* [OE-core][scarthgap 01/14] wget: fix CVE-2024-10524
2025-01-22 3:02 [OE-core][scarthgap 00/14] Patch review Steve Sakoman
@ 2025-01-22 3:02 ` Steve Sakoman
2025-01-22 3:02 ` [OE-core][scarthgap 02/14] ofono: Fix multiple CVEs Steve Sakoman
` (12 subsequent siblings)
13 siblings, 0 replies; 19+ messages in thread
From: Steve Sakoman @ 2025-01-22 3:02 UTC (permalink / raw)
To: openembedded-core
From: Divya Chellam <divya.chellam@windriver.com>
Applications that use Wget to access a remote resource using
shorthand URLs and pass arbitrary user credentials in the URL
are vulnerable. In these cases attackers can enter crafted
credentials which will cause Wget to access an arbitrary host.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-10524
Upstream-patch:
https://git.savannah.gnu.org/cgit/wget.git/commit/?id=c419542d956a2607bbce5df64b9d378a8588d778
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../wget/wget/CVE-2024-10524.patch | 197 ++++++++++++++++++
meta/recipes-extended/wget/wget_1.21.4.bb | 1 +
2 files changed, 198 insertions(+)
create mode 100644 meta/recipes-extended/wget/wget/CVE-2024-10524.patch
diff --git a/meta/recipes-extended/wget/wget/CVE-2024-10524.patch b/meta/recipes-extended/wget/wget/CVE-2024-10524.patch
new file mode 100644
index 0000000000..21f990ee73
--- /dev/null
+++ b/meta/recipes-extended/wget/wget/CVE-2024-10524.patch
@@ -0,0 +1,197 @@
+From c419542d956a2607bbce5df64b9d378a8588d778 Mon Sep 17 00:00:00 2001
+From: Tim Rühsen <tim.ruehsen@gmx.de>
+Date: Sun, 27 Oct 2024 19:53:14 +0100
+Subject: [PATCH] Fix CVE-2024-10524 (drop support for shorthand URLs)
+
+* doc/wget.texi: Add documentation for removed support for shorthand URLs.
+* src/html-url.c (src/html-url.c): Call maybe_prepend_scheme.
+* src/main.c (main): Likewise.
+* src/retr.c (getproxy): Likewise.
+* src/url.c: Rename definition of rewrite_shorthand_url to maybe_prepend_scheme,
+ add new function is_valid_port.
+* src/url.h: Rename declaration of rewrite_shorthand_url to maybe_prepend_scheme.
+
+Reported-by: Goni Golan <gonig@jfrog.com>
+
+CVE: CVE-2024-10524
+
+Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/wget.git/commit/?id=c419542d956a2607bbce5df64b9d378a8588d778]
+
+Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
+---
+ doc/wget.texi | 12 ++++-------
+ src/html-url.c | 2 +-
+ src/main.c | 2 +-
+ src/retr.c | 2 +-
+ src/url.c | 57 ++++++++++++++++----------------------------------
+ src/url.h | 2 +-
+ 6 files changed, 26 insertions(+), 51 deletions(-)
+
+diff --git a/doc/wget.texi b/doc/wget.texi
+index 3c24de2..503a03d 100644
+--- a/doc/wget.texi
++++ b/doc/wget.texi
+@@ -314,8 +314,8 @@ for text files. Here is an example:
+ ftp://host/directory/file;type=a
+ @end example
+
+-Two alternative variants of @sc{url} specification are also supported,
+-because of historical (hysterical?) reasons and their widespreaded use.
++The two alternative variants of @sc{url} specifications are no longer
++supported because of security considerations:
+
+ @sc{ftp}-only syntax (supported by @code{NcFTP}):
+ @example
+@@ -327,12 +327,8 @@ host:/dir/file
+ host[:port]/dir/file
+ @end example
+
+-These two alternative forms are deprecated, and may cease being
+-supported in the future.
+-
+-If you do not understand the difference between these notations, or do
+-not know which one to use, just use the plain ordinary format you use
+-with your favorite browser, like @code{Lynx} or @code{Netscape}.
++These two alternative forms have been deprecated long time ago,
++and support is removed with version 1.22.0.
+
+ @c man begin OPTIONS
+
+diff --git a/src/html-url.c b/src/html-url.c
+index 896d6fc..3deea9c 100644
+--- a/src/html-url.c
++++ b/src/html-url.c
+@@ -931,7 +931,7 @@ get_urls_file (const char *file)
+ url_text = merged;
+ }
+
+- new_url = rewrite_shorthand_url (url_text);
++ new_url = maybe_prepend_scheme (url_text);
+ if (new_url)
+ {
+ xfree (url_text);
+diff --git a/src/main.c b/src/main.c
+index d1c3c3e..f1d7792 100644
+--- a/src/main.c
++++ b/src/main.c
+@@ -2126,7 +2126,7 @@ only if outputting to a regular file.\n"));
+ struct iri *iri = iri_new ();
+ struct url *url_parsed;
+
+- t = rewrite_shorthand_url (argv[optind]);
++ t = maybe_prepend_scheme (argv[optind]);
+ if (!t)
+ t = argv[optind];
+
+diff --git a/src/retr.c b/src/retr.c
+index 38c9fcf..a124046 100644
+--- a/src/retr.c
++++ b/src/retr.c
+@@ -1493,7 +1493,7 @@ getproxy (struct url *u)
+
+ /* Handle shorthands. `rewritten_storage' is a kludge to allow
+ getproxy() to return static storage. */
+- rewritten_url = rewrite_shorthand_url (proxy);
++ rewritten_url = maybe_prepend_scheme (proxy);
+ if (rewritten_url)
+ return rewritten_url;
+
+diff --git a/src/url.c b/src/url.c
+index 0acd3f3..6868825 100644
+--- a/src/url.c
++++ b/src/url.c
+@@ -594,60 +594,39 @@ parse_credentials (const char *beg, const char *end, char **user, char **passwd)
+ return true;
+ }
+
+-/* Used by main.c: detect URLs written using the "shorthand" URL forms
+- originally popularized by Netscape and NcFTP. HTTP shorthands look
+- like this:
+-
+- www.foo.com[:port]/dir/file -> http://www.foo.com[:port]/dir/file
+- www.foo.com[:port] -> http://www.foo.com[:port]
+-
+- FTP shorthands look like this:
+-
+- foo.bar.com:dir/file -> ftp://foo.bar.com/dir/file
+- foo.bar.com:/absdir/file -> ftp://foo.bar.com//absdir/file
++static bool is_valid_port(const char *p)
++{
++ unsigned port = (unsigned) atoi (p);
++ if (port == 0 || port > 65535)
++ return false;
+
+- If the URL needs not or cannot be rewritten, return NULL. */
++ int digits = strspn (p, "0123456789");
++ return digits && (p[digits] == '/' || p[digits] == '\0');
++}
+
++/* Prepend "http://" to url if scheme is missing, otherwise return NULL. */
+ char *
+-rewrite_shorthand_url (const char *url)
++maybe_prepend_scheme (const char *url)
+ {
+- const char *p;
+- char *ret;
+-
+ if (url_scheme (url) != SCHEME_INVALID)
+ return NULL;
+
+- /* Look for a ':' or '/'. The former signifies NcFTP syntax, the
+- latter Netscape. */
+- p = strpbrk (url, ":/");
++ const char *p = strchr (url, ':');
+ if (p == url)
+ return NULL;
+
+ /* If we're looking at "://", it means the URL uses a scheme we
+ don't support, which may include "https" when compiled without
+- SSL support. Don't bogusly rewrite such URLs. */
++ SSL support. Don't bogusly prepend "http://" to such URLs. */
+ if (p && p[0] == ':' && p[1] == '/' && p[2] == '/')
+ return NULL;
+
+- if (p && *p == ':')
+- {
+- /* Colon indicates ftp, as in foo.bar.com:path. Check for
+- special case of http port number ("localhost:10000"). */
+- int digits = strspn (p + 1, "0123456789");
+- if (digits && (p[1 + digits] == '/' || p[1 + digits] == '\0'))
+- goto http;
+-
+- /* Turn "foo.bar.com:path" to "ftp://foo.bar.com/path". */
+- if ((ret = aprintf ("ftp://%s", url)) != NULL)
+- ret[6 + (p - url)] = '/';
+- }
+- else
+- {
+- http:
+- /* Just prepend "http://" to URL. */
+- ret = aprintf ("http://%s", url);
+- }
+- return ret;
++ if (p && p[0] == ':' && !is_valid_port (p + 1))
++ return NULL;
++
++
++ fprintf(stderr, "Prepended http:// to '%s'\n", url);
++ return aprintf ("http://%s", url);
+ }
+
+ static void split_path (const char *, char **, char **);
+diff --git a/src/url.h b/src/url.h
+index fb9da33..5f99b0a 100644
+--- a/src/url.h
++++ b/src/url.h
+@@ -128,7 +128,7 @@ char *uri_merge (const char *, const char *);
+
+ int mkalldirs (const char *);
+
+-char *rewrite_shorthand_url (const char *);
++char *maybe_prepend_scheme (const char *);
+ bool schemes_are_similar_p (enum url_scheme a, enum url_scheme b);
+
+ bool are_urls_equal (const char *u1, const char *u2);
+--
+2.40.0
+
diff --git a/meta/recipes-extended/wget/wget_1.21.4.bb b/meta/recipes-extended/wget/wget_1.21.4.bb
index bc65a8f7c8..b5f50f6c84 100644
--- a/meta/recipes-extended/wget/wget_1.21.4.bb
+++ b/meta/recipes-extended/wget/wget_1.21.4.bb
@@ -1,6 +1,7 @@
SRC_URI = "${GNU_MIRROR}/wget/wget-${PV}.tar.gz \
file://0002-improve-reproducibility.patch \
file://CVE-2024-38428.patch \
+ file://CVE-2024-10524.patch \
"
SRC_URI[sha256sum] = "81542f5cefb8faacc39bbbc6c82ded80e3e4a88505ae72ea51df27525bcde04c"
--
2.43.0
^ permalink raw reply related [flat|nested] 19+ messages in thread* [OE-core][scarthgap 02/14] ofono: Fix multiple CVEs
2025-01-22 3:02 [OE-core][scarthgap 00/14] Patch review Steve Sakoman
2025-01-22 3:02 ` [OE-core][scarthgap 01/14] wget: fix CVE-2024-10524 Steve Sakoman
@ 2025-01-22 3:02 ` Steve Sakoman
2025-01-22 3:02 ` [OE-core][scarthgap 03/14] avahi: fix CVE-2024-52616 Steve Sakoman
` (11 subsequent siblings)
13 siblings, 0 replies; 19+ messages in thread
From: Steve Sakoman @ 2025-01-22 3:02 UTC (permalink / raw)
To: openembedded-core
From: Hitendra Prajapati <hprajapati@mvista.com>
Backport fixes for:
* CVE-2024-7539 - Upstream-Status: Backport from https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=389e2344f86319265fb72ae590b470716e038fdc
* CVE-2024-7543 - Upstream-Status: Backport from https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=90e60ada012de42964214d8155260f5749d0dcc7
* CVE-2024-7544 - Upstream-Status: Backport from https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=a240705a0d5d41eca6de4125ab2349ecde4c873a
* CVE-2024-7545 - Upstream-Status: Backport from https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=556e14548c38c2b96d85881542046ee7ed750bb5
* CVE-2024-7546 - Upstream-Status: Backport from https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=79ea6677669e50b0bb9c231765adb4f81c375f63
* CVE-2024-7547 - Upstream-Status: Backport from https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=305df050d02aea8532f7625d6642685aa530f9b0
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../ofono/ofono/CVE-2024-7539.patch | 88 +++++++++++++++++++
.../ofono/ofono/CVE-2024-7543.patch | 30 +++++++
.../ofono/ofono/CVE-2024-7544.patch | 30 +++++++
.../ofono/ofono/CVE-2024-7545.patch | 32 +++++++
.../ofono/ofono/CVE-2024-7546.patch | 30 +++++++
.../ofono/ofono/CVE-2024-7547.patch | 29 ++++++
meta/recipes-connectivity/ofono/ofono_2.4.bb | 6 ++
7 files changed, 245 insertions(+)
create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2024-7539.patch
create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2024-7543.patch
create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2024-7544.patch
create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2024-7545.patch
create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2024-7546.patch
create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2024-7547.patch
diff --git a/meta/recipes-connectivity/ofono/ofono/CVE-2024-7539.patch b/meta/recipes-connectivity/ofono/ofono/CVE-2024-7539.patch
new file mode 100644
index 0000000000..7fcc620fd8
--- /dev/null
+++ b/meta/recipes-connectivity/ofono/ofono/CVE-2024-7539.patch
@@ -0,0 +1,88 @@
+From 389e2344f86319265fb72ae590b470716e038fdc Mon Sep 17 00:00:00 2001
+From: "Sicelo A. Mhlongo" <absicsz@gmail.com>
+Date: Tue, 17 Dec 2024 11:31:29 +0200
+Subject: [PATCH] ussd: ensure ussd content fits in buffers
+
+Fixes: CVE-2024-7539
+
+CVE: CVE-2024-7539
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=389e2344f86319265fb72ae590b470716e038fdc]
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ drivers/atmodem/ussd.c | 5 ++++-
+ drivers/huaweimodem/ussd.c | 5 ++++-
+ drivers/speedupmodem/ussd.c | 5 ++++-
+ 3 files changed, 12 insertions(+), 3 deletions(-)
+
+diff --git a/drivers/atmodem/ussd.c b/drivers/atmodem/ussd.c
+index aaf47b2..cee9bc5 100644
+--- a/drivers/atmodem/ussd.c
++++ b/drivers/atmodem/ussd.c
+@@ -107,7 +107,7 @@ static void cusd_parse(GAtResult *result, struct ofono_ussd *ussd)
+ const char *content;
+ int dcs;
+ enum sms_charset charset;
+- unsigned char msg[160];
++ unsigned char msg[160] = {0};
+ const unsigned char *msg_ptr = NULL;
+ long msg_len;
+
+@@ -127,6 +127,9 @@ static void cusd_parse(GAtResult *result, struct ofono_ussd *ussd)
+ if (!g_at_result_iter_next_number(&iter, &dcs))
+ dcs = 0;
+
++ if (strlen(content) > sizeof(msg) * 2)
++ goto out;
++
+ if (!cbs_dcs_decode(dcs, NULL, NULL, &charset, NULL, NULL, NULL)) {
+ ofono_error("Unsupported USSD data coding scheme (%02x)", dcs);
+ status = 4; /* Not supported */
+diff --git a/drivers/huaweimodem/ussd.c b/drivers/huaweimodem/ussd.c
+index ffb9b2a..cfdb4ee 100644
+--- a/drivers/huaweimodem/ussd.c
++++ b/drivers/huaweimodem/ussd.c
+@@ -52,7 +52,7 @@ static void cusd_parse(GAtResult *result, struct ofono_ussd *ussd)
+ int status;
+ int dcs = 0;
+ const char *content;
+- unsigned char msg[160];
++ unsigned char msg[160] = {0};
+ const unsigned char *msg_ptr = NULL;
+ long msg_len;
+
+@@ -69,6 +69,9 @@ static void cusd_parse(GAtResult *result, struct ofono_ussd *ussd)
+
+ g_at_result_iter_next_number(&iter, &dcs);
+
++ if (strlen(content) > sizeof(msg) * 2)
++ goto out;
++
+ msg_ptr = decode_hex_own_buf(content, -1, &msg_len, 0, msg);
+
+ out:
+diff --git a/drivers/speedupmodem/ussd.c b/drivers/speedupmodem/ussd.c
+index 44da8ed..33441c6 100644
+--- a/drivers/speedupmodem/ussd.c
++++ b/drivers/speedupmodem/ussd.c
+@@ -51,7 +51,7 @@ static void cusd_parse(GAtResult *result, struct ofono_ussd *ussd)
+ int status;
+ int dcs = 0;
+ const char *content;
+- unsigned char msg[160];
++ unsigned char msg[160] = {0};
+ const unsigned char *msg_ptr = NULL;
+ long msg_len;
+
+@@ -68,6 +68,9 @@ static void cusd_parse(GAtResult *result, struct ofono_ussd *ussd)
+
+ g_at_result_iter_next_number(&iter, &dcs);
+
++ if (strlen(content) > sizeof(msg) * 2)
++ goto out;
++
+ msg_ptr = decode_hex_own_buf(content, -1, &msg_len, 0, msg);
+
+ out:
+--
+2.25.1
+
diff --git a/meta/recipes-connectivity/ofono/ofono/CVE-2024-7543.patch b/meta/recipes-connectivity/ofono/ofono/CVE-2024-7543.patch
new file mode 100644
index 0000000000..e48579e59a
--- /dev/null
+++ b/meta/recipes-connectivity/ofono/ofono/CVE-2024-7543.patch
@@ -0,0 +1,30 @@
+From 90e60ada012de42964214d8155260f5749d0dcc7 Mon Sep 17 00:00:00 2001
+From: Ivaylo Dimitrov <ivo.g.dimitrov.75@gmail.com>
+Date: Tue, 3 Dec 2024 21:43:50 +0200
+Subject: [PATCH] stkutil: Fix CVE-2024-7543
+
+CVE: CVE-2024-7543
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=90e60ada012de42964214d8155260f5749d0dcc7]
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ src/stkutil.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/stkutil.c b/src/stkutil.c
+index 4f31af4..fdd11ad 100644
+--- a/src/stkutil.c
++++ b/src/stkutil.c
+@@ -1876,6 +1876,10 @@ static bool parse_dataobj_mms_reference(struct comprehension_tlv_iter *iter,
+
+ data = comprehension_tlv_iter_get_data(iter);
+ mr->len = len;
++
++ if (len > sizeof(mr->ref))
++ return false;
++
+ memcpy(mr->ref, data, len);
+
+ return true;
+--
+2.25.1
+
diff --git a/meta/recipes-connectivity/ofono/ofono/CVE-2024-7544.patch b/meta/recipes-connectivity/ofono/ofono/CVE-2024-7544.patch
new file mode 100644
index 0000000000..7984bc6487
--- /dev/null
+++ b/meta/recipes-connectivity/ofono/ofono/CVE-2024-7544.patch
@@ -0,0 +1,30 @@
+From a240705a0d5d41eca6de4125ab2349ecde4c873a Mon Sep 17 00:00:00 2001
+From: Ivaylo Dimitrov <ivo.g.dimitrov.75@gmail.com>
+Date: Tue, 3 Dec 2024 21:43:49 +0200
+Subject: [PATCH] stkutil: Fix CVE-2024-7544
+
+CVE: CVE-2024-7544
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=a240705a0d5d41eca6de4125ab2349ecde4c873a]
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ src/stkutil.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/stkutil.c b/src/stkutil.c
+index fdd11ad..475caaa 100644
+--- a/src/stkutil.c
++++ b/src/stkutil.c
+@@ -1898,6 +1898,10 @@ static bool parse_dataobj_mms_id(struct comprehension_tlv_iter *iter,
+
+ data = comprehension_tlv_iter_get_data(iter);
+ mi->len = len;
++
++ if (len > sizeof(mi->id))
++ return false;
++
+ memcpy(mi->id, data, len);
+
+ return true;
+--
+2.25.1
+
diff --git a/meta/recipes-connectivity/ofono/ofono/CVE-2024-7545.patch b/meta/recipes-connectivity/ofono/ofono/CVE-2024-7545.patch
new file mode 100644
index 0000000000..a3bf13a81e
--- /dev/null
+++ b/meta/recipes-connectivity/ofono/ofono/CVE-2024-7545.patch
@@ -0,0 +1,32 @@
+From 556e14548c38c2b96d85881542046ee7ed750bb5 Mon Sep 17 00:00:00 2001
+From: Sicelo A. Mhlongo <absicsz@gmail.com>
+Date: Wed, Dec 4 12:07:34 2024 +0200
+Subject: [PATCH] stkutil: ensure data fits in buffer
+
+Fixes CVE-2024-7545
+
+CVE: CVE-2024-7545
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=556e14548c38c2b96d85881542046ee7ed750bb5]
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ src/stkutil.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/stkutil.c b/src/stkutil.c
+index 475caaa..e1fd75c 100644
+--- a/src/stkutil.c
++++ b/src/stkutil.c
+@@ -1938,6 +1938,10 @@ static bool parse_dataobj_mms_content_id(
+
+ data = comprehension_tlv_iter_get_data(iter);
+ mci->len = len;
++
++ if (len > sizeof(mci->id))
++ return false;
++
+ memcpy(mci->id, data, len);
+
+ return true;
+--
+2.25.1
+
diff --git a/meta/recipes-connectivity/ofono/ofono/CVE-2024-7546.patch b/meta/recipes-connectivity/ofono/ofono/CVE-2024-7546.patch
new file mode 100644
index 0000000000..808458be2f
--- /dev/null
+++ b/meta/recipes-connectivity/ofono/ofono/CVE-2024-7546.patch
@@ -0,0 +1,30 @@
+From 79ea6677669e50b0bb9c231765adb4f81c375f63 Mon Sep 17 00:00:00 2001
+From: Ivaylo Dimitrov <ivo.g.dimitrov.75@gmail.com>
+Date: Tue, 3 Dec 2024 21:43:52 +0200
+Subject: [PATCH] Fix CVE-2024-7546
+
+CVE: CVE-2024-7546
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=79ea6677669e50b0bb9c231765adb4f81c375f63]
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ src/stkutil.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/stkutil.c b/src/stkutil.c
+index e1fd75c..88a715d 100644
+--- a/src/stkutil.c
++++ b/src/stkutil.c
+@@ -1783,6 +1783,10 @@ static bool parse_dataobj_frame_layout(struct comprehension_tlv_iter *iter,
+
+ fl->layout = data[0];
+ fl->len = len - 1;
++
++ if (fl->len > sizeof(fl->size))
++ return false;
++
+ memcpy(fl->size, data + 1, fl->len);
+
+ return true;
+--
+2.25.1
+
diff --git a/meta/recipes-connectivity/ofono/ofono/CVE-2024-7547.patch b/meta/recipes-connectivity/ofono/ofono/CVE-2024-7547.patch
new file mode 100644
index 0000000000..d4feee7f7f
--- /dev/null
+++ b/meta/recipes-connectivity/ofono/ofono/CVE-2024-7547.patch
@@ -0,0 +1,29 @@
+From 305df050d02aea8532f7625d6642685aa530f9b0 Mon Sep 17 00:00:00 2001
+From: Ivaylo Dimitrov <ivo.g.dimitrov.75@gmail.com>
+Date: Tue, 3 Dec 2024 21:43:51 +0200
+Subject: [PATCH] Fix CVE-2024-7547
+
+CVE: CVE-2024-7547
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=305df050d02aea8532f7625d6642685aa530f9b0]
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ src/smsutil.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/smsutil.c b/src/smsutil.c
+index def47e8..f79f59d 100644
+--- a/src/smsutil.c
++++ b/src/smsutil.c
+@@ -1475,6 +1475,9 @@ static gboolean decode_command(const unsigned char *pdu, int len,
+ if ((len - offset) < out->command.cdl)
+ return FALSE;
+
++ if (out->command.cdl > sizeof(out->command.cd))
++ return FALSE;
++
+ memcpy(out->command.cd, pdu + offset, out->command.cdl);
+
+ return TRUE;
+--
+2.25.1
+
diff --git a/meta/recipes-connectivity/ofono/ofono_2.4.bb b/meta/recipes-connectivity/ofono/ofono_2.4.bb
index f8ade2b2f8..852c71948e 100644
--- a/meta/recipes-connectivity/ofono/ofono_2.4.bb
+++ b/meta/recipes-connectivity/ofono/ofono_2.4.bb
@@ -16,6 +16,12 @@ SRC_URI = "\
file://CVE-2023-2794-0002.patch \
file://CVE-2023-2794-0003.patch \
file://CVE-2023-2794-0004.patch \
+ file://CVE-2024-7539.patch \
+ file://CVE-2024-7543.patch \
+ file://CVE-2024-7544.patch \
+ file://CVE-2024-7545.patch \
+ file://CVE-2024-7546.patch \
+ file://CVE-2024-7547.patch \
"
SRC_URI[sha256sum] = "93580adc1afd1890dc516efb069de0c5cdfef014415256ddfb28ab172df2d11d"
--
2.43.0
^ permalink raw reply related [flat|nested] 19+ messages in thread* [OE-core][scarthgap 03/14] avahi: fix CVE-2024-52616
2025-01-22 3:02 [OE-core][scarthgap 00/14] Patch review Steve Sakoman
2025-01-22 3:02 ` [OE-core][scarthgap 01/14] wget: fix CVE-2024-10524 Steve Sakoman
2025-01-22 3:02 ` [OE-core][scarthgap 02/14] ofono: Fix multiple CVEs Steve Sakoman
@ 2025-01-22 3:02 ` Steve Sakoman
2025-01-22 3:03 ` [OE-core][scarthgap 04/14] socat: patch CVE-2024-54661 Steve Sakoman
` (10 subsequent siblings)
13 siblings, 0 replies; 19+ messages in thread
From: Steve Sakoman @ 2025-01-22 3:02 UTC (permalink / raw)
To: openembedded-core
From: Zhang Peng <peng.zhang1.cn@windriver.com>
CVE-2024-52616:
A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs
randomly only once at startup, incrementing them sequentially after that. This
predictable behavior facilitates DNS spoofing attacks, allowing attackers to
guess transaction IDs.
Reference:
[https://nvd.nist.gov/vuln/detail/CVE-2024-52616]
[https://github.com/avahi/avahi/security/advisories/GHSA-r9j3-vjjh-p8vm]
Upstream patches:
[https://github.com/avahi/avahi/commit/f8710bdc8b29ee1176fe3bfaeabebbda1b7a79f7]
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-connectivity/avahi/avahi_0.8.bb | 1 +
.../avahi/files/CVE-2024-52616.patch | 104 ++++++++++++++++++
2 files changed, 105 insertions(+)
create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2024-52616.patch
diff --git a/meta/recipes-connectivity/avahi/avahi_0.8.bb b/meta/recipes-connectivity/avahi/avahi_0.8.bb
index 1f18d4491d..1163c17e20 100644
--- a/meta/recipes-connectivity/avahi/avahi_0.8.bb
+++ b/meta/recipes-connectivity/avahi/avahi_0.8.bb
@@ -35,6 +35,7 @@ SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/avahi-${PV}.tar.gz \
file://CVE-2023-38471-2.patch \
file://CVE-2023-38472.patch \
file://CVE-2023-38473.patch \
+ file://CVE-2024-52616.patch \
"
GITHUB_BASE_URI = "https://github.com/avahi/avahi/releases/"
diff --git a/meta/recipes-connectivity/avahi/files/CVE-2024-52616.patch b/meta/recipes-connectivity/avahi/files/CVE-2024-52616.patch
new file mode 100644
index 0000000000..a156f98728
--- /dev/null
+++ b/meta/recipes-connectivity/avahi/files/CVE-2024-52616.patch
@@ -0,0 +1,104 @@
+From f8710bdc8b29ee1176fe3bfaeabebbda1b7a79f7 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
+Date: Mon, 11 Nov 2024 00:56:09 +0100
+Subject: [PATCH] Properly randomize query id of DNS packets
+
+CVE: CVE-2024-52616
+Upstream-Status: Backport [https://github.com/avahi/avahi/commit/f8710bdc8b29ee1176fe3bfaeabebbda1b7a79f7]
+
+Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
+---
+ avahi-core/wide-area.c | 36 ++++++++++++++++++++++++++++--------
+ configure.ac | 3 ++-
+ 2 files changed, 30 insertions(+), 9 deletions(-)
+
+diff --git a/avahi-core/wide-area.c b/avahi-core/wide-area.c
+index 971f5e714..00a15056e 100644
+--- a/avahi-core/wide-area.c
++++ b/avahi-core/wide-area.c
+@@ -40,6 +40,13 @@
+ #include "addr-util.h"
+ #include "rr-util.h"
+
++#ifdef HAVE_SYS_RANDOM_H
++#include <sys/random.h>
++#endif
++#ifndef HAVE_GETRANDOM
++# define getrandom(d, len, flags) (-1)
++#endif
++
+ #define CACHE_ENTRIES_MAX 500
+
+ typedef struct AvahiWideAreaCacheEntry AvahiWideAreaCacheEntry;
+@@ -84,8 +91,6 @@ struct AvahiWideAreaLookupEngine {
+ int fd_ipv4, fd_ipv6;
+ AvahiWatch *watch_ipv4, *watch_ipv6;
+
+- uint16_t next_id;
+-
+ /* Cache */
+ AVAHI_LLIST_HEAD(AvahiWideAreaCacheEntry, cache);
+ AvahiHashmap *cache_by_key;
+@@ -201,6 +206,26 @@ static void sender_timeout_callback(AvahiTimeEvent *e, void *userdata) {
+ avahi_time_event_update(e, avahi_elapse_time(&tv, 1000, 0));
+ }
+
++static uint16_t get_random_uint16(void) {
++ uint16_t next_id;
++
++ if (getrandom(&next_id, sizeof(next_id), 0) == -1)
++ next_id = (uint16_t) rand();
++ return next_id;
++}
++
++static uint16_t avahi_wide_area_next_id(AvahiWideAreaLookupEngine *e) {
++ uint16_t next_id;
++
++ next_id = get_random_uint16();
++ while (find_lookup(e, next_id)) {
++ /* This ID is already used, get new. */
++ next_id = get_random_uint16();
++ }
++ return next_id;
++}
++
++
+ AvahiWideAreaLookup *avahi_wide_area_lookup_new(
+ AvahiWideAreaLookupEngine *e,
+ AvahiKey *key,
+@@ -227,11 +252,7 @@ AvahiWideAreaLookup *avahi_wide_area_lookup_new(
+ /* If more than 65K wide area quries are issued simultaneously,
+ * this will break. This should be limited by some higher level */
+
+- for (;; e->next_id++)
+- if (!find_lookup(e, e->next_id))
+- break; /* This ID is not yet used. */
+-
+- l->id = e->next_id++;
++ l->id = avahi_wide_area_next_id(e);
+
+ /* We keep the packet around in case we need to repeat our query */
+ l->packet = avahi_dns_packet_new(0);
+@@ -604,7 +625,6 @@ AvahiWideAreaLookupEngine *avahi_wide_area_engine_new(AvahiServer *s) {
+ e->watch_ipv6 = s->poll_api->watch_new(e->server->poll_api, e->fd_ipv6, AVAHI_WATCH_IN, socket_event, e);
+
+ e->n_dns_servers = e->current_dns_server = 0;
+- e->next_id = (uint16_t) rand();
+
+ /* Initialize cache */
+ AVAHI_LLIST_HEAD_INIT(AvahiWideAreaCacheEntry, e->cache);
+diff --git a/configure.ac b/configure.ac
+index a3211b80e..31bce3d76 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -367,7 +367,8 @@ AC_FUNC_SELECT_ARGTYPES
+ # whether libc's malloc does too. (Same for realloc.)
+ #AC_FUNC_MALLOC
+ #AC_FUNC_REALLOC
+-AC_CHECK_FUNCS([gethostname memchr memmove memset mkdir select socket strchr strcspn strdup strerror strrchr strspn strstr uname setresuid setreuid setresgid setregid strcasecmp gettimeofday putenv strncasecmp strlcpy gethostbyname seteuid setegid setproctitle getprogname])
++AC_CHECK_FUNCS([gethostname memchr memmove memset mkdir select socket strchr strcspn strdup strerror strrchr strspn strstr uname setresuid setreuid setresgid setregid strcasecmp gettimeofday putenv strncasecmp strlcpy gethostbyname seteuid setegid setproctitle getprogname getrandom])
++AC_CHECK_HEADERS([sys/random.h])
+
+ AC_FUNC_CHOWN
+ AC_FUNC_STAT
+
--
2.43.0
^ permalink raw reply related [flat|nested] 19+ messages in thread* [OE-core][scarthgap 04/14] socat: patch CVE-2024-54661
2025-01-22 3:02 [OE-core][scarthgap 00/14] Patch review Steve Sakoman
` (2 preceding siblings ...)
2025-01-22 3:02 ` [OE-core][scarthgap 03/14] avahi: fix CVE-2024-52616 Steve Sakoman
@ 2025-01-22 3:03 ` Steve Sakoman
2025-01-22 3:03 ` [OE-core][scarthgap 05/14] ofono: patch CVE-2024-7540, CVE-2024-7541, CVE-2024-7542 Steve Sakoman
` (9 subsequent siblings)
13 siblings, 0 replies; 19+ messages in thread
From: Steve Sakoman @ 2025-01-22 3:03 UTC (permalink / raw)
To: openembedded-core
From: Peter Marko <peter.marko@siemens.com>
Picked upstream commit
https://repo.or.cz/socat.git/commitdiff/4ee1f31cf80019c5907876576d6dfd49368d660f
Since this was the only commit in 1.8.0.2 it also contained release
changes which were dropped.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../socat/files/CVE-2024-54661.patch | 113 ++++++++++++++++++
.../socat/socat_1.8.0.0.bb | 1 +
2 files changed, 114 insertions(+)
create mode 100644 meta/recipes-connectivity/socat/files/CVE-2024-54661.patch
diff --git a/meta/recipes-connectivity/socat/files/CVE-2024-54661.patch b/meta/recipes-connectivity/socat/files/CVE-2024-54661.patch
new file mode 100644
index 0000000000..3bf685ebd9
--- /dev/null
+++ b/meta/recipes-connectivity/socat/files/CVE-2024-54661.patch
@@ -0,0 +1,113 @@
+From 4ee1f31cf80019c5907876576d6dfd49368d660f Mon Sep 17 00:00:00 2001
+From: Gerhard Rieger <gerhard@dest-unreach.org>
+Date: Fri, 6 Dec 2024 11:42:09 +0100
+Subject: [PATCH] Version 1.8.0.2 - CVE-2024-54661: Arbitrary file overwrite in
+ readline.sh
+
+CVE: CVE-2024-54661
+Upstream-Status: Backport [https://repo.or.cz/socat.git/commitdiff/4ee1f31cf80019c5907876576d6dfd49368d660f]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ readline.sh | 10 +++++++--
+ test.sh | 63 +++++++++++++++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 71 insertions(+), 2 deletions(-)
+
+diff --git a/readline.sh b/readline.sh
+index b6f8438..1045303 100755
+--- a/readline.sh
++++ b/readline.sh
+@@ -22,9 +22,15 @@ if [ "$withhistfile" ]; then
+ else
+ HISTOPT=
+ fi
+-mkdir -p /tmp/$USER || exit 1
+ #
+ #
+
+-exec socat -d readline"$HISTOPT",noecho='[Pp]assword:' exec:"$PROGRAM",sigint,pty,setsid,ctty,raw,echo=0,stderr 2>/tmp/$USER/stderr2
++if test -w .; then
++ STDERR=./socat-readline.${1##*/}.log
++ rm -f $STDERR
++else
++ STDERR=/dev/null
++fi
++
++exec socat -d readline"$HISTOPT",noecho='[Pp]assword:' exec:"$PROGRAM",sigint,pty,setsid,ctty,raw,echo=0,stderr 2>$STDERR
+
+diff --git a/test.sh b/test.sh
+index 46bebf8..5204ac7 100755
+--- a/test.sh
++++ b/test.sh
+@@ -19154,6 +19154,69 @@ esac
+ N=$((N+1))
+
+
++# Test the readline.sh file overwrite vulnerability
++NAME=READLINE_SH_OVERWRITE
++case "$TESTS" in
++*%$N%*|*%functions%*|*%bugs%*|*%readline%*|*%security%*|*%$NAME%*)
++TEST="$NAME: Test the readline.sh file overwrite vulnerability"
++# Create a symlink /tmp/$USER/stderr2 pointing to a temporary file,
++# run readline.sh
++# When the temporary file is kept the test succeeded
++if ! eval $NUMCOND; then :
++elif ! cond=$(checkconds \
++ "" \
++ "" \
++ "readline.sh" \
++ "" \
++ "" \
++ "" \
++ "" ); then
++ $PRINTF "test $F_n $TEST... ${YELLOW}$cond${NORMAL}\n" $N
++ numCANT=$((numCANT+1))
++ listCANT="$listCANT $N"
++ namesCANT="$namesCANT $NAME"
++else
++ tf="$td/test$N.file"
++ te="$td/test$N.stderr"
++ tdiff="$td/test$N.diff"
++ da="test$N $(date) $RANDOM"
++ echo "$da" >"$tf"
++ ln -sf "$tf" /tmp/$USER/stderr2
++ CMD0="readline.sh cat"
++ printf "test $F_n $TEST... " $N
++ $CMD0 </dev/null >/dev/null 2>"${te}0"
++ rc0=$?
++# if [ "$rc0" -ne 0 ]; then
++# $PRINTF "$CANT (rc0=$rc0)\n"
++# echo "$CMD0"
++# cat "${te}0" >&2
++# numCANT=$((numCANT+1))
++# listCANT="$listCANT $N"
++# namesCANT="$namesCANT $NAME"
++# elif ! echo "$da" |diff - "$tf" >$tdiff; then
++ if ! echo "$da" |diff - "$tf" >$tdiff; then
++ $PRINTF "$FAILED (diff)\n"
++ echo "$CMD0 &"
++ cat "${te}0" >&2
++ echo "// diff:" >&2
++ cat "$tdiff" >&2
++ numFAIL=$((numFAIL+1))
++ listFAIL="$listFAIL $N"
++ namesFAIL="$namesFAIL $NAME"
++ else
++ $PRINTF "$OK\n"
++ if [ "$VERBOSE" ]; then echo "$CMD0 &"; fi
++ if [ "$DEBUG" ]; then cat "${te}0" >&2; fi
++ if [ "$VERBOSE" ]; then echo "$CMD1"; fi
++ if [ "$DEBUG" ]; then cat "${te}1" >&2; fi
++ numOK=$((numOK+1))
++ listOK="$listOK $N"
++ fi
++fi # NUMCOND
++ ;;
++esac
++N=$((N+1))
++
+ # end of common tests
+
+ ##################################################################################
+--
+2.30.2
+
diff --git a/meta/recipes-connectivity/socat/socat_1.8.0.0.bb b/meta/recipes-connectivity/socat/socat_1.8.0.0.bb
index 912605c95c..bb39730005 100644
--- a/meta/recipes-connectivity/socat/socat_1.8.0.0.bb
+++ b/meta/recipes-connectivity/socat/socat_1.8.0.0.bb
@@ -11,6 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
SRC_URI = "http://www.dest-unreach.org/socat/download/socat-${PV}.tar.bz2 \
file://0001-fix-compile-procan.c-failed.patch \
+ file://CVE-2024-54661.patch \
"
SRC_URI[sha256sum] = "e1de683dd22ee0e3a6c6bbff269abe18ab0c9d7eb650204f125155b9005faca7"
--
2.43.0
^ permalink raw reply related [flat|nested] 19+ messages in thread* [OE-core][scarthgap 05/14] ofono: patch CVE-2024-7540, CVE-2024-7541, CVE-2024-7542
2025-01-22 3:02 [OE-core][scarthgap 00/14] Patch review Steve Sakoman
` (3 preceding siblings ...)
2025-01-22 3:03 ` [OE-core][scarthgap 04/14] socat: patch CVE-2024-54661 Steve Sakoman
@ 2025-01-22 3:03 ` Steve Sakoman
2025-01-22 3:03 ` [OE-core][scarthgap 06/14] ofono: patch CVE-2023-4232 Steve Sakoman
` (8 subsequent siblings)
13 siblings, 0 replies; 19+ messages in thread
From: Steve Sakoman @ 2025-01-22 3:03 UTC (permalink / raw)
To: openembedded-core
From: Peter Marko <peter.marko@siemens.com>
Cherry-pick commit
https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=29ff6334b492504ace101be748b256e6953d2c2f
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
...024-7540_CVE-2024-7541_CVE-2024-7542.patch | 52 +++++++++++++++++++
meta/recipes-connectivity/ofono/ofono_2.4.bb | 1 +
2 files changed, 53 insertions(+)
create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2024-7540_CVE-2024-7541_CVE-2024-7542.patch
diff --git a/meta/recipes-connectivity/ofono/ofono/CVE-2024-7540_CVE-2024-7541_CVE-2024-7542.patch b/meta/recipes-connectivity/ofono/ofono/CVE-2024-7540_CVE-2024-7541_CVE-2024-7542.patch
new file mode 100644
index 0000000000..0b06e057e5
--- /dev/null
+++ b/meta/recipes-connectivity/ofono/ofono/CVE-2024-7540_CVE-2024-7541_CVE-2024-7542.patch
@@ -0,0 +1,52 @@
+From 29ff6334b492504ace101be748b256e6953d2c2f Mon Sep 17 00:00:00 2001
+From: "Sicelo A. Mhlongo" <absicsz@gmail.com>
+Date: Tue, 17 Dec 2024 11:31:28 +0200
+Subject: [PATCH] atmodem: sms: ensure buffer is initialized before use
+
+Fixes: CVE-2024-7540
+Fixes: CVE-2024-7541
+Fixes: CVE-2024-7542
+
+CVE: CVE-2024-7540
+CVE: CVE-2024-7541
+CVE: CVE-2024-7542
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=29ff6334b492504ace101be748b256e6953d2c2f]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ drivers/atmodem/sms.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/drivers/atmodem/sms.c b/drivers/atmodem/sms.c
+index d994856b..0668c631 100644
+--- a/drivers/atmodem/sms.c
++++ b/drivers/atmodem/sms.c
+@@ -412,7 +412,7 @@ static void at_cmt_notify(GAtResult *result, gpointer user_data)
+ struct sms_data *data = ofono_sms_get_data(sms);
+ GAtResultIter iter;
+ const char *hexpdu;
+- unsigned char pdu[176];
++ unsigned char pdu[176] = {0};
+ long pdu_len;
+ int tpdu_len;
+
+@@ -479,7 +479,7 @@ static void at_cmgr_notify(GAtResult *result, gpointer user_data)
+ struct sms_data *data = ofono_sms_get_data(sms);
+ GAtResultIter iter;
+ const char *hexpdu;
+- unsigned char pdu[176];
++ unsigned char pdu[176] = {0};
+ long pdu_len;
+ int tpdu_len;
+
+@@ -661,7 +661,7 @@ static void at_cmgl_notify(GAtResult *result, gpointer user_data)
+ struct sms_data *data = ofono_sms_get_data(sms);
+ GAtResultIter iter;
+ const char *hexpdu;
+- unsigned char pdu[176];
++ unsigned char pdu[176] = {0};
+ long pdu_len;
+ int tpdu_len;
+ int index;
+--
+2.30.2
+
diff --git a/meta/recipes-connectivity/ofono/ofono_2.4.bb b/meta/recipes-connectivity/ofono/ofono_2.4.bb
index 852c71948e..097a0e0566 100644
--- a/meta/recipes-connectivity/ofono/ofono_2.4.bb
+++ b/meta/recipes-connectivity/ofono/ofono_2.4.bb
@@ -22,6 +22,7 @@ SRC_URI = "\
file://CVE-2024-7545.patch \
file://CVE-2024-7546.patch \
file://CVE-2024-7547.patch \
+ file://CVE-2024-7540_CVE-2024-7541_CVE-2024-7542.patch \
"
SRC_URI[sha256sum] = "93580adc1afd1890dc516efb069de0c5cdfef014415256ddfb28ab172df2d11d"
--
2.43.0
^ permalink raw reply related [flat|nested] 19+ messages in thread* [OE-core][scarthgap 06/14] ofono: patch CVE-2023-4232
2025-01-22 3:02 [OE-core][scarthgap 00/14] Patch review Steve Sakoman
` (4 preceding siblings ...)
2025-01-22 3:03 ` [OE-core][scarthgap 05/14] ofono: patch CVE-2024-7540, CVE-2024-7541, CVE-2024-7542 Steve Sakoman
@ 2025-01-22 3:03 ` Steve Sakoman
2025-01-22 3:03 ` [OE-core][scarthgap 07/14] ofono: patch CVE-2023-4235 Steve Sakoman
` (7 subsequent siblings)
13 siblings, 0 replies; 19+ messages in thread
From: Steve Sakoman @ 2025-01-22 3:03 UTC (permalink / raw)
To: openembedded-core
From: Peter Marko <peter.marko@siemens.com>
Cherry-pick commit
https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=2ff2da7ac374a790f8b2a0216bcb4e3126498225
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../ofono/ofono/CVE-2023-4232.patch | 31 +++++++++++++++++++
meta/recipes-connectivity/ofono/ofono_2.4.bb | 1 +
2 files changed, 32 insertions(+)
create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2023-4232.patch
diff --git a/meta/recipes-connectivity/ofono/ofono/CVE-2023-4232.patch b/meta/recipes-connectivity/ofono/ofono/CVE-2023-4232.patch
new file mode 100644
index 0000000000..516cbf779c
--- /dev/null
+++ b/meta/recipes-connectivity/ofono/ofono/CVE-2023-4232.patch
@@ -0,0 +1,31 @@
+From 2ff2da7ac374a790f8b2a0216bcb4e3126498225 Mon Sep 17 00:00:00 2001
+From: "Sicelo A. Mhlongo" <absicsz@gmail.com>
+Date: Wed, 4 Dec 2024 10:18:52 +0200
+Subject: [PATCH] smsutil: check status report fits in buffer
+
+Fixes CVE-2023-4232
+
+CVE: CVE-2023-4232
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=2ff2da7ac374a790f8b2a0216bcb4e3126498225]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ src/smsutil.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/smsutil.c b/src/smsutil.c
+index ac89f16c..a706e26f 100644
+--- a/src/smsutil.c
++++ b/src/smsutil.c
+@@ -1088,6 +1088,9 @@ static gboolean decode_status_report(const unsigned char *pdu, int len,
+ if ((len - offset) < expected)
+ return FALSE;
+
++ if (expected > (int)sizeof(out->status_report.ud))
++ return FALSE;
++
+ memcpy(out->status_report.ud, pdu + offset, expected);
+ }
+
+--
+2.30.2
+
diff --git a/meta/recipes-connectivity/ofono/ofono_2.4.bb b/meta/recipes-connectivity/ofono/ofono_2.4.bb
index 097a0e0566..a6a4852a63 100644
--- a/meta/recipes-connectivity/ofono/ofono_2.4.bb
+++ b/meta/recipes-connectivity/ofono/ofono_2.4.bb
@@ -23,6 +23,7 @@ SRC_URI = "\
file://CVE-2024-7546.patch \
file://CVE-2024-7547.patch \
file://CVE-2024-7540_CVE-2024-7541_CVE-2024-7542.patch \
+ file://CVE-2023-4232.patch \
"
SRC_URI[sha256sum] = "93580adc1afd1890dc516efb069de0c5cdfef014415256ddfb28ab172df2d11d"
--
2.43.0
^ permalink raw reply related [flat|nested] 19+ messages in thread* [OE-core][scarthgap 07/14] ofono: patch CVE-2023-4235
2025-01-22 3:02 [OE-core][scarthgap 00/14] Patch review Steve Sakoman
` (5 preceding siblings ...)
2025-01-22 3:03 ` [OE-core][scarthgap 06/14] ofono: patch CVE-2023-4232 Steve Sakoman
@ 2025-01-22 3:03 ` Steve Sakoman
2025-01-22 3:03 ` [OE-core][scarthgap 08/14] scripts/install-buildtools: Update to 5.0.6 Steve Sakoman
` (6 subsequent siblings)
13 siblings, 0 replies; 19+ messages in thread
From: Steve Sakoman @ 2025-01-22 3:03 UTC (permalink / raw)
To: openembedded-core
From: Peter Marko <peter.marko@siemens.com>
Cherry-pick commit
https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=02aa0f9bad3d9e47a152fc045d0f51874d901d7e
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../ofono/ofono/CVE-2023-4235.patch | 38 +++++++++++++++++++
meta/recipes-connectivity/ofono/ofono_2.4.bb | 1 +
2 files changed, 39 insertions(+)
create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2023-4235.patch
diff --git a/meta/recipes-connectivity/ofono/ofono/CVE-2023-4235.patch b/meta/recipes-connectivity/ofono/ofono/CVE-2023-4235.patch
new file mode 100644
index 0000000000..059f9bbfee
--- /dev/null
+++ b/meta/recipes-connectivity/ofono/ofono/CVE-2023-4235.patch
@@ -0,0 +1,38 @@
+From 02aa0f9bad3d9e47a152fc045d0f51874d901d7e Mon Sep 17 00:00:00 2001
+From: "Sicelo A. Mhlongo" <absicsz@gmail.com>
+Date: Wed, 4 Dec 2024 10:18:51 +0200
+Subject: [PATCH] smsutil: check deliver reports fit in buffer
+
+Fixes CVE-2023-4235
+
+CVE: CVE-2023-4235
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=02aa0f9bad3d9e47a152fc045d0f51874d901d7e]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ src/smsutil.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/smsutil.c b/src/smsutil.c
+index 484bfd0b..ac89f16c 100644
+--- a/src/smsutil.c
++++ b/src/smsutil.c
+@@ -1240,10 +1240,16 @@ static gboolean decode_deliver_report(const unsigned char *pdu, int len,
+ return FALSE;
+
+ if (out->type == SMS_TYPE_DELIVER_REPORT_ERROR) {
++ if (expected > (int) sizeof(out->deliver_err_report.ud))
++ return FALSE;
++
+ out->deliver_err_report.udl = udl;
+ memcpy(out->deliver_err_report.ud,
+ pdu + offset, expected);
+ } else {
++ if (expected > (int) sizeof(out->deliver_ack_report.ud))
++ return FALSE;
++
+ out->deliver_ack_report.udl = udl;
+ memcpy(out->deliver_ack_report.ud,
+ pdu + offset, expected);
+--
+2.30.2
+
diff --git a/meta/recipes-connectivity/ofono/ofono_2.4.bb b/meta/recipes-connectivity/ofono/ofono_2.4.bb
index a6a4852a63..5ae63e6ef6 100644
--- a/meta/recipes-connectivity/ofono/ofono_2.4.bb
+++ b/meta/recipes-connectivity/ofono/ofono_2.4.bb
@@ -24,6 +24,7 @@ SRC_URI = "\
file://CVE-2024-7547.patch \
file://CVE-2024-7540_CVE-2024-7541_CVE-2024-7542.patch \
file://CVE-2023-4232.patch \
+ file://CVE-2023-4235.patch \
"
SRC_URI[sha256sum] = "93580adc1afd1890dc516efb069de0c5cdfef014415256ddfb28ab172df2d11d"
--
2.43.0
^ permalink raw reply related [flat|nested] 19+ messages in thread* [OE-core][scarthgap 08/14] scripts/install-buildtools: Update to 5.0.6
2025-01-22 3:02 [OE-core][scarthgap 00/14] Patch review Steve Sakoman
` (6 preceding siblings ...)
2025-01-22 3:03 ` [OE-core][scarthgap 07/14] ofono: patch CVE-2023-4235 Steve Sakoman
@ 2025-01-22 3:03 ` Steve Sakoman
2025-01-22 3:03 ` [OE-core][scarthgap 09/14] oeqa/ssh: allow to retrieve raw, unformatted ouput Steve Sakoman
` (5 subsequent siblings)
13 siblings, 0 replies; 19+ messages in thread
From: Steve Sakoman @ 2025-01-22 3:03 UTC (permalink / raw)
To: openembedded-core
From: Aleksandar Nikolic <aleksandar.nikolic@zeiss.com>
Update to the 5.0.6 release of the 5.0 series for buildtools.
Signed-off-by: Aleksandar Nikolic <aleksandar.nikolic@zeiss.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
scripts/install-buildtools | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/scripts/install-buildtools b/scripts/install-buildtools
index ee6bfb89eb..972671d50f 100755
--- a/scripts/install-buildtools
+++ b/scripts/install-buildtools
@@ -57,8 +57,8 @@ logger = scriptutils.logger_create(PROGNAME, stream=sys.stdout)
DEFAULT_INSTALL_DIR = os.path.join(os.path.split(scripts_path)[0],'buildtools')
DEFAULT_BASE_URL = 'https://downloads.yoctoproject.org/releases/yocto'
-DEFAULT_RELEASE = 'yocto-5.0.5'
-DEFAULT_INSTALLER_VERSION = '5.0.5'
+DEFAULT_RELEASE = 'yocto-5.0.6'
+DEFAULT_INSTALLER_VERSION = '5.0.6'
DEFAULT_BUILDDATE = '202110XX'
# Python version sanity check
--
2.43.0
^ permalink raw reply related [flat|nested] 19+ messages in thread* [OE-core][scarthgap 09/14] oeqa/ssh: allow to retrieve raw, unformatted ouput
2025-01-22 3:02 [OE-core][scarthgap 00/14] Patch review Steve Sakoman
` (7 preceding siblings ...)
2025-01-22 3:03 ` [OE-core][scarthgap 08/14] scripts/install-buildtools: Update to 5.0.6 Steve Sakoman
@ 2025-01-22 3:03 ` Steve Sakoman
2025-01-22 3:03 ` [OE-core][scarthgap 10/14] Revert "bluez5: remove configuration files from install task" Steve Sakoman
` (4 subsequent siblings)
13 siblings, 0 replies; 19+ messages in thread
From: Steve Sakoman @ 2025-01-22 3:03 UTC (permalink / raw)
To: openembedded-core
From: Alexis Lothoré <alexis.lothore@bootlin.com>
The ssh target is currently well tailored to easily retrieve textual output
from a command run on a remote target. It could also be used to retrieve
raw data from a command run onto a remote target (for example, to feed this
data directly to another program), but it currently suffers two minor
issues preventing such use case:
- stderr is piped to stdout, so any error log will be mixed in the program
output
- the final output is decoded as utf-8 and stripped
Allow to return the raw, unmodified output by adding an optional "raw"
parameter. Keep it to False by default to preserve the current behavior.
When enabled, do not return a string but the raw output as bytes.
(From OE-Core rev: 8d05dc6e2284b7ed7c32a8215b9c8bf6f7dabf00)
Signed-off-by: Alexis Lothoré <alexis.lothore@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/lib/oeqa/core/target/ssh.py | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/meta/lib/oeqa/core/target/ssh.py b/meta/lib/oeqa/core/target/ssh.py
index 09cdd14c75..d473469384 100644
--- a/meta/lib/oeqa/core/target/ssh.py
+++ b/meta/lib/oeqa/core/target/ssh.py
@@ -55,14 +55,14 @@ class OESSHTarget(OETarget):
def stop(self, **kwargs):
pass
- def _run(self, command, timeout=None, ignore_status=True):
+ def _run(self, command, timeout=None, ignore_status=True, raw=False):
"""
Runs command in target using SSHProcess.
"""
self.logger.debug("[Running]$ %s" % " ".join(command))
starttime = time.time()
- status, output = SSHCall(command, self.logger, timeout)
+ status, output = SSHCall(command, self.logger, timeout, raw)
self.logger.debug("[Command returned '%d' after %.2f seconds]"
"" % (status, time.time() - starttime))
@@ -72,7 +72,7 @@ class OESSHTarget(OETarget):
return (status, output)
- def run(self, command, timeout=None, ignore_status=True):
+ def run(self, command, timeout=None, ignore_status=True, raw=False):
"""
Runs command in target.
@@ -91,7 +91,7 @@ class OESSHTarget(OETarget):
else:
processTimeout = self.timeout
- status, output = self._run(sshCmd, processTimeout, ignore_status)
+ status, output = self._run(sshCmd, processTimeout, ignore_status, raw)
self.logger.debug('Command: %s\nStatus: %d Output: %s\n' % (command, status, output))
return (status, output)
@@ -206,7 +206,7 @@ class OESSHTarget(OETarget):
remoteDir = os.path.join(remotePath, tmpDir.lstrip("/"))
self.deleteDir(remoteDir)
-def SSHCall(command, logger, timeout=None, **opts):
+def SSHCall(command, logger, timeout=None, raw=False, **opts):
def run():
nonlocal output
@@ -265,7 +265,7 @@ def SSHCall(command, logger, timeout=None, **opts):
else:
output_raw = process.communicate()[0]
- output = output_raw.decode('utf-8', errors='ignore')
+ output = output_raw if raw else output_raw.decode('utf-8', errors='ignore')
logger.debug('Data from SSH call:\n%s' % output.rstrip())
# timout or not, make sure process exits and is not hanging
@@ -292,7 +292,7 @@ def SSHCall(command, logger, timeout=None, **opts):
options = {
"stdout": subprocess.PIPE,
- "stderr": subprocess.STDOUT,
+ "stderr": subprocess.STDOUT if not raw else None,
"stdin": None,
"shell": False,
"bufsize": -1,
@@ -320,4 +320,4 @@ def SSHCall(command, logger, timeout=None, **opts):
logger.debug('Something went wrong, killing SSH process')
raise
- return (process.returncode, output.rstrip())
+ return (process.returncode, output if raw else output.rstrip())
--
2.43.0
^ permalink raw reply related [flat|nested] 19+ messages in thread* [OE-core][scarthgap 10/14] Revert "bluez5: remove configuration files from install task"
2025-01-22 3:02 [OE-core][scarthgap 00/14] Patch review Steve Sakoman
` (8 preceding siblings ...)
2025-01-22 3:03 ` [OE-core][scarthgap 09/14] oeqa/ssh: allow to retrieve raw, unformatted ouput Steve Sakoman
@ 2025-01-22 3:03 ` Steve Sakoman
2025-01-22 3:03 ` [OE-core][scarthgap 11/14] classes/nativesdk: also override TUNE_PKGARCH Steve Sakoman
` (3 subsequent siblings)
13 siblings, 0 replies; 19+ messages in thread
From: Steve Sakoman @ 2025-01-22 3:03 UTC (permalink / raw)
To: openembedded-core
From: Catalin Popescu <catalin.popescu@leica-geosystems.com>
This reverts commit 49391fdcf71b32c5fd3c7b134c1d1c45cc1db388 which
introduced a bluetooth regression on systems with read-only rootfs.
When configuration files are missing, bluez tries to generate them which
fails on a read-only rootfs. As a result bluetooth service fails to
start and bluetooth is broken. Hence, configuration files need to be
installed in the rootfs in a way or another.
Bluez commit be0e79629 (build: ship all config files with --enable-datafiles,
2024-02-12) introduced configuration files installation in bluez version
5.73. However, scarthgap pulls in version 5.72, so it is responsible of the
installation of configuration files until bluez is upgraded. Scarthgap
commit 49391fdcf71b32c5fd3c7b134c1d1c45cc1db388 removed installation of
configuration files too early, hence the revert.
Signed-off-by: Catalin Popescu <catalin.popescu@leica-geosystems.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-connectivity/bluez5/bluez5.inc | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/meta/recipes-connectivity/bluez5/bluez5.inc b/meta/recipes-connectivity/bluez5/bluez5.inc
index 9cbeb5e99f..39e1bf389c 100644
--- a/meta/recipes-connectivity/bluez5/bluez5.inc
+++ b/meta/recipes-connectivity/bluez5/bluez5.inc
@@ -87,6 +87,14 @@ do_install:append() {
install -d ${D}${INIT_D_DIR}
install -m 0755 ${WORKDIR}/init ${D}${INIT_D_DIR}/bluetooth
+ install -d ${D}${sysconfdir}/bluetooth/
+ if [ -f ${S}/profiles/network/network.conf ]; then
+ install -m 0644 ${S}/profiles/network/network.conf ${D}/${sysconfdir}/bluetooth/
+ fi
+ if [ -f ${S}/profiles/input/input.conf ]; then
+ install -m 0644 ${S}/profiles/input/input.conf ${D}/${sysconfdir}/bluetooth/
+ fi
+
if [ -f ${D}/${sysconfdir}/init.d/bluetooth ]; then
sed -i -e 's#@LIBEXECDIR@#${libexecdir}#g' ${D}/${sysconfdir}/init.d/bluetooth
fi
--
2.43.0
^ permalink raw reply related [flat|nested] 19+ messages in thread* [OE-core][scarthgap 11/14] classes/nativesdk: also override TUNE_PKGARCH
2025-01-22 3:02 [OE-core][scarthgap 00/14] Patch review Steve Sakoman
` (9 preceding siblings ...)
2025-01-22 3:03 ` [OE-core][scarthgap 10/14] Revert "bluez5: remove configuration files from install task" Steve Sakoman
@ 2025-01-22 3:03 ` Steve Sakoman
2025-01-22 3:03 ` [OE-core][scarthgap 12/14] classes/qemu: use tune to select QEMU_EXTRAOPTIONS, not package architecture Steve Sakoman
` (2 subsequent siblings)
13 siblings, 0 replies; 19+ messages in thread
From: Steve Sakoman @ 2025-01-22 3:03 UTC (permalink / raw)
To: openembedded-core
From: Ross Burton <ross.burton@arm.com>
The nativesdk class overrides PACKAGE_ARCH and unsets TUNE_FEATURES, but
as recipes might want to look at TUNE_PKGARCH too (for example, when
setting QEMU_EXTRAOPTIONS) we should also override that variable.
Otherwise, a nativesdk recipe will have the TUNE_PKGARCH of the target,
which leads to errors (eg passing mips arguments to an arm qemu).
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 05322beb290e1db30bef49b4364f8a8e6e9f7408)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/classes-recipe/nativesdk.bbclass | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/classes-recipe/nativesdk.bbclass b/meta/classes-recipe/nativesdk.bbclass
index de6debda93..83ea901fa5 100644
--- a/meta/classes-recipe/nativesdk.bbclass
+++ b/meta/classes-recipe/nativesdk.bbclass
@@ -32,6 +32,7 @@ RECIPE_SYSROOT = "${WORKDIR}/recipe-sysroot"
#
PACKAGE_ARCH = "${SDK_ARCH}-${SDKPKGSUFFIX}"
PACKAGE_ARCHS = "${SDK_PACKAGE_ARCHS}"
+TUNE_PKGARCH = "${SDK_ARCH}"
#
# We need chrpath >= 0.14 to ensure we can deal with 32 and 64 bit
--
2.43.0
^ permalink raw reply related [flat|nested] 19+ messages in thread* [OE-core][scarthgap 12/14] classes/qemu: use tune to select QEMU_EXTRAOPTIONS, not package architecture
2025-01-22 3:02 [OE-core][scarthgap 00/14] Patch review Steve Sakoman
` (10 preceding siblings ...)
2025-01-22 3:03 ` [OE-core][scarthgap 11/14] classes/nativesdk: also override TUNE_PKGARCH Steve Sakoman
@ 2025-01-22 3:03 ` Steve Sakoman
2025-01-22 3:03 ` [OE-core][scarthgap 13/14] pulseaudio: fix webrtc audio depdency Steve Sakoman
2025-01-22 3:03 ` [OE-core][scarthgap 14/14] libgfortran: fix buildpath QA issue Steve Sakoman
13 siblings, 0 replies; 19+ messages in thread
From: Steve Sakoman @ 2025-01-22 3:03 UTC (permalink / raw)
To: openembedded-core
From: Ross Burton <ross.burton@arm.com>
Using the package architecture to select the right qemu options to pass
to qemu-user is incorrect, and fails for recipes that set PACKAGE_ARCH
to MACHINE_ARCH (as the qemuppc workarounds suggest) because there are
not typically any options set for the machine name.
Solve this by using TUNE_PKGARCH instead: for the majority of recipes
this is the same value, but for machine-specific recipes it remains the
same instead of changing to the machine name.
This means we can remove the qemuppc workarounds, as they're obsolete.
Also update the gcc-testsuite recipe which uses the same pattern to use
TUNE_PKGARCH, and generalise the else codepath to avoid needing to
update the list of architectures.
[ YOCTO #15647 ]
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 414b754a6cbb9cc354b1180efd5c3329568a2537)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/classes-recipe/qemu.bbclass | 8 ++------
meta/recipes-devtools/gcc/gcc-testsuite.inc | 4 ++--
2 files changed, 4 insertions(+), 8 deletions(-)
diff --git a/meta/classes-recipe/qemu.bbclass b/meta/classes-recipe/qemu.bbclass
index dbb5ee0b66..8d7c82668b 100644
--- a/meta/classes-recipe/qemu.bbclass
+++ b/meta/classes-recipe/qemu.bbclass
@@ -60,8 +60,8 @@ def qemu_run_binary(data, rootfs_path, binary):
# this dance). For others (e.g. arm) a -cpu option is not necessary, since the
# qemu-arm default CPU supports all required architecture levels.
-QEMU_OPTIONS = "-r ${OLDEST_KERNEL} ${@d.getVar("QEMU_EXTRAOPTIONS_%s" % d.getVar('PACKAGE_ARCH')) or ""}"
-QEMU_OPTIONS[vardeps] += "QEMU_EXTRAOPTIONS_${PACKAGE_ARCH}"
+QEMU_OPTIONS = "-r ${OLDEST_KERNEL} ${@d.getVar("QEMU_EXTRAOPTIONS_%s" % d.getVar('TUNE_PKGARCH')) or ""}"
+QEMU_OPTIONS[vardeps] += "QEMU_EXTRAOPTIONS_${TUNE_PKGARCH}"
QEMU_EXTRAOPTIONS_ppce500v2 = " -cpu e500v2"
QEMU_EXTRAOPTIONS_ppce500mc = " -cpu e500mc"
@@ -71,7 +71,3 @@ QEMU_EXTRAOPTIONS_ppce6500 = " -cpu e500mc"
QEMU_EXTRAOPTIONS_ppc64e6500 = " -cpu e500mc"
QEMU_EXTRAOPTIONS_ppc7400 = " -cpu 7400"
QEMU_EXTRAOPTIONS_powerpc64le = " -cpu POWER9"
-# Some packages e.g. fwupd sets PACKAGE_ARCH = MACHINE_ARCH and uses meson which
-# needs right options to usermode qemu
-QEMU_EXTRAOPTIONS_qemuppc = " -cpu 7400"
-QEMU_EXTRAOPTIONS_qemuppc64 = " -cpu POWER9"
diff --git a/meta/recipes-devtools/gcc/gcc-testsuite.inc b/meta/recipes-devtools/gcc/gcc-testsuite.inc
index f16d471478..eb9ddead08 100644
--- a/meta/recipes-devtools/gcc/gcc-testsuite.inc
+++ b/meta/recipes-devtools/gcc/gcc-testsuite.inc
@@ -53,8 +53,8 @@ python check_prepare() {
# - valid for x86*, powerpc, arm, arm64
if qemu_binary.endswith(("x86_64", "i386", "arm", "aarch64")):
args += ["-cpu", "max"]
- elif qemu_binary.endswith(("ppc", "mips", "mips64")):
- extra = d.getVar("QEMU_EXTRAOPTIONS_%s" % d.getVar('PACKAGE_ARCH'))
+ else:
+ extra = d.getVar("QEMU_EXTRAOPTIONS_%s" % d.getVar('TUNE_PKGARCH'))
if extra:
args += extra.split()
# For mips64 we could set a maximal CPU (e.g. Loongson-3A4000) however they either have MSA
--
2.43.0
^ permalink raw reply related [flat|nested] 19+ messages in thread* [OE-core][scarthgap 13/14] pulseaudio: fix webrtc audio depdency
2025-01-22 3:02 [OE-core][scarthgap 00/14] Patch review Steve Sakoman
` (11 preceding siblings ...)
2025-01-22 3:03 ` [OE-core][scarthgap 12/14] classes/qemu: use tune to select QEMU_EXTRAOPTIONS, not package architecture Steve Sakoman
@ 2025-01-22 3:03 ` Steve Sakoman
2025-01-22 3:03 ` [OE-core][scarthgap 14/14] libgfortran: fix buildpath QA issue Steve Sakoman
13 siblings, 0 replies; 19+ messages in thread
From: Steve Sakoman @ 2025-01-22 3:03 UTC (permalink / raw)
To: openembedded-core
From: Esben Haabendal <esben@geanix.com>
Since pulseaudio v16.99.1, the library needed is webrtc-audio-processing-1.
This fixes
Run-time dependency webrtc-audio-processing-1 found: NO (tried pkgconfig and cmake)
Looking for a fallback subproject for the dependency webrtc-audio-processing-1
../pulseaudio-17.0/meson.build:730:15: ERROR: Automatic wrap-based subproject downloading is disabled
The library is available in meta-openembedded/meta-multimedia.
(cherry picked from commit 4661c49eb4f0ed89a3d027d9a003c40744baaf38)
Signed-off-by: Esben Haabendal <esben@geanix.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Esben Haabendal <esben@geanix.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-multimedia/pulseaudio/pulseaudio.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-multimedia/pulseaudio/pulseaudio.inc b/meta/recipes-multimedia/pulseaudio/pulseaudio.inc
index ae16056d24..1ab3831519 100644
--- a/meta/recipes-multimedia/pulseaudio/pulseaudio.inc
+++ b/meta/recipes-multimedia/pulseaudio/pulseaudio.inc
@@ -121,7 +121,7 @@ PACKAGECONFIG[jack] = "-Djack=enabled,-Djack=disabled,jack"
# able to use pulseaudio autospawn for root as well.
PACKAGECONFIG[autospawn-for-root] = ",,,"
PACKAGECONFIG[lirc] = "-Dlirc=enabled,-Dlirc=disabled,lirc"
-PACKAGECONFIG[webrtc] = "-Dwebrtc-aec=enabled,-Dwebrtc-aec=disabled,webrtc-audio-processing"
+PACKAGECONFIG[webrtc] = "-Dwebrtc-aec=enabled,-Dwebrtc-aec=disabled,webrtc-audio-processing-1"
PACKAGECONFIG[ipv6] = "-Dipv6=true,-Dipv6=false,"
PACKAGECONFIG[manpages] = "-Dman=true,-Dman=false,"
--
2.43.0
^ permalink raw reply related [flat|nested] 19+ messages in thread* [OE-core][scarthgap 14/14] libgfortran: fix buildpath QA issue
2025-01-22 3:02 [OE-core][scarthgap 00/14] Patch review Steve Sakoman
` (12 preceding siblings ...)
2025-01-22 3:03 ` [OE-core][scarthgap 13/14] pulseaudio: fix webrtc audio depdency Steve Sakoman
@ 2025-01-22 3:03 ` Steve Sakoman
13 siblings, 0 replies; 19+ messages in thread
From: Steve Sakoman @ 2025-01-22 3:03 UTC (permalink / raw)
To: openembedded-core
From: Chen Qi <Qi.Chen@windriver.com>
The '-fdebug-prefix-map' options are used to map source files locations,
otherwise, DW_AT_comp_dir will contain buildpath.
The '-gno-record-gcc-switches' option is used to fix the buildpath introduced
by '-fintrinsic-modules-path' option, which is automatically added by fortran.
Here's some output from 'readelf --debug-dump libgfortran.so.5.0.0' when this
option is not added:
"""
<0><1a37d3>: Abbrev Number: 4 (DW_TAG_compile_unit)
<1a37d4> DW_AT_producer : (indirect string, offset: 0xd653): GNU Fortran2008 14.2.0 -m64
-march=core2 -mtune=core2 -msse3
-mfpmath=sse -mshstk -g -O2 -O2 -fstack-protector-strong -fimplicit-none
-fno-repack-arrays -fno-underscoring -fcf-protection=full
-fallow-leading-underscore -fbuilding-libgfortran -fPIC
-fintrinsic-modules-path /ala-lpggp72/qichen/Yocto/builds/build-poky/tmp/work/
core2-64-poky-linux/libgfortran/14.2.0/recipe-sysroot-native/usr/bin/x86_64-poky-linux
/../../lib/x86_64-poky-linux/gcc/x86_64-poky-linux/14.2.0/finclude
-fpre-include=../../../../recipe-sysroot/usr/include/finclude/math-vector-fortran.h
"""
See https://gcc.gnu.org/pipermail/fortran/2024-October/061204.html for more
detailed information.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/gcc/libgfortran.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-devtools/gcc/libgfortran.inc b/meta/recipes-devtools/gcc/libgfortran.inc
index c68645e392..2a08872c25 100644
--- a/meta/recipes-devtools/gcc/libgfortran.inc
+++ b/meta/recipes-devtools/gcc/libgfortran.inc
@@ -8,7 +8,7 @@ EXTRA_OECONF_PATHS = "\
# An arm hard float target like raspberrypi4 won't build
# as CFLAGS don't make it to the fortran compiler otherwise
# (the configure script sets FC to $GFORTRAN unconditionally)
-export GFORTRAN = "${FC}"
+export GFORTRAN = "${FC} -fcanon-prefix-map -fdebug-prefix-map=${S}=${TARGET_DBGSRC_DIR} -fdebug-prefix-map=${B}=${TARGET_DBGSRC_DIR} -gno-record-gcc-switches"
do_configure () {
for target in libbacktrace libgfortran
--
2.43.0
^ permalink raw reply related [flat|nested] 19+ messages in thread