* [OE-core][walnascar 01/15] icu: fix CVE-2025-5222
2025-07-14 16:22 [OE-core][walnascar 00/15] Patch review Steve Sakoman
@ 2025-07-14 16:22 ` Steve Sakoman
2025-07-14 16:22 ` [OE-core][walnascar 02/15] libarchive: fix CVE-2025-5915 Steve Sakoman
` (13 subsequent siblings)
14 siblings, 0 replies; 17+ messages in thread
From: Steve Sakoman @ 2025-07-14 16:22 UTC (permalink / raw)
To: openembedded-core
From: Changqing Li <changqing.li@windriver.com>
CVE-2025-5222:
A stack buffer overflow was found in Internationl components for unicode
(ICU ). While running the genrb binary, the 'subtag' struct overflowed
at the SRBRoot::addTag function. This issue may lead to memory
corruption and local arbitrary code execution.
Refer:
https://nvd.nist.gov/vuln/detail/CVE-2025-5222
https://unicode-org.atlassian.net/browse/ICU-22957
https://github.com/unicode-org/icu/commit/2c667e31cfd0b6bb1923627a932fd3453a5bac77
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../icu/icu/CVE-2025-5222.patch | 166 ++++++++++++++++++
meta/recipes-support/icu/icu_76-1.bb | 1 +
2 files changed, 167 insertions(+)
create mode 100644 meta/recipes-support/icu/icu/CVE-2025-5222.patch
diff --git a/meta/recipes-support/icu/icu/CVE-2025-5222.patch b/meta/recipes-support/icu/icu/CVE-2025-5222.patch
new file mode 100644
index 0000000000..276d9e4f90
--- /dev/null
+++ b/meta/recipes-support/icu/icu/CVE-2025-5222.patch
@@ -0,0 +1,166 @@
+From b5fd1ccf1068140ca9333878f2172a0947986ca8 Mon Sep 17 00:00:00 2001
+From: Frank Tang <ftang@chromium.org>
+Date: Wed, 22 Jan 2025 11:50:59 -0800
+Subject: [PATCH] ICU-22973 Fix buffer overflow by using CharString
+
+CVE: CVE-2025-5222
+Upstream-Status: Backport [https://github.com/unicode-org/icu/commit/2c667e31cfd0b6bb1923627a932fd3453a5bac77]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ tools/genrb/parse.cpp | 49 +++++++++++++++++++++---------------
+ 1 file changed, 29 insertions(+), 20 deletions(-)
+
+diff --git a/tools/genrb/parse.cpp b/tools/genrb/parse.cpp
+index f487241..eb85d51 100644
+--- a/tools/genrb/parse.cpp
++++ b/tools/genrb/parse.cpp
+@@ -1153,7 +1153,7 @@ addCollation(ParseState* state, TableResource *result, const char *collationTyp
+ struct UString *tokenValue;
+ struct UString comment;
+ enum ETokenType token;
+- char subtag[1024];
++ CharString subtag;
+ UnicodeString rules;
+ UBool haveRules = false;
+ UVersionInfo version;
+@@ -1189,15 +1189,15 @@ addCollation(ParseState* state, TableResource *result, const char *collationTyp
+ return nullptr;
+ }
+
+- u_UCharsToChars(tokenValue->fChars, subtag, u_strlen(tokenValue->fChars) + 1);
+-
++ subtag.clear();
++ subtag.appendInvariantChars(tokenValue->fChars, u_strlen(tokenValue->fChars), *status);
+ if (U_FAILURE(*status))
+ {
+ res_close(result);
+ return nullptr;
+ }
+
+- member = parseResource(state, subtag, nullptr, status);
++ member = parseResource(state, subtag.data(), nullptr, status);
+
+ if (U_FAILURE(*status))
+ {
+@@ -1208,7 +1208,7 @@ addCollation(ParseState* state, TableResource *result, const char *collationTyp
+ {
+ // Ignore the parsed resources, continue parsing.
+ }
+- else if (uprv_strcmp(subtag, "Version") == 0 && member->isString())
++ else if (uprv_strcmp(subtag.data(), "Version") == 0 && member->isString())
+ {
+ StringResource *sr = static_cast<StringResource *>(member);
+ char ver[40];
+@@ -1225,11 +1225,11 @@ addCollation(ParseState* state, TableResource *result, const char *collationTyp
+ result->add(member, line, *status);
+ member = nullptr;
+ }
+- else if(uprv_strcmp(subtag, "%%CollationBin")==0)
++ else if(uprv_strcmp(subtag.data(), "%%CollationBin")==0)
+ {
+ /* discard duplicate %%CollationBin if any*/
+ }
+- else if (uprv_strcmp(subtag, "Sequence") == 0 && member->isString())
++ else if (uprv_strcmp(subtag.data(), "Sequence") == 0 && member->isString())
+ {
+ StringResource *sr = static_cast<StringResource *>(member);
+ rules = sr->fString;
+@@ -1395,7 +1395,7 @@ parseCollationElements(ParseState* state, char *tag, uint32_t startline, UBool n
+ struct UString *tokenValue;
+ struct UString comment;
+ enum ETokenType token;
+- char subtag[1024], typeKeyword[1024];
++ CharString subtag, typeKeyword;
+ uint32_t line;
+
+ result = table_open(state->bundle, tag, nullptr, status);
+@@ -1437,7 +1437,8 @@ parseCollationElements(ParseState* state, char *tag, uint32_t startline, UBool n
+ return nullptr;
+ }
+
+- u_UCharsToChars(tokenValue->fChars, subtag, u_strlen(tokenValue->fChars) + 1);
++ subtag.clear();
++ subtag.appendInvariantChars(tokenValue->fChars, u_strlen(tokenValue->fChars), *status);
+
+ if (U_FAILURE(*status))
+ {
+@@ -1445,9 +1446,9 @@ parseCollationElements(ParseState* state, char *tag, uint32_t startline, UBool n
+ return nullptr;
+ }
+
+- if (uprv_strcmp(subtag, "default") == 0)
++ if (uprv_strcmp(subtag.data(), "default") == 0)
+ {
+- member = parseResource(state, subtag, nullptr, status);
++ member = parseResource(state, subtag.data(), nullptr, status);
+
+ if (U_FAILURE(*status))
+ {
+@@ -1466,22 +1467,29 @@ parseCollationElements(ParseState* state, char *tag, uint32_t startline, UBool n
+ if(token == TOK_OPEN_BRACE) {
+ token = getToken(state, &tokenValue, &comment, &line, status);
+ TableResource *collationRes;
+- if (keepCollationType(subtag)) {
+- collationRes = table_open(state->bundle, subtag, nullptr, status);
++ if (keepCollationType(subtag.data())) {
++ collationRes = table_open(state->bundle, subtag.data(), nullptr, status);
+ } else {
+ collationRes = nullptr;
+ }
+ // need to parse the collation data regardless
+- collationRes = addCollation(state, collationRes, subtag, startline, status);
++ collationRes = addCollation(state, collationRes, subtag.data(), startline, status);
+ if (collationRes != nullptr) {
+ result->add(collationRes, startline, *status);
+ }
+ } else if(token == TOK_COLON) { /* right now, we'll just try to see if we have aliases */
+ /* we could have a table too */
+ token = peekToken(state, 1, &tokenValue, &line, &comment, status);
+- u_UCharsToChars(tokenValue->fChars, typeKeyword, u_strlen(tokenValue->fChars) + 1);
+- if(uprv_strcmp(typeKeyword, "alias") == 0) {
+- member = parseResource(state, subtag, nullptr, status);
++ typeKeyword.clear();
++ typeKeyword.appendInvariantChars(tokenValue->fChars, u_strlen(tokenValue->fChars), *status);
++ if (U_FAILURE(*status))
++ {
++ res_close(result);
++ return nullptr;
++ }
++
++ if(uprv_strcmp(typeKeyword.data(), "alias") == 0) {
++ member = parseResource(state, subtag.data(), nullptr, status);
+ if (U_FAILURE(*status))
+ {
+ res_close(result);
+@@ -1523,7 +1531,7 @@ realParseTable(ParseState* state, TableResource *table, char *tag, uint32_t star
+ struct UString *tokenValue=nullptr;
+ struct UString comment;
+ enum ETokenType token;
+- char subtag[1024];
++ CharString subtag;
+ uint32_t line;
+ UBool readToken = false;
+
+@@ -1562,7 +1570,8 @@ realParseTable(ParseState* state, TableResource *table, char *tag, uint32_t star
+ }
+
+ if(uprv_isInvariantUString(tokenValue->fChars, -1)) {
+- u_UCharsToChars(tokenValue->fChars, subtag, u_strlen(tokenValue->fChars) + 1);
++ subtag.clear();
++ subtag.appendInvariantChars(tokenValue->fChars, u_strlen(tokenValue->fChars), *status);
+ } else {
+ *status = U_INVALID_FORMAT_ERROR;
+ error(line, "invariant characters required for table keys");
+@@ -1575,7 +1584,7 @@ realParseTable(ParseState* state, TableResource *table, char *tag, uint32_t star
+ return nullptr;
+ }
+
+- member = parseResource(state, subtag, &comment, status);
++ member = parseResource(state, subtag.data(), &comment, status);
+
+ if (member == nullptr || U_FAILURE(*status))
+ {
+--
+2.34.1
+
diff --git a/meta/recipes-support/icu/icu_76-1.bb b/meta/recipes-support/icu/icu_76-1.bb
index f11e72d356..24470ec330 100644
--- a/meta/recipes-support/icu/icu_76-1.bb
+++ b/meta/recipes-support/icu/icu_76-1.bb
@@ -119,6 +119,7 @@ SRC_URI = "${BASE_SRC_URI};name=code \
${DATA_SRC_URI};name=data \
file://filter.json \
file://0001-icu-Added-armeb-support.patch \
+ file://CVE-2025-5222.patch \
"
SRC_URI:append:class-target = "\
--
2.43.0
^ permalink raw reply related [flat|nested] 17+ messages in thread* [OE-core][walnascar 02/15] libarchive: fix CVE-2025-5915
2025-07-14 16:22 [OE-core][walnascar 00/15] Patch review Steve Sakoman
2025-07-14 16:22 ` [OE-core][walnascar 01/15] icu: fix CVE-2025-5222 Steve Sakoman
@ 2025-07-14 16:22 ` Steve Sakoman
2025-07-14 16:22 ` [OE-core][walnascar 03/15] libsoup-2.4: fix CVE-2025-4945 Steve Sakoman
` (12 subsequent siblings)
14 siblings, 0 replies; 17+ messages in thread
From: Steve Sakoman @ 2025-07-14 16:22 UTC (permalink / raw)
To: openembedded-core
From: Divya Chellam <divya.chellam@windriver.com>
A vulnerability has been identified in the libarchive library. This flaw can lead to a heap b
uffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer
-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memo
ry buffer, which can result in unpredictable program behavior, crashes (denial of service), o
r the disclosure of sensitive information from adjacent memory regions.
