* [OE-core][kirkstone 00/13] Patch review
@ 2022-06-06 14:38 Steve Sakoman
0 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2022-06-06 14:38 UTC (permalink / raw)
To: openembedded-core
Please review this set of patches for kirkstone and have comments back by end
of day Wednesday.
This is a set of "housekeeping" commits: updating the Upstream-Status of patches
and removing obsolete patches.
The following changes since commit e63013cc38b82659658365da53b14952711d6701:
gcc: Upgrade to 11.3 release (2022-06-02 06:48:32 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Alexander Kanavin (3):
bash: submit patch upstream
valgrind: submit arm patches upstream
zip/unzip: mark all submittable patches as Inactive-Upstream
Jiaqing Zhao (4):
systemd: Drop 0001-test-parse-argument-Include-signal.h.patch
systemd: Remove __compare_fn_t type in musl-specific patch
systemd: Drop 0002-don-t-use-glibc-specific-qsort_r.patch
systemd: Correct path returned in sd_path_lookup()
Khem Raj (4):
systemd: Drop redundant musl patches
systemd: Document future actions needed for set of musl patches
systemd: Drop
0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch
systemd: Update patch status
Martin Jansa (1):
makedevs: Don't use COPYING.patch just to add license file into ${S}
Richard Purdie (1):
lzo: Add further info to a patch and mark as Inactive-Upstream
...sysctl.d-binfmt.d-modules-load.d-to-.patch | 73 ++++
...se-ROOTPREFIX-without-suffixed-slash.patch | 42 ---
...test-parse-argument-Include-signal.h.patch | 27 --
.../0002-Add-sys-stat.h-for-S_IFDIR.patch | 2 +-
...002-don-t-use-glibc-specific-qsort_r.patch | 163 ---------
...-missing_type.h-add-comparison_fn_t.patch} | 41 +--
...missing.h-check-for-missing-strndupa.patch | 14 +-
...008-add-missing-FTW_-macros-for-musl.patch | 3 +
..._register_atfork-for-non-glibc-build.patch | 3 +
...S_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch | 33 --
...ype.h-add-__compar_d_fn_t-definition.patch | 28 --
.../systemd/0019-Handle-missing-LOCK_EX.patch | 24 --
...ible-pointer-type-struct-sockaddr_un.patch | 38 --
.../0021-test-json.c-define-M_PIl.patch | 4 +
meta/recipes-core/systemd/systemd_250.5.bb | 10 +-
.../makedevs/makedevs/COPYING.patch | 346 ------------------
.../makedevs/makedevs/makedevs.c | 4 +
.../makedevs/makedevs_1.0.1.bb | 5 +-
...etting-mcpu-to-cortex-a8-on-arm-arch.patch | 2 +-
...n-for-targets-which-don-t-support-it.patch | 2 +-
...te-march-mcpu-mfpu-for-ARM-test-apps.patch | 2 +-
.../bash/bash/makerace2.patch | 2 +-
...ass-LDFLAGS-to-tests-doing-link-step.patch | 2 +-
.../unzip/unzip/CVE-2021-4217.patch | 2 +-
.../unzip/unzip/avoid-strip.patch | 2 +-
.../unzip/unzip/define-ldflags.patch | 2 +-
.../unzip/unzip/fix-security-format.patch | 2 +-
.../unzip/unzip/symlink.patch | 2 +-
...LAGS-and-LDFLAGS-when-doing-link-tes.patch | 2 +-
.../zip/zip-3.0/10-remove-build-date.patch | 2 +-
.../zip/zip-3.0/fix-security-format.patch | 2 +-
.../zipnote-crashes-with-segfault.patch | 2 +-
...Use-memcpy-instead-of-reinventing-it.patch | 10 +-
33 files changed, 136 insertions(+), 762 deletions(-)
create mode 100644 meta/recipes-core/systemd/systemd/0001-Move-sysusers.d-sysctl.d-binfmt.d-modules-load.d-to-.patch
delete mode 100644 meta/recipes-core/systemd/systemd/0001-systemd.pc.in-use-ROOTPREFIX-without-suffixed-slash.patch
delete mode 100644 meta/recipes-core/systemd/systemd/0001-test-parse-argument-Include-signal.h.patch
delete mode 100644 meta/recipes-core/systemd/systemd/0002-don-t-use-glibc-specific-qsort_r.patch
rename meta/recipes-core/systemd/systemd/{0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch => 0003-missing_type.h-add-comparison_fn_t.patch} (63%)
delete mode 100644 meta/recipes-core/systemd/systemd/0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch
delete mode 100644 meta/recipes-core/systemd/systemd/0017-missing_type.h-add-__compar_d_fn_t-definition.patch
delete mode 100644 meta/recipes-core/systemd/systemd/0019-Handle-missing-LOCK_EX.patch
delete mode 100644 meta/recipes-core/systemd/systemd/0020-Fix-incompatible-pointer-type-struct-sockaddr_un.patch
delete mode 100644 meta/recipes-devtools/makedevs/makedevs/COPYING.patch
--
2.25.1
^ permalink raw reply [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 00/13] Patch review
@ 2022-06-21 23:27 Steve Sakoman
0 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2022-06-21 23:27 UTC (permalink / raw)
To: openembedded-core
Please review this set of patches for kirkstone and have comments back by end
of day Thursday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3811
The following changes since commit b2d10487f80deb04a0893325a1ae79c8629a7655:
liberror-perl: Update sstate/equiv versions to clean cache (2022-06-17 05:02:15 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Alexander Kanavin (1):
python3: use built-in distutils for ptest, rather than setuptools'
'fork'
Davide Gardenal (1):
efivar: add musl libc compatibility
Dmitry Baryshkov (2):
linux-firmware: add support for building snapshots
linux-firmware: upgrade 20220509 -> 20220610
Marta Rybczynska (2):
cve-check: add support for Ignored CVEs
oeqa/selftest/cve_check: add tests for Ignored and partial reports
Martin Jansa (1):
mesa: backport a patch to support compositors without
zwp_linux_dmabuf_v1 again
Michael Opdenacker (1):
rootfs-postcommands.bbclass: correct comments
Nick Potenski (1):
systemd: systemd-systemctl: Support instance conf files during enable
Paulo Neves (2):
python: Avoid shebang overflow on python-config.py
gtk-doc: Fix potential shebang overflow on gtkdoc-mkhtml2
Richard Purdie (2):
python3: Remove problematic paths from sysroot files
python3: Ensure stale empty python module directories don't break the
build
meta/classes/cve-check.bbclass | 43 ++--
meta/classes/rootfs-postcommands.bbclass | 8 +-
meta/lib/oeqa/selftest/cases/cve_check.py | 82 ++++++++
.../efisecdb-fix-build-with-musl-libc.patch | 184 ++++++++++++++++++
meta/recipes-bsp/efivar/efivar_38.bb | 3 +-
.../systemd/systemd-systemctl/systemctl | 14 +-
...shebang-overflow-on-python-config.py.patch | 33 ++++
.../python3/deterministic_imports.patch | 32 +++
.../recipes-devtools/python/python3/run-ptest | 2 +-
.../recipes-devtools/python/python3_3.10.4.bb | 12 +-
meta/recipes-gnome/gtk-doc/gtk-doc_1.33.2.bb | 1 +
...nd-deprecate-drm_handle_format-and-d.patch | 158 +++++++++++++++
meta/recipes-graphics/mesa/mesa.inc | 1 +
...01-Makefile-replace-mkdir-by-install.patch | 84 --------
...20220509.bb => linux-firmware_20220610.bb} | 11 +-
15 files changed, 555 insertions(+), 113 deletions(-)
create mode 100644 meta/recipes-bsp/efivar/efivar/efisecdb-fix-build-with-musl-libc.patch
create mode 100644 meta/recipes-devtools/python/python3/0001-Avoid-shebang-overflow-on-python-config.py.patch
create mode 100644 meta/recipes-devtools/python/python3/deterministic_imports.patch
create mode 100644 meta/recipes-graphics/mesa/files/0001-Revert-egl-wayland-deprecate-drm_handle_format-and-d.patch
delete mode 100644 meta/recipes-kernel/linux-firmware/files/0001-Makefile-replace-mkdir-by-install.patch
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20220509.bb => linux-firmware_20220610.bb} (99%)
--
2.25.1
^ permalink raw reply [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 00/13] Patch review
@ 2022-10-17 23:08 Steve Sakoman
0 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2022-10-17 23:08 UTC (permalink / raw)
To: openembedded-core
Please review this set of patches for kirkstone and have comments back by
end of day Wednesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4347
The following changes since commit e728d0965d6fda8ac54e065ca7bf7eb9da9a8170:
coreutils: add openssl PACKAGECONFIG (2022-09-30 09:35:23 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Adrian Freihofer (1):
own-mirrors: add crate
Bhabu Bindu (1):
qemu: Fix CVE-2021-3611
Chen Qi (1):
image_types_wic.bbclass: fix cross binutils dependency
He Zhe (2):
lttng-tools: Upgrade 2.13.4 -> 2.13.8
lttng-modules: Fix crash on powerpc64
Michael Halstead (1):
uninative: Upgrade to 3.7 to work with glibc 2.36
Ross Burton (1):
qemu: fix CVE-2022-2962
Teoh Jay Shen (1):
tiff: Security fixes CVE-2022-2867,CVE-2022-2868 and CVE-2022-2869
Tim Orling (1):
python3: upgrade 3.10.4 -> 3.10.7
Virendra Thakur (1):
qemu: Fix CVE-2021-3750 for qemu
Xiangyu Chen (2):
qemu: Backport patches from upstream to support float128 on qemu-ppc64
linux-yocto-dev: add qemuarm64
pgowda (1):
binutils : Fix CVE-2022-38128
meta/classes/image_types_wic.bbclass | 2 +-
meta/classes/own-mirrors.bbclass | 1 +
meta/classes/sanity.bbclass | 2 +-
meta/conf/distro/include/yocto-uninative.inc | 10 +-
.../binutils/binutils-2.38.inc | 3 +
.../binutils/0018-CVE-2022-38128-1.patch | 350 ++++
.../binutils/0018-CVE-2022-38128-2.patch | 436 +++++
.../binutils/0018-CVE-2022-38128-3.patch | 95 ++
...h-92036-Fix-gc_fini_untrack-GH-92037.patch | 54 -
...report-missing-dependencies-for-disa.patch | 8 +-
.../{python3_3.10.4.bb => python3_3.10.7.bb} | 3 +-
meta/recipes-devtools/qemu/qemu.inc | 49 +
...ulip-Restrict-DMA-engine-to-memories.patch | 64 +
...end-float_exception_flags-to-16-bits.patch | 75 +
...32t-for-reply-queue-head-tail-values.patch | 83 +
...ftfloat-Add-flag-specific-to-Inf-Inf.patch | 59 +
...id_function_take_MemTxAttrs_argument.patch | 60 +
...softfloat-Add-flag-specific-to-Inf-0.patch | 126 ++
...et_function_take_MemTxAttrs_argument.patch | 98 ++
...dd-flags-specific-to-Inf-Inf-and-0-0.patch | 73 +
...ed_function_take_MemTxAttrs_argument.patch | 78 +
...-Add-flag-specific-to-signaling-nans.patch | 121 ++
...rw_function_take_MemTxAttrs_argument.patch | 158 ++
...e-float_invalid_op_addsub-for-new-fl.patch | 114 ++
...te_function_take_MemTxAttrs_argument.patch | 1453 +++++++++++++++++
...e-float_invalid_op_mul-for-new-flags.patch | 86 +
...ap_function_take_MemTxAttrs_argument.patch | 227 +++
...e-float_invalid_op_div-for-new-flags.patch | 99 ++
..._buf_rw_function_take_a_void_pointer.patch | 41 +
...arget-ppc-Update-fmadd-for-new-flags.patch | 102 ++
..._dma_buf_write_functions_take_a_void.patch | 167 ++
.../0010-target-ppc-Split-out-do_fmadd.patch | 71 +
...rw_function_take_MemTxAttrs_argument.patch | 91 ++
...s-max-min-cj-dp-to-use-VSX-registers.patch | 93 ++
...rw_function_take_MemTxAttrs_argument.patch | 65 +
...-Move-xs-max-min-cj-dp-to-decodetree.patch | 121 ++
...te_function_take_MemTxAttrs_argument.patch | 129 ++
...get-ppc-fix-xscvqpdp-register-access.patch | 41 +
...ad_function_take_MemTxAttrs_argument.patch | 222 +++
...rget-ppc-move-xscvqpdp-to-decodetree.patch | 130 ++
...uf_rw_function_propagate_MemTxResult.patch | 91 ++
...tore_fpscr-doesn-t-update-bits-0-to-.patch | 70 +
...ma_function_take_MemTxAttrs_argument.patch | 120 ++
...get-ppc-Introduce-TRANS-FLAGS-macros.patch | 133 ++
...ma_function_take_MemTxAttrs_argument.patch | 151 ++
...get-ppc-Implement-Vector-Expand-Mask.patch | 105 ++
...r_dma_function_propagate_MemTxResult.patch | 65 +
...et-ppc-Implement-Vector-Extract-Mask.patch | 141 ++
...r_dma_function_propagate_MemTxResult.patch | 175 ++
...ppc-Implement-Vector-Mask-Move-insns.patch | 187 +++
...ma_function_take_MemTxAttrs_argument.patch | 303 ++++
...xs-n-madd-am-ds-p-xs-n-msub-am-ds-p-.patch | 258 +++
...ma_function_take_MemTxAttrs_argument.patch | 271 +++
...mplement-xs-n-maddqp-o-xs-n-msubqp-o.patch | 174 ++
...i_dma_function_propagate_MemTxResult.patch | 47 +
...i_dma_function_propagate_MemTxResult.patch | 296 ++++
.../qemu/qemu/CVE-2021-3611_1.patch | 74 +
.../qemu/qemu/CVE-2021-3611_2.patch | 43 +
.../qemu/qemu/CVE-2021-3750-1.patch | 59 +
.../qemu/qemu/CVE-2021-3750-2.patch | 65 +
.../qemu/qemu/CVE-2021-3750-3.patch | 156 ++
meta/recipes-kernel/linux/linux-yocto-dev.bb | 2 +-
...4-fix-kernel-crash-caused-by-do_get_.patch | 94 ++
.../lttng/lttng-modules_2.13.4.bb | 1 +
...-tools_2.13.4.bb => lttng-tools_2.13.8.bb} | 2 +-
.../libtiff/tiff/CVE-2022-2867.patch | 129 ++
.../libtiff/tiff/CVE-2022-2869.patch | 84 +
...ed69a485a9cfb299d9f060eb2a46c54e5903.patch | 45 +
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 3 +
69 files changed, 8536 insertions(+), 68 deletions(-)
create mode 100644 meta/recipes-devtools/binutils/binutils/0018-CVE-2022-38128-1.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0018-CVE-2022-38128-2.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0018-CVE-2022-38128-3.patch
delete mode 100644 meta/recipes-devtools/python/python3/0001-gh-92036-Fix-gc_fini_untrack-GH-92037.patch
rename meta/recipes-devtools/python/{python3_3.10.4.bb => python3_3.10.7.bb} (99%)
