diff options
Diffstat (limited to 'meta-openembedded/meta-oe')
36 files changed, 751 insertions, 282 deletions
diff --git a/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2020-15803.patch b/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2020-15803.patch new file mode 100644 index 0000000000..2eec4bf327 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2020-15803.patch @@ -0,0 +1,36 @@ +From 4943334fd9bf7dffd49f9e86251ad40b3efe2135 Mon Sep 17 00:00:00 2001 +From: Wang Mingyu <wangmy@cn.fujitsu.com> +Date: Fri, 11 Dec 2020 17:02:20 +0900 +Subject: [PATCH] Fix bug for CVE-2020-15803 + +Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> +--- + frontends/php/include/classes/html/CIFrame.php | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/frontends/php/include/classes/html/CIFrame.php b/frontends/php/include/classes/html/CIFrame.php +index 32220cd..70f2ab5 100644 +--- a/frontends/php/include/classes/html/CIFrame.php ++++ b/frontends/php/include/classes/html/CIFrame.php +@@ -29,6 +29,7 @@ class CIFrame extends CTag { + $this->setHeight($height); + $this->setScrolling($scrolling); + $this->setId($id); ++ $this->setSandbox(); + } + + public function setSrc($value = null) { +@@ -69,4 +70,10 @@ class CIFrame extends CTag { + $this->setAttribute('scrolling', $value); + return $this; + } ++ ++ private function setSandbox() { ++ if (ZBX_IFRAME_SANDBOX !== false) { ++ $this->setAttribute('sandbox', ZBX_IFRAME_SANDBOX); ++ } ++ } + } +-- +2.25.1 + diff --git a/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix_4.4.6.bb b/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix_4.4.6.bb index 0e0ddd5779..98a31879c4 100644 --- a/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix_4.4.6.bb +++ b/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix_4.4.6.bb @@ -26,6 +26,7 @@ PACKAGE_ARCH = "${MACHINE_ARCH}" SRC_URI = "http://jaist.dl.sourceforge.net/project/zabbix/ZABBIX%20Latest%20Stable/${PV}/${BPN}-${PV}.tar.gz \ file://0001-Fix-configure.ac.patch \ file://zabbix-agent.service \ + file://CVE-2020-15803.patch \ " SRC_URI[md5sum] = "e666539220be93b1af38e40f5fbb1f79" diff --git a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb-native_10.4.12.bb b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb-native_10.4.17.bb index e1a038dfa3..e1a038dfa3 100644 --- a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb-native_10.4.12.bb +++ b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb-native_10.4.17.bb diff --git a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb.inc b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb.inc index 95f5acba1f..1a86bc0446 100644 --- a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb.inc +++ b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb.inc @@ -18,11 +18,9 @@ SRC_URI = "https://downloads.mariadb.org/interstitial/${BP}/source/${BP}.tar.gz file://c11_atomics.patch \ file://clang_version_header_conflict.patch \ file://fix-arm-atomic.patch \ - file://0001-Fix-build-breakage-from-lock_guard-error-6161.patch \ - file://0001-Fix-library-LZ4-lookup.patch \ " -SRC_URI[md5sum] = "97d7c0f508c04a31c138fdb24e95dbc4" -SRC_URI[sha256sum] = "fef1e1d38aa253dd8a51006bd15aad184912fce31c446bb69434fcde735aa208" +SRC_URI[md5sum] = "e8193b9cd008b6d7f177f5a5c44c7a9f" +SRC_URI[sha256sum] = "a7b104e264311cd46524ae546ff0c5107978373e4a01cf7fd8a241454548d16e" UPSTREAM_CHECK_URI = "https://github.com/MariaDB/server/releases" diff --git a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/0001-Fix-build-breakage-from-lock_guard-error-6161.patch b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/0001-Fix-build-breakage-from-lock_guard-error-6161.patch deleted file mode 100644 index 87c70617a1..0000000000 --- a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/0001-Fix-build-breakage-from-lock_guard-error-6161.patch +++ /dev/null @@ -1,32 +0,0 @@ -Subject: [PATCH] Fix build breakage from lock_guard error (#6161) - -Summary: -This change fixes a source issue that caused compile time error which -breaks build for many fbcode services in that setup. The size() member -function of channel is a const member, so member variables accessed -within it are implicitly const as well. This caused error when clang -fails to resolve to a constructor that takes std::mutex because the -suitable constructor got rejected due to loss of constness for its -argument. The fix is to add mutable modifier to the lock_ member of -channel. - -Pull Request resolved: https://github.com/facebook/rocksdb/pull/6161 - -Differential Revision: D18967685 - -Pulled By: maysamyabandeh - -Upstream-Status: Backport - -fbshipit-source-id:698b6a5153c3c92eeacb842c467aa28cc350d432 ---- a/storage/rocksdb/rocksdb/util/channel.h -+++ b/storage/rocksdb/rocksdb/util/channel.h -@@ -60,7 +60,7 @@ class channel { - - private: - std::condition_variable cv_; -- std::mutex lock_; -+ mutable std::mutex lock_; - std::queue<T> buffer_; - bool eof_; - }; diff --git a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/0001-Fix-library-LZ4-lookup.patch b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/0001-Fix-library-LZ4-lookup.patch index 574dfd317a..4b90d280ac 100644 --- a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/0001-Fix-library-LZ4-lookup.patch +++ b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/0001-Fix-library-LZ4-lookup.patch @@ -8,15 +8,15 @@ Signed-off-by: Sumit Garg <sumit.garg@linaro.org> cmake/FindLZ4.cmake | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) -diff --git a/cmake/FindLZ4.cmake b/cmake/FindLZ4.cmake -index e97dd63e2b0..2f4694e727c 100644 ---- a/cmake/FindLZ4.cmake -+++ b/cmake/FindLZ4.cmake -@@ -1,5 +1,10 @@ --find_path(LZ4_INCLUDE_DIR NAMES lz4.h) --find_library(LZ4_LIBRARY NAMES lz4) +Index: mariadb-10.4.17/cmake/FindLZ4.cmake +=================================================================== +--- mariadb-10.4.17.orig/cmake/FindLZ4.cmake ++++ mariadb-10.4.17/cmake/FindLZ4.cmake +@@ -1,5 +1,11 @@ + find_path(LZ4_INCLUDE_DIR NAMES lz4.h) +-find_library(LZ4_LIBRARIES NAMES lz4) +find_path(LZ4_INCLUDE_DIR -+ NAMES lz4.h ++ NAMES lz4.h + NO_DEFAULT_PATH NO_CMAKE_FIND_ROOT_PATH) + +find_library(LZ4_LIBRARY @@ -25,6 +25,3 @@ index e97dd63e2b0..2f4694e727c 100644 include(FindPackageHandleStandardArgs) FIND_PACKAGE_HANDLE_STANDARD_ARGS( --- -2.17.1 - diff --git a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/c11_atomics.patch b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/c11_atomics.patch index 169986130c..b1ce963602 100644 --- a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/c11_atomics.patch +++ b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/c11_atomics.patch @@ -10,9 +10,11 @@ Date: Fri Dec 21 19:14:04 2018 +0200 Upstream-Status: Pending Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- a/configure.cmake -+++ b/configure.cmake -@@ -926,7 +926,25 @@ int main() +Index: mariadb-10.4.17/configure.cmake +=================================================================== +--- mariadb-10.4.17.orig/configure.cmake ++++ mariadb-10.4.17/configure.cmake +@@ -863,7 +863,25 @@ int main() long long int *ptr= &var; return (int)__atomic_load_n(ptr, __ATOMIC_SEQ_CST); }" @@ -39,10 +41,12 @@ Signed-off-by: Khem Raj <raj.khem@gmail.com> IF(WITH_VALGRIND) SET(HAVE_valgrind 1) ---- a/mysys/CMakeLists.txt -+++ b/mysys/CMakeLists.txt +Index: mariadb-10.4.17/mysys/CMakeLists.txt +=================================================================== +--- mariadb-10.4.17.orig/mysys/CMakeLists.txt ++++ mariadb-10.4.17/mysys/CMakeLists.txt @@ -78,6 +78,10 @@ TARGET_LINK_LIBRARIES(mysys dbug strings - ${LIBNSL} ${LIBM} ${LIBRT} ${LIBDL} ${LIBSOCKET} ${LIBEXECINFO} ${CRC32_LIBRARY}) + ${LIBNSL} ${LIBM} ${LIBRT} ${CMAKE_DL_LIBS} ${LIBSOCKET} ${LIBEXECINFO} ${CRC32_LIBRARY}) DTRACE_INSTRUMENT(mysys) +IF (HAVE_GCC_C11_ATOMICS_WITH_LIBATOMIC) @@ -52,9 +56,11 @@ Signed-off-by: Khem Raj <raj.khem@gmail.com> IF(HAVE_BFD_H) TARGET_LINK_LIBRARIES(mysys bfd) ENDIF(HAVE_BFD_H) ---- a/sql/CMakeLists.txt -+++ b/sql/CMakeLists.txt -@@ -178,6 +178,10 @@ ELSE() +Index: mariadb-10.4.17/sql/CMakeLists.txt +=================================================================== +--- mariadb-10.4.17.orig/sql/CMakeLists.txt ++++ mariadb-10.4.17/sql/CMakeLists.txt +@@ -196,6 +196,10 @@ ELSE() SET(MYSQLD_SOURCE main.cc ${DTRACE_PROBES_ALL}) ENDIF() diff --git a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/configure.cmake-fix-valgrind.patch b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/configure.cmake-fix-valgrind.patch index ac94279585..162b1e295b 100644 --- a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/configure.cmake-fix-valgrind.patch +++ b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/configure.cmake-fix-valgrind.patch @@ -21,11 +21,11 @@ Signed-off-by: Mingli Yu <mingli.yu@windriver.com> configure.cmake | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) -diff --git a/configure.cmake b/configure.cmake -index 3cfc4b31..d017b3b3 100644 ---- a/configure.cmake -+++ b/configure.cmake -@@ -930,10 +930,9 @@ HAVE_GCC_C11_ATOMICS) +Index: mariadb-10.4.17/configure.cmake +=================================================================== +--- mariadb-10.4.17.orig/configure.cmake ++++ mariadb-10.4.17/configure.cmake +@@ -867,10 +867,9 @@ HAVE_GCC_C11_ATOMICS) IF(WITH_VALGRIND) SET(HAVE_valgrind 1) diff --git a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/fix-a-building-failure.patch b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/fix-a-building-failure.patch index 9149ee21f2..5fc94835ea 100644 --- a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/fix-a-building-failure.patch +++ b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/fix-a-building-failure.patch @@ -14,11 +14,11 @@ Signed-off-by: Mingli Yu <mingli.yu@windriver.com> CMakeLists.txt | 5 ----- 1 file changed, 5 deletions(-) -diff --git a/CMakeLists.txt b/CMakeLists.txt -index fc30750..4f9110e 100644 ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -347,11 +347,6 @@ CHECK_PCRE() +Index: mariadb-10.4.17/CMakeLists.txt +=================================================================== +--- mariadb-10.4.17.orig/CMakeLists.txt ++++ mariadb-10.4.17/CMakeLists.txt +@@ -376,11 +376,6 @@ CHECK_PCRE() CHECK_SYSTEMD() @@ -30,6 +30,3 @@ index fc30750..4f9110e 100644 # # Setup maintainer mode options. Platform checks are # not run with the warning options as to not perturb fragile checks --- -2.17.1 - diff --git a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/fix-arm-atomic.patch b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/fix-arm-atomic.patch index 05b0cf8ff7..db72709439 100644 --- a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/fix-arm-atomic.patch +++ b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/fix-arm-atomic.patch @@ -15,11 +15,11 @@ Signed-off-by: Mingli Yu <mingli.yu@windriver.com> storage/rocksdb/build_rocksdb.cmake | 3 +++ 1 file changed, 3 insertions(+) -diff --git a/storage/rocksdb/build_rocksdb.cmake b/storage/rocksdb/build_rocksdb.cmake -index d7895b0..3bcd52a 100644 ---- a/storage/rocksdb/build_rocksdb.cmake -+++ b/storage/rocksdb/build_rocksdb.cmake -@@ -470,6 +470,9 @@ list(APPEND SOURCES ${CMAKE_CURRENT_BINARY_DIR}/build_version.cc) +Index: mariadb-10.4.17/storage/rocksdb/build_rocksdb.cmake +=================================================================== +--- mariadb-10.4.17.orig/storage/rocksdb/build_rocksdb.cmake ++++ mariadb-10.4.17/storage/rocksdb/build_rocksdb.cmake +@@ -498,6 +498,9 @@ list(APPEND SOURCES ${CMAKE_CURRENT_BINA ADD_CONVENIENCE_LIBRARY(rocksdblib ${SOURCES}) target_link_libraries(rocksdblib ${THIRDPARTY_LIBS} ${SYSTEM_LIBS}) @@ -29,6 +29,3 @@ index d7895b0..3bcd52a 100644 IF(CMAKE_CXX_COMPILER_ID MATCHES "GNU" OR CMAKE_CXX_COMPILER_ID MATCHES "Clang") set_target_properties(rocksdblib PROPERTIES COMPILE_FLAGS "-fPIC -fno-builtin-memcmp -Wno-error") endif() --- -2.7.4 - diff --git a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/sql-CMakeLists.txt-fix-gen_lex_hash-not-found.patch b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/sql-CMakeLists.txt-fix-gen_lex_hash-not-found.patch index afc1be47b5..16cd584da9 100644 --- a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/sql-CMakeLists.txt-fix-gen_lex_hash-not-found.patch +++ b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/sql-CMakeLists.txt-fix-gen_lex_hash-not-found.patch @@ -15,11 +15,11 @@ Signed-off-by: Mingli Yu <mingli.yu@windriver.com> sql/CMakeLists.txt | 30 ++++++++++++++++++++---------- 1 file changed, 20 insertions(+), 10 deletions(-) -diff --git a/sql/CMakeLists.txt b/sql/CMakeLists.txt -index c6910f46..bf51f4cb 100644 ---- a/sql/CMakeLists.txt -+++ b/sql/CMakeLists.txt -@@ -50,11 +50,16 @@ ${WSREP_INCLUDES} +Index: mariadb-10.4.17/sql/CMakeLists.txt +=================================================================== +--- mariadb-10.4.17.orig/sql/CMakeLists.txt ++++ mariadb-10.4.17/sql/CMakeLists.txt +@@ -55,11 +55,16 @@ ${CMAKE_BINARY_DIR}/sql @@ -41,7 +41,7 @@ index c6910f46..bf51f4cb 100644 ADD_DEFINITIONS(-DMYSQL_SERVER -DHAVE_EVENT_SCHEDULER) -@@ -370,11 +375,16 @@ IF(NOT CMAKE_CROSSCOMPILING) +@@ -364,11 +369,16 @@ IF(NOT CMAKE_CROSSCOMPILING) ADD_EXECUTABLE(gen_lex_hash gen_lex_hash.cc) ENDIF() diff --git a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/support-files-CMakeLists.txt-fix-do_populate_sysroot.patch b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/support-files-CMakeLists.txt-fix-do_populate_sysroot.patch index 4f9a4e9b0e..937d13da31 100644 --- a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/support-files-CMakeLists.txt-fix-do_populate_sysroot.patch +++ b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb/support-files-CMakeLists.txt-fix-do_populate_sysroot.patch @@ -15,11 +15,11 @@ Signed-off-by: Mingli Yu <mingli.yu@windriver.com> support-files/CMakeLists.txt | 7 ------- 1 file changed, 7 deletions(-) -diff --git a/support-files/CMakeLists.txt b/support-files/CMakeLists.txt -index b5767432..56733de1 100644 ---- a/support-files/CMakeLists.txt -+++ b/support-files/CMakeLists.txt -@@ -165,12 +165,5 @@ IF(UNIX) +Index: mariadb-10.4.17/support-files/CMakeLists.txt +=================================================================== +--- mariadb-10.4.17.orig/support-files/CMakeLists.txt ++++ mariadb-10.4.17/support-files/CMakeLists.txt +@@ -192,12 +192,5 @@ IF(UNIX) INSTALL(FILES rpm/enable_encryption.preset DESTINATION ${INSTALL_SYSCONF2DIR} COMPONENT IniFiles) ENDIF() diff --git a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb_10.4.12.bb b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb_10.4.17.bb index c0b53379d9..c0b53379d9 100644 --- a/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb_10.4.12.bb +++ b/meta-openembedded/meta-oe/recipes-dbs/mysql/mariadb_10.4.17.bb diff --git a/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_12.4.bb b/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_12.5.bb index 6ea9acc000..047509510f 100644 --- a/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_12.4.bb +++ b/meta-openembedded/meta-oe/recipes-dbs/postgresql/postgresql_12.5.bb @@ -8,4 +8,4 @@ SRC_URI += "\ file://0001-Improve-reproducibility.patch \ " -SRC_URI[sha256sum] = "bee93fbe2c32f59419cb162bcc0145c58da9a8644ee154a30b9a5ce47de606cc" +SRC_URI[sha256sum] = "bd0d25341d9578b5473c9506300022de26370879581f5fddd243a886ce79ff95" diff --git a/meta-openembedded/meta-oe/recipes-devtools/lua/lua/0001-Fixed-bug-barriers-cannot-be-active-during-sweep.patch b/meta-openembedded/meta-oe/recipes-devtools/lua/lua/0001-Fixed-bug-barriers-cannot-be-active-during-sweep.patch new file mode 100644 index 0000000000..a302874d76 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-devtools/lua/lua/0001-Fixed-bug-barriers-cannot-be-active-during-sweep.patch @@ -0,0 +1,90 @@ +From 1e6df25ac28dcd89f0324177bb55019422404b44 Mon Sep 17 00:00:00 2001 +From: Roberto Ierusalimschy <roberto@inf.puc-rio.br> +Date: Thu, 3 Sep 2020 15:32:17 +0800 +Subject: [PATCH] Fixed bug: barriers cannot be active during sweep + +Barriers cannot be active during sweep, even in generational mode. +(Although gen. mode is not incremental, it can hit a barrier when +deleting a thread and closing its upvalues.) The colors of objects are +being changed during sweep and, therefore, cannot be trusted. + +Upstream-Status: Backport [https://github.com/lua/lua/commit/a6da1472c0c5e05ff249325f979531ad51533110] +CVE: CVE-2020-24371 + +[Adjust code KGC_INC -> KGC_NORMAL, refer 69371c4b84becac09c445aae01d005b49658ef82] +Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com> +--- + src/lgc.c | 33 ++++++++++++++++++++++++--------- + 1 file changed, 24 insertions(+), 9 deletions(-) + +diff --git a/src/lgc.c b/src/lgc.c +index 973c269..7af23d5 100644 +--- a/src/lgc.c ++++ b/src/lgc.c +@@ -142,10 +142,17 @@ static int iscleared (global_State *g, const TValue *o) { + + + /* +-** barrier that moves collector forward, that is, mark the white object +-** being pointed by a black object. (If in sweep phase, clear the black +-** object to white [sweep it] to avoid other barrier calls for this +-** same object.) ++** Barrier that moves collector forward, that is, marks the white object ++** 'v' being pointed by the black object 'o'. In the generational ++** mode, 'v' must also become old, if 'o' is old; however, it cannot ++** be changed directly to OLD, because it may still point to non-old ++** objects. So, it is marked as OLD0. In the next cycle it will become ++** OLD1, and in the next it will finally become OLD (regular old). By ++** then, any object it points to will also be old. If called in the ++** incremental sweep phase, it clears the black object to white (sweep ++** it) to avoid other barrier calls for this same object. (That cannot ++** be done is generational mode, as its sweep does not distinguish ++** whites from deads.) + */ + void luaC_barrier_ (lua_State *L, GCObject *o, GCObject *v) { + global_State *g = G(L); +@@ -154,7 +161,8 @@ void luaC_barrier_ (lua_State *L, GCObject *o, GCObject *v) { + reallymarkobject(g, v); /* restore invariant */ + else { /* sweep phase */ + lua_assert(issweepphase(g)); +- makewhite(g, o); /* mark main obj. as white to avoid other barriers */ ++ if (g->gckind == KGC_NORMAL) /* incremental mode? */ ++ makewhite(g, o); /* mark 'o' as white to avoid other barriers */ + } + } + +@@ -299,10 +307,15 @@ static void markbeingfnz (global_State *g) { + + + /* +-** Mark all values stored in marked open upvalues from non-marked threads. +-** (Values from marked threads were already marked when traversing the +-** thread.) Remove from the list threads that no longer have upvalues and +-** not-marked threads. ++** For each non-marked thread, simulates a barrier between each open ++** upvalue and its value. (If the thread is collected, the value will be ++** assigned to the upvalue, but then it can be too late for the barrier ++** to act. The "barrier" does not need to check colors: A non-marked ++** thread must be young; upvalues cannot be older than their threads; so ++** any visited upvalue must be young too.) Also removes the thread from ++** the list, as it was already visited. Removes also threads with no ++** upvalues, as they have nothing to be checked. (If the thread gets an ++** upvalue later, it will be linked in the list again.) + */ + static void remarkupvals (global_State *g) { + lua_State *thread; +@@ -313,9 +326,11 @@ static void remarkupvals (global_State *g) { + p = &thread->twups; /* keep marked thread with upvalues in the list */ + else { /* thread is not marked or without upvalues */ + UpVal *uv; ++ lua_assert(!isold(thread) || thread->openupval == NULL); + *p = thread->twups; /* remove thread from the list */ + thread->twups = thread; /* mark that it is out of list */ + for (uv = thread->openupval; uv != NULL; uv = uv->u.open.next) { ++ lua_assert(getage(uv) <= getage(thread)); + if (uv->u.open.touched) { + markvalue(g, uv->v); /* remark upvalue's value */ + uv->u.open.touched = 0; +-- +1.9.1 + diff --git a/meta-openembedded/meta-oe/recipes-devtools/lua/lua/CVE-2020-15945.patch b/meta-openembedded/meta-oe/recipes-devtools/lua/lua/CVE-2020-15945.patch new file mode 100644 index 0000000000..89ce491487 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-devtools/lua/lua/CVE-2020-15945.patch @@ -0,0 +1,167 @@ +From d8d344365945a534f700c82c5dd26f704f89fef3 Mon Sep 17 00:00:00 2001 +From: Roberto Ierusalimschy <roberto@inf.puc-rio.br> +Date: Wed, 5 Aug 2020 16:59:58 +0800 +Subject: [PATCH] Fixed bug: invalid 'oldpc' when returning to a function + +The field 'L->oldpc' is not always updated when control returns to a +function; an invalid value can seg. fault when computing 'changedline'. +(One example is an error in a finalizer; control can return to +'luaV_execute' without executing 'luaD_poscall'.) Instead of trying to +fix all possible corner cases, it seems safer to be resilient to invalid +values for 'oldpc'. Valid but wrong values at most cause an extra call +to a line hook. + +CVE: CVE-2020-15945 + +[Adjust the code to be applicable to the tree] + +Upstream-Status: Backport [https://github.com/lua/lua/commit/a2195644d89812e5b157ce7bac35543e06db05e3] + +Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com> +Signed-off-by: Joe Slater <joe.slater@@windriver.com> + +--- + src/ldebug.c | 30 +++++++++++++++--------------- + src/ldebug.h | 4 ++++ + src/ldo.c | 2 +- + src/lstate.c | 1 + + src/lstate.h | 2 +- + 5 files changed, 22 insertions(+), 17 deletions(-) + +diff --git a/src/ldebug.c b/src/ldebug.c +index 239affb..832b16c 100644 +--- a/src/ldebug.c ++++ b/src/ldebug.c +@@ -34,9 +34,8 @@ + #define noLuaClosure(f) ((f) == NULL || (f)->c.tt == LUA_TCCL) + + +-/* Active Lua function (given call info) */ +-#define ci_func(ci) (clLvalue((ci)->func)) +- ++/* inverse of 'pcRel' */ ++#define invpcRel(pc, p) ((p)->code + (pc) + 1) + + static const char *funcnamefromcode (lua_State *L, CallInfo *ci, + const char **name); +@@ -71,20 +70,18 @@ static void swapextra (lua_State *L) { + + /* + ** This function can be called asynchronously (e.g. during a signal). +-** Fields 'oldpc', 'basehookcount', and 'hookcount' (set by +-** 'resethookcount') are for debug only, and it is no problem if they +-** get arbitrary values (causes at most one wrong hook call). 'hookmask' +-** is an atomic value. We assume that pointers are atomic too (e.g., gcc +-** ensures that for all platforms where it runs). Moreover, 'hook' is +-** always checked before being called (see 'luaD_hook'). ++** Fields 'basehookcount' and 'hookcount' (set by 'resethookcount') ++** are for debug only, and it is no problem if they get arbitrary ++** values (causes at most one wrong hook call). 'hookmask' is an atomic ++** value. We assume that pointers are atomic too (e.g., gcc ensures that ++** for all platforms where it runs). Moreover, 'hook' is always checked ++** before being called (see 'luaD_hook'). + */ + LUA_API void lua_sethook (lua_State *L, lua_Hook func, int mask, int count) { + if (func == NULL || mask == 0) { /* turn off hooks? */ + mask = 0; + func = NULL; + } +- if (isLua(L->ci)) +- L->oldpc = L->ci->u.l.savedpc; + L->hook = func; + L->basehookcount = count; + resethookcount(L); +@@ -665,7 +662,10 @@ l_noret luaG_runerror (lua_State *L, const char *fmt, ...) { + void luaG_traceexec (lua_State *L) { + CallInfo *ci = L->ci; + lu_byte mask = L->hookmask; ++ const Proto *p = ci_func(ci)->p; + int counthook = (--L->hookcount == 0 && (mask & LUA_MASKCOUNT)); ++ /* 'L->oldpc' may be invalid; reset it in this case */ ++ int oldpc = (L->oldpc < p->sizecode) ? L->oldpc : 0; + if (counthook) + resethookcount(L); /* reset count */ + else if (!(mask & LUA_MASKLINE)) +@@ -677,15 +677,15 @@ void luaG_traceexec (lua_State *L) { + if (counthook) + luaD_hook(L, LUA_HOOKCOUNT, -1); /* call count hook */ + if (mask & LUA_MASKLINE) { +- Proto *p = ci_func(ci)->p; + int npc = pcRel(ci->u.l.savedpc, p); + int newline = getfuncline(p, npc); + if (npc == 0 || /* call linehook when enter a new function, */ +- ci->u.l.savedpc <= L->oldpc || /* when jump back (loop), or when */ +- newline != getfuncline(p, pcRel(L->oldpc, p))) /* enter a new line */ ++ ci->u.l.savedpc <= invpcRel(oldpc, p) || /* when jump back (loop), or when */ ++ newline != getfuncline(p, oldpc)) /* enter a new line */ + luaD_hook(L, LUA_HOOKLINE, newline); /* call line hook */ ++ ++ L->oldpc = npc; /* 'pc' of last call to line hook */ + } +- L->oldpc = ci->u.l.savedpc; + if (L->status == LUA_YIELD) { /* did hook yield? */ + if (counthook) + L->hookcount = 1; /* undo decrement to zero */ +diff --git a/src/ldebug.h b/src/ldebug.h +index 0e31546..c224cc4 100644 +--- a/src/ldebug.h ++++ b/src/ldebug.h +@@ -13,6 +13,10 @@ + + #define pcRel(pc, p) (cast(int, (pc) - (p)->code) - 1) + ++/* Active Lua function (given call info) */ ++#define ci_func(ci) (clLvalue((ci)->func)) ++ ++ + #define getfuncline(f,pc) (((f)->lineinfo) ? (f)->lineinfo[pc] : -1) + + #define resethookcount(L) (L->hookcount = L->basehookcount) +diff --git a/src/ldo.c b/src/ldo.c +index 90b695f..f66ac1a 100644 +--- a/src/ldo.c ++++ b/src/ldo.c +@@ -382,7 +382,7 @@ int luaD_poscall (lua_State *L, CallInfo *ci, StkId firstResult, int nres) { + luaD_hook(L, LUA_HOOKRET, -1); + firstResult = restorestack(L, fr); + } +- L->oldpc = ci->previous->u.l.savedpc; /* 'oldpc' for caller function */ ++ L->oldpc = pcRel(ci->u.l.savedpc, ci_func(ci)->p); /* 'oldpc' for caller function */ + } + res = ci->func; /* res == final position of 1st result */ + L->ci = ci->previous; /* back to caller */ +diff --git a/src/lstate.c b/src/lstate.c +index 9194ac3..3573e36 100644 +--- a/src/lstate.c ++++ b/src/lstate.c +@@ -236,6 +236,7 @@ static void preinit_thread (lua_State *L, global_State *g) { + L->nny = 1; + L->status = LUA_OK; + L->errfunc = 0; ++ L->oldpc = 0; + } + + +diff --git a/src/lstate.h b/src/lstate.h +index a469466..d75eadf 100644 +--- a/src/lstate.h ++++ b/src/lstate.h +@@ -164,7 +164,6 @@ struct lua_State { + StkId top; /* first free slot in the stack */ + global_State *l_G; + CallInfo *ci; /* call info for current function */ +- const Instruction *oldpc; /* last pc traced */ + StkId stack_last; /* last free slot in the stack */ + StkId stack; /* stack base */ + UpVal *openupval; /* list of open upvalues in this stack */ +@@ -174,6 +173,7 @@ struct lua_State { + CallInfo base_ci; /* CallInfo for first level (C calling Lua) */ + volatile lua_Hook hook; + ptrdiff_t errfunc; /* current error handling function (stack index) */ ++ int oldpc; /* last pc traced */ + int stacksize; + int basehookcount; + int hookcount; +-- +2.13.3 + diff --git a/meta-openembedded/meta-oe/recipes-devtools/lua/lua_5.3.5.bb b/meta-openembedded/meta-oe/recipes-devtools/lua/lua_5.3.6.bb index d3461b06de..342ed1b547 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/lua/lua_5.3.5.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/lua/lua_5.3.6.bb @@ -1,13 +1,15 @@ DESCRIPTION = "Lua is a powerful light-weight programming language designed \ for extending applications." LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://doc/readme.html;beginline=318;endline=352;md5=60aa5cfdbd40086501778d9b6ebf29ee" +LIC_FILES_CHKSUM = "file://doc/readme.html;beginline=318;endline=352;md5=f43d8ee6bc4df18ef8b276439cc4a153" HOMEPAGE = "http://www.lua.org/" SRC_URI = "http://www.lua.org/ftp/lua-${PV}.tar.gz;name=tarballsrc \ file://lua.pc.in \ file://0001-Allow-building-lua-without-readline-on-Linux.patch \ file://CVE-2020-15888.patch \ + file://CVE-2020-15945.patch \ + file://0001-Fixed-bug-barriers-cannot-be-active-during-sweep.patch \ " # if no test suite matches PV release of Lua exactly, download the suite for the closest Lua release. @@ -18,8 +20,8 @@ SRC_URI += "${@bb.utils.contains('DISTRO_FEATURES', 'ptest', \ file://run-ptest \ ', '', d)}" -SRC_URI[tarballsrc.md5sum] = "4f4b4f323fd3514a68e0ab3da8ce3455" -SRC_URI[tarballsrc.sha256sum] = "0c2eed3f960446e1a3e4b9a1ca2f3ff893b6ce41942cf54d5dd59ab4b3b058ac" +SRC_URI[tarballsrc.md5sum] = "83f23dbd5230140a3770d5f54076948d" +SRC_URI[tarballsrc.sha256sum] = "fc5fd69bb8736323f026672b1b7235da613d7177e72558893a0bdcd320466d60" SRC_URI[tarballtest.md5sum] = "b14fe3748c1cb2d74e3acd1943629ba3" SRC_URI[tarballtest.sha256sum] = "b80771238271c72565e5a1183292ef31bd7166414cd0d43a8eb79845fa7f599f" diff --git a/meta-openembedded/meta-oe/recipes-devtools/mcpp/files/CVE-2019-14274.patch b/meta-openembedded/meta-oe/recipes-devtools/mcpp/files/CVE-2019-14274.patch new file mode 100644 index 0000000000..a0c6584ecb --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-devtools/mcpp/files/CVE-2019-14274.patch @@ -0,0 +1,34 @@ +From ea453aca2742be6ac43ba4ce0da6f938a7e5a5d8 Mon Sep 17 00:00:00 2001 +From: He Liu <liulonnie@gmail.com> +Date: Tue, 4 Feb 2014 11:00:40 -0800 +Subject: [PATCH] line comment bug + +--- + src/support.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/support.c b/src/support.c +index c57eaef..e3357e4 100644 +--- a/src/support.c ++++ b/src/support.c +@@ -188,7 +188,7 @@ static char * append_to_buffer( + size_t length + ) + { +- if (mem_buf_p->bytes_avail < length) { /* Need to allocate more memory */ ++ if (mem_buf_p->bytes_avail < length + 1) { /* Need to allocate more memory */ + size_t size = MAX( BUF_INCR_SIZE, length); + + if (mem_buf_p->buffer == NULL) { /* 1st append */ +@@ -1722,6 +1722,8 @@ com_start: + sp -= 2; + while (*sp != '\n') /* Until end of line */ + mcpp_fputc( *sp++, OUT); ++ mcpp_fputc('\n', OUT); ++ wrong_line = TRUE; + } + goto end_line; + default: /* Not a comment */ +-- +2.25.1 + diff --git a/meta-openembedded/meta-oe/recipes-devtools/mcpp/files/ice-mcpp.patch b/meta-openembedded/meta-oe/recipes-devtools/mcpp/files/ice-mcpp.patch index 8103cf0920..1df3ae55bc 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/mcpp/files/ice-mcpp.patch +++ b/meta-openembedded/meta-oe/recipes-devtools/mcpp/files/ice-mcpp.patch @@ -114,37 +114,6 @@ diff -r -c -N ../mcpp-2.7.2-old/src/main.c ./src/main.c } int mcpp_lib_main -diff -r -c -N ../mcpp-2.7.2-old/src/support.c ./src/support.c -*** ../mcpp-2.7.2-old/src/support.c Tue Jun 10 06:02:33 2008 ---- ./src/support.c Fri May 14 12:40:56 2010 -*************** -*** 188,194 **** - size_t length - ) - { -! if (mem_buf_p->bytes_avail < length) { /* Need to allocate more memory */ - size_t size = MAX( BUF_INCR_SIZE, length); - - if (mem_buf_p->buffer == NULL) { /* 1st append */ ---- 188,194 ---- - size_t length - ) - { -! if (mem_buf_p->bytes_avail < length + 1) { /* Need to allocate more memory */ - size_t size = MAX( BUF_INCR_SIZE, length); - - if (mem_buf_p->buffer == NULL) { /* 1st append */ -*************** -*** 1722,1727 **** ---- 1722,1729 ---- - sp -= 2; - while (*sp != '\n') /* Until end of line */ - mcpp_fputc( *sp++, OUT); -+ mcpp_fputc( '\n', OUT); -+ wrong_line = TRUE; - } - goto end_line; - default: /* Not a comment */ diff -r -c -N ../mcpp-2.7.2-old/src/system.c ./src/system.c *** ../mcpp-2.7.2-old/src/system.c 2008-11-26 10:53:51.000000000 +0100 --- ./src/system.c 2011-02-21 16:18:05.678058106 +0100 diff --git a/meta-openembedded/meta-oe/recipes-devtools/mcpp/mcpp_2.7.2.bb b/meta-openembedded/meta-oe/recipes-devtools/mcpp/mcpp_2.7.2.bb index b5ca495663..f8125f72d9 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/mcpp/mcpp_2.7.2.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/mcpp/mcpp_2.7.2.bb @@ -4,7 +4,8 @@ LICENSE = "BSD-2-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=5ca370b75ec890321888a00cea9bc1d5" SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.gz \ - file://ice-mcpp.patch " + file://ice-mcpp.patch \ + file://CVE-2019-14274.patch" SRC_URI[md5sum] = "512de48c87ab023a69250edc7a0c7b05" SRC_URI[sha256sum] = "3b9b4421888519876c4fc68ade324a3bbd81ceeb7092ecdbbc2055099fcb8864" diff --git a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0001-Remove-use-of-register-r7-because-llvm-now-issues-an.patch b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0001-Remove-use-of-register-r7-because-llvm-now-issues-an.patch new file mode 100644 index 0000000000..a23f1c243e --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0001-Remove-use-of-register-r7-because-llvm-now-issues-an.patch @@ -0,0 +1,53 @@ +From be8d3cd6eab4b8f9849133060abb1aba4400276b Mon Sep 17 00:00:00 2001 +From: Amy Huang <akhuang@google.com> +Date: Thu, 23 Apr 2020 11:25:53 -0700 +Subject: [PATCH] Remove use of register r7 because llvm now issues an error + when "r7" is used (starting in commit d85b3877) + +Bug: chromium:1073270 +Change-Id: I7ec8112f170b98d2edaf92bc9341e738f8de07a3 +Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2163435 +Reviewed-by: Nico Weber <thakis@chromium.org> +Reviewed-by: Ross McIlroy <rmcilroy@chromium.org> +Commit-Queue: Nico Weber <thakis@chromium.org> +Cr-Commit-Position: refs/heads/master@{#67371} +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- +Upstream-Status: Backport [https://chromium.googlesource.com/v8/v8/+/00604cd2806b5d26bef592dd19989a234bd07a4b%5E%21/] + deps/v8/src/codegen/arm/cpu-arm.cc | 13 ------------- + 1 file changed, 13 deletions(-) + +diff --git a/deps/v8/src/codegen/arm/cpu-arm.cc b/deps/v8/src/codegen/arm/cpu-arm.cc +index 868f360..654d68f 100644 +--- a/deps/v8/src/codegen/arm/cpu-arm.cc ++++ b/deps/v8/src/codegen/arm/cpu-arm.cc +@@ -30,18 +30,6 @@ V8_NOINLINE void CpuFeatures::FlushICache(void* start, size_t size) { + register uint32_t end asm("r1") = beg + size; + register uint32_t flg asm("r2") = 0; + +-#ifdef __clang__ +- // This variant of the asm avoids a constant pool entry, which can be +- // problematic when LTO'ing. It is also slightly shorter. +- register uint32_t scno asm("r7") = __ARM_NR_cacheflush; +- +- asm volatile("svc 0\n" +- : +- : "r"(beg), "r"(end), "r"(flg), "r"(scno) +- : "memory"); +-#else +- // Use a different variant of the asm with GCC because some versions doesn't +- // support r7 as an asm input. + asm volatile( + // This assembly works for both ARM and Thumb targets. + +@@ -59,7 +47,6 @@ V8_NOINLINE void CpuFeatures::FlushICache(void* start, size_t size) { + : "r"(beg), "r"(end), "r"(flg), [scno] "i"(__ARM_NR_cacheflush) + : "memory"); + #endif +-#endif + #endif // !USE_SIMULATOR + } + +-- +2.29.2 + diff --git a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0001-build-allow-passing-multiple-libs-to-pkg_config.patch b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0001-build-allow-passing-multiple-libs-to-pkg_config.patch deleted file mode 100644 index 13edf229b3..0000000000 --- a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0001-build-allow-passing-multiple-libs-to-pkg_config.patch +++ /dev/null @@ -1,41 +0,0 @@ -From fdaa0e3bef93c5c72a7258b5f1e30718e7d81f9b Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Andr=C3=A9=20Draszik?= <git@andred.net> -Date: Mon, 2 Mar 2020 12:17:09 +0000 -Subject: [PATCH 1/2] build: allow passing multiple libs to pkg_config -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Sometimes it's necessary to pass multiple library names to pkg-config, -e.g. the brotli shared libraries can be pulled in with - pkg-config libbrotlienc libbrotlidec - -Update the code to handle both, strings (as used so far), and lists -of strings. - -Signed-off-by: André Draszik <git@andred.net> ---- -Upstream-Status: Submitted [https://github.com/nodejs/node/pull/32046] - configure.py | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/configure.py b/configure.py -index beb08df088..e3f78f2fed 100755 ---- a/configure.py -+++ b/configure.py -@@ -680,7 +680,11 @@ def pkg_config(pkg): - retval = () - for flag in ['--libs-only-l', '--cflags-only-I', - '--libs-only-L', '--modversion']: -- args += [flag, pkg] -+ args += [flag] -+ if isinstance(pkg, list): -+ args += pkg -+ else: -+ args += [pkg] - try: - proc = subprocess.Popen(shlex.split(pkg_config) + args, - stdout=subprocess.PIPE) --- -2.25.0 - diff --git a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0002-build-allow-use-of-system-installed-brotli.patch b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0002-build-allow-use-of-system-installed-brotli.patch deleted file mode 100644 index fc038f3aae..0000000000 --- a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0002-build-allow-use-of-system-installed-brotli.patch +++ /dev/null @@ -1,66 +0,0 @@ -From f0f927feee8cb1fb173835d5c3f6beb6bf7d5e54 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Andr=C3=A9=20Draszik?= <git@andred.net> -Date: Mon, 2 Mar 2020 12:17:35 +0000 -Subject: [PATCH 2/2] build: allow use of system-installed brotli -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -brotli is available as a shared library since 2016, so it makes sense -to allow its use as a system-installed version. - -Some of the infrastructure was in place already (node.gyp and -node.gypi), but some bits in the configure script here were missing. - -Add them, keeping the default as before, to use the bundled version. - -Refs: https://github.com/google/brotli/pull/421 -Signed-off-by: André Draszik <git@andred.net> ---- -Upstream-Status: Submitted [https://github.com/nodejs/node/pull/32046] - configure.py | 22 ++++++++++++++++++++++ - 1 file changed, 22 insertions(+) - -diff --git a/configure.py b/configure.py -index e3f78f2fed..0190e31b41 100755 ---- a/configure.py -+++ b/configure.py -@@ -301,6 +301,27 @@ shared_optgroup.add_option('--shared-zlib-libpath', - dest='shared_zlib_libpath', - help='a directory to search for the shared zlib DLL') - -+shared_optgroup.add_option('--shared-brotli', -+ action='store_true', -+ dest='shared_brotli', -+ help='link to a shared brotli DLL instead of static linking') -+ -+shared_optgroup.add_option('--shared-brotli-includes', -+ action='store', -+ dest='shared_brotli_includes', -+ help='directory containing brotli header files') -+ -+shared_optgroup.add_option('--shared-brotli-libname', -+ action='store', -+ dest='shared_brotli_libname', -+ default='brotlidec,brotlienc', -+ help='alternative lib name to link to [default: %default]') -+ -+shared_optgroup.add_option('--shared-brotli-libpath', -+ action='store', -+ dest='shared_brotli_libpath', -+ help='a directory to search for the shared brotli DLL') -+ - shared_optgroup.add_option('--shared-cares', - action='store_true', - dest='shared_cares', -@@ -1692,6 +1713,7 @@ configure_napi(output) - configure_library('zlib', output) - configure_library('http_parser', output) - configure_library('libuv', output) -+configure_library('brotli', output, pkgname=['libbrotlidec', 'libbrotlienc']) - configure_library('cares', output, pkgname='libcares') - configure_library('nghttp2', output, pkgname='libnghttp2') - configure_v8(output) --- -2.25.0 - diff --git a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0003-Install-both-binaries-and-use-libdir.patch b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0003-Install-both-binaries-and-use-libdir.patch index 599f742b2f..92386fa779 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0003-Install-both-binaries-and-use-libdir.patch +++ b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0003-Install-both-binaries-and-use-libdir.patch @@ -20,11 +20,9 @@ Signed-off-by: Andreas Müller <schnitzeltony@gmail.com> tools/install.py | 31 ++++++++++++++----------------- 2 files changed, 21 insertions(+), 17 deletions(-) -diff --git a/configure.py b/configure.py -index 20cce214db..e2d78a2a51 100755 --- a/configure.py +++ b/configure.py -@@ -559,6 +559,12 @@ parser.add_option('--shared', +@@ -602,6 +602,12 @@ parser.add_option('--shared', help='compile shared library for embedding node in another project. ' + '(This mode is not officially supported for regular applications)') @@ -37,16 +35,14 @@ index 20cce214db..e2d78a2a51 100755 parser.add_option('--without-v8-platform', action='store_true', dest='without_v8_platform', -@@ -1103,6 +1109,7 @@ def configure_node(o): - if o['variables']['want_separate_host_toolset'] == 0: - o['variables']['node_code_cache'] = 'yes' # For testing +@@ -1168,6 +1174,7 @@ def configure_node(o): + o['variables']['node_no_browser_globals'] = b(options.no_browser_globals) + o['variables']['node_shared'] = b(options.shared) + o['variables']['libdir'] = options.libdir node_module_version = getmoduleversion.get_version() - if sys.platform == 'darwin': -diff --git a/tools/install.py b/tools/install.py -index 655802980a..fe4723bf15 100755 + if options.dest_os == 'android': --- a/tools/install.py +++ b/tools/install.py @@ -121,26 +121,23 @@ def subdir_files(path, dest, action): @@ -72,24 +68,20 @@ index 655802980a..fe4723bf15 100755 - # in its source - see the _InstallableTargetInstallPath function. - if sys.platform != 'darwin': - output_prefix += 'lib.target/' -- -- if 'false' == variables.get('node_shared'): -- action([output_prefix + output_file], 'bin/' + output_file) -- else: -- action([output_prefix + output_file], 'lib/' + output_file) + output_bin = 'node' + output_lib = 'libnode.' + variables.get('shlib_suffix') + # GYP will output to lib.target except on OS X, this is hardcoded + # in its source - see the _InstallableTargetInstallPath function. + if sys.platform != 'darwin': + output_libprefix += 'lib.target/' -+ + +- if 'false' == variables.get('node_shared'): +- action([output_prefix + output_file], 'bin/' + output_file) +- else: +- action([output_prefix + output_file], 'lib/' + output_file) + action([output_prefix + output_bin], 'bin/' + output_bin) + if 'true' == variables.get('node_shared'): + action([output_libprefix + output_lib], variables.get('libdir') + '/' + output_lib) if 'true' == variables.get('node_use_dtrace'): action(['out/Release/node.d'], 'lib/dtrace/node.d') --- -2.20.1 - diff --git a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs_12.14.1.bb b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs_12.20.1.bb index d468fb3ffa..0673a3202d 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs_12.14.1.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs_12.20.1.bb @@ -1,7 +1,7 @@ DESCRIPTION = "nodeJS Evented I/O for V8 JavaScript" HOMEPAGE = "http://nodejs.org" LICENSE = "MIT & BSD & Artistic-2.0" -LIC_FILES_CHKSUM = "file://LICENSE;md5=be4d5107c64dc3d7c57e3797e1a0674b" +LIC_FILES_CHKSUM = "file://LICENSE;md5=8c66ff8861d9f96076a7cb61e3d75f54" DEPENDS = "openssl" DEPENDS_append_class-target = " nodejs-native" @@ -20,16 +20,13 @@ SRC_URI = "http://nodejs.org/dist/v${PV}/node-v${PV}.tar.xz \ file://0003-Install-both-binaries-and-use-libdir.patch \ file://0004-v8-don-t-override-ARM-CFLAGS.patch \ file://big-endian.patch \ - file://0001-build-allow-passing-multiple-libs-to-pkg_config.patch \ - file://0002-build-allow-use-of-system-installed-brotli.patch \ file://mips-warnings.patch \ + file://0001-Remove-use-of-register-r7-because-llvm-now-issues-an.patch \ " SRC_URI_append_class-target = " \ file://0002-Using-native-binaries.patch \ " - -SRC_URI[md5sum] = "1c78a75f5c95321f533ecccca695e814" -SRC_URI[sha256sum] = "877b4b842318b0e09bc754faf7343f2f097f0fc4f88ab9ae57cf9944e88e7adb" +SRC_URI[sha256sum] = "e00eee325d705b2bfa9929b7d061eb2315402d7e8548945eac9870bf84321853" S = "${WORKDIR}/node-v${PV}" @@ -54,7 +51,8 @@ ARCHFLAGS_arm = "${@bb.utils.contains('TUNE_FEATURES', 'callconvention-hard', '- GYP_DEFINES_append_mipsel = " mips_arch_variant='r1' " ARCHFLAGS ?= "" -PACKAGECONFIG ??= "ares brotli icu libuv zlib" +PACKAGECONFIG ??= "ares brotli icu zlib" + PACKAGECONFIG[ares] = "--shared-cares,,c-ares" PACKAGECONFIG[brotli] = "--shared-brotli,,brotli" PACKAGECONFIG[icu] = "--with-intl=system-icu,--without-intl,icu" diff --git a/meta-openembedded/meta-oe/recipes-devtools/php/php/CVE-2020-7069.patch b/meta-openembedded/meta-oe/recipes-devtools/php/php/CVE-2020-7069.patch new file mode 100644 index 0000000000..0cf4d5ed60 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-devtools/php/php/CVE-2020-7069.patch @@ -0,0 +1,158 @@ +Subject: Fix bug #79601 (Wrong ciphertext/tag in AES-CCM encryption + for a 12 bytes IV) + +--- + ext/openssl/openssl.c | 10 ++++----- + ext/openssl/tests/cipher_tests.inc | 21 +++++++++++++++++ + ext/openssl/tests/openssl_decrypt_ccm.phpt | 22 +++++++++++------- + ext/openssl/tests/openssl_encrypt_ccm.phpt | 26 ++++++++++++++-------- + 4 files changed, 57 insertions(+), 22 deletions(-) + +diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c +index 04cb9b0f..fdad2c3b 100644 +--- a/ext/openssl/openssl.c ++++ b/ext/openssl/openssl.c +@@ -6521,11 +6521,6 @@ static int php_openssl_validate_iv(char **piv, size_t *piv_len, size_t iv_requir + { + char *iv_new; + +- /* Best case scenario, user behaved */ +- if (*piv_len == iv_required_len) { +- return SUCCESS; +- } +- + if (mode->is_aead) { + if (EVP_CIPHER_CTX_ctrl(cipher_ctx, mode->aead_ivlen_flag, *piv_len, NULL) != 1) { + php_error_docref(NULL, E_WARNING, "Setting of IV length for AEAD mode failed"); +@@ -6534,6 +6529,11 @@ static int php_openssl_validate_iv(char **piv, size_t *piv_len, size_t iv_requir + return SUCCESS; + } + ++ /* Best case scenario, user behaved */ ++ if (*piv_len == iv_required_len) { ++ return SUCCESS; ++ } ++ + iv_new = ecalloc(1, iv_required_len + 1); + + if (*piv_len == 0) { +diff --git a/ext/openssl/tests/cipher_tests.inc b/ext/openssl/tests/cipher_tests.inc +index b1e46b41..779bfa85 100644 +--- a/ext/openssl/tests/cipher_tests.inc ++++ b/ext/openssl/tests/cipher_tests.inc +@@ -1,5 +1,26 @@ + <?php + $php_openssl_cipher_tests = array( ++ 'aes-128-ccm' => array( ++ array( ++ 'key' => '404142434445464748494a4b4c4d4e4f', ++ 'iv' => '1011121314151617', ++ 'aad' => '000102030405060708090a0b0c0d0e0f', ++ 'tag' => '1fc64fbfaccd', ++ 'pt' => '202122232425262728292a2b2c2d2e2f', ++ 'ct' => 'd2a1f0e051ea5f62081a7792073d593d', ++ ), ++ array( ++ 'key' => '404142434445464748494a4b4c4d4e4f', ++ 'iv' => '101112131415161718191a1b', ++ 'aad' => '000102030405060708090a0b0c0d0e0f' . ++ '10111213', ++ 'tag' => '484392fbc1b09951', ++ 'pt' => '202122232425262728292a2b2c2d2e2f' . ++ '3031323334353637', ++ 'ct' => 'e3b201a9f5b71a7a9b1ceaeccd97e70b' . ++ '6176aad9a4428aa5', ++ ), ++ ), + 'aes-256-ccm' => array( + array( + 'key' => '1bde3251d41a8b5ea013c195ae128b21' . +diff --git a/ext/openssl/tests/openssl_decrypt_ccm.phpt b/ext/openssl/tests/openssl_decrypt_ccm.phpt +index a5f01b87..08ef5bb7 100644 +--- a/ext/openssl/tests/openssl_decrypt_ccm.phpt ++++ b/ext/openssl/tests/openssl_decrypt_ccm.phpt +@@ -10,14 +10,16 @@ if (!in_array('aes-256-ccm', openssl_get_cipher_methods())) + --FILE-- + <?php + require_once __DIR__ . "/cipher_tests.inc"; +-$method = 'aes-256-ccm'; +-$tests = openssl_get_cipher_tests($method); ++$methods = ['aes-128-ccm', 'aes-256-ccm']; + +-foreach ($tests as $idx => $test) { +- echo "TEST $idx\n"; +- $pt = openssl_decrypt($test['ct'], $method, $test['key'], OPENSSL_RAW_DATA, +- $test['iv'], $test['tag'], $test['aad']); +- var_dump($test['pt'] === $pt); ++foreach ($methods as $method) { ++ $tests = openssl_get_cipher_tests($method); ++ foreach ($tests as $idx => $test) { ++ echo "$method - TEST $idx\n"; ++ $pt = openssl_decrypt($test['ct'], $method, $test['key'], OPENSSL_RAW_DATA, ++ $test['iv'], $test['tag'], $test['aad']); ++ var_dump($test['pt'] === $pt); ++ } + } + + // no IV +@@ -32,7 +34,11 @@ var_dump(openssl_decrypt($test['ct'], $method, $test['key'], OPENSSL_RAW_DATA, + + ?> + --EXPECTF-- +-TEST 0 ++aes-128-ccm - TEST 0 ++bool(true) ++aes-128-ccm - TEST 1 ++bool(true) ++aes-256-ccm - TEST 0 + bool(true) + + Warning: openssl_decrypt(): Setting of IV length for AEAD mode failed in %s on line %d +diff --git a/ext/openssl/tests/openssl_encrypt_ccm.phpt b/ext/openssl/tests/openssl_encrypt_ccm.phpt +index fb5dbbc8..8c4c41f8 100644 +--- a/ext/openssl/tests/openssl_encrypt_ccm.phpt ++++ b/ext/openssl/tests/openssl_encrypt_ccm.phpt +@@ -10,15 +10,17 @@ if (!in_array('aes-256-ccm', openssl_get_cipher_methods())) + --FILE-- + <?php + require_once __DIR__ . "/cipher_tests.inc"; +-$method = 'aes-256-ccm'; +-$tests = openssl_get_cipher_tests($method); ++$methods = ['aes-128-ccm', 'aes-256-ccm']; + +-foreach ($tests as $idx => $test) { +- echo "TEST $idx\n"; +- $ct = openssl_encrypt($test['pt'], $method, $test['key'], OPENSSL_RAW_DATA, +- $test['iv'], $tag, $test['aad'], strlen($test['tag'])); +- var_dump($test['ct'] === $ct); +- var_dump($test['tag'] === $tag); ++foreach ($methods as $method) { ++ $tests = openssl_get_cipher_tests($method); ++ foreach ($tests as $idx => $test) { ++ echo "$method - TEST $idx\n"; ++ $ct = openssl_encrypt($test['pt'], $method, $test['key'], OPENSSL_RAW_DATA, ++ $test['iv'], $tag, $test['aad'], strlen($test['tag'])); ++ var_dump($test['ct'] === $ct); ++ var_dump($test['tag'] === $tag); ++ } + } + + // Empty IV error +@@ -32,7 +34,13 @@ var_dump(strlen($tag)); + var_dump(openssl_encrypt('data', $method, 'password', 0, str_repeat('x', 16), $tag, '', 1024)); + ?> + --EXPECTF-- +-TEST 0 ++aes-128-ccm - TEST 0 ++bool(true) ++bool(true) ++aes-128-ccm - TEST 1 ++bool(true) ++bool(true) ++aes-256-ccm - TEST 0 + bool(true) + bool(true) + +-- +2.25.1 + diff --git a/meta-openembedded/meta-oe/recipes-devtools/php/php/CVE-2020-7070.patch b/meta-openembedded/meta-oe/recipes-devtools/php/php/CVE-2020-7070.patch new file mode 100644 index 0000000000..e5b527f989 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-devtools/php/php/CVE-2020-7070.patch @@ -0,0 +1,24 @@ +Subject: Patch fix-urldecode for HTTP related Bug #79699 + +--- + main/php_variables.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/main/php_variables.c b/main/php_variables.c +index 1a40c2a1..cbdc7cf1 100644 +--- a/main/php_variables.c ++++ b/main/php_variables.c +@@ -514,7 +514,9 @@ SAPI_API SAPI_TREAT_DATA_FUNC(php_default_treat_data) + } + + val = estrndup(val, val_len); +- php_url_decode(var, strlen(var)); ++ if (arg != PARSE_COOKIE) { ++ php_url_decode(var, strlen(var)); ++ } + if (sapi_module.input_filter(arg, var, &val, val_len, &new_val_len)) { + php_register_variable_safe(var, val, new_val_len, &array); + } +-- +2.25.1 + diff --git a/meta-openembedded/meta-oe/recipes-devtools/php/php/debian-php-fixheader.patch b/meta-openembedded/meta-oe/recipes-devtools/php/php/debian-php-fixheader.patch index 21050f7605..a4804d1849 100755..100644 --- a/meta-openembedded/meta-oe/recipes-devtools/php/php/debian-php-fixheader.patch +++ b/meta-openembedded/meta-oe/recipes-devtools/php/php/debian-php-fixheader.patch @@ -1,31 +1,32 @@ -php: remove host specific info from header file +From 1234a8ef7c5ab88e24bc5908f0ccfd55af21aa39 Mon Sep 17 00:00:00 2001 +From: Leon Anavi <leon.anavi@konsulko.com> +Date: Mon, 31 Aug 2020 16:03:27 +0300 +Subject: [PATCH] php: remove host specific info from header file +Based on: https://sources.debian.org/data/main/p/php7.3/7.3.6-1/debian/patches/ 0036-php-5.4.9-fixheader.patch Upstream-Status: Inappropriate [not author] Signed-off-by: Joe Slater <joe.slater@windriver.com> - ---- -From: Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org> -Date: Sat, 2 May 2015 10:26:56 +0200 -Subject: php-5.4.9-fixheader - -Make generated php_config.h constant across rebuilds. +Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> --- configure.ac | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.ac b/configure.ac -index 433d7e6..41893d7 100644 +index 2a474ba36d..6d22a21630 100644 --- a/configure.ac +++ b/configure.ac -@@ -1357,7 +1357,7 @@ PHP_BUILD_DATE=`date -u +%Y-%m-%d` +@@ -1323,7 +1323,7 @@ PHP_BUILD_DATE=`date -u +%Y-%m-%d` fi AC_DEFINE_UNQUOTED(PHP_BUILD_DATE,"$PHP_BUILD_DATE",[PHP build date]) --PHP_UNAME=`uname -a | xargs` -+PHP_UNAME=`uname | xargs` +-UNAME=`uname -a | xargs` ++UNAME=`uname | xargs` + PHP_UNAME=${PHP_UNAME:-$UNAME} AC_DEFINE_UNQUOTED(PHP_UNAME,"$PHP_UNAME",[uname -a output]) PHP_OS=`uname | xargs` - AC_DEFINE_UNQUOTED(PHP_OS,"$PHP_OS",[uname output]) +-- +2.17.1 + diff --git a/meta-openembedded/meta-oe/recipes-devtools/php/php_7.4.4.bb b/meta-openembedded/meta-oe/recipes-devtools/php/php_7.4.9.bb index 1d93902e72..16fc311b0e 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/php/php_7.4.4.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/php/php_7.4.9.bb @@ -30,10 +30,13 @@ SRC_URI_append_class-target = " \ file://phar-makefile.patch \ file://0001-opcache-config.m4-enable-opcache.patch \ file://xfail_two_bug_tests.patch \ + file://CVE-2020-7070.patch \ + file://CVE-2020-7069.patch \ " + S = "${WORKDIR}/php-${PV}" -SRC_URI[md5sum] = "262c258a3b8b5699fcca89a64e58758c" -SRC_URI[sha256sum] = "308e8f4182ec8a2767b0b1b8e1e7c69fb149b37cfb98ee4a37475e082fa9829f" +SRC_URI[md5sum] = "e68a66c54b080d108831f6dc2e1e403d" +SRC_URI[sha256sum] = "2e270958a4216480da7886743438ccc92b6acf32ea96fefda88d07e0a5095deb" inherit autotools pkgconfig python3native gettext @@ -153,7 +156,6 @@ do_install_prepend_class-target() { # fixme do_install_append_class-target() { install -d ${D}${sysconfdir}/ - rm -rf ${D}/${TMPDIR} rm -rf ${D}/.registry rm -rf ${D}/.channels rm -rf ${D}/.[a-z]* @@ -177,14 +179,6 @@ do_install_append_class-target() { ${D}${systemd_unitdir}/system/php-fpm.service fi - TMP=`dirname ${D}/${TMPDIR}` - while test ${TMP} != ${D}; do - if [ -d ${TMP} ]; then - rmdir ${TMP} - fi - TMP=`dirname ${TMP}`; - done - if ${@bb.utils.contains('PACKAGECONFIG', 'apache2', 'true', 'false', d)}; then install -d ${D}${sysconfdir}/apache2/modules.d install -d ${D}${sysconfdir}/php/apache2-php${PHP_MAJOR_VERSION} diff --git a/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/275.patch b/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/275.patch new file mode 100644 index 0000000000..75065eb054 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/275.patch @@ -0,0 +1,38 @@ +Upstream-status: Backport +CVE: CVE-2020-29394 +From 7f5cd5404a03fa330e192084f6bdafb2dc9bdcb7 Mon Sep 17 00:00:00 2001 +From: GwanYeong Kim <gy741.kim@gmail.com> +Date: Sat, 28 Nov 2020 12:24:46 +0900 +Subject: [PATCH] dlt_common: Fix buffer overflow in dlt_filter_load + +A buffer overflow in the dlt_filter_load function in dlt_common.c in dlt-daemon allows arbitrary code execution via an unsafe usage of fscanf, because it does not limit the number of characters to be read in a format argument. + +Fixed: #274 + +Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> +--- + src/shared/dlt_common.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/shared/dlt_common.c b/src/shared/dlt_common.c +index 254f4ce4..d15b1cec 100644 +--- a/src/shared/dlt_common.c ++++ b/src/shared/dlt_common.c +@@ -404,7 +404,7 @@ DltReturnValue dlt_filter_load(DltFilter *filter, const char *filename, int verb + while (!feof(handle)) { + str1[0] = 0; + +- if (fscanf(handle, "%s", str1) != 1) ++ if (fscanf(handle, "%254s", str1) != 1) + break; + + if (str1[0] == 0) +@@ -419,7 +419,7 @@ DltReturnValue dlt_filter_load(DltFilter *filter, const char *filename, int verb + + str1[0] = 0; + +- if (fscanf(handle, "%s", str1) != 1) ++ if (fscanf(handle, "%254s", str1) != 1) + break; + + if (str1[0] == 0) diff --git a/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.4.bb b/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.4.bb index 35c638bc78..45724e98ac 100644 --- a/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.4.bb +++ b/meta-openembedded/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.4.bb @@ -18,6 +18,7 @@ SRC_URI = "git://github.com/GENIVI/${BPN}.git;protocol=https \ file://0002-Don-t-execute-processes-as-a-specific-user.patch \ file://0004-Modify-systemd-config-directory.patch \ file://204.patch \ + file://275.patch \ " SRCREV = "14ea971be7e808b9c5099c7f404ed3cf341873c4" diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl2-mixer_2.0.4.bb b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl2-mixer_2.0.4.bb index aa246f9995..8f1960d8ad 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl2-mixer_2.0.4.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl2-mixer_2.0.4.bb @@ -14,7 +14,7 @@ S = "${WORKDIR}/SDL2_mixer-${PV}" inherit autotools-brokensep pkgconfig EXTRA_AUTORECONF += "--include=acinclude" -EXTRA_OECONF = "--disable-music-mp3 --enable-music-ogg --enable-music-ogg-tremor LIBS=-L${STAGING_LIBDIR}" +EXTRA_OECONF = "--disable-music-mp3 --enable-music-ogg --disable-music-ogg-shared LIBS=-L${STAGING_LIBDIR}" PACKAGECONFIG[mad] = "--enable-music-mp3-mad-gpl,--disable-music-mp3-mad-gpl,libmad" diff --git a/meta-openembedded/meta-oe/recipes-navigation/geoclue/geoclue_2.5.3.bb b/meta-openembedded/meta-oe/recipes-navigation/geoclue/geoclue_2.5.3.bb index b46445a2ba..e57e7a7209 100644 --- a/meta-openembedded/meta-oe/recipes-navigation/geoclue/geoclue_2.5.3.bb +++ b/meta-openembedded/meta-oe/recipes-navigation/geoclue/geoclue_2.5.3.bb @@ -31,7 +31,7 @@ PACKAGECONFIG ??= "3g modem-gps cdma nmea lib" PACKAGECONFIG[3g] = "-D3g-source=true,-D3g-source=false,modemmanager" PACKAGECONFIG[modem-gps] = "-Dmodem-gps-source=true,-Dmodem-gps-source=false,modemmanager" PACKAGECONFIG[cdma] = "-Dcdma-source=true,-Dcdma-source=false,modemmanager" -PACKAGECONFIG[nmea] = "-Dnmea-source=true,-Dnmea-source=false,avahi" +PACKAGECONFIG[nmea] = "-Dnmea-source=true,-Dnmea-source=false,avahi,avahi-daemon" PACKAGECONFIG[lib] = "-Dlibgeoclue=true,-Dlibgeoclue=false,gobject-introspection" GTKDOC_MESON_OPTION = "gtk-doc" diff --git a/meta-openembedded/meta-oe/recipes-support/nss/nss/CVE-2020-12401.patch b/meta-openembedded/meta-oe/recipes-support/nss/nss/CVE-2020-12401.patch new file mode 100644 index 0000000000..e67926fe50 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/nss/nss/CVE-2020-12401.patch @@ -0,0 +1,52 @@ +# HG changeset patch +# User Billy Brumley <bbrumley@gmail.com> +# Date 1595283525 0 +# Node ID aeb2e583ee957a699d949009c7ba37af76515c20 +# Parent ca207655b4b7cb1d3a5e438c1fb9b90d45596da6 +Bug 1631573: Remove unnecessary scalar padding in ec.c r=kjacobs,bbeurdouche + +Subsequent calls to ECPoints_mul and ECPoint_mul remove this padding. + +Timing attack countermeasures are now applied more generally deeper in +the call stack. + +Differential Revision: https://phabricator.services.mozilla.com/D82011 + + +Upstream-Status: Backport + +CVE: CVE-2020-1240 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +Index: nss-3.51.1/nss/lib/freebl/ec.c +=================================================================== +--- nss-3.51.1.orig/nss/lib/freebl/ec.c ++++ nss-3.51.1/nss/lib/freebl/ec.c +@@ -724,27 +724,6 @@ ECDSA_SignDigestWithSeed(ECPrivateKey *k + } + + /* +- ** We do not want timing information to leak the length of k, +- ** so we compute k*G using an equivalent scalar of fixed +- ** bit-length. +- ** Fix based on patch for ECDSA timing attack in the paper +- ** by Billy Bob Brumley and Nicola Tuveri at +- ** http://eprint.iacr.org/2011/232 +- ** +- ** How do we convert k to a value of a fixed bit-length? +- ** k starts off as an integer satisfying 0 <= k < n. Hence, +- ** n <= k+n < 2n, which means k+n has either the same number +- ** of bits as n or one more bit than n. If k+n has the same +- ** number of bits as n, the second addition ensures that the +- ** final value has exactly one more bit than n. Thus, we +- ** always end up with a value that exactly one more bit than n. +- */ +- CHECK_MPI_OK(mp_add(&k, &n, &k)); +- if (mpl_significant_bits(&k) <= mpl_significant_bits(&n)) { +- CHECK_MPI_OK(mp_add(&k, &n, &k)); +- } +- +- /* + ** ANSI X9.62, Section 5.3.2, Step 2 + ** + ** Compute kG diff --git a/meta-openembedded/meta-oe/recipes-support/nss/nss_3.51.1.bb b/meta-openembedded/meta-oe/recipes-support/nss/nss_3.51.1.bb index c00bd34cb2..3e3c3a3fdf 100644 --- a/meta-openembedded/meta-oe/recipes-support/nss/nss_3.51.1.bb +++ b/meta-openembedded/meta-oe/recipes-support/nss/nss_3.51.1.bb @@ -35,6 +35,7 @@ SRC_URI = "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${VERSIO file://riscv.patch \ file://0001-Enable-uint128-on-mips64.patch \ file://0001-Bug-1631576-Force-a-fixed-length-for-DSA-exponentiat.patch \ + file://CVE-2020-12401.patch \ " SRC_URI[md5sum] = "6acaf1ddff69306ae30a908881c6f233" diff --git a/meta-openembedded/meta-oe/recipes-support/pcsc-lite/pcsc-lite_1.8.26.bb b/meta-openembedded/meta-oe/recipes-support/pcsc-lite/pcsc-lite_1.8.26.bb index 91d77ac938..04989fb740 100644 --- a/meta-openembedded/meta-oe/recipes-support/pcsc-lite/pcsc-lite_1.8.26.bb +++ b/meta-openembedded/meta-oe/recipes-support/pcsc-lite/pcsc-lite_1.8.26.bb @@ -36,6 +36,7 @@ PACKAGES = "${PN} ${PN}-dbg ${PN}-dev ${PN}-lib ${PN}-doc ${PN}-spy ${PN}-spy-de RRECOMMENDS_${PN} = "ccid" RRECOMMENDS_${PN}_class-native = "" +RPROVIDES_${PN}_class-native += "pcsc-lite-lib-native" FILES_${PN} = "${sbindir}/pcscd" FILES_${PN}-lib = "${libdir}/libpcsclite*${SOLIBS}" |