Adjusted indentation in the recipe file.
Reference:
https://security-tracker.debian.org/tracker/CVE-2025-5915
Upstream-patches:
https://github.com/libarchive/libarchive/commit/a612bf62f86a6faa47bd57c52b94849f0a404d8c
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../libarchive/libarchive/CVE-2025-5915.patch | 217 ++++++++++++++++++
.../libarchive/libarchive_3.7.9.bb | 5 +-
2 files changed, 220 insertions(+), 2 deletions(-)
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-5915.patch
diff --git a/meta/recipes-extended/libarchive/libarchive/CVE-2025-5915.patch b/meta/recipes-extended/libarchive/libarchive/CVE-2025-5915.patch
new file mode 100644
index 0000000000..3c911ce9d9
--- /dev/null
+++ b/meta/recipes-extended/libarchive/libarchive/CVE-2025-5915.patch
@@ -0,0 +1,217 @@
+From a612bf62f86a6faa47bd57c52b94849f0a404d8c Mon Sep 17 00:00:00 2001
+From: Tobias Stoeckmann <stoeckmann@users.noreply.github.com>
+Date: Sun, 11 May 2025 19:00:11 +0200
+Subject: [PATCH] rar: Fix heap-buffer-overflow (#2599)
+
+A filter block size must not be larger than the lzss window, which is
+defined
+by dictionary size, which in turn can be derived from unpacked file
+size.
+
+While at it, improve error messages and fix lzss window wrap around
+logic.
+
+Fixes https://github.com/libarchive/libarchive/issues/2565
+
+---------
+
+Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
+Co-authored-by: Tim Kientzle <kientzle@acm.org>
+
+CVE: CVE-2025-5915
+
+Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/a612bf62f86a6faa47bd57c52b94849f0a404d8c]
+
+Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
+---
+ Makefile.am | 2 +
+ libarchive/archive_read_support_format_rar.c | 17 ++++---
+ libarchive/test/CMakeLists.txt | 1 +
+ .../test/test_read_format_rar_overflow.c | 48 +++++++++++++++++++
+ .../test/test_read_format_rar_overflow.rar.uu | 11 +++++
+ 5 files changed, 72 insertions(+), 7 deletions(-)
+ create mode 100644 libarchive/test/test_read_format_rar_overflow.c
+ create mode 100644 libarchive/test/test_read_format_rar_overflow.rar.uu
+
+diff --git a/Makefile.am b/Makefile.am
+index 4fafc41..9f3a6d1 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -519,6 +519,7 @@ libarchive_test_SOURCES= \
+ libarchive/test/test_read_format_rar_encryption_header.c \
+ libarchive/test/test_read_format_rar_filter.c \
+ libarchive/test/test_read_format_rar_invalid1.c \
++ libarchive/test/test_read_format_rar_overflow.c \
+ libarchive/test/test_read_format_rar5.c \
+ libarchive/test/test_read_format_raw.c \
+ libarchive/test/test_read_format_tar.c \
+@@ -889,6 +890,7 @@ libarchive_test_EXTRA_DIST=\
+ libarchive/test/test_read_format_rar_multivolume.part0003.rar.uu \
+ libarchive/test/test_read_format_rar_multivolume.part0004.rar.uu \
+ libarchive/test/test_read_format_rar_noeof.rar.uu \
++ libarchive/test/test_read_format_rar_overflow.rar.uu \
+ libarchive/test/test_read_format_rar_ppmd_lzss_conversion.rar.uu \
+ libarchive/test/test_read_format_rar_ppmd_use_after_free.rar.uu \
+ libarchive/test/test_read_format_rar_ppmd_use_after_free2.rar.uu \
+diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c
+index 9eb3c84..88eab62 100644
+--- a/libarchive/archive_read_support_format_rar.c
++++ b/libarchive/archive_read_support_format_rar.c
+@@ -451,7 +451,7 @@ static int read_filter(struct archive_read *, int64_t *);
+ static int rar_decode_byte(struct archive_read*, uint8_t *);
+ static int execute_filter(struct archive_read*, struct rar_filter *,
+ struct rar_virtual_machine *, size_t);
+-static int copy_from_lzss_window(struct archive_read *, void *, int64_t, int);
++static int copy_from_lzss_window(struct archive_read *, uint8_t *, int64_t, int);
+ static inline void vm_write_32(struct rar_virtual_machine*, size_t, uint32_t);
+ static inline uint32_t vm_read_32(struct rar_virtual_machine*, size_t);
+
+@@ -2929,7 +2929,7 @@ expand(struct archive_read *a, int64_t *end)
+ }
+
+ if ((symbol = read_next_symbol(a, &rar->maincode)) < 0)
+- return (ARCHIVE_FATAL);
++ goto bad_data;
+
+ if (symbol < 256)
+ {
+@@ -2956,14 +2956,14 @@ expand(struct archive_read *a, int64_t *end)
+ else
+ {
+ if (parse_codes(a) != ARCHIVE_OK)
+- return (ARCHIVE_FATAL);
++ goto bad_data;
+ continue;
+ }
+ }
+ else if(symbol==257)
+ {
+ if (!read_filter(a, end))
+- return (ARCHIVE_FATAL);
++ goto bad_data;
+ continue;
+ }
+ else if(symbol==258)
+@@ -3048,7 +3048,7 @@ expand(struct archive_read *a, int64_t *end)
+ {
+ if ((lowoffsetsymbol =
+ read_next_symbol(a, &rar->lowoffsetcode)) < 0)
+- return (ARCHIVE_FATAL);
++ goto bad_data;
+ if(lowoffsetsymbol == 16)
+ {
+ rar->numlowoffsetrepeats = 15;
+@@ -3096,7 +3096,7 @@ bad_data:
+ }
+
+ static int
+-copy_from_lzss_window(struct archive_read *a, void *buffer,
++copy_from_lzss_window(struct archive_read *a, uint8_t *buffer,
+ int64_t startpos, int length)
+ {
+ int windowoffs, firstpart;
+@@ -3111,7 +3111,7 @@ copy_from_lzss_window(struct archive_read *a, void *buffer,
+ }
+ if (firstpart < length) {
+ memcpy(buffer, &rar->lzss.window[windowoffs], firstpart);
+- memcpy(buffer, &rar->lzss.window[0], length - firstpart);
++ memcpy(buffer + firstpart, &rar->lzss.window[0], length - firstpart);
+ } else {
+ memcpy(buffer, &rar->lzss.window[windowoffs], length);
+ }
+@@ -3266,6 +3266,9 @@ parse_filter(struct archive_read *a, const uint8_t *bytes, uint16_t length, uint
+ else
+ blocklength = prog ? prog->oldfilterlength : 0;
+
++ if (blocklength > rar->dictionary_size)
++ return 0;
++
+ registers[3] = PROGRAM_SYSTEM_GLOBAL_ADDRESS;
+ registers[4] = blocklength;
+ registers[5] = prog ? prog->usagecount : 0;
+diff --git a/libarchive/test/CMakeLists.txt b/libarchive/test/CMakeLists.txt
+index 5d7a5d2..59c5f5d 100644
+--- a/libarchive/test/CMakeLists.txt
++++ b/libarchive/test/CMakeLists.txt
+@@ -163,6 +163,7 @@ IF(ENABLE_TEST)
+ test_read_format_rar_encryption_partially.c
+ test_read_format_rar_invalid1.c
+ test_read_format_rar_filter.c
++ test_read_format_rar_overflow.c
+ test_read_format_rar5.c
+ test_read_format_raw.c
+ test_read_format_tar.c
+diff --git a/libarchive/test/test_read_format_rar_overflow.c b/libarchive/test/test_read_format_rar_overflow.c
+new file mode 100644
+index 0000000..b39ed6b
+--- /dev/null
++++ b/libarchive/test/test_read_format_rar_overflow.c
+@@ -0,0 +1,48 @@
++/*-
++ * Copyright (c) 2003-2025 Tim Kientzle
++ * All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ * 1. Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in the
++ * documentation and/or other materials provided with the distribution.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
++ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
++ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
++ * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
++ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
++ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
++ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
++ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
++ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++ */
++#include "test.h"
++
++DEFINE_TEST(test_read_format_rar_overflow)
++{
++ struct archive *a;
++ struct archive_entry *ae;
++ const char reffile[] = "test_read_format_rar_overflow.rar";
++ const void *buff;
++ size_t size;
++ int64_t offset;
++
++ extract_reference_file(reffile);
++ assert((a = archive_read_new()) != NULL);
++ assertEqualIntA(a, ARCHIVE_OK, archive_read_support_filter_all(a));
++ assertEqualIntA(a, ARCHIVE_OK, archive_read_support_format_all(a));
++ assertEqualIntA(a, ARCHIVE_OK, archive_read_open_filename(a, reffile, 1024));
++ assertEqualIntA(a, ARCHIVE_OK, archive_read_next_header(a, &ae));
++ assertEqualInt(48, archive_entry_size(ae));
++ /* The next call should reproduce Issue #2565 */
++ assertEqualIntA(a, ARCHIVE_FATAL, archive_read_data_block(a, &buff, &size, &offset));
++
++ assertEqualIntA(a, ARCHIVE_OK, archive_read_close(a));
++ assertEqualInt(ARCHIVE_OK, archive_read_free(a));
++}
+diff --git a/libarchive/test/test_read_format_rar_overflow.rar.uu b/libarchive/test/test_read_format_rar_overflow.rar.uu
+new file mode 100644
+index 0000000..48fd3fd
+--- /dev/null
++++ b/libarchive/test/test_read_format_rar_overflow.rar.uu
+@@ -0,0 +1,11 @@
++begin 644 test_read_format_rar_overflow.rar
++M4F%R(1H'`,($=```(0`@`0``,`````(````````````S`0``````,`"_B%_:
++MZ?^[:7``?S!!,`@P,KB@,T@RN33)MTEB@5Z3<`DP`K35`.0P63@P<,Q&0?#,
++MA##,,",S,(@P,#,@##`&,#":(3`!,#"(`9HPS,,S13`P,#`P,*`PHPS,,S1A
++M,!,!,#","9H@S12D#$PP!C`P`*'F03":,,T8H`@\,/DPJS!/,"30,#`3N%LP
++MCQ6:S3"!,#LP22<-,$5%B"5B$S!)(&*>G#+@!`E`%0ODC])62=DO,)BYJX'P
++M=/LPZ3!!008?%S`P,#`P,#`P,#`P,#`P,#`P,#`P2$PP,#`P03!(,#`P,#`&
++M,`7),#`P,#`P,#`P,#`P,#`P,#`P,#`P,#`P,#`P,#`P,#`P,#`P,#`P,#`P
++-,#`P,#`P,#`P,#`P,```
++`
++end
+--
+2.40.0
+
diff --git a/meta/recipes-extended/libarchive/libarchive_3.7.9.bb b/meta/recipes-extended/libarchive/libarchive_3.7.9.bb
index 1fa61c3218..c091508799 100644
--- a/meta/recipes-extended/libarchive/libarchive_3.7.9.bb
+++ b/meta/recipes-extended/libarchive/libarchive_3.7.9.bb
@@ -30,8 +30,9 @@ PACKAGECONFIG[zstd] = "--with-zstd,--without-zstd,zstd,"
EXTRA_OECONF += "--enable-largefile --without-iconv"
SRC_URI = "https://libarchive.org/downloads/libarchive-${PV}.tar.gz \
- file://CVE-2025-5914.patch \
- "
+ file://CVE-2025-5914.patch \
+ file://CVE-2025-5915.patch \
+ "
UPSTREAM_CHECK_URI = "http://libarchive.org/"
--
2.43.0
^ permalink raw reply related [flat|nested] 17+ messages in thread* [OE-core][walnascar 03/15] libsoup-2.4: fix CVE-2025-4945
2025-07-14 16:22 [OE-core][walnascar 00/15] Patch review Steve Sakoman
2025-07-14 16:22 ` [OE-core][walnascar 01/15] icu: fix CVE-2025-5222 Steve Sakoman
2025-07-14 16:22 ` [OE-core][walnascar 02/15] libarchive: fix CVE-2025-5915 Steve Sakoman
@ 2025-07-14 16:22 ` Steve Sakoman
2025-07-14 16:22 ` [OE-core][walnascar 04/15] libsoup: " Steve Sakoman
` (11 subsequent siblings)
14 siblings, 0 replies; 17+ messages in thread
From: Steve Sakoman @ 2025-07-14 16:22 UTC (permalink / raw)
To: openembedded-core
From: Changqing Li <changqing.li@windriver.com>
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/448
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../libsoup/libsoup-2.4/CVE-2025-4945.patch | 117 ++++++++++++++++++
.../libsoup/libsoup-2.4_2.74.3.bb | 1 +
2 files changed, 118 insertions(+)
create mode 100644 meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4945.patch
diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4945.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4945.patch
new file mode 100644
index 0000000000..c9fbdbacc8
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4945.patch
@@ -0,0 +1,117 @@
+From 3844026f74a41dd9ccab955899e005995293d246 Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Tue, 8 Jul 2025 14:58:30 +0800
+Subject: [PATCH] soup-date-utils: Add value checks for date/time parsing
+
+Reject date/time when it does not represent a valid value.
+
+Closes #448
+
+CVE: CVE-2025-4945
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/8988379984e33dcc7d3aa58551db13e48755959f]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-date.c | 21 +++++++++++++++------
+ tests/cookies-test.c | 10 ++++++++++
+ 2 files changed, 25 insertions(+), 6 deletions(-)
+
+diff --git a/libsoup/soup-date.c b/libsoup/soup-date.c
+index 9602d1f..4c114c1 100644
+--- a/libsoup/soup-date.c
++++ b/libsoup/soup-date.c
+@@ -284,7 +284,7 @@ parse_day (SoupDate *date, const char **date_string)
+ while (*end == ' ' || *end == '-')
+ end++;
+ *date_string = end;
+- return TRUE;
++ return date->day >= 1 && date->day <= 31;
+ }
+
+ static inline gboolean
+@@ -324,7 +324,7 @@ parse_year (SoupDate *date, const char **date_string)
+ while (*end == ' ' || *end == '-')
+ end++;
+ *date_string = end;
+- return TRUE;
++ return date->year > 0 && date->year < 9999;
+ }
+
+ static inline gboolean
+@@ -348,7 +348,7 @@ parse_time (SoupDate *date, const char **date_string)
+ while (*p == ' ')
+ p++;
+ *date_string = p;
+- return TRUE;
++ return date->hour >= 0 && date->hour < 24 && date->minute >= 0 && date->minute < 60 && date->second >= 0 && date->second < 60;
+ }
+
+ static inline gboolean
+@@ -361,8 +361,15 @@ parse_timezone (SoupDate *date, const char **date_string)
+ gulong val;
+ int sign = (**date_string == '+') ? -1 : 1;
+ val = strtoul (*date_string + 1, (char **)date_string, 10);
++ if (val > 9999)
++ return FALSE;
+ if (**date_string == ':')
+- val = 60 * val + strtoul (*date_string + 1, (char **)date_string, 10);
++ {
++ gulong val2 = strtoul (*date_string + 1, (char **)date_string, 10);
++ if (val > 99 || val2 > 99)
++ return FALSE;
++ val = 60 * val + val2;
++ }
+ else
+ val = 60 * (val / 100) + (val % 100);
+ date->offset = sign * val;
+@@ -407,7 +414,8 @@ parse_textual_date (SoupDate *date, const char *date_string)
+ if (!parse_month (date, &date_string) ||
+ !parse_day (date, &date_string) ||
+ !parse_time (date, &date_string) ||
+- !parse_year (date, &date_string))
++ !parse_year (date, &date_string) ||
++ !g_date_valid_dmy(date->day, date->month, date->year))
+ return FALSE;
+
+ /* There shouldn't be a timezone, but check anyway */
+@@ -419,7 +427,8 @@ parse_textual_date (SoupDate *date, const char *date_string)
+ if (!parse_day (date, &date_string) ||
+ !parse_month (date, &date_string) ||
+ !parse_year (date, &date_string) ||
+- !parse_time (date, &date_string))
++ !parse_time (date, &date_string) ||
++ !g_date_valid_dmy(date->day, date->month, date->year))
+ return FALSE;
+
+ /* This time there *should* be a timezone, but we
+diff --git a/tests/cookies-test.c b/tests/cookies-test.c
+index 2e2a54f..6035a86 100644
+--- a/tests/cookies-test.c
++++ b/tests/cookies-test.c
+@@ -413,6 +413,15 @@ do_remove_feature_test (void)
+ soup_uri_free (uri);
+ }
+
++static void
++do_cookies_parsing_int32_overflow (void)
++{
++ SoupCookie *cookie = soup_cookie_parse ("Age=1;expires=3Mar9 999:9:9+ 999999999-age=main=gne=", NULL);
++ g_assert_nonnull (cookie);
++ g_assert_null (soup_cookie_get_expires (cookie));
++ soup_cookie_free (cookie);
++}
++
+ int
+ main (int argc, char **argv)
+ {
+@@ -434,6 +443,7 @@ main (int argc, char **argv)
+ g_test_add_func ("/cookies/accept-policy-subdomains", do_cookies_subdomain_policy_test);
+ g_test_add_func ("/cookies/parsing", do_cookies_parsing_test);
+ g_test_add_func ("/cookies/parsing/no-path-null-origin", do_cookies_parsing_nopath_nullorigin);
++ g_test_add_func ("/cookies/parsing/int32-overflow", do_cookies_parsing_int32_overflow);
+ g_test_add_func ("/cookies/get-cookies/empty-host", do_get_cookies_empty_host_test);
+ g_test_add_func ("/cookies/remove-feature", do_remove_feature_test);
+ g_test_add_func ("/cookies/secure-cookies", do_cookies_strict_secure_test);
+--
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
index e005e7200e..47f7ba385c 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
+++ b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
@@ -37,6 +37,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
file://CVE-2025-32907.patch \
file://CVE-2025-4948.patch \
file://CVE-2025-4969.patch \
+ file://CVE-2025-4945.patch \
"
SRC_URI[sha256sum] = "e4b77c41cfc4c8c5a035fcdc320c7bc6cfb75ef7c5a034153df1413fa1d92f13"
--
2.43.0
^ permalink raw reply related [flat|nested] 17+ messages in thread* [OE-core][walnascar 04/15] libsoup: fix CVE-2025-4945
2025-07-14 16:22 [OE-core][walnascar 00/15] Patch review Steve Sakoman
` (2 preceding siblings ...)