create mode 100644 meta/recipes-devtools/qemu/qemu/0001-net-tulip-Restrict-DMA-engine-to-memories.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0001-softfloat-Extend-float_exception_flags-to-16-bits.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0001-use-uint32t-for-reply-queue-head-tail-values.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0002-softfloat-Add-flag-specific-to-Inf-Inf.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0002_let_dma_memory_valid_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0003-softfloat-Add-flag-specific-to-Inf-0.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0003_let_dma_memory_set_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0004-softfloat-Add-flags-specific-to-Inf-Inf-and-0-0.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0004_let_dma_memory_rw_relaxed_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0005-softfloat-Add-flag-specific-to-signaling-nans.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0005_let_dma_memory_rw_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0006-target-ppc-Update-float_invalid_op_addsub-for-new-fl.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0006_let_dma_memory_read_write_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0007-target-ppc-Update-float_invalid_op_mul-for-new-flags.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0007_let_dma_memory_map_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0008-target-ppc-Update-float_invalid_op_div-for-new-flags.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0008_have_dma_buf_rw_function_take_a_void_pointer.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0009-target-ppc-Update-fmadd-for-new-flags.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0009_have_dma_buf_read_and_dma_buf_write_functions_take_a_void.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0010-target-ppc-Split-out-do_fmadd.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0010_let_pci_dma_rw_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0011-target-ppc-Fix-xs-max-min-cj-dp-to-use-VSX-registers.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0011_let_dma_buf_rw_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0012-target-ppc-Move-xs-max-min-cj-dp-to-decodetree.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0012_let_dma_buf_write_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0013-target-ppc-fix-xscvqpdp-register-access.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0013_let_dma_buf_read_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0014-target-ppc-move-xscvqpdp-to-decodetree.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0014_let_dma_buf_rw_function_propagate_MemTxResult.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0015-target-ppc-ppc_store_fpscr-doesn-t-update-bits-0-to-.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0015_let_st_pointer_dma_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0016-target-ppc-Introduce-TRANS-FLAGS-macros.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0016_let_ld_pointer_dma_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0017-target-ppc-Implement-Vector-Expand-Mask.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0017_let_st_pointer_dma_function_propagate_MemTxResult.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0018-target-ppc-Implement-Vector-Extract-Mask.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0018_let_ld_pointer_dma_function_propagate_MemTxResult.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0019-target-ppc-Implement-Vector-Mask-Move-insns.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0019_let_st_pointer_pci_dma_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0020-target-ppc-move-xs-n-madd-am-ds-p-xs-n-msub-am-ds-p-.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0020_let_ld_pointer_pci_dma_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0021-target-ppc-implement-xs-n-maddqp-o-xs-n-msubqp-o.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0021_let_st_pointer_pci_dma_function_propagate_MemTxResult.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0022_let_ld_pointer_pci_dma_function_propagate_MemTxResult.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3611_1.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3611_2.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3750-1.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3750-2.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3750-3.patch
create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0001-wrapper-powerpc64-fix-kernel-crash-caused-by-do_get_.patch
rename meta/recipes-kernel/lttng/{lttng-tools_2.13.4.bb => lttng-tools_2.13.8.bb} (98%)
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2022-2867.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2022-2869.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/b258ed69a485a9cfb299d9f060eb2a46c54e5903.patch
--
2.25.1
^ permalink raw reply [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 00/13] Patch review
@ 2023-02-01 22:15 Steve Sakoman
0 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2023-02-01 22:15 UTC (permalink / raw)
To: openembedded-core
Please review this set of patches for kirkstone and have comments back by
end of day Friday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4872
The following changes since commit a8c82902384f7430519a31732a4bb631f21693ac:
build-appliance-image: Update to kirkstone head revision (2023-01-26 23:40:27 +0000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Armin Kuster (1):
lttng-modules: Fix for 5.10.163 kernel version
Bruce Ashfield (1):
linux-yocto/5.15: update to v5.15.87
Khem Raj (3):
libtirpc: Check if file exists before operating on it
libusb1: Link with latomic only if compiler has no atomic builtins
libusb1: Strip trailing whitespaces
Niko Mauno (1):
Fix missing leading whitespace with ':append'
Richard Purdie (1):
native: Drop special variable handling
Ross Burton (4):
ppp: backport fix for CVE-2022-4603
quilt: fix intermittent failure in faildiff.test
spirv-headers: set correct branch name
quilt: use upstreamed faildiff.test fix
Thomas Roos (1):
devtool: fix devtool finish when gitmodules file is empty
Xiangyu Chen (1):
numactl: skip test case when target platform doesn't have 2 CPU node
meta/classes/core-image.bbclass | 2 +-
meta/classes/externalsrc.bbclass | 2 +-
meta/classes/native.bbclass | 2 +-
meta/classes/populate_sdk_ext.bbclass | 2 +-
.../distro/include/ptest-packagelists.inc | 2 +-
.../ppp/ppp/CVE-2022-4603.patch | 48 +++++++++++++++
meta/recipes-connectivity/ppp/ppp_2.4.9.bb | 1 +
meta/recipes-devtools/quilt/quilt.inc | 1 +
.../quilt/quilt/faildiff-order.patch | 41 +++++++++++++
.../libtirpc/libtirpc_1.3.2.bb | 2 +-
.../spir/spirv-headers_1.3.204.1.bb | 2 +-
.../linux/linux-yocto-rt_5.15.bb | 6 +-
.../linux/linux-yocto-tiny_5.15.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 ++++----
.../fix-jbd2-upper-bound-for-v5.10.163.patch | 52 ++++++++++++++++
...e-the-correct-print-format-v5.10.163.patch | 61 +++++++++++++++++++
.../lttng/lttng-modules_2.13.8.bb | 2 +
...k-with-latomic-only-if-no-atomic-bui.patch | 46 ++++++++++++++
meta/recipes-support/libusb/libusb1_1.0.26.bb | 13 ++--
.../numactl/Fix-the-test-output-format.patch | 3 +-
.../recipes-support/numactl/numactl/run-ptest | 6 +-
21 files changed, 292 insertions(+), 34 deletions(-)
create mode 100644 meta/recipes-connectivity/ppp/ppp/CVE-2022-4603.patch
create mode 100644 meta/recipes-devtools/quilt/quilt/faildiff-order.patch
create mode 100644 meta/recipes-kernel/lttng/lttng-modules/fix-jbd2-upper-bound-for-v5.10.163.patch
create mode 100644 meta/recipes-kernel/lttng/lttng-modules/fix-jbd2-use-the-correct-print-format-v5.10.163.patch
create mode 100644 meta/recipes-support/libusb/libusb1/0001-configure.ac-Link-with-latomic-only-if-no-atomic-bui.patch
--
2.25.1
^ permalink raw reply [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 00/13] Patch review
@ 2023-04-29 17:20 Steve Sakoman
0 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2023-04-29 17:20 UTC (permalink / raw)
To: openembedded-core
Please review this set of patches for kirkstone and have comments back by
end of day Tuesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5234
The following changes since commit 15c07dff384ce4fb0e90f4f32c182a82101a1c82:
go: fix CVE-2023-24537 Infinite loop in parsing (2023-04-21 03:57:50 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Archana Polampalli (1):
nasm: fix CVE-2022-44370
Bruce Ashfield (3):
linux-yocto/5.15: update to v5.15.106
linux-yocto/5.15: update to v5.15.107
linux-yocto/5.15: update to v5.15.108
Christoph Lauer (1):
populate_sdk_base: add zip options
Deepthi Hemraj (1):
glibc: stable 2.35 branch updates.
Joe Slater (1):
ghostscript: fix CVE-2023-29979
Mingli Yu (1):
ruby: Fix CVE-2023-28755
Pascal Bach (1):
cmake: add CMAKE_SYSROOT to generated toolchain file
Ross Burton (1):
xserver-xorg: backport fix for CVE-2023-1393
Virendra Thakur (1):
qemu: Whitelist CVE-2023-0664
Yogita Urade (2):
xorg-lib-common: Add variable to set tarball type
libxpm: upgrade 3.5.13 -> 3.5.15
meta/classes/cmake.bbclass | 5 +
meta/classes/populate_sdk_base.bbclass | 4 +-
meta/recipes-core/glibc/glibc-version.inc | 2 +-
.../nasm/nasm/CVE-2022-44370.patch | 104 ++++++++++++++++++
meta/recipes-devtools/nasm/nasm_2.15.05.bb | 1 +
meta/recipes-devtools/qemu/qemu.inc | 5 +
.../ruby/ruby/CVE-2023-28755.patch | 68 ++++++++++++
meta/recipes-devtools/ruby/ruby_3.1.3.bb | 1 +
.../ghostscript/cve-2023-28879.patch | 60 ++++++++++
.../ghostscript/ghostscript_9.55.0.bb | 1 +
.../{libxpm_3.5.13.bb => libxpm_3.5.15.bb} | 8 +-
.../xorg-lib/xorg-lib-common.inc | 3 +-
...posite-Fix-use-after-free-of-the-COW.patch | 46 ++++++++
.../xorg-xserver/xserver-xorg_21.1.7.bb | 3 +-
.../linux/linux-yocto-rt_5.15.bb | 6 +-
.../linux/linux-yocto-tiny_5.15.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 ++---
17 files changed, 323 insertions(+), 26 deletions(-)
create mode 100644 meta/recipes-devtools/nasm/nasm/CVE-2022-44370.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2023-28755.patch
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/cve-2023-28879.patch
rename meta/recipes-graphics/xorg-lib/{libxpm_3.5.13.bb => libxpm_3.5.15.bb} (67%)
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-composite-Fix-use-after-free-of-the-COW.patch
--
2.34.1
^ permalink raw reply [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 00/13] Patch review
@ 2023-05-31 2:34 Steve Sakoman
0 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2023-05-31 2:34 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kirkstone and have comments back by
end of day Thursday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5365
The following changes since commit 5e26ead1ca016d1691dccba1b58060ac853bf0d2:
piglit: Add missing glslang dependencies (2023-05-25 05:42:54 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Bhabu Bindu (4):
curl: Fix CVE-2023-28319
curl: Fix CVE-2023-28320
curl: Fix CVE-2023-28321
curl: Fix CVE-2023-28322
Bruce Ashfield (5):
linux-yocto/5.10: update to v5.10.176
linux-yocto/5.10: update to v5.10.177
linux-yocto/5.10: update to v5.10.178
linux-yocto/5.10: update to v5.10.179
linux-yocto/5.10: update to v5.10.180
Martin Jansa (1):
kernel-devicetree: make shell scripts posix compliant
Randolph Sapp (3):
kernel-devicetree: allow specification of dtb directory
package: enable recursion on file globs
kernel-devicetree: recursively search for dtbs
meta/classes/kernel-devicetree.bbclass | 22 +-
meta/classes/kernel.bbclass | 2 +
meta/classes/package.bbclass | 2 +-
.../linux/linux-yocto-rt_5.10.bb | 6 +-
.../linux/linux-yocto-tiny_5.10.bb | 8 +-
meta/recipes-kernel/linux/linux-yocto_5.10.bb | 24 +-
.../curl/curl/CVE-2023-28319.patch | 33 ++
.../curl/curl/CVE-2023-28320.patch | 83 ++++
.../curl/curl/CVE-2023-28321.patch | 302 ++++++++++++
.../curl/curl/CVE-2023-28322-1.patch | 84 ++++
.../curl/curl/CVE-2023-28322-2.patch | 436 ++++++++++++++++++
meta/recipes-support/curl/curl_7.82.0.bb | 5 +
12 files changed, 982 insertions(+), 25 deletions(-)
create mode 100644 meta/recipes-support/curl/curl/CVE-2023-28319.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2023-28320.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2023-28321.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2023-28322-1.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2023-28322-2.patch
--
2.34.1
^ permalink raw reply [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 00/13] Patch review
@ 2023-10-14 21:44 Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 01/13] libtiff: fix CVE-2022-40090 improved IFD-Loop handling Steve Sakoman
` (12 more replies)
0 siblings, 13 replies; 21+ messages in thread
From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kikrstone and have comments back by
end of day Tuesday, October 17
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6044
The following changes since commit bca43f95850d395f9dc56644fa1d12910cabb0c5:
glibc: Update to latest on stable 2.35 branch (2023-10-06 12:03:30 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Alexander Kanavin (2):
python3-urllib3: upgrade 1.26.10 -> 1.26.11
python3-urllib3: upgrade 1.26.12 -> 1.26.13
Hitendra Prajapati (2):
libtiff: fix CVE-2022-40090 improved IFD-Loop handling
xdg-utils: Fix CVE-2022-4055
Khem Raj (1):
apt: add missing <cstdint> for uint16_t
Lee Chee Yang (1):
python3-urllib3: 1.26.15 -> 1.26.17
Siddharth Doshi (1):
vim: Upgrade 9.0.1894 -> 9.0.2009
Tim Orling (1):
python3-urllib3: upgrade 1.26.13 -> 1.26.14
Wang Mingyu (1):
python3-urllib3: upgrade 1.26.14 -> 1.26.15
Yash Shinde (2):
binutils: Fix CVE-2022-44840
binutils: Fix CVE-2022-45703
wangmy (2):
python3-urllib3: upgrade 1.26.9 -> 1.26.10
python3-urllib3: upgrade 1.26.11 -> 1.26.12
...001-add-missing-cstdint-for-uint16_t.patch | 35 ++
meta/recipes-devtools/apt/apt_2.4.5.bb | 1 +
.../binutils/binutils-2.38.inc | 3 +
.../binutils/0030-CVE-2022-44840.patch | 151 +++++
.../binutils/0031-CVE-2022-45703-1.patch | 147 +++++
.../binutils/0031-CVE-2022-45703-2.patch | 31 +
...3_1.26.9.bb => python3-urllib3_1.26.17.bb} | 3 +-
.../xdg-utils/xdg-utils/CVE-2022-4055.patch | 165 +++++
.../xdg-utils/xdg-utils_1.1.3.bb | 1 +
.../libtiff/tiff/CVE-2022-40090.patch | 569 ++++++++++++++++++
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 1 +
meta/recipes-support/vim/vim.inc | 4 +-
12 files changed, 1108 insertions(+), 3 deletions(-)
create mode 100644 meta/recipes-devtools/apt/apt/0001-add-missing-cstdint-for-uint16_t.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0030-CVE-2022-44840.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0031-CVE-2022-45703-1.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0031-CVE-2022-45703-2.patch
rename meta/recipes-devtools/python/{python3-urllib3_1.26.9.bb => python3-urllib3_1.26.17.bb} (82%)
create mode 100644 meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2022-40090.patch
--
2.34.1
^ permalink raw reply [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 01/13] libtiff: fix CVE-2022-40090 improved IFD-Loop handling
2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman
@ 2023-10-14 21:44 ` Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 02/13] xdg-utils: Fix CVE-2022-4055 Steve Sakoman
` (11 subsequent siblings)
12 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw)
To: openembedded-core
From: Hitendra Prajapati <hprajapati@mvista.com>
Upstream-Status: Backport from https://gitlab.com/libtiff/libtiff/-/commit/c7caec9a4d8f24c17e667480d2c7d0d51c9fae41
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../libtiff/tiff/CVE-2022-40090.patch | 569 ++++++++++++++++++
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 1 +
2 files changed, 570 insertions(+)
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2022-40090.patch
diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2022-40090.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2022-40090.patch
new file mode 100644
index 0000000000..fe48dc6028
--- /dev/null
+++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2022-40090.patch
@@ -0,0 +1,569 @@
+From c7caec9a4d8f24c17e667480d2c7d0d51c9fae41 Mon Sep 17 00:00:00 2001
+From: Su Laus <sulau@freenet.de>
+Date: Thu, 6 Oct 2022 10:11:05 +0000
+Subject: [PATCH] Improved IFD-Loop Handling (fixes #455)
+
+IFD infinite looping was not fixed by MR 20 (see #455).
