[PATCH] nodejs: remove redundant comment
This commented-out assignment should have been removed in 3ff0235.
Signed-off-by: Ross Burton <ross.burton@...>
---
meta-oe/recipes-devtools/nodejs/nodejs_18.12.1.bb | 2 --
1 file changed, 2 deletions(-)
diff --git a/meta-oe/recipes-devtools/nodejs/nodejs_18.12.1.bb b/meta-oe/=
recipes-devtools/nodejs/nodejs_18.12.1.bb
index 1c530ee29b..802c4191bb 100644
--- a/meta-oe/recipes-devtools/nodejs/nodejs_18.12.1.bb
+++ b/meta-oe/recipes-devtools/nodejs/nodejs_18.12.1.bb
@@ -140,8 +140,6 @@ LDFLAGS:append:x86 =3D " -latomic"
CROSS_FLAGS =3D "--cross-compiling"
CROSS_FLAGS:class-native =3D "--no-cross-compiling"
=20
-#export LD=3D"${CXX}"
-
# Node is way too cool to use proper autotools, so we install two wrappe=
rs to forcefully inject proper arch cflags to workaround gypi
do_configure () {
GYP_DEFINES=3D"${GYP_DEFINES}" export GYP_DEFINES
--=20
2.34.1
Signed-off-by: Ross Burton <ross.burton@...>
---
meta-oe/recipes-devtools/nodejs/nodejs_18.12.1.bb | 2 --
1 file changed, 2 deletions(-)
diff --git a/meta-oe/recipes-devtools/nodejs/nodejs_18.12.1.bb b/meta-oe/=
recipes-devtools/nodejs/nodejs_18.12.1.bb
index 1c530ee29b..802c4191bb 100644
--- a/meta-oe/recipes-devtools/nodejs/nodejs_18.12.1.bb
+++ b/meta-oe/recipes-devtools/nodejs/nodejs_18.12.1.bb
@@ -140,8 +140,6 @@ LDFLAGS:append:x86 =3D " -latomic"
CROSS_FLAGS =3D "--cross-compiling"
CROSS_FLAGS:class-native =3D "--no-cross-compiling"
=20
-#export LD=3D"${CXX}"
-
# Node is way too cool to use proper autotools, so we install two wrappe=
rs to forcefully inject proper arch cflags to workaround gypi
do_configure () {
GYP_DEFINES=3D"${GYP_DEFINES}" export GYP_DEFINES
--=20
2.34.1
[PATCH v2] zchunk: upgrade to 1.2.3
From: Ross Burton <ross.burton@...>
Add patch to fix build with musl/clang combo
Signed-off-by: Ross Burton <ross.burton@...>
Signed-off-by: Khem Raj <raj.khem@...>
---
v2: Fix build with musl/clang
...-argp-with-source-snippet-with-clang.patch | 29 +++++++++++++++++++
.../recipes-support/zchunk/zchunk_1.2.0.bb | 22 --------------
.../recipes-support/zchunk/zchunk_1.2.3.bb | 25 ++++++++++++++++
3 files changed, 54 insertions(+), 22 deletions(-)
create mode 100644 meta-oe/recipes-support/zchunk/zchunk/0001-Do-not-probe-for-argp-with-source-snippet-with-clang.patch
delete mode 100644 meta-oe/recipes-support/zchunk/zchunk_1.2.0.bb
create mode 100644 meta-oe/recipes-support/zchunk/zchunk_1.2.3.bb
diff --git a/meta-oe/recipes-support/zchunk/zchunk/0001-Do-not-probe-for-argp-with-source-snippet-with-clang.patch b/meta-oe/recipes-support/zchunk/zchunk/0001-Do-not-probe-for-argp-with-source-snippet-with-clang.patch
new file mode 100644
index 0000000000..b5e8e7fd9c
--- /dev/null
+++ b/meta-oe/recipes-support/zchunk/zchunk/0001-Do-not-probe-for-argp-with-source-snippet-with-clang.patch
@@ -0,0 +1,29 @@
+From 39b66fd1161850822142343507a5d2db241705b8 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@...>
+Date: Wed, 22 Feb 2023 14:00:29 -0800
+Subject: [PATCH] Do not probe for argp with source snippet with clang
+
+The test fails with clang erroneously
+
+Upstream-Status: Submitted [https://github.com/zchunk/zchunk/pull/92]
+Signed-off-by: Khem Raj <raj.khem@...>
+---
+ meson.build | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/meson.build b/meson.build
+index 1817cee..d34c4b9 100644
+--- a/meson.build
++++ b/meson.build
+@@ -57,7 +57,7 @@ if host_machine.system() == 'windows'
+ endif
+
+ # argp-standalone dependency (if required)
+-if build_machine.system() == 'windows' or build_machine.system() == 'darwin' or build_machine.system() == 'freebsd' or not cc.links('#include <argp.h>\nstatic error_t parse_opt (int key, char *arg, struct argp_state *state) { argp_usage(state); return 0; }; void main() {}')
++if build_machine.system() == 'windows' or build_machine.system() == 'darwin' or build_machine.system() == 'freebsd' or cc.get_id() == 'clang' or not cc.links('#include <argp.h>\nstatic error_t parse_opt (int key, char *arg, struct argp_state *state) { argp_usage(state); return 0; }; void main() {}')
+ argplib = cc.find_library('argp', has_headers : ['argp.h'], required: false)
+ if not argplib.found()
+ argplib = dependency('argp-standalone')
+--
+2.39.2
+
diff --git a/meta-oe/recipes-support/zchunk/zchunk_1.2.0.bb b/meta-oe/recipes-support/zchunk/zchunk_1.2.0.bb
deleted file mode 100644
index 0baea5032a..0000000000
--- a/meta-oe/recipes-support/zchunk/zchunk_1.2.0.bb
+++ /dev/null
@@ -1,22 +0,0 @@
-DESCRIPTION = "A file format designed for highly efficient deltas while maintaining good compression"
-AUTHOR = "Jonathan Dieter"
-
-LICENSE = "BSD-2-Clause"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=daf6e68539f564601a5a5869c31e5242"
-
-SRC_URI = "git://github.com/zchunk/zchunk.git;protocol=https;branch=main"
-
-SRCREV = "dd6a30a1e4e8b738b0cafc682f3c00e7706134e5"
-S = "${WORKDIR}/git"
-
-DEPENDS = "\
- curl \
- zstd \
- "
-
-DEPENDS:append:libc-musl = " argp-standalone"
-LDFLAGS:append:libc-musl = " -largp"
-
-inherit meson pkgconfig
-
-BBCLASSEXTEND = "native nativesdk"
diff --git a/meta-oe/recipes-support/zchunk/zchunk_1.2.3.bb b/meta-oe/recipes-support/zchunk/zchunk_1.2.3.bb
new file mode 100644
index 0000000000..87473815a7
--- /dev/null
+++ b/meta-oe/recipes-support/zchunk/zchunk_1.2.3.bb
@@ -0,0 +1,25 @@
+DESCRIPTION = "A file format designed for highly efficient deltas while maintaining good compression"
+AUTHOR = "Jonathan Dieter"
+
+LICENSE = "BSD-2-Clause"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=daf6e68539f564601a5a5869c31e5242"
+
+SRC_URI = "git://github.com/zchunk/zchunk.git;protocol=https;branch=main \
+ file://0001-Do-not-probe-for-argp-with-source-snippet-with-clang.patch"
+
+SRCREV = "f16dbeb0831eb37a9397356570327abb97860875"
+S = "${WORKDIR}/git"
+
+DEPENDS = "zstd"
+DEPENDS:append:libc-musl = " argp-standalone"
+
+inherit meson pkgconfig lib_package
+
+PACKAGECONFIG ??= "openssl zckdl"
+
+# zckdl gets packaged into zchunk-bin
+PACKAGECONFIG[zckdl] = "-Dwith-curl=enabled,-Dwith-curl=disabled,curl"
+# Use OpenSSL primitives for SHA
+PACKAGECONFIG[openssl] = "-Dwith-openssl=enabled,-Dwith-openssl=disabled,openssl"
+
+BBCLASSEXTEND = "native nativesdk"
--
2.39.2
Add patch to fix build with musl/clang combo
Signed-off-by: Ross Burton <ross.burton@...>
Signed-off-by: Khem Raj <raj.khem@...>
---
v2: Fix build with musl/clang
...-argp-with-source-snippet-with-clang.patch | 29 +++++++++++++++++++
.../recipes-support/zchunk/zchunk_1.2.0.bb | 22 --------------
.../recipes-support/zchunk/zchunk_1.2.3.bb | 25 ++++++++++++++++
3 files changed, 54 insertions(+), 22 deletions(-)
create mode 100644 meta-oe/recipes-support/zchunk/zchunk/0001-Do-not-probe-for-argp-with-source-snippet-with-clang.patch
delete mode 100644 meta-oe/recipes-support/zchunk/zchunk_1.2.0.bb
create mode 100644 meta-oe/recipes-support/zchunk/zchunk_1.2.3.bb
diff --git a/meta-oe/recipes-support/zchunk/zchunk/0001-Do-not-probe-for-argp-with-source-snippet-with-clang.patch b/meta-oe/recipes-support/zchunk/zchunk/0001-Do-not-probe-for-argp-with-source-snippet-with-clang.patch
new file mode 100644
index 0000000000..b5e8e7fd9c
--- /dev/null
+++ b/meta-oe/recipes-support/zchunk/zchunk/0001-Do-not-probe-for-argp-with-source-snippet-with-clang.patch
@@ -0,0 +1,29 @@
+From 39b66fd1161850822142343507a5d2db241705b8 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@...>
+Date: Wed, 22 Feb 2023 14:00:29 -0800
+Subject: [PATCH] Do not probe for argp with source snippet with clang
+
+The test fails with clang erroneously
+
+Upstream-Status: Submitted [https://github.com/zchunk/zchunk/pull/92]
+Signed-off-by: Khem Raj <raj.khem@...>
+---
+ meson.build | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/meson.build b/meson.build
+index 1817cee..d34c4b9 100644
+--- a/meson.build
++++ b/meson.build
+@@ -57,7 +57,7 @@ if host_machine.system() == 'windows'
+ endif
+
+ # argp-standalone dependency (if required)
+-if build_machine.system() == 'windows' or build_machine.system() == 'darwin' or build_machine.system() == 'freebsd' or not cc.links('#include <argp.h>\nstatic error_t parse_opt (int key, char *arg, struct argp_state *state) { argp_usage(state); return 0; }; void main() {}')
++if build_machine.system() == 'windows' or build_machine.system() == 'darwin' or build_machine.system() == 'freebsd' or cc.get_id() == 'clang' or not cc.links('#include <argp.h>\nstatic error_t parse_opt (int key, char *arg, struct argp_state *state) { argp_usage(state); return 0; }; void main() {}')
+ argplib = cc.find_library('argp', has_headers : ['argp.h'], required: false)
+ if not argplib.found()
+ argplib = dependency('argp-standalone')
+--
+2.39.2
+
diff --git a/meta-oe/recipes-support/zchunk/zchunk_1.2.0.bb b/meta-oe/recipes-support/zchunk/zchunk_1.2.0.bb
deleted file mode 100644
index 0baea5032a..0000000000
--- a/meta-oe/recipes-support/zchunk/zchunk_1.2.0.bb
+++ /dev/null
@@ -1,22 +0,0 @@
-DESCRIPTION = "A file format designed for highly efficient deltas while maintaining good compression"
-AUTHOR = "Jonathan Dieter"
-
-LICENSE = "BSD-2-Clause"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=daf6e68539f564601a5a5869c31e5242"
-
-SRC_URI = "git://github.com/zchunk/zchunk.git;protocol=https;branch=main"
-
-SRCREV = "dd6a30a1e4e8b738b0cafc682f3c00e7706134e5"
-S = "${WORKDIR}/git"
-
-DEPENDS = "\
- curl \
- zstd \
- "
-
-DEPENDS:append:libc-musl = " argp-standalone"
-LDFLAGS:append:libc-musl = " -largp"
-
-inherit meson pkgconfig
-
-BBCLASSEXTEND = "native nativesdk"
diff --git a/meta-oe/recipes-support/zchunk/zchunk_1.2.3.bb b/meta-oe/recipes-support/zchunk/zchunk_1.2.3.bb
new file mode 100644
index 0000000000..87473815a7
--- /dev/null
+++ b/meta-oe/recipes-support/zchunk/zchunk_1.2.3.bb
@@ -0,0 +1,25 @@
+DESCRIPTION = "A file format designed for highly efficient deltas while maintaining good compression"
+AUTHOR = "Jonathan Dieter"
+
+LICENSE = "BSD-2-Clause"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=daf6e68539f564601a5a5869c31e5242"
+
+SRC_URI = "git://github.com/zchunk/zchunk.git;protocol=https;branch=main \
+ file://0001-Do-not-probe-for-argp-with-source-snippet-with-clang.patch"
+
+SRCREV = "f16dbeb0831eb37a9397356570327abb97860875"
+S = "${WORKDIR}/git"
+
+DEPENDS = "zstd"
+DEPENDS:append:libc-musl = " argp-standalone"
+
+inherit meson pkgconfig lib_package
+
+PACKAGECONFIG ??= "openssl zckdl"
+
+# zckdl gets packaged into zchunk-bin
+PACKAGECONFIG[zckdl] = "-Dwith-curl=enabled,-Dwith-curl=disabled,curl"
+# Use OpenSSL primitives for SHA
+PACKAGECONFIG[openssl] = "-Dwith-openssl=enabled,-Dwith-openssl=disabled,openssl"
+
+BBCLASSEXTEND = "native nativesdk"
--
2.39.2
Re: [meta-oe][PATCH] libvpx: Explicitly link with pthread support
On Wed, Feb 22, 2023 at 8:51 AM Joshua Watt <JPEWhacker@...> wrote:
maybe add build error snippet to commit to expand on it a bit.
what is the underlying reason ? does it need some sort of cancellation support ?
Some platforms (e.g. x86) require that the build (host) tools be
explicitly linked with -pthread to link against the pthread libraries so
do that here.
maybe add build error snippet to commit to expand on it a bit.
Signed-off-by: Joshua Watt <JPEWhacker@...>
---
meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb b/meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb
index 066d7cc81..9c04c2a34 100644
--- a/meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb
+++ b/meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb
@@ -19,6 +19,7 @@ S = "${WORKDIR}/git"
ARM_INSTRUCTION_SET = "arm"
CFLAGS += "-fPIC"
+BUILD_LDFLAGS += "-pthread"
export CC
export LD = "${CC}"
--
2.33.0
Re: dunfell merge request: Feb 22
merged thanks Armin
toggle quoted message
Show quoted text
On Wed, Feb 22, 2023 at 8:30 AM akuster808 <akuster808@...> wrote:
The following changes since commit e707e9b7cf5c62bff4fee029965a87b22dd4ccba:
postfix: upgrade 3.4.23 -> 3.4.27 (2023-01-19 07:49:31 -0500)
are available in the Git repository at:
https://git.openembedded.org/meta-openembedded dunfell-next
for you to fetch changes up to 87571345059f82fb7599e3aa82e6fdcfbd361098:
zeromq: 4.3.2 -> 4.3.4 (2023-02-22 11:24:23 -0500)
----------------------------------------------------------------
Hitendra Prajapati (2):
net-snmp: CVE-2022-44792 & CVE-2022-44793 Fix NULL Pointer Exception
krb5: CVE-2022-42898 integer overflow vulnerabilities in PAC parsing
Mathieu Dubois-Briand (3):
nss: Add missing CVE product
nss: Whitelist CVEs related to libnssdbm
nss: Fix CVE-2020-25648
Roger Knecht (1):
zeromq: 4.3.2 -> 4.3.4
Shubham Kulkarni (1):
python3-pillow: Security fix for CVE-2022-45198
Wang Mingyu (1):
apache2: upgrade 2.4.54 -> 2.4.55
.../net-snmp/net-snmp/CVE-2022-44792-CVE-2022-44793.patch | 116
++++++++++++++++++++
meta-networking/recipes-protocols/net-snmp/net-snmp_5.8.bb | 1 +
meta-oe/recipes-connectivity/krb5/krb5/CVE-2022-42898.patch | 110
+++++++++++++++++++
meta-oe/recipes-connectivity/krb5/krb5_1.17.1.bb | 1 +
...1-CMakeLists-txt-Avoid-host-specific-path-to-libsodium.patch | 8 +-
.../zeromq/{zeromq_4.3.2.bb => zeromq_4.3.4.bb} | 4 +-
meta-oe/recipes-support/nss/nss/CVE-2020-25648.patch | 163
++++++++++++++++++++++++++++
meta-oe/recipes-support/nss/nss_3.51.1.bb | 7 ++
.../python/python3-pillow/0001-CVE-2022-45198.patch | 26 +++++
meta-python/recipes-devtools/python/python3-pillow_6.2.1.bb | 1 +
.../apache2/{apache2_2.4.54.bb => apache2_2.4.55.bb} | 2 +-
11 files changed, 432 insertions(+), 7 deletions(-)
create mode 100644
meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2022-44792-CVE-2022-44793.patch
create mode 100644
meta-oe/recipes-connectivity/krb5/krb5/CVE-2022-42898.patch
rename meta-oe/recipes-connectivity/zeromq/{zeromq_4.3.2.bb =>
zeromq_4.3.4.bb} (87%)
create mode 100644 meta-oe/recipes-support/nss/nss/CVE-2020-25648.patch
create mode 100644
meta-python/recipes-devtools/python/python3-pillow/0001-CVE-2022-45198.patch
rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.54.bb =>
apache2_2.4.55.bb} (99%)
[meta-oe][PATCH] libvpx: Enable native support
Joshua Watt
Enable support for building libvpx as a native recipe
Signed-off-by: Joshua Watt <JPEWhacker@...>
---
meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb b/meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb
index 9c04c2a34..e9e3e9364 100644
--- a/meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb
+++ b/meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb
@@ -49,3 +49,5 @@ do_install() {
oe_runmake install DESTDIR=${D}
chown -R root:root ${D}
}
+
+BBCLASSEXTEND += "native"
--
2.33.0
Signed-off-by: Joshua Watt <JPEWhacker@...>
---
meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb b/meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb
index 9c04c2a34..e9e3e9364 100644
--- a/meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb
+++ b/meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb
@@ -49,3 +49,5 @@ do_install() {
oe_runmake install DESTDIR=${D}
chown -R root:root ${D}
}
+
+BBCLASSEXTEND += "native"
--
2.33.0
[meta-oe][PATCH] libvpx: Explicitly link with pthread support
Joshua Watt
Some platforms (e.g. x86) require that the build (host) tools be
explicitly linked with -pthread to link against the pthread libraries so
do that here.
Signed-off-by: Joshua Watt <JPEWhacker@...>
---
meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb b/meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb
index 066d7cc81..9c04c2a34 100644
--- a/meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb
+++ b/meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb
@@ -19,6 +19,7 @@ S = "${WORKDIR}/git"
ARM_INSTRUCTION_SET = "arm"
CFLAGS += "-fPIC"
+BUILD_LDFLAGS += "-pthread"
export CC
export LD = "${CC}"
--
2.33.0
explicitly linked with -pthread to link against the pthread libraries so
do that here.
Signed-off-by: Joshua Watt <JPEWhacker@...>
---
meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb b/meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb
index 066d7cc81..9c04c2a34 100644
--- a/meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb
+++ b/meta-oe/recipes-multimedia/webm/libvpx_1.12.0.bb
@@ -19,6 +19,7 @@ S = "${WORKDIR}/git"
ARM_INSTRUCTION_SET = "arm"
CFLAGS += "-fPIC"
+BUILD_LDFLAGS += "-pthread"
export CC
export LD = "${CC}"
--
2.33.0
Re: [meta-networking][dunfell][PATCH 2/2] openvpn: upgrade 2.4.9 -> 2.4.12
Hugo Simeliere
Hi,
No these CVE's affect only the version in Dunfell.
Best regards,
Hugo Simeliere
toggle quoted message
Show quoted text
No these CVE's affect only the version in Dunfell.
Best regards,
Hugo Simeliere
On Wed, Feb 22, 2023 at 05:21 PM, Armin Kuster wrote:
Hugo,
On 2/22/23 4:39 AM, Hugo Simeliere via lists.openembedded.org wrote:
Fixes below CVEs:Do these CVE's affect the version in Master?
* CVE-2022-0547
* CVE-2020-15078
-armin
OpenEmbedded Happy Hour February 22 9pm/2100 UTC
Denys Dmytriyenko
All,
You are cordially invited to the next OpenEmbedded Happy Hour on February 22
for Asia/Pacific timezones @ 2100/9pm UTC (4pm ET / 1pm PT):
https://www.openembedded.org/wiki/Calendar
https://www.openembedded.org/wiki/Happy_Hours
https://www.timeanddate.com/worldclock/fixedtime.html?msg=OpenEmbedded+Happy+Hour+February+22&iso=20230222T21
--
Regards,
Denys Dmytriyenko <denis@...>
PGP: 0x420902729A92C964 - https://denix.org/0x420902729A92C964
Fingerprint: 25FC E4A5 8A72 2F69 1186 6D76 4209 0272 9A92 C964
You are cordially invited to the next OpenEmbedded Happy Hour on February 22
for Asia/Pacific timezones @ 2100/9pm UTC (4pm ET / 1pm PT):
https://www.openembedded.org/wiki/Calendar
https://www.openembedded.org/wiki/Happy_Hours
https://www.timeanddate.com/worldclock/fixedtime.html?msg=OpenEmbedded+Happy+Hour+February+22&iso=20230222T21
--
Regards,
Denys Dmytriyenko <denis@...>
PGP: 0x420902729A92C964 - https://denix.org/0x420902729A92C964
Fingerprint: 25FC E4A5 8A72 2F69 1186 6D76 4209 0272 9A92 C964
Re: [meta-oe][dunfell][PATCH 1/2] zeromq: upgrade 4.3.2 -> 4.3.3
Hugo Simeliere
On Wed, Feb 22, 2023 at 05:27 PM, Armin Kuster wrote:
Yes sorry it was not the case hen I made the correction locally, I forgot to recheck before sending the email.
Best regards,
Hugo Simeliere
Hugo,Hi,
I didn't catch this but this update was already posted 5 days ago.
-armin
Yes sorry it was not the case hen I made the correction locally, I forgot to recheck before sending the email.
Best regards,
Hugo Simeliere
dunfell merge request: Feb 22
The following changes since commit e707e9b7cf5c62bff4fee029965a87b22dd4ccba:
postfix: upgrade 3.4.23 -> 3.4.27 (2023-01-19 07:49:31 -0500)
are available in the Git repository at:
https://git.openembedded.org/meta-openembedded dunfell-next
for you to fetch changes up to 87571345059f82fb7599e3aa82e6fdcfbd361098:
zeromq: 4.3.2 -> 4.3.4 (2023-02-22 11:24:23 -0500)
----------------------------------------------------------------
Hitendra Prajapati (2):
net-snmp: CVE-2022-44792 & CVE-2022-44793 Fix NULL Pointer Exception
krb5: CVE-2022-42898 integer overflow vulnerabilities in PAC parsing
Mathieu Dubois-Briand (3):
nss: Add missing CVE product
nss: Whitelist CVEs related to libnssdbm
nss: Fix CVE-2020-25648
Roger Knecht (1):
zeromq: 4.3.2 -> 4.3.4
Shubham Kulkarni (1):
python3-pillow: Security fix for CVE-2022-45198
Wang Mingyu (1):
apache2: upgrade 2.4.54 -> 2.4.55
.../net-snmp/net-snmp/CVE-2022-44792-CVE-2022-44793.patch | 116 ++++++++++++++++++++
meta-networking/recipes-protocols/net-snmp/net-snmp_5.8.bb | 1 +
meta-oe/recipes-connectivity/krb5/krb5/CVE-2022-42898.patch | 110 +++++++++++++++++++
meta-oe/recipes-connectivity/krb5/krb5_1.17.1.bb | 1 +
...1-CMakeLists-txt-Avoid-host-specific-path-to-libsodium.patch | 8 +-
.../zeromq/{zeromq_4.3.2.bb => zeromq_4.3.4.bb} | 4 +-
meta-oe/recipes-support/nss/nss/CVE-2020-25648.patch | 163 ++++++++++++++++++++++++++++
meta-oe/recipes-support/nss/nss_3.51.1.bb | 7 ++
.../python/python3-pillow/0001-CVE-2022-45198.patch | 26 +++++
meta-python/recipes-devtools/python/python3-pillow_6.2.1.bb | 1 +
.../apache2/{apache2_2.4.54.bb => apache2_2.4.55.bb} | 2 +-
11 files changed, 432 insertions(+), 7 deletions(-)
create mode 100644 meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2022-44792-CVE-2022-44793.patch
create mode 100644 meta-oe/recipes-connectivity/krb5/krb5/CVE-2022-42898.patch
rename meta-oe/recipes-connectivity/zeromq/{zeromq_4.3.2.bb => zeromq_4.3.4.bb} (87%)
create mode 100644 meta-oe/recipes-support/nss/nss/CVE-2020-25648.patch
create mode 100644 meta-python/recipes-devtools/python/python3-pillow/0001-CVE-2022-45198.patch
rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.54.bb => apache2_2.4.55.bb} (99%)
postfix: upgrade 3.4.23 -> 3.4.27 (2023-01-19 07:49:31 -0500)
are available in the Git repository at:
https://git.openembedded.org/meta-openembedded dunfell-next
for you to fetch changes up to 87571345059f82fb7599e3aa82e6fdcfbd361098:
zeromq: 4.3.2 -> 4.3.4 (2023-02-22 11:24:23 -0500)
----------------------------------------------------------------
Hitendra Prajapati (2):
net-snmp: CVE-2022-44792 & CVE-2022-44793 Fix NULL Pointer Exception
krb5: CVE-2022-42898 integer overflow vulnerabilities in PAC parsing
Mathieu Dubois-Briand (3):
nss: Add missing CVE product
nss: Whitelist CVEs related to libnssdbm
nss: Fix CVE-2020-25648
Roger Knecht (1):
zeromq: 4.3.2 -> 4.3.4
Shubham Kulkarni (1):
python3-pillow: Security fix for CVE-2022-45198
Wang Mingyu (1):
apache2: upgrade 2.4.54 -> 2.4.55
.../net-snmp/net-snmp/CVE-2022-44792-CVE-2022-44793.patch | 116 ++++++++++++++++++++
meta-networking/recipes-protocols/net-snmp/net-snmp_5.8.bb | 1 +
meta-oe/recipes-connectivity/krb5/krb5/CVE-2022-42898.patch | 110 +++++++++++++++++++
meta-oe/recipes-connectivity/krb5/krb5_1.17.1.bb | 1 +
...1-CMakeLists-txt-Avoid-host-specific-path-to-libsodium.patch | 8 +-
.../zeromq/{zeromq_4.3.2.bb => zeromq_4.3.4.bb} | 4 +-
meta-oe/recipes-support/nss/nss/CVE-2020-25648.patch | 163 ++++++++++++++++++++++++++++
meta-oe/recipes-support/nss/nss_3.51.1.bb | 7 ++
.../python/python3-pillow/0001-CVE-2022-45198.patch | 26 +++++
meta-python/recipes-devtools/python/python3-pillow_6.2.1.bb | 1 +
.../apache2/{apache2_2.4.54.bb => apache2_2.4.55.bb} | 2 +-
11 files changed, 432 insertions(+), 7 deletions(-)
create mode 100644 meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2022-44792-CVE-2022-44793.patch
create mode 100644 meta-oe/recipes-connectivity/krb5/krb5/CVE-2022-42898.patch
rename meta-oe/recipes-connectivity/zeromq/{zeromq_4.3.2.bb => zeromq_4.3.4.bb} (87%)
create mode 100644 meta-oe/recipes-support/nss/nss/CVE-2020-25648.patch
create mode 100644 meta-python/recipes-devtools/python/python3-pillow/0001-CVE-2022-45198.patch
rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.54.bb => apache2_2.4.55.bb} (99%)
Re: [meta-oe][dunfell][PATCH 1/2] zeromq: upgrade 4.3.2 -> 4.3.3
Hugo,
I didn't catch this but this update was already posted 5 days ago.
-armin
toggle quoted message
Show quoted text
I didn't catch this but this update was already posted 5 days ago.
-armin
On 2/21/23 12:47 PM, Hugo Simeliere via lists.openembedded.org wrote:
Refresh the following patch:
0001-CMakeLists-txt-Avoid-host-specific-path-to-libsodium.patch
Signed-off-by: Zang Ruochen <zangrc.fnst@...>
Signed-off-by: Khem Raj <raj.khem@...>
(cherry picked from commit 117b3f95507b464aafe6a1948cf4a79f26194acb)
Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@...>
---
...void-host-specific-path-to-libsodium.patch | 19 +++++++++++++------
.../{zeromq_4.3.2.bb => zeromq_4.3.3.bb} | 4 ++--
2 files changed, 15 insertions(+), 8 deletions(-)
rename meta-oe/recipes-connectivity/zeromq/{zeromq_4.3.2.bb => zeromq_4.3.3.bb} (87%)
diff --git a/meta-oe/recipes-connectivity/zeromq/files/0001-CMakeLists-txt-Avoid-host-specific-path-to-libsodium.patch b/meta-oe/recipes-connectivity/zeromq/files/0001-CMakeLists-txt-Avoid-host-specific-path-to-libsodium.patch
index eb3dee4d3..3b0300c8a 100644
---
a/meta-oe/recipes-connectivity/zeromq/files/0001-CMakeLists-txt-Avoid-host-specific-path-to-libsodium.patch
+++ b/meta-oe/recipes-connectivity/zeromq/files/0001-CMakeLists-txt-Avoid-host-specific-path-to-libsodium.patch
@@ -1,6 +1,7 @@
+From 24ad50286a87833329213dc0b0e68c21aeeee95f Mon Sep 17 00:00:00 2001
From: Niko Mauno <niko.mauno@...>
-Date: Wed Apr 22 09:00:00 2020 +0300
-Subject: CMakeLists.txt: Avoid host-specific path to libsodium
+Date: Wed, 22 Apr 2020 09:00:00 +0300
+Subject: [PATCH] CMakeLists.txt: Avoid host-specific path to libsodium
Avoid propagating full build host specific path to generated
ZeroMQTargets.cmake when building with libsodium, which changes the
@@ -17,10 +18,16 @@ Upstream-Status: Pending
Signed-off-by: Niko Mauno <niko.mauno@...>
+---
+ CMakeLists.txt | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index e92141d..d0775c1 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
-@@ -1210,7 +1210,7 @@
- target_link_libraries(libzmq ${OPTIONAL_LIBRARIES} ${CMAKE_THREAD_LIBS_INIT})
+@@ -1428,7 +1428,7 @@ if(BUILD_SHARED)
+ endif()
if(SODIUM_FOUND)
- target_link_libraries(libzmq ${SODIUM_LIBRARIES})
@@ -28,8 +35,8 @@ Signed-off-by: Niko Mauno <niko.mauno@...>
# On Solaris, libsodium depends on libssp
if(${CMAKE_SYSTEM_NAME} MATCHES "SunOS")
target_link_libraries(libzmq ssp)
-@@ -1240,7 +1240,7 @@
- target_link_libraries(libzmq-static ${OPTIONAL_LIBRARIES} ${CMAKE_THREAD_LIBS_INIT})
+@@ -1473,7 +1473,7 @@ if(BUILD_STATIC)
+ endif()
if(SODIUM_FOUND)
- target_link_libraries(libzmq-static ${SODIUM_LIBRARIES})
diff --git a/meta-oe/recipes-connectivity/zeromq/zeromq_4.3.2.bb b/meta-oe/recipes-connectivity/zeromq/zeromq_4.3.3.bb
similarity index 87%
rename from meta-oe/recipes-connectivity/zeromq/zeromq_4.3.2.bb
rename to meta-oe/recipes-connectivity/zeromq/zeromq_4.3.3.bb
index 02a4c04fd..a10500475 100644
--- a/meta-oe/recipes-connectivity/zeromq/zeromq_4.3.2.bb
+++ b/meta-oe/recipes-connectivity/zeromq/zeromq_4.3.3.bb
@@ -10,8 +10,8 @@ SRC_URI = "http://github.com/zeromq/libzmq/releases/download/v${PV}/zeromq-${PV}
file://0001-CMakeLists-txt-Avoid-host-specific-path-to-libsodium.patch <file://0001-CMakeLists-txt-Avoid-host-specific-path-to-libsodium.patch> \
file://run-ptest <file://run-ptest> \
"
-SRC_URI[md5sum] = "2047e917c2cc93505e2579bcba67a573"
-SRC_URI[sha256sum] = "ebd7b5c830d6428956b67a0454a7f8cbed1de74b3b01e5c33c5378e22740f763"
+SRC_URI[md5sum] = "78acc277d95e10812d71b2b3c3c3c9a9"
+SRC_URI[sha256sum] = "9d9285db37ae942ed0780c016da87060497877af45094ff9e1a1ca736e3875a2"
UPSTREAM_CHECK_URI = "https://github.com/${BPN}/libzmq/releases <https://github.com/$%7bBPN%7d/libzmq/releases>"
--
2.25.1
Re: [meta-networking][dunfell][PATCH 2/2] openvpn: upgrade 2.4.9 -> 2.4.12
Hugo,
On 2/22/23 4:39 AM, Hugo Simeliere via lists.openembedded.org wrote:
-armin
On 2/22/23 4:39 AM, Hugo Simeliere via lists.openembedded.org wrote:
Fixes below CVEs:Do these CVE's affect the version in Master?
* CVE-2022-0547
* CVE-2020-15078
-armin
Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@...>
---
.../openvpn/{openvpn_2.4.9.bb => openvpn_2.4.12.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta-networking/recipes-support/openvpn/{openvpn_2.4.9.bb => openvpn_2.4.12.bb} (95%)
diff --git a/meta-networking/recipes-support/openvpn/openvpn_2.4.9.bb b/meta-networking/recipes-support/openvpn/openvpn_2.4.12.bb
similarity index 95%
rename from meta-networking/recipes-support/openvpn/openvpn_2.4.9.bb
rename to meta-networking/recipes-support/openvpn/openvpn_2.4.12.bb
index 4820d3d96..55e66036b 100644
--- a/meta-networking/recipes-support/openvpn/openvpn_2.4.9.bb
+++ b/meta-networking/recipes-support/openvpn/openvpn_2.4.12.bb
@@ -14,8 +14,8 @@ SRC_URI = "http://swupdate.openvpn.org/community/releases/${BP}.tar.gz \
UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads"
-SRC_URI[md5sum] = "52863fa9b98e5a3d7f8bec1d5785a2ba"
-SRC_URI[sha256sum] = "46b268ef88e67ca6de2e9f19943eb9e5ac8544e55f5c1f3af677298d03e64b6e"
+SRC_URI[md5sum] = "e83d430947fb7c9ad1a174987317d1dc"
+SRC_URI[sha256sum] = "66952d9c95490e5875f04c9f8fa313b5e816d1b7b4d6cda3fb2ff749ad405dee"
# CVE-2020-7224 and CVE-2020-27569 are for Aviatrix OpenVPN client, not for openvpn.
CVE_CHECK_WHITELIST += "CVE-2020-7224 CVE-2020-27569"
--
2.39.2
Re: [meta-oe][dunfell][PATCH 1/2] zeromq: upgrade 4.3.2 -> 4.3.3
Hugo,
Is this a bug fix only update?
- armin
toggle quoted message
Show quoted text
Is this a bug fix only update?
- armin
On 2/21/23 12:47 PM, Hugo Simeliere via lists.openembedded.org wrote:
Refresh the following patch:
0001-CMakeLists-txt-Avoid-host-specific-path-to-libsodium.patch
Signed-off-by: Zang Ruochen <zangrc.fnst@...>
Signed-off-by: Khem Raj <raj.khem@...>
(cherry picked from commit 117b3f95507b464aafe6a1948cf4a79f26194acb)
Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@...>
---
...void-host-specific-path-to-libsodium.patch | 19 +++++++++++++------
.../{zeromq_4.3.2.bb => zeromq_4.3.3.bb} | 4 ++--
2 files changed, 15 insertions(+), 8 deletions(-)
rename meta-oe/recipes-connectivity/zeromq/{zeromq_4.3.2.bb => zeromq_4.3.3.bb} (87%)
diff --git a/meta-oe/recipes-connectivity/zeromq/files/0001-CMakeLists-txt-Avoid-host-specific-path-to-libsodium.patch b/meta-oe/recipes-connectivity/zeromq/files/0001-CMakeLists-txt-Avoid-host-specific-path-to-libsodium.patch
index eb3dee4d3..3b0300c8a 100644
---
a/meta-oe/recipes-connectivity/zeromq/files/0001-CMakeLists-txt-Avoid-host-specific-path-to-libsodium.patch
+++ b/meta-oe/recipes-connectivity/zeromq/files/0001-CMakeLists-txt-Avoid-host-specific-path-to-libsodium.patch
@@ -1,6 +1,7 @@
+From 24ad50286a87833329213dc0b0e68c21aeeee95f Mon Sep 17 00:00:00 2001
From: Niko Mauno <niko.mauno@...>
-Date: Wed Apr 22 09:00:00 2020 +0300
-Subject: CMakeLists.txt: Avoid host-specific path to libsodium
+Date: Wed, 22 Apr 2020 09:00:00 +0300
+Subject: [PATCH] CMakeLists.txt: Avoid host-specific path to libsodium
Avoid propagating full build host specific path to generated
ZeroMQTargets.cmake when building with libsodium, which changes the
@@ -17,10 +18,16 @@ Upstream-Status: Pending
Signed-off-by: Niko Mauno <niko.mauno@...>
+---
+ CMakeLists.txt | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index e92141d..d0775c1 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
-@@ -1210,7 +1210,7 @@
- target_link_libraries(libzmq ${OPTIONAL_LIBRARIES} ${CMAKE_THREAD_LIBS_INIT})
+@@ -1428,7 +1428,7 @@ if(BUILD_SHARED)
+ endif()
if(SODIUM_FOUND)
- target_link_libraries(libzmq ${SODIUM_LIBRARIES})
@@ -28,8 +35,8 @@ Signed-off-by: Niko Mauno <niko.mauno@...>
# On Solaris, libsodium depends on libssp
if(${CMAKE_SYSTEM_NAME} MATCHES "SunOS")
target_link_libraries(libzmq ssp)
-@@ -1240,7 +1240,7 @@
- target_link_libraries(libzmq-static ${OPTIONAL_LIBRARIES} ${CMAKE_THREAD_LIBS_INIT})
+@@ -1473,7 +1473,7 @@ if(BUILD_STATIC)
+ endif()
if(SODIUM_FOUND)
- target_link_libraries(libzmq-static ${SODIUM_LIBRARIES})
diff --git a/meta-oe/recipes-connectivity/zeromq/zeromq_4.3.2.bb b/meta-oe/recipes-connectivity/zeromq/zeromq_4.3.3.bb
similarity index 87%
rename from meta-oe/recipes-connectivity/zeromq/zeromq_4.3.2.bb
rename to meta-oe/recipes-connectivity/zeromq/zeromq_4.3.3.bb
index 02a4c04fd..a10500475 100644
--- a/meta-oe/recipes-connectivity/zeromq/zeromq_4.3.2.bb
+++ b/meta-oe/recipes-connectivity/zeromq/zeromq_4.3.3.bb
@@ -10,8 +10,8 @@ SRC_URI = "http://github.com/zeromq/libzmq/releases/download/v${PV}/zeromq-${PV}
file://0001-CMakeLists-txt-Avoid-host-specific-path-to-libsodium.patch <file://0001-CMakeLists-txt-Avoid-host-specific-path-to-libsodium.patch> \
file://run-ptest <file://run-ptest> \
"
-SRC_URI[md5sum] = "2047e917c2cc93505e2579bcba67a573"
-SRC_URI[sha256sum] = "ebd7b5c830d6428956b67a0454a7f8cbed1de74b3b01e5c33c5378e22740f763"
+SRC_URI[md5sum] = "78acc277d95e10812d71b2b3c3c3c9a9"
+SRC_URI[sha256sum] = "9d9285db37ae942ed0780c016da87060497877af45094ff9e1a1ca736e3875a2"
UPSTREAM_CHECK_URI = "https://github.com/${BPN}/libzmq/releases <https://github.com/$%7bBPN%7d/libzmq/releases>"
--
2.25.1
Re: [meta-python][kirkstone][PATCH 1/1] Fix collections.abc deprecation warning in downloadutils Warning appears as:
Narpat Mali
Reminder.
Best Regards,
Narpat
From: Narpat Mali
Sent: 19 December 2022 11:07
To: openembedded-devel@...
Cc: Polampalli, Archana; G Pillai, Hari; Mali, Narpat
Subject: [oe][meta-python][kirkstone][PATCH 1/1] Fix collections.abc deprecation warning in downloadutils Warning appears as:
Sent: 19 December 2022 11:07
To: openembedded-devel@...
Cc: Polampalli, Archana; G Pillai, Hari; Mali, Narpat
Subject: [oe][meta-python][kirkstone][PATCH 1/1] Fix collections.abc deprecation warning in downloadutils Warning appears as:
tests/test_downloadutils.py::test_stream_response_to_specific_filename
requests_toolbelt/downloadutils/stream.py:161: DeprecationWarning: Using or importing the ABCs from 'collections' instead of from 'collections.abc' is deprecated, and in 3.8 it will stop working
if path and isinstance(getattr(path, 'write', None), collections.Callable):
Upstream-Status: Backport [https://github.com/requests/toolbelt/commit/7188b06330e5260be20bce8cbcf0d5ae44e34eaf]
Signed-off-by: Narpat Mali <narpat.mali@...>
---
...abc-deprecation-warning-in-downloadu.patch | 41 +++++++++++++++++++
.../python/python3-requests-toolbelt_0.9.1.bb | 5 ++-
2 files changed, 44 insertions(+), 2 deletions(-)
create mode 100644 meta-python/recipes-devtools/python/python3-requests-toolbelt/0001-Fix-collections.abc-deprecation-warning-in-downloadu.patch
diff --git a/meta-python/recipes-devtools/python/python3-requests-toolbelt/0001-Fix-collections.abc-deprecation-warning-in-downloadu.patch b/meta-python/recipes-devtools/python/python3-requests-toolbelt/0001-Fix-collections.abc-deprecation-warning-in-downloadu.patch
new file mode 100644
index 000000000..baa833b6d
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python3-requests-toolbelt/0001-Fix-collections.abc-deprecation-warning-in-downloadu.patch
@@ -0,0 +1,41 @@
+From 7188b06330e5260be20bce8cbcf0d5ae44e34eaf Mon Sep 17 00:00:00 2001
+From: Jon Dufresne <jon.dufresne@...>
+Date: Fri, 1 Feb 2019 16:30:01 -0800
+Subject: [PATCH] Fix collections.abc deprecation warning in downloadutils
+
+Warning appears as:
+
+tests/test_downloadutils.py::test_stream_response_to_specific_filename
+ requests_toolbelt/downloadutils/stream.py:161: DeprecationWarning: Using or importing the ABCs from 'collections' instead of from 'collections.abc' is deprecated, and in 3.8 it will stop working
+ if path and isinstance(getattr(path, 'write', None), collections.Callable):
+
+Upstream-Status: Backport [https://github.com/requests/toolbelt/commit/7188b06330e5260be20bce8cbcf0d5ae44e34eaf]
+
+Signed-off-by: Narpat Mali <narpat.mali@...>
+---
+ requests_toolbelt/downloadutils/stream.py | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/requests_toolbelt/downloadutils/stream.py b/requests_toolbelt/downloadutils/stream.py
+index eed60a7..1d1c31b 100644
+--- a/requests_toolbelt/downloadutils/stream.py
++++ b/requests_toolbelt/downloadutils/stream.py
+@@ -1,6 +1,5 @@
+ # -*- coding: utf-8 -*-
+ """Utilities for dealing with streamed requests."""
+-import collections
+ import os.path
+ import re
+
+@@ -158,7 +157,7 @@ def stream_response_to_file(response, path=None, chunksize=_DEFAULT_CHUNKSIZE):
+ pre_opened = False
+ fd = None
+ filename = None
+- if path and isinstance(getattr(path, 'write', None), collections.Callable):
++ if path and callable(getattr(path, 'write', None)):
+ pre_opened = True
+ fd = path
+ filename = getattr(fd, 'name', None)
+--
+2.25.1
+
diff --git a/meta-python/recipes-devtools/python/python3-requests-toolbelt_0.9.1.bb b/meta-python/recipes-devtools/python/python3-requests-toolbelt_0.9.1.bb
index 366f41ca8..72ad7a618 100644
--- a/meta-python/recipes-devtools/python/python3-requests-toolbelt_0.9.1.bb
+++ b/meta-python/recipes-devtools/python/python3-requests-toolbelt_0.9.1.bb
@@ -6,7 +6,8 @@ LICENSE = "Apache-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=71760e0f1dda8cff91b0bc9246caf571"
SRC_URI = "file://run-ptest \
- "
+
file://0001-Fix-collections.abc-deprecation-warning-in-downloadu.patch \
+ "
SRC_URI[md5sum] = "b1509735c4b4cf95df2619facbc3672e"
SRC_URI[sha256sum] = "968089d4584ad4ad7c171454f0a5c6dac23971e9472521ea3b6d49d610aa6fc0"
@@ -31,4 +32,4 @@ do_install_ptest() {
# remove test test_multipart_encoder.py as it fails,
# downloaded file is not supported
rm -f ${D}${PTEST_PATH}/tests/test_multipart_encoder.py
-}
+}
--
2.25.1
Re: [meta-gnome][PATCH] gparted: update 1.4.0 -> 1.5.0
Markus Volk
A hard dependency on polkit was introduced. v2 should fix it
Am Mi, 22. Feb 2023 um 01:05:16 -0800 schrieb Khem Raj <raj.khem@...>:
seeing failures with arm/clang - https://errors.yoctoproject.org/Errors/Details/695674/ On Tue, Feb 21, 2023 at 12:08 PM Markus Volk <f_l_k@...> wrote:sent again because of an error message during mail delivery Am Di, 21. Feb 2023 um 21:06:25 +0100 schrieb Markus Volk <f_l_k@...>: - Remove unneeded patches Signed-off-by: Markus Volk <f_l_k@...> --- ...t-use-NULL-where-boolean-is-expected.patch | 33 ------------------- .../files/0001-use-posix-basename.patch | 30 ----------------- .../{gparted_1.4.0.bb => gparted_1.5.0.bb} | 6 ++-- 3 files changed, 2 insertions(+), 67 deletions(-) delete mode 100644 meta-gnome/recipes-extended/gparted/files/0001-Do-not-use-NULL-where-boolean-is-expected.patch delete mode 100644 meta-gnome/recipes-extended/gparted/files/0001-use-posix-basename.patch rename meta-gnome/recipes-extended/gparted/{gparted_1.4.0.bb => gparted_1.5.0.bb} (78%) diff --git a/meta-gnome/recipes-extended/gparted/files/0001-Do-not-use-NULL-where-boolean-is-expected.patch b/meta-gnome/recipes-extended/gparted/files/0001-Do-not-use-NULL-where-boolean-is-expected.patch deleted file mode 100644 index 1b0d24024..000000000 --- a/meta-gnome/recipes-extended/gparted/files/0001-Do-not-use-NULL-where-boolean-is-expected.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 9af84e1c08a2159c10baf13244e2c8a7d7e837e9 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@...> -Date: Thu, 27 Jan 2022 23:02:20 -0800 -Subject: [PATCH] Do not use NULL where boolean is expected - -Fixes -src/GParted_Core.cc:73:57: error: static_cast from 'nullptr_t' to 'PedPartitionFlag' (aka '_PedPartitionFlag') is not allowed -| for ( PedPartitionFlag flag = ped_partition_flag_next( static_cast<PedPartitionFlag>( NULL ) ) ; -| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -| 1 error generated. - -Upstream-Status: Pending -Signed-off-by: Khem Raj <raj.khem@...> ---- - src/GParted_Core.cc | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/GParted_Core.cc b/src/GParted_Core.cc -index f7ac970..3290c66 100644 ---- a/src/GParted_Core.cc -+++ b/src/GParted_Core.cc -@@ -70,7 +70,7 @@ GParted_Core::GParted_Core() - ped_exception_set_handler( ped_exception_handler ) ; - - //get valid flags ... -- for ( PedPartitionFlag flag = ped_partition_flag_next( static_cast<PedPartitionFlag>( NULL ) ) ; -+ for ( PedPartitionFlag flag = ped_partition_flag_next( static_cast<PedPartitionFlag>( false ) ) ; - flag ; - flag = ped_partition_flag_next( flag ) ) - flags .push_back( flag ) ; --- -2.35.0 - diff --git a/meta-gnome/recipes-extended/gparted/files/0001-use-posix-basename.patch b/meta-gnome/recipes-extended/gparted/files/0001-use-posix-basename.patch deleted file mode 100644 index aae200e27..000000000 --- a/meta-gnome/recipes-extended/gparted/files/0001-use-posix-basename.patch +++ /dev/null @@ -1,30 +0,0 @@ -Subject: [PATCH] BCache_Info.cc: use posix basename - -gnu 'basename' is undeclared for cplusplus if using musl. Use posix basename instead. - -fdebug-prefix-map=TOPDIR/build/tmp/work/cortexa57-yoe-linux-musl/gparted/1.4.0-r0/ -recipe-sysroot-native=-fvisibility-inlines-hidden -c -o Dialog_Disklabel.o ../../ -gparted-1.4.0/src/Dialog_Disklabel.cc ../../gparted-1.4.0/src/BCache_Info.cc:52:33: - -error: use of undeclared identifier 'basename'; did you mean 'g_basename'? - return "/dev/" + Glib::ustring(basename(buf)); - ^~~~~~~~ - g_basename - -Signed-off-by: Markus Volk <f_l_k@...> - -Upstream-Status: Submitted - -https://gitlab.gnome.org/GNOME/gparted/-/merge_requests/99 - ---- a/src/BCache_Info.cc 2022-03-02 22:04:17.000000000 +0100 -+++ b/src/BCache_Info.cc 2022-04-09 15:02:56.932218665 +0200 -@@ -17,7 +17,7 @@ - - #include "BCache_Info.h" - --#include <string.h> // GNU version of basename() -+#include <libgen.h> // POSIX version of basename() - #include <unistd.h> - #include <glibmm/ustring.h> - #include <glibmm/fileutils.h> diff --git a/meta-gnome/recipes-extended/gparted/gparted_1.4.0.bb b/meta-gnome/recipes-extended/gparted/gparted_1.5.0.bb similarity index 78% rename from meta-gnome/recipes-extended/gparted/gparted_1.4.0.bb rename to meta-gnome/recipes-extended/gparted/gparted_1.5.0.bb index dde5a02ab..be7a96ea8 100644 --- a/meta-gnome/recipes-extended/gparted/gparted_1.4.0.bb +++ b/meta-gnome/recipes-extended/gparted/gparted_1.5.0.bb @@ -3,17 +3,15 @@ HOMEPAGE = "http://gparted.org/index.php" LICENSE = "GPL-2.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" -inherit autotools pkgconfig python3native gnome-help gtk-icon-cache features_check +inherit autotools pkgconfig python3native gettext gnome-help gtk-icon-cache features_check ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" SRC_URI = " \ ${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}/${BPN}-${PV}/${BPN}-${PV}.tar.gz \ file://0001-Install-polkit-action-unconditionally-executable-pke.patch \ - file://0001-Do-not-use-NULL-where-boolean-is-expected.patch \ - file://0001-use-posix-basename.patch \ " -SRC_URI[sha256sum] = "e5293a792e53fdbeba29c4a834113cd9603d0d639330da931a468bf3687887be" +SRC_URI[sha256sum] = "3c95ea26a944083ff1d9b17639b1e2ad9758df225dc751ff407b2a6aa092a8de" UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/gparted/files/gparted/" UPSTREAM_CHECK_REGEX = "gparted-(?P<pver>\d+\.(\d+)+(\.\d+)+)" -- 2.34.1
[meta-gnome][PATCHv2] gparted: update 1.4.0 -> 1.5.0
Markus Volk
- Remove unneeded patches
- Keep buildable without polkit after gettext migration
Signed-off-by: Markus Volk <f_l_k@...>
---
...t-use-NULL-where-boolean-is-expected.patch | 33 -------------------
.../files/0001-use-posix-basename.patch | 30 -----------------
.../{gparted_1.4.0.bb =3D> gparted_1.5.0.bb} | 11 ++++---
3 files changed, 6 insertions(+), 68 deletions(-)
delete mode 100644 meta-gnome/recipes-extended/gparted/files/0001-Do-not=
-use-NULL-where-boolean-is-expected.patch
delete mode 100644 meta-gnome/recipes-extended/gparted/files/0001-use-po=
six-basename.patch
rename meta-gnome/recipes-extended/gparted/{gparted_1.4.0.bb =3D> gparte=
d_1.5.0.bb} (68%)
diff --git a/meta-gnome/recipes-extended/gparted/files/0001-Do-not-use-NU=
LL-where-boolean-is-expected.patch b/meta-gnome/recipes-extended/gparted/=
files/0001-Do-not-use-NULL-where-boolean-is-expected.patch
deleted file mode 100644
index 1b0d24024..000000000
--- a/meta-gnome/recipes-extended/gparted/files/0001-Do-not-use-NULL-wher=
e-boolean-is-expected.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From 9af84e1c08a2159c10baf13244e2c8a7d7e837e9 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@...>
-Date: Thu, 27 Jan 2022 23:02:20 -0800
-Subject: [PATCH] Do not use NULL where boolean is expected
-
-Fixes
-src/GParted_Core.cc:73:57: error: static_cast from 'nullptr_t' to 'PedPa=
rtitionFlag' (aka '_PedPartitionFlag') is not allowed
-| for ( PedPartitionFlag flag =3D ped_partition_flag_next( stati=
c_cast<PedPartitionFlag>( NULL ) ) ;
-| ^~~~~~~=
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-| 1 error generated.
-
-Upstream-Status: Pending
-Signed-off-by: Khem Raj <raj.khem@...>
----
- src/GParted_Core.cc | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/GParted_Core.cc b/src/GParted_Core.cc
-index f7ac970..3290c66 100644
---- a/src/GParted_Core.cc
-+++ b/src/GParted_Core.cc
-@@ -70,7 +70,7 @@ GParted_Core::GParted_Core()
- ped_exception_set_handler( ped_exception_handler ) ;=20
-=20
- //get valid flags ...
-- for ( PedPartitionFlag flag =3D ped_partition_flag_next( static_cast<P=
edPartitionFlag>( NULL ) ) ;
-+ for ( PedPartitionFlag flag =3D ped_partition_flag_next( static_cast<P=
edPartitionFlag>( false ) ) ;
- flag ;
- flag =3D ped_partition_flag_next( flag ) )
- flags .push_back( flag ) ;
---=20
-2.35.0
-
diff --git a/meta-gnome/recipes-extended/gparted/files/0001-use-posix-bas=
ename.patch b/meta-gnome/recipes-extended/gparted/files/0001-use-posix-ba=
sename.patch
deleted file mode 100644
index aae200e27..000000000
--- a/meta-gnome/recipes-extended/gparted/files/0001-use-posix-basename.p=
atch
+++ /dev/null
@@ -1,30 +0,0 @@
-Subject: [PATCH] BCache_Info.cc: use posix basename
-
-gnu 'basename' is undeclared for cplusplus if using musl. Use posix base=
name instead.
-
-fdebug-prefix-map=3DTOPDIR/build/tmp/work/cortexa57-yoe-linux-musl/gpart=
ed/1.4.0-r0/
-recipe-sysroot-native=3D-fvisibility-inlines-hidden -c -o Dialog_Diskla=
bel.o ../../
-gparted-1.4.0/src/Dialog_Disklabel.cc ../../gparted-1.4.0/src/BCache_Inf=
o.cc:52:33:
-
-error: use of undeclared identifier 'basename'; did you mean 'g_basename=
'?
- return "/dev/" + Glib::ustring(basename(buf));
- ^~~~~~~~
- g_basename
-
-Signed-off-by: Markus Volk <f_l_k@...>
-
-Upstream-Status: Submitted
-
-https://gitlab.gnome.org/GNOME/gparted/-/merge_requests/99
-
---- a/src/BCache_Info.cc 2022-03-02 22:04:17.000000000 +0100
-+++ b/src/BCache_Info.cc 2022-04-09 15:02:56.932218665 +0200
-@@ -17,7 +17,7 @@
-=20
- #include "BCache_Info.h"
-=20
--#include <string.h> // GNU version of basename()
-+#include <libgen.h> // POSIX version of basename()
- #include <unistd.h>
- #include <glibmm/ustring.h>
- #include <glibmm/fileutils.h>
diff --git a/meta-gnome/recipes-extended/gparted/gparted_1.4.0.bb b/meta-=
gnome/recipes-extended/gparted/gparted_1.5.0.bb
similarity index 68%
rename from meta-gnome/recipes-extended/gparted/gparted_1.4.0.bb
rename to meta-gnome/recipes-extended/gparted/gparted_1.5.0.bb
index dde5a02ab..fdfb1ef47 100644
--- a/meta-gnome/recipes-extended/gparted/gparted_1.4.0.bb
+++ b/meta-gnome/recipes-extended/gparted/gparted_1.5.0.bb
@@ -3,17 +3,15 @@ HOMEPAGE =3D "http://gparted.org/index.php"
LICENSE =3D "GPL-2.0-only"
LIC_FILES_CHKSUM =3D "file://COPYING;md5=3D94d55d512a9ba36caa9b7df079bae=
19f"
=20
-inherit autotools pkgconfig python3native gnome-help gtk-icon-cache feat=
ures_check
+inherit autotools pkgconfig python3native gettext gnome-help gtk-icon-ca=
che features_check
=20
ANY_OF_DISTRO_FEATURES =3D "${GTK3DISTROFEATURES}"
=20
SRC_URI =3D " \
${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}/${BPN}-${PV}/${BPN}-${PV=
}.tar.gz \
- file://0001-Install-polkit-action-unconditionally-executable-pke.pat=
ch \
- file://0001-Do-not-use-NULL-where-boolean-is-expected.patch \
- file://0001-use-posix-basename.patch \
+ ${@bb.utils.contains('DISTRO_FEATURES', 'polkit', 'file://0001-Insta=
ll-polkit-action-unconditionally-executable-pke.patch', '', d)} \
"
-SRC_URI[sha256sum] =3D "e5293a792e53fdbeba29c4a834113cd9603d0d639330da93=
1a468bf3687887be"
+SRC_URI[sha256sum] =3D "3c95ea26a944083ff1d9b17639b1e2ad9758df225dc751ff=
407b2a6aa092a8de"
=20
UPSTREAM_CHECK_URI =3D "https://sourceforge.net/projects/gparted/files/g=
parted/"
UPSTREAM_CHECK_REGEX =3D "gparted-(?P<pver>\d+\.(\d+)+(\.\d+)+)"
@@ -27,6 +25,9 @@ DEPENDS +=3D " \
parted \
"
=20
+PACKAGECONFIG =3D "${@bb.utils.filter('DISTRO_FEATURES', 'polkit', d)}"
+PACKAGECONFIG[polkit] =3D ",,polkit"
+
FILES:${PN} +=3D " \
${datadir}/appdata \
${datadir}/icons \
--=20
2.34.1
- Keep buildable without polkit after gettext migration
Signed-off-by: Markus Volk <f_l_k@...>
---
...t-use-NULL-where-boolean-is-expected.patch | 33 -------------------
.../files/0001-use-posix-basename.patch | 30 -----------------
.../{gparted_1.4.0.bb =3D> gparted_1.5.0.bb} | 11 ++++---
3 files changed, 6 insertions(+), 68 deletions(-)
delete mode 100644 meta-gnome/recipes-extended/gparted/files/0001-Do-not=
-use-NULL-where-boolean-is-expected.patch
delete mode 100644 meta-gnome/recipes-extended/gparted/files/0001-use-po=
six-basename.patch
rename meta-gnome/recipes-extended/gparted/{gparted_1.4.0.bb =3D> gparte=
d_1.5.0.bb} (68%)
diff --git a/meta-gnome/recipes-extended/gparted/files/0001-Do-not-use-NU=
LL-where-boolean-is-expected.patch b/meta-gnome/recipes-extended/gparted/=
files/0001-Do-not-use-NULL-where-boolean-is-expected.patch
deleted file mode 100644
index 1b0d24024..000000000
--- a/meta-gnome/recipes-extended/gparted/files/0001-Do-not-use-NULL-wher=
e-boolean-is-expected.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From 9af84e1c08a2159c10baf13244e2c8a7d7e837e9 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@...>
-Date: Thu, 27 Jan 2022 23:02:20 -0800
-Subject: [PATCH] Do not use NULL where boolean is expected
-
-Fixes
-src/GParted_Core.cc:73:57: error: static_cast from 'nullptr_t' to 'PedPa=
rtitionFlag' (aka '_PedPartitionFlag') is not allowed
-| for ( PedPartitionFlag flag =3D ped_partition_flag_next( stati=
c_cast<PedPartitionFlag>( NULL ) ) ;
-| ^~~~~~~=
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-| 1 error generated.
-
-Upstream-Status: Pending
-Signed-off-by: Khem Raj <raj.khem@...>
----
- src/GParted_Core.cc | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/GParted_Core.cc b/src/GParted_Core.cc
-index f7ac970..3290c66 100644
---- a/src/GParted_Core.cc
-+++ b/src/GParted_Core.cc
-@@ -70,7 +70,7 @@ GParted_Core::GParted_Core()
- ped_exception_set_handler( ped_exception_handler ) ;=20
-=20
- //get valid flags ...
-- for ( PedPartitionFlag flag =3D ped_partition_flag_next( static_cast<P=
edPartitionFlag>( NULL ) ) ;
-+ for ( PedPartitionFlag flag =3D ped_partition_flag_next( static_cast<P=
edPartitionFlag>( false ) ) ;
- flag ;
- flag =3D ped_partition_flag_next( flag ) )
- flags .push_back( flag ) ;
---=20
-2.35.0
-
diff --git a/meta-gnome/recipes-extended/gparted/files/0001-use-posix-bas=
ename.patch b/meta-gnome/recipes-extended/gparted/files/0001-use-posix-ba=
sename.patch
deleted file mode 100644
index aae200e27..000000000
--- a/meta-gnome/recipes-extended/gparted/files/0001-use-posix-basename.p=
atch
+++ /dev/null
@@ -1,30 +0,0 @@
-Subject: [PATCH] BCache_Info.cc: use posix basename
-
-gnu 'basename' is undeclared for cplusplus if using musl. Use posix base=
name instead.
-
-fdebug-prefix-map=3DTOPDIR/build/tmp/work/cortexa57-yoe-linux-musl/gpart=
ed/1.4.0-r0/
-recipe-sysroot-native=3D-fvisibility-inlines-hidden -c -o Dialog_Diskla=
bel.o ../../
-gparted-1.4.0/src/Dialog_Disklabel.cc ../../gparted-1.4.0/src/BCache_Inf=
o.cc:52:33:
-
-error: use of undeclared identifier 'basename'; did you mean 'g_basename=
'?
- return "/dev/" + Glib::ustring(basename(buf));
- ^~~~~~~~
- g_basename
-
-Signed-off-by: Markus Volk <f_l_k@...>
-
-Upstream-Status: Submitted
-
-https://gitlab.gnome.org/GNOME/gparted/-/merge_requests/99
-
---- a/src/BCache_Info.cc 2022-03-02 22:04:17.000000000 +0100
-+++ b/src/BCache_Info.cc 2022-04-09 15:02:56.932218665 +0200
-@@ -17,7 +17,7 @@
-=20
- #include "BCache_Info.h"
-=20
--#include <string.h> // GNU version of basename()
-+#include <libgen.h> // POSIX version of basename()
- #include <unistd.h>
- #include <glibmm/ustring.h>
- #include <glibmm/fileutils.h>
diff --git a/meta-gnome/recipes-extended/gparted/gparted_1.4.0.bb b/meta-=
gnome/recipes-extended/gparted/gparted_1.5.0.bb
similarity index 68%
rename from meta-gnome/recipes-extended/gparted/gparted_1.4.0.bb
rename to meta-gnome/recipes-extended/gparted/gparted_1.5.0.bb
index dde5a02ab..fdfb1ef47 100644
--- a/meta-gnome/recipes-extended/gparted/gparted_1.4.0.bb
+++ b/meta-gnome/recipes-extended/gparted/gparted_1.5.0.bb
@@ -3,17 +3,15 @@ HOMEPAGE =3D "http://gparted.org/index.php"
LICENSE =3D "GPL-2.0-only"
LIC_FILES_CHKSUM =3D "file://COPYING;md5=3D94d55d512a9ba36caa9b7df079bae=
19f"
=20
-inherit autotools pkgconfig python3native gnome-help gtk-icon-cache feat=
ures_check
+inherit autotools pkgconfig python3native gettext gnome-help gtk-icon-ca=
che features_check
=20
ANY_OF_DISTRO_FEATURES =3D "${GTK3DISTROFEATURES}"
=20
SRC_URI =3D " \
${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}/${BPN}-${PV}/${BPN}-${PV=
}.tar.gz \
- file://0001-Install-polkit-action-unconditionally-executable-pke.pat=
ch \
- file://0001-Do-not-use-NULL-where-boolean-is-expected.patch \
- file://0001-use-posix-basename.patch \
+ ${@bb.utils.contains('DISTRO_FEATURES', 'polkit', 'file://0001-Insta=
ll-polkit-action-unconditionally-executable-pke.patch', '', d)} \
"
-SRC_URI[sha256sum] =3D "e5293a792e53fdbeba29c4a834113cd9603d0d639330da93=
1a468bf3687887be"
+SRC_URI[sha256sum] =3D "3c95ea26a944083ff1d9b17639b1e2ad9758df225dc751ff=
407b2a6aa092a8de"
=20
UPSTREAM_CHECK_URI =3D "https://sourceforge.net/projects/gparted/files/g=
parted/"
UPSTREAM_CHECK_REGEX =3D "gparted-(?P<pver>\d+\.(\d+)+(\.\d+)+)"
@@ -27,6 +25,9 @@ DEPENDS +=3D " \
parted \
"
=20
+PACKAGECONFIG =3D "${@bb.utils.filter('DISTRO_FEATURES', 'polkit', d)}"
+PACKAGECONFIG[polkit] =3D ",,polkit"
+
FILES:${PN} +=3D " \
${datadir}/appdata \
${datadir}/icons \
--=20
2.34.1
[meta-oe][dunfell][PATCH] libmodbus: Fix CVE-2022-0367
Hugo Simeliere
| Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@...>
---
.../libmodbus/libmodbus/CVE-2022-0367.patch | 38 +++++++++++++++++++
.../libmodbus/libmodbus_3.1.6.bb | 4 +-
2 files changed, 41 insertions(+), 1 deletion(-)
create mode 100644 meta-oe/recipes-extended/libmodbus/libmodbus/CVE-2022-0367.patch
diff --git a/meta-oe/recipes-extended/libmodbus/libmodbus/CVE-2022-0367.patch b/meta-oe/recipes-extended/libmodbus/libmodbus/CVE-2022-0367.patch
new file mode 100644
index 000000000..120954e4f
--- /dev/null
+++ b/meta-oe/recipes-extended/libmodbus/libmodbus/CVE-2022-0367.patch
@@ -0,0 +1,38 @@
+From 790ff6dad16b70e68804a2d53ad54db40412e889 Mon Sep 17 00:00:00 2001
+From: Michael Heimpold <mhei@...>
+Date: Sat, 8 Jan 2022 20:00:50 +0100
+Subject: [PATCH] modbus_reply: fix copy & paste error in sanity check (fixes
+ #614)
+
+[ Upstream commit b4ef4c17d618eba0adccc4c7d9e9a1ef809fc9b6 ]
+
+While handling MODBUS_FC_WRITE_AND_READ_REGISTERS, both address offsets
+must be checked, i.e. the read and the write address must be within the
+mapping range.
+
+At the moment, only the read address was considered, it looks like a
+simple copy and paste error, so let's fix it.
+
+CVE: CVE-2022-0367
+
+Signed-off-by: Michael Heimpold <mhei@...>
+---
+ src/modbus.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/modbus.c b/src/modbus.c
+index 68a28a3..c871152 100644
+--- a/src/modbus.c
++++ b/src/modbus.c
+@@ -961,7 +961,7 @@ int modbus_reply(modbus_t *ctx, const uint8_t *req,
+ nb_write, nb, MODBUS_MAX_WR_WRITE_REGISTERS, MODBUS_MAX_WR_READ_REGISTERS);
+ } else if (mapping_address < 0 ||
+ (mapping_address + nb) > mb_mapping->nb_registers ||
+- mapping_address < 0 ||
++ mapping_address_write < 0 ||
+ (mapping_address_write + nb_write) > mb_mapping->nb_registers) {
+ rsp_length = response_exception(
+ ctx, &sft, MODBUS_EXCEPTION_ILLEGAL_DATA_ADDRESS, rsp, FALSE,
+--
+2.39.1
+
diff --git a/meta-oe/recipes-extended/libmodbus/libmodbus_3.1.6.bb b/meta-oe/recipes-extended/libmodbus/libmodbus_3.1.6.bb
index 075487ae9..0822a1144 100644
--- a/meta-oe/recipes-extended/libmodbus/libmodbus_3.1.6.bb
+++ b/meta-oe/recipes-extended/libmodbus/libmodbus_3.1.6.bb
@@ -2,7 +2,9 @@ require libmodbus.inc
SRC_URI += "file://f1eb4bc7ccb09cd8d19ab641ee37637f8c34d16d.patch \
file://Fix-float-endianness-issue-on-big-endian-arch.patch \
- file://Fix-typo.patch"
+ file://Fix-typo.patch \
+ file://CVE-2022-0367.patch \"
+
SRC_URI[md5sum] = "15c84c1f7fb49502b3efaaa668cfd25e"
SRC_URI[sha256sum] = "d7d9fa94a16edb094e5fdf5d87ae17a0dc3f3e3d687fead81835d9572cf87c16"
--
2.39.2
|
[meta-networking][dunfell][PATCH 2/2] openvpn: upgrade 2.4.9 -> 2.4.12
Hugo Simeliere
Fixes below CVEs:
* CVE-2022-0547
* CVE-2020-15078
Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@...>
---
.../openvpn/{openvpn_2.4.9.bb => openvpn_2.4.12.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta-networking/recipes-support/openvpn/{openvpn_2.4.9.bb => openvpn_2.4.12.bb} (95%)
diff --git a/meta-networking/recipes-support/openvpn/openvpn_2.4.9.bb b/meta-networking/recipes-support/openvpn/openvpn_2.4.12.bb
similarity index 95%
rename from meta-networking/recipes-support/openvpn/openvpn_2.4.9.bb
rename to meta-networking/recipes-support/openvpn/openvpn_2.4.12.bb
index 4820d3d96..55e66036b 100644
--- a/meta-networking/recipes-support/openvpn/openvpn_2.4.9.bb
+++ b/meta-networking/recipes-support/openvpn/openvpn_2.4.12.bb
@@ -14,8 +14,8 @@ SRC_URI = "http://swupdate.openvpn.org/community/releases/${BP}.tar.gz \
UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads"
-SRC_URI[md5sum] = "52863fa9b98e5a3d7f8bec1d5785a2ba"
-SRC_URI[sha256sum] = "46b268ef88e67ca6de2e9f19943eb9e5ac8544e55f5c1f3af677298d03e64b6e"
+SRC_URI[md5sum] = "e83d430947fb7c9ad1a174987317d1dc"
+SRC_URI[sha256sum] = "66952d9c95490e5875f04c9f8fa313b5e816d1b7b4d6cda3fb2ff749ad405dee"
# CVE-2020-7224 and CVE-2020-27569 are for Aviatrix OpenVPN client, not for openvpn.
CVE_CHECK_WHITELIST += "CVE-2020-7224 CVE-2020-27569"
--
2.39.2
[meta-networking][dunfell][PATCH 1/2] openvpn: add CVE-2020-7224 and CVE-2020-27569 to allowlist
Hugo Simeliere
CVE-2020-7224 and CVE-2020-27569 are for Aviatrix OpenVPN client,
not for openvpn.
Signed-off-by: Akifumi Chikazawa <chikazawa.akifu@...>
Signed-off-by: Khem Raj <raj.khem@...>
(upstream from commit d49e96aac4616c439a2d778b95a793037dac884e)
Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@...>
---
meta-networking/recipes-support/openvpn/openvpn_2.4.9.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta-networking/recipes-support/openvpn/openvpn_2.4.9.bb b/meta-networking/recipes-support/openvpn/openvpn_2.4.9.bb
index 529e3912b..4820d3d96 100644
--- a/meta-networking/recipes-support/openvpn/openvpn_2.4.9.bb
+++ b/meta-networking/recipes-support/openvpn/openvpn_2.4.9.bb
@@ -17,6 +17,9 @@ UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads"
SRC_URI[md5sum] = "52863fa9b98e5a3d7f8bec1d5785a2ba"
SRC_URI[sha256sum] = "46b268ef88e67ca6de2e9f19943eb9e5ac8544e55f5c1f3af677298d03e64b6e"
+# CVE-2020-7224 and CVE-2020-27569 are for Aviatrix OpenVPN client, not for openvpn.
+CVE_CHECK_WHITELIST += "CVE-2020-7224 CVE-2020-27569"
+
SYSTEMD_SERVICE_${PN} += "openvpn@... openvpn@..."
SYSTEMD_AUTO_ENABLE = "disable"
--
2.39.2
Re: [PATCH 1/8] zchunk: upgrade to 1.2.3
fails to build on musl/aarch64 see
https://errors.yoctoproject.org/Errors/Details/695672/
toggle quoted message
Show quoted text
https://errors.yoctoproject.org/Errors/Details/695672/
On Mon, Feb 20, 2023 at 7:46 AM Ross Burton <ross.burton@...> wrote:
---
.../{zchunk_1.2.0.bb => zchunk_1.2.3.bb} | 18 ++++++++++--------
1 file changed, 10 insertions(+), 8 deletions(-)
rename meta-oe/recipes-support/zchunk/{zchunk_1.2.0.bb => zchunk_1.2.3.bb} (52%)
diff --git a/meta-oe/recipes-support/zchunk/zchunk_1.2.0.bb b/meta-oe/recipes-support/zchunk/zchunk_1.2.3.bb
similarity index 52%
rename from meta-oe/recipes-support/zchunk/zchunk_1.2.0.bb
rename to meta-oe/recipes-support/zchunk/zchunk_1.2.3.bb
index 0baea5032a..760d650de6 100644
--- a/meta-oe/recipes-support/zchunk/zchunk_1.2.0.bb
+++ b/meta-oe/recipes-support/zchunk/zchunk_1.2.3.bb
@@ -6,17 +6,19 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=daf6e68539f564601a5a5869c31e5242"
SRC_URI = "git://github.com/zchunk/zchunk.git;protocol=https;branch=main"
-SRCREV = "dd6a30a1e4e8b738b0cafc682f3c00e7706134e5"
+SRCREV = "f16dbeb0831eb37a9397356570327abb97860875"
S = "${WORKDIR}/git"
-DEPENDS = "\
- curl \
- zstd \
- "
-
+DEPENDS = "zstd"
DEPENDS:append:libc-musl = " argp-standalone"
-LDFLAGS:append:libc-musl = " -largp"
-inherit meson pkgconfig
+inherit meson pkgconfig lib_package
+
+PACKAGECONFIG ??= "openssl zckdl"
+
+# zckdl gets packaged into zchunk-bin
+PACKAGECONFIG[zckdl] = "-Dwith-curl=enabled,-Dwith-curl=disabled,curl"
+# Use OpenSSL primitives for SHA
+PACKAGECONFIG[openssl] = "-Dwith-openssl=enabled,-Dwith-openssl=disabled,openssl"
BBCLASSEXTEND = "native nativesdk"
--
2.34.1