* [OE-core][kirkstone 0/7] Patch review
@ 2022-08-04 14:06 Steve Sakoman
0 siblings, 0 replies; 22+ messages in thread
From: Steve Sakoman @ 2022-08-04 14:06 UTC (permalink / raw)
To: openembedded-core
Please review this set of patches for kirkstone and have comments back
by end of day Sunday.
This should be the almost final set of patches for the 4.0.3 release -
there remains an intermittent linux-yocto reproducibility issue that
needs to get fixed.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/4015
The following changes since commit 3564ce3d9b2030dd420362c66147bd327090915c:
initscripts: run umountnfs as a KILL script (2022-07-28 05:32:25 -1000)
are available in the Git repository at:
git://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Alex Kiernan (1):
openssh: Add openssh-sftp-server to openssh RDEPENDS
Dmitry Baryshkov (1):
linux-firwmare: restore WHENCE_CHKSUM variable
Khem Raj (1):
libgcc: Fix standalone target builds with usrmerge distro feature
Martin Jansa (1):
kernel.bbclass: pass LD also in savedefconfig
Mingli Yu (1):
strace: set COMPATIBLE_HOST for riscv32
Shruthi Ravichandran (1):
package_manager/ipk: do not pipe stderr to stdout
Sundeep KOKKONDA (1):
binutils: stable 2.38 branch updates
meta/classes/kernel.bbclass | 2 +-
meta/lib/oe/package_manager/ipk/__init__.py | 23 +++++++++++--------
.../openssh/openssh_8.9p1.bb | 2 +-
.../binutils/binutils-2.38.inc | 2 +-
meta/recipes-devtools/gcc/libgcc-common.inc | 8 +++++--
meta/recipes-devtools/strace/strace_5.16.bb | 3 +++
.../linux-firmware/linux-firmware_20220708.bb | 5 +++-
7 files changed, 29 insertions(+), 16 deletions(-)
--
2.25.1
^ permalink raw reply [flat|nested] 22+ messages in thread
* [OE-core][kirkstone 0/7] Patch review
@ 2023-04-15 15:26 Steve Sakoman
0 siblings, 0 replies; 22+ messages in thread
From: Steve Sakoman @ 2023-04-15 15:26 UTC (permalink / raw)
To: openembedded-core
Please review this set of patches for kirkstone and have comments back by
end of day Tuesday.
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5185
The following changes since commit ff4b57ffff903a93b710284c7c7f916ddd74712f:
uninative: Upgrade to 3.9 to include glibc 2.37 (2023-04-04 05:32:01 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Hitendra Prajapati (2):
curl: CVE-2023-27533 TELNET option IAC injection
curl: CVE-2023-27534 SFTP path resolving discrepancy
Joe Slater (1):
go: fix CVE-2022-41724, 41725
Mark Hatle (1):
openssl: Move microblaze to linux-latomic config
Pawan Badganchi (1):
tiff: Add fix for CVE-2022-4645
Peter Marko (1):
package.bbclass: correct check for /build in copydebugsources()
Yash Shinde (1):
binutils : Fix CVE-2023-1579
meta/classes/package.bbclass | 2 +-
.../openssl/openssl_3.0.8.bb | 4 +-
.../binutils/binutils-2.38.inc | 4 +
.../binutils/0021-CVE-2023-1579-1.patch | 459 ++++
.../binutils/0021-CVE-2023-1579-2.patch | 2127 +++++++++++++++
.../binutils/0021-CVE-2023-1579-3.patch | 156 ++
.../binutils/0021-CVE-2023-1579-4.patch | 37 +
meta/recipes-devtools/go/go-1.17.13.inc | 5 +-
.../go/go-1.19/add_godebug.patch | 84 +
.../go/go-1.19/cve-2022-41724.patch | 2391 +++++++++++++++++
.../go/go-1.19/cve-2022-41725.patch | 652 +++++
...-of-TIFFTAG_INKNAMES-and-related-TIF.patch | 5 +-
.../curl/curl/CVE-2023-27533.patch | 208 ++
.../curl/curl/CVE-2023-27534.patch | 122 +
meta/recipes-support/curl/curl_7.82.0.bb | 2 +
15 files changed, 6252 insertions(+), 6 deletions(-)
create mode 100644 meta/recipes-devtools/binutils/binutils/0021-CVE-2023-1579-1.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0021-CVE-2023-1579-2.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0021-CVE-2023-1579-3.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0021-CVE-2023-1579-4.patch
create mode 100644 meta/recipes-devtools/go/go-1.19/add_godebug.patch
create mode 100644 meta/recipes-devtools/go/go-1.19/cve-2022-41724.patch
create mode 100644 meta/recipes-devtools/go/go-1.19/cve-2022-41725.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2023-27533.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2023-27534.patch
--
2.34.1
^ permalink raw reply [flat|nested] 22+ messages in thread
* [OE-core][kirkstone 0/7] Patch review
@ 2023-10-30 2:20 Steve Sakoman
0 siblings, 0 replies; 22+ messages in thread
From: Steve Sakoman @ 2023-10-30 2:20 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kirkstone and have comments back by
end of day Tuesday, October 31
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6115
The following changes since commit 7681436190354b5c5b6c3a82b3094badd81113de:
vim: Upgrade 9.0.2009 -> 9.0.2048 (2023-10-20 06:38:00 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Archana Polampalli (2):
curl: fix CVE-2023-38545
curl: fix CVE-2023-38546
Fahad Arslan (2):
linux-firmware: create separate package for cirrus and cnm firmwares
linux-firmware: create separate packages
Niko Mauno (1):
package_rpm: Allow compression mode override
Peter Marko (1):
openssl: Upgrade 3.0.11 -> 3.0.12
Steve Sakoman (1):
cve-exclusion_5.10.inc: update for 5.10.197
meta/classes/package_rpm.bbclass | 6 +-
.../{openssl_3.0.11.bb => openssl_3.0.12.bb} | 2 +-
.../linux-firmware/linux-firmware_20230804.bb | 260 +++++++++++++++++-
.../linux/cve-exclusion_5.10.inc | 123 +++++++--
.../curl/curl/CVE-2023-38545.patch | 133 +++++++++
.../curl/curl/CVE-2023-38546.patch | 137 +++++++++
meta/recipes-support/curl/curl_7.82.0.bb | 2 +
7 files changed, 633 insertions(+), 30 deletions(-)
rename meta/recipes-connectivity/openssl/{openssl_3.0.11.bb => openssl_3.0.12.bb} (99%)
create mode 100644 meta/recipes-support/curl/curl/CVE-2023-38545.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2023-38546.patch
--
2.34.1
^ permalink raw reply [flat|nested] 22+ messages in thread
* [OE-core][kirkstone 0/7] Patch review
@ 2023-11-08 22:52 Steve Sakoman
0 siblings, 0 replies; 22+ messages in thread
From: Steve Sakoman @ 2023-11-08 22:52 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kirkstone and have comments back by
end of day Friday, November 10
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6158
The following changes since commit 0eb8e67aa6833df0cde29833568a70e65c21d7e5:
build-appliance-image: Update to kirkstone head revision (2023-11-03 04:27:49 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Narpat Mali (1):
python3-jinja2: Fixed ptest result output as per the standard
Ross Burton (3):
cve-check: sort the package list in the JSON report
cve-check: slightly more verbose warning when adding the same package
twice
cve-check: don't warn if a patch is remote
Sanjana (1):
binutils: Fix CVE-2022-47010
Soumya Sambu (1):
libwebp: Fix CVE-2023-4863
Vijay Anusuri (1):
xserver-xorg: Fix for CVE-2023-5367 and CVE-2023-5380
meta/classes/cve-check.bbclass | 2 +
meta/lib/oe/cve_check.py | 13 +--
.../binutils/binutils-2.38.inc | 1 +
.../binutils/0032-CVE-2022-47010.patch | 38 +++++++
.../python/python3-jinja2/run-ptest | 2 +-
.../xserver-xorg/CVE-2023-5367.patch | 84 +++++++++++++++
.../xserver-xorg/CVE-2023-5380.patch | 102 ++++++++++++++++++
.../xorg-xserver/xserver-xorg_21.1.8.bb | 2 +
...23-5129.patch => CVE-2023-4863-0001.patch} | 20 ++--
.../webp/files/CVE-2023-4863-0002.patch | 53 +++++++++
meta/recipes-multimedia/webp/libwebp_1.2.4.bb | 3 +-
11 files changed, 303 insertions(+), 17 deletions(-)
create mode 100644 meta/recipes-devtools/binutils/binutils/0032-CVE-2022-47010.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-5367.patch
create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-5380.patch
rename meta/recipes-multimedia/webp/files/{CVE-2023-5129.patch => CVE-2023-4863-0001.patch} (97%)
create mode 100644 meta/recipes-multimedia/webp/files/CVE-2023-4863-0002.patch
--
2.34.1
^ permalink raw reply [flat|nested] 22+ messages in thread
* [OE-core][kirkstone 0/7] Patch review
@ 2024-01-17 15:58 Steve Sakoman
0 siblings, 0 replies; 22+ messages in thread
From: Steve Sakoman @ 2024-01-17 15:58 UTC (permalink / raw)
To: openembedded-core
Please reviwe this set of changes for kirkstone and have comments back by
end of day Friday, January 19
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6458
The following changes since commit 8e27f96c0befbbb5cf8a2f7076b7a1ffd79addb6:
linux-firmware: upgrade 20230804 -> 20231030 (2024-01-09 05:50:24 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Hitendra Prajapati (1):
systemd: fix CVE-2023-7008
Martin Jansa (1):
pybootchartgui: fix 2 SyntaxWarnings
Peter Marko (2):
sqlite3: backport patch for CVE-2023-7104
zlib: ignore CVE-2023-6992
Poonam Jadhav (1):
Revert "curl: Backport fix CVE-2023-32001"
Soumya Sambu (1):
cpio: upgrade to 2.14
Vivek Kumbhar (1):
openssl: Backport fix for CVE-2023-6129
.../openssl/openssl/CVE-2023-6129.patch | 113 ++++
.../openssl/openssl_3.0.12.bb | 1 +
.../systemd/systemd/CVE-2023-7008.patch | 40 ++
meta/recipes-core/systemd/systemd_250.5.bb | 1 +
meta/recipes-core/zlib/zlib_1.2.11.bb | 3 +
...charset_alias-when-building-for-musl.patch | 30 -
...ove-superfluous-declaration-of-progr.patch | 28 -
...-calculation-of-CRC-in-copy-out-mode.patch | 58 --
...appending-to-archives-bigger-than-2G.patch | 312 ----------
.../cpio/cpio-2.13/CVE-2021-38185.patch | 581 ------------------
.../cpio/{cpio_2.13.bb => cpio_2.14.bb} | 9 +-
...e-needed-header-for-major-minor-macr.patch | 47 ++
.../curl/curl/CVE-2023-32001.patch | 39 --
meta/recipes-support/curl/curl_7.82.0.bb | 1 -
.../sqlite/files/CVE-2023-7104.patch | 44 ++
meta/recipes-support/sqlite/sqlite3_3.38.5.bb | 1 +
scripts/pybootchartgui/pybootchartgui/draw.py | 4 +-
17 files changed, 254 insertions(+), 1058 deletions(-)
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2023-6129.patch
create mode 100644 meta/recipes-core/systemd/systemd/CVE-2023-7008.patch
delete mode 100644 meta/recipes-extended/cpio/cpio-2.13/0001-Unset-need_charset_alias-when-building-for-musl.patch
delete mode 100644 meta/recipes-extended/cpio/cpio-2.13/0002-src-global.c-Remove-superfluous-declaration-of-progr.patch
delete mode 100644 meta/recipes-extended/cpio/cpio-2.13/0003-Fix-calculation-of-CRC-in-copy-out-mode.patch
delete mode 100644 meta/recipes-extended/cpio/cpio-2.13/0004-Fix-appending-to-archives-bigger-than-2G.patch
delete mode 100644 meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch
rename meta/recipes-extended/cpio/{cpio_2.13.bb => cpio_2.14.bb} (74%)
create mode 100644 meta/recipes-extended/cpio/files/0001-configure-Include-needed-header-for-major-minor-macr.patch
delete mode 100644 meta/recipes-support/curl/curl/CVE-2023-32001.patch
create mode 100644 meta/recipes-support/sqlite/files/CVE-2023-7104.patch
--
2.34.1
^ permalink raw reply [flat|nested] 22+ messages in thread
* [OE-core][kirkstone 0/7] Patch review
@ 2024-02-06 15:45 Steve Sakoman
2024-02-06 15:45 ` [OE-core][kirkstone 1/7] curl: ignore CVE-2023-42915 Steve Sakoman
` (6 more replies)
0 siblings, 7 replies; 22+ messages in thread
From: Steve Sakoman @ 2024-02-06 15:45 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kirkstone and have comments back by
end of day Thursday, February 8
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6539
The following changes since commit 60d88989698968c13f8e641f0ba1a82fcf700fb7:
image-live.bbclass: LIVE_ROOTFS_TYPE support compression (2024-01-30 07:10:42 -1000)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Deepthi Hemraj (4):
binutils: internal gdb: Fix CVE-2023-39129
binutils: internal gdb: Fix CVE-2023-39130
gdb: Fix CVE-2023-39129
gdb: Fix CVE-2023-39130
Peter Marko (3):
curl: ignore CVE-2023-42915
gcc-shared-source: ignore CVE-2023-4039
openssl: Upgrade 3.0.12 -> 3.0.13
.../openssl/openssl/CVE-2023-5678.patch | 180 ----------
.../openssl/openssl/CVE-2023-6129.patch | 113 ------
.../openssl/openssl/CVE-2023-6237.patch | 127 -------
.../{openssl_3.0.12.bb => openssl_3.0.13.bb} | 6 +-
.../binutils/binutils-2.38.inc | 2 +
.../binutils/0035-CVE-2023-39129.patch | 50 +++
.../binutils/0036-CVE-2023-39130.patch | 326 ++++++++++++++++++
.../gcc/gcc-shared-source.inc | 3 +
meta/recipes-devtools/gdb/gdb.inc | 2 +
.../gdb/gdb/0012-CVE-2023-39129.patch | 50 +++
.../gdb/gdb/0013-CVE-2023-39130.patch | 326 ++++++++++++++++++
meta/recipes-support/curl/curl_7.82.0.bb | 3 +
12 files changed, 764 insertions(+), 424 deletions(-)
delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2023-5678.patch
delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2023-6129.patch
delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2023-6237.patch
rename meta/recipes-connectivity/openssl/{openssl_3.0.12.bb => openssl_3.0.13.bb} (97%)
create mode 100644 meta/recipes-devtools/binutils/binutils/0035-CVE-2023-39129.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0036-CVE-2023-39130.patch
create mode 100644 meta/recipes-devtools/gdb/gdb/0012-CVE-2023-39129.patch
create mode 100644 meta/recipes-devtools/gdb/gdb/0013-CVE-2023-39130.patch
--
2.34.1
^ permalink raw reply [flat|nested] 22+ messages in thread
* [OE-core][kirkstone 1/7] curl: ignore CVE-2023-42915
2024-02-06 15:45 [OE-core][kirkstone 0/7] Patch review Steve Sakoman
@ 2024-02-06 15:45 ` Steve Sakoman
2024-02-06 15:45 ` [OE-core][kirkstone 2/7] binutils: internal gdb: Fix CVE-2023-39129 Steve Sakoman
` (5 subsequent siblings)
6 siblings, 0 replies; 22+ messages in thread
From: Steve Sakoman @ 2024-02-06 15:45 UTC (permalink / raw)
To: openembedded-core
From: Peter Marko <peter.marko@siemens.com>
This CVE reports that apple had to upgrade curl because of other
already reported CVEs:
* CVE-2023-38039: not affected, introduced in 7.84.0
* CVE-2023-38545: patch already backported
* CVE-2023-38546: patch already backported
* CVE-2023-42915: reference to itself
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-support/curl/curl_7.82.0.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-support/curl/curl_7.82.0.bb b/meta/recipes-support/curl/curl_7.82.0.bb
index 9e9ff00bf7..965f05bc98 100644
--- a/meta/recipes-support/curl/curl_7.82.0.bb
+++ b/meta/recipes-support/curl/curl_7.82.0.bb
@@ -60,6 +60,9 @@ SRC_URI[sha256sum] = "0aaa12d7bd04b0966254f2703ce80dd5c38dbbd76af0297d3d690cdce5
# Curl has used many names over the years...
CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl daniel_stenberg:curl"
+# This CVE reports that apple had to upgrade curl because of other already reported CVEs
+CVE_CHECK_IGNORE += "CVE-2023-42915"
+
inherit autotools pkgconfig binconfig multilib_header
# Entropy source for random PACKAGECONFIG option
--
2.34.1
^ permalink raw reply related [flat|nested] 22+ messages in thread
* [OE-core][kirkstone 2/7] binutils: internal gdb: Fix CVE-2023-39129
2024-02-06 15:45 [OE-core][kirkstone 0/7] Patch review Steve Sakoman
2024-02-06 15:45 ` [OE-core][kirkstone 1/7] curl: ignore CVE-2023-42915 Steve Sakoman
@ 2024-02-06 15:45 ` Steve Sakoman
2024-02-06 15:45 ` [OE-core][kirkstone 3/7] binutils: internal gdb: Fix CVE-2023-39130 Steve Sakoman
` (4 subsequent siblings)
6 siblings, 0 replies; 22+ messages in thread
From: Steve Sakoman @ 2024-02-06 15:45 UTC (permalink / raw)
To: openembedded-core
From: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
CVE: CVE-2023-39129
Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../binutils/binutils-2.38.inc | 1 +
.../binutils/0035-CVE-2023-39129.patch | 50 +++++++++++++++++++
2 files changed, 51 insertions(+)
create mode 100644 meta/recipes-devtools/binutils/binutils/0035-CVE-2023-39129.patch
diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc
index 3787063cba..83dff20855 100644
--- a/meta/recipes-devtools/binutils/binutils-2.38.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.38.inc
@@ -69,5 +69,6 @@ SRC_URI = "\
file://0032-CVE-2022-47010.patch \
file://0033-CVE-2022-47007.patch \
file://0034-CVE-2022-48064.patch \
+ file://0035-CVE-2023-39129.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/0035-CVE-2023-39129.patch b/meta/recipes-devtools/binutils/binutils/0035-CVE-2023-39129.patch
new file mode 100644
index 0000000000..63fb44d59a
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0035-CVE-2023-39129.patch
@@ -0,0 +1,50 @@
+From: Keith Seitz <keiths@...>
+Date: Wed, 2 Aug 2023 15:35:11 +0000 (-0700)
+Subject: Verify COFF symbol stringtab offset
+X-Git-Tag: gdb-14-branchpoint~473
+X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=58abdf887821a5da09ba184c6e400a3bc5cccd5a
+
+Verify COFF symbol stringtab offset
+
+This patch addresses an issue with malformed/fuzzed debug information that
+was recently reported in gdb/30639. That bug specifically deals with
+an ASAN issue, but the reproducer provided by the reporter causes a
+another failure outside of ASAN:
+
+Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=58abdf887821a5da09ba184c6e400a3bc5cccd5a]
+
+CVE: CVE-2023-39129
+
+Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
+
+diff --git a/gdb/coffread.c b/gdb/coffread.c
+--- a/gdb/coffread.c
++++ b/gdb/coffread.c
+@@ -159,6 +160,7 @@ static file_ptr linetab_offset;
+ static file_ptr linetab_size;
+
+ static char *stringtab = NULL;
++static long stringtab_length = 0;
+
+ extern void stabsread_clear_cache (void);
+
+@@ -1303,6 +1298,7 @@ init_stringtab (bfd *abfd, file_ptr offset, gdb::unique_xmalloc_ptr<char> *stora
+ /* This is in target format (probably not very useful, and not
+ currently used), not host format. */
+ memcpy (stringtab, lengthbuf, sizeof lengthbuf);
++ stringtab_length = length;
+ if (length == sizeof length) /* Empty table -- just the count. */
+ return 0;
+
+@@ -1322,8 +1318,9 @@ getsymname (struct internal_syment *symbol_entry)
+
+ if (symbol_entry->_n._n_n._n_zeroes == 0)
+ {
+- /* FIXME: Probably should be detecting corrupt symbol files by
+- seeing whether offset points to within the stringtab. */
++ if (symbol_entry->_n._n_n._n_offset > stringtab_length)
++ error (_("COFF Error: string table offset (%ld) outside string table (length %ld)"),
++ symbol_entry->_n._n_n._n_offset, stringtab_length);
+ result = stringtab + symbol_entry->_n._n_n._n_offset;
+ }
+ else
--
2.34.1
^ permalink raw reply related [flat|nested] 22+ messages in thread
* [OE-core][kirkstone 3/7] binutils: internal gdb: Fix CVE-2023-39130
2024-02-06 15:45 [OE-core][kirkstone 0/7] Patch review Steve Sakoman
2024-02-06 15:45 ` [OE-core][kirkstone 1/7] curl: ignore CVE-2023-42915 Steve Sakoman
2024-02-06 15:45 ` [OE-core][kirkstone 2/7] binutils: internal gdb: Fix CVE-2023-39129 Steve Sakoman
@ 2024-02-06 15:45 ` Steve Sakoman
2024-02-06 15:45 ` [OE-core][kirkstone 4/7] gdb: Fix CVE-2023-39129 Steve Sakoman
` (3 subsequent siblings)
6 siblings, 0 replies; 22+ messages in thread
From: Steve Sakoman @ 2024-02-06 15:45 UTC (permalink / raw)
To: openembedded-core
From: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
CVE: CVE-2023-39130
Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../binutils/binutils-2.38.inc | 1 +
.../binutils/0036-CVE-2023-39130.patch | 326 ++++++++++++++++++
2 files changed, 327 insertions(+)
create mode 100644 meta/recipes-devtools/binutils/binutils/0036-CVE-2023-39130.patch
diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc
index 83dff20855..bbe7bb57b2 100644
--- a/meta/recipes-devtools/binutils/binutils-2.38.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.38.inc
@@ -70,5 +70,6 @@ SRC_URI = "\
file://0033-CVE-2022-47007.patch \
file://0034-CVE-2022-48064.patch \
file://0035-CVE-2023-39129.patch \
+ file://0036-CVE-2023-39130.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/0036-CVE-2023-39130.patch b/meta/recipes-devtools/binutils/binutils/0036-CVE-2023-39130.patch
new file mode 100644
index 0000000000..bfd5b18d7d
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0036-CVE-2023-39130.patch
@@ -0,0 +1,326 @@
+From 2db20b97f1dc3e5dce3d6ed74a8a62f0dede8c80 Mon Sep 17 00:00:00 2001
+From: Alan Modra <amodra@gmail.com>
+Date: Wed, 9 Aug 2023 09:58:36 +0930
+Subject: [PATCH] gdb: warn unused result for bfd IO functions
+
+This fixes the compilation warnings introduced by my bfdio.c patch.
+
+The removed bfd_seeks in coff_symfile_read date back to 1994, commit
+7f4c859520, prior to which the file used stdio rather than bfd to read
+symbols. Since it now uses bfd to read the file there should be no
+need to synchronise to bfd's idea of the file position. I also fixed
+a potential uninitialised memory access.
+
+Approved-By: Andrew Burgess <aburgess@redhat.com>
+
+Upstream-Status: Backport from [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=2db20b97f1dc3e5dce3d6ed74a8a62f0dede8c80]
+CVE: CVE-2023-39130
+Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
+---
+ gdb/coff-pe-read.c | 114 +++++++++++++++++++++++++++++----------------
+ gdb/coffread.c | 27 ++---------
+ gdb/dbxread.c | 7 +--
+ gdb/xcoffread.c | 5 +-
+ 4 files changed, 85 insertions(+), 68 deletions(-)
+
+diff --git a/gdb/coff-pe-read.c b/gdb/coff-pe-read.c
+--- a/gdb/coff-pe-read.c
++++ b/gdb/coff-pe-read.c
+@@ -291,23 +291,31 @@ read_pe_truncate_name (char *dll_name)
+ \f
+ /* Low-level support functions, direct from the ld module pe-dll.c. */
+ static unsigned int
+-pe_get16 (bfd *abfd, int where)
++pe_get16 (bfd *abfd, int where, bool *fail)
+ {
+ unsigned char b[2];
+
+- bfd_seek (abfd, (file_ptr) where, SEEK_SET);
+- bfd_bread (b, (bfd_size_type) 2, abfd);
++ if (bfd_seek (abfd, where, SEEK_SET) != 0
++ || bfd_bread (b, 2, abfd) != 2)
++ {
++ *fail = true;
++ return 0;
++ }
+ return b[0] + (b[1] << 8);
+ }
+
+ static unsigned int
+-pe_get32 (bfd *abfd, int where)
++pe_get32 (bfd *abfd, int where, bool *fail)
+ {
+ unsigned char b[4];
+
+- bfd_seek (abfd, (file_ptr) where, SEEK_SET);
+- bfd_bread (b, (bfd_size_type) 4, abfd);
+- return b[0] + (b[1] << 8) + (b[2] << 16) + (b[3] << 24);
++ if (bfd_seek (abfd, where, SEEK_SET) != 0
++ || bfd_bread (b, 4, abfd) != 4)
++ {
++ *fail = true;
++ return 0;
++ }
++ return b[0] + (b[1] << 8) + (b[2] << 16) + ((unsigned) b[3] << 24);
+ }
+
+ static unsigned int
+@@ -323,7 +331,7 @@ pe_as32 (void *ptr)
+ {
+ unsigned char *b = (unsigned char *) ptr;
+
+- return b[0] + (b[1] << 8) + (b[2] << 16) + (b[3] << 24);
++ return b[0] + (b[1] << 8) + (b[2] << 16) + ((unsigned) b[3] << 24);
+ }
+ \f
+ /* Read the (non-debug) export symbol table from a portable
+@@ -376,37 +384,50 @@ read_pe_exported_syms (minimal_symbol_re
+ || strcmp (target, "pei-i386") == 0
+ || strcmp (target, "pe-arm-wince-little") == 0
+ || strcmp (target, "pei-arm-wince-little") == 0);
++
++ /* Possibly print a debug message about DLL not having a valid format. */
++ auto maybe_print_debug_msg = [&] () -> void {
++ if (debug_coff_pe_read)
++ fprintf_unfiltered (gdb_stdlog, _("%s doesn't appear to be a DLL\n"),
++ bfd_get_filename (dll));
++ };
++
+ if (!is_pe32 && !is_pe64)
+- {
+- /* This is not a recognized PE format file. Abort now, because
+- the code is untested on anything else. *FIXME* test on
+- further architectures and loosen or remove this test. */
+- return;
+- }
++ return maybe_print_debug_msg ();
+
+ /* Get pe_header, optional header and numbers of export entries. */
+- pe_header_offset = pe_get32 (dll, 0x3c);
++ bool fail = false;
++ pe_header_offset = pe_get32 (dll, 0x3c, &fail);
++ if (fail)
++ return maybe_print_debug_msg ();
+ opthdr_ofs = pe_header_offset + 4 + 20;
+ if (is_pe64)
+- num_entries = pe_get32 (dll, opthdr_ofs + 108);
++ num_entries = pe_get32 (dll, opthdr_ofs + 108, &fail);
+ else
+- num_entries = pe_get32 (dll, opthdr_ofs + 92);
++ num_entries = pe_get32 (dll, opthdr_ofs + 92, &fail);
++ if (fail)
++ return maybe_print_debug_msg ();
+
+ if (num_entries < 1) /* No exports. */
+ return;
+ if (is_pe64)
+ {
+- export_opthdrrva = pe_get32 (dll, opthdr_ofs + 112);
+- export_opthdrsize = pe_get32 (dll, opthdr_ofs + 116);
++ export_opthdrrva = pe_get32 (dll, opthdr_ofs + 112, &fail);
++ export_opthdrsize = pe_get32 (dll, opthdr_ofs + 116, &fail);
+ }
+ else
+ {
+- export_opthdrrva = pe_get32 (dll, opthdr_ofs + 96);
+- export_opthdrsize = pe_get32 (dll, opthdr_ofs + 100);
++ export_opthdrrva = pe_get32 (dll, opthdr_ofs + 96, &fail);
++ export_opthdrsize = pe_get32 (dll, opthdr_ofs + 100, &fail);
+ }
+- nsections = pe_get16 (dll, pe_header_offset + 4 + 2);
++ if (fail)
++ return maybe_print_debug_msg ();
++
++ nsections = pe_get16 (dll, pe_header_offset + 4 + 2, &fail);
+ secptr = (pe_header_offset + 4 + 20 +
+- pe_get16 (dll, pe_header_offset + 4 + 16));
++ pe_get16 (dll, pe_header_offset + 4 + 16, &fail));
++ if (fail)
++ return maybe_print_debug_msg ();
+ expptr = 0;
+ export_size = 0;
+
+@@ -415,12 +436,13 @@ read_pe_exported_syms (minimal_symbol_re
+ {
+ char sname[8];
+ unsigned long secptr1 = secptr + 40 * i;
+- unsigned long vaddr = pe_get32 (dll, secptr1 + 12);
+- unsigned long vsize = pe_get32 (dll, secptr1 + 16);
+- unsigned long fptr = pe_get32 (dll, secptr1 + 20);
+-
+- bfd_seek (dll, (file_ptr) secptr1, SEEK_SET);
+- bfd_bread (sname, (bfd_size_type) sizeof (sname), dll);
++ unsigned long vaddr = pe_get32 (dll, secptr1 + 12, &fail);
++ unsigned long vsize = pe_get32 (dll, secptr1 + 16, &fail);
++ unsigned long fptr = pe_get32 (dll, secptr1 + 20, &fail);
++
++ if (fail
++ || bfd_seek (dll, secptr1, SEEK_SET) != 0
++ || bfd_bread (sname, sizeof (sname), dll) != sizeof (sname))
+
+ if ((strcmp (sname, ".edata") == 0)
+ || (vaddr <= export_opthdrrva && export_opthdrrva < vaddr + vsize))
+@@ -461,16 +483,18 @@ read_pe_exported_syms (minimal_symbol_re
+ for (i = 0; i < nsections; i++)
+ {
+ unsigned long secptr1 = secptr + 40 * i;
+- unsigned long vsize = pe_get32 (dll, secptr1 + 8);
+- unsigned long vaddr = pe_get32 (dll, secptr1 + 12);
+- unsigned long characteristics = pe_get32 (dll, secptr1 + 36);
++ unsigned long vsize = pe_get32 (dll, secptr1 + 8, &fail);
++ unsigned long vaddr = pe_get32 (dll, secptr1 + 12, &fail);
++ unsigned long characteristics = pe_get32 (dll, secptr1 + 36, &fail);
+ char sec_name[SCNNMLEN + 1];
+ int sectix;
+ unsigned int bfd_section_index;
+ asection *section;
+
+- bfd_seek (dll, (file_ptr) secptr1 + 0, SEEK_SET);
+- bfd_bread (sec_name, (bfd_size_type) SCNNMLEN, dll);
++ if (fail
++ || bfd_seek (dll, secptr1 + 0, SEEK_SET) != 0
++ || bfd_bread (sec_name, SCNNMLEN, dll) != SCNNMLEN)
++ return maybe_print_debug_msg ();
+ sec_name[SCNNMLEN] = '\0';
+
+ sectix = read_pe_section_index (sec_name);
+@@ -509,8 +533,9 @@ read_pe_exported_syms (minimal_symbol_re
+ gdb::def_vector<unsigned char> expdata_storage (export_size);
+ expdata = expdata_storage.data ();
+
+- bfd_seek (dll, (file_ptr) expptr, SEEK_SET);
+- bfd_bread (expdata, (bfd_size_type) export_size, dll);
++ if (bfd_seek (dll, expptr, SEEK_SET) != 0
++ || bfd_bread (expdata, export_size, dll) != export_size)
++ return maybe_print_debug_msg ();
+ erva = expdata - export_rva;
+
+ nexp = pe_as32 (expdata + 24);
+@@ -658,20 +683,27 @@ pe_text_section_offset (struct bfd *abfd
+ }
+
+ /* Get pe_header, optional header and numbers of sections. */
+- pe_header_offset = pe_get32 (abfd, 0x3c);
+- nsections = pe_get16 (abfd, pe_header_offset + 4 + 2);
++ bool fail = false;
++ pe_header_offset = pe_get32 (abfd, 0x3c, &fail);
++ if (fail)
++ return DEFAULT_COFF_PE_TEXT_SECTION_OFFSET;
++ nsections = pe_get16 (abfd, pe_header_offset + 4 + 2, &fail);
+ secptr = (pe_header_offset + 4 + 20 +
+- pe_get16 (abfd, pe_header_offset + 4 + 16));
++ pe_get16 (abfd, pe_header_offset + 4 + 16, &fail));
++ if (fail)
++ return DEFAULT_COFF_PE_TEXT_SECTION_OFFSET;
+
+ /* Get the rva and size of the export section. */
+ for (i = 0; i < nsections; i++)
+ {
+ char sname[SCNNMLEN + 1];
+ unsigned long secptr1 = secptr + 40 * i;
+- unsigned long vaddr = pe_get32 (abfd, secptr1 + 12);
++ unsigned long vaddr = pe_get32 (abfd, secptr1 + 12, &fail);
+
+- bfd_seek (abfd, (file_ptr) secptr1, SEEK_SET);
+- bfd_bread (sname, (bfd_size_type) SCNNMLEN, abfd);
++ if (fail
++ || bfd_seek (abfd, secptr1, SEEK_SET) != 0
++ || bfd_bread (sname, SCNNMLEN, abfd) != SCNNMLEN)
++ return DEFAULT_COFF_PE_TEXT_SECTION_OFFSET;
+ sname[SCNNMLEN] = '\0';
+ if (strcmp (sname, ".text") == 0)
+ return vaddr;
+diff --git a/gdb/coffread.c b/gdb/coffread.c
+--- a/gdb/coffread.c
++++ b/gdb/coffread.c
+@@ -690,8 +690,6 @@ coff_symfile_read (struct objfile *objfi
+
+ /* FIXME: dubious. Why can't we use something normal like
+ bfd_get_section_contents? */
+- bfd_seek (abfd, abfd->where, 0);
+-
+ stabstrsize = bfd_section_size (info->stabstrsect);
+
+ coffstab_build_psymtabs (objfile,
+@@ -780,22 +778,6 @@ coff_symtab_read (minimal_symbol_reader
+
+ scoped_free_pendings free_pending;
+
+- /* Work around a stdio bug in SunOS4.1.1 (this makes me nervous....
+- it's hard to know I've really worked around it. The fix should
+- be harmless, anyway). The symptom of the bug is that the first
+- fread (in read_one_sym), will (in my example) actually get data
+- from file offset 268, when the fseek was to 264 (and ftell shows
+- 264). This causes all hell to break loose. I was unable to
+- reproduce this on a short test program which operated on the same
+- file, performing (I think) the same sequence of operations.
+-
+- It stopped happening when I put in this (former) rewind().
+-
+- FIXME: Find out if this has been reported to Sun, whether it has
+- been fixed in a later release, etc. */
+-
+- bfd_seek (objfile->obfd, 0, 0);
+-
+ /* Position to read the symbol table. */
+ val = bfd_seek (objfile->obfd, symtab_offset, 0);
+ if (val < 0)
+@@ -1285,12 +1267,13 @@ init_stringtab (bfd *abfd, file_ptr offs
+ if (bfd_seek (abfd, offset, 0) < 0)
+ return -1;
+
+- val = bfd_bread ((char *) lengthbuf, sizeof lengthbuf, abfd);
+- length = bfd_h_get_32 (symfile_bfd, lengthbuf);
+-
++ val = bfd_bread (lengthbuf, sizeof lengthbuf, abfd);
+ /* If no string table is needed, then the file may end immediately
+ after the symbols. Just return with `stringtab' set to null. */
+- if (val != sizeof lengthbuf || length < sizeof lengthbuf)
++ if (val != sizeof lengthbuf)
++ return 0;
++ length = bfd_h_get_32 (symfile_bfd, lengthbuf);
++ if (length < sizeof lengthbuf)
+ return 0;
+
+ storage->reset ((char *) xmalloc (length));
+diff --git a/gdb/dbxread.c b/gdb/dbxread.c
+--- a/gdb/dbxread.c
++++ b/gdb/dbxread.c
+@@ -812,7 +812,8 @@ stabs_seek (int sym_offset)
+ symbuf_left -= sym_offset;
+ }
+ else
+- bfd_seek (symfile_bfd, sym_offset, SEEK_CUR);
++ if (bfd_seek (symfile_bfd, sym_offset, SEEK_CUR) != 0)
++ perror_with_name (bfd_get_filename (symfile_bfd));
+ }
+
+ #define INTERNALIZE_SYMBOL(intern, extern, abfd) \
+@@ -2095,8 +2096,8 @@ dbx_expand_psymtab (legacy_psymtab *pst,
+ symbol_size = SYMBOL_SIZE (pst);
+
+ /* Read in this file's symbols. */
+- bfd_seek (objfile->obfd, SYMBOL_OFFSET (pst), SEEK_SET);
+- read_ofile_symtab (objfile, pst);
++ if (bfd_seek (objfile->obfd, SYMBOL_OFFSET (pst), SEEK_SET) == 0)
++ read_ofile_symtab (objfile, pst);
+ }
+
+ pst->readin = true;
+diff --git a/gdb/xcoffread.c b/gdb/xcoffread.c
+--- a/gdb/xcoffread.c
++++ b/gdb/xcoffread.c
+@@ -865,8 +865,9 @@ enter_line_range (struct subfile *subfil
+
+ while (curoffset <= limit_offset)
+ {
+- bfd_seek (abfd, curoffset, SEEK_SET);
+- bfd_bread (ext_lnno, linesz, abfd);
++ if (bfd_seek (abfd, curoffset, SEEK_SET) != 0
++ || bfd_bread (ext_lnno, linesz, abfd) != linesz)
++ return;
+ bfd_coff_swap_lineno_in (abfd, ext_lnno, &int_lnno);
+
+ /* Find the address this line represents. */
+--
+2.39.3
--
2.34.1
^ permalink raw reply related [flat|nested] 22+ messages in thread
* [OE-core][kirkstone 4/7] gdb: Fix CVE-2023-39129
2024-02-06 15:45 [OE-core][kirkstone 0/7] Patch review Steve Sakoman
` (2 preceding siblings ...)
2024-02-06 15:45 ` [OE-core][kirkstone 3/7] binutils: internal gdb: Fix CVE-2023-39130 Steve Sakoman
@ 2024-02-06 15:45 ` Steve Sakoman
2024-02-06 15:45 ` [OE-core][kirkstone 5/7] gdb: Fix CVE-2023-39130 Steve Sakoman
` (2 subsequent siblings)
6 siblings, 0 replies; 22+ messages in thread
From: Steve Sakoman @ 2024-02-06 15:45 UTC (permalink / raw)
To: openembedded-core
From: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
CVE: CVE-2023-39129
Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/gdb/gdb.inc | 1 +
.../gdb/gdb/0012-CVE-2023-39129.patch | 50 +++++++++++++++++++
2 files changed, 51 insertions(+)
create mode 100644 meta/recipes-devtools/gdb/gdb/0012-CVE-2023-39129.patch
diff --git a/meta/recipes-devtools/gdb/gdb.inc b/meta/recipes-devtools/gdb/gdb.inc
index 099bd2d8f5..ad2b3ad4b7 100644
--- a/meta/recipes-devtools/gdb/gdb.inc
+++ b/meta/recipes-devtools/gdb/gdb.inc
@@ -15,5 +15,6 @@ SRC_URI = "${GNU_MIRROR}/gdb/gdb-${PV}.tar.xz \
file://0009-Fix-invalid-sigprocmask-call.patch \
file://0010-gdbserver-ctrl-c-handling.patch \
file://0011-CVE-2023-39128.patch \
+ file://0012-CVE-2023-39129.patch \
"
SRC_URI[sha256sum] = "1497c36a71881b8671a9a84a0ee40faab788ca30d7ba19d8463c3cc787152e32"
diff --git a/meta/recipes-devtools/gdb/gdb/0012-CVE-2023-39129.patch b/meta/recipes-devtools/gdb/gdb/0012-CVE-2023-39129.patch
new file mode 100644
index 0000000000..63fb44d59a
--- /dev/null
+++ b/meta/recipes-devtools/gdb/gdb/0012-CVE-2023-39129.patch
@@ -0,0 +1,50 @@
+From: Keith Seitz <keiths@...>
+Date: Wed, 2 Aug 2023 15:35:11 +0000 (-0700)
+Subject: Verify COFF symbol stringtab offset
+X-Git-Tag: gdb-14-branchpoint~473
+X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=58abdf887821a5da09ba184c6e400a3bc5cccd5a
+
+Verify COFF symbol stringtab offset
+
+This patch addresses an issue with malformed/fuzzed debug information that
+was recently reported in gdb/30639. That bug specifically deals with
+an ASAN issue, but the reproducer provided by the reporter causes a
+another failure outside of ASAN:
+
+Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=58abdf887821a5da09ba184c6e400a3bc5cccd5a]
+
+CVE: CVE-2023-39129
+
+Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
+
+diff --git a/gdb/coffread.c b/gdb/coffread.c
+--- a/gdb/coffread.c
++++ b/gdb/coffread.c
+@@ -159,6 +160,7 @@ static file_ptr linetab_offset;
+ static file_ptr linetab_size;
+
+ static char *stringtab = NULL;
++static long stringtab_length = 0;
+
+ extern void stabsread_clear_cache (void);
+
+@@ -1303,6 +1298,7 @@ init_stringtab (bfd *abfd, file_ptr offset, gdb::unique_xmalloc_ptr<char> *stora
+ /* This is in target format (probably not very useful, and not
+ currently used), not host format. */
+ memcpy (stringtab, lengthbuf, sizeof lengthbuf);
++ stringtab_length = length;
+ if (length == sizeof length) /* Empty table -- just the count. */
+ return 0;
+
+@@ -1322,8 +1318,9 @@ getsymname (struct internal_syment *symbol_entry)
+
+ if (symbol_entry->_n._n_n._n_zeroes == 0)
+ {
+- /* FIXME: Probably should be detecting corrupt symbol files by
+- seeing whether offset points to within the stringtab. */
++ if (symbol_entry->_n._n_n._n_offset > stringtab_length)
++ error (_("COFF Error: string table offset (%ld) outside string table (length %ld)"),
++ symbol_entry->_n._n_n._n_offset, stringtab_length);
+ result = stringtab + symbol_entry->_n._n_n._n_offset;
+ }
+ else
--
2.34.1
^ permalink raw reply related [flat|nested] 22+ messages in thread
* [OE-core][kirkstone 5/7] gdb: Fix CVE-2023-39130
2024-02-06 15:45 [OE-core][kirkstone 0/7] Patch review Steve Sakoman
` (3 preceding siblings ...)
2024-02-06 15:45 ` [OE-core][kirkstone 4/7] gdb: Fix CVE-2023-39129 Steve Sakoman
@ 2024-02-06 15:45 ` Steve Sakoman
2024-02-06 15:45 ` [OE-core][kirkstone 6/7] gcc-shared-source: ignore CVE-2023-4039 Steve Sakoman
2024-02-06 15:45 ` [OE-core][kirkstone 7/7] openssl: Upgrade 3.0.12 -> 3.0.13 Steve Sakoman
6 siblings, 0 replies; 22+ messages in thread
From: Steve Sakoman @ 2024-02-06 15:45 UTC (permalink / raw)
To: openembedded-core
From: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
CVE: CVE-2023-39130
Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/gdb/gdb.inc | 1 +
.../gdb/gdb/0013-CVE-2023-39130.patch | 326 ++++++++++++++++++
2 files changed, 327 insertions(+)
create mode 100644 meta/recipes-devtools/gdb/gdb/0013-CVE-2023-39130.patch
diff --git a/meta/recipes-devtools/gdb/gdb.inc b/meta/recipes-devtools/gdb/gdb.inc
index ad2b3ad4b7..6c9fe60cab 100644
--- a/meta/recipes-devtools/gdb/gdb.inc
+++ b/meta/recipes-devtools/gdb/gdb.inc
@@ -16,5 +16,6 @@ SRC_URI = "${GNU_MIRROR}/gdb/gdb-${PV}.tar.xz \
file://0010-gdbserver-ctrl-c-handling.patch \
file://0011-CVE-2023-39128.patch \
file://0012-CVE-2023-39129.patch \
+ file://0013-CVE-2023-39130.patch \
"
SRC_URI[sha256sum] = "1497c36a71881b8671a9a84a0ee40faab788ca30d7ba19d8463c3cc787152e32"
diff --git a/meta/recipes-devtools/gdb/gdb/0013-CVE-2023-39130.patch b/meta/recipes-devtools/gdb/gdb/0013-CVE-2023-39130.patch
new file mode 100644
index 0000000000..bfd5b18d7d
--- /dev/null
+++ b/meta/recipes-devtools/gdb/gdb/0013-CVE-2023-39130.patch
@@ -0,0 +1,326 @@
+From 2db20b97f1dc3e5dce3d6ed74a8a62f0dede8c80 Mon Sep 17 00:00:00 2001
+From: Alan Modra <amodra@gmail.com>
+Date: Wed, 9 Aug 2023 09:58:36 +0930
+Subject: [PATCH] gdb: warn unused result for bfd IO functions
+
+This fixes the compilation warnings introduced by my bfdio.c patch.
+
+The removed bfd_seeks in coff_symfile_read date back to 1994, commit
+7f4c859520, prior to which the file used stdio rather than bfd to read
+symbols. Since it now uses bfd to read the file there should be no
+need to synchronise to bfd's idea of the file position. I also fixed
+a potential uninitialised memory access.
+
+Approved-By: Andrew Burgess <aburgess@redhat.com>
+
+Upstream-Status: Backport from [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=2db20b97f1dc3e5dce3d6ed74a8a62f0dede8c80]
+CVE: CVE-2023-39130
+Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
+---
+ gdb/coff-pe-read.c | 114 +++++++++++++++++++++++++++++----------------
+ gdb/coffread.c | 27 ++---------
+ gdb/dbxread.c | 7 +--
+ gdb/xcoffread.c | 5 +-
+ 4 files changed, 85 insertions(+), 68 deletions(-)
+
+diff --git a/gdb/coff-pe-read.c b/gdb/coff-pe-read.c
+--- a/gdb/coff-pe-read.c
++++ b/gdb/coff-pe-read.c
+@@ -291,23 +291,31 @@ read_pe_truncate_name (char *dll_name)
+ \f
+ /* Low-level support functions, direct from the ld module pe-dll.c. */
+ static unsigned int
+-pe_get16 (bfd *abfd, int where)
++pe_get16 (bfd *abfd, int where, bool *fail)
+ {
+ unsigned char b[2];
+
+- bfd_seek (abfd, (file_ptr) where, SEEK_SET);
+- bfd_bread (b, (bfd_size_type) 2, abfd);
++ if (bfd_seek (abfd, where, SEEK_SET) != 0
++ || bfd_bread (b, 2, abfd) != 2)
++ {
++ *fail = true;
++ return 0;
++ }
+ return b[0] + (b[1] << 8);
+ }
+
+ static unsigned int
+-pe_get32 (bfd *abfd, int where)
++pe_get32 (bfd *abfd, int where, bool *fail)
+ {
+ unsigned char b[4];
+
+- bfd_seek (abfd, (file_ptr) where, SEEK_SET);
+- bfd_bread (b, (bfd_size_type) 4, abfd);
+- return b[0] + (b[1] << 8) + (b[2] << 16) + (b[3] << 24);
++ if (bfd_seek (abfd, where, SEEK_SET) != 0
++ || bfd_bread (b, 4, abfd) != 4)
++ {
++ *fail = true;
++ return 0;
++ }
++ return b[0] + (b[1] << 8) + (b[2] << 16) + ((unsigned) b[3] << 24);
+ }
+
+ static unsigned int
+@@ -323,7 +331,7 @@ pe_as32 (void *ptr)
+ {
+ unsigned char *b = (unsigned char *) ptr;
+
+- return b[0] + (b[1] << 8) + (b[2] << 16) + (b[3] << 24);
++ return b[0] + (b[1] << 8) + (b[2] << 16) + ((unsigned) b[3] << 24);
+ }
+ \f
+ /* Read the (non-debug) export symbol table from a portable
+@@ -376,37 +384,50 @@ read_pe_exported_syms (minimal_symbol_re
+ || strcmp (target, "pei-i386") == 0
+ || strcmp (target, "pe-arm-wince-little") == 0
+ || strcmp (target, "pei-arm-wince-little") == 0);
++
++ /* Possibly print a debug message about DLL not having a valid format. */
++ auto maybe_print_debug_msg = [&] () -> void {
++ if (debug_coff_pe_read)
++ fprintf_unfiltered (gdb_stdlog, _("%s doesn't appear to be a DLL\n"),
++ bfd_get_filename (dll));
++ };
++
+ if (!is_pe32 && !is_pe64)
+- {
+- /* This is not a recognized PE format file. Abort now, because
+- the code is untested on anything else. *FIXME* test on
+- further architectures and loosen or remove this test. */
+- return;
+- }
++ return maybe_print_debug_msg ();
+
+ /* Get pe_header, optional header and numbers of export entries. */
+- pe_header_offset = pe_get32 (dll, 0x3c);
++ bool fail = false;
++ pe_header_offset = pe_get32 (dll, 0x3c, &fail);
++ if (fail)
++ return maybe_print_debug_msg ();
+ opthdr_ofs = pe_header_offset + 4 + 20;
+ if (is_pe64)
+- num_entries = pe_get32 (dll, opthdr_ofs + 108);
++ num_entries = pe_get32 (dll, opthdr_ofs + 108, &fail);
+ else
+- num_entries = pe_get32 (dll, opthdr_ofs + 92);
++ num_entries = pe_get32 (dll, opthdr_ofs + 92, &fail);
++ if (fail)
++ return maybe_print_debug_msg ();
+
+ if (num_entries < 1) /* No exports. */
+ return;
+ if (is_pe64)
+ {
+- export_opthdrrva = pe_get32 (dll, opthdr_ofs + 112);
+- export_opthdrsize = pe_get32 (dll, opthdr_ofs + 116);
++ export_opthdrrva = pe_get32 (dll, opthdr_ofs + 112, &fail);
++ export_opthdrsize = pe_get32 (dll, opthdr_ofs + 116, &fail);
+ }
+ else
+ {
+- export_opthdrrva = pe_get32 (dll, opthdr_ofs + 96);
+- export_opthdrsize = pe_get32 (dll, opthdr_ofs + 100);
++ export_opthdrrva = pe_get32 (dll, opthdr_ofs + 96, &fail);
++ export_opthdrsize = pe_get32 (dll, opthdr_ofs + 100, &fail);
+ }
+- nsections = pe_get16 (dll, pe_header_offset + 4 + 2);
++ if (fail)
++ return maybe_print_debug_msg ();
++
++ nsections = pe_get16 (dll, pe_header_offset + 4 + 2, &fail);
+ secptr = (pe_header_offset + 4 + 20 +
+- pe_get16 (dll, pe_header_offset + 4 + 16));
++ pe_get16 (dll, pe_header_offset + 4 + 16, &fail));
++ if (fail)
++ return maybe_print_debug_msg ();
+ expptr = 0;
+ export_size = 0;
+
+@@ -415,12 +436,13 @@ read_pe_exported_syms (minimal_symbol_re
+ {
+ char sname[8];
+ unsigned long secptr1 = secptr + 40 * i;
+- unsigned long vaddr = pe_get32 (dll, secptr1 + 12);
+- unsigned long vsize = pe_get32 (dll, secptr1 + 16);
+- unsigned long fptr = pe_get32 (dll, secptr1 + 20);
+-
+- bfd_seek (dll, (file_ptr) secptr1, SEEK_SET);
+- bfd_bread (sname, (bfd_size_type) sizeof (sname), dll);
++ unsigned long vaddr = pe_get32 (dll, secptr1 + 12, &fail);
++ unsigned long vsize = pe_get32 (dll, secptr1 + 16, &fail);
++ unsigned long fptr = pe_get32 (dll, secptr1 + 20, &fail);
++
++ if (fail
++ || bfd_seek (dll, secptr1, SEEK_SET) != 0
++ || bfd_bread (sname, sizeof (sname), dll) != sizeof (sname))
+
+ if ((strcmp (sname, ".edata") == 0)
+ || (vaddr <= export_opthdrrva && export_opthdrrva < vaddr + vsize))
+@@ -461,16 +483,18 @@ read_pe_exported_syms (minimal_symbol_re
+ for (i = 0; i < nsections; i++)
+ {
+ unsigned long secptr1 = secptr + 40 * i;
+- unsigned long vsize = pe_get32 (dll, secptr1 + 8);
+- unsigned long vaddr = pe_get32 (dll, secptr1 + 12);
+- unsigned long characteristics = pe_get32 (dll, secptr1 + 36);
++ unsigned long vsize = pe_get32 (dll, secptr1 + 8, &fail);
++ unsigned long vaddr = pe_get32 (dll, secptr1 + 12, &fail);
++ unsigned long characteristics = pe_get32 (dll, secptr1 + 36, &fail);
+ char sec_name[SCNNMLEN + 1];
+ int sectix;
+ unsigned int bfd_section_index;
+ asection *section;
+
+- bfd_seek (dll, (file_ptr) secptr1 + 0, SEEK_SET);
+- bfd_bread (sec_name, (bfd_size_type) SCNNMLEN, dll);
++ if (fail
++ || bfd_seek (dll, secptr1 + 0, SEEK_SET) != 0
++ || bfd_bread (sec_name, SCNNMLEN, dll) != SCNNMLEN)
++ return maybe_print_debug_msg ();
+ sec_name[SCNNMLEN] = '\0';
+
+ sectix = read_pe_section_index (sec_name);
+@@ -509,8 +533,9 @@ read_pe_exported_syms (minimal_symbol_re
+ gdb::def_vector<unsigned char> expdata_storage (export_size);
+ expdata = expdata_storage.data ();
+
+- bfd_seek (dll, (file_ptr) expptr, SEEK_SET);
+- bfd_bread (expdata, (bfd_size_type) export_size, dll);
++ if (bfd_seek (dll, expptr, SEEK_SET) != 0
++ || bfd_bread (expdata, export_size, dll) != export_size)
++ return maybe_print_debug_msg ();
+ erva = expdata - export_rva;
+
+ nexp = pe_as32 (expdata + 24);
+@@ -658,20 +683,27 @@ pe_text_section_offset (struct bfd *abfd
+ }
+
+ /* Get pe_header, optional header and numbers of sections. */
+- pe_header_offset = pe_get32 (abfd, 0x3c);
+- nsections = pe_get16 (abfd, pe_header_offset + 4 + 2);
++ bool fail = false;
++ pe_header_offset = pe_get32 (abfd, 0x3c, &fail);
++ if (fail)
++ return DEFAULT_COFF_PE_TEXT_SECTION_OFFSET;
++ nsections = pe_get16 (abfd, pe_header_offset + 4 + 2, &fail);
+ secptr = (pe_header_offset + 4 + 20 +
+- pe_get16 (abfd, pe_header_offset + 4 + 16));
++ pe_get16 (abfd, pe_header_offset + 4 + 16, &fail));
++ if (fail)
++ return DEFAULT_COFF_PE_TEXT_SECTION_OFFSET;
+
+ /* Get the rva and size of the export section. */
+ for (i = 0; i < nsections; i++)
+ {
+ char sname[SCNNMLEN + 1];
+ unsigned long secptr1 = secptr + 40 * i;
+- unsigned long vaddr = pe_get32 (abfd, secptr1 + 12);
++ unsigned long vaddr = pe_get32 (abfd, secptr1 + 12, &fail);
+
+- bfd_seek (abfd, (file_ptr) secptr1, SEEK_SET);
+- bfd_bread (sname, (bfd_size_type) SCNNMLEN, abfd);
++ if (fail
++ || bfd_seek (abfd, secptr1, SEEK_SET) != 0
++ || bfd_bread (sname, SCNNMLEN, abfd) != SCNNMLEN)
++ return DEFAULT_COFF_PE_TEXT_SECTION_OFFSET;
+ sname[SCNNMLEN] = '\0';
+ if (strcmp (sname, ".text") == 0)
+ return vaddr;
+diff --git a/gdb/coffread.c b/gdb/coffread.c
+--- a/gdb/coffread.c
++++ b/gdb/coffread.c
+@@ -690,8 +690,6 @@ coff_symfile_read (struct objfile *objfi
+
+ /* FIXME: dubious. Why can't we use something normal like
+ bfd_get_section_contents? */
+- bfd_seek (abfd, abfd->where, 0);
+-
+ stabstrsize = bfd_section_size (info->stabstrsect);
+
+ coffstab_build_psymtabs (objfile,
+@@ -780,22 +778,6 @@ coff_symtab_read (minimal_symbol_reader
+
+ scoped_free_pendings free_pending;
+
+- /* Work around a stdio bug in SunOS4.1.1 (this makes me nervous....
+- it's hard to know I've really worked around it. The fix should
+- be harmless, anyway). The symptom of the bug is that the first
+- fread (in read_one_sym), will (in my example) actually get data
+- from file offset 268, when the fseek was to 264 (and ftell shows
+- 264). This causes all hell to break loose. I was unable to
+- reproduce this on a short test program which operated on the same
+- file, performing (I think) the same sequence of operations.
+-
+- It stopped happening when I put in this (former) rewind().
+-
+- FIXME: Find out if this has been reported to Sun, whether it has
+- been fixed in a later release, etc. */
+-
+- bfd_seek (objfile->obfd, 0, 0);
+-
+ /* Position to read the symbol table. */
+ val = bfd_seek (objfile->obfd, symtab_offset, 0);
+ if (val < 0)
+@@ -1285,12 +1267,13 @@ init_stringtab (bfd *abfd, file_ptr offs
+ if (bfd_seek (abfd, offset, 0) < 0)
+ return -1;
+
+- val = bfd_bread ((char *) lengthbuf, sizeof lengthbuf, abfd);
+- length = bfd_h_get_32 (symfile_bfd, lengthbuf);
+-
++ val = bfd_bread (lengthbuf, sizeof lengthbuf, abfd);
+ /* If no string table is needed, then the file may end immediately
+ after the symbols. Just return with `stringtab' set to null. */
+- if (val != sizeof lengthbuf || length < sizeof lengthbuf)
++ if (val != sizeof lengthbuf)
++ return 0;
++ length = bfd_h_get_32 (symfile_bfd, lengthbuf);
++ if (length < sizeof lengthbuf)
+ return 0;
+
+ storage->reset ((char *) xmalloc (length));
+diff --git a/gdb/dbxread.c b/gdb/dbxread.c
+--- a/gdb/dbxread.c
++++ b/gdb/dbxread.c
+@@ -812,7 +812,8 @@ stabs_seek (int sym_offset)
+ symbuf_left -= sym_offset;
+ }
+ else
+- bfd_seek (symfile_bfd, sym_offset, SEEK_CUR);
++ if (bfd_seek (symfile_bfd, sym_offset, SEEK_CUR) != 0)
++ perror_with_name (bfd_get_filename (symfile_bfd));
+ }
+
+ #define INTERNALIZE_SYMBOL(intern, extern, abfd) \
+@@ -2095,8 +2096,8 @@ dbx_expand_psymtab (legacy_psymtab *pst,
+ symbol_size = SYMBOL_SIZE (pst);
+
+ /* Read in this file's symbols. */
+- bfd_seek (objfile->obfd, SYMBOL_OFFSET (pst), SEEK_SET);
+- read_ofile_symtab (objfile, pst);
++ if (bfd_seek (objfile->obfd, SYMBOL_OFFSET (pst), SEEK_SET) == 0)
++ read_ofile_symtab (objfile, pst);
+ }
+
+ pst->readin = true;
+diff --git a/gdb/xcoffread.c b/gdb/xcoffread.c
+--- a/gdb/xcoffread.c
++++ b/gdb/xcoffread.c
+@@ -865,8 +865,9 @@ enter_line_range (struct subfile *subfil
+
+ while (curoffset <= limit_offset)
+ {
+- bfd_seek (abfd, curoffset, SEEK_SET);
+- bfd_bread (ext_lnno, linesz, abfd);
++ if (bfd_seek (abfd, curoffset, SEEK_SET) != 0
++ || bfd_bread (ext_lnno, linesz, abfd) != linesz)
++ return;
+ bfd_coff_swap_lineno_in (abfd, ext_lnno, &int_lnno);
+
+ /* Find the address this line represents. */
+--
+2.39.3
--
2.34.1
^ permalink raw reply related [flat|nested] 22+ messages in thread
* [OE-core][kirkstone 6/7] gcc-shared-source: ignore CVE-2023-4039
2024-02-06 15:45 [OE-core][kirkstone 0/7] Patch review Steve Sakoman
` (4 preceding siblings ...)
2024-02-06 15:45 ` [OE-core][kirkstone 5/7] gdb: Fix CVE-2023-39130 Steve Sakoman
@ 2024-02-06 15:45 ` Steve Sakoman
2024-02-06 15:45 ` [OE-core][kirkstone 7/7] openssl: Upgrade 3.0.12 -> 3.0.13 Steve Sakoman
6 siblings, 0 replies; 22+ messages in thread
From: Steve Sakoman @ 2024-02-06 15:45 UTC (permalink / raw)
To: openembedded-core
From: Peter Marko <peter.marko@siemens.com>
Concept of gcc-source prevents cve-check to detect existing
CVE patch file.
So ignore this CVE in all recipes using gcc-source via this
include file.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/gcc/gcc-shared-source.inc | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-devtools/gcc/gcc-shared-source.inc b/meta/recipes-devtools/gcc/gcc-shared-source.inc
index 03f520b093..7aa1c22bf0 100644
--- a/meta/recipes-devtools/gcc/gcc-shared-source.inc
+++ b/meta/recipes-devtools/gcc/gcc-shared-source.inc
@@ -19,3 +19,6 @@ do_deploy_source_date_epoch () {
cp -p $(dirname ${S})/$sde_file ${SDE_DEPLOYDIR}
cp -p $(dirname ${S})/$sde_file ${SDE_FILE}
}
+
+# patch is available via gcc-source recipe
+CVE_CHECK_IGNORE += "CVE-2023-4039"
--
2.34.1
^ permalink raw reply related [flat|nested] 22+ messages in thread
* [OE-core][kirkstone 7/7] openssl: Upgrade 3.0.12 -> 3.0.13
2024-02-06 15:45 [OE-core][kirkstone 0/7] Patch review Steve Sakoman
` (5 preceding siblings ...)
2024-02-06 15:45 ` [OE-core][kirkstone 6/7] gcc-shared-source: ignore CVE-2023-4039 Steve Sakoman
@ 2024-02-06 15:45 ` Steve Sakoman
6 siblings, 0 replies; 22+ messages in thread
From: Steve Sakoman @ 2024-02-06 15:45 UTC (permalink / raw)
To: openembedded-core
From: Peter Marko <peter.marko@siemens.com>
Fixes CVE-2024-0727
Removed included CVE patch backports.
New module was implemented in tests and needs to be installed
to successfully pass 04-test_provider.t test.
Release information:
https://github.com/openssl/openssl/blob/openssl-3.0/NEWS.md#major-changes-between-openssl-3012-and-openssl-3013-30-jan-2024
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../openssl/openssl/CVE-2023-5678.patch | 180 ------------------
.../openssl/openssl/CVE-2023-6129.patch | 113 -----------
.../openssl/openssl/CVE-2023-6237.patch | 127 ------------
.../{openssl_3.0.12.bb => openssl_3.0.13.bb} | 6 +-
4 files changed, 2 insertions(+), 424 deletions(-)
delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2023-5678.patch
delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2023-6129.patch
delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2023-6237.patch
rename meta/recipes-connectivity/openssl/{openssl_3.0.12.bb => openssl_3.0.13.bb} (97%)
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2023-5678.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2023-5678.patch
deleted file mode 100644
index 796a4f8be9..0000000000
--- a/meta/recipes-connectivity/openssl/openssl/CVE-2023-5678.patch
+++ /dev/null
@@ -1,180 +0,0 @@
-From db925ae2e65d0d925adef429afc37f75bd1c2017 Mon Sep 17 00:00:00 2001
-From: Richard Levitte <levitte@openssl.org>
-Date: Fri, 20 Oct 2023 09:18:19 +0200
-Subject: [PATCH] Make DH_check_pub_key() and DH_generate_key() safer yet
-
-We already check for an excessively large P in DH_generate_key(), but not in
-DH_check_pub_key(), and none of them check for an excessively large Q.
-
-This change adds all the missing excessive size checks of P and Q.
-
-It's to be noted that behaviours surrounding excessively sized P and Q
-differ. DH_check() raises an error on the excessively sized P, but only
-sets a flag for the excessively sized Q. This behaviour is mimicked in
-DH_check_pub_key().
-
-Reviewed-by: Tomas Mraz <tomas@openssl.org>
-Reviewed-by: Matt Caswell <matt@openssl.org>
-Reviewed-by: Hugo Landau <hlandau@openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/22518)
-
-(cherry picked from commit ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6)
-
-Upstream-Status: Backport [https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017]
-CVE: CVE-2023-5678
-Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
----
- crypto/dh/dh_check.c | 12 ++++++++++++
- crypto/dh/dh_err.c | 3 ++-
- crypto/dh/dh_key.c | 12 ++++++++++++
- crypto/err/openssl.txt | 1 +
- include/crypto/dherr.h | 2 +-
- include/openssl/dh.h | 6 +++---
- include/openssl/dherr.h | 3 ++-
- 7 files changed, 33 insertions(+), 6 deletions(-)
-
-diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c
-index 7ba2bea..e20eb62 100644
---- a/crypto/dh/dh_check.c
-+++ b/crypto/dh/dh_check.c
-@@ -249,6 +249,18 @@ int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key)
- */
- int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret)
- {
-+ /* Don't do any checks at all with an excessively large modulus */
-+ if (BN_num_bits(dh->params.p) > OPENSSL_DH_CHECK_MAX_MODULUS_BITS) {
-+ ERR_raise(ERR_LIB_DH, DH_R_MODULUS_TOO_LARGE);
-+ *ret = DH_MODULUS_TOO_LARGE | DH_CHECK_PUBKEY_INVALID;
-+ return 0;
-+ }
-+
-+ if (dh->params.q != NULL && BN_ucmp(dh->params.p, dh->params.q) < 0) {
-+ *ret |= DH_CHECK_INVALID_Q_VALUE | DH_CHECK_PUBKEY_INVALID;
-+ return 1;
-+ }
-+
- return ossl_ffc_validate_public_key(&dh->params, pub_key, ret);
- }
-
-diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c
-index 4152397..f76ac0d 100644
---- a/crypto/dh/dh_err.c
-+++ b/crypto/dh/dh_err.c
-@@ -1,6 +1,6 @@
- /*
- * Generated by util/mkerr.pl DO NOT EDIT
-- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
-+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
-@@ -54,6 +54,7 @@ static const ERR_STRING_DATA DH_str_reasons[] = {
- {ERR_PACK(ERR_LIB_DH, 0, DH_R_PARAMETER_ENCODING_ERROR),
- "parameter encoding error"},
- {ERR_PACK(ERR_LIB_DH, 0, DH_R_PEER_KEY_ERROR), "peer key error"},
-+ {ERR_PACK(ERR_LIB_DH, 0, DH_R_Q_TOO_LARGE), "q too large"},
- {ERR_PACK(ERR_LIB_DH, 0, DH_R_SHARED_INFO_ERROR), "shared info error"},
- {ERR_PACK(ERR_LIB_DH, 0, DH_R_UNABLE_TO_CHECK_GENERATOR),
- "unable to check generator"},
-diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
-index d84ea99..afc49f5 100644
---- a/crypto/dh/dh_key.c
-+++ b/crypto/dh/dh_key.c
-@@ -49,6 +49,12 @@ int ossl_dh_compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
- goto err;
- }
-
-+ if (dh->params.q != NULL
-+ && BN_num_bits(dh->params.q) > OPENSSL_DH_MAX_MODULUS_BITS) {
-+ ERR_raise(ERR_LIB_DH, DH_R_Q_TOO_LARGE);
-+ goto err;
-+ }
-+
- if (BN_num_bits(dh->params.p) < DH_MIN_MODULUS_BITS) {
- ERR_raise(ERR_LIB_DH, DH_R_MODULUS_TOO_SMALL);
- return 0;
-@@ -267,6 +273,12 @@ static int generate_key(DH *dh)
- return 0;
- }
-
-+ if (dh->params.q != NULL
-+ && BN_num_bits(dh->params.q) > OPENSSL_DH_MAX_MODULUS_BITS) {
-+ ERR_raise(ERR_LIB_DH, DH_R_Q_TOO_LARGE);
-+ return 0;
-+ }
-+
- if (BN_num_bits(dh->params.p) < DH_MIN_MODULUS_BITS) {
- ERR_raise(ERR_LIB_DH, DH_R_MODULUS_TOO_SMALL);
- return 0;
-diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
-index e51504b..36de321 100644
---- a/crypto/err/openssl.txt
-+++ b/crypto/err/openssl.txt
-@@ -500,6 +500,7 @@ DH_R_NO_PARAMETERS_SET:107:no parameters set
- DH_R_NO_PRIVATE_VALUE:100:no private value
- DH_R_PARAMETER_ENCODING_ERROR:105:parameter encoding error
- DH_R_PEER_KEY_ERROR:111:peer key error
-+DH_R_Q_TOO_LARGE:130:q too large
- DH_R_SHARED_INFO_ERROR:113:shared info error
- DH_R_UNABLE_TO_CHECK_GENERATOR:121:unable to check generator
- DSA_R_BAD_FFC_PARAMETERS:114:bad ffc parameters
-diff --git a/include/crypto/dherr.h b/include/crypto/dherr.h
-index bb24d13..519327f 100644
---- a/include/crypto/dherr.h
-+++ b/include/crypto/dherr.h
-@@ -1,6 +1,6 @@
- /*
- * Generated by util/mkerr.pl DO NOT EDIT
-- * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
-+ * Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
-diff --git a/include/openssl/dh.h b/include/openssl/dh.h
-index 6533260..50e0cf5 100644
---- a/include/openssl/dh.h
-+++ b/include/openssl/dh.h
-@@ -141,7 +141,7 @@ DECLARE_ASN1_ITEM(DHparams)
- # define DH_GENERATOR_3 3
- # define DH_GENERATOR_5 5
-
--/* DH_check error codes */
-+/* DH_check error codes, some of them shared with DH_check_pub_key */
- /*
- * NB: These values must align with the equivalently named macros in
- * internal/ffc.h.
-@@ -151,10 +151,10 @@ DECLARE_ASN1_ITEM(DHparams)
- # define DH_UNABLE_TO_CHECK_GENERATOR 0x04
- # define DH_NOT_SUITABLE_GENERATOR 0x08
- # define DH_CHECK_Q_NOT_PRIME 0x10
--# define DH_CHECK_INVALID_Q_VALUE 0x20
-+# define DH_CHECK_INVALID_Q_VALUE 0x20 /* +DH_check_pub_key */
- # define DH_CHECK_INVALID_J_VALUE 0x40
- # define DH_MODULUS_TOO_SMALL 0x80
--# define DH_MODULUS_TOO_LARGE 0x100
-+# define DH_MODULUS_TOO_LARGE 0x100 /* +DH_check_pub_key */
-
- /* DH_check_pub_key error codes */
- # define DH_CHECK_PUBKEY_TOO_SMALL 0x01
-diff --git a/include/openssl/dherr.h b/include/openssl/dherr.h
-index 5d2a762..074a701 100644
---- a/include/openssl/dherr.h
-+++ b/include/openssl/dherr.h
-@@ -1,6 +1,6 @@
- /*
- * Generated by util/mkerr.pl DO NOT EDIT
-- * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
-+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
- *
- * Licensed under the Apache License 2.0 (the "License"). You may not use
- * this file except in compliance with the License. You can obtain a copy
-@@ -50,6 +50,7 @@
- # define DH_R_NO_PRIVATE_VALUE 100
- # define DH_R_PARAMETER_ENCODING_ERROR 105
- # define DH_R_PEER_KEY_ERROR 111
-+# define DH_R_Q_TOO_LARGE 130
- # define DH_R_SHARED_INFO_ERROR 113
- # define DH_R_UNABLE_TO_CHECK_GENERATOR 121
-
---
-2.40.1
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2023-6129.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2023-6129.patch
deleted file mode 100644
index c5749e1874..0000000000
--- a/meta/recipes-connectivity/openssl/openssl/CVE-2023-6129.patch
+++ /dev/null
@@ -1,113 +0,0 @@
-From 8d847a3ffd4f0b17ee33962cf69c36224925b34f Mon Sep 17 00:00:00 2001
-From: Rohan McLure <rmclure@linux.ibm.com>
-Date: Thu, 4 Jan 2024 10:25:50 +0100
-Subject: [PATCH] poly1305-ppc.pl: Fix vector register clobbering
-
-Fixes CVE-2023-6129
-
-The POLY1305 MAC (message authentication code) implementation in OpenSSL for
-PowerPC CPUs saves the the contents of vector registers in different order
-than they are restored. Thus the contents of some of these vector registers
-is corrupted when returning to the caller. The vulnerable code is used only
-on newer PowerPC processors supporting the PowerISA 2.07 instructions.
-
-Reviewed-by: Matt Caswell <matt@openssl.org>
-Reviewed-by: Richard Levitte <levitte@openssl.org>
-Reviewed-by: Tomas Mraz <tomas@openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/23200)
-
-Upstream-Status: Backport [https://github.com/openssl/openssl/commit/8d847a3ffd4f0b17ee33962cf69c36224925b34f]
-CVE: CVE-2023-6129
-Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
----
- crypto/poly1305/asm/poly1305-ppc.pl | 42 ++++++++++++++---------------
- 1 file changed, 21 insertions(+), 21 deletions(-)
-
-diff --git a/crypto/poly1305/asm/poly1305-ppc.pl b/crypto/poly1305/asm/poly1305-ppc.pl
-index 9f86134..2e601bb 100755
---- a/crypto/poly1305/asm/poly1305-ppc.pl
-+++ b/crypto/poly1305/asm/poly1305-ppc.pl
-@@ -744,7 +744,7 @@ ___
- my $LOCALS= 6*$SIZE_T;
- my $VSXFRAME = $LOCALS + 6*$SIZE_T;
- $VSXFRAME += 128; # local variables
-- $VSXFRAME += 13*16; # v20-v31 offload
-+ $VSXFRAME += 12*16; # v20-v31 offload
-
- my $BIG_ENDIAN = ($flavour !~ /le/) ? 4 : 0;
-
-@@ -919,12 +919,12 @@ __poly1305_blocks_vsx:
- addi r11,r11,32
- stvx v22,r10,$sp
- addi r10,r10,32
-- stvx v23,r10,$sp
-- addi r10,r10,32
-- stvx v24,r11,$sp
-+ stvx v23,r11,$sp
- addi r11,r11,32
-- stvx v25,r10,$sp
-+ stvx v24,r10,$sp
- addi r10,r10,32
-+ stvx v25,r11,$sp
-+ addi r11,r11,32
- stvx v26,r10,$sp
- addi r10,r10,32
- stvx v27,r11,$sp
-@@ -1153,12 +1153,12 @@ __poly1305_blocks_vsx:
- addi r11,r11,32
- stvx v22,r10,$sp
- addi r10,r10,32
-- stvx v23,r10,$sp
-- addi r10,r10,32
-- stvx v24,r11,$sp
-+ stvx v23,r11,$sp
- addi r11,r11,32
-- stvx v25,r10,$sp
-+ stvx v24,r10,$sp
- addi r10,r10,32
-+ stvx v25,r11,$sp
-+ addi r11,r11,32
- stvx v26,r10,$sp
- addi r10,r10,32
- stvx v27,r11,$sp
-@@ -1899,26 +1899,26 @@ Ldone_vsx:
- mtspr 256,r12 # restore vrsave
- lvx v20,r10,$sp
- addi r10,r10,32
-- lvx v21,r10,$sp
-- addi r10,r10,32
-- lvx v22,r11,$sp
-+ lvx v21,r11,$sp
- addi r11,r11,32
-- lvx v23,r10,$sp
-+ lvx v22,r10,$sp
- addi r10,r10,32
-- lvx v24,r11,$sp
-+ lvx v23,r11,$sp
- addi r11,r11,32
-- lvx v25,r10,$sp
-+ lvx v24,r10,$sp
- addi r10,r10,32
-- lvx v26,r11,$sp
-+ lvx v25,r11,$sp
- addi r11,r11,32
-- lvx v27,r10,$sp
-+ lvx v26,r10,$sp
- addi r10,r10,32
-- lvx v28,r11,$sp
-+ lvx v27,r11,$sp
- addi r11,r11,32
-- lvx v29,r10,$sp
-+ lvx v28,r10,$sp
- addi r10,r10,32
-- lvx v30,r11,$sp
-- lvx v31,r10,$sp
-+ lvx v29,r11,$sp
-+ addi r11,r11,32
-+ lvx v30,r10,$sp
-+ lvx v31,r11,$sp
- $POP r27,`$VSXFRAME-$SIZE_T*5`($sp)
- $POP r28,`$VSXFRAME-$SIZE_T*4`($sp)
- $POP r29,`$VSXFRAME-$SIZE_T*3`($sp)
---
-2.39.3
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2023-6237.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2023-6237.patch
deleted file mode 100644
index 621dc6b0ab..0000000000
--- a/meta/recipes-connectivity/openssl/openssl/CVE-2023-6237.patch
+++ /dev/null
@@ -1,127 +0,0 @@
-rom e09fc1d746a4fd15bb5c3d7bbbab950aadd005db Mon Sep 17 00:00:00 2001
-From: Tomas Mraz <tomas@openssl.org>
-Date: Fri, 22 Dec 2023 16:25:56 +0100
-Subject: [PATCH] Limit the execution time of RSA public key check
-
-Fixes CVE-2023-6237
-
-If a large and incorrect RSA public key is checked with
-EVP_PKEY_public_check() the computation could take very long time
-due to no limit being applied to the RSA public key size and
-unnecessarily high number of Miller-Rabin algorithm rounds
-used for non-primality check of the modulus.
-
-Now the keys larger than 16384 bits (OPENSSL_RSA_MAX_MODULUS_BITS)
-will fail the check with RSA_R_MODULUS_TOO_LARGE error reason.
-Also the number of Miller-Rabin rounds was set to 5.
-
-Reviewed-by: Neil Horman <nhorman@openssl.org>
-Reviewed-by: Matt Caswell <matt@openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/23243)
-
-Upstream-Status: Backport [https://github.com/openssl/openssl/commit/e09fc1d746a4fd15bb5c3d7bbbab950aadd005db]
-CVE: CVE-2023-6237
-Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
----
- crypto/rsa/rsa_sp800_56b_check.c | 8 +++-
- test/recipes/91-test_pkey_check.t | 2 +-
- .../91-test_pkey_check_data/rsapub_17k.pem | 48 +++++++++++++++++++
- 3 files changed, 56 insertions(+), 2 deletions(-)
- create mode 100644 test/recipes/91-test_pkey_check_data/rsapub_17k.pem
-
-diff --git a/crypto/rsa/rsa_sp800_56b_check.c b/crypto/rsa/rsa_sp800_56b_check.c
-index fc8f19b..bcbdd24 100644
---- a/crypto/rsa/rsa_sp800_56b_check.c
-+++ b/crypto/rsa/rsa_sp800_56b_check.c
-@@ -289,6 +289,11 @@ int ossl_rsa_sp800_56b_check_public(const RSA *rsa)
- return 0;
-
- nbits = BN_num_bits(rsa->n);
-+ if (nbits > OPENSSL_RSA_MAX_MODULUS_BITS) {
-+ ERR_raise(ERR_LIB_RSA, RSA_R_MODULUS_TOO_LARGE);
-+ return 0;
-+ }
-+
- #ifdef FIPS_MODULE
- /*
- * (Step a): modulus must be 2048 or 3072 (caveat from SP800-56Br1)
-@@ -324,7 +329,8 @@ int ossl_rsa_sp800_56b_check_public(const RSA *rsa)
- goto err;
- }
-
-- ret = ossl_bn_miller_rabin_is_prime(rsa->n, 0, ctx, NULL, 1, &status);
-+ /* Highest number of MR rounds from FIPS 186-5 Section B.3 Table B.1 */
-+ ret = ossl_bn_miller_rabin_is_prime(rsa->n, 5, ctx, NULL, 1, &status);
- #ifdef FIPS_MODULE
- if (ret != 1 || status != BN_PRIMETEST_COMPOSITE_NOT_POWER_OF_PRIME) {
- #else
-diff --git a/test/recipes/91-test_pkey_check.t b/test/recipes/91-test_pkey_check.t
-index dc7cc64..f8088df 100644
---- a/test/recipes/91-test_pkey_check.t
-+++ b/test/recipes/91-test_pkey_check.t
-@@ -70,7 +70,7 @@ push(@positive_tests, (
- "dhpkey.pem"
- )) unless disabled("dh");
-
--my @negative_pubtests = ();
-+my @negative_pubtests = ("rsapub_17k.pem"); # Too big RSA public key
-
- push(@negative_pubtests, (
- "dsapub_noparam.der"
-diff --git a/test/recipes/91-test_pkey_check_data/rsapub_17k.pem b/test/recipes/91-test_pkey_check_data/rsapub_17k.pem
-new file mode 100644
-index 0000000..9a2eaed
---- /dev/null
-+++ b/test/recipes/91-test_pkey_check_data/rsapub_17k.pem
-@@ -0,0 +1,48 @@
-+-----BEGIN PUBLIC KEY-----
-+MIIIbzANBgkqhkiG9w0BAQEFAAOCCFwAMIIIVwKCCE4Ang+cE5H+hg3RbapDAHqR
-+B9lUnp2MlAwsZxQ/FhYepaR60bFQeumbu7817Eo5YLMObVI99hF1C4u/qcpD4Jph
-+gZt87/JAYDbP+DIh/5gUXCL9m5Fp4u7mvZaZdnlcftBvR1uKUTCAwc9pZ/Cfr8W2
-+GzrRODzsNYnk2DcZMfe2vRDuDZRopE+Y+I72rom2SZLxoN547N1daM/M/CL9KVQ/
-+XMI/YOpJrBI0jI3brMRhLkvLckwies9joufydlGbJkeil9H7/grj3fQZtFkZ2Pkj
-+b87XDzRVX7wsEpAgPJxskL3jApokCp1kQYKG+Uc3dKM9Ade6IAPK7VKcmbAQTYw2
-+gZxsc28dtstazmfGz0ACCTSMrmbgWAM3oPL7RRzhrXDWgmYQ0jHefGh8SNTIgtPq
-+TuHxPYkDMQNaf0LmDGCxqlnf4b5ld3YaU8zZ/RqIRx5v/+w0rJUvU53qY1bYSnL1
-+vbqKSnN2mip0GYyQ4AUgkS1NBV4rGYU/VTvzEjLfkg02KOtHKandvEoUjmZPzCT0
-+V2ZhGc8K1UJNGYlIiHqCdwCBoghvly/pYajTkDXyd6BsukzA5H3IkZB1xDgl035j
-+/0Cr7QeZLEOdi9fPdSSaBT6OmD0WFuZfJF0wMr7ucRhWzPXvSensD9v7MBE7tNfH
-+SLeTSx8tLt8UeWriiM+0CnkPR1IOqMOxubOyf1eV8NQqEWm5wEQG/0IskbOKnaHa
-+PqLFJZn/bvyL3XK5OxVIJG3z6bnRDOMS9SzkjqgPdIO8tkySEHVSi/6iuGUltx3Y
-+Fmq6ye/r34ekyHPbfn6UuTON7joM6SIXb5bHM64x4iMVWx4hMvDjfy0UqfywAUyu
-+C1o7BExSMxxFG8GJcqR0K8akpPp7EM588PC+YuItoxzXgfUJnP3BQ1Beev2Ve7/J
-+xeGZH0N4ntfr+cuaLAakAER9zDglwChWflw3NNFgIdAgSxXv3XXx5xDXpdP4lxUo
-+F5zAN4Mero3yV90FaJl7Vhq/UFVidbwFc15jUDwaE0mKRcsBeVd3GOhoECAgE0id
-+aIPT20z8oVY0FyTJlRk7QSjo8WjJSrHY/Fn14gctX07ZdfkufyL6w+NijBdYluvB
-+nIrgHEvpkDEWoIa8qcx0EppoIcmqgMV2mTShfFYSybsO33Pm8WXec2FXjwhzs1Pi
-+R/BuIW8rHPI67xqWm0h8dEw11vtfi9a/BBBikFHe59KBjMTG+lW/gADNvRoTzGh7
-+kN4+UVDS3jlSisRZZOn1XoeQtpubNYWgUsecjKy45IwIj8h1SHgn3wkmUesY0woN
-+mOdoNtq+NezN4RFtbCOHhxFVpKKDi/HQP2ro0ykkXMDjwEIVf2Lii1Mg9UP8m+Ux
-+AOqkTrIkdogkRx+70h7/wUOfDIFUq2JbKzqxJYamyEphcdAko7/B8efQKc61Z93O
-+f2SHa4++4WI7wIIx18v5KV4M/cRmrfc8w9WRkQN3gBT5AJMuqwcSHVXBWvNQeGmi
-+ScMh7X6cCZ0daEujqb8svq4WgsJ8UT4GaGBRIYtt7QUKEh+JQwNJzneRYZ3pzpaH
-+UJeeoYobMlkp3rM9cYzdq90nBQiI9Jsbim9m9ggb2dMOS5CsI9S/IuG2O5uTjfxx
-+wkwsd5nLDFtNXHYZ7W6XlVJ1Rc6zShnEmdCn3mmibb6OaMUmun2yl9ryEjVSoXLP
-+fSA8W9K9yNhKTRkzdXJfqlC+s/ovX2xBGxsuOoUDaXhRVz0qmpKIHeSFjIP4iXq4
-+y8gDiwvM3HbZfvVonbg6siPwpn4uvw3hesojk1DKAENS52i6U3uK2fs1ALVxsFNS
-+Yh914rDu0Q3e4RXVhURaYzoEbLCot6WGYeCCfQOK0rkETMv+sTYYscC8/THuW7SL
-+HG5zy9Ed95N1Xmf8J+My7gM7ZFodGdHsWvdzEmqsdOFh6IVx/VfHFX0MDBq0t6lZ
-+eRvVgVCfu3gkYLwPScn/04E02vOom51ISKHsF/I11erC66jjNYV9BSpH8O7sAHxZ
-+EmPT2ZVVRSgivOHdQW/FZ3UZQQhVaVSympo2Eb4yWEMFn84Q8T+9Honj6gnB5PXz
-+chmeCsOMlcg1mwWwhn0k+OAWEZy7VRUk5Ahp0fBAGJgwBdqrZ3kM356DjUkVBiYq
-+4eHyvafNKmjf2mnFsI3g2NKRNyl1Lh63wyCFx60yYvBUfXF/W9PFJbD9CiP83kEW
-+gV36gxTsbOSfhpO1OXR90ODy0kx06XzWmJCUugK8u9bx4F/CjV+LIHExuNJiethC
-+A8sIup/MT0fWp4RO/SsVblGqfoqJTaPnhptQzeH2N07pbWkxeMuL6ppPuwFmfVjK
-+FJndqCVrAukcPEOQ16iVURuloJMudqYRc9QKkJFsnv0W/iMNbqQGmXe8Q/5qFiys
-+26NIQBiE2ad9hNLnoccEnmYSRgnW3ZPSKuq5TDdYyDqTZH2r8cam65pr3beKw2XC
-+xw4cc7VaxiwGC2Mg2wRmwwPaTjrcEt6sMa3RjwFEVBxBFyM26wnTEZsTBquCxV0J
-+pgERaeplkixP2Q0m7XAdlDaob973SM2vOoUgypzDchWmpx7u775bnOfU5CihwXl+
-+k0i09WZuT8bPmhEAiGCw5sNzMkz1BC2cCZFfJIkE2vc/wXYOrGxBTJo0EKaUFswa
-+2dnP/u0bn+VksBUM7ywW9LJSXh4mN+tpzdeJtxEObKwX1I0dQxSPWmjd2++wMr9q
-+Unre5fCrDToy2H7C2VKSpuOCT2/Kv4JDQRWwI4KxQOpn0UknAGNmfBoTtpIZ3LEb
-+77oBUJdMQD7tQBBLL0a6f1TdK0dHVprWWawJ+gGFMiMQXqAqblHcxFKWuHv9bQID
-+AQAB
-+-----END PUBLIC KEY-----
---
-2.25.1
-
diff --git a/meta/recipes-connectivity/openssl/openssl_3.0.12.bb b/meta/recipes-connectivity/openssl/openssl_3.0.13.bb
similarity index 97%
rename from meta/recipes-connectivity/openssl/openssl_3.0.12.bb
rename to meta/recipes-connectivity/openssl/openssl_3.0.13.bb
index ce0f9fa8e3..5e43fdc2de 100644
--- a/meta/recipes-connectivity/openssl/openssl_3.0.12.bb
+++ b/meta/recipes-connectivity/openssl/openssl_3.0.13.bb
@@ -12,16 +12,13 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \
file://afalg.patch \
file://0001-Configure-do-not-tweak-mips-cflags.patch \
- file://CVE-2023-5678.patch \
- file://CVE-2023-6129.patch \
- file://CVE-2023-6237.patch \
"
SRC_URI:append:class-nativesdk = " \
file://environment.d-openssl.sh \
"
-SRC_URI[sha256sum] = "f93c9e8edde5e9166119de31755fc87b4aa34863662f67ddfcba14d0b6b69b61"
+SRC_URI[sha256sum] = "88525753f79d3bec27d2fa7c66aa0b92b3aa9498dafd93d7cfa4b3780cdae313"
inherit lib_package multilib_header multilib_script ptest perlnative
MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
@@ -188,6 +185,7 @@ PTEST_BUILD_HOST_PATTERN = "perl_version ="
do_install_ptest () {
install -d ${D}${PTEST_PATH}/test
install -m755 ${B}/test/p_test.so ${D}${PTEST_PATH}/test
+ install -m755 ${B}/test/p_minimal.so ${D}${PTEST_PATH}/test
install -m755 ${B}/test/provider_internal_test.cnf ${D}${PTEST_PATH}/test
# Prune the build tree
--
2.34.1
^ permalink raw reply related [flat|nested] 22+ messages in thread
* [OE-core][kirkstone 0/7] Patch review
@ 2024-04-17 20:35 Steve Sakoman
0 siblings, 0 replies; 22+ messages in thread
From: Steve Sakoman @ 2024-04-17 20:35 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kirkstone and have comments back by
end of day Friday, April 19
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6817
The following changes since commit f94c74cee8b2650dd3211a49dc7e88bf60d2e6a7:
tcl: skip async and event tests in run-ptest (2024-04-16 05:00:24 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Harish Sadineni (1):
rust: add CVE_CHECK_IGNORE for CVE-2024-24576
Meenali Gupta (1):
libssh2: fix CVE-2023-48795
Poonam Jadhav (1):
ppp: Add RSA-MD in LICENSE
Sana Kazi (1):
systemd: Fix vlan qos mapping
Soumya Sambu (1):
nghttp2: Fix CVE-2024-28182
Steve Sakoman (1):
valgrind: skip intermittently failing ptest
Yogita Urade (1):
ruby: fix CVE-2024-27281
meta/recipes-connectivity/ppp/ppp_2.4.9.bb | 2 +-
.../systemd/fix-vlan-qos-mapping.patch | 140 ++++++
meta/recipes-core/systemd/systemd_250.5.bb | 1 +
.../ruby/ruby/CVE-2024-27281.patch | 97 ++++
meta/recipes-devtools/ruby/ruby_3.1.3.bb | 1 +
meta/recipes-devtools/rust/rust-source.inc | 3 +
.../valgrind/valgrind/remove-for-all | 2 +
.../libssh2/libssh2/CVE-2023-48795.patch | 459 ++++++++++++++++++
.../recipes-support/libssh2/libssh2_1.10.0.bb | 1 +
.../nghttp2/nghttp2/CVE-2024-28182-0001.patch | 110 +++++
.../nghttp2/nghttp2/CVE-2024-28182-0002.patch | 105 ++++
.../recipes-support/nghttp2/nghttp2_1.47.0.bb | 2 +
12 files changed, 922 insertions(+), 1 deletion(-)
create mode 100644 meta/recipes-core/systemd/systemd/fix-vlan-qos-mapping.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-27281.patch
create mode 100644 meta/recipes-support/libssh2/libssh2/CVE-2023-48795.patch
create mode 100644 meta/recipes-support/nghttp2/nghttp2/CVE-2024-28182-0001.patch
create mode 100644 meta/recipes-support/nghttp2/nghttp2/CVE-2024-28182-0002.patch
--
2.34.1
^ permalink raw reply [flat|nested] 22+ messages in thread
* [OE-core][kirkstone 0/7] Patch review
@ 2024-05-30 18:37 Steve Sakoman
0 siblings, 0 replies; 22+ messages in thread
From: Steve Sakoman @ 2024-05-30 18:37 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kirktsone and have comments back by
end of day Saturday, June 1
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/6984
The following changes since commit e0a1ed7aa1f2b12d985414db9a75d6e151ae8d21:
initscripts: Add custom mount args for /var/lib (2024-05-22 05:07:30 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Archana Polampalli (5):
ghostscript: fix CVE-2024-33870
ghostscript: fix CVE-2024-33869
ghostscript: fix CVE-2024-33871
ghostscript: fix CVE-2024-29510
ghostscript: fix CVE-2023-52722
Soumya Sambu (2):
util-linux: Fix CVE-2024-28085
git: Fix multiple CVEs
meta/recipes-core/util-linux/util-linux.inc | 5 +
.../util-linux/CVE-2024-28085-0001.patch | 202 +
.../util-linux/CVE-2024-28085-0002.patch | 172 +
.../util-linux/CVE-2024-28085-0003.patch | 223 +
.../util-linux/CVE-2024-28085-0004.patch | 36 +
.../util-linux/CVE-2024-28085-0005.patch | 34 +
.../git/git/CVE-2024-32002-0001.patch | 69 +
.../git/git/CVE-2024-32002-0002.patch | 213 +
.../git/git/CVE-2024-32002-0003.patch | 141 +
.../git/git/CVE-2024-32002-0004.patch | 150 +
.../git/git/CVE-2024-32004-0001.patch | 95 +
.../git/git/CVE-2024-32004-0002.patch | 187 +
.../git/git/CVE-2024-32004-0003.patch | 158 +
.../git/git/CVE-2024-32020.patch | 114 +
.../git/git/CVE-2024-32021-0001.patch | 89 +
.../git/git/CVE-2024-32021-0002.patch | 65 +
.../git/git/CVE-2024-32465.patch | 206 +
meta/recipes-devtools/git/git_2.35.7.bb | 11 +
.../ghostscript/CVE-2023-52722.patch | 43 +
.../ghostscript/CVE-2024-29510.patch | 84 +
.../ghostscript/CVE-2024-33869-0001.patch | 39 +
.../ghostscript/CVE-2024-33869-0002.patch | 52 +
.../ghostscript/CVE-2024-33870.patch | 92 +
.../ghostscript/CVE-2024-33871-0001.patch | 4863 +++++++++++++++++
.../ghostscript/CVE-2024-33871-0002.patch | 43 +
.../ghostscript/ghostscript_9.55.0.bb | 7 +
26 files changed, 7393 insertions(+)
create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2024-28085-0001.patch
create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2024-28085-0002.patch
create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2024-28085-0003.patch
create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2024-28085-0004.patch
create mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2024-28085-0005.patch
create mode 100644 meta/recipes-devtools/git/git/CVE-2024-32002-0001.patch
create mode 100644 meta/recipes-devtools/git/git/CVE-2024-32002-0002.patch
create mode 100644 meta/recipes-devtools/git/git/CVE-2024-32002-0003.patch
create mode 100644 meta/recipes-devtools/git/git/CVE-2024-32002-0004.patch
create mode 100644 meta/recipes-devtools/git/git/CVE-2024-32004-0001.patch
create mode 100644 meta/recipes-devtools/git/git/CVE-2024-32004-0002.patch
create mode 100644 meta/recipes-devtools/git/git/CVE-2024-32004-0003.patch
create mode 100644 meta/recipes-devtools/git/git/CVE-2024-32020.patch
create mode 100644 meta/recipes-devtools/git/git/CVE-2024-32021-0001.patch
create mode 100644 meta/recipes-devtools/git/git/CVE-2024-32021-0002.patch
create mode 100644 meta/recipes-devtools/git/git/CVE-2024-32465.patch
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2023-52722.patch
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-29510.patch
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33869-0001.patch
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33869-0002.patch
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33870.patch
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33871-0001.patch
create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2024-33871-0002.patch
--
2.34.1
^ permalink raw reply [flat|nested] 22+ messages in thread
* [OE-core][kirkstone 0/7] Patch review
@ 2024-07-04 12:32 Steve Sakoman
0 siblings, 0 replies; 22+ messages in thread
From: Steve Sakoman @ 2024-07-04 12:32 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kirkstone and have comments back by
end of day Monday, July 8
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/7103
The following changes since commit fbc8f5381e8e1da0d06f7f8e5b8c63a49b1858c2:
man-pages: remove conflict pages (2024-06-21 12:37:32 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Archana Polampalli (1):
gstreamer1.0-plugins-base: fix CVE-2024-4453
Jonas Gorski (1):
linuxloader: add -armhf on arm only for TARGET_FPU 'hard'
Jose Quaresma (1):
openssh: fix CVE-2024-6387
Poonam Jadhav (2):
glibc-tests: correctly pull in the actual tests when installing -ptest
package
glibc-tests: Add missing bash ptest dependency
Siddharth Doshi (1):
OpenSSL: Security fix for CVE-2024-5535
Vijay Anusuri (1):
wget: Fix for CVE-2024-38428
meta/classes/linuxloader.bbclass | 2 +-
.../openssh/openssh/CVE-2024-6387.patch | 27 +
.../openssh/openssh_8.9p1.bb | 1 +
.../openssl/openssl/CVE-2024-5535_1.patch | 115 ++
.../openssl/openssl/CVE-2024-5535_2.patch | 44 +
.../openssl/openssl/CVE-2024-5535_3.patch | 84 ++
.../openssl/openssl/CVE-2024-5535_4.patch | 178 +++
.../openssl/openssl/CVE-2024-5535_5.patch | 1175 +++++++++++++++++
.../openssl/openssl/CVE-2024-5535_6.patch | 45 +
.../openssl/openssl/CVE-2024-5535_7.patch | 68 +
.../openssl/openssl/CVE-2024-5535_8.patch | 273 ++++
.../openssl/openssl/CVE-2024-5535_9.patch | 205 +++
.../openssl/openssl_3.0.14.bb | 9 +
meta/recipes-core/glibc/glibc-tests_2.35.bb | 4 +-
meta/recipes-core/glibc/glibc/run-ptest | 2 +-
.../wget/wget/CVE-2024-38428.patch | 79 ++
meta/recipes-extended/wget/wget_1.21.4.bb | 1 +
.../CVE-2024-4453.patch | 65 +
.../gstreamer1.0-plugins-base_1.20.7.bb | 1 +
19 files changed, 2374 insertions(+), 4 deletions(-)
create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2024-6387.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_1.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_2.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_3.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_4.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_5.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_6.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_7.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_8.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-5535_9.patch
create mode 100644 meta/recipes-extended/wget/wget/CVE-2024-38428.patch
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2024-4453.patch
--
2.34.1
^ permalink raw reply [flat|nested] 22+ messages in thread
* [OE-core][kirkstone 0/7] Patch review
@ 2024-08-30 12:52 Steve Sakoman
0 siblings, 0 replies; 22+ messages in thread
From: Steve Sakoman @ 2024-08-30 12:52 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kirkstone and have comments back by
end of day Tuesday, September 3
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/7295
The following changes since commit 963085afced737863cf4ff8515a1cf08365d5d87:
libsoup: fix compile error on centos7 (2024-08-23 14:34:03 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Divya Chellam (1):
bind: Upgrade 9.18.24 -> 9.18.28
Hitendra Prajapati (1):
vim: upgrade from 9.0.2190 -> 9.1.0114
Hugo SIMELIERE (1):
cryptodev-module: Fix build for linux 5.10.220
Ming Liu (1):
grub: fs/fat: Don't error when mtime is 0
Peter Marko (2):
libyaml: Ignore CVE-2024-35325
curl: Ignore CVE-2024-32928
Siddharth Doshi (1):
vim: Upgrade 9.1.0114 -> 9.1.0682
...1-fs-fat-Don-t-error-when-mtime-is-0.patch | 70 +++++++++++++++++++
meta/recipes-bsp/grub/grub2.inc | 1 +
.../bind/{bind_9.18.24.bb => bind_9.18.28.bb} | 2 +-
.../cryptodev/cryptodev-module_1.12.bb | 1 +
.../0001-Fix-build-for-linux-5.10.220.patch | 32 +++++++++
meta/recipes-support/curl/curl_7.82.0.bb | 2 +
meta/recipes-support/libyaml/libyaml_0.2.5.bb | 2 +
...m-add-knob-whether-elf.h-are-checked.patch | 39 -----------
.../vim/{vim-tiny_9.0.bb => vim-tiny_9.1.bb} | 0
meta/recipes-support/vim/vim.inc | 5 +-
.../vim/{vim_9.0.bb => vim_9.1.bb} | 0
11 files changed, 111 insertions(+), 43 deletions(-)
create mode 100644 meta/recipes-bsp/grub/files/0001-fs-fat-Don-t-error-when-mtime-is-0.patch
rename meta/recipes-connectivity/bind/{bind_9.18.24.bb => bind_9.18.28.bb} (97%)
create mode 100644 meta/recipes-kernel/cryptodev/files/0001-Fix-build-for-linux-5.10.220.patch
delete mode 100644 meta/recipes-support/vim/files/vim-add-knob-whether-elf.h-are-checked.patch
rename meta/recipes-support/vim/{vim-tiny_9.0.bb => vim-tiny_9.1.bb} (100%)
rename meta/recipes-support/vim/{vim_9.0.bb => vim_9.1.bb} (100%)
--
2.34.1
^ permalink raw reply [flat|nested] 22+ messages in thread
* [OE-core][kirkstone 0/7] Patch review
@ 2024-12-11 14:47 Steve Sakoman
0 siblings, 0 replies; 22+ messages in thread
From: Steve Sakoman @ 2024-12-11 14:47 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kirkstone and have comments back by
end of day Friday, December 13
Passed a-full on autobuilder:
https://valkyrie.yoctoproject.org/#/builders/29/builds/615
The following changes since commit e42b6a40a3a01e328966bb5ee1bb3e0993975b15:
resulttool: Improve repo layout for oeselftest results (2024-12-04 05:50:49 -0800)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Alexander Kanavin (1):
dbus: disable assertions and enable only modular tests
Divya Chellam (1):
libpam: fix CVE-2024-10041
Jiaying Song (1):
python3-requests: fix CVE-2024-35195
Khem Raj (1):
unzip: Fix configure tests to use modern C
Peter Marko (2):
libsdl2: ignore CVE-2020-14409 and CVE-2020-14410
rootfs-postcommands.bbclass: make opkg status reproducible
Ross Burton (1):
sanity: check for working user namespaces
meta/classes/rootfs-postcommands.bbclass | 4 +
meta/classes/sanity.bbclass | 24 ++++
meta/recipes-core/dbus/dbus_1.14.8.bb | 3 +-
.../python3-requests/CVE-2024-35195.patch | 121 ++++++++++++++++++
.../python/python3-requests_2.27.1.bb | 4 +-
.../pam/libpam/CVE-2024-10041.patch | 98 ++++++++++++++
meta/recipes-extended/pam/libpam_1.5.2.bb | 1 +
...rrect-system-headers-and-prototypes-.patch | 112 ++++++++++++++++
meta/recipes-extended/unzip/unzip_6.0.bb | 1 +
.../libsdl2/libsdl2_2.0.20.bb | 3 +
10 files changed, 368 insertions(+), 3 deletions(-)
create mode 100644 meta/recipes-devtools/python/python3-requests/CVE-2024-35195.patch
create mode 100644 meta/recipes-extended/pam/libpam/CVE-2024-10041.patch
create mode 100644 meta/recipes-extended/unzip/unzip/0001-configure-Add-correct-system-headers-and-prototypes-.patch
--
2.34.1
^ permalink raw reply [flat|nested] 22+ messages in thread
* [OE-core][kirkstone 0/7] Patch review
@ 2025-02-12 14:21 Steve Sakoman
0 siblings, 0 replies; 22+ messages in thread
From: Steve Sakoman @ 2025-02-12 14:21 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kirkstone and have comments back by
end of day Friday, February 14
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1001
The following changes since commit a397c152abf4f3da1323594e79ebac844a2c9f45:
glibc: stable 2.35 branch updates (2025-01-30 08:17:32 -0800)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Bruce Ashfield (2):
linux-yocto/5.15: update to v5.15.176
linux-yocto/5.15: update to v5.15.178
Khem Raj (1):
python3: Treat UID/GID overflow as failure
Nikhil R (1):
glibc: Suppress GCC -Os warning on user2netname for sunrpc
Pedro Ferreira (1):
rust-common.bbclass: soft assignment for RUSTLIB path
Peter Marko (1):
cmake: apply parallel build settings to ptest tasks
Praveen Kumar (1):
go: Fix CVE-2024-45336
meta/classes/cmake.bbclass | 2 +
meta/classes/rust-common.bbclass | 2 +-
...press-gcc-os-warning-on-user2netname.patch | 61 +++
meta/recipes-core/glibc/glibc_2.35.bb | 1 +
meta/recipes-devtools/go/go-1.17.13.inc | 1 +
.../go/go-1.21/CVE-2024-45336.patch | 394 ++++++++++++++++++
...e-treat-overflow-in-UID-GID-as-failu.patch | 40 ++
.../python/python3_3.10.16.bb | 1 +
.../linux/linux-yocto-rt_5.15.bb | 6 +-
.../linux/linux-yocto-tiny_5.15.bb | 6 +-
meta/recipes-kernel/linux/linux-yocto_5.15.bb | 26 +-
11 files changed, 520 insertions(+), 20 deletions(-)
create mode 100644 meta/recipes-core/glibc/glibc/0003-sunrpc-suppress-gcc-os-warning-on-user2netname.patch
create mode 100644 meta/recipes-devtools/go/go-1.21/CVE-2024-45336.patch
create mode 100644 meta/recipes-devtools/python/python3/0001-gh-107811-tarfile-treat-overflow-in-UID-GID-as-failu.patch
--
2.43.0
^ permalink raw reply [flat|nested] 22+ messages in thread
* [OE-core][kirkstone 0/7] Patch review
@ 2025-03-14 14:10 Steve Sakoman
0 siblings, 0 replies; 22+ messages in thread
From: Steve Sakoman @ 2025-03-14 14:10 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kirkstone and have comments back by
end of day Tuesday, March 18
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/1187
The following changes since commit 0216c229d5c60d0023b0a7d6e8ee41bdfa16f8ef:
tzcode-native: Fix compiler setting from 2023d version (2025-03-07 07:00:55 -0800)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Ashish Sharma (1):
ruby: Fix CVE-2025-27219
Divya Chellam (1):
vim: Upgrade 9.1.1043 -> 9.1.1115
Hitendra Prajapati (2):
grub: Fix multiple CVEs
grub: Fix multiple CVEs
Peter Marko (2):
puzzles: ignore three new CVEs for a different puzzles
libarchive: patch CVE-2025-25724
Zhang Peng (1):
mpg123: fix CVE-2024-10573
.../0001-misc-Implement-grub_strlcpy.patch | 68 ++
.../grub/files/CVE-2024-45774.patch | 40 +
.../grub/files/CVE-2024-45775.patch | 41 +
.../grub/files/CVE-2024-45776.patch | 42 +
.../grub/files/CVE-2024-45777.patch | 60 ++
.../files/CVE-2024-45778_CVE-2024-45779.patch | 58 ++
.../grub/files/CVE-2024-45780.patch | 96 ++
.../grub/files/CVE-2024-45781.patch | 38 +
.../files/CVE-2024-45782_CVE-2024-56737.patch | 39 +
.../grub/files/CVE-2024-45783.patch | 42 +
.../grub/files/CVE-2025-0622-01.patch | 39 +
.../grub/files/CVE-2025-0622-02.patch | 44 +
.../grub/files/CVE-2025-0622-03.patch | 41 +
.../grub/files/CVE-2025-0624.patch | 87 ++
...025-0685_CVE-2025-0686_CVE-2025-0689.patch | 380 +++++++
.../files/CVE-2025-0678_CVE-2025-1125.patch | 90 ++
.../grub/files/CVE-2025-0690.patch | 75 ++
.../grub/files/CVE-2025-1118.patch | 40 +
meta/recipes-bsp/grub/grub2.inc | 18 +
.../ruby/ruby/CVE-2025-27219.patch | 31 +
meta/recipes-devtools/ruby/ruby_3.1.3.bb | 1 +
.../libarchive/CVE-2025-25724.patch | 40 +
.../libarchive/libarchive_3.6.2.bb | 1 +
.../mpg123/mpg123/CVE-2024-10573.patch | 978 ++++++++++++++++++
.../mpg123/mpg123_1.29.3.bb | 4 +-
meta/recipes-sato/puzzles/puzzles_git.bb | 2 +
meta/recipes-support/vim/vim.inc | 4 +-
27 files changed, 2396 insertions(+), 3 deletions(-)
create mode 100644 meta/recipes-bsp/grub/files/0001-misc-Implement-grub_strlcpy.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45774.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45775.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45776.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45777.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45778_CVE-2024-45779.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45780.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45781.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45782_CVE-2024-56737.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-45783.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-0622-01.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-0622-02.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-0622-03.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-0624.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-0677_CVE-2025-0684_CVE-2025-0685_CVE-2025-0686_CVE-2025-0689.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-0678_CVE-2025-1125.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-0690.patch
create mode 100644 meta/recipes-bsp/grub/files/CVE-2025-1118.patch
create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2025-27219.patch
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-25724.patch
create mode 100644 meta/recipes-multimedia/mpg123/mpg123/CVE-2024-10573.patch
--
2.43.0
^ permalink raw reply [flat|nested] 22+ messages in thread
* [OE-core][kirkstone 0/7] Patch review
@ 2025-09-30 19:50 Steve Sakoman
0 siblings, 0 replies; 22+ messages in thread
From: Steve Sakoman @ 2025-09-30 19:50 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kirkstone ande have comments back by
end of day Thursday, October 2
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2467
The following changes since commit d381eeb5e70bd0ce9e78032c909e4a23564f4dd7:
build-appliance-image: Update to kirkstone head revision (2025-09-19 07:04:23 -0700)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Divya Chellam (1):
vim: upgrade 9.1.1652 -> 9.1.1683
Gyorgy Sarvari (1):
libhandy: update git branch name
Praveen Kumar (1):
go: fix CVE-2025-47907
Soumya Sambu (1):
python3-jinja2: upgrade 3.1.4 -> 3.1.6
Yogita Urade (3):
grub2: fix CVE-2024-56738
curl: fix CVE-2025-9086
tiff: fix CVE-2025-9900
.../grub/files/CVE-2024-56738.patch | 75 ++++
meta/recipes-bsp/grub/grub2.inc | 1 +
meta/recipes-devtools/go/go-1.17.13.inc | 125 ++++---
.../go/go-1.21/CVE-2025-47907-pre-0001.patch | 354 ++++++++++++++++++
.../go/go-1.21/CVE-2025-47907-pre-0002.patch | 232 ++++++++++++
.../go/go-1.21/CVE-2025-47907.patch | 327 ++++++++++++++++
...inja2_3.1.4.bb => python3-jinja2_3.1.6.bb} | 5 +-
meta/recipes-gnome/libhandy/libhandy_1.5.0.bb | 2 +-
.../libtiff/tiff/CVE-2025-9900.patch | 57 +++
meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 1 +
.../curl/curl/CVE-2025-9086.patch | 55 +++
meta/recipes-support/curl/curl_7.82.0.bb | 1 +
meta/recipes-support/vim/vim.inc | 4 +-
13 files changed, 1174 insertions(+), 65 deletions(-)
create mode 100644 meta/recipes-bsp/grub/files/CVE-2024-56738.patch
create mode 100644 meta/recipes-devtools/go/go-1.21/CVE-2025-47907-pre-0001.patch
create mode 100644 meta/recipes-devtools/go/go-1.21/CVE-2025-47907-pre-0002.patch
create mode 100644 meta/recipes-devtools/go/go-1.21/CVE-2025-47907.patch
rename meta/recipes-devtools/python/{python3-jinja2_3.1.4.bb => python3-jinja2_3.1.6.bb} (82%)
create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2025-9900.patch
create mode 100644 meta/recipes-support/curl/curl/CVE-2025-9086.patch
--
2.43.0
^ permalink raw reply [flat|nested] 22+ messages in thread
* [OE-core][kirkstone 0/7] Patch review
@ 2025-11-19 20:42 Steve Sakoman
0 siblings, 0 replies; 22+ messages in thread
From: Steve Sakoman @ 2025-11-19 20:42 UTC (permalink / raw)
To: openembedded-core
Please review this set of changes for kirkstone and have comments back by
end of day Friday, November 21
Passed a-full on autobuilder:
https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/2748
The following changes since commit 8aad87c12a809d790175b9848f5802d0a28eecac:
goarch.bbclass: do not leak TUNE_FEATURES into crosssdk task signatures (2025-11-13 08:39:38 -0800)
are available in the Git repository at:
https://git.openembedded.org/openembedded-core-contrib stable/kirkstone-nut
https://git.openembedded.org/openembedded-core-contrib/log/?h=stable/kirkstone-nut
Gyorgy Sarvari (1):
musl: patch CVE-2025-26519
Richard Purdie (1):
oe-build-perf-report: relax metadata matching rules
Soumya Sambu (2):
elfutils: Fix CVE-2025-1376
elfutils: Fix CVE-2025-1377
Vijay Anusuri (3):
xwayland: Fix for CVE-2025-62229
xwayland: Fix for CVE-2025-62230
xwayland: Fix for CVE-2025-62231
.../musl/musl/CVE-2025-26519-1.patch | 39 ++++++++
.../musl/musl/CVE-2025-26519-2.patch | 38 ++++++++
meta/recipes-core/musl/musl_git.bb | 4 +-
.../elfutils/elfutils_0.186.bb | 2 +
.../elfutils/files/CVE-2025-1376.patch | 58 ++++++++++++
.../elfutils/files/CVE-2025-1377.patch | 68 ++++++++++++++
.../xwayland/xwayland/CVE-2025-62229.patch | 89 ++++++++++++++++++
.../xwayland/xwayland/CVE-2025-62230-1.patch | 63 +++++++++++++
.../xwayland/xwayland/CVE-2025-62230-2.patch | 92 +++++++++++++++++++
.../xwayland/xwayland/CVE-2025-62231.patch | 53 +++++++++++
.../xwayland/xwayland_22.1.8.bb | 4 +
scripts/lib/build_perf/report.py | 9 +-
12 files changed, 515 insertions(+), 4 deletions(-)
create mode 100644 meta/recipes-core/musl/musl/CVE-2025-26519-1.patch
create mode 100644 meta/recipes-core/musl/musl/CVE-2025-26519-2.patch
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2025-1376.patch
create mode 100644 meta/recipes-devtools/elfutils/files/CVE-2025-1377.patch
create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2025-62229.patch
create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2025-62230-1.patch
create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2025-62230-2.patch
create mode 100644 meta/recipes-graphics/xwayland/xwayland/CVE-2025-62231.patch
--
2.43.0
^ permalink raw reply [flat|nested] 22+ messages in thread
end of thread, other threads:[~2025-11-19 20:42 UTC | newest]
Thread overview: 22+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-02-06 15:45 [OE-core][kirkstone 0/7] Patch review Steve Sakoman
2024-02-06 15:45 ` [OE-core][kirkstone 1/7] curl: ignore CVE-2023-42915 Steve Sakoman
2024-02-06 15:45 ` [OE-core][kirkstone 2/7] binutils: internal gdb: Fix CVE-2023-39129 Steve Sakoman
2024-02-06 15:45 ` [OE-core][kirkstone 3/7] binutils: internal gdb: Fix CVE-2023-39130 Steve Sakoman
2024-02-06 15:45 ` [OE-core][kirkstone 4/7] gdb: Fix CVE-2023-39129 Steve Sakoman
2024-02-06 15:45 ` [OE-core][kirkstone 5/7] gdb: Fix CVE-2023-39130 Steve Sakoman
2024-02-06 15:45 ` [OE-core][kirkstone 6/7] gcc-shared-source: ignore CVE-2023-4039 Steve Sakoman
2024-02-06 15:45 ` [OE-core][kirkstone 7/7] openssl: Upgrade 3.0.12 -> 3.0.13 Steve Sakoman
-- strict thread matches above, loose matches on Subject: below --
2025-11-19 20:42 [OE-core][kirkstone 0/7] Patch review Steve Sakoman
2025-09-30 19:50 Steve Sakoman
2025-03-14 14:10 Steve Sakoman
2025-02-12 14:21 Steve Sakoman
2024-12-11 14:47 Steve Sakoman
2024-08-30 12:52 Steve Sakoman
2024-07-04 12:32 Steve Sakoman
2024-05-30 18:37 Steve Sakoman
2024-04-17 20:35 Steve Sakoman
2024-01-17 15:58 Steve Sakoman
2023-11-08 22:52 Steve Sakoman
2023-10-30 2:20 Steve Sakoman
2023-04-15 15:26 Steve Sakoman
2022-08-04 14:06 Steve Sakoman
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox