meta-openembedded: subtree update:9fdc7960ba..e4a3c66505

Alexander Kanavin (4): msgpack-c: update 3.2.1 -> 4.0.0, add msgpack-cpp can-utils: rrecommend iproute2 to make it possible to configure can interfaces fmt: update 7.1.3 -> 8.0.1 spdlog: update 1.8.2 -> 1.9.2 Changqing Li (3): ndpi: upgrade 3.4 -> 4.0 ntopng: upgrade 4.2 -> 5.0 postgresql: upgrade 13.3 -> 13.4 Jan-Simon Moeller (1): Remove patch that produces a segfault in the ptest of lua Joe Slater (1): redis: advance to version 6.2.5 Khem Raj (10): gjs: Remove valgrind dependency on rv32/rv64 toybox-inittab: Use 0BSD for LIC_FILES_CHKSUM python3-kivy: Remove hardcoded include paths python3-kivy: Check for x11 and opengl before enabling the recipe packagegroup-meta-python: Add python3-kivy packagegroup-meta-python: Add python3-portalocker gst-shark: Define SRCREV_FORMAT android-tools: Define SRCREV_FORMAT packagegroup-meta-oe: Add pahole pahole: Add missing rdep for python Kristian Klausen (1): cryptsetup: Add runtime dependency on lvm2-udevrules for udev Martin Jansa (1): python3-regex: upgrade to 2021.8.28 Matteo Croce (2): recipes-devtools: add pahole libbpf: bump to 0.5.0 Mingli Yu (1): polkit: add the CVE tag Patrick Williams (2): gjs: fix typo in RDEPENDS variable name ndisc6: fix typo in DESCRIPTION variable name Peter Morrow (1): libbpf: remove kernel configuration dependency Samuel Dolt (4): python3-alembic: add native and nativesdk to BBCLASSEXTEND python3-editor: add native and nativesdk to BBCLASSEXTEND python3-sqlalchemy: add native and nativesdk to BBCLASSEXTEND python3-portalocker: add recipe Trevor Gamblin (2): python3-pytest-subtests: add recipe python3-pillow: upgrade 8.3.1 -> 8.3.2 Wang Mingyu (3): python3-cryptography-vectors: upgrade 3.4.7 -> 3.4.8 python3-google-api-python-client: upgrade 2.18.0 -> 2.19.1 dnf-plugin-tui: upgrade 1.2 -> 1.3 William A. Kennington III (1): ndisc6: Upgrade 1.0.4 -> 1.0.5 William Huang (1): recipes-devtools: python: add support for Kivy Yi Zhao (4): krb5: fix CVE-2021-36222 krb5: fix CVE-2021-37750 net-snmp: drop unused patch net-snmp: make sure snmpd always exit after displaying usage wangmy (10): cjson: upgrade 1.7.14 -> 1.7.15 libwebsockets: upgrade 4.2.1 -> 4.2.2 monit: upgrade 5.28.1 -> 5.29.0 nlohmann-json: upgrade 3.9.1 -> 3.10.2 cppzmq: upgrade 4.7.1 -> 4.8.0 dfu-util: upgrade 0.10 -> 0.11 libqmi: upgrade 1.30.0 -> 1.30.2 lockfile-progs: upgrade 0.1.18 -> 0.1.19 poppler-data: upgrade 0.4.10 -> 0.4.11 dnsmasq: upgrade 2.85 -> 2.86 zangrc (11): python3-ipython: upgrade 7.26.0 -> 7.27.0 python3-kiwisolver: upgrade 1.3.1 -> 1.3.2 python3-ruamel-yaml: upgrade 0.17.13 -> 0.17.16 python3-traitlets: upgrade 5.0.5 -> 5.1.0 gsl: upgrade 2.6 -> 2.7 crash: upgrade 7.2.9 -> 7.3.0 dash: upgrade 0.5.11.3 -> 0.5.11.5 python3-bitarray: upgrade 2.3.2 -> 2.3.3 python3-lrparsing: upgrade 1.0.16 -> 1.0.17 python3-transitions: upgrade 0.8.8 -> 0.8.9 libxmlb: upgrade 0.3.1 -> 0.3.2 zhengruoqin (15): wireshark: upgrade 3.4.7 -> 3.4.8 uhubctl: upgrade 2.3.0 -> 2.4.0 unclutter-xfixes: upgrade 1.5 -> 1.6 avro-c: upgrade 1.9.2 -> 1.10.2 ctags: upgrade 5.9.20210815 -> 5.9.20210905 xf86-video-nouveau: upgrade 1.0.16 -> 1.0.17 fuse3: upgrade 3.10.4 -> 3.10.5 mosquitto: upgrade 2.0.11 -> 2.0.12 poppler: upgrade 21.08.0 -> 21.09.0 libbytesize: upgrade 2.4 -> 2.6 libeigen: upgrade 3.3.9 -> 3.4.0 libjcat: upgrade 0.1.7 -> 0.1.8 unbound: upgrade 1.12.0 -> 1.13.2 xterm: upgrade 367 -> 368 zchunk: upgrade 1.1.9 -> 1.1.16 Change-Id: I5a866e7773b8c906bc2bd8a4ddf99f006534bf53 Signed-off-by: William A. Kennington III <wak@google.com>
author: William A. Kennington III <wak@google.com> 2021-09-16 02:19:36 +0300
committer: Andrew Geissler <geissonator@yahoo.com> 2021-09-19 20:39:58 +0300
commit: 49e9566eb60669f7b1535f0653aa52a1c9ea8af0 (patch)
tree: d9b5df56dd979a0d096c11d8b14711c9a7aefe57 /meta-openembedded/meta-oe/recipes-devtools/lua
parent: 7f8954e7a7576c28a6773be2f0e306551c0aa754 (diff)
download: openbmc-49e9566eb60669f7b1535f0653aa52a1c9ea8af0.tar.xz
2 files changed, 0 insertions, 168 deletions
diff --git a/meta-openembedded/meta-oe/recipes-devtools/lua/lua/CVE-2020-15945.patch b/meta-openembedded/meta-oe/recipes-devtools/lua/lua/CVE-2020-15945.patch
deleted file mode 100644
index 89ce49148..000000000
--- a/meta-openembedded/meta-oe/recipes-devtools/lua/lua/CVE-2020-15945.patch
+++ /dev/null
@@ -1,167 +0,0 @@
-From d8d344365945a534f700c82c5dd26f704f89fef3 Mon Sep 17 00:00:00 2001
-From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
-Date: Wed, 5 Aug 2020 16:59:58 +0800
-Subject: [PATCH] Fixed bug: invalid 'oldpc' when returning to a function
-
-The field 'L->oldpc' is not always updated when control returns to a
-function; an invalid value can seg. fault when computing 'changedline'.
-(One example is an error in a finalizer; control can return to
-'luaV_execute' without executing 'luaD_poscall'.) Instead of trying to
-fix all possible corner cases, it seems safer to be resilient to invalid
-values for 'oldpc'. Valid but wrong values at most cause an extra call
-to a line hook.
-
-CVE: CVE-2020-15945
-
-[Adjust the code to be applicable to the tree]
-
-Upstream-Status: Backport [https://github.com/lua/lua/commit/a2195644d89812e5b157ce7bac35543e06db05e3]
-
-Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
-Signed-off-by: Joe Slater <joe.slater@@windriver.com>
-
----
- src/ldebug.c | 30 +++++++++++++++---------------
- src/ldebug.h |  4 ++++
- src/ldo.c    |  2 +-
- src/lstate.c |  1 +
- src/lstate.h |  2 +-
- 5 files changed, 22 insertions(+), 17 deletions(-)
-
-diff --git a/src/ldebug.c b/src/ldebug.c
-index 239affb..832b16c 100644
---- a/src/ldebug.c
-+++ b/src/ldebug.c
-@@ -34,9 +34,8 @@
- #define noLuaClosure(f)		((f) == NULL || (f)->c.tt == LUA_TCCL)
- 
- 
--/* Active Lua function (given call info) */
--#define ci_func(ci)		(clLvalue((ci)->func))
--
-+/* inverse of 'pcRel' */
-+#define invpcRel(pc, p)                ((p)->code + (pc) + 1)
- 
- static const char *funcnamefromcode (lua_State *L, CallInfo *ci,
-                                     const char **name);
-@@ -71,20 +70,18 @@ static void swapextra (lua_State *L) {
- 
- /*
- ** This function can be called asynchronously (e.g. during a signal).
--** Fields 'oldpc', 'basehookcount', and 'hookcount' (set by
--** 'resethookcount') are for debug only, and it is no problem if they
--** get arbitrary values (causes at most one wrong hook call). 'hookmask'
--** is an atomic value. We assume that pointers are atomic too (e.g., gcc
--** ensures that for all platforms where it runs). Moreover, 'hook' is
--** always checked before being called (see 'luaD_hook').
-+** Fields 'basehookcount' and 'hookcount' (set by 'resethookcount')
-+** are for debug only, and it is no problem if they get arbitrary
-+** values (causes at most one wrong hook call). 'hookmask' is an atomic
-+** value. We assume that pointers are atomic too (e.g., gcc ensures that
-+** for all platforms where it runs). Moreover, 'hook' is always checked
-+** before being called (see 'luaD_hook').
- */
- LUA_API void lua_sethook (lua_State *L, lua_Hook func, int mask, int count) {
-   if (func == NULL || mask == 0) {  /* turn off hooks? */
-     mask = 0;
-     func = NULL;
-   }
--  if (isLua(L->ci))
--    L->oldpc = L->ci->u.l.savedpc;
-   L->hook = func;
-   L->basehookcount = count;
-   resethookcount(L);
-@@ -665,7 +662,10 @@ l_noret luaG_runerror (lua_State *L, const char *fmt, ...) {
- void luaG_traceexec (lua_State *L) {
-   CallInfo *ci = L->ci;
-   lu_byte mask = L->hookmask;
-+  const Proto *p = ci_func(ci)->p;
-   int counthook = (--L->hookcount == 0 && (mask & LUA_MASKCOUNT));
-+  /* 'L->oldpc' may be invalid; reset it in this case */
-+  int oldpc = (L->oldpc < p->sizecode) ? L->oldpc : 0;
-   if (counthook)
-     resethookcount(L);  /* reset count */
-   else if (!(mask & LUA_MASKLINE))
-@@ -677,15 +677,15 @@ void luaG_traceexec (lua_State *L) {
-   if (counthook)
-     luaD_hook(L, LUA_HOOKCOUNT, -1);  /* call count hook */
-   if (mask & LUA_MASKLINE) {
--    Proto *p = ci_func(ci)->p;
-     int npc = pcRel(ci->u.l.savedpc, p);
-     int newline = getfuncline(p, npc);
-     if (npc == 0 ||  /* call linehook when enter a new function, */
--        ci->u.l.savedpc <= L->oldpc ||  /* when jump back (loop), or when */
--        newline != getfuncline(p, pcRel(L->oldpc, p)))  /* enter a new line */
-+        ci->u.l.savedpc <= invpcRel(oldpc, p) ||  /* when jump back (loop), or when */
-+        newline != getfuncline(p, oldpc))  /* enter a new line */
-       luaD_hook(L, LUA_HOOKLINE, newline);  /* call line hook */
-+
-+    L->oldpc = npc;  /* 'pc' of last call to line hook */
-   }
--  L->oldpc = ci->u.l.savedpc;
-   if (L->status == LUA_YIELD) {  /* did hook yield? */
-     if (counthook)
-       L->hookcount = 1;  /* undo decrement to zero */
-diff --git a/src/ldebug.h b/src/ldebug.h
-index 0e31546..c224cc4 100644
---- a/src/ldebug.h
-+++ b/src/ldebug.h
-@@ -13,6 +13,10 @@
- 
- #define pcRel(pc, p)	(cast(int, (pc) - (p)->code) - 1)
- 
-+/* Active Lua function (given call info) */
-+#define ci_func(ci)            (clLvalue((ci)->func))
-+
-+
- #define getfuncline(f,pc)	(((f)->lineinfo) ? (f)->lineinfo[pc] : -1)
- 
- #define resethookcount(L)	(L->hookcount = L->basehookcount)
-diff --git a/src/ldo.c b/src/ldo.c
-index 90b695f..f66ac1a 100644
---- a/src/ldo.c
-+++ b/src/ldo.c
-@@ -382,7 +382,7 @@ int luaD_poscall (lua_State *L, CallInfo *ci, StkId firstResult, int nres) {
-       luaD_hook(L, LUA_HOOKRET, -1);
-       firstResult = restorestack(L, fr);
-     }
--    L->oldpc = ci->previous->u.l.savedpc;  /* 'oldpc' for caller function */
-+    L->oldpc = pcRel(ci->u.l.savedpc, ci_func(ci)->p);  /* 'oldpc' for caller function */
-   }
-   res = ci->func;  /* res == final position of 1st result */
-   L->ci = ci->previous;  /* back to caller */
-diff --git a/src/lstate.c b/src/lstate.c
-index 9194ac3..3573e36 100644
---- a/src/lstate.c
-+++ b/src/lstate.c
-@@ -236,6 +236,7 @@ static void preinit_thread (lua_State *L, global_State *g) {
-   L->nny = 1;
-   L->status = LUA_OK;
-   L->errfunc = 0;
-+  L->oldpc = 0;
- }
- 
- 
-diff --git a/src/lstate.h b/src/lstate.h
-index a469466..d75eadf 100644
---- a/src/lstate.h
-+++ b/src/lstate.h
-@@ -164,7 +164,6 @@ struct lua_State {
-   StkId top;  /* first free slot in the stack */
-   global_State *l_G;
-   CallInfo *ci;  /* call info for current function */
--  const Instruction *oldpc;  /* last pc traced */
-   StkId stack_last;  /* last free slot in the stack */
-   StkId stack;  /* stack base */
-   UpVal *openupval;  /* list of open upvalues in this stack */
-@@ -174,6 +173,7 @@ struct lua_State {
-   CallInfo base_ci;  /* CallInfo for first level (C calling Lua) */
-   volatile lua_Hook hook;
-   ptrdiff_t errfunc;  /* current error handling function (stack index) */
-+  int oldpc;  /* last pc traced */
-   int stacksize;
-   int basehookcount;
-   int hookcount;
--- 
-2.13.3
-
diff --git a/meta-openembedded/meta-oe/recipes-devtools/lua/lua_5.3.6.bb b/meta-openembedded/meta-oe/recipes-devtools/lua/lua_5.3.6.bb
index f830e0925..af3054dcb 100644
--- a/meta-openembedded/meta-oe/recipes-devtools/lua/lua_5.3.6.bb
+++ b/meta-openembedded/meta-oe/recipes-devtools/lua/lua_5.3.6.bb
@@ -8,7 +8,6 @@ SRC_URI = "http://www.lua.org/ftp/lua-${PV}.tar.gz;name=tarballsrc \
            file://lua.pc.in \
            file://0001-Allow-building-lua-without-readline-on-Linux.patch \
            file://CVE-2020-15888.patch \
-           file://CVE-2020-15945.patch \
            file://0001-Fixed-bug-barriers-cannot-be-active-during-sweep.patch \
            "
author	William A. Kennington III <wak@google.com>	2021-09-16 02:19:36 +0300
committer	Andrew Geissler <geissonator@yahoo.com>	2021-09-19 20:39:58 +0300
commit	49e9566eb60669f7b1535f0653aa52a1c9ea8af0 (patch)
tree	d9b5df56dd979a0d096c11d8b14711c9a7aefe57 /meta-openembedded/meta-oe/recipes-devtools/lua
parent	7f8954e7a7576c28a6773be2f0e306551c0aa754 (diff)
download	openbmc-49e9566eb60669f7b1535f0653aa52a1c9ea8af0.tar.xz