2025-07-14 16:22 ` [OE-core][walnascar 03/15] libsoup-2.4: fix CVE-2025-4945 Steve Sakoman
@ 2025-07-14 16:22 ` Steve Sakoman
2025-07-14 16:22 ` [OE-core][walnascar 05/15] python3: update CVE product Steve Sakoman
` (10 subsequent siblings)
14 siblings, 0 replies; 17+ messages in thread
From: Steve Sakoman @ 2025-07-14 16:22 UTC (permalink / raw)
To: openembedded-core
From: Changqing Li <changqing.li@windriver.com>
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/448
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../libsoup/libsoup/CVE-2025-4945.patch | 118 ++++++++++++++++++
meta/recipes-support/libsoup/libsoup_3.6.5.bb | 1 +
2 files changed, 119 insertions(+)
create mode 100644 meta/recipes-support/libsoup/libsoup/CVE-2025-4945.patch
diff --git a/meta/recipes-support/libsoup/libsoup/CVE-2025-4945.patch b/meta/recipes-support/libsoup/libsoup/CVE-2025-4945.patch
new file mode 100644
index 0000000000..22a8908f23
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup/CVE-2025-4945.patch
@@ -0,0 +1,118 @@
+From f0ee9d522f302d7d199e3e61fa8cd45eae7b248f Mon Sep 17 00:00:00 2001
+From: Milan Crha <mcrha@redhat.com>
+Date: Thu, 15 May 2025 07:59:14 +0200
+Subject: [PATCH] soup-date-utils: Add value checks for date/time parsing
+
+Reject date/time when it does not represent a valid value.
+
+Closes https://gitlab.gnome.org/GNOME/libsoup/-/issues/448
+
+CVE: CVE-2025-4945
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/8988379984e33dcc7d3aa58551db13e48755959f]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ libsoup/soup-date-utils.c | 23 +++++++++++++++--------
+ tests/cookies-test.c | 10 ++++++++++
+ 2 files changed, 25 insertions(+), 8 deletions(-)
+
+diff --git a/libsoup/soup-date-utils.c b/libsoup/soup-date-utils.c
+index fd785f5..34ca995 100644
+--- a/libsoup/soup-date-utils.c
++++ b/libsoup/soup-date-utils.c
+@@ -129,7 +129,7 @@ parse_day (int *day, const char **date_string)
+ while (*end == ' ' || *end == '-')
+ end++;
+ *date_string = end;
+- return TRUE;
++ return *day >= 1 && *day <= 31;
+ }
+
+ static inline gboolean
+@@ -169,7 +169,7 @@ parse_year (int *year, const char **date_string)
+ while (*end == ' ' || *end == '-')
+ end++;
+ *date_string = end;
+- return TRUE;
++ return *year > 0 && *year < 9999;
+ }
+
+ static inline gboolean
+@@ -193,7 +193,7 @@ parse_time (int *hour, int *minute, int *second, const char **date_string)
+ while (*p == ' ')
+ p++;
+ *date_string = p;
+- return TRUE;
++ return *hour >= 0 && *hour < 24 && *minute >= 0 && *minute < 60 && *second >= 0 && *second < 60;
+ }
+
+ static inline gboolean
+@@ -209,9 +209,14 @@ parse_timezone (GTimeZone **timezone, const char **date_string)
+ gulong val;
+ int sign = (**date_string == '+') ? 1 : -1;
+ val = strtoul (*date_string + 1, (char **)date_string, 10);
+- if (**date_string == ':')
+- val = 60 * val + strtoul (*date_string + 1, (char **)date_string, 10);
+- else
++ if (val > 9999)
++ return FALSE;
++ if (**date_string == ':') {
++ gulong val2 = strtoul (*date_string + 1, (char **)date_string, 10);
++ if (val > 99 || val2 > 99)
++ return FALSE;
++ val = 60 * val + val2;
++ } else
+ val = 60 * (val / 100) + (val % 100);
+ offset_minutes = sign * val;
+ utc = (sign == -1) && !val;
+@@ -264,7 +269,8 @@ parse_textual_date (const char *date_string)
+ if (!parse_month (&month, &date_string) ||
+ !parse_day (&day, &date_string) ||
+ !parse_time (&hour, &minute, &second, &date_string) ||
+- !parse_year (&year, &date_string))
++ !parse_year (&year, &date_string) ||
++ !g_date_valid_dmy (day, month, year))
+ return NULL;
+
+ /* There shouldn't be a timezone, but check anyway */
+@@ -276,7 +282,8 @@ parse_textual_date (const char *date_string)
+ if (!parse_day (&day, &date_string) ||
+ !parse_month (&month, &date_string) ||
+ !parse_year (&year, &date_string) ||
+- !parse_time (&hour, &minute, &second, &date_string))
++ !parse_time (&hour, &minute, &second, &date_string) ||
++ !g_date_valid_dmy (day, month, year))
+ return NULL;
+
+ /* This time there *should* be a timezone, but we
+diff --git a/tests/cookies-test.c b/tests/cookies-test.c
+index 1d2d456..ff809a4 100644
+--- a/tests/cookies-test.c
++++ b/tests/cookies-test.c
+@@ -460,6 +460,15 @@ do_cookies_parsing_max_age_long_overflow (void)
+ soup_cookie_free (cookie);
+ }
+
++static void
++do_cookies_parsing_int32_overflow (void)
++{
++ SoupCookie *cookie = soup_cookie_parse ("Age=1;expires=3Mar9 999:9:9+ 999999999-age=main=gne=", NULL);
++ g_assert_nonnull (cookie);
++ g_assert_null (soup_cookie_get_expires (cookie));
++ soup_cookie_free (cookie);
++}
++
+ static void
+ do_cookies_equal_nullpath (void)
+ {
+@@ -718,6 +727,7 @@ main (int argc, char **argv)
+ g_test_add_func ("/cookies/parsing/no-path-null-origin", do_cookies_parsing_nopath_nullorigin);
+ g_test_add_func ("/cookies/parsing/max-age-int32-overflow", do_cookies_parsing_max_age_int32_overflow);
+ g_test_add_func ("/cookies/parsing/max-age-long-overflow", do_cookies_parsing_max_age_long_overflow);
++ g_test_add_func ("/cookies/parsing/int32-overflow", do_cookies_parsing_int32_overflow);
+ g_test_add_func ("/cookies/parsing/equal-nullpath", do_cookies_equal_nullpath);
+ g_test_add_func ("/cookies/parsing/control-characters", do_cookies_parsing_control_characters);
+ g_test_add_func ("/cookies/parsing/name-value-max-size", do_cookies_parsing_name_value_max_size);
+--
+2.34.1
+
diff --git a/meta/recipes-support/libsoup/libsoup_3.6.5.bb b/meta/recipes-support/libsoup/libsoup_3.6.5.bb
index 457a30ec70..acd84af934 100644
--- a/meta/recipes-support/libsoup/libsoup_3.6.5.bb
+++ b/meta/recipes-support/libsoup/libsoup_3.6.5.bb
@@ -20,6 +20,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
file://CVE-2025-32908-2.patch \
file://CVE-2025-4948.patch \
file://CVE-2025-4969.patch \
+ file://CVE-2025-4945.patch \
"
SRC_URI[sha256sum] = "6891765aac3e949017945c3eaebd8cc8216df772456dc9f460976fbdb7ada234"
--
2.43.0
^ permalink raw reply related [flat|nested] 17+ messages in thread* [OE-core][walnascar 05/15] python3: update CVE product
2025-07-14 16:22 [OE-core][walnascar 00/15] Patch review Steve Sakoman
` (3 preceding siblings ...)
2025-07-14 16:22 ` [OE-core][walnascar 04/15] libsoup: " Steve Sakoman
@ 2025-07-14 16:22 ` Steve Sakoman
2025-07-14 16:23 ` [OE-core][walnascar 06/15] webkitgtk: Fix build break on non-arm/non-x86 systems Steve Sakoman
` (9 subsequent siblings)
14 siblings, 0 replies; 17+ messages in thread
From: Steve Sakoman @ 2025-07-14 16:22 UTC (permalink / raw)
To: openembedded-core
From: Peter Marko <peter.marko@siemens.com>
There are two "new" CVEs reported for python3, their CPEs are:
* CVE-2020-1171: cpe:2.3:a:microsoft:python:*:*:*:*:*:visual_studio_code:*:* (< 2020.5.0)
* CVE-2020-1192: cpe:2.3:a:microsoft:python:*:*:*:*:*:visual_studio_code:*:* (< 2020.5.0)
These are for "Visual Studio Code Python extension".
Solve this by addding CVE vendor to python CVE product to avoid
confusion with Microsoft as vendor.
Examining CVE DB for historical python entries shows:
sqlite> select vendor, product, count(*) from products where product = 'python' or product = 'cpython'
...> or product like 'python%3' group by vendor, product;
microsoft|python|2
python|python|1054
python_software_foundation|python|2
Note that this already shows that cpython product is not used, so
CVE-2023-33595 mentioned in 62598e1138f21a16d8b1cdd1cfe902aeed854c5c
was updated.
But let's keep it for future in case new CVE starts with that again.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/python/python3_3.13.4.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-devtools/python/python3_3.13.4.bb b/meta/recipes-devtools/python/python3_3.13.4.bb
index 5b49fee3bf..0a2c41cdce 100644
--- a/meta/recipes-devtools/python/python3_3.13.4.bb
+++ b/meta/recipes-devtools/python/python3_3.13.4.bb
@@ -41,7 +41,7 @@ SRC_URI[sha256sum] = "27b15a797562a2971dce3ffe31bb216042ce0b995b39d768cf15f784cc
# exclude pre-releases for both python 2.x and 3.x
UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"
-CVE_PRODUCT = "python cpython"
+CVE_PRODUCT = "python:python python_software_foundation:python cpython"
CVE_STATUS[CVE-2007-4559] = "disputed: Upstream consider this expected behaviour"
CVE_STATUS[CVE-2019-18348] = "not-applicable-config: This is not exploitable when glibc has CVE-2016-10739 fixed"
--
2.43.0
^ permalink raw reply related [flat|nested] 17+ messages in thread* [OE-core][walnascar 06/15] webkitgtk: Fix build break on non-arm/non-x86 systems
2025-07-14 16:22 [OE-core][walnascar 00/15] Patch review Steve Sakoman
` (4 preceding siblings ...)
2025-07-14 16:22 ` [OE-core][walnascar 05/15] python3: update CVE product Steve Sakoman
@ 2025-07-14 16:23 ` Steve Sakoman
2025-07-14 16:23 ` [OE-core][walnascar 07/15] webkitgtk: Use gcc to compile for arm target Steve Sakoman
` (8 subsequent siblings)
14 siblings, 0 replies; 17+ messages in thread
From: Steve Sakoman @ 2025-07-14 16:23 UTC (permalink / raw)
To: openembedded-core
From: Khem Raj <raj.khem@gmail.com>
Fixes
/webkitgtk-2.48.1/Source/WebCore/platform/audio/DenormalDisabler.cpp:94:47:
↪ error: expected ';' after default
| 94 | DenormalDisabler::DenormalDisabler() = default
| | ^
| | ;
(From OE-Core rev: 3325e4e7fc82861abf7505ed4f7926dacab96b30)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../webkitgtk/fix-ftbfs-non-arm-non-x86.patch | 31 +++++++++++++++++++
meta/recipes-sato/webkit/webkitgtk_2.48.1.bb | 1 +
2 files changed, 32 insertions(+)
create mode 100644 meta/recipes-sato/webkit/webkitgtk/fix-ftbfs-non-arm-non-x86.patch
diff --git a/meta/recipes-sato/webkit/webkitgtk/fix-ftbfs-non-arm-non-x86.patch b/meta/recipes-sato/webkit/webkitgtk/fix-ftbfs-non-arm-non-x86.patch
new file mode 100644
index 0000000000..2381acb1b0
--- /dev/null
+++ b/meta/recipes-sato/webkit/webkitgtk/fix-ftbfs-non-arm-non-x86.patch
@@ -0,0 +1,31 @@
+From 8bee9eb95ae24c6a410f9cd614976f4653d020d9 Mon Sep 17 00:00:00 2001
+From: Michael Catanzaro <mcatanzaro@redhat.com>
+Date: Wed, 2 Apr 2025 15:01:55 -0500
+Subject: [PATCH] REGRESSION(290945.129@webkitglib/2.48): Broke non-x86,
+ non-ARM builds https://bugs.webkit.org/show_bug.cgi?id=287662
+
+Unreviewed stable branch build fix.
+
+* Source/WebCore/platform/audio/DenormalDisabler.cpp:
+
+Canonical link: https://commits.webkit.org/290945.155@webkitglib/2.48
+
+Upstream-Status: Backport [https://github.com/WebKit/WebKit/commit/8bee9eb95ae24c6a410f9cd614976f4653d020d9]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ Source/WebCore/platform/audio/DenormalDisabler.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Source/WebCore/platform/audio/DenormalDisabler.cpp b/Source/WebCore/platform/audio/DenormalDisabler.cpp
+index 35715e663ce7e..44ba08a33d5d9 100644
+--- a/Source/WebCore/platform/audio/DenormalDisabler.cpp
++++ b/Source/WebCore/platform/audio/DenormalDisabler.cpp
+@@ -91,7 +91,7 @@ DenormalDisabler::~DenormalDisabler()
+ }
+ }
+ #else
+-DenormalDisabler::DenormalDisabler() = default
++DenormalDisabler::DenormalDisabler() = default;
+ DenormalDisabler::~DenormalDisabler() = default;
+ #endif
+
diff --git a/meta/recipes-sato/webkit/webkitgtk_2.48.1.bb b/meta/recipes-sato/webkit/webkitgtk_2.48.1.bb
index 58d0a11202..5b9846a6d6 100644
--- a/meta/recipes-sato/webkit/webkitgtk_2.48.1.bb
+++ b/meta/recipes-sato/webkit/webkitgtk_2.48.1.bb
@@ -18,6 +18,7 @@ SRC_URI = "https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \
file://sys_futex.patch \
file://0001-Fix-build-errors-on-RISCV-https-bugs.webkit.org-show.patch \
file://fix-ftbfs-riscv64.patch \
+ file://fix-ftbfs-non-arm-non-x86.patch \
"
SRC_URI[sha256sum] = "98efdf21c4cdca0fe0b73ab5a8cb52093b5aa52d9b1b016a93f71dbfa1eb258f"
--
2.43.0
^ permalink raw reply related [flat|nested] 17+ messages in thread* [OE-core][walnascar 07/15] webkitgtk: Use gcc to compile for arm target
2025-07-14 16:22 [OE-core][walnascar 00/15] Patch review Steve Sakoman
` (5 preceding siblings ...)
2025-07-14 16:23 ` [OE-core][walnascar 06/15] webkitgtk: Fix build break on non-arm/non-x86 systems Steve Sakoman
@ 2025-07-14 16:23 ` Steve Sakoman
2025-07-14 16:23 ` [OE-core][walnascar 08/15] webkitgtk: upgrade 2.48.1 -> 2.48.2 Steve Sakoman
` (7 subsequent siblings)
14 siblings, 0 replies; 17+ messages in thread
From: Steve Sakoman @ 2025-07-14 16:23 UTC (permalink / raw)
To: openembedded-core
From: Khem Raj <raj.khem@gmail.com>
Builds with clang run into compiler errors
<inline asm>:320:1: error: Relocation Not In Range
320 | movw r4, #:lower16:.Lllint_op_tail_call_varargs - .Lllint_relativePCBase
| ^
(From OE-Core rev: be459bf17d5e47c51d96da1a571de01790c277b9)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-sato/webkit/webkitgtk_2.48.1.bb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/recipes-sato/webkit/webkitgtk_2.48.1.bb b/meta/recipes-sato/webkit/webkitgtk_2.48.1.bb
index 5b9846a6d6..a58b44440e 100644
--- a/meta/recipes-sato/webkit/webkitgtk_2.48.1.bb
+++ b/meta/recipes-sato/webkit/webkitgtk_2.48.1.bb
@@ -176,3 +176,5 @@ src_package_preprocess () {
${B}/WebKitGTK/DerivedSources/webkit/*.cpp
}
+# Clang-20 issue - https://github.com/llvm/llvm-project/issues/132322
+TOOLCHAIN:arm = "gcc"
--
2.43.0
^ permalink raw reply related [flat|nested] 17+ messages in thread* [OE-core][walnascar 08/15] webkitgtk: upgrade 2.48.1 -> 2.48.2
2025-07-14 16:22 [OE-core][walnascar 00/15] Patch review Steve Sakoman
` (6 preceding siblings ...)
2025-07-14 16:23 ` [OE-core][walnascar 07/15] webkitgtk: Use gcc to compile for arm target Steve Sakoman
@ 2025-07-14 16:23 ` Steve Sakoman
2025-07-14 16:23 ` [OE-core][walnascar 09/15] sudo: upgrade 1.9.16p2 -> 1.9.17 Steve Sakoman
` (6 subsequent siblings)
14 siblings, 0 replies; 17+ messages in thread
From: Steve Sakoman @ 2025-07-14 16:23 UTC (permalink / raw)
To: openembedded-core
From: Yogita Urade <yogita.urade@windriver.com>
Includes fix for CVE-2025-24223, CVE-2025-31204, CVE-2025-31205,
CVE-2025-31206, CVE-2025-31215 and CVE-2025-31257.
Changelog:
=========
- Enable CSS Overscroll Behavior by default.
- Change threaded rendering implementation to use Skia API
instead of WebCore display list that is not thread safe.
- Fix rendering when device scale factor change comes before
the web view geometry update.
- Fix network process crash on exit.
- Fix the build with ENABLE_RESOURCE_USAGE=OFF.
- Fix several crashes and rendering issues.
Drop fix-ftbfs-non-arm-non-x86.patch which is part of upgrade.
(From OE-Core rev: f33b79a07117d4327949aa1661221a3b9bc0f7e3)
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../webkitgtk/fix-ftbfs-non-arm-non-x86.patch | 31 -------------------
...ebkitgtk_2.48.1.bb => webkitgtk_2.48.2.bb} | 3 +-
2 files changed, 1 insertion(+), 33 deletions(-)
delete mode 100644 meta/recipes-sato/webkit/webkitgtk/fix-ftbfs-non-arm-non-x86.patch
rename meta/recipes-sato/webkit/{webkitgtk_2.48.1.bb => webkitgtk_2.48.2.bb} (98%)
diff --git a/meta/recipes-sato/webkit/webkitgtk/fix-ftbfs-non-arm-non-x86.patch b/meta/recipes-sato/webkit/webkitgtk/fix-ftbfs-non-arm-non-x86.patch
deleted file mode 100644
index 2381acb1b0..0000000000
--- a/meta/recipes-sato/webkit/webkitgtk/fix-ftbfs-non-arm-non-x86.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 8bee9eb95ae24c6a410f9cd614976f4653d020d9 Mon Sep 17 00:00:00 2001
-From: Michael Catanzaro <mcatanzaro@redhat.com>
-Date: Wed, 2 Apr 2025 15:01:55 -0500
-Subject: [PATCH] REGRESSION(290945.129@webkitglib/2.48): Broke non-x86,
- non-ARM builds https://bugs.webkit.org/show_bug.cgi?id=287662
-
-Unreviewed stable branch build fix.
-
-* Source/WebCore/platform/audio/DenormalDisabler.cpp:
-
-Canonical link: https://commits.webkit.org/290945.155@webkitglib/2.48
-
-Upstream-Status: Backport [https://github.com/WebKit/WebKit/commit/8bee9eb95ae24c6a410f9cd614976f4653d020d9]
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- Source/WebCore/platform/audio/DenormalDisabler.cpp | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/Source/WebCore/platform/audio/DenormalDisabler.cpp b/Source/WebCore/platform/audio/DenormalDisabler.cpp
-index 35715e663ce7e..44ba08a33d5d9 100644
---- a/Source/WebCore/platform/audio/DenormalDisabler.cpp
-+++ b/Source/WebCore/platform/audio/DenormalDisabler.cpp
-@@ -91,7 +91,7 @@ DenormalDisabler::~DenormalDisabler()
- }
- }
- #else
--DenormalDisabler::DenormalDisabler() = default
-+DenormalDisabler::DenormalDisabler() = default;
- DenormalDisabler::~DenormalDisabler() = default;
- #endif
-
diff --git a/meta/recipes-sato/webkit/webkitgtk_2.48.1.bb b/meta/recipes-sato/webkit/webkitgtk_2.48.2.bb
similarity index 98%
rename from meta/recipes-sato/webkit/webkitgtk_2.48.1.bb
rename to meta/recipes-sato/webkit/webkitgtk_2.48.2.bb
index a58b44440e..75a39558db 100644
--- a/meta/recipes-sato/webkit/webkitgtk_2.48.1.bb
+++ b/meta/recipes-sato/webkit/webkitgtk_2.48.2.bb
@@ -18,9 +18,8 @@ SRC_URI = "https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \
file://sys_futex.patch \
file://0001-Fix-build-errors-on-RISCV-https-bugs.webkit.org-show.patch \
file://fix-ftbfs-riscv64.patch \
- file://fix-ftbfs-non-arm-non-x86.patch \
"
-SRC_URI[sha256sum] = "98efdf21c4cdca0fe0b73ab5a8cb52093b5aa52d9b1b016a93f71dbfa1eb258f"
+SRC_URI[sha256sum] = "ec58f6dfc25d3b360388e192f865068d69aab09b4d7df021f90e314d2fa54f37"
inherit cmake pkgconfig gobject-introspection perlnative features_check upstream-version-is-even gi-docgen
--
2.43.0
^ permalink raw reply related [flat|nested] 17+ messages in thread* [OE-core][walnascar 09/15] sudo: upgrade 1.9.16p2 -> 1.9.17
2025-07-14 16:22 [OE-core][walnascar 00/15] Patch review Steve Sakoman
` (7 preceding siblings ...)
2025-07-14 16:23 ` [OE-core][walnascar 08/15] webkitgtk: upgrade 2.48.1 -> 2.48.2 Steve Sakoman
@ 2025-07-14 16:23 ` Steve Sakoman
2025-07-14 16:23 ` [OE-core][walnascar 10/15] sudo: upgrade 1.9.17 -> 1.9.17p1 Steve Sakoman
` (5 subsequent siblings)
14 siblings, 0 replies; 17+ messages in thread
From: Steve Sakoman @ 2025-07-14 16:23 UTC (permalink / raw)
To: openembedded-core
From: Wang Mingyu <wangmy@fujitsu.com>
License-Update: Copyright updated to 2025
0001-sudo.conf.in-fix-conflict-with-multilib.patch
refreshed for 1.9.17
(From OE-Core rev: c21ed3c8f4ca76ff7c65cf71a93759fad8846386)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9d41127b241133267449d81c92eb89123e8a6f48)
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../0001-sudo.conf.in-fix-conflict-with-multilib.patch | 6 +++---
meta/recipes-extended/sudo/sudo.inc | 2 +-
.../sudo/{sudo_1.9.16p2.bb => sudo_1.9.17.bb} | 2 +-
3 files changed, 5 insertions(+), 5 deletions(-)
rename meta/recipes-extended/sudo/{sudo_1.9.16p2.bb => sudo_1.9.17.bb} (96%)
diff --git a/meta/recipes-extended/sudo/files/0001-sudo.conf.in-fix-conflict-with-multilib.patch b/meta/recipes-extended/sudo/files/0001-sudo.conf.in-fix-conflict-with-multilib.patch
index ec0384e257..1989c5abd7 100644
--- a/meta/recipes-extended/sudo/files/0001-sudo.conf.in-fix-conflict-with-multilib.patch
+++ b/meta/recipes-extended/sudo/files/0001-sudo.conf.in-fix-conflict-with-multilib.patch
@@ -1,4 +1,4 @@
-From 61ae82a2ba502492b6a78f248258abb71daeb227 Mon Sep 17 00:00:00 2001
+From 8c69192754ba73dd6e3273728a21aa73988f4bfb Mon Sep 17 00:00:00 2001
From: Kai Kang <kai.kang@windriver.com>
Date: Tue, 17 Nov 2020 11:13:40 +0800
Subject: [PATCH] sudo.conf.in: fix conflict with multilib
@@ -20,7 +20,7 @@ Upstream-Status: Inappropriate [OE configuration specific]
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/examples/sudo.conf.in b/examples/sudo.conf.in
-index 2187457..0908d24 100644
+index bdd676c..094341c 100644
--- a/examples/sudo.conf.in
+++ b/examples/sudo.conf.in
@@ -4,7 +4,7 @@
@@ -52,7 +52,7 @@ index 2187457..0908d24 100644
# Sudo plugin directory:
@@ -74,7 +74,7 @@
# The default directory to use when searching for plugins that are
- # specified without a fully qualified path name.
+ # specified without a fully-qualified path name.
#
-#Path plugin_dir @plugindir@
+#Path plugin_dir $plugindir
diff --git a/meta/recipes-extended/sudo/sudo.inc b/meta/recipes-extended/sudo/sudo.inc
index 0afbf669f0..a23de1fcf7 100644
--- a/meta/recipes-extended/sudo/sudo.inc
+++ b/meta/recipes-extended/sudo/sudo.inc
@@ -4,7 +4,7 @@ HOMEPAGE = "http://www.sudo.ws"
BUGTRACKER = "http://www.sudo.ws/bugs/"
SECTION = "admin"
LICENSE = "ISC & BSD-3-Clause & BSD-2-Clause & Zlib"
-LIC_FILES_CHKSUM = "file://LICENSE.md;md5=0a6876cbeb2aa51837935ba3fd82ee87 \
+LIC_FILES_CHKSUM = "file://LICENSE.md;md5=2841c822e587db145364ca95e9be2ffa \
file://plugins/sudoers/redblack.c;beginline=1;endline=46;md5=03e35317699ba00b496251e0dfe9f109 \
file://lib/util/reallocarray.c;beginline=3;endline=15;md5=397dd45c7683e90b9f8bf24638cf03bf \
file://lib/util/fnmatch.c;beginline=3;endline=27;md5=004d7d2866ba1f5b41174906849d2e0f \
diff --git a/meta/recipes-extended/sudo/sudo_1.9.16p2.bb b/meta/recipes-extended/sudo/sudo_1.9.17.bb
similarity index 96%
rename from meta/recipes-extended/sudo/sudo_1.9.16p2.bb
rename to meta/recipes-extended/sudo/sudo_1.9.17.bb
index fbe507ad32..71d48f448d 100644
--- a/meta/recipes-extended/sudo/sudo_1.9.16p2.bb
+++ b/meta/recipes-extended/sudo/sudo_1.9.17.bb
@@ -7,7 +7,7 @@ SRC_URI = "https://www.sudo.ws/dist/sudo-${PV}.tar.gz \
PAM_SRC_URI = "file://sudo.pam"
-SRC_URI[sha256sum] = "976aa56d3e3b2a75593307864288addb748c9c136e25d95a9cc699aafa77239c"
+SRC_URI[sha256sum] = "3f212c69d534d5822b492d099abb02a593f91ca99f5afde5cb9bd3e1dcdad069"
DEPENDS += " virtual/crypt ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
RDEPENDS:${PN} += " ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-limits pam-plugin-keyinit', '', d)}"
--
2.43.0
^ permalink raw reply related [flat|nested] 17+ messages in thread* [OE-core][walnascar 10/15] sudo: upgrade 1.9.17 -> 1.9.17p1
2025-07-14 16:22 [OE-core][walnascar 00/15] Patch review Steve Sakoman
` (8 preceding siblings ...)
2025-07-14 16:23 ` [OE-core][walnascar 09/15] sudo: upgrade 1.9.16p2 -> 1.9.17 Steve Sakoman
@ 2025-07-14 16:23 ` Steve Sakoman
2025-07-14 16:23 ` [OE-core][walnascar 11/15] openssl: upgrade 3.4.1 -> 3.4.2 Steve Sakoman
` (4 subsequent siblings)
14 siblings, 0 replies; 17+ messages in thread
From: Steve Sakoman @ 2025-07-14 16:23 UTC (permalink / raw)
To: openembedded-core
From: Praveen Kumar <praveen.kumar@windriver.com>
Changelog:
===========
* Fixed CVE-2025-32462. Sudo's -h (--host) option could be specified
when running a command or editing a file. This could enable a
local privilege escalation attack if the sudoers file allows the
user to run commands on a different host.
* Fixed CVE-2025-32463. An attacker can leverage sudo's -R
(--chroot) option to run arbitrary commands as root, even if
they are not listed in the sudoers file. The chroot support has
been deprecated an will be removed entirely in a future release.
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-extended/sudo/{sudo_1.9.17.bb => sudo_1.9.17p1.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-extended/sudo/{sudo_1.9.17.bb => sudo_1.9.17p1.bb} (96%)
diff --git a/meta/recipes-extended/sudo/sudo_1.9.17.bb b/meta/recipes-extended/sudo/sudo_1.9.17p1.bb
similarity index 96%
rename from meta/recipes-extended/sudo/sudo_1.9.17.bb
rename to meta/recipes-extended/sudo/sudo_1.9.17p1.bb
index 71d48f448d..83bfc0621c 100644
--- a/meta/recipes-extended/sudo/sudo_1.9.17.bb
+++ b/meta/recipes-extended/sudo/sudo_1.9.17p1.bb
@@ -7,7 +7,7 @@ SRC_URI = "https://www.sudo.ws/dist/sudo-${PV}.tar.gz \
PAM_SRC_URI = "file://sudo.pam"
-SRC_URI[sha256sum] = "3f212c69d534d5822b492d099abb02a593f91ca99f5afde5cb9bd3e1dcdad069"
+SRC_URI[sha256sum] = "ff607ea717072197738a78f778692cd6df9a7e3e404565f51de063ca27455d32"
DEPENDS += " virtual/crypt ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
RDEPENDS:${PN} += " ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-limits pam-plugin-keyinit', '', d)}"
--
2.43.0
^ permalink raw reply related [flat|nested] 17+ messages in thread* [OE-core][walnascar 11/15] openssl: upgrade 3.4.1 -> 3.4.2
2025-07-14 16:22 [OE-core][walnascar 00/15] Patch review Steve Sakoman
` (9 preceding siblings ...)
2025-07-14 16:23 ` [OE-core][walnascar 10/15] sudo: upgrade 1.9.17 -> 1.9.17p1 Steve Sakoman
@ 2025-07-14 16:23 ` Steve Sakoman
2025-07-14 16:23 ` [OE-core][walnascar 12/15] libpam: upgrade 1.7.0 -> 1.7.1 Steve Sakoman
` (3 subsequent siblings)
14 siblings, 0 replies; 17+ messages in thread
From: Steve Sakoman @ 2025-07-14 16:23 UTC (permalink / raw)
To: openembedded-core
From: Archana Polampalli <archana.polampalli@windriver.com>
https://github.com/openssl/openssl/blob/openssl-3.4.2/NEWS.md
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../openssl/{openssl_3.4.1.bb => openssl_3.4.2.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-connectivity/openssl/{openssl_3.4.1.bb => openssl_3.4.2.bb} (99%)
diff --git a/meta/recipes-connectivity/openssl/openssl_3.4.1.bb b/meta/recipes-connectivity/openssl/openssl_3.4.2.bb
similarity index 99%
rename from meta/recipes-connectivity/openssl/openssl_3.4.1.bb
rename to meta/recipes-connectivity/openssl/openssl_3.4.2.bb
index 8da64aea6a..2998e37e75 100644
--- a/meta/recipes-connectivity/openssl/openssl_3.4.1.bb
+++ b/meta/recipes-connectivity/openssl/openssl_3.4.2.bb
@@ -18,7 +18,7 @@ SRC_URI:append:class-nativesdk = " \
file://environment.d-openssl.sh \
"
-SRC_URI[sha256sum] = "002a2d6b30b58bf4bea46c43bdd96365aaf8daa6c428782aa4feee06da197df3"
+SRC_URI[sha256sum] = "17b02459fc28be415470cccaae7434f3496cac1306b86b52c83886580e82834c"
inherit lib_package multilib_header multilib_script ptest perlnative manpages
MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
--
2.43.0
^ permalink raw reply related [flat|nested] 17+ messages in thread* [OE-core][walnascar 12/15] libpam: upgrade 1.7.0 -> 1.7.1
2025-07-14 16:22 [OE-core][walnascar 00/15] Patch review Steve Sakoman
` (10 preceding siblings ...)
2025-07-14 16:23 ` [OE-core][walnascar 11/15] openssl: upgrade 3.4.1 -> 3.4.2 Steve Sakoman
@ 2025-07-14 16:23 ` Steve Sakoman
2025-07-14 16:23 ` [OE-core][walnascar 13/15] ruby: upgrade 3.4.3 -> 3.4.4 Steve Sakoman
` (2 subsequent siblings)
14 siblings, 0 replies; 17+ messages in thread
From: Steve Sakoman @ 2025-07-14 16:23 UTC (permalink / raw)
To: openembedded-core
From: Wang Mingyu <wangmy@fujitsu.com>
0001-meson.build-correct-check-for-existence-of-two-prepr.patch
removed since it's included in 1.7.1
Changelog:
===============
* pam_access: do not resolve ttys or display variables as hostnames.
* pam_access: added "nodns" option to disallow resolving of tokens as hostnames
(CVE-2024-10963).
* pam_limits: added support for rttime (RLIMIT_RTTIME).
* pam_namespace: fixed potential privilege escalation (CVE-2025-6020).
* meson: added support of elogind as a logind provider.
* Multiple minor bug fixes, build fixes, portability fixes,
documentation improvements, and translation updates.
(From OE-Core rev: 5e77c48e074a20e58a233ab5ed6d8ef09bbd55c8)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
...ect-check-for-existence-of-two-prepr.patch | 40 -------------------
.../pam/{libpam_1.7.0.bb => libpam_1.7.1.bb} | 3 +-
2 files changed, 1 insertion(+), 42 deletions(-)
delete mode 100644 meta/recipes-extended/pam/libpam/0001-meson.build-correct-check-for-existence-of-two-prepr.patch
rename meta/recipes-extended/pam/{libpam_1.7.0.bb => libpam_1.7.1.bb} (97%)
diff --git a/meta/recipes-extended/pam/libpam/0001-meson.build-correct-check-for-existence-of-two-prepr.patch b/meta/recipes-extended/pam/libpam/0001-meson.build-correct-check-for-existence-of-two-prepr.patch
deleted file mode 100644
index ef087ffc06..0000000000
--- a/meta/recipes-extended/pam/libpam/0001-meson.build-correct-check-for-existence-of-two-prepr.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 9b5182d4781bcd6fb37a4030faf325965fde3e93 Mon Sep 17 00:00:00 2001
-From: Alexander Kanavin <alex@linutronix.de>
-Date: Thu, 28 Nov 2024 20:32:17 +0100
-Subject: [PATCH] meson: correct check for existence of two preprocessor
- defines
-
-sizeof is meant for *types*, and in case of cross compiling
-the test program produced by it has incorrect syntax
- __NR_keyctl something;
-and will always fail to compile.
-
-* meson.build: Use cc.get_define() instead of cc.sizeof() to check for
-preprocessor symbols.
-
-Co-authored-by: Dmitry V. Levin <ldv@strace.io>
-Upstream-Status: Backport [https://github.com/linux-pam/linux-pam/pull/861]
-Signed-off-by: Alexander Kanavin <alex@linutronix.de>
----
- meson.build | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/meson.build b/meson.build
-index f6a7dafe9..307fed0aa 100644
---- a/meson.build
-+++ b/meson.build
-@@ -198,12 +198,12 @@ foreach ident: check_functions
- endif
- endforeach
-
--enable_pam_keyinit = cc.sizeof('__NR_keyctl', prefix: '#include <sys/syscall.h>') > 0
-+enable_pam_keyinit = cc.get_define('__NR_keyctl', prefix: '#include <sys/syscall.h>') != ''
-
- if get_option('mailspool') != ''
- cdata.set_quoted('PAM_PATH_MAILDIR', get_option('mailspool'))
- else
-- have = cc.sizeof('_PATH_MAILDIR', prefix: '#include <paths.h>') > 0
-+ have = cc.get_define('_PATH_MAILDIR', prefix: '#include <paths.h>') != ''
- cdata.set('PAM_PATH_MAILDIR', have ? '_PATH_MAILDIR' : '"/var/spool/mail"')
- endif
-
diff --git a/meta/recipes-extended/pam/libpam_1.7.0.bb b/meta/recipes-extended/pam/libpam_1.7.1.bb
similarity index 97%
rename from meta/recipes-extended/pam/libpam_1.7.0.bb
rename to meta/recipes-extended/pam/libpam_1.7.1.bb
index 4abc52bd93..68857c5138 100644
--- a/meta/recipes-extended/pam/libpam_1.7.0.bb
+++ b/meta/recipes-extended/pam/libpam_1.7.1.bb
@@ -22,10 +22,9 @@ SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/Linux-PAM-${PV}.tar.xz \
file://pam.d/other \
file://run-ptest \
file://pam-volatiles.conf \
- file://0001-meson.build-correct-check-for-existence-of-two-prepr.patch \
"
-SRC_URI[sha256sum] = "57dcd7a6b966ecd5bbd95e1d11173734691e16b68692fa59661cdae9b13b1697"
+SRC_URI[sha256sum] = "21dbcec6e01dd578f14789eac9024a18941e6f2702a05cf91b28c232eeb26ab0"
DEPENDS = "bison-native flex-native libxml2-native virtual/crypt"
--
2.43.0
^ permalink raw reply related [flat|nested] 17+ messages in thread* [OE-core][walnascar 13/15] ruby: upgrade 3.4.3 -> 3.4.4
2025-07-14 16:22 [OE-core][walnascar 00/15] Patch review Steve Sakoman
` (11 preceding siblings ...)
2025-07-14 16:23 ` [OE-core][walnascar 12/15] libpam: upgrade 1.7.0 -> 1.7.1 Steve Sakoman
@ 2025-07-14 16:23 ` Steve Sakoman
2025-07-14 16:23 ` [OE-core][walnascar 14/15] mingetty: fix do_package warning Steve Sakoman
2025-07-14 16:23 ` [OE-core][walnascar 15/15] ltp: backport patch to fix compilation error for Skylake -march=x86-64-v3 Steve Sakoman
14 siblings, 0 replies; 17+ messages in thread
From: Steve Sakoman @ 2025-07-14 16:23 UTC (permalink / raw)
To: openembedded-core
From: Wang Mingyu <wangmy@fujitsu.com>
0002-Obey-LDFLAGS-for-the-link-of-libruby.patch
0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch
refreshed for 3.4.4
(From OE-Core rev: 33d75adff3c100d4c16a9dc51dd19f48e20cf328)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../ruby/0002-Obey-LDFLAGS-for-the-link-of-libruby.patch | 6 +++---
...Mark-Gemspec-reproducible-change-fixing-784225-too.patch | 6 +++---
meta/recipes-devtools/ruby/{ruby_3.4.3.bb => ruby_3.4.4.bb} | 2 +-
3 files changed, 7 insertions(+), 7 deletions(-)
rename meta/recipes-devtools/ruby/{ruby_3.4.3.bb => ruby_3.4.4.bb} (98%)
diff --git a/meta/recipes-devtools/ruby/ruby/0002-Obey-LDFLAGS-for-the-link-of-libruby.patch b/meta/recipes-devtools/ruby/ruby/0002-Obey-LDFLAGS-for-the-link-of-libruby.patch
index bb67df0f40..84fe9aee3d 100644
--- a/meta/recipes-devtools/ruby/ruby/0002-Obey-LDFLAGS-for-the-link-of-libruby.patch
+++ b/meta/recipes-devtools/ruby/ruby/0002-Obey-LDFLAGS-for-the-link-of-libruby.patch
@@ -1,4 +1,4 @@
-From 7e2337d8b0daf264785cb06d1d6c7d61e428a11b Mon Sep 17 00:00:00 2001
+From 2625f6c155105d352d6a1ff3a722e7896431ff91 Mon Sep 17 00:00:00 2001
From: Christopher Larson <chris_larson@mentor.com>
Date: Thu, 5 May 2016 10:59:07 -0700
Subject: [PATCH] Obey LDFLAGS for the link of libruby
@@ -10,10 +10,10 @@ Upstream-Status: Pending
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/template/Makefile.in b/template/Makefile.in
-index 05432cd..41a05bb 100644
+index 8f996b8..c708b64 100644
--- a/template/Makefile.in
+++ b/template/Makefile.in
-@@ -119,7 +119,7 @@ ENABLE_SHARED = @ENABLE_SHARED@
+@@ -120,7 +120,7 @@ ENABLE_SHARED = @ENABLE_SHARED@
LDSHARED = @LIBRUBY_LDSHARED@
DLDSHARED = @DLDSHARED@
XDLDFLAGS = @DLDFLAGS@
diff --git a/meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch b/meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch
index eda45dd862..190eb7d728 100644
--- a/meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch
+++ b/meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch
@@ -1,4 +1,4 @@
-From ff25f6dddcfbbb7b0464485bb5132458866ab51a Mon Sep 17 00:00:00 2001
+From 97051be9cb9317d2c4d61a82d6d953809e962f13 Mon Sep 17 00:00:00 2001
From: Lucas Kanashiro <kanashiro@debian.org>
Date: Fri, 1 Nov 2019 15:25:17 -0300
Subject: [PATCH] Make gemspecs reproducible
@@ -12,10 +12,10 @@ Upstream-Status: Backport [debian]
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/lib/rubygems/specification.rb b/lib/rubygems/specification.rb
-index 8f353ae..095125f 100644
+index 0b905a7..a102e3c 100644
--- a/lib/rubygems/specification.rb
+++ b/lib/rubygems/specification.rb
-@@ -1711,7 +1711,9 @@ class Gem::Specification < Gem::BasicSpecification
+@@ -1709,7 +1709,9 @@ class Gem::Specification < Gem::BasicSpecification
raise(Gem::InvalidSpecificationException,
"invalid date format in specification: #{date.inspect}")
end
diff --git a/meta/recipes-devtools/ruby/ruby_3.4.3.bb b/meta/recipes-devtools/ruby/ruby_3.4.4.bb
similarity index 98%
rename from meta/recipes-devtools/ruby/ruby_3.4.3.bb
rename to meta/recipes-devtools/ruby/ruby_3.4.4.bb
index 45047b8859..39e86fdd28 100644
--- a/meta/recipes-devtools/ruby/ruby_3.4.3.bb
+++ b/meta/recipes-devtools/ruby/ruby_3.4.4.bb
@@ -48,7 +48,7 @@ do_configure:prepend() {
DEPENDS:append:libc-musl = " libucontext"
-SRC_URI[sha256sum] = "55a4cd1dcbe5ca27cf65e89a935a482c2bb2284832939266551c0ec68b437f46"
+SRC_URI[sha256sum] = "a0597bfdf312e010efd1effaa8d7f1d7833146fdc17950caa8158ffa3dcbfa85"
PACKAGECONFIG ??= ""
PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}"
--
2.43.0
^ permalink raw reply related [flat|nested] 17+ messages in thread* [OE-core][walnascar 14/15] mingetty: fix do_package warning
2025-07-14 16:22 [OE-core][walnascar 00/15] Patch review Steve Sakoman
` (12 preceding siblings ...)
2025-07-14 16:23 ` [OE-core][walnascar 13/15] ruby: upgrade 3.4.3 -> 3.4.4 Steve Sakoman
@ 2025-07-14 16:23 ` Steve Sakoman
2025-07-14 16:23 ` [OE-core][walnascar 15/15] ltp: backport patch to fix compilation error for Skylake -march=x86-64-v3 Steve Sakoman
14 siblings, 0 replies; 17+ messages in thread
From: Steve Sakoman @ 2025-07-14 16:23 UTC (permalink / raw)
To: openembedded-core
From: Changqing Li <changqing.li@windriver.com>
Reproduce steps(Under the same project dir):
1. enable DISTRO_FEATURES usrmerge, bitbake mingetty
2. disable DISTRO_FEATURES usrmerge, bitbake mingetty
Result in step 2:
WARNING: mingetty-1.08-r3 do_package: mingetty: NOT adding alternative provide /usr/sbin/getty: /usr/sbin/mingetty does not exist
WARNING: mingetty-1.08-r3 do_package: QA Issue: mingetty: Files/directories were installed but not shipped in any package:
/sbin
/usr/sbin
In step1, Line SBINDIR=/sbin is replaced to SBINDIR=/usr/sbin, in step2,
since do_fetch does not rerun, Makefile still has SBINDIR=/usr/sbin, so
sed not works as expected, SBINDIR still equal to /usr/sbin when disable
usrmerge. And cause above two warnings.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-extended/mingetty/mingetty_1.08.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-extended/mingetty/mingetty_1.08.bb b/meta/recipes-extended/mingetty/mingetty_1.08.bb
index 00d2564257..5aa19f6c8f 100644
--- a/meta/recipes-extended/mingetty/mingetty_1.08.bb
+++ b/meta/recipes-extended/mingetty/mingetty_1.08.bb
@@ -16,7 +16,7 @@ EXTRA_OEMAKE = "CC='${CC}' \
CFLAGS='${CFLAGS} -D_GNU_SOURCE'"
do_install(){
- sed -i -e "s;SBINDIR=/sbin;SBINDIR=$base_sbindir;" ${S}/Makefile
+ sed -i -e "/^SBINDIR=/c SBINDIR=$base_sbindir" ${S}/Makefile
install -d ${D}${mandir}/man8 ${D}/${base_sbindir}
oe_runmake install DESTDIR=${D}
}
--
2.43.0
^ permalink raw reply related [flat|nested] 17+ messages in thread* [OE-core][walnascar 15/15] ltp: backport patch to fix compilation error for Skylake -march=x86-64-v3
2025-07-14 16:22 [OE-core][walnascar 00/15] Patch review Steve Sakoman
` (13 preceding siblings ...)
2025-07-14 16:23 ` [OE-core][walnascar 14/15] mingetty: fix do_package warning Steve Sakoman
@ 2025-07-14 16:23 ` Steve Sakoman
14 siblings, 0 replies; 17+ messages in thread
From: Steve Sakoman @ 2025-07-14 16:23 UTC (permalink / raw)
To: openembedded-core
From: Yogesh Tyagi <yogesh.tyagi@intel.com>
When the input compiler enables AVX, stack realignment requirements
causes gcc to fail to omit %rbp use, due to which the test fails to
clobber %rbp in inline asm. Disable AVX to build the test on x86_64 so
that the test continues working.
(From OE-Core rev: bbd3e7886e2ec5ab3578d618b28d007a80d917aa)
Signed-off-by: Yogesh Tyagi <yogesh.tyagi@intel.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
...cve-2015-3290-Disable-AVX-for-x86_64.patch | 42 +++++++++++++++++++
meta/recipes-extended/ltp/ltp_20250130.bb | 1 +
2 files changed, 43 insertions(+)
create mode 100644 meta/recipes-extended/ltp/ltp/0001-cve-2015-3290-Disable-AVX-for-x86_64.patch
diff --git a/meta/recipes-extended/ltp/ltp/0001-cve-2015-3290-Disable-AVX-for-x86_64.patch b/meta/recipes-extended/ltp/ltp/0001-cve-2015-3290-Disable-AVX-for-x86_64.patch
new file mode 100644
index 0000000000..c6fae88eb9
--- /dev/null
+++ b/meta/recipes-extended/ltp/ltp/0001-cve-2015-3290-Disable-AVX-for-x86_64.patch
@@ -0,0 +1,42 @@
+From 28d823a63ee29f5d72c2aba781a06a7e2651cadc Mon Sep 17 00:00:00 2001
+From: Siddhesh Poyarekar <siddhesh@gotplt.org>
+Date: Mon, 7 Apr 2025 06:24:47 -0400
+Subject: [PATCH] cve-2015-3290: Disable AVX for x86_64
+
+When the input compiler enables AVX, stack realignment requirements
+causes gcc to fail to omit %rbp use, due to which the test fails to
+clobber %rbp in inline asm. Disable AVX to build the test on x86_64 so
+that the test continues working.
+
+Link: https://lore.kernel.org/ltp/20250407102448.2605506-2-siddhesh@gotplt.org/
+
+Upstream-Status: Backport [https://github.com/linux-test-project/ltp/commit/28d823a63ee29f5d72c2aba781a06a7e2651cadc]
+
+Reviewed-by: Martin Doucha <mdoucha@suse.cz>
+Reviewed-by: Petr Vorel <pvorel@suse.cz>
+Signed-off-by: Siddhesh Poyarekar <siddhesh@gotplt.org>
+
+---
+ testcases/cve/Makefile | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/testcases/cve/Makefile b/testcases/cve/Makefile
+index 01b9b9ccb..98c38e908 100644
+--- a/testcases/cve/Makefile
++++ b/testcases/cve/Makefile
+@@ -22,6 +22,12 @@ ifneq (,$(filter $(HOST_CPU),x86 x86_64))
+ meltdown: CFLAGS += -msse2
+ endif
+
++# The test needs to clobber %rbp, which requires frame pointer omission. Also
++# for x86_64, disable AVX since that could sometimes require a stack
++# realignment, which gets in the way of frame pointer omission.
+ cve-2015-3290: CFLAGS += -pthread -fomit-frame-pointer
++ifeq ($(HOST_CPU),x86_64)
++cve-2015-3290: CFLAGS += -mno-avx
++endif
+
+ include $(top_srcdir)/include/mk/generic_leaf_target.mk
+--
+2.37.3
+
diff --git a/meta/recipes-extended/ltp/ltp_20250130.bb b/meta/recipes-extended/ltp/ltp_20250130.bb
index 690224e6d7..f9521acbc6 100644
--- a/meta/recipes-extended/ltp/ltp_20250130.bb
+++ b/meta/recipes-extended/ltp/ltp_20250130.bb
@@ -30,6 +30,7 @@ SRC_URI = "git://github.com/linux-test-project/ltp.git;branch=master;protocol=ht
file://0001-Remove-OOM-tests-from-runtest-mm.patch \
file://0001-Add-__clear_cache-declaration-for-clang.patch \
file://0001-kernel-kvm-don-t-hardcode-objcopy.patch \
+ file://0001-cve-2015-3290-Disable-AVX-for-x86_64.patch \
"
S = "${WORKDIR}/git"
--
2.43.0
^ permalink raw reply related [flat|nested] 17+ messages in thread