-native_1.16.14.bb index 6e498a17be..419fc4ffcf 100644 --- a/meta/recipes-devtools/go/go-binary-native_1.16.13.bb +++ b/meta/recipes-devtools/go/go-binary-native_1.16.14.bb @@ -8,8 +8,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707" PROVIDES = "go-native" SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}" -SRC_URI[go_linux_amd64.sha256sum] = "275fc03c90c13b0bbff13125a43f1f7a9f9c00a0d5a9f2d5b16dbc2fa2c6e12a" -SRC_URI[go_linux_arm64.sha256sum] = "3dd8e14837105cbfedf7124c7f8c524ce492748c370036c7316ef99e18d116d7" +SRC_URI[go_linux_amd64.sha256sum] = "f4f5f02eb6809ac5bf19b5ad517b23504fd5fc036f6487651968ad36aa7a20e0" +SRC_URI[go_linux_arm64.sha256sum] = "5e59056e36704acb25809bcdb27191f27593cb7aba4d716b523008135a1e764a" UPSTREAM_CHECK_URI = "https://golang.org/dl/" UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux" diff --git a/meta/recipes-devtools/go/go-cross-canadian_1.16.13.bb b/meta/recipes-devtools/go/go-cross-canadian_1.16.14.bb similarity index 100% rename from meta/recipes-devtools/go/go-cross-canadian_1.16.13.bb rename to meta/recipes-devtools/go/go-cross-canadian_1.16.14.bb diff --git a/meta/recipes-devtools/go/go-cross_1.16.13.bb b/meta/recipes-devtools/go/go-cross_1.16.14.bb similarity index 100% rename from meta/recipes-devtools/go/go-cross_1.16.13.bb rename to meta/recipes-devtools/go/go-cross_1.16.14.bb diff --git a/meta/recipes-devtools/go/go-crosssdk_1.16.13.bb b/meta/recipes-devtools/go/go-crosssdk_1.16.14.bb similarity index 100% rename from meta/recipes-devtools/go/go-crosssdk_1.16.13.bb rename to meta/recipes-devtools/go/go-crosssdk_1.16.14.bb diff --git a/meta/recipes-devtools/go/go-native_1.16.13.bb b/meta/recipes-devtools/go/go-native_1.16.14.bb similarity index 100% rename from meta/recipes-devtools/go/go-native_1.16.13.bb rename to meta/recipes-devtools/go/go-native_1.16.14.bb diff --git a/meta/recipes-devtools/go/go-runtime_1.16.13.bb b/meta/recipes-devtools/go/go-runtime_1.16.14.bb similarity index 100% rename from meta/recipes-devtools/go/go-runtime_1.16.13.bb rename to meta/recipes-devtools/go/go-runtime_1.16.14.bb diff --git a/meta/recipes-devtools/go/go_1.16.13.bb b/meta/recipes-devtools/go/go_1.16.14.bb similarity index 100% rename from meta/recipes-devtools/go/go_1.16.13.bb rename to meta/recipes-devtools/go/go_1.16.14.bb -- 2.35.1 ^ permalink raw reply related [flat|nested] 4+ messages in thread
* [honister][PATCH 3/3] go: update to 1.16.15 2022-03-21 13:40 [honister][PATCH 0/3] Patch review Anuj Mittal 2022-03-21 13:40 ` [honister][PATCH 1/3] ghostscript: fix CVE-2021-3781 Anuj Mittal 2022-03-21 13:40 ` [honister][PATCH 2/3] go: upgrade 1.16.13 -> 1.16.14 Anuj Mittal @ 2022-03-21 13:40 ` Anuj Mittal 2 siblings, 0 replies; 4+ messages in thread From: Anuj Mittal @ 2022-03-21 13:40 UTC (permalink / raw) To: openembedded-core From: Chee Yang Lee <chee.yang.lee@intel.com> go1.16.15 (released 2022-03-03) includes a security fix to the regexp/syntax package, as well as bug fixes to the compiler, runtime, the go command, and to the net package. Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> --- meta/recipes-devtools/go/{go-1.16.14.inc => go-1.16.15.inc} | 4 ++-- ...o-binary-native_1.16.14.bb => go-binary-native_1.16.15.bb} | 4 ++-- ...cross-canadian_1.16.14.bb => go-cross-canadian_1.16.15.bb} | 0 .../go/{go-cross_1.16.14.bb => go-cross_1.16.15.bb} | 0 .../go/{go-crosssdk_1.16.14.bb => go-crosssdk_1.16.15.bb} | 0 .../go/{go-native_1.16.14.bb => go-native_1.16.15.bb} | 0 .../go/{go-runtime_1.16.14.bb => go-runtime_1.16.15.bb} | 0 meta/recipes-devtools/go/{go_1.16.14.bb => go_1.16.15.bb} | 0 8 files changed, 4 insertions(+), 4 deletions(-) rename meta/recipes-devtools/go/{go-1.16.14.inc => go-1.16.15.inc} (90%) rename meta/recipes-devtools/go/{go-binary-native_1.16.14.bb => go-binary-native_1.16.15.bb} (83%) rename meta/recipes-devtools/go/{go-cross-canadian_1.16.14.bb => go-cross-canadian_1.16.15.bb} (100%) rename meta/recipes-devtools/go/{go-cross_1.16.14.bb => go-cross_1.16.15.bb} (100%) rename meta/recipes-devtools/go/{go-crosssdk_1.16.14.bb => go-crosssdk_1.16.15.bb} (100%) rename meta/recipes-devtools/go/{go-native_1.16.14.bb => go-native_1.16.15.bb} (100%) rename meta/recipes-devtools/go/{go-runtime_1.16.14.bb => go-runtime_1.16.15.bb} (100%) rename meta/recipes-devtools/go/{go_1.16.14.bb => go_1.16.15.bb} (100%) diff --git a/meta/recipes-devtools/go/go-1.16.14.inc b/meta/recipes-devtools/go/go-1.16.15.inc similarity index 90% rename from meta/recipes-devtools/go/go-1.16.14.inc rename to meta/recipes-devtools/go/go-1.16.15.inc index c6445bccff..50772346df 100644 --- a/meta/recipes-devtools/go/go-1.16.14.inc +++ b/meta/recipes-devtools/go/go-1.16.15.inc @@ -1,7 +1,7 @@ require go-common.inc GO_BASEVERSION = "1.16" -PV = "1.16.14" +PV = "1.16.15" FILESEXTRAPATHS:prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:" LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707" @@ -17,7 +17,7 @@ SRC_URI += "\ file://0008-use-GOBUILDMODE-to-set-buildmode.patch \ file://0009-Revert-cmd-go-make-sure-CC-and-CXX-are-absolute.patch \ " -SRC_URI[main.sha256sum] = "467898cd3a216de54dcb9014f541efe77e9b79a7154dbc1fd2dd778b0c63fb56" +SRC_URI[main.sha256sum] = "90a08c689279e35f3865ba510998c33a63255c36089b3ec206c912fc0568c3d3" # Upstream don't believe it is a signifiant real world issue and will only # fix in 1.17 onwards where we can drop this. diff --git a/meta/recipes-devtools/go/go-binary-native_1.16.14.bb b/meta/recipes-devtools/go/go-binary-native_1.16.15.bb similarity index 83% rename from meta/recipes-devtools/go/go-binary-native_1.16.14.bb rename to meta/recipes-devtools/go/go-binary-native_1.16.15.bb index 419fc4ffcf..ba11ee5695 100644 --- a/meta/recipes-devtools/go/go-binary-native_1.16.14.bb +++ b/meta/recipes-devtools/go/go-binary-native_1.16.15.bb @@ -8,8 +8,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707" PROVIDES = "go-native" SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}" -SRC_URI[go_linux_amd64.sha256sum] = "f4f5f02eb6809ac5bf19b5ad517b23504fd5fc036f6487651968ad36aa7a20e0" -SRC_URI[go_linux_arm64.sha256sum] = "5e59056e36704acb25809bcdb27191f27593cb7aba4d716b523008135a1e764a" +SRC_URI[go_linux_amd64.sha256sum] = "77c782a633186d78c384f972fb113a43c24be0234c42fef22c2d8c4c4c8e7475" +SRC_URI[go_linux_arm64.sha256sum] = "c2f27f0ce5620a9bc2ff3446165d1974ef94e9b885ec12dbfa3c07e0e198b7ce" UPSTREAM_CHECK_URI = "https://golang.org/dl/" UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux" diff --git a/meta/recipes-devtools/go/go-cross-canadian_1.16.14.bb b/meta/recipes-devtools/go/go-cross-canadian_1.16.15.bb similarity index 100% rename from meta/recipes-devtools/go/go-cross-canadian_1.16.14.bb rename to meta/recipes-devtools/go/go-cross-canadian_1.16.15.bb diff --git a/meta/recipes-devtools/go/go-cross_1.16.14.bb b/meta/recipes-devtools/go/go-cross_1.16.15.bb similarity index 100% rename from meta/recipes-devtools/go/go-cross_1.16.14.bb rename to meta/recipes-devtools/go/go-cross_1.16.15.bb diff --git a/meta/recipes-devtools/go/go-crosssdk_1.16.14.bb b/meta/recipes-devtools/go/go-crosssdk_1.16.15.bb similarity index 100% rename from meta/recipes-devtools/go/go-crosssdk_1.16.14.bb rename to meta/recipes-devtools/go/go-crosssdk_1.16.15.bb diff --git a/meta/recipes-devtools/go/go-native_1.16.14.bb b/meta/recipes-devtools/go/go-native_1.16.15.bb similarity index 100% rename from meta/recipes-devtools/go/go-native_1.16.14.bb rename to meta/recipes-devtools/go/go-native_1.16.15.bb diff --git a/meta/recipes-devtools/go/go-runtime_1.16.14.bb b/meta/recipes-devtools/go/go-runtime_1.16.15.bb similarity index 100% rename from meta/recipes-devtools/go/go-runtime_1.16.14.bb rename to meta/recipes-devtools/go/go-runtime_1.16.15.bb diff --git a/meta/recipes-devtools/go/go_1.16.14.bb b/meta/recipes-devtools/go/go_1.16.15.bb similarity index 100% rename from meta/recipes-devtools/go/go_1.16.14.bb rename to meta/recipes-devtools/go/go_1.16.15.bb -- 2.35.1 ^ permalink raw reply related [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-03-21 13:40 UTC | newest] Thread overview: 4+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2022-03-21 13:40 [honister][PATCH 0/3] Patch review Anuj Mittal 2022-03-21 13:40 ` [honister][PATCH 1/3] ghostscript: fix CVE-2021-3781 Anuj Mittal 2022-03-21 13:40 ` [honister][PATCH 2/3] go: upgrade 1.16.13 -> 1.16.14 Anuj Mittal 2022-03-21 13:40 ` [honister][PATCH 3/3] go: update to 1.16.15 Anuj Mittal
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox