diff options
author | Andrew Geissler <geissonator@yahoo.com> | 2020-10-30 23:42:48 +0300 |
---|---|---|
committer | Andrew Geissler <geissonator@yahoo.com> | 2020-10-30 23:43:27 +0300 |
commit | bbbd5f468dc9c43b203cac3775f6c1b782ca7cba (patch) | |
tree | c1102cd773825fb6d69caaff22011b069e71a646 /meta-openembedded/meta-networking/recipes-connectivity/samba | |
parent | 157744bac930642ebf7952ec8dc3df2faffd0928 (diff) | |
download | openbmc-bbbd5f468dc9c43b203cac3775f6c1b782ca7cba.tar.xz |
meta-openembedded: subtree update:2258c9a767..164a6030b0
Alejandro Hernandez Samaniego (1):
emacs: Fix packaging for emacs-minimal
Andreas Müller (8):
fluidsynth: upgrade 2.1.3 -> 2.1.5
hdf5: Shorten SUMMARY and move long text to DESCRIPTION
wxwidgets: add opengl PACKAGECONFIG / enable it if opengl is in DISTRO_FEATURES
wxwidgets: Add what's necessary so that consumers of wxwidgets_git can find it
wxwidgets: upgrade 3.1.3 -> 3.1.4
babl: upgrade 0.1.78 -> 0.1.82
gegl: upgrade 0.4.24 -> 0.4.26
gimp: upgrade 2.10.20 -> 2.10.22
Andrej Valek (2):
nss: upgrade 3.56 -> 3.57
nspr: upgrade 4.26 -> 4.29
Chen Qi (2):
open-isns: use /run instead of /var/run in systemd service file
openhpi: use /run instead of /var/run in systemd service file
Daniel Ammann (2):
dhex: add homepage
pcsc-tools: add new package
Fagundes, Paulo (1):
vnstat: add recipe
Gianfranco Costamagna (1):
vboxguestdrivers: upgrade 6.1.14 -> 6.1.16
Gianluca Pacchiella (1):
Add missing dependencies for rsnapshot.
Khem Raj (5):
meta-openembedded: Add gatesgarth to LAYERSERIES_COMPAT
apitrace: Disable secuirty flags for clang
iscsi-initiator-utils: Silence a clang warning on 64bit systems
minifi-cpp: Do not use lld on riscv32
redis: Fix build with clang on riscv32
Leon Anavi (44):
python3-aiohttp: Upgrade 3.6.2 -> 3.6.3
python3-ujson: Upgrade 3.2.0 -> 4.0.1
python3-passlib: Upgrade 1.7.2 -> 1.7.4
python3-croniter: Upgrade 0.3.34 -> 0.3.35
python3-isort: Upgrade 5.5.4 -> 5.6.4
python3-prompt-toolkit: Upgrade 3.0.7 -> 3.0.8
python3-yarl: Upgrade 1.6.0 -> 1.6.2
python3-sqlparse: Upgrade 0.3.1 -> 0.4.1
python3-sqlalchemy: Upgrade 1.3.19 -> 1.3.20
python3-sentry-sdk: Upgrade 0.18.0 -> 0.19.0
python3-markdown: Upgrade 3.3 -> 3.3.1
python3-pywbemtools: Upgrade 0.7.3 -> 0.8.0
python3-xlsxwriter: Upgrade 1.3.6 -> 1.3.7
python3-luma-core: Upgrade 1.17.1 -> 1.17.2
python3-graphviz: Upgrade 0.14.1 -> 0.14.2
python3-yappi: Upgrade 1.2.5 -> 1.3.0
python3-iniconfig: Upgrade 1.0.1 -> 1.1.1
transmission: Upgrade 2.94 -> 3.00
python3-regex: Upgrade 2020.10.11 -> 2020.10.15
python3-colorama: Upgrade 0.4.3 -> 0.4.4
python3-zipp: Upgrade 3.3.0 -> 3.3.1
python3-pychromecast: Upgrade 7.5.0 -> 7.5.1
python3-semver: Upgrade 2.10.2 -> 2.13.0
python3-pydicti: Upgrade 1.1.3 -> 1.1.4
python3-humanize: Upgrade 3.0.1 -> 3.1.0
python3-dominate: Upgrade 2.5.2 -> 2.6.0
python3-urllib3: Upgrade 1.25.10 -> 1.25.11
python3-bitarray: Upgrade 1.5.3 -> 1.6.0
python3-markdown: Upgrade 3.3.1 -> 3.3.2
python3-pymisp: Upgrade 2.4.131 -> 2.4.133
python3-typeguard: Upgrade 2.9.1 -> 2.10.0
python3-traitlets: Upgrade 5.0.4 -> 5.0.5
python3-sentry-sdk: Upgrade 0.19.0 -> 0.19.1
python3-lxml: Upgrade 4.5.2 -> 4.6.1
python3-regex: Upgrade 2020.10.15 -> 2020.10.23
python3-google-api-python-client: Upgrade 1.12.3 -> 1.12.5
python3-cryptography: Upgrade 3.1.1 -> 3.2
python3-psutil: Upgrade 5.7.2 -> 5.7.3
python3-pyparted: Upgrade 3.11.6 -> 3.11.7
python3-tqdm: Upgrade 4.50.2 -> 4.51.0
python3-u-msgpack-python: Upgrade 2.7.0 -> 2.7.1
python3-luma-core: Upgrade 1.17.2 -> 1.17.3
python3-zipp: Upgrade 3.3.1 -> 3.4.0
python3-aiohttp: Upgrade 3.6.3 -> 3.7.1
Luca Boccassi (2):
Add recipe for fsverity-utils
Add new recipe for squashfs-tools-ng
Mario Schuknecht (1):
wireguard-tools: Fix systemd service installation
Martin Jansa (3):
packagegroup-meta-multimedia: include fdk-aac and mpd only with commercial in LICENSE_FLAGS_WHITELIST
python3-colorama: add native and nativesdk to BBCLASSEXTEND
mpd: add commercial LICENSE_FLAGS when ffmpeg or aac PACKAGECONFIG is enabled
Michael Tretter (1):
apitrace: add new recipe
Mingli Yu (1):
mariadb: Upgrade to 10.5.6
Pascal Bach (1):
fmt: make available as native and nativesdk
Pierre-Jean Texier (3):
c-periphery: upgrade 2.2.1 -> 2.2.4
c-periphery: fix typo in SUMMARY
stunnel: upgrade 5.56 -> 5.57
Qi.Chen@windriver.com (4):
php: use /run instead /var/run in systemd service file
lmsensors: use /run instead of /var/run for systemd service
cyrus-sasl: use /run instead of /var/run for systemd service file
freediameter: use /run instead of /var/run in systemd service file
Ross Burton (2):
mpv: fetch waf in do_fetch
glmark2: no need to patch waf
Sakib Sajal (1):
python3-prettytable: add python3-wcwidth to RDEPENDS
Siming Yuan (1):
python3-paramiko: fixing runtime dependencies
Taisei Nakano (1):
anthy: add GPLv2 to LICENSE and add LIC_FILES_CHKSUM
Ulrich Ölmann (1):
usb-modeswitch, usb-modeswitch-data: fix usrmerge
Yi Zhao (2):
samba: upgrade 4.10.17 -> 4.10.18
networkmanager: remove PACKAGECONFIG[dhclient]
Zang Ruochen (13):
firewalld: upgrade 0.9.0 -> 0.9.1
mtr: upgrade 0.93 -> 0.94
wireshark: upgrade 3.2.6 -> 3.2.7
hwdata: upgrade 0.339 -> 0.340
libmbim: upgrade 1.24.2 -> 1.24.4
linuxptp: upgrade 3.0 -> 3.1
memtester: upgrade 4.4.0 -> 4.5.0
paho-mqtt-c: upgrade 1.3.5 -> 1.3.6
mm-common: upgrade 1.0.1 -> 1.0.2
poppler: upgrade 20.09.0 -> 20.10.0
spdlog: upgrade 1.8.0 -> 1.8.1
libcgi-perl: upgrade 4.50 -> 4.51
libcurses-perl: upgrade 1.36 -> 1.37
zangrc (8):
gphoto2: upgrade 2.5.23 -> 2.5.26
libgphoto2: upgrade 2.5.25 -> 2.5.26
libmtp: upgrade 1.1.17 -> 1.1.18
libp11: upgrade 0.4.10 -> 0.4.11
libpwquality: upgrade 1.4.2 -> 1.4.4
libqmi: upgrade 1.26.4 -> 1.26.6
nano: upgrade 5.2 -> 5.3
protobuf: upgrade 3.13.0 -> 3.13.0.1
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: Ie105cfe99ae7dab0f6f1fd8d88d43a1979faf486
Diffstat (limited to 'meta-openembedded/meta-networking/recipes-connectivity/samba')
-rw-r--r-- | meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0001-util-Simplify-input-validation.patch | 59 | ||||
-rw-r--r-- | meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0002-util-Fix-build-on-FreeBSD-by-avoiding-NSS_BUFLEN_PAS.patch | 79 | ||||
-rw-r--r-- | meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0003-util-Reallocate-larger-buffer-if-getpwuid_r-returns-.patch | 50 | ||||
-rw-r--r-- | meta-openembedded/meta-networking/recipes-connectivity/samba/samba_4.10.18.bb (renamed from meta-openembedded/meta-networking/recipes-connectivity/samba/samba_4.10.17.bb) | 7 |
4 files changed, 2 insertions, 193 deletions
diff --git a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0001-util-Simplify-input-validation.patch b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0001-util-Simplify-input-validation.patch deleted file mode 100644 index e724c04bc..000000000 --- a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0001-util-Simplify-input-validation.patch +++ /dev/null @@ -1,59 +0,0 @@ -From f9d9ba6cd06aca053c747c399ba700db80b1623c Mon Sep 17 00:00:00 2001 -From: Martin Schwenke <martin@meltin.net> -Date: Tue, 9 Jun 2020 11:52:50 +1000 -Subject: [PATCH 1/3] util: Simplify input validation - -It appears that snprintf(3) is being used for input validation. -However, this seems like overkill because it causes szPath to be -copied an extra time. The mostly likely protections being sought -here, according to https://cwe.mitre.org/data/definitions/20.html, -look to be DoS attacks involving CPU and memory usage. A simpler -check that uses strnlen(3) can mitigate against both of these and is -simpler. - -Signed-off-by: Martin Schwenke <martin@meltin.net> -Reviewed-by: Volker Lendecke <vl@samba.org> -Reviewed-by: Bjoern Jacke <bjacke@samba.org> -(cherry picked from commit 922bce2668994dd2a5988c17060f977e9bb0c229) - -Upstream-Status:Backport -[https://gitlab.com/samba-team/samba/-/commit/f9d9ba6cd06aca053c747c399ba700db80b1623c] - -Signed-off-by: Yi Zhao <yi.zhao@windriver.com> ---- - lib/util/util_paths.c | 9 ++++----- - 1 file changed, 4 insertions(+), 5 deletions(-) - -diff --git a/lib/util/util_paths.c b/lib/util/util_paths.c -index c0ee5c32c30..dec91772d9e 100644 ---- a/lib/util/util_paths.c -+++ b/lib/util/util_paths.c -@@ -69,21 +69,20 @@ static char *get_user_home_dir(TALLOC_CTX *mem_ctx) - struct passwd pwd = {0}; - struct passwd *pwdbuf = NULL; - char buf[NSS_BUFLEN_PASSWD] = {0}; -+ size_t len; - int rc; - - rc = getpwuid_r(getuid(), &pwd, buf, NSS_BUFLEN_PASSWD, &pwdbuf); - if (rc != 0 || pwdbuf == NULL ) { -- int len_written; - const char *szPath = getenv("HOME"); - if (szPath == NULL) { - return NULL; - } -- len_written = snprintf(buf, sizeof(buf), "%s", szPath); -- if (len_written >= sizeof(buf) || len_written < 0) { -- /* Output was truncated or an error. */ -+ len = strnlen(szPath, PATH_MAX); -+ if (len >= PATH_MAX) { - return NULL; - } -- return talloc_strdup(mem_ctx, buf); -+ return talloc_strdup(mem_ctx, szPath); - } - - return talloc_strdup(mem_ctx, pwd.pw_dir); --- -2.17.1 - diff --git a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0002-util-Fix-build-on-FreeBSD-by-avoiding-NSS_BUFLEN_PAS.patch b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0002-util-Fix-build-on-FreeBSD-by-avoiding-NSS_BUFLEN_PAS.patch deleted file mode 100644 index dcd79044a..000000000 --- a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0002-util-Fix-build-on-FreeBSD-by-avoiding-NSS_BUFLEN_PAS.patch +++ /dev/null @@ -1,79 +0,0 @@ -From 57bd719af1f138f44f71b2078995452582da0da6 Mon Sep 17 00:00:00 2001 -From: Martin Schwenke <martin@meltin.net> -Date: Fri, 5 Jun 2020 21:52:23 +1000 -Subject: [PATCH 2/3] util: Fix build on FreeBSD by avoiding NSS_BUFLEN_PASSWD - -NSS_BUFLEN_PASSWD is not defined on FreeBSD. Use -sysconf(_SC_GETPW_R_SIZE_MAX) instead, as per POSIX. - -Use a dynamically allocated buffer instead of trying to cram all of -the logic into the declarations. This will come in useful later -anyway. - -Signed-off-by: Martin Schwenke <martin@meltin.net> -Reviewed-by: Volker Lendecke <vl@samba.org> -Reviewed-by: Bjoern Jacke <bjacke@samba.org> -(cherry picked from commit 847208cd8ac68c4c7d1dae63767820db1c69292b) - -Upstream-Status:Backport -[https://gitlab.com/samba-team/samba/-/commit/57bd719af1f138f44f71b2078995452582da0da6] - -Signed-off-by: Yi Zhao <yi.zhao@windriver.com> ---- - lib/util/util_paths.c | 27 ++++++++++++++++++++++----- - 1 file changed, 22 insertions(+), 5 deletions(-) - -diff --git a/lib/util/util_paths.c b/lib/util/util_paths.c -index dec91772d9e..9bc6df37e5d 100644 ---- a/lib/util/util_paths.c -+++ b/lib/util/util_paths.c -@@ -68,24 +68,41 @@ static char *get_user_home_dir(TALLOC_CTX *mem_ctx) - { - struct passwd pwd = {0}; - struct passwd *pwdbuf = NULL; -- char buf[NSS_BUFLEN_PASSWD] = {0}; -+ char *buf = NULL; -+ char *out = NULL; -+ long int initlen; - size_t len; - int rc; - -- rc = getpwuid_r(getuid(), &pwd, buf, NSS_BUFLEN_PASSWD, &pwdbuf); -+ initlen = sysconf(_SC_GETPW_R_SIZE_MAX); -+ if (initlen == -1) { -+ len = 1024; -+ } else { -+ len = (size_t)initlen; -+ } -+ buf = talloc_size(mem_ctx, len); -+ if (buf == NULL) { -+ return NULL; -+ } -+ -+ rc = getpwuid_r(getuid(), &pwd, buf, len, &pwdbuf); - if (rc != 0 || pwdbuf == NULL ) { - const char *szPath = getenv("HOME"); - if (szPath == NULL) { -- return NULL; -+ goto done; - } - len = strnlen(szPath, PATH_MAX); - if (len >= PATH_MAX) { - return NULL; - } -- return talloc_strdup(mem_ctx, szPath); -+ out = talloc_strdup(mem_ctx, szPath); -+ goto done; - } - -- return talloc_strdup(mem_ctx, pwd.pw_dir); -+ out = talloc_strdup(mem_ctx, pwd.pw_dir); -+done: -+ TALLOC_FREE(buf); -+ return out; - } - - char *path_expand_tilde(TALLOC_CTX *mem_ctx, const char *d) --- -2.17.1 - diff --git a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0003-util-Reallocate-larger-buffer-if-getpwuid_r-returns-.patch b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0003-util-Reallocate-larger-buffer-if-getpwuid_r-returns-.patch deleted file mode 100644 index 53a3f6781..000000000 --- a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba/0003-util-Reallocate-larger-buffer-if-getpwuid_r-returns-.patch +++ /dev/null @@ -1,50 +0,0 @@ -From 016e08ca07f86af9e0131a908a2df116bcb9a48e Mon Sep 17 00:00:00 2001 -From: Martin Schwenke <martin@meltin.net> -Date: Fri, 5 Jun 2020 22:05:42 +1000 -Subject: [PATCH 3/3] util: Reallocate larger buffer if getpwuid_r() returns - ERANGE - -Signed-off-by: Martin Schwenke <martin@meltin.net> -Reviewed-by: Volker Lendecke <vl@samba.org> -Reviewed-by: Bjoern Jacke <bjacke@samba.org> - -Autobuild-User(master): Martin Schwenke <martins@samba.org> -Autobuild-Date(master): Tue Jun 9 21:07:24 UTC 2020 on sn-devel-184 - -(cherry picked from commit ddac6b2eb4adaec8fc5e25ca07387d2b9417764c) - -Upstream-Status:Backport -[https://gitlab.com/samba-team/samba/-/commit/016e08ca07f86af9e0131a908a2df116bcb9a48e] - -Signed-off-by: Yi Zhao <yi.zhao@windriver.com> ---- - lib/util/util_paths.c | 13 +++++++++++++ - 1 file changed, 13 insertions(+) - -diff --git a/lib/util/util_paths.c b/lib/util/util_paths.c -index 9bc6df37e5d..72cc0aab8de 100644 ---- a/lib/util/util_paths.c -+++ b/lib/util/util_paths.c -@@ -86,6 +86,19 @@ static char *get_user_home_dir(TALLOC_CTX *mem_ctx) - } - - rc = getpwuid_r(getuid(), &pwd, buf, len, &pwdbuf); -+ while (rc == ERANGE) { -+ size_t newlen = 2 * len; -+ if (newlen < len) { -+ /* Overflow */ -+ goto done; -+ } -+ len = newlen; -+ buf = talloc_realloc_size(mem_ctx, buf, len); -+ if (buf == NULL) { -+ goto done; -+ } -+ rc = getpwuid_r(getuid(), &pwd, buf, len, &pwdbuf); -+ } - if (rc != 0 || pwdbuf == NULL ) { - const char *szPath = getenv("HOME"); - if (szPath == NULL) { --- -2.17.1 - diff --git a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba_4.10.17.bb b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba_4.10.18.bb index 3ae5afbe9..b5085c913 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/samba/samba_4.10.17.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/samba/samba_4.10.18.bb @@ -28,9 +28,6 @@ SRC_URI = "${SAMBA_MIRROR}/stable/samba-${PV}.tar.gz \ file://0002-util_sec.c-Move-__thread-variable-to-global-scope.patch \ file://0001-Add-options-to-configure-the-use-of-libbsd.patch \ file://0001-nsswitch-nsstest.c-Avoid-nss-function-conflicts-with.patch \ - file://0001-util-Simplify-input-validation.patch \ - file://0002-util-Fix-build-on-FreeBSD-by-avoiding-NSS_BUFLEN_PAS.patch \ - file://0003-util-Reallocate-larger-buffer-if-getpwuid_r-returns-.patch \ " SRC_URI_append_libc-musl = " \ file://samba-pam.patch \ @@ -39,8 +36,8 @@ SRC_URI_append_libc-musl = " \ file://0001-samba-fix-musl-lib-without-innetgr.patch \ " -SRC_URI[md5sum] = "f69cac9ba5035ee60257520a209a0a83" -SRC_URI[sha256sum] = "03dc9758e7bfa2faf7cdeb45b4d40997e2ee16a41e71996aa666bc069e70ba3e" +SRC_URI[md5sum] = "f006a3d1876113e4a049015969d20fe6" +SRC_URI[sha256sum] = "7dcfc2aaaac565b959068788e6a43fc79ce2a03e7d523f5843f7a9fddffc7c2c" UPSTREAM_CHECK_REGEX = "samba\-(?P<pver>4\.10(\.\d+)+).tar.gz" |