+An improved IFD loop handling is proposed.
+
+Basic approach:
+
+- The order in the entire chain must be checked, and not only whether an offset has already been read once.
+- To do this, pairs of directory number and offset are stored and checked.
+- The offset of a directory number can change.
+- TIFFAdvanceDirectory() must also perform an IFD loop check.
+- TIFFCheckDirOffset() is replaced by _TIFFCheckDirNumberAndOffset().
+
+Rules for the check:
+
+- If an offset is already in the list, it must have the same IFD number. Otherwise it is an IDF loop.
+- If the offset is not in the list and the IFD number is greater than there are list entries, a new list entry is added.
+- Otherwise, the offset of the IFD number is updated.
+
+Reference is also made to old bugzilla bug 2772 and MR 20, which did not solve the general issue.
+This MR closes #455
+
+Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/c7caec9a4d8f24c17e667480d2c7d0d51c9fae41]
+CVE: CVE-2022-40090
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ libtiff/tif_close.c | 6 +-
+ libtiff/tif_dir.c | 129 +++++++++++++++++++++++++-----------
+ libtiff/tif_dir.h | 2 +
+ libtiff/tif_dirread.c | 147 +++++++++++++++++++++++++++++++++---------
+ libtiff/tif_open.c | 3 +-
+ libtiff/tiffiop.h | 3 +-
+ 6 files changed, 219 insertions(+), 71 deletions(-)
+
+diff --git a/libtiff/tif_close.c b/libtiff/tif_close.c
+index 0fe7af4..2fe2bde 100644
+--- a/libtiff/tif_close.c
++++ b/libtiff/tif_close.c
+@@ -52,8 +52,10 @@ TIFFCleanup(TIFF* tif)
+ (*tif->tif_cleanup)(tif);
+ TIFFFreeDirectory(tif);
+
+- if (tif->tif_dirlist)
+- _TIFFfree(tif->tif_dirlist);
++ if (tif->tif_dirlistoff)
++ _TIFFfree(tif->tif_dirlistoff);
++ if (tif->tif_dirlistdirn)
++ _TIFFfree(tif->tif_dirlistdirn);
+
+ /*
+ * Clean up client info links.
+diff --git a/libtiff/tif_dir.c b/libtiff/tif_dir.c
+index 1402c8e..6d4bf58 100644
+--- a/libtiff/tif_dir.c
++++ b/libtiff/tif_dir.c
+@@ -1511,12 +1511,22 @@ TIFFDefaultDirectory(TIFF* tif)
+ }
+
+ static int
+-TIFFAdvanceDirectory(TIFF* tif, uint64_t* nextdir, uint64_t* off)
++TIFFAdvanceDirectory(TIFF* tif, uint64_t* nextdiroff, uint64_t* off, uint16_t* nextdirnum)
+ {
+ static const char module[] = "TIFFAdvanceDirectory";
++
++ /* Add this directory to the directory list, if not already in. */
++ if (!_TIFFCheckDirNumberAndOffset(tif, *nextdirnum, *nextdiroff)) {
++ TIFFErrorExt(tif->tif_clientdata, module, "Starting directory %"PRIu16" at offset 0x%"PRIx64" (%"PRIu64") might cause an IFD loop",
++ *nextdirnum, *nextdiroff, *nextdiroff);
++ *nextdiroff = 0;
++ *nextdirnum = 0;
++ return(0);
++ }
++
+ if (isMapped(tif))
+ {
+- uint64_t poff=*nextdir;
++ uint64_t poff=*nextdiroff;
+ if (!(tif->tif_flags&TIFF_BIGTIFF))
+ {
+ tmsize_t poffa,poffb,poffc,poffd;
+@@ -1527,7 +1537,7 @@ TIFFAdvanceDirectory(TIFF* tif, uint64_t* nextdir, uint64_t* off)
+ if (((uint64_t)poffa != poff) || (poffb < poffa) || (poffb < (tmsize_t)sizeof(uint16_t)) || (poffb > tif->tif_size))
+ {
+ TIFFErrorExt(tif->tif_clientdata,module,"Error fetching directory count");
+- *nextdir=0;
++ *nextdiroff=0;
+ return(0);
+ }
+ _TIFFmemcpy(&dircount,tif->tif_base+poffa,sizeof(uint16_t));
+@@ -1545,7 +1555,7 @@ TIFFAdvanceDirectory(TIFF* tif, uint64_t* nextdir, uint64_t* off)
+ _TIFFmemcpy(&nextdir32,tif->tif_base+poffc,sizeof(uint32_t));
+ if (tif->tif_flags&TIFF_SWAB)
+ TIFFSwabLong(&nextdir32);
+- *nextdir=nextdir32;
++ *nextdiroff=nextdir32;
+ }
+ else
+ {
+@@ -1577,11 +1587,10 @@ TIFFAdvanceDirectory(TIFF* tif, uint64_t* nextdir, uint64_t* off)
+ }
+ if (off!=NULL)
+ *off=(uint64_t)poffc;
+- _TIFFmemcpy(nextdir,tif->tif_base+poffc,sizeof(uint64_t));
++ _TIFFmemcpy(nextdiroff,tif->tif_base+poffc,sizeof(uint64_t));
+ if (tif->tif_flags&TIFF_SWAB)
+- TIFFSwabLong8(nextdir);
++ TIFFSwabLong8(nextdiroff);
+ }
+- return(1);
+ }
+ else
+ {
+@@ -1589,7 +1598,7 @@ TIFFAdvanceDirectory(TIFF* tif, uint64_t* nextdir, uint64_t* off)
+ {
+ uint16_t dircount;
+ uint32_t nextdir32;
+- if (!SeekOK(tif, *nextdir) ||
++ if (!SeekOK(tif, *nextdiroff) ||
+ !ReadOK(tif, &dircount, sizeof (uint16_t))) {
+ TIFFErrorExt(tif->tif_clientdata, module, "%s: Error fetching directory count",
+ tif->tif_name);
+@@ -1610,13 +1619,13 @@ TIFFAdvanceDirectory(TIFF* tif, uint64_t* nextdir, uint64_t* off)
+ }
+ if (tif->tif_flags & TIFF_SWAB)
+ TIFFSwabLong(&nextdir32);
+- *nextdir=nextdir32;
++ *nextdiroff=nextdir32;
+ }
+ else
+ {
+ uint64_t dircount64;
+ uint16_t dircount16;
+- if (!SeekOK(tif, *nextdir) ||
++ if (!SeekOK(tif, *nextdiroff) ||
+ !ReadOK(tif, &dircount64, sizeof (uint64_t))) {
+ TIFFErrorExt(tif->tif_clientdata, module, "%s: Error fetching directory count",
+ tif->tif_name);
+@@ -1636,17 +1645,27 @@ TIFFAdvanceDirectory(TIFF* tif, uint64_t* nextdir, uint64_t* off)
+ else
+ (void) TIFFSeekFile(tif,
+ dircount16*20, SEEK_CUR);
+- if (!ReadOK(tif, nextdir, sizeof (uint64_t))) {
++ if (!ReadOK(tif, nextdiroff, sizeof (uint64_t))) {
+ TIFFErrorExt(tif->tif_clientdata, module,
+ "%s: Error fetching directory link",
+ tif->tif_name);
+ return (0);
+ }
+ if (tif->tif_flags & TIFF_SWAB)
+- TIFFSwabLong8(nextdir);
++ TIFFSwabLong8(nextdiroff);
+ }
+- return (1);
+ }
++ if (*nextdiroff != 0) {
++ (*nextdirnum)++;
++ /* Check next directory for IFD looping and if so, set it as last directory. */
++ if (!_TIFFCheckDirNumberAndOffset(tif, *nextdirnum, *nextdiroff)) {
++ TIFFWarningExt(tif->tif_clientdata, module, "the next directory %"PRIu16" at offset 0x%"PRIx64" (%"PRIu64") might be an IFD loop. Treating directory %"PRIu16" as last directory",
++ *nextdirnum, *nextdiroff, *nextdiroff, *nextdirnum-1);
++ *nextdiroff = 0;
++ (*nextdirnum)--;
++ }
++ }
++ return (1);
+ }
+
+ /*
+@@ -1656,14 +1675,16 @@ uint16_t
+ TIFFNumberOfDirectories(TIFF* tif)
+ {
+ static const char module[] = "TIFFNumberOfDirectories";
+- uint64_t nextdir;
++ uint64_t nextdiroff;
++ uint16_t nextdirnum;
+ uint16_t n;
+ if (!(tif->tif_flags&TIFF_BIGTIFF))
+- nextdir = tif->tif_header.classic.tiff_diroff;
++ nextdiroff = tif->tif_header.classic.tiff_diroff;
+ else
+- nextdir = tif->tif_header.big.tiff_diroff;
++ nextdiroff = tif->tif_header.big.tiff_diroff;
++ nextdirnum = 0;
+ n = 0;
+- while (nextdir != 0 && TIFFAdvanceDirectory(tif, &nextdir, NULL))
++ while (nextdiroff != 0 && TIFFAdvanceDirectory(tif, &nextdiroff, NULL, &nextdirnum))
+ {
+ if (n != 65535) {
+ ++n;
+@@ -1686,28 +1707,30 @@ TIFFNumberOfDirectories(TIFF* tif)
+ int
+ TIFFSetDirectory(TIFF* tif, uint16_t dirn)
+ {
+- uint64_t nextdir;
++ uint64_t nextdiroff;
++ uint16_t nextdirnum;
+ uint16_t n;
+
+ if (!(tif->tif_flags&TIFF_BIGTIFF))
+- nextdir = tif->tif_header.classic.tiff_diroff;
++ nextdiroff = tif->tif_header.classic.tiff_diroff;
+ else
+- nextdir = tif->tif_header.big.tiff_diroff;
+- for (n = dirn; n > 0 && nextdir != 0; n--)
+- if (!TIFFAdvanceDirectory(tif, &nextdir, NULL))
++ nextdiroff = tif->tif_header.big.tiff_diroff;
++ nextdirnum = 0;
++ for (n = dirn; n > 0 && nextdiroff != 0; n--)
++ if (!TIFFAdvanceDirectory(tif, &nextdiroff, NULL, &nextdirnum))
+ return (0);
+- tif->tif_nextdiroff = nextdir;
++ /* If the n-th directory could not be reached (does not exist),
++ * return here without touching anything further. */
++ if (nextdiroff == 0 || n > 0)
++ return (0);
++
++ tif->tif_nextdiroff = nextdiroff;
+ /*
+ * Set curdir to the actual directory index. The
+ * -1 is because TIFFReadDirectory will increment
+ * tif_curdir after successfully reading the directory.
+ */
+ tif->tif_curdir = (dirn - n) - 1;
+- /*
+- * Reset tif_dirnumber counter and start new list of seen directories.
+- * We need this to prevent IFD loops.
+- */
+- tif->tif_dirnumber = 0;
+ return (TIFFReadDirectory(tif));
+ }
+
+@@ -1720,13 +1743,42 @@ TIFFSetDirectory(TIFF* tif, uint16_t dirn)
+ int
+ TIFFSetSubDirectory(TIFF* tif, uint64_t diroff)
+ {
+- tif->tif_nextdiroff = diroff;
+- /*
+- * Reset tif_dirnumber counter and start new list of seen directories.
+- * We need this to prevent IFD loops.
++ /* Match nextdiroff and curdir for consistent IFD-loop checking.
++ * Only with TIFFSetSubDirectory() the IFD list can be corrupted with invalid offsets
++ * within the main IFD tree.
++ * In the case of several subIFDs of a main image,
++ * there are two possibilities that are not even mutually exclusive.
++ * a.) The subIFD tag contains an array with all offsets of the subIFDs.
++ * b.) The SubIFDs are concatenated with their NextIFD parameters.
++ * (refer to https://www.awaresystems.be/imaging/tiff/specification/TIFFPM6.pdf.)
+ */
+- tif->tif_dirnumber = 0;
+- return (TIFFReadDirectory(tif));
++ int retval;
++ uint16_t curdir = 0;
++ int8_t probablySubIFD = 0;
++ if (diroff == 0) {
++ /* Special case to invalidate the tif_lastdiroff member. */
++ tif->tif_curdir = 65535;
++ } else {
++ if (!_TIFFGetDirNumberFromOffset(tif, diroff, &curdir)) {
++ /* Non-existing offsets might point to a SubIFD or invalid IFD.*/
++ probablySubIFD = 1;
++ }
++ /* -1 because TIFFReadDirectory() will increment tif_curdir. */
++ tif->tif_curdir = curdir - 1;
++ }
++
++ tif->tif_nextdiroff = diroff;
++ retval = TIFFReadDirectory(tif);
++ /* If failed, curdir was not incremented in TIFFReadDirectory(), so set it back. */
++ if (!retval )tif->tif_curdir++;
++ if (retval && probablySubIFD) {
++ /* Reset IFD list to start new one for SubIFD chain and also start SubIFD chain with tif_curdir=0. */
++ tif->tif_dirnumber = 0;
++ tif->tif_curdir = 0; /* first directory of new chain */
++ /* add this offset to new IFD list */
++ _TIFFCheckDirNumberAndOffset(tif, tif->tif_curdir, diroff);
++ }
++ return (retval);
+ }
+
+ /*
+@@ -1750,12 +1802,15 @@ TIFFLastDirectory(TIFF* tif)
+
+ /*
+ * Unlink the specified directory from the directory chain.
++ * Note: First directory starts with number dirn=1.
++ * This is different to TIFFSetDirectory() where the first directory starts with zero.
+ */
+ int
+ TIFFUnlinkDirectory(TIFF* tif, uint16_t dirn)
+ {
+ static const char module[] = "TIFFUnlinkDirectory";
+ uint64_t nextdir;
++ uint16_t nextdirnum;
+ uint64_t off;
+ uint16_t n;
+
+@@ -1779,19 +1834,21 @@ TIFFUnlinkDirectory(TIFF* tif, uint16_t dirn)
+ nextdir = tif->tif_header.big.tiff_diroff;
+ off = 8;
+ }
++ nextdirnum = 0; /* First directory is dirn=0 */
++
+ for (n = dirn-1; n > 0; n--) {
+ if (nextdir == 0) {
+ TIFFErrorExt(tif->tif_clientdata, module, "Directory %"PRIu16" does not exist", dirn);
+ return (0);
+ }
+- if (!TIFFAdvanceDirectory(tif, &nextdir, &off))
++ if (!TIFFAdvanceDirectory(tif, &nextdir, &off, &nextdirnum))
+ return (0);
+ }
+ /*
+ * Advance to the directory to be unlinked and fetch
+ * the offset of the directory that follows.
+ */
+- if (!TIFFAdvanceDirectory(tif, &nextdir, NULL))
++ if (!TIFFAdvanceDirectory(tif, &nextdir, NULL, &nextdirnum))
+ return (0);
+ /*
+ * Go back and patch the link field of the preceding
+diff --git a/libtiff/tif_dir.h b/libtiff/tif_dir.h
+index 900dec1..f1a5125 100644
+--- a/libtiff/tif_dir.h
++++ b/libtiff/tif_dir.h
+@@ -302,6 +302,8 @@ extern int _TIFFMergeFields(TIFF*, const TIFFField[], uint32_t);
+ extern const TIFFField* _TIFFFindOrRegisterField(TIFF *, uint32_t, TIFFDataType);
+ extern TIFFField* _TIFFCreateAnonField(TIFF *, uint32_t, TIFFDataType);
+ extern int _TIFFCheckFieldIsValidForCodec(TIFF *tif, ttag_t tag);
++extern int _TIFFCheckDirNumberAndOffset(TIFF *tif, uint16_t dirn, uint64_t diroff);
++extern int _TIFFGetDirNumberFromOffset(TIFF *tif, uint64_t diroff, uint16_t *dirn);
+
+ #if defined(__cplusplus)
+ }
+diff --git a/libtiff/tif_dirread.c b/libtiff/tif_dirread.c
+index d7cccbe..f07de60 100644
+--- a/libtiff/tif_dirread.c
++++ b/libtiff/tif_dirread.c
+@@ -154,7 +154,6 @@ static void TIFFReadDirectoryFindFieldInfo(TIFF* tif, uint16_t tagid, uint32_t*
+
+ static int EstimateStripByteCounts(TIFF* tif, TIFFDirEntry* dir, uint16_t dircount);
+ static void MissingRequired(TIFF*, const char*);
+-static int TIFFCheckDirOffset(TIFF* tif, uint64_t diroff);
+ static int CheckDirCount(TIFF*, TIFFDirEntry*, uint32_t);
+ static uint16_t TIFFFetchDirectory(TIFF* tif, uint64_t diroff, TIFFDirEntry** pdir, uint64_t* nextdiroff);
+ static int TIFFFetchNormalTag(TIFF*, TIFFDirEntry*, int recover);
+@@ -3590,12 +3589,19 @@ TIFFReadDirectory(TIFF* tif)
+ int bitspersample_read = FALSE;
+ int color_channels;
+
+- tif->tif_diroff=tif->tif_nextdiroff;
+- if (!TIFFCheckDirOffset(tif,tif->tif_nextdiroff))
+- return 0; /* last offset or bad offset (IFD looping) */
+- (*tif->tif_cleanup)(tif); /* cleanup any previous compression state */
+- tif->tif_curdir++;
+- nextdiroff = tif->tif_nextdiroff;
++ if (tif->tif_nextdiroff == 0) {
++ /* In this special case, tif_diroff needs also to be set to 0. */
++ tif->tif_diroff = tif->tif_nextdiroff;
++ return 0; /* last offset, thus no checking necessary */
++ }
++
++ nextdiroff = tif->tif_nextdiroff;
++ /* tif_curdir++ and tif_nextdiroff should only be updated after SUCCESSFUL reading of the directory. Otherwise, invalid IFD offsets could corrupt the IFD list. */
++ if (!_TIFFCheckDirNumberAndOffset(tif, tif->tif_curdir + 1, nextdiroff)) {
++ TIFFWarningExt(tif->tif_clientdata, module,
++ "Didn't read next directory due to IFD looping at offset 0x%"PRIx64" (%"PRIu64") to offset 0x%"PRIx64" (%"PRIu64")", tif->tif_diroff, tif->tif_diroff, nextdiroff, nextdiroff);
++ return 0; /* bad offset (IFD looping) */
++ }
+ dircount=TIFFFetchDirectory(tif,nextdiroff,&dir,&tif->tif_nextdiroff);
+ if (!dircount)
+ {
+@@ -3603,6 +3609,11 @@ TIFFReadDirectory(TIFF* tif)
+ "Failed to read directory at offset %" PRIu64, nextdiroff);
+ return 0;
+ }
++ /* Set global values after a valid directory has been fetched.
++ * tif_diroff is already set to nextdiroff in TIFFFetchDirectory() in the beginning. */
++ tif->tif_curdir++;
++ (*tif->tif_cleanup)(tif); /* cleanup any previous compression state */
++
+ TIFFReadDirectoryCheckOrder(tif,dir,dircount);
+
+ /*
+@@ -4687,53 +4698,127 @@ MissingRequired(TIFF* tif, const char* tagname)
+ }
+
+ /*
+- * Check the directory offset against the list of already seen directory
+- * offsets. This is a trick to prevent IFD looping. The one can create TIFF
+- * file with looped directory pointers. We will maintain a list of already
+- * seen directories and check every IFD offset against that list.
++ * Check the directory number and offset against the list of already seen
++ * directory numbers and offsets. This is a trick to prevent IFD looping.
++ * The one can create TIFF file with looped directory pointers. We will
++ * maintain a list of already seen directories and check every IFD offset
++ * and its IFD number against that list. However, the offset of an IFD number
++ * can change - e.g. when writing updates to file.
++ * Returns 1 if all is ok; 0 if last directory or IFD loop is encountered,
++ * or an error has occured.
+ */
+-static int
+-TIFFCheckDirOffset(TIFF* tif, uint64_t diroff)
++int
++_TIFFCheckDirNumberAndOffset(TIFF *tif, uint16_t dirn, uint64_t diroff)
+ {
+ uint16_t n;
+
+ if (diroff == 0) /* no more directories */
+ return 0;
+ if (tif->tif_dirnumber == 65535) {
+- TIFFErrorExt(tif->tif_clientdata, "TIFFCheckDirOffset",
+- "Cannot handle more than 65535 TIFF directories");
+- return 0;
++ TIFFErrorExt(tif->tif_clientdata, "_TIFFCheckDirNumberAndOffset",
++ "Cannot handle more than 65535 TIFF directories");
++ return 0;
+ }
+
+- for (n = 0; n < tif->tif_dirnumber && tif->tif_dirlist; n++) {
+- if (tif->tif_dirlist[n] == diroff)
+- return 0;
++ /* Check if offset is already in the list:
++ * - yes: check, if offset is at the same IFD number - if not, it is an IFD loop
++ * - no: add to list or update offset at that IFD number
++ */
++ for (n = 0; n < tif->tif_dirnumber && tif->tif_dirlistdirn && tif->tif_dirlistoff; n++) {
++ if (tif->tif_dirlistoff[n] == diroff) {
++ if (tif->tif_dirlistdirn[n] == dirn) {
++ return 1;
++ } else {
++ TIFFWarningExt(tif->tif_clientdata, "_TIFFCheckDirNumberAndOffset",
++ "TIFF directory %"PRIu16" has IFD looping to directory %"PRIu16" at offset 0x%"PRIx64" (%"PRIu64")",
++ dirn-1, tif->tif_dirlistdirn[n], diroff, diroff);
++ return 0;
++ }
++ }
++ }
++ /* Check if offset of an IFD has been changed and update offset of that IFD number. */
++ if (dirn < tif->tif_dirnumber && tif->tif_dirlistdirn && tif->tif_dirlistoff) {
++ /* tif_dirlistdirn can have IFD numbers dirn in random order */
++ for (n = 0; n < tif->tif_dirnumber; n++) {
++ if (tif->tif_dirlistdirn[n] == dirn) {
++ tif->tif_dirlistoff[n] = diroff;
++ return 1;
++ }
++ }
+ }
+
++ /* Add IFD offset and dirn to IFD directory list */
+ tif->tif_dirnumber++;
+
+- if (tif->tif_dirlist == NULL || tif->tif_dirnumber > tif->tif_dirlistsize) {
+- uint64_t* new_dirlist;
+-
++ if (tif->tif_dirlistoff == NULL || tif->tif_dirlistdirn == NULL || tif->tif_dirnumber > tif->tif_dirlistsize) {
++ uint64_t *new_dirlist;
+ /*
+ * XXX: Reduce memory allocation granularity of the dirlist
+ * array.
+ */
+- new_dirlist = (uint64_t*)_TIFFCheckRealloc(tif, tif->tif_dirlist,
+- tif->tif_dirnumber, 2 * sizeof(uint64_t), "for IFD list");
++ if (tif->tif_dirnumber >= 32768)
++ tif->tif_dirlistsize = 65535;
++ else
++ tif->tif_dirlistsize = 2 * tif->tif_dirnumber;
++
++ new_dirlist = (uint64_t *)_TIFFCheckRealloc(tif, tif->tif_dirlistoff,
++ tif->tif_dirlistsize, sizeof(uint64_t), "for IFD offset list");
+ if (!new_dirlist)
+ return 0;
+- if( tif->tif_dirnumber >= 32768 )
+- tif->tif_dirlistsize = 65535;
+- else
+- tif->tif_dirlistsize = 2 * tif->tif_dirnumber;
+- tif->tif_dirlist = new_dirlist;
++ tif->tif_dirlistoff = new_dirlist;
++ new_dirlist = (uint64_t *)_TIFFCheckRealloc(tif, tif->tif_dirlistdirn,
++ tif->tif_dirlistsize, sizeof(uint16_t), "for IFD dirnumber list");
++ if (!new_dirlist)
++ return 0;
++ tif->tif_dirlistdirn = (uint16_t *)new_dirlist;
+ }
+
+- tif->tif_dirlist[tif->tif_dirnumber - 1] = diroff;
++ tif->tif_dirlistoff[tif->tif_dirnumber - 1] = diroff;
++ tif->tif_dirlistdirn[tif->tif_dirnumber - 1] = dirn;
+
+ return 1;
+-}
++} /* --- _TIFFCheckDirNumberAndOffset() ---*/
++
++/*
++ * Retrieve the matching IFD directory number of a given IFD offset
++ * from the list of directories already seen.
++ * Returns 1 if the offset was in the list and the directory number
++ * can be returned.
++ * Otherwise returns 0 or if an error occured.
++ */
++int
++_TIFFGetDirNumberFromOffset(TIFF *tif, uint64_t diroff, uint16_t* dirn)
++{
++ uint16_t n;
++
++ if (diroff == 0) /* no more directories */
++ return 0;
++ if (tif->tif_dirnumber == 65535) {
++ TIFFErrorExt(tif->tif_clientdata, "_TIFFGetDirNumberFromOffset",
++ "Cannot handle more than 65535 TIFF directories");
++ return 0;
++ }
++
++ /* Check if offset is already in the list and return matching directory number.
++ * Otherwise update IFD list using TIFFNumberOfDirectories()
++ * and search again in IFD list.
++ */
++ for (n = 0; n < tif->tif_dirnumber && tif->tif_dirlistoff && tif->tif_dirlistdirn; n++) {
++ if (tif->tif_dirlistoff[n] == diroff) {
++ *dirn = tif->tif_dirlistdirn[n];
++ return 1;
++ }
++ }
++ TIFFNumberOfDirectories(tif);
++ for (n = 0; n < tif->tif_dirnumber && tif->tif_dirlistoff && tif->tif_dirlistdirn; n++) {
++ if (tif->tif_dirlistoff[n] == diroff) {
++ *dirn = tif->tif_dirlistdirn[n];
++ return 1;
++ }
++ }
++ return 0;
++} /*--- _TIFFGetDirNumberFromOffset() ---*/
++
+
+ /*
+ * Check the count field of a directory entry against a known value. The
+diff --git a/libtiff/tif_open.c b/libtiff/tif_open.c
+index 9724162..f047c73 100644
+--- a/libtiff/tif_open.c
++++ b/libtiff/tif_open.c
+@@ -354,7 +354,8 @@ TIFFClientOpen(
+ if (!TIFFDefaultDirectory(tif))
+ goto bad;
+ tif->tif_diroff = 0;
+- tif->tif_dirlist = NULL;
++ tif->tif_dirlistoff = NULL;
++ tif->tif_dirlistdirn = NULL;
+ tif->tif_dirlistsize = 0;
+ tif->tif_dirnumber = 0;
+ return (tif);
+diff --git a/libtiff/tiffiop.h b/libtiff/tiffiop.h
+index c1d0276..9459fe8 100644
+--- a/libtiff/tiffiop.h
++++ b/libtiff/tiffiop.h
+@@ -117,7 +117,8 @@ struct tiff {
+ #define TIFF_CHOPPEDUPARRAYS 0x4000000U /* set when allocChoppedUpStripArrays() has modified strip array */
+ uint64_t tif_diroff; /* file offset of current directory */
+ uint64_t tif_nextdiroff; /* file offset of following directory */
+- uint64_t* tif_dirlist; /* list of offsets to already seen directories to prevent IFD looping */
++ uint64_t* tif_dirlistoff; /* list of offsets to already seen directories to prevent IFD looping */
++ uint16_t* tif_dirlistdirn; /* list of directory numbers to already seen directories to prevent IFD looping */
+ uint16_t tif_dirlistsize; /* number of entries in offset list */
+ uint16_t tif_dirnumber; /* number of already seen directories */
+ TIFFDirectory tif_dir; /* internal rep of current directory */
+--
+2.25.1
+
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb
index 61d8142e41..9e1e6fa099 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb
@@ -43,6 +43,7 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
file://CVE-2023-3618-1.patch \
file://CVE-2023-3618-2.patch \
file://CVE-2023-26966.patch \
+ file://CVE-2022-40090.patch \
"
SRC_URI[sha256sum] = "0e46e5acb087ce7d1ac53cf4f56a09b221537fc86dfc5daaad1c2e89e1b37ac8"
--
2.34.1
^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 02/13] xdg-utils: Fix CVE-2022-4055
2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 01/13] libtiff: fix CVE-2022-40090 improved IFD-Loop handling Steve Sakoman
@ 2023-10-14 21:44 ` Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 03/13] binutils: Fix CVE-2022-44840 Steve Sakoman
` (10 subsequent siblings)
12 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw)
To: openembedded-core
From: Hitendra Prajapati <hprajapati@mvista.com>
Upstream-Status: Backport from https://gitlab.freedesktop.org/xdg/xdg-utils/-/commit/f67c4d1f8bd2e3cbcb9eb49f5e897075e7426780
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../xdg-utils/xdg-utils/CVE-2022-4055.patch | 165 ++++++++++++++++++
.../xdg-utils/xdg-utils_1.1.3.bb | 1 +
2 files changed, 166 insertions(+)
create mode 100644 meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch
diff --git a/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch b/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch
new file mode 100644
index 0000000000..383634ad53
--- /dev/null
+++ b/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch
@@ -0,0 +1,165 @@
+From f67c4d1f8bd2e3cbcb9eb49f5e897075e7426780 Mon Sep 17 00:00:00 2001
+From: Gabriel Corona <gabriel.corona@enst-bretagne.fr>
+Date: Thu, 25 Aug 2022 23:51:45 +0200
+Subject: [PATCH] Disable special support for Thunderbird in xdg-email (fixes
+ CVE-2020-27748, CVE-2022-4055)
+
+Upstream-Status: Backport [https://gitlab.freedesktop.org/xdg/xdg-utils/-/commit/f67c4d1f8bd2e3cbcb9eb49f5e897075e7426780]
+CVE: CVE-2022-4055
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ scripts/xdg-email.in | 108 -------------------------------------------
+ 1 file changed, 108 deletions(-)
+
+diff --git a/scripts/xdg-email.in b/scripts/xdg-email.in
+index 13ba2d5..b700679 100644
+--- a/scripts/xdg-email.in
++++ b/scripts/xdg-email.in
+@@ -30,76 +30,8 @@ _USAGE
+
+ #@xdg-utils-common@
+
+-run_thunderbird()
+-{
+- local THUNDERBIRD MAILTO NEWMAILTO TO CC BCC SUBJECT BODY
+- THUNDERBIRD="$1"
+- MAILTO=$(echo "$2" | sed 's/^mailto://')
+- echo "$MAILTO" | grep -qs "^?"
+- if [ "$?" = "0" ] ; then
+- MAILTO=$(echo "$MAILTO" | sed 's/^?//')
+- else
+- MAILTO=$(echo "$MAILTO" | sed 's/^/to=/' | sed 's/?/\&/')
+- fi
+-
+- MAILTO=$(echo "$MAILTO" | sed 's/&/\n/g')
+- TO=$(/bin/echo -e $(echo "$MAILTO" | grep '^to=' | sed 's/^to=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }'))
+- CC=$(/bin/echo -e $(echo "$MAILTO" | grep '^cc=' | sed 's/^cc=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }'))
+- BCC=$(/bin/echo -e $(echo "$MAILTO" | grep '^bcc=' | sed 's/^bcc=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }'))
+- SUBJECT=$(echo "$MAILTO" | grep '^subject=' | tail -n 1)
+- BODY=$(echo "$MAILTO" | grep '^body=' | tail -n 1)
+-
+- if [ -z "$TO" ] ; then
+- NEWMAILTO=
+- else
+- NEWMAILTO="to='$TO'"
+- fi
+- if [ -n "$CC" ] ; then
+- NEWMAILTO="${NEWMAILTO},cc='$CC'"
+- fi
+- if [ -n "$BCC" ] ; then
+- NEWMAILTO="${NEWMAILTO},bcc='$BCC'"
+- fi
+- if [ -n "$SUBJECT" ] ; then
+- NEWMAILTO="${NEWMAILTO},$SUBJECT"
+- fi
+- if [ -n "$BODY" ] ; then
+- NEWMAILTO="${NEWMAILTO},$BODY"
+- fi
+-
+- NEWMAILTO=$(echo "$NEWMAILTO" | sed 's/^,//')
+- DEBUG 1 "Running $THUNDERBIRD -compose \"$NEWMAILTO\""
+- "$THUNDERBIRD" -compose "$NEWMAILTO"
+- if [ $? -eq 0 ]; then
+- exit_success
+- else
+- exit_failure_operation_failed
+- fi
+-}
+-
+ open_kde()
+ {
+- if [ -n "$KDE_SESSION_VERSION" ] && [ "$KDE_SESSION_VERSION" -ge 5 ]; then
+- local kreadconfig=kreadconfig$KDE_SESSION_VERSION
+- else
+- local kreadconfig=kreadconfig
+- fi
+-
+- if which $kreadconfig >/dev/null 2>&1; then
+- local profile=$($kreadconfig --file emaildefaults \
+- --group Defaults --key Profile)
+- if [ -n "$profile" ]; then
+- local client=$($kreadconfig --file emaildefaults \
+- --group "PROFILE_$profile" \
+- --key EmailClient \
+- | cut -d ' ' -f 1)
+-
+- if echo "$client" | grep -Eq 'thunderbird|icedove'; then
+- run_thunderbird "$client" "$1"
+- fi
+- fi
+- fi
+-
+ local command
+ case "$KDE_SESSION_VERSION" in
+ '') command=kmailservice ;;
+@@ -130,15 +62,6 @@ open_kde()
+
+ open_gnome3()
+ {
+- local client
+- local desktop
+- desktop=`xdg-mime query default "x-scheme-handler/mailto"`
+- client=`desktop_file_to_binary "$desktop"`
+- echo $client | grep -E 'thunderbird|icedove' > /dev/null 2>&1
+- if [ $? -eq 0 ] ; then
+- run_thunderbird "$client" "$1"
+- fi
+-
+ if gio help open 2>/dev/null 1>&2; then
+ DEBUG 1 "Running gio open \"$1\""
+ gio open "$1"
+@@ -159,13 +82,6 @@ open_gnome3()
+
+ open_gnome()
+ {
+- local client
+- client=`gconftool-2 --get /desktop/gnome/url-handlers/mailto/command | cut -d ' ' -f 1` || ""
+- echo $client | grep -E 'thunderbird|icedove' > /dev/null 2>&1
+- if [ $? -eq 0 ] ; then
+- run_thunderbird "$client" "$1"
+- fi
+-
+ if gio help open 2>/dev/null 1>&2; then
+ DEBUG 1 "Running gio open \"$1\""
+ gio open "$1"
+@@ -231,15 +147,6 @@ open_flatpak()
+
+ open_generic()
+ {
+- local client
+- local desktop
+- desktop=`xdg-mime query default "x-scheme-handler/mailto"`
+- client=`desktop_file_to_binary "$desktop"`
+- echo $client | grep -E 'thunderbird|icedove' > /dev/null 2>&1
+- if [ $? -eq 0 ] ; then
+- run_thunderbird "$client" "$1"
+- fi
+-
+ xdg-open "$1"
+ local ret=$?
+
+@@ -364,21 +271,6 @@ while [ $# -gt 0 ] ; do
+ shift
+ ;;
+
+- --attach)
+- if [ -z "$1" ] ; then
+- exit_failure_syntax "file argument missing for --attach option"
+- fi
+- check_input_file "$1"
+- file=`readlink -f "$1"` # Normalize path
+- if [ -z "$file" ] || [ ! -f "$file" ] ; then
+- exit_failure_file_missing "file '$1' does not exist"
+- fi
+-
+- url_encode "$file"
+- options="${options}attach=${result}&"
+- shift
+- ;;
+-
+ -*)
+ exit_failure_syntax "unexpected option '$parm'"
+ ;;
+--
+2.25.1
+
diff --git a/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb b/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb
index 73acf6b744..4d93180535 100644
--- a/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb
+++ b/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb
@@ -21,6 +21,7 @@ SRC_URI = "https://portland.freedesktop.org/download/${BPN}-${PV}.tar.gz \
file://0001-Reinstate-xdg-terminal.patch \
file://0001-Don-t-build-the-in-script-manual.patch \
file://1f199813e0eb0246f63b54e9e154970e609575af.patch \
+ file://CVE-2022-4055.patch \
"
SRC_URI[md5sum] = "902042508b626027a3709d105f0b63ff"
--
2.34.1
^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 03/13] binutils: Fix CVE-2022-44840
2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 01/13] libtiff: fix CVE-2022-40090 improved IFD-Loop handling Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 02/13] xdg-utils: Fix CVE-2022-4055 Steve Sakoman
@ 2023-10-14 21:44 ` Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 04/13] binutils: Fix CVE-2022-45703 Steve Sakoman
` (9 subsequent siblings)
12 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw)
To: openembedded-core
From: Yash Shinde <Yash.Shinde@windriver.com>
Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../binutils/binutils-2.38.inc | 1 +
.../binutils/0030-CVE-2022-44840.patch | 151 ++++++++++++++++++
2 files changed, 152 insertions(+)
create mode 100644 meta/recipes-devtools/binutils/binutils/0030-CVE-2022-44840.patch
diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc
index 638b1ba93d..7c5d8f79ec 100644
--- a/meta/recipes-devtools/binutils/binutils-2.38.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.38.inc
@@ -59,5 +59,6 @@ SRC_URI = "\
file://0029-CVE-2022-48065-1.patch \
file://0029-CVE-2022-48065-2.patch \
file://0029-CVE-2022-48065-3.patch \
+ file://0030-CVE-2022-44840.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/0030-CVE-2022-44840.patch b/meta/recipes-devtools/binutils/binutils/0030-CVE-2022-44840.patch
new file mode 100644
index 0000000000..2f4c38044b
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0030-CVE-2022-44840.patch
@@ -0,0 +1,151 @@
+From: Alan Modra <amodra@gmail.com>
+Date: Sun, 30 Oct 2022 08:38:51 +0000 (+1030)
+Subject: Pool section entries for DWP version 1
+X-Git-Tag: gdb-13-branchpoint~664
+X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=28750e3b967da2207d51cbce9fc8be262817ee59
+
+Pool section entries for DWP version 1
+
+Ref: https://gcc.gnu.org/wiki/DebugFissionDWP?action=recall&rev=3
+
+Fuzzers have found a weakness in the code stashing pool section
+entries. With random nonsensical values in the index entries (rather
+than each index pointing to its own set distinct from other sets),
+it's possible to overflow the space allocated, losing the NULL
+terminator. Without a terminator, find_section_in_set can run off the
+end of the shndx_pool buffer. Fix this by scanning the pool directly.
+
+binutils/
+ * dwarf.c (add_shndx_to_cu_tu_entry): Delete range check.
+ (end_cu_tu_entry): Likewise.
+ (process_cu_tu_index): Fill shndx_pool by directly scanning
+ pool, rather than indirectly from index entries.
+
+Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=blobdiff_plain;f=binutils/dwarf.c;h=7730293326ac1049451eb4a037ac86d827030700;hp=c6340a28906114e9df29d7401472c7dc0a98c2b1;hb=28750e3b967da2207d51cbce9fc8be262817ee59;hpb=60095ba3b8f8ba26a6389dded732fa446422c98f]
+
+CVE: CVE-2022-44840
+
+Signed-off-by: yash shinde <yash.shinde@windriver.com>
+
+diff --git a/binutils/dwarf.c b/binutils/dwarf.c
+index c6340a28906..7730293326a 100644
+--- a/binutils/dwarf.c
++++ b/binutils/dwarf.c
+@@ -10652,22 +10652,12 @@ prealloc_cu_tu_list (unsigned int nshndx)
+ static void
+ add_shndx_to_cu_tu_entry (unsigned int shndx)
+ {
+- if (shndx_pool_used >= shndx_pool_size)
+- {
+- error (_("Internal error: out of space in the shndx pool.\n"));
+- return;
+- }
+ shndx_pool [shndx_pool_used++] = shndx;
+ }
+
+ static void
+ end_cu_tu_entry (void)
+ {
+- if (shndx_pool_used >= shndx_pool_size)
+- {
+- error (_("Internal error: out of space in the shndx pool.\n"));
+- return;
+- }
+ shndx_pool [shndx_pool_used++] = 0;
+ }
+
+@@ -10773,53 +10763,55 @@ process_cu_tu_index (struct dwarf_section *section, int do_display)
+
+ if (version == 1)
+ {
++ unsigned char *shndx_list;
++ unsigned int shndx;
++
+ if (!do_display)
+- prealloc_cu_tu_list ((limit - ppool) / 4);
+- for (i = 0; i < nslots; i++)
+ {
+- unsigned char *shndx_list;
+- unsigned int shndx;
+-
+- SAFE_BYTE_GET (signature, phash, 8, limit);
+- if (signature != 0)
++ prealloc_cu_tu_list ((limit - ppool) / 4);
++ for (shndx_list = ppool + 4; shndx_list <= limit - 4; shndx_list += 4)
+ {
+- SAFE_BYTE_GET (j, pindex, 4, limit);
+- shndx_list = ppool + j * 4;
+- /* PR 17531: file: 705e010d. */
+- if (shndx_list < ppool)
+- {
+- warn (_("Section index pool located before start of section\n"));
+- return 0;
+- }
++ shndx = byte_get (shndx_list, 4);
++ add_shndx_to_cu_tu_entry (shndx);
++ }
++ end_cu_tu_entry ();
++ }
++ else
++ for (i = 0; i < nslots; i++)
++ {
++ SAFE_BYTE_GET (signature, phash, 8, limit);
++ if (signature != 0)
++ {
++ SAFE_BYTE_GET (j, pindex, 4, limit);
++ shndx_list = ppool + j * 4;
++ /* PR 17531: file: 705e010d. */
++ if (shndx_list < ppool)
++ {
++ warn (_("Section index pool located before start of section\n"));
++ return 0;
++ }
+
+- if (do_display)
+ printf (_(" [%3d] Signature: 0x%s Sections: "),
+ i, dwarf_vmatoa ("x", signature));
+- for (;;)
+- {
+- if (shndx_list >= limit)
+- {
+- warn (_("Section %s too small for shndx pool\n"),
+- section->name);
+- return 0;
+- }
+- SAFE_BYTE_GET (shndx, shndx_list, 4, limit);
+- if (shndx == 0)
+- break;
+- if (do_display)
++ for (;;)
++ {
++ if (shndx_list >= limit)
++ {
++ warn (_("Section %s too small for shndx pool\n"),
++ section->name);
++ return 0;
++ }
++ SAFE_BYTE_GET (shndx, shndx_list, 4, limit);
++ if (shndx == 0)
++ break;
+ printf (" %d", shndx);
+- else
+- add_shndx_to_cu_tu_entry (shndx);
+- shndx_list += 4;
+- }
+- if (do_display)
++ shndx_list += 4;
++ }
+ printf ("\n");
+- else
+- end_cu_tu_entry ();
+- }
+- phash += 8;
+- pindex += 4;
+- }
++ }
++ phash += 8;
++ pindex += 4;
++ }
+ }
+ else if (version == 2)
+ {
--
2.34.1
^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 04/13] binutils: Fix CVE-2022-45703
2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman
` (2 preceding siblings ...)
2023-10-14 21:44 ` [OE-core][kirkstone 03/13] binutils: Fix CVE-2022-44840 Steve Sakoman
@ 2023-10-14 21:44 ` Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 05/13] vim: Upgrade 9.0.1894 -> 9.0.2009 Steve Sakoman
` (8 subsequent siblings)
12 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw)
To: openembedded-core
From: Yash Shinde <Yash.Shinde@windriver.com>
Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../binutils/binutils-2.38.inc | 2 +
.../binutils/0031-CVE-2022-45703-1.patch | 147 ++++++++++++++++++
.../binutils/0031-CVE-2022-45703-2.patch | 31 ++++
3 files changed, 180 insertions(+)
create mode 100644 meta/recipes-devtools/binutils/binutils/0031-CVE-2022-45703-1.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0031-CVE-2022-45703-2.patch
diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc
index 7c5d8f79ec..0964ab0825 100644
--- a/meta/recipes-devtools/binutils/binutils-2.38.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.38.inc
@@ -60,5 +60,7 @@ SRC_URI = "\
file://0029-CVE-2022-48065-2.patch \
file://0029-CVE-2022-48065-3.patch \
file://0030-CVE-2022-44840.patch \
+ file://0031-CVE-2022-45703-1.patch \
+ file://0031-CVE-2022-45703-2.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/0031-CVE-2022-45703-1.patch b/meta/recipes-devtools/binutils/binutils/0031-CVE-2022-45703-1.patch
new file mode 100644
index 0000000000..3db4385e13
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0031-CVE-2022-45703-1.patch
@@ -0,0 +1,147 @@
+From: Alan Modra <amodra@gmail.com>
+Date: Tue, 24 May 2022 00:02:14 +0000 (+0930)
+Subject: PR29169, invalid read displaying fuzzed .gdb_index
+X-Git-Tag: binutils-2_39~530
+X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=244e19c79111eed017ee38ab1d44fb2a6cd1b636
+
+PR29169, invalid read displaying fuzzed .gdb_index
+
+ PR 29169
+ * dwarf.c (display_gdb_index): Combine sanity checks. Calculate
+ element counts, not word counts.
+Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=244e19c79111eed017ee38ab1d44fb2a6cd1b636]
+
+CVE: CVE-2022-45703
+
+Signed-off-by: yash shinde <yash.shinde@windriver.com>
+
+---
+
+diff --git a/binutils/dwarf.c b/binutils/dwarf.c
+index 7de6f28161f..c855972a12f 100644
+--- a/binutils/dwarf.c
++++ b/binutils/dwarf.c
+@@ -10406,7 +10406,7 @@ display_gdb_index (struct dwarf_section *section,
+ uint32_t cu_list_offset, tu_list_offset;
+ uint32_t address_table_offset, symbol_table_offset, constant_pool_offset;
+ unsigned int cu_list_elements, tu_list_elements;
+- unsigned int address_table_size, symbol_table_slots;
++ unsigned int address_table_elements, symbol_table_slots;
+ unsigned char *cu_list, *tu_list;
+ unsigned char *address_table, *symbol_table, *constant_pool;
+ unsigned int i;
+@@ -10454,48 +10454,19 @@ display_gdb_index (struct dwarf_section *section,
+ || tu_list_offset > section->size
+ || address_table_offset > section->size
+ || symbol_table_offset > section->size
+- || constant_pool_offset > section->size)
++ || constant_pool_offset > section->size
++ || tu_list_offset < cu_list_offset
++ || address_table_offset < tu_list_offset
++ || symbol_table_offset < address_table_offset
++ || constant_pool_offset < symbol_table_offset)
+ {
+ warn (_("Corrupt header in the %s section.\n"), section->name);
+ return 0;
+ }
+
+- /* PR 17531: file: 418d0a8a. */
+- if (tu_list_offset < cu_list_offset)
+- {
+- warn (_("TU offset (%x) is less than CU offset (%x)\n"),
+- tu_list_offset, cu_list_offset);
+- return 0;
+- }
+-
+- cu_list_elements = (tu_list_offset - cu_list_offset) / 8;
+-
+- if (address_table_offset < tu_list_offset)
+- {
+- warn (_("Address table offset (%x) is less than TU offset (%x)\n"),
+- address_table_offset, tu_list_offset);
+- return 0;
+- }
+-
+- tu_list_elements = (address_table_offset - tu_list_offset) / 8;
+-
+- /* PR 17531: file: 18a47d3d. */
+- if (symbol_table_offset < address_table_offset)
+- {
+- warn (_("Symbol table offset (%x) is less then Address table offset (%x)\n"),
+- symbol_table_offset, address_table_offset);
+- return 0;
+- }
+-
+- address_table_size = symbol_table_offset - address_table_offset;
+-
+- if (constant_pool_offset < symbol_table_offset)
+- {
+- warn (_("Constant pool offset (%x) is less than symbol table offset (%x)\n"),
+- constant_pool_offset, symbol_table_offset);
+- return 0;
+- }
+-
++ cu_list_elements = (tu_list_offset - cu_list_offset) / 16;
++ tu_list_elements = (address_table_offset - tu_list_offset) / 24;
++ address_table_elements = (symbol_table_offset - address_table_offset) / 20;
+ symbol_table_slots = (constant_pool_offset - symbol_table_offset) / 8;
+
+ cu_list = start + cu_list_offset;
+@@ -10504,31 +10475,25 @@ display_gdb_index (struct dwarf_section *section,
+ symbol_table = start + symbol_table_offset;
+ constant_pool = start + constant_pool_offset;
+
+- if (address_table_offset + address_table_size > section->size)
+- {
+- warn (_("Address table extends beyond end of section.\n"));
+- return 0;
+- }
+-
+ printf (_("\nCU table:\n"));
+- for (i = 0; i < cu_list_elements; i += 2)
++ for (i = 0; i < cu_list_elements; i++)
+ {
+- uint64_t cu_offset = byte_get_little_endian (cu_list + i * 8, 8);
+- uint64_t cu_length = byte_get_little_endian (cu_list + i * 8 + 8, 8);
++ uint64_t cu_offset = byte_get_little_endian (cu_list + i * 16, 8);
++ uint64_t cu_length = byte_get_little_endian (cu_list + i * 16 + 8, 8);
+
+- printf (_("[%3u] 0x%lx - 0x%lx\n"), i / 2,
++ printf (_("[%3u] 0x%lx - 0x%lx\n"), i,
+ (unsigned long) cu_offset,
+ (unsigned long) (cu_offset + cu_length - 1));
+ }
+
+ printf (_("\nTU table:\n"));
+- for (i = 0; i < tu_list_elements; i += 3)
++ for (i = 0; i < tu_list_elements; i++)
+ {
+- uint64_t tu_offset = byte_get_little_endian (tu_list + i * 8, 8);
+- uint64_t type_offset = byte_get_little_endian (tu_list + i * 8 + 8, 8);
+- uint64_t signature = byte_get_little_endian (tu_list + i * 8 + 16, 8);
++ uint64_t tu_offset = byte_get_little_endian (tu_list + i * 24, 8);
++ uint64_t type_offset = byte_get_little_endian (tu_list + i * 24 + 8, 8);
++ uint64_t signature = byte_get_little_endian (tu_list + i * 24 + 16, 8);
+
+- printf (_("[%3u] 0x%lx 0x%lx "), i / 3,
++ printf (_("[%3u] 0x%lx 0x%lx "), i,
+ (unsigned long) tu_offset,
+ (unsigned long) type_offset);
+ print_dwarf_vma (signature, 8);
+@@ -10536,12 +10501,11 @@ display_gdb_index (struct dwarf_section *section,
+ }
+
+ printf (_("\nAddress table:\n"));
+- for (i = 0; i < address_table_size && i <= address_table_size - (2 * 8 + 4);
+- i += 2 * 8 + 4)
++ for (i = 0; i < address_table_elements; i++)
+ {
+- uint64_t low = byte_get_little_endian (address_table + i, 8);
+- uint64_t high = byte_get_little_endian (address_table + i + 8, 8);
+- uint32_t cu_index = byte_get_little_endian (address_table + i + 16, 4);
++ uint64_t low = byte_get_little_endian (address_table + i * 20, 8);
++ uint64_t high = byte_get_little_endian (address_table + i * 20 + 8, 8);
++ uint32_t cu_index = byte_get_little_endian (address_table + i + 20 + 16, 4);
+
+ print_dwarf_vma (low, 8);
+ print_dwarf_vma (high, 8);
diff --git a/meta/recipes-devtools/binutils/binutils/0031-CVE-2022-45703-2.patch b/meta/recipes-devtools/binutils/binutils/0031-CVE-2022-45703-2.patch
new file mode 100644
index 0000000000..1fac9739dd
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0031-CVE-2022-45703-2.patch
@@ -0,0 +1,31 @@
+From 69bfd1759db41c8d369f9dcc98a135c5a5d97299 Mon Sep 17 00:00:00 2001
+From: Alan Modra <amodra@gmail.com>
+Date: Fri, 18 Nov 2022 11:29:13 +1030
+Subject: [PATCH] PR29799 heap buffer overflow in display_gdb_index
+ dwarf.c:10548
+
+ PR 29799
+ * dwarf.c (display_gdb_index): Typo fix.
+Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=blobdiff_plain;f=binutils/dwarf.c;h=4bba8dfb81a6df49f5e61b3fae99dd545cc5c7dd;hp=7730293326ac1049451eb4a037ac86d827030700;hb=69bfd1759db41c8d369f9dcc98a135c5a5d97299;hpb=7828dfa93b210b6bbc6596e6e096cc150a9f8aa4]
+
+CVE: CVE-2022-45703
+
+Signed-off-by: yash shinde <yash.shinde@windriver.com>
+
+---
+ binutils/dwarf.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/binutils/dwarf.c b/binutils/dwarf.c
+index 7730293326a..4bba8dfb81a 100644
+--- a/binutils/dwarf.c
++++ b/binutils/dwarf.c
+@@ -10562,7 +10562,7 @@ display_gdb_index (struct dwarf_section
+ {
+ uint64_t low = byte_get_little_endian (address_table + i * 20, 8);
+ uint64_t high = byte_get_little_endian (address_table + i * 20 + 8, 8);
+- uint32_t cu_index = byte_get_little_endian (address_table + i + 20 + 16, 4);
++ uint32_t cu_index = byte_get_little_endian (address_table + i * 20 + 16, 4);
+
+ print_dwarf_vma (low, 8);
+ print_dwarf_vma (high, 8);
--
2.34.1
^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 05/13] vim: Upgrade 9.0.1894 -> 9.0.2009
2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman
` (3 preceding siblings ...)
2023-10-14 21:44 ` [OE-core][kirkstone 04/13] binutils: Fix CVE-2022-45703 Steve Sakoman
@ 2023-10-14 21:44 ` Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 06/13] python3-urllib3: upgrade 1.26.9 -> 1.26.10 Steve Sakoman
` (7 subsequent siblings)
12 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw)
To: openembedded-core
From: Siddharth Doshi <sdoshi@mvista.com>
This includes CVE fix for CVE-2023-5441.
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-support/vim/vim.inc | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc
index 5f55f590e6..5e06866692 100644
--- a/meta/recipes-support/vim/vim.inc
+++ b/meta/recipes-support/vim/vim.inc
@@ -19,8 +19,8 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \
file://no-path-adjust.patch \
"
-PV .= ".1894"
-SRCREV = "e5f7cd0a60d0eeab84f7aeb35c13d3af7e50072e"
+PV .= ".2009"
+SRCREV = "54844857fd6933fa4f6678e47610c4b9c9f7a091"
# Do not consider .z in x.y.z, as that is updated with every commit
UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+\.\d+)\.0"
--
2.34.1
^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 06/13] python3-urllib3: upgrade 1.26.9 -> 1.26.10
2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman
` (4 preceding siblings ...)
2023-10-14 21:44 ` [OE-core][kirkstone 05/13] vim: Upgrade 9.0.1894 -> 9.0.2009 Steve Sakoman
@ 2023-10-14 21:44 ` Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 07/13] python3-urllib3: upgrade 1.26.10 -> 1.26.11 Steve Sakoman
` (6 subsequent siblings)
12 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw)
To: openembedded-core
From: wangmy <wangmy@fujitsu.com>
Add dependence python3-logging.
Changelog:
=========
* Removed support for Python 3.5
* Fixed an issue where a "ProxyError" recommending configuring the proxy as HTTP
instead of HTTPS could appear even when an HTTPS proxy wasn't configured.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a8a26a92dfe367472daf086a33a1b30ff6d17540)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../{python3-urllib3_1.26.9.bb => python3-urllib3_1.26.10.bb} | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
rename meta/recipes-devtools/python/{python3-urllib3_1.26.9.bb => python3-urllib3_1.26.10.bb} (82%)
diff --git a/meta/recipes-devtools/python/python3-urllib3_1.26.9.bb b/meta/recipes-devtools/python/python3-urllib3_1.26.10.bb
similarity index 82%
rename from meta/recipes-devtools/python/python3-urllib3_1.26.9.bb
rename to meta/recipes-devtools/python/python3-urllib3_1.26.10.bb
index 95ae4a54a4..a8e2073d71 100644
--- a/meta/recipes-devtools/python/python3-urllib3_1.26.9.bb
+++ b/meta/recipes-devtools/python/python3-urllib3_1.26.10.bb
@@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/shazow/urllib3"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=c2823cb995439c984fd62a973d79815c"
-SRC_URI[sha256sum] = "aabaf16477806a5e1dd19aa41f8c2b7950dd3c746362d7e3223dbe6de6ac448e"
+SRC_URI[sha256sum] = "879ba4d1e89654d9769ce13121e0f94310ea32e8d2f8cf587b77c08bbcdb30d6"
inherit pypi setuptools3
@@ -15,6 +15,7 @@ RDEPENDS:${PN} += "\
${PYTHON_PN}-netclient \
${PYTHON_PN}-pyopenssl \
${PYTHON_PN}-threading \
+ ${PYTHON_PN}-logging \
"
CVE_PRODUCT = "urllib3"
--
2.34.1
^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 07/13] python3-urllib3: upgrade 1.26.10 -> 1.26.11
2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman
` (5 preceding siblings ...)
2023-10-14 21:44 ` [OE-core][kirkstone 06/13] python3-urllib3: upgrade 1.26.9 -> 1.26.10 Steve Sakoman
@ 2023-10-14 21:44 ` Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 08/13] python3-urllib3: upgrade 1.26.11 -> 1.26.12 Steve Sakoman
` (5 subsequent siblings)
12 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw)
To: openembedded-core
From: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit dbe07ff87e2cb1a8276e69a43c7cdbb9ae6e5493)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../{python3-urllib3_1.26.10.bb => python3-urllib3_1.26.11.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-devtools/python/{python3-urllib3_1.26.10.bb => python3-urllib3_1.26.11.bb} (86%)
diff --git a/meta/recipes-devtools/python/python3-urllib3_1.26.10.bb b/meta/recipes-devtools/python/python3-urllib3_1.26.11.bb
similarity index 86%
rename from meta/recipes-devtools/python/python3-urllib3_1.26.10.bb
rename to meta/recipes-devtools/python/python3-urllib3_1.26.11.bb
index a8e2073d71..a8d47de0f4 100644
--- a/meta/recipes-devtools/python/python3-urllib3_1.26.10.bb
+++ b/meta/recipes-devtools/python/python3-urllib3_1.26.11.bb
@@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/shazow/urllib3"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=c2823cb995439c984fd62a973d79815c"
-SRC_URI[sha256sum] = "879ba4d1e89654d9769ce13121e0f94310ea32e8d2f8cf587b77c08bbcdb30d6"
+SRC_URI[sha256sum] = "ea6e8fb210b19d950fab93b60c9009226c63a28808bc8386e05301e25883ac0a"
inherit pypi setuptools3
--
2.34.1
^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 08/13] python3-urllib3: upgrade 1.26.11 -> 1.26.12
2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman
` (6 preceding siblings ...)
2023-10-14 21:44 ` [OE-core][kirkstone 07/13] python3-urllib3: upgrade 1.26.10 -> 1.26.11 Steve Sakoman
@ 2023-10-14 21:44 ` Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 09/13] python3-urllib3: upgrade 1.26.12 -> 1.26.13 Steve Sakoman
` (4 subsequent siblings)
12 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw)
To: openembedded-core
From: wangmy <wangmy@fujitsu.com>
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit cb05578af3ace6e3983f93e16d9ad1ac2a65fbe2)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../{python3-urllib3_1.26.11.bb => python3-urllib3_1.26.12.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-devtools/python/{python3-urllib3_1.26.11.bb => python3-urllib3_1.26.12.bb} (86%)
diff --git a/meta/recipes-devtools/python/python3-urllib3_1.26.11.bb b/meta/recipes-devtools/python/python3-urllib3_1.26.12.bb
similarity index 86%
rename from meta/recipes-devtools/python/python3-urllib3_1.26.11.bb
rename to meta/recipes-devtools/python/python3-urllib3_1.26.12.bb
index a8d47de0f4..1cd69bcb10 100644
--- a/meta/recipes-devtools/python/python3-urllib3_1.26.11.bb
+++ b/meta/recipes-devtools/python/python3-urllib3_1.26.12.bb
@@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/shazow/urllib3"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=c2823cb995439c984fd62a973d79815c"
-SRC_URI[sha256sum] = "ea6e8fb210b19d950fab93b60c9009226c63a28808bc8386e05301e25883ac0a"
+SRC_URI[sha256sum] = "3fa96cf423e6987997fc326ae8df396db2a8b7c667747d47ddd8ecba91f4a74e"
inherit pypi setuptools3
--
2.34.1
^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 09/13] python3-urllib3: upgrade 1.26.12 -> 1.26.13
2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman
` (7 preceding siblings ...)
2023-10-14 21:44 ` [OE-core][kirkstone 08/13] python3-urllib3: upgrade 1.26.11 -> 1.26.12 Steve Sakoman
@ 2023-10-14 21:44 ` Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 10/13] python3-urllib3: upgrade 1.26.13 -> 1.26.14 Steve Sakoman
` (3 subsequent siblings)
12 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw)
To: openembedded-core
From: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b18552f69a2eb8900981a10ba386dc4f862b29c3)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../{python3-urllib3_1.26.12.bb => python3-urllib3_1.26.13.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-devtools/python/{python3-urllib3_1.26.12.bb => python3-urllib3_1.26.13.bb} (86%)
diff --git a/meta/recipes-devtools/python/python3-urllib3_1.26.12.bb b/meta/recipes-devtools/python/python3-urllib3_1.26.13.bb
similarity index 86%
rename from meta/recipes-devtools/python/python3-urllib3_1.26.12.bb
rename to meta/recipes-devtools/python/python3-urllib3_1.26.13.bb
index 1cd69bcb10..7af95117cf 100644
--- a/meta/recipes-devtools/python/python3-urllib3_1.26.12.bb
+++ b/meta/recipes-devtools/python/python3-urllib3_1.26.13.bb
@@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/shazow/urllib3"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=c2823cb995439c984fd62a973d79815c"
-SRC_URI[sha256sum] = "3fa96cf423e6987997fc326ae8df396db2a8b7c667747d47ddd8ecba91f4a74e"
+SRC_URI[sha256sum] = "c083dd0dce68dbfbe1129d5271cb90f9447dea7d52097c6e0126120c521ddea8"
inherit pypi setuptools3
--
2.34.1
^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 10/13] python3-urllib3: upgrade 1.26.13 -> 1.26.14
2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman
` (8 preceding siblings ...)
2023-10-14 21:44 ` [OE-core][kirkstone 09/13] python3-urllib3: upgrade 1.26.12 -> 1.26.13 Steve Sakoman
@ 2023-10-14 21:44 ` Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 11/13] python3-urllib3: upgrade 1.26.14 -> 1.26.15 Steve Sakoman
` (2 subsequent siblings)
12 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw)
To: openembedded-core
From: Tim Orling <ticotimo@gmail.com>
https://github.com/urllib3/urllib3/blob/1.26.14/CHANGES.rst#12614-2023-01-11
1.26.14 (2023-01-11)
Fixed parsing of port 0 (zero) returning None, instead of 0. (#2850)
Removed deprecated getheaders() calls in contrib module.
Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 55ab1bf20e6893088acb6460e9004dac8e205559)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../{python3-urllib3_1.26.13.bb => python3-urllib3_1.26.14.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-devtools/python/{python3-urllib3_1.26.13.bb => python3-urllib3_1.26.14.bb} (86%)
diff --git a/meta/recipes-devtools/python/python3-urllib3_1.26.13.bb b/meta/recipes-devtools/python/python3-urllib3_1.26.14.bb
similarity index 86%
rename from meta/recipes-devtools/python/python3-urllib3_1.26.13.bb
rename to meta/recipes-devtools/python/python3-urllib3_1.26.14.bb
index 7af95117cf..f35a141df2 100644
--- a/meta/recipes-devtools/python/python3-urllib3_1.26.13.bb
+++ b/meta/recipes-devtools/python/python3-urllib3_1.26.14.bb
@@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/shazow/urllib3"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=c2823cb995439c984fd62a973d79815c"
-SRC_URI[sha256sum] = "c083dd0dce68dbfbe1129d5271cb90f9447dea7d52097c6e0126120c521ddea8"
+SRC_URI[sha256sum] = "076907bf8fd355cde77728471316625a4d2f7e713c125f51953bb5b3eecf4f72"
inherit pypi setuptools3
--
2.34.1
^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 11/13] python3-urllib3: upgrade 1.26.14 -> 1.26.15
2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman
` (9 preceding siblings ...)
2023-10-14 21:44 ` [OE-core][kirkstone 10/13] python3-urllib3: upgrade 1.26.13 -> 1.26.14 Steve Sakoman
@ 2023-10-14 21:44 ` Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 12/13] python3-urllib3: 1.26.15 -> 1.26.17 Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 13/13] apt: add missing <cstdint> for uint16_t Steve Sakoman
12 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw)
To: openembedded-core
From: Wang Mingyu <wangmy@fujitsu.com>
Changelog:
==========
* Fix socket timeout value when "HTTPConnection" is reused ('#2645 <https://github.com/urllib3/urllib3/issues/2645>'__)
* Remove "!" character from the unreserved characters in IPv6 Zone ID parsing
('#2899 <https://github.com/urllib3/urllib3/issues/2899>'__)
* Fix IDNA handling of '\x80' byte ('#2901 <https://github.com/urllib3/urllib3/issues/2901>'__)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8e062efbac29a81831c3060bcae601dc533d65dd)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../{python3-urllib3_1.26.14.bb => python3-urllib3_1.26.15.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-devtools/python/{python3-urllib3_1.26.14.bb => python3-urllib3_1.26.15.bb} (86%)
diff --git a/meta/recipes-devtools/python/python3-urllib3_1.26.14.bb b/meta/recipes-devtools/python/python3-urllib3_1.26.15.bb
similarity index 86%
rename from meta/recipes-devtools/python/python3-urllib3_1.26.14.bb
rename to meta/recipes-devtools/python/python3-urllib3_1.26.15.bb
index f35a141df2..d2de7c4c02 100644
--- a/meta/recipes-devtools/python/python3-urllib3_1.26.14.bb
+++ b/meta/recipes-devtools/python/python3-urllib3_1.26.15.bb
@@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/shazow/urllib3"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=c2823cb995439c984fd62a973d79815c"
-SRC_URI[sha256sum] = "076907bf8fd355cde77728471316625a4d2f7e713c125f51953bb5b3eecf4f72"
+SRC_URI[sha256sum] = "8a388717b9476f934a21484e8c8e61875ab60644d29b9b39e11e4b9dc1c6b305"
inherit pypi setuptools3
--
2.34.1
^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 12/13] python3-urllib3: 1.26.15 -> 1.26.17
2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman
` (10 preceding siblings ...)
2023-10-14 21:44 ` [OE-core][kirkstone 11/13] python3-urllib3: upgrade 1.26.14 -> 1.26.15 Steve Sakoman
@ 2023-10-14 21:44 ` Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 13/13] apt: add missing <cstdint> for uint16_t Steve Sakoman
12 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw)
To: openembedded-core
From: Lee Chee Yang <chee.yang.lee@intel.com>
1.26.17 (2023-10-02)
Added the Cookie header to the list of headers to strip from requests
when redirecting to a different host. As before, different headers can
be set via Retry.remove_headers_on_redirect. (CVE-2023-43804)
1.26.16 (2023-05-23)
Fixed thread-safety issue where accessing a PoolManager with many
distinct origins would cause connection pools to be closed while
requests are in progress (#2954)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../{python3-urllib3_1.26.15.bb => python3-urllib3_1.26.17.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-devtools/python/{python3-urllib3_1.26.15.bb => python3-urllib3_1.26.17.bb} (86%)
diff --git a/meta/recipes-devtools/python/python3-urllib3_1.26.15.bb b/meta/recipes-devtools/python/python3-urllib3_1.26.17.bb
similarity index 86%
rename from meta/recipes-devtools/python/python3-urllib3_1.26.15.bb
rename to meta/recipes-devtools/python/python3-urllib3_1.26.17.bb
index d2de7c4c02..57b166870a 100644
--- a/meta/recipes-devtools/python/python3-urllib3_1.26.15.bb
+++ b/meta/recipes-devtools/python/python3-urllib3_1.26.17.bb
@@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/shazow/urllib3"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=c2823cb995439c984fd62a973d79815c"
-SRC_URI[sha256sum] = "8a388717b9476f934a21484e8c8e61875ab60644d29b9b39e11e4b9dc1c6b305"
+SRC_URI[sha256sum] = "24d6a242c28d29af46c3fae832c36db3bbebcc533dd1bb549172cd739c82df21"
inherit pypi setuptools3
--
2.34.1
^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 13/13] apt: add missing <cstdint> for uint16_t
2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman
` (11 preceding siblings ...)
2023-10-14 21:44 ` [OE-core][kirkstone 12/13] python3-urllib3: 1.26.15 -> 1.26.17 Steve Sakoman
@ 2023-10-14 21:44 ` Steve Sakoman
12 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw)
To: openembedded-core
From: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8c46ded67df2d830c8bbf5f7b82d75db81d797e2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
...001-add-missing-cstdint-for-uint16_t.patch | 35 +++++++++++++++++++
meta/recipes-devtools/apt/apt_2.4.5.bb | 1 +
2 files changed, 36 insertions(+)
create mode 100644 meta/recipes-devtools/apt/apt/0001-add-missing-cstdint-for-uint16_t.patch
diff --git a/meta/recipes-devtools/apt/apt/0001-add-missing-cstdint-for-uint16_t.patch b/meta/recipes-devtools/apt/apt/0001-add-missing-cstdint-for-uint16_t.patch
new file mode 100644
index 0000000000..44aa8a5873
--- /dev/null
+++ b/meta/recipes-devtools/apt/apt/0001-add-missing-cstdint-for-uint16_t.patch
@@ -0,0 +1,35 @@
+From 960d10e89cf60d39998dae6fdcd4f0866b753a79 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Mon, 23 Jan 2023 12:31:35 -0800
+Subject: [PATCH] add missing <cstdint> for uint16_t
+
+This fixes build problems with gcc 13 snapshot [1]
+
+Fixes
+| include/apt-pkg/pkgcache.h:257:23: warning: cast from 'char*' to 'const uint16_t*' {aka 'const short unsigned int*'} increases required alignment of target type [-Wcast-align]
+| 257 | uint16_t len = *reinterpret_cast<const uint16_t*>(name - sizeof(uint16_t));
+| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+[1] https://www.gnu.org/software/gcc/gcc-13/porting_to.html
+
+Upstream-Status: Submitted [https://salsa.debian.org/apt-team/apt/-/merge_requests/276]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ apt-pkg/contrib/mmap.cc | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/apt-pkg/contrib/mmap.cc b/apt-pkg/contrib/mmap.cc
+index 642e20473..0568e1cd0 100644
+--- a/apt-pkg/contrib/mmap.cc
++++ b/apt-pkg/contrib/mmap.cc
+@@ -23,6 +23,7 @@
+ #include <apt-pkg/macros.h>
+ #include <apt-pkg/mmap.h>
+
++#include <cstdint>
+ #include <cstring>
+ #include <string>
+ #include <errno.h>
+--
+2.39.1
+
diff --git a/meta/recipes-devtools/apt/apt_2.4.5.bb b/meta/recipes-devtools/apt/apt_2.4.5.bb
index 9ebcdfd527..9ceabcc186 100644
--- a/meta/recipes-devtools/apt/apt_2.4.5.bb
+++ b/meta/recipes-devtools/apt/apt_2.4.5.bb
@@ -13,6 +13,7 @@ SRC_URI = "${DEBIAN_MIRROR}/main/a/apt/${BPN}_${PV}.tar.xz \
file://0001-cmake-Do-not-build-po-files.patch \
file://0001-Hide-fstatat64-and-prlimit64-defines-on-musl.patch \
file://0001-aptwebserver.cc-Include-array.patch \
+ file://0001-add-missing-cstdint-for-uint16_t.patch \
"
SRC_URI:append:class-native = " \
--
2.34.1
^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 00/13] Patch review
@ 2025-01-07 13:31 Steve Sakoman
0 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2025-01-07 13:31 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kirkstone and have comments back by
end of day Thursday, January 9
Passed a-full on autobuilder:
https://valkyrie.yoctoproject.org/#/builders/29/builds/751
The following changes since commit a20b02fdfe64c005f7587a1d9077bdc282f7b6b1:
base-passwd: Add the sgx group (2024-12-18 07:06:28 -0800)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Archana Polampalli (3):
ffmpeg: fix CVE-2024-35366
ffmpeg: fix CVE-2024-35367
ffmpeg: fix CVE-2024-35368
Mikko Rapeli (1):
ovmf-native: remove .pyc files from install
Peter Marko (6):
ghostscript: ignore CVE-2024-46954
tiff: ignore CVE-2023-2731
tiff: patch CVE-2023-3164
gstreame1.0: ignore CVEs from gstreamer1.0-plugins-bad
xwayland: patch CVE-2023-5380 CVE-2024-0229
python3: upgrade 3.10.15 -> 3.10.16
Rohini Sangam (1):
webkitgtk: Security fix for CVE-2024-40776 and CVE-2024-40780
Vijay Anusuri (1):
libsndfile1: Backport fix for CVE-2022-33065
aszh07 (1):
libarchive: Fix CVE-2024-20696
meta/recipes-core/ovmf/ovmf_git.bb | 1 +
...-search-system-for-headers-libraries.patch | 2 +-
...{python3_3.10.15.bb => python3_3.10.16.bb} | 2 +-
.../ghostscript/ghostscript_9.55.0.bb | 2 +-
.../libarchive/CVE-2024-20696.patch | 114 +++++++++
.../libarchive/libarchive_3.6.2.bb | 1 +
.../xwayland/xwayland/CVE-2023-5380.patch | 103 ++++++++
.../xwayland/xwayland/CVE-2024-0229-1.patch | 88 +++++++
.../xwayland/xwayland/CVE-2024-0229-2.patch | 222 +++++++++++++++++
.../xwayland/xwayland/CVE-2024-0229-3.patch | 42 ++++
.../xwayland/xwayland/CVE-2024-0229-4.patch | 46 ++++
.../xwayland/xwayland_22.1.8.bb | 5 +
.../ffmpeg/ffmpeg/CVE-2024-35366.patch | 37 +++
.../ffmpeg/ffmpeg/CVE-2024-35367.patch | 47 ++++
.../ffmpeg/ffmpeg/CVE-2024-35368.patch | 41 ++++
.../recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb | 3 +
.../gstreamer/gstreamer1.0_1.20.7.bb | 4 +-
...022-33065.patch => CVE-2022-33065-1.patch} | 0
.../libsndfile1/CVE-2022-33065-10.patch | 39 +++
.../libsndfile1/CVE-2022-33065-11.patch | 35 +++
.../libsndfile1/CVE-2022-33065-12.patch | 40 +++
.../libsndfile1/CVE-2022-33065-13.patch | 58 +++++
.../libsndfile1/CVE-2022-33065-2.patch | 58 +++++
.../libsndfile1/CVE-2022-33065-3.patch | 34 +++
.../libsndfile1/CVE-2022-33065-4.patch | 60 +++++
.../libsndfile1/CVE-2022-33065-5.patch | 39 +++
.../libsndfile1/CVE-2022-33065-6.patch | 82 +++++++
.../libsndfile1/CVE-2022-33065-7.patch | 48 ++++
.../libsndfile1/CVE-2022-33065-8.patch | 179 ++++++++++++++
.../libsndfile1/CVE-2022-33065-9.patch | 231 ++++++++++++++++++
.../libsndfile/libsndfile1_1.0.31.bb | 14 +-
.../libtiff/tiff/CVE-2023-3164.patch | 114 +++++++++
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 5 +-
.../webkit/webkitgtk/CVE-2024-40776.patch | 141 +++++++++++
.../webkit/webkitgtk/CVE-2024-40780.patch | 94 +++++++
meta/recipes-sato/webkit/webkitgtk_2.36.8.bb | 2 +
36 files changed, 2025 insertions(+), 8 deletions(-)
rename meta/recipes-devtools/python/{python3_3.10.15.bb => python3_3.10.16.bb} (99%)
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2024-20696.patch
create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2023-5380.patch
create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2024-0229-1.patch
create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2024-0229-2.patch
create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2024-0229-3.patch
create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2024-0229-4.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35366.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35367.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35368.patch
rename meta/recipes-multimedia/libsndfile/libsndfile1/{CVE-2022-33065.patch => CVE-2022-33065-1.patch} (100%)
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-10.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-11.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-12.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-13.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-2.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-3.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-4.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-5.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-6.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-7.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-8.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-9.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-3164.patch
create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2024-40776.patch
create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2024-40780.patch
--
2.43.0
^ permalink raw reply [flat|nested] 21+ messages in thread
end of thread, other threads:[~2025-01-07 13:31 UTC | newest]
Thread overview: 21+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 01/13] libtiff: fix CVE-2022-40090 improved IFD-Loop handling Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 02/13] xdg-utils: Fix CVE-2022-4055 Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 03/13] binutils: Fix CVE-2022-44840 Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 04/13] binutils: Fix CVE-2022-45703 Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 05/13] vim: Upgrade 9.0.1894 -> 9.0.2009 Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 06/13] python3-urllib3: upgrade 1.26.9 -> 1.26.10 Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 07/13] python3-urllib3: upgrade 1.26.10 -> 1.26.11 Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 08/13] python3-urllib3: upgrade 1.26.11 -> 1.26.12 Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 09/13] python3-urllib3: upgrade 1.26.12 -> 1.26.13 Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 10/13] python3-urllib3: upgrade 1.26.13 -> 1.26.14 Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 11/13] python3-urllib3: upgrade 1.26.14 -> 1.26.15 Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 12/13] python3-urllib3: 1.26.15 -> 1.26.17 Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 13/13] apt: add missing <cstdint> for uint16_t Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2025-01-07 13:31 [OE-core][kirkstone 00/13] Patch review Steve Sakoman
2023-05-31 2:34 Steve Sakoman
2023-04-29 17:20 Steve Sakoman
2023-02-01 22:15 Steve Sakoman
2022-10-17 23:08 Steve Sakoman
2022-06-21 23:27 Steve Sakoman
2022-06-06 14:38 Steve Sakoman
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox