From bba38f38e7e41525c30116a2fe990d113b8157da Mon Sep 17 00:00:00 2001
From: Brad Bishop <bradleyb@fuzziesquirrel.com>
Date: Thu, 23 Aug 2018 16:11:46 +0800
Subject: poky: sumo refresh 51872d3f99..3b8dc3a88e

Update poky to sumo HEAD.

Andrej Valek (1):
      wpa-supplicant: fix CVE-2018-14526

Armin Kuster (2):
      xserver-xorg: config: fix NULL value detection for ID_INPUT being unset
      binutils: Change the ARM assembler's ADR and ADRl pseudo-ops so that they will only set the bottom bit of imported thumb function symbols if the -mthumb-interwork option is active.

Bruce Ashfield (3):
      linux-yocto/4.12: update to v4.12.28
      linux-yocto/4.14: update to v4.14.62
      linux-yocto/4.14: update to v4.14.67

Changqing Li (6):
      libexif: patch for CVE-2017-7544
      squashfs-tools: patch for CVE-2015-4645(4646)
      libcroco: patch for CVE-2017-7960
      libid3tag: patch for CVE-2004-2779
      libice: patch for CVE-2017-2626
      apr-util: fix ptest fail problem

Chen Qi (2):
      util-linux: upgrade 2.32 -> 2.32.1
      busybox: move init related configs to init.cfg

Jagadeesh Krishnanjanappa (2):
      libarchive: CVE-2017-14501
      libcgroup: CVE-2018-14348

Jon Szymaniak (1):
      cve-check.bbclass: detect CVE IDs listed on multiple lines

Joshua Lock (1):
      os-release: fix to install in the expected location

Khem Raj (1):
      serf: Fix Sconstruct build with python 3.7

Konstantin Shemyak (1):
      cve-check.bbclass: do not download the CVE DB in package-specific tasks

Mike Looijmans (1):
      busybox/mdev-mount.sh: Fix partition detect and cleanup mountpoint on fail

Ross Burton (1):
      lrzsz: fix CVE-2018-10195

Sinan Kaya (3):
      busybox: CVE-2017-15874
      libpng: CVE-2018-13785
      sqlite3: CVE-2018-8740

Yadi.hu (1):
      busybox: handle syslog

Yi Zhao (2):
      blktrace: Security fix CVE-2018-10689
      taglib: Security fix CVE-2018-11439

Zheng Ruoqin (1):
      glibc: fix CVE-2018-11237

Change-Id: I2eb1fe6574638de745e4bfc106b86fe797b977c8
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
---
 .../apr-util/0001-Fix-error-handling-in-gdbm.patch | 135 +++++++++++++++++++++
 poky/meta/recipes-support/apr/apr-util_1.6.1.bb    |   1 +
 2 files changed, 136 insertions(+)
 create mode 100644 poky/meta/recipes-support/apr/apr-util/0001-Fix-error-handling-in-gdbm.patch

(limited to 'poky/meta/recipes-support/apr')

diff --git a/poky/meta/recipes-support/apr/apr-util/0001-Fix-error-handling-in-gdbm.patch b/poky/meta/recipes-support/apr/apr-util/0001-Fix-error-handling-in-gdbm.patch
new file mode 100644
index 000000000..57e745331
--- /dev/null
+++ b/poky/meta/recipes-support/apr/apr-util/0001-Fix-error-handling-in-gdbm.patch
@@ -0,0 +1,135 @@
+From 6b638fa9afbeb54dfa19378e391465a5284ce1ad Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Wed, 12 Sep 2018 17:16:36 +0800
+Subject: [PATCH] Fix error handling in gdbm
+
+Only check for gdbm_errno if the return value of the called gdbm_*
+function says so. This fixes apr-util with gdbm 1.14, which does not
+seem to always reset gdbm_errno.
+
+Also make the gdbm driver return error codes starting with
+APR_OS_START_USEERR instead of always returning APR_EGENERAL. This is
+what the berkleydb driver already does.
+
+Also ensure that dsize is 0 if dptr == NULL.
+
+Upstream-Status: Backport[https://svn.apache.org/viewvc?
+view=revision&amp;revision=1825311]
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ dbm/apr_dbm_gdbm.c | 47 +++++++++++++++++++++++++++++------------------
+ 1 file changed, 29 insertions(+), 18 deletions(-)
+
+diff --git a/dbm/apr_dbm_gdbm.c b/dbm/apr_dbm_gdbm.c
+index 749447a..1c86327 100644
+--- a/dbm/apr_dbm_gdbm.c
++++ b/dbm/apr_dbm_gdbm.c
+@@ -36,13 +36,25 @@
+ static apr_status_t g2s(int gerr)
+ {
+     if (gerr == -1) {
+-        /* ### need to fix this */
+-        return APR_EGENERAL;
++        if (gdbm_errno == GDBM_NO_ERROR)
++           return APR_SUCCESS;
++        return APR_OS_START_USEERR + gdbm_errno;
+     }
+ 
+     return APR_SUCCESS;
+ }
+ 
++static apr_status_t gdat2s(datum d)
++{
++    if (d.dptr == NULL) {
++        if (gdbm_errno == GDBM_NO_ERROR || gdbm_errno == GDBM_ITEM_NOT_FOUND)
++           return APR_SUCCESS;
++        return APR_OS_START_USEERR + gdbm_errno;
++   }
++
++    return APR_SUCCESS;
++}
++
+ static apr_status_t datum_cleanup(void *dptr)
+ {
+     if (dptr)
+@@ -53,22 +65,15 @@ static apr_status_t datum_cleanup(void *dptr)
+ 
+ static apr_status_t set_error(apr_dbm_t *dbm, apr_status_t dbm_said)
+ {
+-    apr_status_t rv = APR_SUCCESS;
+ 
+-    /* ### ignore whatever the DBM said (dbm_said); ask it explicitly */
++    dbm->errcode = dbm_said;  
+ 
+-    if ((dbm->errcode = gdbm_errno) == GDBM_NO_ERROR) {
++    if (dbm_said == APR_SUCCESS)
+         dbm->errmsg = NULL;
+-    }
+-    else {
+-        dbm->errmsg = gdbm_strerror(gdbm_errno);
+-        rv = APR_EGENERAL;        /* ### need something better */
+-    }
+-
+-    /* captured it. clear it now. */
+-    gdbm_errno = GDBM_NO_ERROR;
++    else
++        dbm->errmsg = gdbm_strerror(dbm_said - APR_OS_START_USEERR);
+ 
+-    return rv;
++    return dbm_said;
+ }
+ 
+ /* --------------------------------------------------------------------------
+@@ -107,7 +112,7 @@ static apr_status_t vt_gdbm_open(apr_dbm_t **pdb, const char *pathname,
+                      NULL);
+ 
+     if (file == NULL)
+-        return APR_EGENERAL;      /* ### need a better error */
++        return APR_OS_START_USEERR + gdbm_errno;   /* ### need a better error */
+ 
+     /* we have an open database... return it */
+     *pdb = apr_pcalloc(pool, sizeof(**pdb));
+@@ -141,10 +146,12 @@ static apr_status_t vt_gdbm_fetch(apr_dbm_t *dbm, apr_datum_t key,
+     if (pvalue->dptr)
+         apr_pool_cleanup_register(dbm->pool, pvalue->dptr, datum_cleanup,
+                                   apr_pool_cleanup_null);
++    else
++       pvalue->dsize = 0;
+ 
+     /* store the error info into DBM, and return a status code. Also, note
+        that *pvalue should have been cleared on error. */
+-    return set_error(dbm, APR_SUCCESS);
++    return set_error(dbm, gdat2s(rd));
+ }
+ 
+ static apr_status_t vt_gdbm_store(apr_dbm_t *dbm, apr_datum_t key,
+@@ -201,9 +208,11 @@ static apr_status_t vt_gdbm_firstkey(apr_dbm_t *dbm, apr_datum_t *pkey)
+     if (pkey->dptr)
+         apr_pool_cleanup_register(dbm->pool, pkey->dptr, datum_cleanup,
+                                   apr_pool_cleanup_null);
++    else
++        pkey->dsize = 0;
+ 
+     /* store any error info into DBM, and return a status code. */
+-    return set_error(dbm, APR_SUCCESS);
++    return set_error(dbm, gdat2s(rd));
+ }
+ 
+ static apr_status_t vt_gdbm_nextkey(apr_dbm_t *dbm, apr_datum_t *pkey)
+@@ -221,9 +230,11 @@ static apr_status_t vt_gdbm_nextkey(apr_dbm_t *dbm, apr_datum_t *pkey)
+     if (pkey->dptr)
+         apr_pool_cleanup_register(dbm->pool, pkey->dptr, datum_cleanup,
+                                   apr_pool_cleanup_null);
++    else
++       pkey->dsize = 0;
+ 
+     /* store any error info into DBM, and return a status code. */
+-    return set_error(dbm, APR_SUCCESS);
++    return set_error(dbm, gdat2s(rd));
+ }
+ 
+ static void vt_gdbm_freedatum(apr_dbm_t *dbm, apr_datum_t data)
+-- 
+2.7.4
+
diff --git a/poky/meta/recipes-support/apr/apr-util_1.6.1.bb b/poky/meta/recipes-support/apr/apr-util_1.6.1.bb
index 88b4300f9..12d71cbb6 100644
--- a/poky/meta/recipes-support/apr/apr-util_1.6.1.bb
+++ b/poky/meta/recipes-support/apr/apr-util_1.6.1.bb
@@ -13,6 +13,7 @@ SRC_URI = "${APACHE_MIRROR}/apr/${BPN}-${PV}.tar.gz \
            file://configfix.patch \
            file://configure_fixes.patch \
            file://run-ptest \
+           file://0001-Fix-error-handling-in-gdbm.patch \
 "
 
 SRC_URI[md5sum] = "bd502b9a8670a8012c4d90c31a84955f"
-- 
cgit v1.2.3