* [OE-core][kirkstone 00/13] Patch review
@ 2023-10-14 21:44 Steve Sakoman
2023-10-14 21:44 ` [OE-core][kirkstone 01/13] libtiff: fix CVE-2022-40090 improved IFD-Loop handling Steve Sakoman
` (12 more replies)
0 siblings, 13 replies; 21+ messages in thread
From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kikrstone and have comments back by
end of day Tuesday, October 17
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6044
The following changes since commit bca43f95850d395f9dc56644fa1d12910cabb0c5:
glibc: Update to latest on stable 2.35 branch (2023-10-06 12:03:30 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Alexander Kanavin (2):
python3-urllib3: upgrade 1.26.10 -> 1.26.11
python3-urllib3: upgrade 1.26.12 -> 1.26.13
Hitendra Prajapati (2):
libtiff: fix CVE-2022-40090 improved IFD-Loop handling
xdg-utils: Fix CVE-2022-4055
Khem Raj (1):
apt: add missing <cstdint> for uint16_t
Lee Chee Yang (1):
python3-urllib3: 1.26.15 -> 1.26.17
Siddharth Doshi (1):
vim: Upgrade 9.0.1894 -> 9.0.2009
Tim Orling (1):
python3-urllib3: upgrade 1.26.13 -> 1.26.14
Wang Mingyu (1):
python3-urllib3: upgrade 1.26.14 -> 1.26.15
Yash Shinde (2):
binutils: Fix CVE-2022-44840
binutils: Fix CVE-2022-45703
wangmy (2):
python3-urllib3: upgrade 1.26.9 -> 1.26.10
python3-urllib3: upgrade 1.26.11 -> 1.26.12
...001-add-missing-cstdint-for-uint16_t.patch | 35 ++
meta/recipes-devtools/apt/apt_2.4.5.bb | 1 +
.../binutils/binutils-2.38.inc | 3 +
.../binutils/0030-CVE-2022-44840.patch | 151 +++++
.../binutils/0031-CVE-2022-45703-1.patch | 147 +++++
.../binutils/0031-CVE-2022-45703-2.patch | 31 +
...3_1.26.9.bb => python3-urllib3_1.26.17.bb} | 3 +-
.../xdg-utils/xdg-utils/CVE-2022-4055.patch | 165 +++++
.../xdg-utils/xdg-utils_1.1.3.bb | 1 +
.../libtiff/tiff/CVE-2022-40090.patch | 569 ++++++++++++++++++
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 1 +
meta/recipes-support/vim/vim.inc | 4 +-
12 files changed, 1108 insertions(+), 3 deletions(-)
create mode 100644 meta/recipes-devtools/apt/apt/0001-add-missing-cstdint-for-uint16_t.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0030-CVE-2022-44840.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0031-CVE-2022-45703-1.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0031-CVE-2022-45703-2.patch
rename meta/recipes-devtools/python/{python3-urllib3_1.26.9.bb => python3-urllib3_1.26.17.bb} (82%)
create mode 100644 meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2022-40090.patch
--
2.34.1
^ permalink raw reply [flat|nested] 21+ messages in thread* [OE-core][kirkstone 01/13] libtiff: fix CVE-2022-40090 improved IFD-Loop handling 2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman @ 2023-10-14 21:44 ` Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 02/13] xdg-utils: Fix CVE-2022-4055 Steve Sakoman ` (11 subsequent siblings) 12 siblings, 0 replies; 21+ messages in thread From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw) To: openembedded-core From: Hitendra Prajapati <hprajapati@mvista.com> Upstream-Status: Backport from https://gitlab.com/libtiff/libtiff/-/commit/c7caec9a4d8f24c17e667480d2c7d0d51c9fae41 Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> --- .../libtiff/tiff/CVE-2022-40090.patch | 569 ++++++++++++++++++ meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 1 + 2 files changed, 570 insertions(+) create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2022-40090.patch diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2022-40090.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2022-40090.patch new file mode 100644 index 0000000000..fe48dc6028 --- /dev/null +++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2022-40090.patch @@ -0,0 +1,569 @@ +From c7caec9a4d8f24c17e667480d2c7d0d51c9fae41 Mon Sep 17 00:00:00 2001 +From: Su Laus <sulau@freenet.de> +Date: Thu, 6 Oct 2022 10:11:05 +0000 +Subject: [PATCH] Improved IFD-Loop Handling (fixes #455) + +IFD infinite looping was not fixed by MR 20 (see #455). +An improved IFD loop handling is proposed. + +Basic approach: + +- The order in the entire chain must be checked, and not only whether an offset has already been read once. +- To do this, pairs of directory number and offset are stored and checked. +- The offset of a directory number can change. +- TIFFAdvanceDirectory() must also perform an IFD loop check. +- TIFFCheckDirOffset() is replaced by _TIFFCheckDirNumberAndOffset(). + +Rules for the check: + +- If an offset is already in the list, it must have the same IFD number. Otherwise it is an IDF loop. +- If the offset is not in the list and the IFD number is greater than there are list entries, a new list entry is added. +- Otherwise, the offset of the IFD number is updated. + +Reference is also made to old bugzilla bug 2772 and MR 20, which did not solve the general issue. +This MR closes #455 + +Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/c7caec9a4d8f24c17e667480d2c7d0d51c9fae41] +CVE: CVE-2022-40090 +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> +--- + libtiff/tif_close.c | 6 +- + libtiff/tif_dir.c | 129 +++++++++++++++++++++++++----------- + libtiff/tif_dir.h | 2 + + libtiff/tif_dirread.c | 147 +++++++++++++++++++++++++++++++++--------- + libtiff/tif_open.c | 3 +- + libtiff/tiffiop.h | 3 +- + 6 files changed, 219 insertions(+), 71 deletions(-) + +diff --git a/libtiff/tif_close.c b/libtiff/tif_close.c +index 0fe7af4..2fe2bde 100644 +--- a/libtiff/tif_close.c ++++ b/libtiff/tif_close.c +@@ -52,8 +52,10 @@ TIFFCleanup(TIFF* tif) + (*tif->tif_cleanup)(tif); + TIFFFreeDirectory(tif); + +- if (tif->tif_dirlist) +- _TIFFfree(tif->tif_dirlist); ++ if (tif->tif_dirlistoff) ++ _TIFFfree(tif->tif_dirlistoff); ++ if (tif->tif_dirlistdirn) ++ _TIFFfree(tif->tif_dirlistdirn); + + /* + * Clean up client info links. +diff --git a/libtiff/tif_dir.c b/libtiff/tif_dir.c +index 1402c8e..6d4bf58 100644 +--- a/libtiff/tif_dir.c ++++ b/libtiff/tif_dir.c +@@ -1511,12 +1511,22 @@ TIFFDefaultDirectory(TIFF* tif) + } + + static int +-TIFFAdvanceDirectory(TIFF* tif, uint64_t* nextdir, uint64_t* off) ++TIFFAdvanceDirectory(TIFF* tif, uint64_t* nextdiroff, uint64_t* off, uint16_t* nextdirnum) + { + static const char module[] = "TIFFAdvanceDirectory"; ++ ++ /* Add this directory to the directory list, if not already in. */ ++ if (!_TIFFCheckDirNumberAndOffset(tif, *nextdirnum, *nextdiroff)) { ++ TIFFErrorExt(tif->tif_clientdata, module, "Starting directory %"PRIu16" at offset 0x%"PRIx64" (%"PRIu64") might cause an IFD loop", ++ *nextdirnum, *nextdiroff, *nextdiroff); ++ *nextdiroff = 0; ++ *nextdirnum = 0; ++ return(0); ++ } ++ + if (isMapped(tif)) + { +- uint64_t poff=*nextdir; ++ uint64_t poff=*nextdiroff; + if (!(tif->tif_flags&TIFF_BIGTIFF)) + { + tmsize_t poffa,poffb,poffc,poffd; +@@ -1527,7 +1537,7 @@ TIFFAdvanceDirectory(TIFF* tif, uint64_t* nextdir, uint64_t* off) + if (((uint64_t)poffa != poff) || (poffb < poffa) || (poffb < (tmsize_t)sizeof(uint16_t)) || (poffb > tif->tif_size)) + { + TIFFErrorExt(tif->tif_clientdata,module,"Error fetching directory count"); +- *nextdir=0; ++ *nextdiroff=0; + return(0); + } + _TIFFmemcpy(&dircount,tif->tif_base+poffa,sizeof(uint16_t)); +@@ -1545,7 +1555,7 @@ TIFFAdvanceDirectory(TIFF* tif, uint64_t* nextdir, uint64_t* off) + _TIFFmemcpy(&nextdir32,tif->tif_base+poffc,sizeof(uint32_t)); + if (tif->tif_flags&TIFF_SWAB) + TIFFSwabLong(&nextdir32); +- *nextdir=nextdir32; ++ *nextdiroff=nextdir32; + } + else + { +@@ -1577,11 +1587,10 @@ TIFFAdvanceDirectory(TIFF* tif, uint64_t* nextdir, uint64_t* off) + } + if (off!=NULL) + *off=(uint64_t)poffc; +- _TIFFmemcpy(nextdir,tif->tif_base+poffc,sizeof(uint64_t)); ++ _TIFFmemcpy(nextdiroff,tif->tif_base+poffc,sizeof(uint64_t)); + if (tif->tif_flags&TIFF_SWAB) +- TIFFSwabLong8(nextdir); ++ TIFFSwabLong8(nextdiroff); + } +- return(1); + } + else + { +@@ -1589,7 +1598,7 @@ TIFFAdvanceDirectory(TIFF* tif, uint64_t* nextdir, uint64_t* off) + { + uint16_t dircount; + uint32_t nextdir32; +- if (!SeekOK(tif, *nextdir) || ++ if (!SeekOK(tif, *nextdiroff) || + !ReadOK(tif, &dircount, sizeof (uint16_t))) { + TIFFErrorExt(tif->tif_clientdata, module, "%s: Error fetching directory count", + tif->tif_name); +@@ -1610,13 +1619,13 @@ TIFFAdvanceDirectory(TIFF* tif, uint64_t* nextdir, uint64_t* off) + } + if (tif->tif_flags & TIFF_SWAB) + TIFFSwabLong(&nextdir32); +- *nextdir=nextdir32; ++ *nextdiroff=nextdir32; + } + else + { + uint64_t dircount64; + uint16_t dircount16; +- if (!SeekOK(tif, *nextdir) || ++ if (!SeekOK(tif, *nextdiroff) || + !ReadOK(tif, &dircount64, sizeof (uint64_t))) { + TIFFErrorExt(tif->tif_clientdata, module, "%s: Error fetching directory count", + tif->tif_name); +@@ -1636,17 +1645,27 @@ TIFFAdvanceDirectory(TIFF* tif, uint64_t* nextdir, uint64_t* off) + else + (void) TIFFSeekFile(tif, + dircount16*20, SEEK_CUR); +- if (!ReadOK(tif, nextdir, sizeof (uint64_t))) { ++ if (!ReadOK(tif, nextdiroff, sizeof (uint64_t))) { + TIFFErrorExt(tif->tif_clientdata, module, + "%s: Error fetching directory link", + tif->tif_name); + return (0); + } + if (tif->tif_flags & TIFF_SWAB) +- TIFFSwabLong8(nextdir); ++ TIFFSwabLong8(nextdiroff); + } +- return (1); + } ++ if (*nextdiroff != 0) { ++ (*nextdirnum)++; ++ /* Check next directory for IFD looping and if so, set it as last directory. */ ++ if (!_TIFFCheckDirNumberAndOffset(tif, *nextdirnum, *nextdiroff)) { ++ TIFFWarningExt(tif->tif_clientdata, module, "the next directory %"PRIu16" at offset 0x%"PRIx64" (%"PRIu64") might be an IFD loop. Treating directory %"PRIu16" as last directory", ++ *nextdirnum, *nextdiroff, *nextdiroff, *nextdirnum-1); ++ *nextdiroff = 0; ++ (*nextdirnum)--; ++ } ++ } ++ return (1); + } + + /* +@@ -1656,14 +1675,16 @@ uint16_t + TIFFNumberOfDirectories(TIFF* tif) + { + static const char module[] = "TIFFNumberOfDirectories"; +- uint64_t nextdir; ++ uint64_t nextdiroff; ++ uint16_t nextdirnum; + uint16_t n; + if (!(tif->tif_flags&TIFF_BIGTIFF)) +- nextdir = tif->tif_header.classic.tiff_diroff; ++ nextdiroff = tif->tif_header.classic.tiff_diroff; + else +- nextdir = tif->tif_header.big.tiff_diroff; ++ nextdiroff = tif->tif_header.big.tiff_diroff; ++ nextdirnum = 0; + n = 0; +- while (nextdir != 0 && TIFFAdvanceDirectory(tif, &nextdir, NULL)) ++ while (nextdiroff != 0 && TIFFAdvanceDirectory(tif, &nextdiroff, NULL, &nextdirnum)) + { + if (n != 65535) { + ++n; +@@ -1686,28 +1707,30 @@ TIFFNumberOfDirectories(TIFF* tif) + int + TIFFSetDirectory(TIFF* tif, uint16_t dirn) + { +- uint64_t nextdir; ++ uint64_t nextdiroff; ++ uint16_t nextdirnum; + uint16_t n; + + if (!(tif->tif_flags&TIFF_BIGTIFF)) +- nextdir = tif->tif_header.classic.tiff_diroff; ++ nextdiroff = tif->tif_header.classic.tiff_diroff; + else +- nextdir = tif->tif_header.big.tiff_diroff; +- for (n = dirn; n > 0 && nextdir != 0; n--) +- if (!TIFFAdvanceDirectory(tif, &nextdir, NULL)) ++ nextdiroff = tif->tif_header.big.tiff_diroff; ++ nextdirnum = 0; ++ for (n = dirn; n > 0 && nextdiroff != 0; n--) ++ if (!TIFFAdvanceDirectory(tif, &nextdiroff, NULL, &nextdirnum)) + return (0); +- tif->tif_nextdiroff = nextdir; ++ /* If the n-th directory could not be reached (does not exist), ++ * return here without touching anything further. */ ++ if (nextdiroff == 0 || n > 0) ++ return (0); ++ ++ tif->tif_nextdiroff = nextdiroff; + /* + * Set curdir to the actual directory index. The + * -1 is because TIFFReadDirectory will increment + * tif_curdir after successfully reading the directory. + */ + tif->tif_curdir = (dirn - n) - 1; +- /* +- * Reset tif_dirnumber counter and start new list of seen directories. +- * We need this to prevent IFD loops. +- */ +- tif->tif_dirnumber = 0; + return (TIFFReadDirectory(tif)); + } + +@@ -1720,13 +1743,42 @@ TIFFSetDirectory(TIFF* tif, uint16_t dirn) + int + TIFFSetSubDirectory(TIFF* tif, uint64_t diroff) + { +- tif->tif_nextdiroff = diroff; +- /* +- * Reset tif_dirnumber counter and start new list of seen directories. +- * We need this to prevent IFD loops. ++ /* Match nextdiroff and curdir for consistent IFD-loop checking. ++ * Only with TIFFSetSubDirectory() the IFD list can be corrupted with invalid offsets ++ * within the main IFD tree. ++ * In the case of several subIFDs of a main image, ++ * there are two possibilities that are not even mutually exclusive. ++ * a.) The subIFD tag contains an array with all offsets of the subIFDs. ++ * b.) The SubIFDs are concatenated with their NextIFD parameters. ++ * (refer to https://www.awaresystems.be/imaging/tiff/specification/TIFFPM6.pdf.) + */ +- tif->tif_dirnumber = 0; +- return (TIFFReadDirectory(tif)); ++ int retval; ++ uint16_t curdir = 0; ++ int8_t probablySubIFD = 0; ++ if (diroff == 0) { ++ /* Special case to invalidate the tif_lastdiroff member. */ ++ tif->tif_curdir = 65535; ++ } else { ++ if (!_TIFFGetDirNumberFromOffset(tif, diroff, &curdir)) { ++ /* Non-existing offsets might point to a SubIFD or invalid IFD.*/ ++ probablySubIFD = 1; ++ } ++ /* -1 because TIFFReadDirectory() will increment tif_curdir. */ ++ tif->tif_curdir = curdir - 1; ++ } ++ ++ tif->tif_nextdiroff = diroff; ++ retval = TIFFReadDirectory(tif); ++ /* If failed, curdir was not incremented in TIFFReadDirectory(), so set it back. */ ++ if (!retval )tif->tif_curdir++; ++ if (retval && probablySubIFD) { ++ /* Reset IFD list to start new one for SubIFD chain and also start SubIFD chain with tif_curdir=0. */ ++ tif->tif_dirnumber = 0; ++ tif->tif_curdir = 0; /* first directory of new chain */ ++ /* add this offset to new IFD list */ ++ _TIFFCheckDirNumberAndOffset(tif, tif->tif_curdir, diroff); ++ } ++ return (retval); + } + + /* +@@ -1750,12 +1802,15 @@ TIFFLastDirectory(TIFF* tif) + + /* + * Unlink the specified directory from the directory chain. ++ * Note: First directory starts with number dirn=1. ++ * This is different to TIFFSetDirectory() where the first directory starts with zero. + */ + int + TIFFUnlinkDirectory(TIFF* tif, uint16_t dirn) + { + static const char module[] = "TIFFUnlinkDirectory"; + uint64_t nextdir; ++ uint16_t nextdirnum; + uint64_t off; + uint16_t n; + +@@ -1779,19 +1834,21 @@ TIFFUnlinkDirectory(TIFF* tif, uint16_t dirn) + nextdir = tif->tif_header.big.tiff_diroff; + off = 8; + } ++ nextdirnum = 0; /* First directory is dirn=0 */ ++ + for (n = dirn-1; n > 0; n--) { + if (nextdir == 0) { + TIFFErrorExt(tif->tif_clientdata, module, "Directory %"PRIu16" does not exist", dirn); + return (0); + } +- if (!TIFFAdvanceDirectory(tif, &nextdir, &off)) ++ if (!TIFFAdvanceDirectory(tif, &nextdir, &off, &nextdirnum)) + return (0); + } + /* + * Advance to the directory to be unlinked and fetch + * the offset of the directory that follows. + */ +- if (!TIFFAdvanceDirectory(tif, &nextdir, NULL)) ++ if (!TIFFAdvanceDirectory(tif, &nextdir, NULL, &nextdirnum)) + return (0); + /* + * Go back and patch the link field of the preceding +diff --git a/libtiff/tif_dir.h b/libtiff/tif_dir.h +index 900dec1..f1a5125 100644 +--- a/libtiff/tif_dir.h ++++ b/libtiff/tif_dir.h +@@ -302,6 +302,8 @@ extern int _TIFFMergeFields(TIFF*, const TIFFField[], uint32_t); + extern const TIFFField* _TIFFFindOrRegisterField(TIFF *, uint32_t, TIFFDataType); + extern TIFFField* _TIFFCreateAnonField(TIFF *, uint32_t, TIFFDataType); + extern int _TIFFCheckFieldIsValidForCodec(TIFF *tif, ttag_t tag); ++extern int _TIFFCheckDirNumberAndOffset(TIFF *tif, uint16_t dirn, uint64_t diroff); ++extern int _TIFFGetDirNumberFromOffset(TIFF *tif, uint64_t diroff, uint16_t *dirn); + + #if defined(__cplusplus) + } +diff --git a/libtiff/tif_dirread.c b/libtiff/tif_dirread.c +index d7cccbe..f07de60 100644 +--- a/libtiff/tif_dirread.c ++++ b/libtiff/tif_dirread.c +@@ -154,7 +154,6 @@ static void TIFFReadDirectoryFindFieldInfo(TIFF* tif, uint16_t tagid, uint32_t* + + static int EstimateStripByteCounts(TIFF* tif, TIFFDirEntry* dir, uint16_t dircount); + static void MissingRequired(TIFF*, const char*); +-static int TIFFCheckDirOffset(TIFF* tif, uint64_t diroff); + static int CheckDirCount(TIFF*, TIFFDirEntry*, uint32_t); + static uint16_t TIFFFetchDirectory(TIFF* tif, uint64_t diroff, TIFFDirEntry** pdir, uint64_t* nextdiroff); + static int TIFFFetchNormalTag(TIFF*, TIFFDirEntry*, int recover); +@@ -3590,12 +3589,19 @@ TIFFReadDirectory(TIFF* tif) + int bitspersample_read = FALSE; + int color_channels; + +- tif->tif_diroff=tif->tif_nextdiroff; +- if (!TIFFCheckDirOffset(tif,tif->tif_nextdiroff)) +- return 0; /* last offset or bad offset (IFD looping) */ +- (*tif->tif_cleanup)(tif); /* cleanup any previous compression state */ +- tif->tif_curdir++; +- nextdiroff = tif->tif_nextdiroff; ++ if (tif->tif_nextdiroff == 0) { ++ /* In this special case, tif_diroff needs also to be set to 0. */ ++ tif->tif_diroff = tif->tif_nextdiroff; ++ return 0; /* last offset, thus no checking necessary */ ++ } ++ ++ nextdiroff = tif->tif_nextdiroff; ++ /* tif_curdir++ and tif_nextdiroff should only be updated after SUCCESSFUL reading of the directory. Otherwise, invalid IFD offsets could corrupt the IFD list. */ ++ if (!_TIFFCheckDirNumberAndOffset(tif, tif->tif_curdir + 1, nextdiroff)) { ++ TIFFWarningExt(tif->tif_clientdata, module, ++ "Didn't read next directory due to IFD looping at offset 0x%"PRIx64" (%"PRIu64") to offset 0x%"PRIx64" (%"PRIu64")", tif->tif_diroff, tif->tif_diroff, nextdiroff, nextdiroff); ++ return 0; /* bad offset (IFD looping) */ ++ } + dircount=TIFFFetchDirectory(tif,nextdiroff,&dir,&tif->tif_nextdiroff); + if (!dircount) + { +@@ -3603,6 +3609,11 @@ TIFFReadDirectory(TIFF* tif) + "Failed to read directory at offset %" PRIu64, nextdiroff); + return 0; + } ++ /* Set global values after a valid directory has been fetched. ++ * tif_diroff is already set to nextdiroff in TIFFFetchDirectory() in the beginning. */ ++ tif->tif_curdir++; ++ (*tif->tif_cleanup)(tif); /* cleanup any previous compression state */ ++ + TIFFReadDirectoryCheckOrder(tif,dir,dircount); + + /* +@@ -4687,53 +4698,127 @@ MissingRequired(TIFF* tif, const char* tagname) + } + + /* +- * Check the directory offset against the list of already seen directory +- * offsets. This is a trick to prevent IFD looping. The one can create TIFF +- * file with looped directory pointers. We will maintain a list of already +- * seen directories and check every IFD offset against that list. ++ * Check the directory number and offset against the list of already seen ++ * directory numbers and offsets. This is a trick to prevent IFD looping. ++ * The one can create TIFF file with looped directory pointers. We will ++ * maintain a list of already seen directories and check every IFD offset ++ * and its IFD number against that list. However, the offset of an IFD number ++ * can change - e.g. when writing updates to file. ++ * Returns 1 if all is ok; 0 if last directory or IFD loop is encountered, ++ * or an error has occured. + */ +-static int +-TIFFCheckDirOffset(TIFF* tif, uint64_t diroff) ++int ++_TIFFCheckDirNumberAndOffset(TIFF *tif, uint16_t dirn, uint64_t diroff) + { + uint16_t n; + + if (diroff == 0) /* no more directories */ + return 0; + if (tif->tif_dirnumber == 65535) { +- TIFFErrorExt(tif->tif_clientdata, "TIFFCheckDirOffset", +- "Cannot handle more than 65535 TIFF directories"); +- return 0; ++ TIFFErrorExt(tif->tif_clientdata, "_TIFFCheckDirNumberAndOffset", ++ "Cannot handle more than 65535 TIFF directories"); ++ return 0; + } + +- for (n = 0; n < tif->tif_dirnumber && tif->tif_dirlist; n++) { +- if (tif->tif_dirlist[n] == diroff) +- return 0; ++ /* Check if offset is already in the list: ++ * - yes: check, if offset is at the same IFD number - if not, it is an IFD loop ++ * - no: add to list or update offset at that IFD number ++ */ ++ for (n = 0; n < tif->tif_dirnumber && tif->tif_dirlistdirn && tif->tif_dirlistoff; n++) { ++ if (tif->tif_dirlistoff[n] == diroff) { ++ if (tif->tif_dirlistdirn[n] == dirn) { ++ return 1; ++ } else { ++ TIFFWarningExt(tif->tif_clientdata, "_TIFFCheckDirNumberAndOffset", ++ "TIFF directory %"PRIu16" has IFD looping to directory %"PRIu16" at offset 0x%"PRIx64" (%"PRIu64")", ++ dirn-1, tif->tif_dirlistdirn[n], diroff, diroff); ++ return 0; ++ } ++ } ++ } ++ /* Check if offset of an IFD has been changed and update offset of that IFD number. */ ++ if (dirn < tif->tif_dirnumber && tif->tif_dirlistdirn && tif->tif_dirlistoff) { ++ /* tif_dirlistdirn can have IFD numbers dirn in random order */ ++ for (n = 0; n < tif->tif_dirnumber; n++) { ++ if (tif->tif_dirlistdirn[n] == dirn) { ++ tif->tif_dirlistoff[n] = diroff; ++ return 1; ++ } ++ } + } + ++ /* Add IFD offset and dirn to IFD directory list */ + tif->tif_dirnumber++; + +- if (tif->tif_dirlist == NULL || tif->tif_dirnumber > tif->tif_dirlistsize) { +- uint64_t* new_dirlist; +- ++ if (tif->tif_dirlistoff == NULL || tif->tif_dirlistdirn == NULL || tif->tif_dirnumber > tif->tif_dirlistsize) { ++ uint64_t *new_dirlist; + /* + * XXX: Reduce memory allocation granularity of the dirlist + * array. + */ +- new_dirlist = (uint64_t*)_TIFFCheckRealloc(tif, tif->tif_dirlist, +- tif->tif_dirnumber, 2 * sizeof(uint64_t), "for IFD list"); ++ if (tif->tif_dirnumber >= 32768) ++ tif->tif_dirlistsize = 65535; ++ else ++ tif->tif_dirlistsize = 2 * tif->tif_dirnumber; ++ ++ new_dirlist = (uint64_t *)_TIFFCheckRealloc(tif, tif->tif_dirlistoff, ++ tif->tif_dirlistsize, sizeof(uint64_t), "for IFD offset list"); + if (!new_dirlist) + return 0; +- if( tif->tif_dirnumber >= 32768 ) +- tif->tif_dirlistsize = 65535; +- else +- tif->tif_dirlistsize = 2 * tif->tif_dirnumber; +- tif->tif_dirlist = new_dirlist; ++ tif->tif_dirlistoff = new_dirlist; ++ new_dirlist = (uint64_t *)_TIFFCheckRealloc(tif, tif->tif_dirlistdirn, ++ tif->tif_dirlistsize, sizeof(uint16_t), "for IFD dirnumber list"); ++ if (!new_dirlist) ++ return 0; ++ tif->tif_dirlistdirn = (uint16_t *)new_dirlist; + } + +- tif->tif_dirlist[tif->tif_dirnumber - 1] = diroff; ++ tif->tif_dirlistoff[tif->tif_dirnumber - 1] = diroff; ++ tif->tif_dirlistdirn[tif->tif_dirnumber - 1] = dirn; + + return 1; +-} ++} /* --- _TIFFCheckDirNumberAndOffset() ---*/ ++ ++/* ++ * Retrieve the matching IFD directory number of a given IFD offset ++ * from the list of directories already seen. ++ * Returns 1 if the offset was in the list and the directory number ++ * can be returned. ++ * Otherwise returns 0 or if an error occured. ++ */ ++int ++_TIFFGetDirNumberFromOffset(TIFF *tif, uint64_t diroff, uint16_t* dirn) ++{ ++ uint16_t n; ++ ++ if (diroff == 0) /* no more directories */ ++ return 0; ++ if (tif->tif_dirnumber == 65535) { ++ TIFFErrorExt(tif->tif_clientdata, "_TIFFGetDirNumberFromOffset", ++ "Cannot handle more than 65535 TIFF directories"); ++ return 0; ++ } ++ ++ /* Check if offset is already in the list and return matching directory number. ++ * Otherwise update IFD list using TIFFNumberOfDirectories() ++ * and search again in IFD list. ++ */ ++ for (n = 0; n < tif->tif_dirnumber && tif->tif_dirlistoff && tif->tif_dirlistdirn; n++) { ++ if (tif->tif_dirlistoff[n] == diroff) { ++ *dirn = tif->tif_dirlistdirn[n]; ++ return 1; ++ } ++ } ++ TIFFNumberOfDirectories(tif); ++ for (n = 0; n < tif->tif_dirnumber && tif->tif_dirlistoff && tif->tif_dirlistdirn; n++) { ++ if (tif->tif_dirlistoff[n] == diroff) { ++ *dirn = tif->tif_dirlistdirn[n]; ++ return 1; ++ } ++ } ++ return 0; ++} /*--- _TIFFGetDirNumberFromOffset() ---*/ ++ + + /* + * Check the count field of a directory entry against a known value. The +diff --git a/libtiff/tif_open.c b/libtiff/tif_open.c +index 9724162..f047c73 100644 +--- a/libtiff/tif_open.c ++++ b/libtiff/tif_open.c +@@ -354,7 +354,8 @@ TIFFClientOpen( + if (!TIFFDefaultDirectory(tif)) + goto bad; + tif->tif_diroff = 0; +- tif->tif_dirlist = NULL; ++ tif->tif_dirlistoff = NULL; ++ tif->tif_dirlistdirn = NULL; + tif->tif_dirlistsize = 0; + tif->tif_dirnumber = 0; + return (tif); +diff --git a/libtiff/tiffiop.h b/libtiff/tiffiop.h +index c1d0276..9459fe8 100644 +--- a/libtiff/tiffiop.h ++++ b/libtiff/tiffiop.h +@@ -117,7 +117,8 @@ struct tiff { + #define TIFF_CHOPPEDUPARRAYS 0x4000000U /* set when allocChoppedUpStripArrays() has modified strip array */ + uint64_t tif_diroff; /* file offset of current directory */ + uint64_t tif_nextdiroff; /* file offset of following directory */ +- uint64_t* tif_dirlist; /* list of offsets to already seen directories to prevent IFD looping */ ++ uint64_t* tif_dirlistoff; /* list of offsets to already seen directories to prevent IFD looping */ ++ uint16_t* tif_dirlistdirn; /* list of directory numbers to already seen directories to prevent IFD looping */ + uint16_t tif_dirlistsize; /* number of entries in offset list */ + uint16_t tif_dirnumber; /* number of already seen directories */ + TIFFDirectory tif_dir; /* internal rep of current directory */ +-- +2.25.1 + diff --git a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb index 61d8142e41..9e1e6fa099 100644 --- a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb +++ b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb @@ -43,6 +43,7 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \ file://CVE-2023-3618-1.patch \ file://CVE-2023-3618-2.patch \ file://CVE-2023-26966.patch \ + file://CVE-2022-40090.patch \ " SRC_URI[sha256sum] = "0e46e5acb087ce7d1ac53cf4f56a09b221537fc86dfc5daaad1c2e89e1b37ac8" -- 2.34.1 ^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 02/13] xdg-utils: Fix CVE-2022-4055 2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 01/13] libtiff: fix CVE-2022-40090 improved IFD-Loop handling Steve Sakoman @ 2023-10-14 21:44 ` Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 03/13] binutils: Fix CVE-2022-44840 Steve Sakoman ` (10 subsequent siblings) 12 siblings, 0 replies; 21+ messages in thread From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw) To: openembedded-core From: Hitendra Prajapati <hprajapati@mvista.com> Upstream-Status: Backport from https://gitlab.freedesktop.org/xdg/xdg-utils/-/commit/f67c4d1f8bd2e3cbcb9eb49f5e897075e7426780 Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> --- .../xdg-utils/xdg-utils/CVE-2022-4055.patch | 165 ++++++++++++++++++ .../xdg-utils/xdg-utils_1.1.3.bb | 1 + 2 files changed, 166 insertions(+) create mode 100644 meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch diff --git a/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch b/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch new file mode 100644 index 0000000000..383634ad53 --- /dev/null +++ b/meta/recipes-extended/xdg-utils/xdg-utils/CVE-2022-4055.patch @@ -0,0 +1,165 @@ +From f67c4d1f8bd2e3cbcb9eb49f5e897075e7426780 Mon Sep 17 00:00:00 2001 +From: Gabriel Corona <gabriel.corona@enst-bretagne.fr> +Date: Thu, 25 Aug 2022 23:51:45 +0200 +Subject: [PATCH] Disable special support for Thunderbird in xdg-email (fixes + CVE-2020-27748, CVE-2022-4055) + +Upstream-Status: Backport [https://gitlab.freedesktop.org/xdg/xdg-utils/-/commit/f67c4d1f8bd2e3cbcb9eb49f5e897075e7426780] +CVE: CVE-2022-4055 +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> +--- + scripts/xdg-email.in | 108 ------------------------------------------- + 1 file changed, 108 deletions(-) + +diff --git a/scripts/xdg-email.in b/scripts/xdg-email.in +index 13ba2d5..b700679 100644 +--- a/scripts/xdg-email.in ++++ b/scripts/xdg-email.in +@@ -30,76 +30,8 @@ _USAGE + + #@xdg-utils-common@ + +-run_thunderbird() +-{ +- local THUNDERBIRD MAILTO NEWMAILTO TO CC BCC SUBJECT BODY +- THUNDERBIRD="$1" +- MAILTO=$(echo "$2" | sed 's/^mailto://') +- echo "$MAILTO" | grep -qs "^?" +- if [ "$?" = "0" ] ; then +- MAILTO=$(echo "$MAILTO" | sed 's/^?//') +- else +- MAILTO=$(echo "$MAILTO" | sed 's/^/to=/' | sed 's/?/\&/') +- fi +- +- MAILTO=$(echo "$MAILTO" | sed 's/&/\n/g') +- TO=$(/bin/echo -e $(echo "$MAILTO" | grep '^to=' | sed 's/^to=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }')) +- CC=$(/bin/echo -e $(echo "$MAILTO" | grep '^cc=' | sed 's/^cc=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }')) +- BCC=$(/bin/echo -e $(echo "$MAILTO" | grep '^bcc=' | sed 's/^bcc=//;s/%\(..\)/\\x\1/g' | awk '{ printf "%s,",$0 }')) +- SUBJECT=$(echo "$MAILTO" | grep '^subject=' | tail -n 1) +- BODY=$(echo "$MAILTO" | grep '^body=' | tail -n 1) +- +- if [ -z "$TO" ] ; then +- NEWMAILTO= +- else +- NEWMAILTO="to='$TO'" +- fi +- if [ -n "$CC" ] ; then +- NEWMAILTO="${NEWMAILTO},cc='$CC'" +- fi +- if [ -n "$BCC" ] ; then +- NEWMAILTO="${NEWMAILTO},bcc='$BCC'" +- fi +- if [ -n "$SUBJECT" ] ; then +- NEWMAILTO="${NEWMAILTO},$SUBJECT" +- fi +- if [ -n "$BODY" ] ; then +- NEWMAILTO="${NEWMAILTO},$BODY" +- fi +- +- NEWMAILTO=$(echo "$NEWMAILTO" | sed 's/^,//') +- DEBUG 1 "Running $THUNDERBIRD -compose \"$NEWMAILTO\"" +- "$THUNDERBIRD" -compose "$NEWMAILTO" +- if [ $? -eq 0 ]; then +- exit_success +- else +- exit_failure_operation_failed +- fi +-} +- + open_kde() + { +- if [ -n "$KDE_SESSION_VERSION" ] && [ "$KDE_SESSION_VERSION" -ge 5 ]; then +- local kreadconfig=kreadconfig$KDE_SESSION_VERSION +- else +- local kreadconfig=kreadconfig +- fi +- +- if which $kreadconfig >/dev/null 2>&1; then +- local profile=$($kreadconfig --file emaildefaults \ +- --group Defaults --key Profile) +- if [ -n "$profile" ]; then +- local client=$($kreadconfig --file emaildefaults \ +- --group "PROFILE_$profile" \ +- --key EmailClient \ +- | cut -d ' ' -f 1) +- +- if echo "$client" | grep -Eq 'thunderbird|icedove'; then +- run_thunderbird "$client" "$1" +- fi +- fi +- fi +- + local command + case "$KDE_SESSION_VERSION" in + '') command=kmailservice ;; +@@ -130,15 +62,6 @@ open_kde() + + open_gnome3() + { +- local client +- local desktop +- desktop=`xdg-mime query default "x-scheme-handler/mailto"` +- client=`desktop_file_to_binary "$desktop"` +- echo $client | grep -E 'thunderbird|icedove' > /dev/null 2>&1 +- if [ $? -eq 0 ] ; then +- run_thunderbird "$client" "$1" +- fi +- + if gio help open 2>/dev/null 1>&2; then + DEBUG 1 "Running gio open \"$1\"" + gio open "$1" +@@ -159,13 +82,6 @@ open_gnome3() + + open_gnome() + { +- local client +- client=`gconftool-2 --get /desktop/gnome/url-handlers/mailto/command | cut -d ' ' -f 1` || "" +- echo $client | grep -E 'thunderbird|icedove' > /dev/null 2>&1 +- if [ $? -eq 0 ] ; then +- run_thunderbird "$client" "$1" +- fi +- + if gio help open 2>/dev/null 1>&2; then + DEBUG 1 "Running gio open \"$1\"" + gio open "$1" +@@ -231,15 +147,6 @@ open_flatpak() + + open_generic() + { +- local client +- local desktop +- desktop=`xdg-mime query default "x-scheme-handler/mailto"` +- client=`desktop_file_to_binary "$desktop"` +- echo $client | grep -E 'thunderbird|icedove' > /dev/null 2>&1 +- if [ $? -eq 0 ] ; then +- run_thunderbird "$client" "$1" +- fi +- + xdg-open "$1" + local ret=$? + +@@ -364,21 +271,6 @@ while [ $# -gt 0 ] ; do + shift + ;; + +- --attach) +- if [ -z "$1" ] ; then +- exit_failure_syntax "file argument missing for --attach option" +- fi +- check_input_file "$1" +- file=`readlink -f "$1"` # Normalize path +- if [ -z "$file" ] || [ ! -f "$file" ] ; then +- exit_failure_file_missing "file '$1' does not exist" +- fi +- +- url_encode "$file" +- options="${options}attach=${result}&" +- shift +- ;; +- + -*) + exit_failure_syntax "unexpected option '$parm'" + ;; +-- +2.25.1 + diff --git a/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb b/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb index 73acf6b744..4d93180535 100644 --- a/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb +++ b/meta/recipes-extended/xdg-utils/xdg-utils_1.1.3.bb @@ -21,6 +21,7 @@ SRC_URI = "https://portland.freedesktop.org/download/${BPN}-${PV}.tar.gz \ file://0001-Reinstate-xdg-terminal.patch \ file://0001-Don-t-build-the-in-script-manual.patch \ file://1f199813e0eb0246f63b54e9e154970e609575af.patch \ + file://CVE-2022-4055.patch \ " SRC_URI[md5sum] = "902042508b626027a3709d105f0b63ff" -- 2.34.1 ^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 03/13] binutils: Fix CVE-2022-44840 2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 01/13] libtiff: fix CVE-2022-40090 improved IFD-Loop handling Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 02/13] xdg-utils: Fix CVE-2022-4055 Steve Sakoman @ 2023-10-14 21:44 ` Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 04/13] binutils: Fix CVE-2022-45703 Steve Sakoman ` (9 subsequent siblings) 12 siblings, 0 replies; 21+ messages in thread From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw) To: openembedded-core From: Yash Shinde <Yash.Shinde@windriver.com> Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> --- .../binutils/binutils-2.38.inc | 1 + .../binutils/0030-CVE-2022-44840.patch | 151 ++++++++++++++++++ 2 files changed, 152 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/0030-CVE-2022-44840.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc index 638b1ba93d..7c5d8f79ec 100644 --- a/meta/recipes-devtools/binutils/binutils-2.38.inc +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc @@ -59,5 +59,6 @@ SRC_URI = "\ file://0029-CVE-2022-48065-1.patch \ file://0029-CVE-2022-48065-2.patch \ file://0029-CVE-2022-48065-3.patch \ + file://0030-CVE-2022-44840.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/0030-CVE-2022-44840.patch b/meta/recipes-devtools/binutils/binutils/0030-CVE-2022-44840.patch new file mode 100644 index 0000000000..2f4c38044b --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0030-CVE-2022-44840.patch @@ -0,0 +1,151 @@ +From: Alan Modra <amodra@gmail.com> +Date: Sun, 30 Oct 2022 08:38:51 +0000 (+1030) +Subject: Pool section entries for DWP version 1 +X-Git-Tag: gdb-13-branchpoint~664 +X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=28750e3b967da2207d51cbce9fc8be262817ee59 + +Pool section entries for DWP version 1 + +Ref: https://gcc.gnu.org/wiki/DebugFissionDWP?action=recall&rev=3 + +Fuzzers have found a weakness in the code stashing pool section +entries. With random nonsensical values in the index entries (rather +than each index pointing to its own set distinct from other sets), +it's possible to overflow the space allocated, losing the NULL +terminator. Without a terminator, find_section_in_set can run off the +end of the shndx_pool buffer. Fix this by scanning the pool directly. + +binutils/ + * dwarf.c (add_shndx_to_cu_tu_entry): Delete range check. + (end_cu_tu_entry): Likewise. + (process_cu_tu_index): Fill shndx_pool by directly scanning + pool, rather than indirectly from index entries. + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=blobdiff_plain;f=binutils/dwarf.c;h=7730293326ac1049451eb4a037ac86d827030700;hp=c6340a28906114e9df29d7401472c7dc0a98c2b1;hb=28750e3b967da2207d51cbce9fc8be262817ee59;hpb=60095ba3b8f8ba26a6389dded732fa446422c98f] + +CVE: CVE-2022-44840 + +Signed-off-by: yash shinde <yash.shinde@windriver.com> + +diff --git a/binutils/dwarf.c b/binutils/dwarf.c +index c6340a28906..7730293326a 100644 +--- a/binutils/dwarf.c ++++ b/binutils/dwarf.c +@@ -10652,22 +10652,12 @@ prealloc_cu_tu_list (unsigned int nshndx) + static void + add_shndx_to_cu_tu_entry (unsigned int shndx) + { +- if (shndx_pool_used >= shndx_pool_size) +- { +- error (_("Internal error: out of space in the shndx pool.\n")); +- return; +- } + shndx_pool [shndx_pool_used++] = shndx; + } + + static void + end_cu_tu_entry (void) + { +- if (shndx_pool_used >= shndx_pool_size) +- { +- error (_("Internal error: out of space in the shndx pool.\n")); +- return; +- } + shndx_pool [shndx_pool_used++] = 0; + } + +@@ -10773,53 +10763,55 @@ process_cu_tu_index (struct dwarf_section *section, int do_display) + + if (version == 1) + { ++ unsigned char *shndx_list; ++ unsigned int shndx; ++ + if (!do_display) +- prealloc_cu_tu_list ((limit - ppool) / 4); +- for (i = 0; i < nslots; i++) + { +- unsigned char *shndx_list; +- unsigned int shndx; +- +- SAFE_BYTE_GET (signature, phash, 8, limit); +- if (signature != 0) ++ prealloc_cu_tu_list ((limit - ppool) / 4); ++ for (shndx_list = ppool + 4; shndx_list <= limit - 4; shndx_list += 4) + { +- SAFE_BYTE_GET (j, pindex, 4, limit); +- shndx_list = ppool + j * 4; +- /* PR 17531: file: 705e010d. */ +- if (shndx_list < ppool) +- { +- warn (_("Section index pool located before start of section\n")); +- return 0; +- } ++ shndx = byte_get (shndx_list, 4); ++ add_shndx_to_cu_tu_entry (shndx); ++ } ++ end_cu_tu_entry (); ++ } ++ else ++ for (i = 0; i < nslots; i++) ++ { ++ SAFE_BYTE_GET (signature, phash, 8, limit); ++ if (signature != 0) ++ { ++ SAFE_BYTE_GET (j, pindex, 4, limit); ++ shndx_list = ppool + j * 4; ++ /* PR 17531: file: 705e010d. */ ++ if (shndx_list < ppool) ++ { ++ warn (_("Section index pool located before start of section\n")); ++ return 0; ++ } + +- if (do_display) + printf (_(" [%3d] Signature: 0x%s Sections: "), + i, dwarf_vmatoa ("x", signature)); +- for (;;) +- { +- if (shndx_list >= limit) +- { +- warn (_("Section %s too small for shndx pool\n"), +- section->name); +- return 0; +- } +- SAFE_BYTE_GET (shndx, shndx_list, 4, limit); +- if (shndx == 0) +- break; +- if (do_display) ++ for (;;) ++ { ++ if (shndx_list >= limit) ++ { ++ warn (_("Section %s too small for shndx pool\n"), ++ section->name); ++ return 0; ++ } ++ SAFE_BYTE_GET (shndx, shndx_list, 4, limit); ++ if (shndx == 0) ++ break; + printf (" %d", shndx); +- else +- add_shndx_to_cu_tu_entry (shndx); +- shndx_list += 4; +- } +- if (do_display) ++ shndx_list += 4; ++ } + printf ("\n"); +- else +- end_cu_tu_entry (); +- } +- phash += 8; +- pindex += 4; +- } ++ } ++ phash += 8; ++ pindex += 4; ++ } + } + else if (version == 2) + { -- 2.34.1 ^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 04/13] binutils: Fix CVE-2022-45703 2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman ` (2 preceding siblings ...) 2023-10-14 21:44 ` [OE-core][kirkstone 03/13] binutils: Fix CVE-2022-44840 Steve Sakoman @ 2023-10-14 21:44 ` Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 05/13] vim: Upgrade 9.0.1894 -> 9.0.2009 Steve Sakoman ` (8 subsequent siblings) 12 siblings, 0 replies; 21+ messages in thread From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw) To: openembedded-core From: Yash Shinde <Yash.Shinde@windriver.com> Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> --- .../binutils/binutils-2.38.inc | 2 + .../binutils/0031-CVE-2022-45703-1.patch | 147 ++++++++++++++++++ .../binutils/0031-CVE-2022-45703-2.patch | 31 ++++ 3 files changed, 180 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/0031-CVE-2022-45703-1.patch create mode 100644 meta/recipes-devtools/binutils/binutils/0031-CVE-2022-45703-2.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc index 7c5d8f79ec..0964ab0825 100644 --- a/meta/recipes-devtools/binutils/binutils-2.38.inc +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc @@ -60,5 +60,7 @@ SRC_URI = "\ file://0029-CVE-2022-48065-2.patch \ file://0029-CVE-2022-48065-3.patch \ file://0030-CVE-2022-44840.patch \ + file://0031-CVE-2022-45703-1.patch \ + file://0031-CVE-2022-45703-2.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/0031-CVE-2022-45703-1.patch b/meta/recipes-devtools/binutils/binutils/0031-CVE-2022-45703-1.patch new file mode 100644 index 0000000000..3db4385e13 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0031-CVE-2022-45703-1.patch @@ -0,0 +1,147 @@ +From: Alan Modra <amodra@gmail.com> +Date: Tue, 24 May 2022 00:02:14 +0000 (+0930) +Subject: PR29169, invalid read displaying fuzzed .gdb_index +X-Git-Tag: binutils-2_39~530 +X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=244e19c79111eed017ee38ab1d44fb2a6cd1b636 + +PR29169, invalid read displaying fuzzed .gdb_index + + PR 29169 + * dwarf.c (display_gdb_index): Combine sanity checks. Calculate + element counts, not word counts. +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=244e19c79111eed017ee38ab1d44fb2a6cd1b636] + +CVE: CVE-2022-45703 + +Signed-off-by: yash shinde <yash.shinde@windriver.com> + +--- + +diff --git a/binutils/dwarf.c b/binutils/dwarf.c +index 7de6f28161f..c855972a12f 100644 +--- a/binutils/dwarf.c ++++ b/binutils/dwarf.c +@@ -10406,7 +10406,7 @@ display_gdb_index (struct dwarf_section *section, + uint32_t cu_list_offset, tu_list_offset; + uint32_t address_table_offset, symbol_table_offset, constant_pool_offset; + unsigned int cu_list_elements, tu_list_elements; +- unsigned int address_table_size, symbol_table_slots; ++ unsigned int address_table_elements, symbol_table_slots; + unsigned char *cu_list, *tu_list; + unsigned char *address_table, *symbol_table, *constant_pool; + unsigned int i; +@@ -10454,48 +10454,19 @@ display_gdb_index (struct dwarf_section *section, + || tu_list_offset > section->size + || address_table_offset > section->size + || symbol_table_offset > section->size +- || constant_pool_offset > section->size) ++ || constant_pool_offset > section->size ++ || tu_list_offset < cu_list_offset ++ || address_table_offset < tu_list_offset ++ || symbol_table_offset < address_table_offset ++ || constant_pool_offset < symbol_table_offset) + { + warn (_("Corrupt header in the %s section.\n"), section->name); + return 0; + } + +- /* PR 17531: file: 418d0a8a. */ +- if (tu_list_offset < cu_list_offset) +- { +- warn (_("TU offset (%x) is less than CU offset (%x)\n"), +- tu_list_offset, cu_list_offset); +- return 0; +- } +- +- cu_list_elements = (tu_list_offset - cu_list_offset) / 8; +- +- if (address_table_offset < tu_list_offset) +- { +- warn (_("Address table offset (%x) is less than TU offset (%x)\n"), +- address_table_offset, tu_list_offset); +- return 0; +- } +- +- tu_list_elements = (address_table_offset - tu_list_offset) / 8; +- +- /* PR 17531: file: 18a47d3d. */ +- if (symbol_table_offset < address_table_offset) +- { +- warn (_("Symbol table offset (%x) is less then Address table offset (%x)\n"), +- symbol_table_offset, address_table_offset); +- return 0; +- } +- +- address_table_size = symbol_table_offset - address_table_offset; +- +- if (constant_pool_offset < symbol_table_offset) +- { +- warn (_("Constant pool offset (%x) is less than symbol table offset (%x)\n"), +- constant_pool_offset, symbol_table_offset); +- return 0; +- } +- ++ cu_list_elements = (tu_list_offset - cu_list_offset) / 16; ++ tu_list_elements = (address_table_offset - tu_list_offset) / 24; ++ address_table_elements = (symbol_table_offset - address_table_offset) / 20; + symbol_table_slots = (constant_pool_offset - symbol_table_offset) / 8; + + cu_list = start + cu_list_offset; +@@ -10504,31 +10475,25 @@ display_gdb_index (struct dwarf_section *section, + symbol_table = start + symbol_table_offset; + constant_pool = start + constant_pool_offset; + +- if (address_table_offset + address_table_size > section->size) +- { +- warn (_("Address table extends beyond end of section.\n")); +- return 0; +- } +- + printf (_("\nCU table:\n")); +- for (i = 0; i < cu_list_elements; i += 2) ++ for (i = 0; i < cu_list_elements; i++) + { +- uint64_t cu_offset = byte_get_little_endian (cu_list + i * 8, 8); +- uint64_t cu_length = byte_get_little_endian (cu_list + i * 8 + 8, 8); ++ uint64_t cu_offset = byte_get_little_endian (cu_list + i * 16, 8); ++ uint64_t cu_length = byte_get_little_endian (cu_list + i * 16 + 8, 8); + +- printf (_("[%3u] 0x%lx - 0x%lx\n"), i / 2, ++ printf (_("[%3u] 0x%lx - 0x%lx\n"), i, + (unsigned long) cu_offset, + (unsigned long) (cu_offset + cu_length - 1)); + } + + printf (_("\nTU table:\n")); +- for (i = 0; i < tu_list_elements; i += 3) ++ for (i = 0; i < tu_list_elements; i++) + { +- uint64_t tu_offset = byte_get_little_endian (tu_list + i * 8, 8); +- uint64_t type_offset = byte_get_little_endian (tu_list + i * 8 + 8, 8); +- uint64_t signature = byte_get_little_endian (tu_list + i * 8 + 16, 8); ++ uint64_t tu_offset = byte_get_little_endian (tu_list + i * 24, 8); ++ uint64_t type_offset = byte_get_little_endian (tu_list + i * 24 + 8, 8); ++ uint64_t signature = byte_get_little_endian (tu_list + i * 24 + 16, 8); + +- printf (_("[%3u] 0x%lx 0x%lx "), i / 3, ++ printf (_("[%3u] 0x%lx 0x%lx "), i, + (unsigned long) tu_offset, + (unsigned long) type_offset); + print_dwarf_vma (signature, 8); +@@ -10536,12 +10501,11 @@ display_gdb_index (struct dwarf_section *section, + } + + printf (_("\nAddress table:\n")); +- for (i = 0; i < address_table_size && i <= address_table_size - (2 * 8 + 4); +- i += 2 * 8 + 4) ++ for (i = 0; i < address_table_elements; i++) + { +- uint64_t low = byte_get_little_endian (address_table + i, 8); +- uint64_t high = byte_get_little_endian (address_table + i + 8, 8); +- uint32_t cu_index = byte_get_little_endian (address_table + i + 16, 4); ++ uint64_t low = byte_get_little_endian (address_table + i * 20, 8); ++ uint64_t high = byte_get_little_endian (address_table + i * 20 + 8, 8); ++ uint32_t cu_index = byte_get_little_endian (address_table + i + 20 + 16, 4); + + print_dwarf_vma (low, 8); + print_dwarf_vma (high, 8); diff --git a/meta/recipes-devtools/binutils/binutils/0031-CVE-2022-45703-2.patch b/meta/recipes-devtools/binutils/binutils/0031-CVE-2022-45703-2.patch new file mode 100644 index 0000000000..1fac9739dd --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0031-CVE-2022-45703-2.patch @@ -0,0 +1,31 @@ +From 69bfd1759db41c8d369f9dcc98a135c5a5d97299 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Fri, 18 Nov 2022 11:29:13 +1030 +Subject: [PATCH] PR29799 heap buffer overflow in display_gdb_index + dwarf.c:10548 + + PR 29799 + * dwarf.c (display_gdb_index): Typo fix. +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=blobdiff_plain;f=binutils/dwarf.c;h=4bba8dfb81a6df49f5e61b3fae99dd545cc5c7dd;hp=7730293326ac1049451eb4a037ac86d827030700;hb=69bfd1759db41c8d369f9dcc98a135c5a5d97299;hpb=7828dfa93b210b6bbc6596e6e096cc150a9f8aa4] + +CVE: CVE-2022-45703 + +Signed-off-by: yash shinde <yash.shinde@windriver.com> + +--- + binutils/dwarf.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/binutils/dwarf.c b/binutils/dwarf.c +index 7730293326a..4bba8dfb81a 100644 +--- a/binutils/dwarf.c ++++ b/binutils/dwarf.c +@@ -10562,7 +10562,7 @@ display_gdb_index (struct dwarf_section + { + uint64_t low = byte_get_little_endian (address_table + i * 20, 8); + uint64_t high = byte_get_little_endian (address_table + i * 20 + 8, 8); +- uint32_t cu_index = byte_get_little_endian (address_table + i + 20 + 16, 4); ++ uint32_t cu_index = byte_get_little_endian (address_table + i * 20 + 16, 4); + + print_dwarf_vma (low, 8); + print_dwarf_vma (high, 8); -- 2.34.1 ^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 05/13] vim: Upgrade 9.0.1894 -> 9.0.2009 2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman ` (3 preceding siblings ...) 2023-10-14 21:44 ` [OE-core][kirkstone 04/13] binutils: Fix CVE-2022-45703 Steve Sakoman @ 2023-10-14 21:44 ` Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 06/13] python3-urllib3: upgrade 1.26.9 -> 1.26.10 Steve Sakoman ` (7 subsequent siblings) 12 siblings, 0 replies; 21+ messages in thread From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw) To: openembedded-core From: Siddharth Doshi <sdoshi@mvista.com> This includes CVE fix for CVE-2023-5441. Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> --- meta/recipes-support/vim/vim.inc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc index 5f55f590e6..5e06866692 100644 --- a/meta/recipes-support/vim/vim.inc +++ b/meta/recipes-support/vim/vim.inc @@ -19,8 +19,8 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \ file://no-path-adjust.patch \ " -PV .= ".1894" -SRCREV = "e5f7cd0a60d0eeab84f7aeb35c13d3af7e50072e" +PV .= ".2009" +SRCREV = "54844857fd6933fa4f6678e47610c4b9c9f7a091" # Do not consider .z in x.y.z, as that is updated with every commit UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+\.\d+)\.0" -- 2.34.1 ^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 06/13] python3-urllib3: upgrade 1.26.9 -> 1.26.10 2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman ` (4 preceding siblings ...) 2023-10-14 21:44 ` [OE-core][kirkstone 05/13] vim: Upgrade 9.0.1894 -> 9.0.2009 Steve Sakoman @ 2023-10-14 21:44 ` Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 07/13] python3-urllib3: upgrade 1.26.10 -> 1.26.11 Steve Sakoman ` (6 subsequent siblings) 12 siblings, 0 replies; 21+ messages in thread From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw) To: openembedded-core From: wangmy <wangmy@fujitsu.com> Add dependence python3-logging. Changelog: ========= * Removed support for Python 3.5 * Fixed an issue where a "ProxyError" recommending configuring the proxy as HTTP instead of HTTPS could appear even when an HTTPS proxy wasn't configured. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit a8a26a92dfe367472daf086a33a1b30ff6d17540) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> --- .../{python3-urllib3_1.26.9.bb => python3-urllib3_1.26.10.bb} | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) rename meta/recipes-devtools/python/{python3-urllib3_1.26.9.bb => python3-urllib3_1.26.10.bb} (82%) diff --git a/meta/recipes-devtools/python/python3-urllib3_1.26.9.bb b/meta/recipes-devtools/python/python3-urllib3_1.26.10.bb similarity index 82% rename from meta/recipes-devtools/python/python3-urllib3_1.26.9.bb rename to meta/recipes-devtools/python/python3-urllib3_1.26.10.bb index 95ae4a54a4..a8e2073d71 100644 --- a/meta/recipes-devtools/python/python3-urllib3_1.26.9.bb +++ b/meta/recipes-devtools/python/python3-urllib3_1.26.10.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/shazow/urllib3" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=c2823cb995439c984fd62a973d79815c" -SRC_URI[sha256sum] = "aabaf16477806a5e1dd19aa41f8c2b7950dd3c746362d7e3223dbe6de6ac448e" +SRC_URI[sha256sum] = "879ba4d1e89654d9769ce13121e0f94310ea32e8d2f8cf587b77c08bbcdb30d6" inherit pypi setuptools3 @@ -15,6 +15,7 @@ RDEPENDS:${PN} += "\ ${PYTHON_PN}-netclient \ ${PYTHON_PN}-pyopenssl \ ${PYTHON_PN}-threading \ + ${PYTHON_PN}-logging \ " CVE_PRODUCT = "urllib3" -- 2.34.1 ^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 07/13] python3-urllib3: upgrade 1.26.10 -> 1.26.11 2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman ` (5 preceding siblings ...) 2023-10-14 21:44 ` [OE-core][kirkstone 06/13] python3-urllib3: upgrade 1.26.9 -> 1.26.10 Steve Sakoman @ 2023-10-14 21:44 ` Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 08/13] python3-urllib3: upgrade 1.26.11 -> 1.26.12 Steve Sakoman ` (5 subsequent siblings) 12 siblings, 0 replies; 21+ messages in thread From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw) To: openembedded-core From: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit dbe07ff87e2cb1a8276e69a43c7cdbb9ae6e5493) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> --- .../{python3-urllib3_1.26.10.bb => python3-urllib3_1.26.11.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-devtools/python/{python3-urllib3_1.26.10.bb => python3-urllib3_1.26.11.bb} (86%) diff --git a/meta/recipes-devtools/python/python3-urllib3_1.26.10.bb b/meta/recipes-devtools/python/python3-urllib3_1.26.11.bb similarity index 86% rename from meta/recipes-devtools/python/python3-urllib3_1.26.10.bb rename to meta/recipes-devtools/python/python3-urllib3_1.26.11.bb index a8e2073d71..a8d47de0f4 100644 --- a/meta/recipes-devtools/python/python3-urllib3_1.26.10.bb +++ b/meta/recipes-devtools/python/python3-urllib3_1.26.11.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/shazow/urllib3" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=c2823cb995439c984fd62a973d79815c" -SRC_URI[sha256sum] = "879ba4d1e89654d9769ce13121e0f94310ea32e8d2f8cf587b77c08bbcdb30d6" +SRC_URI[sha256sum] = "ea6e8fb210b19d950fab93b60c9009226c63a28808bc8386e05301e25883ac0a" inherit pypi setuptools3 -- 2.34.1 ^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 08/13] python3-urllib3: upgrade 1.26.11 -> 1.26.12 2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman ` (6 preceding siblings ...) 2023-10-14 21:44 ` [OE-core][kirkstone 07/13] python3-urllib3: upgrade 1.26.10 -> 1.26.11 Steve Sakoman @ 2023-10-14 21:44 ` Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 09/13] python3-urllib3: upgrade 1.26.12 -> 1.26.13 Steve Sakoman ` (4 subsequent siblings) 12 siblings, 0 replies; 21+ messages in thread From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw) To: openembedded-core From: wangmy <wangmy@fujitsu.com> Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit cb05578af3ace6e3983f93e16d9ad1ac2a65fbe2) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> --- .../{python3-urllib3_1.26.11.bb => python3-urllib3_1.26.12.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-devtools/python/{python3-urllib3_1.26.11.bb => python3-urllib3_1.26.12.bb} (86%) diff --git a/meta/recipes-devtools/python/python3-urllib3_1.26.11.bb b/meta/recipes-devtools/python/python3-urllib3_1.26.12.bb similarity index 86% rename from meta/recipes-devtools/python/python3-urllib3_1.26.11.bb rename to meta/recipes-devtools/python/python3-urllib3_1.26.12.bb index a8d47de0f4..1cd69bcb10 100644 --- a/meta/recipes-devtools/python/python3-urllib3_1.26.11.bb +++ b/meta/recipes-devtools/python/python3-urllib3_1.26.12.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/shazow/urllib3" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=c2823cb995439c984fd62a973d79815c" -SRC_URI[sha256sum] = "ea6e8fb210b19d950fab93b60c9009226c63a28808bc8386e05301e25883ac0a" +SRC_URI[sha256sum] = "3fa96cf423e6987997fc326ae8df396db2a8b7c667747d47ddd8ecba91f4a74e" inherit pypi setuptools3 -- 2.34.1 ^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 09/13] python3-urllib3: upgrade 1.26.12 -> 1.26.13 2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman ` (7 preceding siblings ...) 2023-10-14 21:44 ` [OE-core][kirkstone 08/13] python3-urllib3: upgrade 1.26.11 -> 1.26.12 Steve Sakoman @ 2023-10-14 21:44 ` Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 10/13] python3-urllib3: upgrade 1.26.13 -> 1.26.14 Steve Sakoman ` (3 subsequent siblings) 12 siblings, 0 replies; 21+ messages in thread From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw) To: openembedded-core From: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit b18552f69a2eb8900981a10ba386dc4f862b29c3) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> --- .../{python3-urllib3_1.26.12.bb => python3-urllib3_1.26.13.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-devtools/python/{python3-urllib3_1.26.12.bb => python3-urllib3_1.26.13.bb} (86%) diff --git a/meta/recipes-devtools/python/python3-urllib3_1.26.12.bb b/meta/recipes-devtools/python/python3-urllib3_1.26.13.bb similarity index 86% rename from meta/recipes-devtools/python/python3-urllib3_1.26.12.bb rename to meta/recipes-devtools/python/python3-urllib3_1.26.13.bb index 1cd69bcb10..7af95117cf 100644 --- a/meta/recipes-devtools/python/python3-urllib3_1.26.12.bb +++ b/meta/recipes-devtools/python/python3-urllib3_1.26.13.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/shazow/urllib3" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=c2823cb995439c984fd62a973d79815c" -SRC_URI[sha256sum] = "3fa96cf423e6987997fc326ae8df396db2a8b7c667747d47ddd8ecba91f4a74e" +SRC_URI[sha256sum] = "c083dd0dce68dbfbe1129d5271cb90f9447dea7d52097c6e0126120c521ddea8" inherit pypi setuptools3 -- 2.34.1 ^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 10/13] python3-urllib3: upgrade 1.26.13 -> 1.26.14 2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman ` (8 preceding siblings ...) 2023-10-14 21:44 ` [OE-core][kirkstone 09/13] python3-urllib3: upgrade 1.26.12 -> 1.26.13 Steve Sakoman @ 2023-10-14 21:44 ` Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 11/13] python3-urllib3: upgrade 1.26.14 -> 1.26.15 Steve Sakoman ` (2 subsequent siblings) 12 siblings, 0 replies; 21+ messages in thread From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw) To: openembedded-core From: Tim Orling <ticotimo@gmail.com> https://github.com/urllib3/urllib3/blob/1.26.14/CHANGES.rst#12614-2023-01-11 1.26.14 (2023-01-11) Fixed parsing of port 0 (zero) returning None, instead of 0. (#2850) Removed deprecated getheaders() calls in contrib module. Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 55ab1bf20e6893088acb6460e9004dac8e205559) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> --- .../{python3-urllib3_1.26.13.bb => python3-urllib3_1.26.14.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-devtools/python/{python3-urllib3_1.26.13.bb => python3-urllib3_1.26.14.bb} (86%) diff --git a/meta/recipes-devtools/python/python3-urllib3_1.26.13.bb b/meta/recipes-devtools/python/python3-urllib3_1.26.14.bb similarity index 86% rename from meta/recipes-devtools/python/python3-urllib3_1.26.13.bb rename to meta/recipes-devtools/python/python3-urllib3_1.26.14.bb index 7af95117cf..f35a141df2 100644 --- a/meta/recipes-devtools/python/python3-urllib3_1.26.13.bb +++ b/meta/recipes-devtools/python/python3-urllib3_1.26.14.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/shazow/urllib3" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=c2823cb995439c984fd62a973d79815c" -SRC_URI[sha256sum] = "c083dd0dce68dbfbe1129d5271cb90f9447dea7d52097c6e0126120c521ddea8" +SRC_URI[sha256sum] = "076907bf8fd355cde77728471316625a4d2f7e713c125f51953bb5b3eecf4f72" inherit pypi setuptools3 -- 2.34.1 ^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 11/13] python3-urllib3: upgrade 1.26.14 -> 1.26.15 2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman ` (9 preceding siblings ...) 2023-10-14 21:44 ` [OE-core][kirkstone 10/13] python3-urllib3: upgrade 1.26.13 -> 1.26.14 Steve Sakoman @ 2023-10-14 21:44 ` Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 12/13] python3-urllib3: 1.26.15 -> 1.26.17 Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 13/13] apt: add missing <cstdint> for uint16_t Steve Sakoman 12 siblings, 0 replies; 21+ messages in thread From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw) To: openembedded-core From: Wang Mingyu <wangmy@fujitsu.com> Changelog: ========== * Fix socket timeout value when "HTTPConnection" is reused ('#2645 <https://github.com/urllib3/urllib3/issues/2645>'__) * Remove "!" character from the unreserved characters in IPv6 Zone ID parsing ('#2899 <https://github.com/urllib3/urllib3/issues/2899>'__) * Fix IDNA handling of '\x80' byte ('#2901 <https://github.com/urllib3/urllib3/issues/2901>'__) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8e062efbac29a81831c3060bcae601dc533d65dd) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> --- .../{python3-urllib3_1.26.14.bb => python3-urllib3_1.26.15.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-devtools/python/{python3-urllib3_1.26.14.bb => python3-urllib3_1.26.15.bb} (86%) diff --git a/meta/recipes-devtools/python/python3-urllib3_1.26.14.bb b/meta/recipes-devtools/python/python3-urllib3_1.26.15.bb similarity index 86% rename from meta/recipes-devtools/python/python3-urllib3_1.26.14.bb rename to meta/recipes-devtools/python/python3-urllib3_1.26.15.bb index f35a141df2..d2de7c4c02 100644 --- a/meta/recipes-devtools/python/python3-urllib3_1.26.14.bb +++ b/meta/recipes-devtools/python/python3-urllib3_1.26.15.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/shazow/urllib3" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=c2823cb995439c984fd62a973d79815c" -SRC_URI[sha256sum] = "076907bf8fd355cde77728471316625a4d2f7e713c125f51953bb5b3eecf4f72" +SRC_URI[sha256sum] = "8a388717b9476f934a21484e8c8e61875ab60644d29b9b39e11e4b9dc1c6b305" inherit pypi setuptools3 -- 2.34.1 ^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 12/13] python3-urllib3: 1.26.15 -> 1.26.17 2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman ` (10 preceding siblings ...) 2023-10-14 21:44 ` [OE-core][kirkstone 11/13] python3-urllib3: upgrade 1.26.14 -> 1.26.15 Steve Sakoman @ 2023-10-14 21:44 ` Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 13/13] apt: add missing <cstdint> for uint16_t Steve Sakoman 12 siblings, 0 replies; 21+ messages in thread From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw) To: openembedded-core From: Lee Chee Yang <chee.yang.lee@intel.com> 1.26.17 (2023-10-02) Added the Cookie header to the list of headers to strip from requests when redirecting to a different host. As before, different headers can be set via Retry.remove_headers_on_redirect. (CVE-2023-43804) 1.26.16 (2023-05-23) Fixed thread-safety issue where accessing a PoolManager with many distinct origins would cause connection pools to be closed while requests are in progress (#2954) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> --- .../{python3-urllib3_1.26.15.bb => python3-urllib3_1.26.17.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-devtools/python/{python3-urllib3_1.26.15.bb => python3-urllib3_1.26.17.bb} (86%) diff --git a/meta/recipes-devtools/python/python3-urllib3_1.26.15.bb b/meta/recipes-devtools/python/python3-urllib3_1.26.17.bb similarity index 86% rename from meta/recipes-devtools/python/python3-urllib3_1.26.15.bb rename to meta/recipes-devtools/python/python3-urllib3_1.26.17.bb index d2de7c4c02..57b166870a 100644 --- a/meta/recipes-devtools/python/python3-urllib3_1.26.15.bb +++ b/meta/recipes-devtools/python/python3-urllib3_1.26.17.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/shazow/urllib3" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=c2823cb995439c984fd62a973d79815c" -SRC_URI[sha256sum] = "8a388717b9476f934a21484e8c8e61875ab60644d29b9b39e11e4b9dc1c6b305" +SRC_URI[sha256sum] = "24d6a242c28d29af46c3fae832c36db3bbebcc533dd1bb549172cd739c82df21" inherit pypi setuptools3 -- 2.34.1 ^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 13/13] apt: add missing <cstdint> for uint16_t 2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman ` (11 preceding siblings ...) 2023-10-14 21:44 ` [OE-core][kirkstone 12/13] python3-urllib3: 1.26.15 -> 1.26.17 Steve Sakoman @ 2023-10-14 21:44 ` Steve Sakoman 12 siblings, 0 replies; 21+ messages in thread From: Steve Sakoman @ 2023-10-14 21:44 UTC (permalink / raw) To: openembedded-core From: Khem Raj <raj.khem@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8c46ded67df2d830c8bbf5f7b82d75db81d797e2) Signed-off-by: Steve Sakoman <steve@sakoman.com> --- ...001-add-missing-cstdint-for-uint16_t.patch | 35 +++++++++++++++++++ meta/recipes-devtools/apt/apt_2.4.5.bb | 1 + 2 files changed, 36 insertions(+) create mode 100644 meta/recipes-devtools/apt/apt/0001-add-missing-cstdint-for-uint16_t.patch diff --git a/meta/recipes-devtools/apt/apt/0001-add-missing-cstdint-for-uint16_t.patch b/meta/recipes-devtools/apt/apt/0001-add-missing-cstdint-for-uint16_t.patch new file mode 100644 index 0000000000..44aa8a5873 --- /dev/null +++ b/meta/recipes-devtools/apt/apt/0001-add-missing-cstdint-for-uint16_t.patch @@ -0,0 +1,35 @@ +From 960d10e89cf60d39998dae6fdcd4f0866b753a79 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Mon, 23 Jan 2023 12:31:35 -0800 +Subject: [PATCH] add missing <cstdint> for uint16_t + +This fixes build problems with gcc 13 snapshot [1] + +Fixes +| include/apt-pkg/pkgcache.h:257:23: warning: cast from 'char*' to 'const uint16_t*' {aka 'const short unsigned int*'} increases required alignment of target type [-Wcast-align] +| 257 | uint16_t len = *reinterpret_cast<const uint16_t*>(name - sizeof(uint16_t)); +| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +[1] https://www.gnu.org/software/gcc/gcc-13/porting_to.html + +Upstream-Status: Submitted [https://salsa.debian.org/apt-team/apt/-/merge_requests/276] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + apt-pkg/contrib/mmap.cc | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/apt-pkg/contrib/mmap.cc b/apt-pkg/contrib/mmap.cc +index 642e20473..0568e1cd0 100644 +--- a/apt-pkg/contrib/mmap.cc ++++ b/apt-pkg/contrib/mmap.cc +@@ -23,6 +23,7 @@ + #include <apt-pkg/macros.h> + #include <apt-pkg/mmap.h> + ++#include <cstdint> + #include <cstring> + #include <string> + #include <errno.h> +-- +2.39.1 + diff --git a/meta/recipes-devtools/apt/apt_2.4.5.bb b/meta/recipes-devtools/apt/apt_2.4.5.bb index 9ebcdfd527..9ceabcc186 100644 --- a/meta/recipes-devtools/apt/apt_2.4.5.bb +++ b/meta/recipes-devtools/apt/apt_2.4.5.bb @@ -13,6 +13,7 @@ SRC_URI = "${DEBIAN_MIRROR}/main/a/apt/${BPN}_${PV}.tar.xz \ file://0001-cmake-Do-not-build-po-files.patch \ file://0001-Hide-fstatat64-and-prlimit64-defines-on-musl.patch \ file://0001-aptwebserver.cc-Include-array.patch \ + file://0001-add-missing-cstdint-for-uint16_t.patch \ " SRC_URI:append:class-native = " \ -- 2.34.1 ^ permalink raw reply related [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 00/13] Patch review
@ 2025-01-07 13:31 Steve Sakoman
0 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2025-01-07 13:31 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kirkstone and have comments back by
end of day Thursday, January 9
Passed a-full on autobuilder:
https://valkyrie.yoctoproject.org/#/builders/29/builds/751
The following changes since commit a20b02fdfe64c005f7587a1d9077bdc282f7b6b1:
base-passwd: Add the sgx group (2024-12-18 07:06:28 -0800)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Archana Polampalli (3):
ffmpeg: fix CVE-2024-35366
ffmpeg: fix CVE-2024-35367
ffmpeg: fix CVE-2024-35368
Mikko Rapeli (1):
ovmf-native: remove .pyc files from install
Peter Marko (6):
ghostscript: ignore CVE-2024-46954
tiff: ignore CVE-2023-2731
tiff: patch CVE-2023-3164
gstreame1.0: ignore CVEs from gstreamer1.0-plugins-bad
xwayland: patch CVE-2023-5380 CVE-2024-0229
python3: upgrade 3.10.15 -> 3.10.16
Rohini Sangam (1):
webkitgtk: Security fix for CVE-2024-40776 and CVE-2024-40780
Vijay Anusuri (1):
libsndfile1: Backport fix for CVE-2022-33065
aszh07 (1):
libarchive: Fix CVE-2024-20696
meta/recipes-core/ovmf/ovmf_git.bb | 1 +
...-search-system-for-headers-libraries.patch | 2 +-
...{python3_3.10.15.bb => python3_3.10.16.bb} | 2 +-
.../ghostscript/ghostscript_9.55.0.bb | 2 +-
.../libarchive/CVE-2024-20696.patch | 114 +++++++++
.../libarchive/libarchive_3.6.2.bb | 1 +
.../xwayland/xwayland/CVE-2023-5380.patch | 103 ++++++++
.../xwayland/xwayland/CVE-2024-0229-1.patch | 88 +++++++
.../xwayland/xwayland/CVE-2024-0229-2.patch | 222 +++++++++++++++++
.../xwayland/xwayland/CVE-2024-0229-3.patch | 42 ++++
.../xwayland/xwayland/CVE-2024-0229-4.patch | 46 ++++
.../xwayland/xwayland_22.1.8.bb | 5 +
.../ffmpeg/ffmpeg/CVE-2024-35366.patch | 37 +++
.../ffmpeg/ffmpeg/CVE-2024-35367.patch | 47 ++++
.../ffmpeg/ffmpeg/CVE-2024-35368.patch | 41 ++++
.../recipes-multimedia/ffmpeg/ffmpeg_5.0.1.bb | 3 +
.../gstreamer/gstreamer1.0_1.20.7.bb | 4 +-
...022-33065.patch => CVE-2022-33065-1.patch} | 0
.../libsndfile1/CVE-2022-33065-10.patch | 39 +++
.../libsndfile1/CVE-2022-33065-11.patch | 35 +++
.../libsndfile1/CVE-2022-33065-12.patch | 40 +++
.../libsndfile1/CVE-2022-33065-13.patch | 58 +++++
.../libsndfile1/CVE-2022-33065-2.patch | 58 +++++
.../libsndfile1/CVE-2022-33065-3.patch | 34 +++
.../libsndfile1/CVE-2022-33065-4.patch | 60 +++++
.../libsndfile1/CVE-2022-33065-5.patch | 39 +++
.../libsndfile1/CVE-2022-33065-6.patch | 82 +++++++
.../libsndfile1/CVE-2022-33065-7.patch | 48 ++++
.../libsndfile1/CVE-2022-33065-8.patch | 179 ++++++++++++++
.../libsndfile1/CVE-2022-33065-9.patch | 231 ++++++++++++++++++
.../libsndfile/libsndfile1_1.0.31.bb | 14 +-
.../libtiff/tiff/CVE-2023-3164.patch | 114 +++++++++
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 5 +-
.../webkit/webkitgtk/CVE-2024-40776.patch | 141 +++++++++++
.../webkit/webkitgtk/CVE-2024-40780.patch | 94 +++++++
meta/recipes-sato/webkit/webkitgtk_2.36.8.bb | 2 +
36 files changed, 2025 insertions(+), 8 deletions(-)
rename meta/recipes-devtools/python/{python3_3.10.15.bb => python3_3.10.16.bb} (99%)
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2024-20696.patch
create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2023-5380.patch
create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2024-0229-1.patch
create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2024-0229-2.patch
create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2024-0229-3.patch
create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2024-0229-4.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35366.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35367.patch
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35368.patch
rename meta/recipes-multimedia/libsndfile/libsndfile1/{CVE-2022-33065.patch => CVE-2022-33065-1.patch} (100%)
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-10.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-11.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-12.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-13.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-2.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-3.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-4.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-5.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-6.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-7.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-8.patch
create mode 100644 meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2022-33065-9.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-3164.patch
create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2024-40776.patch
create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2024-40780.patch
--
2.43.0
^ permalink raw reply [flat|nested] 21+ messages in thread* [OE-core][kirkstone 00/13] Patch review @ 2023-05-31 2:34 Steve Sakoman 0 siblings, 0 replies; 21+ messages in thread From: Steve Sakoman @ 2023-05-31 2:34 UTC (permalink / raw) To: openembedded-core Please review this set of changes for kirkstone and have comments back by end of day Thursday. Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5365 The following changes since commit 5e26ead1ca016d1691dccba1b58060ac853bf0d2: piglit: Add missing glslang dependencies (2023-05-25 05:42:54 -1000) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut Bhabu Bindu (4): curl: Fix CVE-2023-28319 curl: Fix CVE-2023-28320 curl: Fix CVE-2023-28321 curl: Fix CVE-2023-28322 Bruce Ashfield (5): linux-yocto/5.10: update to v5.10.176 linux-yocto/5.10: update to v5.10.177 linux-yocto/5.10: update to v5.10.178 linux-yocto/5.10: update to v5.10.179 linux-yocto/5.10: update to v5.10.180 Martin Jansa (1): kernel-devicetree: make shell scripts posix compliant Randolph Sapp (3): kernel-devicetree: allow specification of dtb directory package: enable recursion on file globs kernel-devicetree: recursively search for dtbs meta/classes/kernel-devicetree.bbclass | 22 +- meta/classes/kernel.bbclass | 2 + meta/classes/package.bbclass | 2 +- .../linux/linux-yocto-rt_5.10.bb | 6 +- .../linux/linux-yocto-tiny_5.10.bb | 8 +- meta/recipes-kernel/linux/linux-yocto_5.10.bb | 24 +- .../curl/curl/CVE-2023-28319.patch | 33 ++ .../curl/curl/CVE-2023-28320.patch | 83 ++++ .../curl/curl/CVE-2023-28321.patch | 302 ++++++++++++ .../curl/curl/CVE-2023-28322-1.patch | 84 ++++ .../curl/curl/CVE-2023-28322-2.patch | 436 ++++++++++++++++++ meta/recipes-support/curl/curl_7.82.0.bb | 5 + 12 files changed, 982 insertions(+), 25 deletions(-) create mode 100644 meta/recipes-support/curl/curl/CVE-2023-28319.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2023-28320.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2023-28321.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2023-28322-1.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2023-28322-2.patch -- 2.34.1 ^ permalink raw reply [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 00/13] Patch review
@ 2023-04-29 17:20 Steve Sakoman
0 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2023-04-29 17:20 UTC (permalink / raw)
To: openembedded-core
Please review this set of patches for kirkstone and have comments back by
end of day Tuesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5234
The following changes since commit 15c07dff384ce4fb0e90f4f32c182a82101a1c82:
go: fix CVE-2023-24537 Infinite loop in parsing (2023-04-21 03:57:50 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Archana Polampalli (1):
nasm: fix CVE-2022-44370
Bruce Ashfield (3):
linux-yocto/5.15: update to v5.15.106
linux-yocto/5.15: update to v5.15.107
linux-yocto/5.15: update to v5.15.108
Christoph Lauer (1):
populate_sdk_base: add zip options
Deepthi Hemraj (1):
glibc: stable 2.35 branch updates.
Joe Slater (1):
ghostscript: fix CVE-2023-29979
Mingli Yu (1):
ruby: Fix CVE-2023-28755
Pascal Bach (1):
cmake: add CMAKE_SYSROOT to generated toolchain file
Ross Burton (1):
xserver-xorg: backport fix for CVE-2023-1393
Virendra Thakur (1):
qemu: Whitelist CVE-2023-0664
Yogita Urade (2):
xorg-lib-common: Add variable to set tarball type
libxpm: upgrade 3.5.13 -> 3.5.15
meta/classes/cmake.bbclass | 5 +
meta/classes/populate_sdk_base.bbclass | 4 +-
meta/recipes-core/glibc/glibc-version.inc | 2 +-
.../nasm/nasm/CVE-2022-44370.patch | 104 ++++++++++++++++++
meta/recipes-devtools/nasm/nasm_2.15.05.bb | 1 +
meta/recipes-devtools/qemu/qemu.inc | 5 +
.../ruby/ruby/CVE-2023-28755.patch | 68 ++++++++++++
meta/recipes-devtools/ruby/ruby_3.1.3.bb | 1 +
.../ghostscript/cve-2023-28879.patch | 60 ++++++++++
.../ghostscript/ghostscript_9.55.0.bb | 1 +
.../{libxpm_3.5.13.bb => libxpm_3.5.15.bb} | 8 +-
.../xorg-lib/xorg-lib-common.inc | 3 +-
...posite-Fix-use-after-free-of-the-COW.patch | 46 ++++++++
.../xorg-xserver/xserver-xorg_21.1.7.bb | 3 +-
.../linux/linux-yocto-rt_5.15.bb | 6 +-
.../linux/linux-yocto-tiny_5.15.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 ++---
17 files changed, 323 insertions(+), 26 deletions(-)
create mode 100644 meta/recipes-devtools/nasm/nasm/CVE-2022-44370.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2023-28755.patch
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/cve-2023-28879.patch
rename meta/recipes-graphics/xorg-lib/{libxpm_3.5.13.bb => libxpm_3.5.15.bb} (67%)
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/0001-composite-Fix-use-after-free-of-the-COW.patch
--
2.34.1
^ permalink raw reply [flat|nested] 21+ messages in thread* [OE-core][kirkstone 00/13] Patch review @ 2023-02-01 22:15 Steve Sakoman 0 siblings, 0 replies; 21+ messages in thread From: Steve Sakoman @ 2023-02-01 22:15 UTC (permalink / raw) To: openembedded-core Please review this set of patches for kirkstone and have comments back by end of day Friday. Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4872 The following changes since commit a8c82902384f7430519a31732a4bb631f21693ac: build-appliance-image: Update to kirkstone head revision (2023-01-26 23:40:27 +0000) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut Armin Kuster (1): lttng-modules: Fix for 5.10.163 kernel version Bruce Ashfield (1): linux-yocto/5.15: update to v5.15.87 Khem Raj (3): libtirpc: Check if file exists before operating on it libusb1: Link with latomic only if compiler has no atomic builtins libusb1: Strip trailing whitespaces Niko Mauno (1): Fix missing leading whitespace with ':append' Richard Purdie (1): native: Drop special variable handling Ross Burton (4): ppp: backport fix for CVE-2022-4603 quilt: fix intermittent failure in faildiff.test spirv-headers: set correct branch name quilt: use upstreamed faildiff.test fix Thomas Roos (1): devtool: fix devtool finish when gitmodules file is empty Xiangyu Chen (1): numactl: skip test case when target platform doesn't have 2 CPU node meta/classes/core-image.bbclass | 2 +- meta/classes/externalsrc.bbclass | 2 +- meta/classes/native.bbclass | 2 +- meta/classes/populate_sdk_ext.bbclass | 2 +- .../distro/include/ptest-packagelists.inc | 2 +- .../ppp/ppp/CVE-2022-4603.patch | 48 +++++++++++++++ meta/recipes-connectivity/ppp/ppp_2.4.9.bb | 1 + meta/recipes-devtools/quilt/quilt.inc | 1 + .../quilt/quilt/faildiff-order.patch | 41 +++++++++++++ .../libtirpc/libtirpc_1.3.2.bb | 2 +- .../spir/spirv-headers_1.3.204.1.bb | 2 +- .../linux/linux-yocto-rt_5.15.bb | 6 +- .../linux/linux-yocto-tiny_5.15.bb | 6 +- meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 ++++---- .../fix-jbd2-upper-bound-for-v5.10.163.patch | 52 ++++++++++++++++ ...e-the-correct-print-format-v5.10.163.patch | 61 +++++++++++++++++++ .../lttng/lttng-modules_2.13.8.bb | 2 + ...k-with-latomic-only-if-no-atomic-bui.patch | 46 ++++++++++++++ meta/recipes-support/libusb/libusb1_1.0.26.bb | 13 ++-- .../numactl/Fix-the-test-output-format.patch | 3 +- .../recipes-support/numactl/numactl/run-ptest | 6 +- 21 files changed, 292 insertions(+), 34 deletions(-) create mode 100644 meta/recipes-connectivity/ppp/ppp/CVE-2022-4603.patch create mode 100644 meta/recipes-devtools/quilt/quilt/faildiff-order.patch create mode 100644 meta/recipes-kernel/lttng/lttng-modules/fix-jbd2-upper-bound-for-v5.10.163.patch create mode 100644 meta/recipes-kernel/lttng/lttng-modules/fix-jbd2-use-the-correct-print-format-v5.10.163.patch create mode 100644 meta/recipes-support/libusb/libusb1/0001-configure.ac-Link-with-latomic-only-if-no-atomic-bui.patch -- 2.25.1 ^ permalink raw reply [flat|nested] 21+ messages in thread
* [OE-core][kirkstone 00/13] Patch review
@ 2022-10-17 23:08 Steve Sakoman
0 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2022-10-17 23:08 UTC (permalink / raw)
To: openembedded-core
Please review this set of patches for kirkstone and have comments back by
end of day Wednesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4347
The following changes since commit e728d0965d6fda8ac54e065ca7bf7eb9da9a8170:
coreutils: add openssl PACKAGECONFIG (2022-09-30 09:35:23 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Adrian Freihofer (1):
own-mirrors: add crate
Bhabu Bindu (1):
qemu: Fix CVE-2021-3611
Chen Qi (1):
image_types_wic.bbclass: fix cross binutils dependency
He Zhe (2):
lttng-tools: Upgrade 2.13.4 -> 2.13.8
lttng-modules: Fix crash on powerpc64
Michael Halstead (1):
uninative: Upgrade to 3.7 to work with glibc 2.36
Ross Burton (1):
qemu: fix CVE-2022-2962
Teoh Jay Shen (1):
tiff: Security fixes CVE-2022-2867,CVE-2022-2868 and CVE-2022-2869
Tim Orling (1):
python3: upgrade 3.10.4 -> 3.10.7
Virendra Thakur (1):
qemu: Fix CVE-2021-3750 for qemu
Xiangyu Chen (2):
qemu: Backport patches from upstream to support float128 on qemu-ppc64
linux-yocto-dev: add qemuarm64
pgowda (1):
binutils : Fix CVE-2022-38128
meta/classes/image_types_wic.bbclass | 2 +-
meta/classes/own-mirrors.bbclass | 1 +
meta/classes/sanity.bbclass | 2 +-
meta/conf/distro/include/yocto-uninative.inc | 10 +-
.../binutils/binutils-2.38.inc | 3 +
.../binutils/0018-CVE-2022-38128-1.patch | 350 ++++
.../binutils/0018-CVE-2022-38128-2.patch | 436 +++++
.../binutils/0018-CVE-2022-38128-3.patch | 95 ++
...h-92036-Fix-gc_fini_untrack-GH-92037.patch | 54 -
...report-missing-dependencies-for-disa.patch | 8 +-
.../{python3_3.10.4.bb => python3_3.10.7.bb} | 3 +-
meta/recipes-devtools/qemu/qemu.inc | 49 +
...ulip-Restrict-DMA-engine-to-memories.patch | 64 +
...end-float_exception_flags-to-16-bits.patch | 75 +
...32t-for-reply-queue-head-tail-values.patch | 83 +
...ftfloat-Add-flag-specific-to-Inf-Inf.patch | 59 +
...id_function_take_MemTxAttrs_argument.patch | 60 +
...softfloat-Add-flag-specific-to-Inf-0.patch | 126 ++
...et_function_take_MemTxAttrs_argument.patch | 98 ++
...dd-flags-specific-to-Inf-Inf-and-0-0.patch | 73 +
...ed_function_take_MemTxAttrs_argument.patch | 78 +
...-Add-flag-specific-to-signaling-nans.patch | 121 ++
...rw_function_take_MemTxAttrs_argument.patch | 158 ++
...e-float_invalid_op_addsub-for-new-fl.patch | 114 ++
...te_function_take_MemTxAttrs_argument.patch | 1453 +++++++++++++++++
...e-float_invalid_op_mul-for-new-flags.patch | 86 +
...ap_function_take_MemTxAttrs_argument.patch | 227 +++
...e-float_invalid_op_div-for-new-flags.patch | 99 ++
..._buf_rw_function_take_a_void_pointer.patch | 41 +
...arget-ppc-Update-fmadd-for-new-flags.patch | 102 ++
..._dma_buf_write_functions_take_a_void.patch | 167 ++
.../0010-target-ppc-Split-out-do_fmadd.patch | 71 +
...rw_function_take_MemTxAttrs_argument.patch | 91 ++
...s-max-min-cj-dp-to-use-VSX-registers.patch | 93 ++
...rw_function_take_MemTxAttrs_argument.patch | 65 +
...-Move-xs-max-min-cj-dp-to-decodetree.patch | 121 ++
...te_function_take_MemTxAttrs_argument.patch | 129 ++
...get-ppc-fix-xscvqpdp-register-access.patch | 41 +
...ad_function_take_MemTxAttrs_argument.patch | 222 +++
...rget-ppc-move-xscvqpdp-to-decodetree.patch | 130 ++
...uf_rw_function_propagate_MemTxResult.patch | 91 ++
...tore_fpscr-doesn-t-update-bits-0-to-.patch | 70 +
...ma_function_take_MemTxAttrs_argument.patch | 120 ++
...get-ppc-Introduce-TRANS-FLAGS-macros.patch | 133 ++
...ma_function_take_MemTxAttrs_argument.patch | 151 ++
...get-ppc-Implement-Vector-Expand-Mask.patch | 105 ++
...r_dma_function_propagate_MemTxResult.patch | 65 +
...et-ppc-Implement-Vector-Extract-Mask.patch | 141 ++
...r_dma_function_propagate_MemTxResult.patch | 175 ++
...ppc-Implement-Vector-Mask-Move-insns.patch | 187 +++
...ma_function_take_MemTxAttrs_argument.patch | 303 ++++
...xs-n-madd-am-ds-p-xs-n-msub-am-ds-p-.patch | 258 +++
...ma_function_take_MemTxAttrs_argument.patch | 271 +++
...mplement-xs-n-maddqp-o-xs-n-msubqp-o.patch | 174 ++
...i_dma_function_propagate_MemTxResult.patch | 47 +
...i_dma_function_propagate_MemTxResult.patch | 296 ++++
.../qemu/qemu/CVE-2021-3611_1.patch | 74 +
.../qemu/qemu/CVE-2021-3611_2.patch | 43 +
.../qemu/qemu/CVE-2021-3750-1.patch | 59 +
.../qemu/qemu/CVE-2021-3750-2.patch | 65 +
.../qemu/qemu/CVE-2021-3750-3.patch | 156 ++
meta/recipes-kernel/linux/linux-yocto-dev.bb | 2 +-
...4-fix-kernel-crash-caused-by-do_get_.patch | 94 ++
.../lttng/lttng-modules_2.13.4.bb | 1 +
...-tools_2.13.4.bb => lttng-tools_2.13.8.bb} | 2 +-
.../libtiff/tiff/CVE-2022-2867.patch | 129 ++
.../libtiff/tiff/CVE-2022-2869.patch | 84 +
...ed69a485a9cfb299d9f060eb2a46c54e5903.patch | 45 +
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 3 +
69 files changed, 8536 insertions(+), 68 deletions(-)
create mode 100644 meta/recipes-devtools/binutils/binutils/0018-CVE-2022-38128-1.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0018-CVE-2022-38128-2.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0018-CVE-2022-38128-3.patch
delete mode 100644 meta/recipes-devtools/python/python3/0001-gh-92036-Fix-gc_fini_untrack-GH-92037.patch
rename meta/recipes-devtools/python/{python3_3.10.4.bb => python3_3.10.7.bb} (99%)
create mode 100644 meta/recipes-devtools/qemu/qemu/0001-net-tulip-Restrict-DMA-engine-to-memories.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0001-softfloat-Extend-float_exception_flags-to-16-bits.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0001-use-uint32t-for-reply-queue-head-tail-values.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0002-softfloat-Add-flag-specific-to-Inf-Inf.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0002_let_dma_memory_valid_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0003-softfloat-Add-flag-specific-to-Inf-0.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0003_let_dma_memory_set_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0004-softfloat-Add-flags-specific-to-Inf-Inf-and-0-0.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0004_let_dma_memory_rw_relaxed_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0005-softfloat-Add-flag-specific-to-signaling-nans.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0005_let_dma_memory_rw_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0006-target-ppc-Update-float_invalid_op_addsub-for-new-fl.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0006_let_dma_memory_read_write_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0007-target-ppc-Update-float_invalid_op_mul-for-new-flags.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0007_let_dma_memory_map_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0008-target-ppc-Update-float_invalid_op_div-for-new-flags.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0008_have_dma_buf_rw_function_take_a_void_pointer.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0009-target-ppc-Update-fmadd-for-new-flags.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0009_have_dma_buf_read_and_dma_buf_write_functions_take_a_void.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0010-target-ppc-Split-out-do_fmadd.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0010_let_pci_dma_rw_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0011-target-ppc-Fix-xs-max-min-cj-dp-to-use-VSX-registers.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0011_let_dma_buf_rw_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0012-target-ppc-Move-xs-max-min-cj-dp-to-decodetree.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0012_let_dma_buf_write_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0013-target-ppc-fix-xscvqpdp-register-access.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0013_let_dma_buf_read_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0014-target-ppc-move-xscvqpdp-to-decodetree.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0014_let_dma_buf_rw_function_propagate_MemTxResult.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0015-target-ppc-ppc_store_fpscr-doesn-t-update-bits-0-to-.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0015_let_st_pointer_dma_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0016-target-ppc-Introduce-TRANS-FLAGS-macros.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0016_let_ld_pointer_dma_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0017-target-ppc-Implement-Vector-Expand-Mask.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0017_let_st_pointer_dma_function_propagate_MemTxResult.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0018-target-ppc-Implement-Vector-Extract-Mask.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0018_let_ld_pointer_dma_function_propagate_MemTxResult.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0019-target-ppc-Implement-Vector-Mask-Move-insns.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0019_let_st_pointer_pci_dma_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0020-target-ppc-move-xs-n-madd-am-ds-p-xs-n-msub-am-ds-p-.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0020_let_ld_pointer_pci_dma_function_take_MemTxAttrs_argument.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0021-target-ppc-implement-xs-n-maddqp-o-xs-n-msubqp-o.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0021_let_st_pointer_pci_dma_function_propagate_MemTxResult.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/0022_let_ld_pointer_pci_dma_function_propagate_MemTxResult.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3611_1.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3611_2.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3750-1.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3750-2.patch
create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-3750-3.patch
create mode 100644 meta/recipes-kernel/lttng/lttng-modules/0001-wrapper-powerpc64-fix-kernel-crash-caused-by-do_get_.patch
rename meta/recipes-kernel/lttng/{lttng-tools_2.13.4.bb => lttng-tools_2.13.8.bb} (98%)
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2022-2867.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2022-2869.patch
create mode 100644 meta/recipes-multimedia/libtiff/tiff/b258ed69a485a9cfb299d9f060eb2a46c54e5903.patch
--
2.25.1
^ permalink raw reply [flat|nested] 21+ messages in thread* [OE-core][kirkstone 00/13] Patch review
@ 2022-06-21 23:27 Steve Sakoman
0 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2022-06-21 23:27 UTC (permalink / raw)
To: openembedded-core
Please review this set of patches for kirkstone and have comments back by end
of day Thursday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3811
The following changes since commit b2d10487f80deb04a0893325a1ae79c8629a7655:
liberror-perl: Update sstate/equiv versions to clean cache (2022-06-17 05:02:15 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Alexander Kanavin (1):
python3: use built-in distutils for ptest, rather than setuptools'
'fork'
Davide Gardenal (1):
efivar: add musl libc compatibility
Dmitry Baryshkov (2):
linux-firmware: add support for building snapshots
linux-firmware: upgrade 20220509 -> 20220610
Marta Rybczynska (2):
cve-check: add support for Ignored CVEs
oeqa/selftest/cve_check: add tests for Ignored and partial reports
Martin Jansa (1):
mesa: backport a patch to support compositors without
zwp_linux_dmabuf_v1 again
Michael Opdenacker (1):
rootfs-postcommands.bbclass: correct comments
Nick Potenski (1):
systemd: systemd-systemctl: Support instance conf files during enable
Paulo Neves (2):
python: Avoid shebang overflow on python-config.py
gtk-doc: Fix potential shebang overflow on gtkdoc-mkhtml2
Richard Purdie (2):
python3: Remove problematic paths from sysroot files
python3: Ensure stale empty python module directories don't break the
build
meta/classes/cve-check.bbclass | 43 ++--
meta/classes/rootfs-postcommands.bbclass | 8 +-
meta/lib/oeqa/selftest/cases/cve_check.py | 82 ++++++++
.../efisecdb-fix-build-with-musl-libc.patch | 184 ++++++++++++++++++
meta/recipes-bsp/efivar/efivar_38.bb | 3 +-
.../systemd/systemd-systemctl/systemctl | 14 +-
...shebang-overflow-on-python-config.py.patch | 33 ++++
.../python3/deterministic_imports.patch | 32 +++
.../recipes-devtools/python/python3/run-ptest | 2 +-
.../recipes-devtools/python/python3_3.10.4.bb | 12 +-
meta/recipes-gnome/gtk-doc/gtk-doc_1.33.2.bb | 1 +
...nd-deprecate-drm_handle_format-and-d.patch | 158 +++++++++++++++
meta/recipes-graphics/mesa/mesa.inc | 1 +
...01-Makefile-replace-mkdir-by-install.patch | 84 --------
...20220509.bb => linux-firmware_20220610.bb} | 11 +-
15 files changed, 555 insertions(+), 113 deletions(-)
create mode 100644 meta/recipes-bsp/efivar/efivar/efisecdb-fix-build-with-musl-libc.patch
create mode 100644 meta/recipes-devtools/python/python3/0001-Avoid-shebang-overflow-on-python-config.py.patch
create mode 100644 meta/recipes-devtools/python/python3/deterministic_imports.patch
create mode 100644 meta/recipes-graphics/mesa/files/0001-Revert-egl-wayland-deprecate-drm_handle_format-and-d.patch
delete mode 100644 meta/recipes-kernel/linux-firmware/files/0001-Makefile-replace-mkdir-by-install.patch
rename meta/recipes-kernel/linux-firmware/{linux-firmware_20220509.bb => linux-firmware_20220610.bb} (99%)
--
2.25.1
^ permalink raw reply [flat|nested] 21+ messages in thread* [OE-core][kirkstone 00/13] Patch review
@ 2022-06-06 14:38 Steve Sakoman
0 siblings, 0 replies; 21+ messages in thread
From: Steve Sakoman @ 2022-06-06 14:38 UTC (permalink / raw)
To: openembedded-core
Please review this set of patches for kirkstone and have comments back by end
of day Wednesday.
This is a set of "housekeeping" commits: updating the Upstream-Status of patches
and removing obsolete patches.
The following changes since commit e63013cc38b82659658365da53b14952711d6701:
gcc: Upgrade to 11.3 release (2022-06-02 06:48:32 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Alexander Kanavin (3):
bash: submit patch upstream
valgrind: submit arm patches upstream
zip/unzip: mark all submittable patches as Inactive-Upstream
Jiaqing Zhao (4):
systemd: Drop 0001-test-parse-argument-Include-signal.h.patch
systemd: Remove __compare_fn_t type in musl-specific patch
systemd: Drop 0002-don-t-use-glibc-specific-qsort_r.patch
systemd: Correct path returned in sd_path_lookup()
Khem Raj (4):
systemd: Drop redundant musl patches
systemd: Document future actions needed for set of musl patches
systemd: Drop
0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch
systemd: Update patch status
Martin Jansa (1):
makedevs: Don't use COPYING.patch just to add license file into ${S}
Richard Purdie (1):
lzo: Add further info to a patch and mark as Inactive-Upstream
...sysctl.d-binfmt.d-modules-load.d-to-.patch | 73 ++++
...se-ROOTPREFIX-without-suffixed-slash.patch | 42 ---
...test-parse-argument-Include-signal.h.patch | 27 --
.../0002-Add-sys-stat.h-for-S_IFDIR.patch | 2 +-
...002-don-t-use-glibc-specific-qsort_r.patch | 163 ---------
...-missing_type.h-add-comparison_fn_t.patch} | 41 +--
...missing.h-check-for-missing-strndupa.patch | 14 +-
...008-add-missing-FTW_-macros-for-musl.patch | 3 +
..._register_atfork-for-non-glibc-build.patch | 3 +
...S_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch | 33 --
...ype.h-add-__compar_d_fn_t-definition.patch | 28 --
.../systemd/0019-Handle-missing-LOCK_EX.patch | 24 --
...ible-pointer-type-struct-sockaddr_un.patch | 38 --
.../0021-test-json.c-define-M_PIl.patch | 4 +
meta/recipes-core/systemd/systemd_250.5.bb | 10 +-
.../makedevs/makedevs/COPYING.patch | 346 ------------------
.../makedevs/makedevs/makedevs.c | 4 +
.../makedevs/makedevs_1.0.1.bb | 5 +-
...etting-mcpu-to-cortex-a8-on-arm-arch.patch | 2 +-
...n-for-targets-which-don-t-support-it.patch | 2 +-
...te-march-mcpu-mfpu-for-ARM-test-apps.patch | 2 +-
.../bash/bash/makerace2.patch | 2 +-
...ass-LDFLAGS-to-tests-doing-link-step.patch | 2 +-
.../unzip/unzip/CVE-2021-4217.patch | 2 +-
.../unzip/unzip/avoid-strip.patch | 2 +-
.../unzip/unzip/define-ldflags.patch | 2 +-
.../unzip/unzip/fix-security-format.patch | 2 +-
.../unzip/unzip/symlink.patch | 2 +-
...LAGS-and-LDFLAGS-when-doing-link-tes.patch | 2 +-
.../zip/zip-3.0/10-remove-build-date.patch | 2 +-
.../zip/zip-3.0/fix-security-format.patch | 2 +-
.../zipnote-crashes-with-segfault.patch | 2 +-
...Use-memcpy-instead-of-reinventing-it.patch | 10 +-
33 files changed, 136 insertions(+), 762 deletions(-)
create mode 100644 meta/recipes-core/systemd/systemd/0001-Move-sysusers.d-sysctl.d-binfmt.d-modules-load.d-to-.patch
delete mode 100644 meta/recipes-core/systemd/systemd/0001-systemd.pc.in-use-ROOTPREFIX-without-suffixed-slash.patch
delete mode 100644 meta/recipes-core/systemd/systemd/0001-test-parse-argument-Include-signal.h.patch
delete mode 100644 meta/recipes-core/systemd/systemd/0002-don-t-use-glibc-specific-qsort_r.patch
rename meta/recipes-core/systemd/systemd/{0003-missing_type.h-add-__compare_fn_t-and-comparison_fn_.patch => 0003-missing_type.h-add-comparison_fn_t.patch} (63%)
delete mode 100644 meta/recipes-core/systemd/systemd/0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch
delete mode 100644 meta/recipes-core/systemd/systemd/0017-missing_type.h-add-__compar_d_fn_t-definition.patch
delete mode 100644 meta/recipes-core/systemd/systemd/0019-Handle-missing-LOCK_EX.patch
delete mode 100644 meta/recipes-core/systemd/systemd/0020-Fix-incompatible-pointer-type-struct-sockaddr_un.patch
delete mode 100644 meta/recipes-devtools/makedevs/makedevs/COPYING.patch
--
2.25.1
^ permalink raw reply [flat|nested] 21+ messages in threadend of thread, other threads:[~2025-01-07 13:31 UTC | newest] Thread overview: 21+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2023-10-14 21:44 [OE-core][kirkstone 00/13] Patch review Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 01/13] libtiff: fix CVE-2022-40090 improved IFD-Loop handling Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 02/13] xdg-utils: Fix CVE-2022-4055 Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 03/13] binutils: Fix CVE-2022-44840 Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 04/13] binutils: Fix CVE-2022-45703 Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 05/13] vim: Upgrade 9.0.1894 -> 9.0.2009 Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 06/13] python3-urllib3: upgrade 1.26.9 -> 1.26.10 Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 07/13] python3-urllib3: upgrade 1.26.10 -> 1.26.11 Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 08/13] python3-urllib3: upgrade 1.26.11 -> 1.26.12 Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 09/13] python3-urllib3: upgrade 1.26.12 -> 1.26.13 Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 10/13] python3-urllib3: upgrade 1.26.13 -> 1.26.14 Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 11/13] python3-urllib3: upgrade 1.26.14 -> 1.26.15 Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 12/13] python3-urllib3: 1.26.15 -> 1.26.17 Steve Sakoman 2023-10-14 21:44 ` [OE-core][kirkstone 13/13] apt: add missing <cstdint> for uint16_t Steve Sakoman -- strict thread matches above, loose matches on Subject: below -- 2025-01-07 13:31 [OE-core][kirkstone 00/13] Patch review Steve Sakoman 2023-05-31 2:34 Steve Sakoman 2023-04-29 17:20 Steve Sakoman 2023-02-01 22:15 Steve Sakoman 2022-10-17 23:08 Steve Sakoman 2022-06-21 23:27 Steve Sakoman 2022-06-06 14:38 Steve Sakoman
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox