diff options
Diffstat (limited to 'meta-openembedded/meta-oe')
66 files changed, 1300 insertions, 71 deletions
diff --git a/meta-openembedded/meta-oe/classes/image_types_sparse.bbclass b/meta-openembedded/meta-oe/classes/image_types_sparse.bbclass index 69e24cbb79..68c5dbaa14 100644 --- a/meta-openembedded/meta-oe/classes/image_types_sparse.bbclass +++ b/meta-openembedded/meta-oe/classes/image_types_sparse.bbclass @@ -8,9 +8,11 @@ inherit image_types SPARSE_BLOCK_SIZE ??= "4096" CONVERSIONTYPES += "sparse" -CONVERSION_CMD:sparse() { - INPUT="${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.${type}" - truncate --no-create --size=%${SPARSE_BLOCK_SIZE} "$INPUT" - img2simg -s "$INPUT" "$INPUT.sparse" ${SPARSE_BLOCK_SIZE} -} + +CONVERSION_CMD:sparse = " \ + INPUT="${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.${type}"; \ + truncate --no-create --size=%${SPARSE_BLOCK_SIZE} "$INPUT"; \ + img2simg -s "$INPUT" "$INPUT.sparse" ${SPARSE_BLOCK_SIZE}; \ + " + CONVERSION_DEPENDS_sparse = "android-tools-native" diff --git a/meta-openembedded/meta-oe/conf/layer.conf b/meta-openembedded/meta-oe/conf/layer.conf index b17add6f74..923b722b3c 100644 --- a/meta-openembedded/meta-oe/conf/layer.conf +++ b/meta-openembedded/meta-oe/conf/layer.conf @@ -111,4 +111,4 @@ SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS += " \ DEFAULT_TEST_SUITES:pn-meta-oe-ptest-image = " ${PTESTTESTSUITE}" -NON_MULTILIB_RECIPES:append = " crash" +NON_MULTILIB_RECIPES:append = " crash pahole" diff --git a/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb_git.bb b/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb_git.bb index 550fbc30d3..61f3c2df52 100644 --- a/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb_git.bb +++ b/meta-openembedded/meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb_git.bb @@ -94,6 +94,7 @@ EXTRA_OESCONS = "PREFIX=${prefix} \ --use-system-zlib \ --nostrip \ --endian=${@oe.utils.conditional('SITEINFO_ENDIANNESS', 'le', 'little', 'big', d)} \ + --use-hardware-crc32=${@bb.utils.contains('TUNE_FEATURES', 'crc', 'on', 'off', d)} \ --wiredtiger='${WIREDTIGER}' \ --separate-debug \ ${PACKAGECONFIG_CONFARGS}" diff --git a/meta-openembedded/meta-oe/recipes-benchmark/iperf3/iperf3_3.13.bb b/meta-openembedded/meta-oe/recipes-benchmark/iperf3/iperf3_3.14.bb index 62a95b303c..d181eb3b02 100644 --- a/meta-openembedded/meta-oe/recipes-benchmark/iperf3/iperf3_3.13.bb +++ b/meta-openembedded/meta-oe/recipes-benchmark/iperf3/iperf3_3.14.bb @@ -18,7 +18,7 @@ SRC_URI = "git://github.com/esnet/iperf.git;branch=master;protocol=https \ file://0001-configure.ac-check-for-CPP-prog.patch \ " -SRCREV = "f48e7fa92b8932814f3d92f36986d51be9efe6e0" +SRCREV = "a0be85934144bc04712a6695b14ea6e45c379e1d" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-bsp/lm_sensors/lmsensors_3.6.0.bb b/meta-openembedded/meta-oe/recipes-bsp/lm_sensors/lmsensors_3.6.0.bb index f821cdaf4a..aba5ab5878 100644 --- a/meta-openembedded/meta-oe/recipes-bsp/lm_sensors/lmsensors_3.6.0.bb +++ b/meta-openembedded/meta-oe/recipes-bsp/lm_sensors/lmsensors_3.6.0.bb @@ -151,12 +151,13 @@ RRECOMMENDS:${PN}-fancontrol = "lmsensors-config-fancontrol" # sensors-detect script files FILES:${PN}-sensorsdetect = "${sbindir}/sensors-detect" FILES:${PN}-sensorsdetect-doc = "${mandir}/man8/sensors-detect.8" -RDEPENDS:${PN}-sensorsdetect = "${PN}-sensors perl perl-modules" +RDEPENDS:${PN}-sensorsdetect = "${PN}-sensors perl perl-module-fcntl perl-module-file-basename \ + perl-module-strict perl-module-constant" # sensors-conf-convert script files FILES:${PN}-sensorsconfconvert = "${bindir}/sensors-conf-convert" FILES:${PN}-sensorsconfconvert-doc = "${mandir}/man8/sensors-conf-convert.8" -RDEPENDS:${PN}-sensorsconfconvert = "${PN}-sensors perl perl-modules" +RDEPENDS:${PN}-sensorsconfconvert = "${PN}-sensors perl perl-module-strict perl-module-vars" # pwmconfig script files FILES:${PN}-pwmconfig = "${sbindir}/pwmconfig" diff --git a/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/CVE-2023-36054.patch b/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/CVE-2023-36054.patch new file mode 100644 index 0000000000..160c090bce --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/CVE-2023-36054.patch @@ -0,0 +1,68 @@ +From ef08b09c9459551aabbe7924fb176f1583053cdd Mon Sep 17 00:00:00 2001 +From: Greg Hudson <ghudson@mit.edu> +Date: Mon, 21 Aug 2023 03:08:15 +0000 +Subject: [PATCH] Ensure array count consistency in kadm5 RPC + +In _xdr_kadm5_principal_ent_rec(), ensure that n_key_data matches the +key_data array count when decoding. Otherwise when the structure is +later freed, xdr_array() could iterate over the wrong number of +elements, either leaking some memory or freeing uninitialized +pointers. Reported by Robert Morris. + +CVE: CVE-2023-36054 + +An authenticated attacker can cause a kadmind process to crash by +freeing uninitialized pointers. Remote code execution is unlikely. +An attacker with control of a kadmin server can cause a kadmin client +to crash by freeing uninitialized pointers. + +ticket: 9099 (new) +tags: pullup +target_version: 1.21-next +target_version: 1.20-next + +Upstream-Status: Backport [https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd] + +Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> +--- + src/lib/kadm5/kadm_rpc_xdr.c | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/src/lib/kadm5/kadm_rpc_xdr.c b/src/lib/kadm5/kadm_rpc_xdr.c +index 2892d41..94b1ce8 100644 +--- a/src/lib/kadm5/kadm_rpc_xdr.c ++++ b/src/lib/kadm5/kadm_rpc_xdr.c +@@ -390,6 +390,7 @@ _xdr_kadm5_principal_ent_rec(XDR *xdrs, kadm5_principal_ent_rec *objp, + int v) + { + unsigned int n; ++ bool_t r; + + if (!xdr_krb5_principal(xdrs, &objp->principal)) { + return (FALSE); +@@ -443,6 +444,9 @@ _xdr_kadm5_principal_ent_rec(XDR *xdrs, kadm5_principal_ent_rec *objp, + if (!xdr_krb5_int16(xdrs, &objp->n_key_data)) { + return (FALSE); + } ++ if (xdrs->x_op == XDR_DECODE && objp->n_key_data < 0) { ++ return (FALSE); ++ } + if (!xdr_krb5_int16(xdrs, &objp->n_tl_data)) { + return (FALSE); + } +@@ -451,9 +455,10 @@ _xdr_kadm5_principal_ent_rec(XDR *xdrs, kadm5_principal_ent_rec *objp, + return FALSE; + } + n = objp->n_key_data; +- if (!xdr_array(xdrs, (caddr_t *) &objp->key_data, +- &n, ~0, sizeof(krb5_key_data), +- xdr_krb5_key_data_nocontents)) { ++ r = xdr_array(xdrs, (caddr_t *) &objp->key_data, &n, objp->n_key_data, ++ sizeof(krb5_key_data), xdr_krb5_key_data_nocontents); ++ objp->n_key_data = n; ++ if (!r) { + return (FALSE); + } + +-- +2.40.0 diff --git a/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5_1.20.1.bb b/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5_1.20.1.bb index 10fff11c25..e353b58aa1 100644 --- a/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5_1.20.1.bb +++ b/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5_1.20.1.bb @@ -29,6 +29,7 @@ SRC_URI = "http://web.mit.edu/kerberos/dist/${BPN}/${SHRT_VER}/${BP}.tar.gz \ file://etc/default/krb5-admin-server \ file://krb5-kdc.service \ file://krb5-admin-server.service \ + file://CVE-2023-36054.patch;striplevel=2 \ " SRC_URI[md5sum] = "73f5780e7b587ccd8b8cfc10c965a686" SRC_URI[sha256sum] = "704aed49b19eb5a7178b34b2873620ec299db08752d6a8574f95d41879ab8851" diff --git a/meta-openembedded/meta-oe/recipes-connectivity/rabbitmq-c/files/CVE-2023-35789.patch b/meta-openembedded/meta-oe/recipes-connectivity/rabbitmq-c/files/CVE-2023-35789.patch new file mode 100644 index 0000000000..dfd1f98759 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-connectivity/rabbitmq-c/files/CVE-2023-35789.patch @@ -0,0 +1,131 @@ +CVE: CVE-2023-35789 +Upstream-Status: Backport [ https://github.com/alanxz/rabbitmq-c/commit/463054383fbeef889b409a7f843df5365288e2a0 ] +Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> + +From 463054383fbeef889b409a7f843df5365288e2a0 Mon Sep 17 00:00:00 2001 +From: Christian Kastner <ckk@kvr.at> +Date: Tue, 13 Jun 2023 14:21:52 +0200 +Subject: [PATCH] Add option to read username/password from file (#781) + +* Add option to read username/password from file +--- + tools/common.c | 66 ++++++++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 66 insertions(+) + +diff --git a/tools/common.c b/tools/common.c +index 73b47e25..7efe557b 100644 +--- a/tools/common.c ++++ b/tools/common.c +@@ -18,6 +18,11 @@ + #include "compat.h" + #endif + ++/* For when reading auth data from a file */ ++#define MAXAUTHTOKENLEN 128 ++#define USERNAMEPREFIX "username:" ++#define PASSWORDPREFIX "password:" ++ + void die(const char *fmt, ...) { + va_list ap; + va_start(ap, fmt); +@@ -125,6 +130,7 @@ static char *amqp_vhost; + static char *amqp_username; + static char *amqp_password; + static int amqp_heartbeat = 0; ++static char *amqp_authfile; + #ifdef WITH_SSL + static int amqp_ssl = 0; + static char *amqp_cacert = "/etc/ssl/certs/cacert.pem"; +@@ -147,6 +153,8 @@ struct poptOption connect_options[] = { + "the password to login with", "password"}, + {"heartbeat", 0, POPT_ARG_INT, &amqp_heartbeat, 0, + "heartbeat interval, set to 0 to disable", "heartbeat"}, ++ {"authfile", 0, POPT_ARG_STRING, &amqp_authfile, 0, ++ "path to file containing username/password for authentication", "file"}, + #ifdef WITH_SSL + {"ssl", 0, POPT_ARG_NONE, &amqp_ssl, 0, "connect over SSL/TLS", NULL}, + {"cacert", 0, POPT_ARG_STRING, &amqp_cacert, 0, +@@ -158,6 +166,50 @@ struct poptOption connect_options[] = { + #endif /* WITH_SSL */ + {NULL, '\0', 0, NULL, 0, NULL, NULL}}; + ++void read_authfile(const char *path) { ++ size_t n; ++ FILE *fp = NULL; ++ char token[MAXAUTHTOKENLEN]; ++ ++ if ((amqp_username = malloc(MAXAUTHTOKENLEN)) == NULL || ++ (amqp_password = malloc(MAXAUTHTOKENLEN)) == NULL) { ++ die("Out of memory"); ++ } else if ((fp = fopen(path, "r")) == NULL) { ++ die("Could not read auth data file %s", path); ++ } ++ ++ if (fgets(token, MAXAUTHTOKENLEN, fp) == NULL || ++ strncmp(token, USERNAMEPREFIX, strlen(USERNAMEPREFIX))) { ++ die("Malformed auth file (missing username)"); ++ } ++ strncpy(amqp_username, &token[strlen(USERNAMEPREFIX)], MAXAUTHTOKENLEN); ++ /* Missing newline means token was cut off */ ++ n = strlen(amqp_username); ++ if (amqp_username[n - 1] != '\n') { ++ die("Username too long"); ++ } else { ++ amqp_username[n - 1] = '\0'; ++ } ++ ++ if (fgets(token, MAXAUTHTOKENLEN, fp) == NULL || ++ strncmp(token, PASSWORDPREFIX, strlen(PASSWORDPREFIX))) { ++ die("Malformed auth file (missing password)"); ++ } ++ strncpy(amqp_password, &token[strlen(PASSWORDPREFIX)], MAXAUTHTOKENLEN); ++ /* Missing newline means token was cut off */ ++ n = strlen(amqp_password); ++ if (amqp_password[n - 1] != '\n') { ++ die("Password too long"); ++ } else { ++ amqp_password[n - 1] = '\0'; ++ } ++ ++ (void)fgetc(fp); ++ if (!feof(fp)) { ++ die("Malformed auth file (trailing data)"); ++ } ++} ++ + static void init_connection_info(struct amqp_connection_info *ci) { + ci->user = NULL; + ci->password = NULL; +@@ -237,6 +289,8 @@ static void init_connection_info(struct amqp_connection_info *ci) { + if (amqp_username) { + if (amqp_url) { + die("--username and --url options cannot be used at the same time"); ++ } else if (amqp_authfile) { ++ die("--username and --authfile options cannot be used at the same time"); + } + + ci->user = amqp_username; +@@ -245,11 +299,23 @@ static void init_connection_info(struct amqp_connection_info *ci) { + if (amqp_password) { + if (amqp_url) { + die("--password and --url options cannot be used at the same time"); ++ } else if (amqp_authfile) { ++ die("--password and --authfile options cannot be used at the same time"); + } + + ci->password = amqp_password; + } + ++ if (amqp_authfile) { ++ if (amqp_url) { ++ die("--authfile and --url options cannot be used at the same time"); ++ } ++ ++ read_authfile(amqp_authfile); ++ ci->user = amqp_username; ++ ci->password = amqp_password; ++ } ++ + if (amqp_vhost) { + if (amqp_url) { + die("--vhost and --url options cannot be used at the same time"); diff --git a/meta-openembedded/meta-oe/recipes-connectivity/rabbitmq-c/rabbitmq-c_0.13.0.bb b/meta-openembedded/meta-oe/recipes-connectivity/rabbitmq-c/rabbitmq-c_0.13.0.bb index f9c2b2c8a9..ea80ec3344 100644 --- a/meta-openembedded/meta-oe/recipes-connectivity/rabbitmq-c/rabbitmq-c_0.13.0.bb +++ b/meta-openembedded/meta-oe/recipes-connectivity/rabbitmq-c/rabbitmq-c_0.13.0.bb @@ -3,7 +3,9 @@ HOMEPAGE = "https://github.com/alanxz/rabbitmq-c" LIC_FILES_CHKSUM = "file://LICENSE;md5=7e12f6e40e662e039e2f02b4893011ec" LICENSE = "MIT" -SRC_URI = "git://github.com/alanxz/rabbitmq-c.git;branch=master;protocol=https" +SRC_URI = "git://github.com/alanxz/rabbitmq-c.git;branch=master;protocol=https \ + file://CVE-2023-35789.patch \ +" # v0.13.0-master SRCREV = "974d71adceae6d742ae20a4c880d99c131f1460a" diff --git a/meta-openembedded/meta-oe/recipes-devtools/glade/glade_3.22.2.bb b/meta-openembedded/meta-oe/recipes-devtools/glade/glade_3.22.2.bb index 6c1112038c..28b1279390 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/glade/glade_3.22.2.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/glade/glade_3.22.2.bb @@ -6,6 +6,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=aabe87591cb8ae0f3c68be6977bb5522 \ file://COPYING.LGPL;md5=252890d9eee26aab7b432e8b8a616475" DEPENDS = "gtk+3 glib-2.0 libxml2 intltool-native \ gnome-common-native \ + autoconf-archive-native \ " inherit features_check autotools pkgconfig gnomebase gobject-introspection mime-xdg diff --git a/meta-openembedded/meta-oe/recipes-devtools/grpc/grpc/0001-backport-iomgr-EventEngine-Improve-server-handling-o.patch b/meta-openembedded/meta-oe/recipes-devtools/grpc/grpc/0001-backport-iomgr-EventEngine-Improve-server-handling-o.patch new file mode 100644 index 0000000000..4488df172f --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-devtools/grpc/grpc/0001-backport-iomgr-EventEngine-Improve-server-handling-o.patch @@ -0,0 +1,224 @@ +From b3c105c59dfb7d932b36b0d9ac7ab62875ab23e8 Mon Sep 17 00:00:00 2001 +From: AJ Heller <hork@google.com> +Date: Wed, 12 Jul 2023 18:42:09 -0700 +Subject: [PATCH] [backport][iomgr][EventEngine] Improve server handling of + file descriptor exhaustion (#33672) + +Backport of #33656 + +CVE: CVE-2023-33953 + +Upstream-Status: Backport [1e86ca5834b94cae7d5e6d219056c0fc895cf95d] +The patch is backported with tweaks to fit 1.50.1. + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + .../event_engine/posix_engine/posix_engine.h | 1 + + src/core/lib/iomgr/tcp_server_posix.cc | 51 ++++++++++++++----- + src/core/lib/iomgr/tcp_server_utils_posix.h | 14 ++++- + .../iomgr/tcp_server_utils_posix_common.cc | 22 ++++++++ + 4 files changed, 73 insertions(+), 15 deletions(-) + +diff --git a/src/core/lib/event_engine/posix_engine/posix_engine.h b/src/core/lib/event_engine/posix_engine/posix_engine.h +index eac6dfb4c5..866c04bcfa 100644 +--- a/src/core/lib/event_engine/posix_engine/posix_engine.h ++++ b/src/core/lib/event_engine/posix_engine/posix_engine.h +@@ -97,6 +97,7 @@ class PosixEventEngine final : public EventEngine { + const DNSResolver::ResolverOptions& options) override; + void Run(Closure* closure) override; + void Run(absl::AnyInvocable<void()> closure) override; ++ // Caution!! The timer implementation cannot create any fds. See #20418. + TaskHandle RunAfter(Duration when, Closure* closure) override; + TaskHandle RunAfter(Duration when, + absl::AnyInvocable<void()> closure) override; +diff --git a/src/core/lib/iomgr/tcp_server_posix.cc b/src/core/lib/iomgr/tcp_server_posix.cc +index d43113fb03..32be997cff 100644 +--- a/src/core/lib/iomgr/tcp_server_posix.cc ++++ b/src/core/lib/iomgr/tcp_server_posix.cc +@@ -16,13 +16,17 @@ + * + */ + +-/* FIXME: "posix" files shouldn't be depending on _GNU_SOURCE */ ++#include <grpc/support/port_platform.h> ++ ++#include <utility> ++ ++#include <grpc/support/atm.h> ++ ++// FIXME: "posix" files shouldn't be depending on _GNU_SOURCE + #ifndef _GNU_SOURCE + #define _GNU_SOURCE + #endif + +-#include <grpc/support/port_platform.h> +- + #include "src/core/lib/iomgr/port.h" + + #ifdef GRPC_POSIX_SOCKET_TCP_SERVER +@@ -44,6 +48,7 @@ + #include "absl/strings/str_format.h" + + #include <grpc/event_engine/endpoint_config.h> ++#include <grpc/event_engine/event_engine.h> + #include <grpc/support/alloc.h> + #include <grpc/support/log.h> + #include <grpc/support/sync.h> +@@ -63,6 +68,8 @@ + #include "src/core/lib/resource_quota/api.h" + + static std::atomic<int64_t> num_dropped_connections{0}; ++static constexpr grpc_core::Duration kRetryAcceptWaitTime{ ++ grpc_core::Duration::Seconds(1)}; + + using ::grpc_event_engine::experimental::EndpointConfig; + +@@ -195,21 +202,35 @@ static void on_read(void* arg, grpc_error_handle err) { + if (fd < 0) { + if (errno == EINTR) { + continue; +- } else if (errno == EAGAIN || errno == ECONNABORTED || +- errno == EWOULDBLOCK) { ++ } ++ // When the process runs out of fds, accept4() returns EMFILE. When this ++ // happens, the connection is left in the accept queue until either a ++ // read event triggers the on_read callback, or time has passed and the ++ // accept should be re-tried regardless. This callback is not cancelled, ++ // so a spurious wakeup may occur even when there's nothing to accept. ++ // This is not a performant code path, but if an fd limit has been ++ // reached, the system is likely in an unhappy state regardless. ++ if (errno == EMFILE) { + grpc_fd_notify_on_read(sp->emfd, &sp->read_closure); ++ if (gpr_atm_full_xchg(&sp->retry_timer_armed, true)) return; ++ grpc_timer_init(&sp->retry_timer, ++ grpc_core::Timestamp::Now() + kRetryAcceptWaitTime, ++ &sp->retry_closure); + return; ++ } ++ if (errno == EAGAIN || errno == ECONNABORTED || errno == EWOULDBLOCK) { ++ grpc_fd_notify_on_read(sp->emfd, &sp->read_closure); ++ return; ++ } ++ gpr_mu_lock(&sp->server->mu); ++ if (!sp->server->shutdown_listeners) { ++ gpr_log(GPR_ERROR, "Failed accept4: %s", strerror(errno)); + } else { +- gpr_mu_lock(&sp->server->mu); +- if (!sp->server->shutdown_listeners) { +- gpr_log(GPR_ERROR, "Failed accept4: %s", strerror(errno)); +- } else { +- /* if we have shutdown listeners, accept4 could fail, and we +- needn't notify users */ +- } +- gpr_mu_unlock(&sp->server->mu); +- goto error; ++ // if we have shutdown listeners, accept4 could fail, and we ++ // needn't notify users + } ++ gpr_mu_unlock(&sp->server->mu); ++ goto error; + } + + if (sp->server->memory_quota->IsMemoryPressureHigh()) { +@@ -403,6 +424,7 @@ static grpc_error_handle clone_port(grpc_tcp_listener* listener, + sp->port_index = listener->port_index; + sp->fd_index = listener->fd_index + count - i; + GPR_ASSERT(sp->emfd); ++ grpc_tcp_server_listener_initialize_retry_timer(sp); + while (listener->server->tail->next != nullptr) { + listener->server->tail = listener->server->tail->next; + } +@@ -575,6 +597,7 @@ static void tcp_server_shutdown_listeners(grpc_tcp_server* s) { + if (s->active_ports) { + grpc_tcp_listener* sp; + for (sp = s->head; sp; sp = sp->next) { ++ grpc_timer_cancel(&sp->retry_timer); + grpc_fd_shutdown(sp->emfd, + GRPC_ERROR_CREATE_FROM_STATIC_STRING("Server shutdown")); + } +diff --git a/src/core/lib/iomgr/tcp_server_utils_posix.h b/src/core/lib/iomgr/tcp_server_utils_posix.h +index 94faa2c17e..2e78ce555f 100644 +--- a/src/core/lib/iomgr/tcp_server_utils_posix.h ++++ b/src/core/lib/iomgr/tcp_server_utils_posix.h +@@ -25,6 +25,7 @@ + #include "src/core/lib/iomgr/resolve_address.h" + #include "src/core/lib/iomgr/socket_utils_posix.h" + #include "src/core/lib/iomgr/tcp_server.h" ++#include "src/core/lib/iomgr/timer.h" + #include "src/core/lib/resource_quota/memory_quota.h" + + /* one listening port */ +@@ -47,6 +48,11 @@ typedef struct grpc_tcp_listener { + identified while iterating through 'next'. */ + struct grpc_tcp_listener* sibling; + int is_sibling; ++ // If an accept4() call fails, a timer is started to drain the accept queue in ++ // case no further connection attempts reach the gRPC server. ++ grpc_closure retry_closure; ++ grpc_timer retry_timer; ++ gpr_atm retry_timer_armed; + } grpc_tcp_listener; + + /* the overall server */ +@@ -126,4 +132,10 @@ grpc_error_handle grpc_tcp_server_prepare_socket( + /* Ruturn true if the platform supports ifaddrs */ + bool grpc_tcp_server_have_ifaddrs(void); + +-#endif /* GRPC_CORE_LIB_IOMGR_TCP_SERVER_UTILS_POSIX_H */ ++// Initialize (but don't start) the timer and callback to retry accept4() on a ++// listening socket after file descriptors have been exhausted. This must be ++// called when creating a new listener. ++void grpc_tcp_server_listener_initialize_retry_timer( ++ grpc_tcp_listener* listener); ++ ++#endif // GRPC_SRC_CORE_LIB_IOMGR_TCP_SERVER_UTILS_POSIX_H +diff --git a/src/core/lib/iomgr/tcp_server_utils_posix_common.cc b/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +index 73a6b943ec..0e671c6485 100644 +--- a/src/core/lib/iomgr/tcp_server_utils_posix_common.cc ++++ b/src/core/lib/iomgr/tcp_server_utils_posix_common.cc +@@ -18,6 +18,8 @@ + + #include <grpc/support/port_platform.h> + ++#include <grpc/support/atm.h> ++ + #include "src/core/lib/iomgr/port.h" + + #ifdef GRPC_POSIX_SOCKET_TCP_SERVER_UTILS_COMMON +@@ -80,6 +82,24 @@ static int get_max_accept_queue_size(void) { + return s_max_accept_queue_size; + } + ++static void listener_retry_timer_cb(void* arg, grpc_error_handle err) { ++ // Do nothing if cancelled. ++ if (!err.ok()) return; ++ grpc_tcp_listener* listener = static_cast<grpc_tcp_listener*>(arg); ++ gpr_atm_no_barrier_store(&listener->retry_timer_armed, false); ++ if (!grpc_fd_is_shutdown(listener->emfd)) { ++ grpc_fd_set_readable(listener->emfd); ++ } ++} ++ ++void grpc_tcp_server_listener_initialize_retry_timer( ++ grpc_tcp_listener* listener) { ++ gpr_atm_no_barrier_store(&listener->retry_timer_armed, false); ++ grpc_timer_init_unset(&listener->retry_timer); ++ GRPC_CLOSURE_INIT(&listener->retry_closure, listener_retry_timer_cb, listener, ++ grpc_schedule_on_exec_ctx); ++} ++ + static grpc_error_handle add_socket_to_server(grpc_tcp_server* s, int fd, + const grpc_resolved_address* addr, + unsigned port_index, +@@ -112,6 +132,8 @@ static grpc_error_handle add_socket_to_server(grpc_tcp_server* s, int fd, + sp->server = s; + sp->fd = fd; + sp->emfd = grpc_fd_create(fd, name.c_str(), true); ++ grpc_tcp_server_listener_initialize_retry_timer(sp); ++ + memcpy(&sp->addr, addr, sizeof(grpc_resolved_address)); + sp->port = port; + sp->port_index = port_index; +-- +2.34.1 + diff --git a/meta-openembedded/meta-oe/recipes-devtools/grpc/grpc/0001-fix-CVE-2023-32732.patch b/meta-openembedded/meta-oe/recipes-devtools/grpc/grpc/0001-fix-CVE-2023-32732.patch new file mode 100644 index 0000000000..ab46897b12 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-devtools/grpc/grpc/0001-fix-CVE-2023-32732.patch @@ -0,0 +1,81 @@ +From d39489045b5aa73e27713e3cbacb8832c1140ec8 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Wed, 9 Aug 2023 13:33:45 +0800 +Subject: [PATCH] fix CVE-2023-32732 + +CVE: CVE-2023-32732 + +Upstream-Status: Backport [https://github.com/grpc/grpc/pull/32309/commits/6a7850ef4f042ac26559854266dddc79bfbc75b2] +The original patch is adjusted to fit the current 1.50.1 version. + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + .../ext/transport/chttp2/transport/hpack_parser.cc | 10 +++++++--- + src/core/ext/transport/chttp2/transport/internal.h | 2 -- + src/core/ext/transport/chttp2/transport/parsing.cc | 6 ++---- + 3 files changed, 9 insertions(+), 9 deletions(-) + +diff --git a/src/core/ext/transport/chttp2/transport/hpack_parser.cc b/src/core/ext/transport/chttp2/transport/hpack_parser.cc +index f2e49022dc3..cd459d15238 100644 +--- a/src/core/ext/transport/chttp2/transport/hpack_parser.cc ++++ b/src/core/ext/transport/chttp2/transport/hpack_parser.cc +@@ -1211,12 +1211,16 @@ class HPackParser::Parser { + "). GRPC_ARG_MAX_METADATA_SIZE can be set to increase this limit.", + *frame_length_, metadata_size_limit_); + if (metadata_buffer_ != nullptr) metadata_buffer_->Clear(); ++ // StreamId is used as a signal to skip this stream but keep the connection ++ // alive + return input_->MaybeSetErrorAndReturn( + [] { + return grpc_error_set_int( +- GRPC_ERROR_CREATE_FROM_STATIC_STRING( +- "received initial metadata size exceeds limit"), +- GRPC_ERROR_INT_GRPC_STATUS, GRPC_STATUS_RESOURCE_EXHAUSTED); ++ grpc_error_set_int( ++ GRPC_ERROR_CREATE_FROM_STATIC_STRING( ++ "received initial metadata size exceeds limit"), ++ GRPC_ERROR_INT_GRPC_STATUS, GRPC_STATUS_RESOURCE_EXHAUSTED), ++ GRPC_ERROR_INT_STREAM_ID, 0); + }, + false); + } +diff --git a/src/core/ext/transport/chttp2/transport/internal.h b/src/core/ext/transport/chttp2/transport/internal.h +index 4a2f4261d83..f8b544d9583 100644 +--- a/src/core/ext/transport/chttp2/transport/internal.h ++++ b/src/core/ext/transport/chttp2/transport/internal.h +@@ -542,8 +542,6 @@ struct grpc_chttp2_stream { + + grpc_core::Timestamp deadline = grpc_core::Timestamp::InfFuture(); + +- /** saw some stream level error */ +- grpc_error_handle forced_close_error = GRPC_ERROR_NONE; + /** how many header frames have we received? */ + uint8_t header_frames_received = 0; + /** number of bytes received - reset at end of parse thread execution */ +diff --git a/src/core/ext/transport/chttp2/transport/parsing.cc b/src/core/ext/transport/chttp2/transport/parsing.cc +index 980f13543f6..afe6da190b6 100644 +--- a/src/core/ext/transport/chttp2/transport/parsing.cc ++++ b/src/core/ext/transport/chttp2/transport/parsing.cc +@@ -22,6 +22,7 @@ + #include <string.h> + + #include <string> ++#include <utility> + + #include "absl/base/attributes.h" + #include "absl/status/status.h" +@@ -719,10 +720,7 @@ static grpc_error_handle parse_frame_slice(grpc_chttp2_transport* t, + } + grpc_chttp2_parsing_become_skip_parser(t); + if (s) { +- s->forced_close_error = err; +- grpc_chttp2_add_rst_stream_to_next_write(t, t->incoming_stream_id, +- GRPC_HTTP2_PROTOCOL_ERROR, +- &s->stats.outgoing); ++ grpc_chttp2_cancel_stream(t, s, std::exchange(err, absl::OkStatus())); + } else { + GRPC_ERROR_UNREF(err); + } +-- +2.34.1 + diff --git a/meta-openembedded/meta-oe/recipes-devtools/grpc/grpc_1.50.1.bb b/meta-openembedded/meta-oe/recipes-devtools/grpc/grpc_1.50.1.bb index 7b8a25c277..3cfd0210db 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/grpc/grpc_1.50.1.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/grpc/grpc_1.50.1.bb @@ -26,6 +26,8 @@ SRC_URI = "gitsm://github.com/grpc/grpc.git;protocol=https;name=grpc;branch=${BR file://0001-Revert-Changed-GRPCPP_ABSEIL_SYNC-to-GPR_ABSEIL_SYNC.patch \ file://0001-cmake-add-separate-export-for-plugin-targets.patch \ file://0001-cmake-Link-with-libatomic-on-rv32-rv64.patch \ + file://0001-fix-CVE-2023-32732.patch \ + file://0001-backport-iomgr-EventEngine-Improve-server-handling-o.patch \ " # Fixes build with older compilers 4.8 especially on ubuntu 14.04 CXXFLAGS:append:class-native = " -Wl,--no-as-needed" diff --git a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-18.14/oe-npm-cache b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-18.17/oe-npm-cache index f596207648..f596207648 100755 --- a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-18.14/oe-npm-cache +++ b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-18.17/oe-npm-cache diff --git a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-native_18.14.bb b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-native_18.17.bb index a61dd5018f..a61dd5018f 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-native_18.14.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-native_18.17.bb diff --git a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0001-Disable-running-gyp-files-for-bundled-deps.patch b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0001-Disable-running-gyp-files-for-bundled-deps.patch index 356c98d176..059b5cc070 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0001-Disable-running-gyp-files-for-bundled-deps.patch +++ b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs/0001-Disable-running-gyp-files-for-bundled-deps.patch @@ -29,10 +29,13 @@ python prune_sources() { } do_unpack[postfuncs] += "prune_sources" +Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) +diff --git a/Makefile b/Makefile +index 0be0659d..3c442014 100644 --- a/Makefile +++ b/Makefile @@ -169,7 +169,7 @@ with-code-cache test-code-cache: @@ -41,6 +44,8 @@ do_unpack[postfuncs] += "prune_sources" out/Makefile: config.gypi common.gypi node.gyp \ - deps/uv/uv.gyp deps/llhttp/llhttp.gyp deps/zlib/zlib.gyp \ + deps/llhttp/llhttp.gyp \ - deps/simdutf/simdutf.gyp \ + deps/simdutf/simdutf.gyp deps/ada/ada.gyp \ tools/v8_gypfiles/toolchain.gypi tools/v8_gypfiles/features.gypi \ tools/v8_gypfiles/inspector.gypi tools/v8_gypfiles/v8.gyp +-- +2.40.0 diff --git a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs_18.14.2.bb b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs_18.17.1.bb index 19df7d542a..402cf56717 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs_18.14.2.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/nodejs/nodejs_18.17.1.bb @@ -1,7 +1,7 @@ DESCRIPTION = "nodeJS Evented I/O for V8 JavaScript" HOMEPAGE = "http://nodejs.org" LICENSE = "MIT & ISC & BSD-2-Clause & BSD-3-Clause & Artistic-2.0 & Apache-2.0" -LIC_FILES_CHKSUM = "file://LICENSE;md5=2dff1ccca11e333f1388e34f7e2d1de3" +LIC_FILES_CHKSUM = "file://LICENSE;md5=bc1f9ebe76be76f163e3b675303ad9cd" CVE_PRODUCT = "nodejs node.js" @@ -39,7 +39,7 @@ SRC_URI:append:toolchain-clang:x86 = " \ SRC_URI:append:toolchain-clang:powerpc64le = " \ file://0001-ppc64-Do-not-use-mminimal-toc-with-clang.patch \ " -SRC_URI[sha256sum] = "fbc364dd25fee2cacc0f2033db2d86115fc07575310ea0e64408b8170d09c685" +SRC_URI[sha256sum] = "f215cf03d0f00f07ac0b674c6819f804c1542e16f152da04980022aeccf5e65a" S = "${WORKDIR}/node-v${PV}" diff --git a/meta-openembedded/meta-oe/recipes-devtools/php/php_8.2.6.bb b/meta-openembedded/meta-oe/recipes-devtools/php/php_8.2.8.bb index 54c40392db..233ded25d4 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/php/php_8.2.6.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/php/php_8.2.8.bb @@ -33,7 +33,7 @@ SRC_URI:append:class-target = " \ " S = "${WORKDIR}/php-${PV}" -SRC_URI[sha256sum] = "44a70c52f537662c10d91eedbf51fd765c9961be6ba2508ed63bf7a26cdd3100" +SRC_URI[sha256sum] = "995ed4009c7917c962d31837a1a3658f36d4af4f357b673c97ffdbe6403f8517" CVE_CHECK_IGNORE += "\ CVE-2007-2728 \ diff --git a/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl/CVE-2023-33460_1.patch b/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl/CVE-2023-33460_1.patch new file mode 100644 index 0000000000..c538991125 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl/CVE-2023-33460_1.patch @@ -0,0 +1,43 @@ +From 3d65cb0c6db4d433e5e42ee7d91d8a04e21337cf Mon Sep 17 00:00:00 2001 +From: wujing <wujing50@huawei.com> +Date: Thu, 14 Feb 2019 03:12:30 +0800 +Subject: [PATCH] yajl: fix memory leak problem + +reason: fix memory leak problem + +CVE: CVE-2023-33460 + +Upstream-Status: Backport [https://github.com/openEuler-BaseService/yajl/commit/3d65cb0c6db4d433e5e42ee7d91d8a04e21337cf] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + src/yajl_tree.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/src/yajl_tree.c b/src/yajl_tree.c +index 3d357a3..4b3cf2b 100644 +--- a/src/yajl_tree.c ++++ b/src/yajl_tree.c +@@ -143,7 +143,7 @@ static yajl_val context_pop(context_t *ctx) + ctx->stack = stack->next; + + v = stack->value; +- ++ free (stack->key); + free (stack); + + return (v); +@@ -444,6 +444,10 @@ yajl_val yajl_tree_parse (const char *input, + snprintf(error_buffer, error_buffer_size, "%s", internal_err_str); + YA_FREE(&(handle->alloc), internal_err_str); + } ++ while(ctx.stack != NULL) { ++ yajl_val v = context_pop(&ctx); ++ yajl_tree_free(v); ++ } + yajl_free (handle); + return NULL; + } +-- +2.25.1 + diff --git a/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl/CVE-2023-33460_2.patch b/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl/CVE-2023-33460_2.patch new file mode 100644 index 0000000000..6e9b119b56 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl/CVE-2023-33460_2.patch @@ -0,0 +1,31 @@ +From 23a122eddaa28165a6c219000adcc31ff9a8a698 Mon Sep 17 00:00:00 2001 +From: "zhang.jiujiu" <282627424@qq.com> +Date: Tue, 7 Dec 2021 22:37:02 +0800 +Subject: [PATCH] fix memory leaks + +CVE: CVE-2023-33460 + +Upstream-Status: Backport [https://github.com/openEuler-BaseService/yajl/commit/23a122eddaa28165a6c219000adcc31ff9a8a698] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + src/yajl_tree.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/yajl_tree.c b/src/yajl_tree.c +index b9e6604..0e7bde9 100644 +--- a/src/yajl_tree.c ++++ b/src/yajl_tree.c +@@ -456,6 +456,9 @@ yajl_val yajl_tree_parse (const char *input, + yajl_tree_free(v); + } + yajl_free (handle); ++ //If the requested memory is not released in time, it will cause memory leakage ++ if(ctx.root) ++ yajl_tree_free(ctx.root); + return NULL; + } + +-- +2.25.1 + diff --git a/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl_2.1.0.bb b/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl_2.1.0.bb index cf8dbb183e..aae3c6f3a1 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl_2.1.0.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/yajl/yajl_2.1.0.bb @@ -8,7 +8,10 @@ HOMEPAGE = "http://lloyd.github.com/yajl/" LICENSE = "ISC" LIC_FILES_CHKSUM = "file://COPYING;md5=39af6eb42999852bdd3ea00ad120a36d" -SRC_URI = "git://github.com/lloyd/yajl;branch=master;protocol=https" +SRC_URI = "git://github.com/lloyd/yajl;branch=master;protocol=https \ + file://CVE-2023-33460_1.patch \ + file://CVE-2023-33460_2.patch \ +" SRCREV = "a0ecdde0c042b9256170f2f8890dd9451a4240aa" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-devtools/yasm/yasm/CVE-2023-31975.patch b/meta-openembedded/meta-oe/recipes-devtools/yasm/yasm/CVE-2023-31975.patch new file mode 100644 index 0000000000..ae10e99c2f --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-devtools/yasm/yasm/CVE-2023-31975.patch @@ -0,0 +1,29 @@ +From b2cc5a1693b17ac415df76d0795b15994c106441 Mon Sep 17 00:00:00 2001 +From: Katsuhiko Gondow <gondow@cs.titech.ac.jp> +Date: Tue, 13 Jun 2023 05:00:47 +0900 +Subject: [PATCH] Fix memory leak in bin-objfmt (#231) + +Upstream-Status: Backport [https://github.com/yasm/yasm/commit/b2cc5a1693b17ac415df76d0795b15994c106441] + +CVE: CVE-2023-31975 +--- + modules/objfmts/bin/bin-objfmt.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/modules/objfmts/bin/bin-objfmt.c b/modules/objfmts/bin/bin-objfmt.c +index 18026750..a38c3422 100644 +--- a/modules/objfmts/bin/bin-objfmt.c ++++ b/modules/objfmts/bin/bin-objfmt.c +@@ -1680,6 +1680,10 @@ static void + bin_section_data_destroy(void *data) + { + bin_section_data *bsd = (bin_section_data *)data; ++ if (bsd->align) ++ yasm_xfree(bsd->align); ++ if (bsd->valign) ++ yasm_xfree(bsd->valign); + if (bsd->start) + yasm_expr_destroy(bsd->start); + if (bsd->vstart) +-- +2.40.0 diff --git a/meta-openembedded/meta-oe/recipes-devtools/yasm/yasm/CVE-2023-37732.patch b/meta-openembedded/meta-oe/recipes-devtools/yasm/yasm/CVE-2023-37732.patch new file mode 100644 index 0000000000..1ca33f0a92 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-devtools/yasm/yasm/CVE-2023-37732.patch @@ -0,0 +1,41 @@ +From 2cd3bb50e256f5ed5f611ac611d25fe673f2cec3 Mon Sep 17 00:00:00 2001 +From: Peter Johnson <johnson.peter@gmail.com> +Date: Fri, 11 Aug 2023 10:49:51 +0000 +Subject: [PATCH] elf.c: Fix NULL deref on bad xsize expression (#234) + +CVE: CVE-2023-37732 + +Upstream-Status: Backport [https://github.com/yasm/yasm/commit/2cd3bb50e256f5ed5f611ac611d25fe673f2cec3] + +Signed-off-by: Soumya <soumya.sambu@windriver.com> +--- + modules/objfmts/elf/elf.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/modules/objfmts/elf/elf.c b/modules/objfmts/elf/elf.c +index 2486bba8..bab4c9ca 100644 +--- a/modules/objfmts/elf/elf.c ++++ b/modules/objfmts/elf/elf.c +@@ -482,15 +482,15 @@ elf_symtab_write_to_file(FILE *f, elf_symtab_head *symtab, + + /* get size (if specified); expr overrides stored integer */ + if (entry->xsize) { +- size_intn = yasm_intnum_copy( +- yasm_expr_get_intnum(&entry->xsize, 1)); +- if (!size_intn) { ++ yasm_intnum *intn = yasm_expr_get_intnum(&entry->xsize, 1); ++ if (!intn) { + yasm_error_set(YASM_ERROR_VALUE, + N_("size specifier not an integer expression")); + yasm_errwarn_propagate(errwarns, entry->xsize->line); +- } ++ } else ++ size_intn = yasm_intnum_copy(intn); + } +- else ++ if (!size_intn) + size_intn = yasm_intnum_create_uint(entry->size); + + /* get EQU value for constants */ +-- +2.40.0 diff --git a/meta-openembedded/meta-oe/recipes-devtools/yasm/yasm_git.bb b/meta-openembedded/meta-oe/recipes-devtools/yasm/yasm_git.bb index 3dd382be1f..26540b4295 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/yasm/yasm_git.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/yasm/yasm_git.bb @@ -12,6 +12,8 @@ PV = "1.3.0+git${SRCPV}" SRCREV = "ba463d3c26c0ece2e797b8d6381b161633b5971a" SRC_URI = "git://github.com/yasm/yasm.git;branch=master;protocol=https \ file://0001-Do-not-use-AC_HEADER_STDC.patch \ + file://CVE-2023-31975.patch \ + file://CVE-2023-37732.patch \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-extended/dialog/dialog_1.3-20210509.bb b/meta-openembedded/meta-oe/recipes-extended/dialog/dialog_1.3-20210509.bb index 0b1e7e6088..d67156e1fd 100644 --- a/meta-openembedded/meta-oe/recipes-extended/dialog/dialog_1.3-20210509.bb +++ b/meta-openembedded/meta-oe/recipes-extended/dialog/dialog_1.3-20210509.bb @@ -8,7 +8,7 @@ DEPENDS = "ncurses" LICENSE = "LGPL-2.1-only" LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343" -SRC_URI = "ftp://ftp.invisible-island.net/${BPN}/${BP}.tgz" +SRC_URI = "https://invisible-mirror.net/archives/${BPN}/${BP}.tgz" SRC_URI[sha256sum] = "ae478fe7d5fca82bcf4b51684641e07d2ee68489d319710fe1e81f41a197bd66" # hardcoded here for use in dialog-static recipe diff --git a/meta-openembedded/meta-oe/recipes-extended/hwloc/files/CVE-2022-47022.patch b/meta-openembedded/meta-oe/recipes-extended/hwloc/files/CVE-2022-47022.patch new file mode 100644 index 0000000000..1925e2605d --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-extended/hwloc/files/CVE-2022-47022.patch @@ -0,0 +1,76 @@ +From ac1f8db9a0790d2bf153711ff4cbf6101f89aace Mon Sep 17 00:00:00 2001 +From: Brice Goglin <Brice.Goglin@inria.fr> +Date: Wed, 23 Aug 2023 19:52:47 +0200 +Subject: [PATCH] linux: handle glibc cpuset allocation failures + +Closes #544 +CVE-2022-47022 + +CVE: CVE-2022-47022 + +Upstream-Status: Backport [https://github.com/open-mpi/hwloc/commit/ac1f8db9a0790d2bf153711ff4cbf6101f89aace] + +Signed-off-by: Brice Goglin <Brice.Goglin@inria.fr> +Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> +--- + hwloc/topology-linux.c | 15 ++++++++++++++- + 1 file changed, 14 insertions(+), 1 deletion(-) + +diff --git a/hwloc/topology-linux.c b/hwloc/topology-linux.c +index 3f059465d..030076e7f 100644 +--- a/hwloc/topology-linux.c ++++ b/hwloc/topology-linux.c +@@ -878,6 +878,8 @@ hwloc_linux_set_tid_cpubind(hwloc_topology_t topology __hwloc_attribute_unused, + + setsize = CPU_ALLOC_SIZE(last+1); + plinux_set = CPU_ALLOC(last+1); ++ if (!plinux_set) ++ return -1; + + CPU_ZERO_S(setsize, plinux_set); + hwloc_bitmap_foreach_begin(cpu, hwloc_set) +@@ -958,7 +960,10 @@ hwloc_linux_find_kernel_nr_cpus(hwloc_topology_t topology) + while (1) { + cpu_set_t *set = CPU_ALLOC(nr_cpus); + size_t setsize = CPU_ALLOC_SIZE(nr_cpus); +- int err = sched_getaffinity(0, setsize, set); /* always works, unless setsize is too small */ ++ int err; ++ if (!set) ++ return -1; /* caller will return an error, and we'll try again later */ ++ err = sched_getaffinity(0, setsize, set); /* always works, unless setsize is too small */ + CPU_FREE(set); + nr_cpus = setsize * 8; /* that's the value that was actually tested */ + if (!err) +@@ -986,8 +991,12 @@ hwloc_linux_get_tid_cpubind(hwloc_topology_t topology __hwloc_attribute_unused, + + /* find the kernel nr_cpus so as to use a large enough cpu_set size */ + kernel_nr_cpus = hwloc_linux_find_kernel_nr_cpus(topology); ++ if (kernel_nr_cpus < 0) ++ return -1; + setsize = CPU_ALLOC_SIZE(kernel_nr_cpus); + plinux_set = CPU_ALLOC(kernel_nr_cpus); ++ if (!plinux_set) ++ return -1; + + err = sched_getaffinity(tid, setsize, plinux_set); + +@@ -1341,6 +1350,8 @@ hwloc_linux_set_thread_cpubind(hwloc_topology_t topology, pthread_t tid, hwloc_c + + setsize = CPU_ALLOC_SIZE(last+1); + plinux_set = CPU_ALLOC(last+1); ++ if (!plinux_set) ++ return -1; + + CPU_ZERO_S(setsize, plinux_set); + hwloc_bitmap_foreach_begin(cpu, hwloc_set) +@@ -1432,6 +1443,8 @@ hwloc_linux_get_thread_cpubind(hwloc_topology_t topology, pthread_t tid, hwloc_b + + setsize = CPU_ALLOC_SIZE(last+1); + plinux_set = CPU_ALLOC(last+1); ++ if (!plinux_set) ++ return -1; + + err = pthread_getaffinity_np(tid, setsize, plinux_set); + if (err) { +-- +2.40.0 diff --git a/meta-openembedded/meta-oe/recipes-extended/hwloc/hwloc_2.9.0.bb b/meta-openembedded/meta-oe/recipes-extended/hwloc/hwloc_2.9.0.bb index 51ceb4c262..ee766c8391 100644 --- a/meta-openembedded/meta-oe/recipes-extended/hwloc/hwloc_2.9.0.bb +++ b/meta-openembedded/meta-oe/recipes-extended/hwloc/hwloc_2.9.0.bb @@ -7,7 +7,9 @@ SECTION = "base" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://COPYING;md5=79179bb373cd55cbd834463a514fb714" -SRC_URI = "https://www.open-mpi.org/software/${BPN}/v2.9/downloads/${BP}.tar.bz2" +SRC_URI = "https://www.open-mpi.org/software/${BPN}/v2.9/downloads/${BP}.tar.bz2 \ + file://CVE-2022-47022.patch \ + " SRC_URI[sha256sum] = "2070e963596a2421b9af8eca43bdec113ee1107aaf7ccb475d4d3767a8856887" UPSTREAM_CHECK_URI = "https://www.open-mpi.org/software/hwloc/v2.9/" diff --git a/meta-openembedded/meta-oe/recipes-extended/libblockdev/libblockdev_2.28.bb b/meta-openembedded/meta-oe/recipes-extended/libblockdev/libblockdev_2.28.bb index 44b4e7daf9..22ccbf144e 100644 --- a/meta-openembedded/meta-oe/recipes-extended/libblockdev/libblockdev_2.28.bb +++ b/meta-openembedded/meta-oe/recipes-extended/libblockdev/libblockdev_2.28.bb @@ -10,6 +10,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=c07cb499d259452f324bb90c3067d85c" inherit autotools gobject-introspection pkgconfig +DEPENDS = "autoconf-archive-native glib-2.0 kmod udev" + SRC_URI = "git://github.com/storaged-project/libblockdev;branch=2.x-branch;protocol=https \ " SRCREV = "1412dc51c8f76bf8d9a6008228737db4a9a26d69" @@ -24,12 +26,12 @@ PACKAGECONFIG[lvm] = "--with-lvm, --without-lvm, multipath-tools, lvm2" PACKAGECONFIG[lvm-dbus] = "--with-lvm_dbus, --without-lvm_dbus, multipath-tools, lvm2" PACKAGECONFIG[dm] = "--with-dm, --without-dm, multipath-tools, lvm2" PACKAGECONFIG[dmraid] = "--with-dmraid, --without-dmraid" -PACKAGECONFIG[kmod] = "--with-kbd, --without-kbd, kmod" +PACKAGECONFIG[kmod] = "--with-kbd, --without-kbd,libbytesize" PACKAGECONFIG[parted] = "--with-part, --without-part, parted" PACKAGECONFIG[fs] = "--with-fs, --without-fs, util-linux" PACKAGECONFIG[doc] = "--with-gtk-doc, --without-gtk-doc, gtk-doc-native" PACKAGECONFIG[nvdimm] = "--with-nvdimm, --without-nvdimm, ndctl util-linux" -PACKAGECONFIG[vdo] = "--with-vdo, --without-vdo" +PACKAGECONFIG[vdo] = "--with-vdo, --without-vdo,libbytesize" PACKAGECONFIG[escrow] = "--with-escrow, --without-escrow, nss volume-key" PACKAGECONFIG[btrfs] = "--with-btrfs,--without-btrfs,libbytesize btrfs-tools" PACKAGECONFIG[crypto] = "--with-crypto,--without-crypto,cryptsetup nss volume-key" diff --git a/meta-openembedded/meta-oe/recipes-extended/libgxim/libgxim_0.5.0.bb b/meta-openembedded/meta-oe/recipes-extended/libgxim/libgxim_0.5.0.bb index 2d93936f37..3912e0a8d7 100644 --- a/meta-openembedded/meta-oe/recipes-extended/libgxim/libgxim_0.5.0.bb +++ b/meta-openembedded/meta-oe/recipes-extended/libgxim/libgxim_0.5.0.bb @@ -24,7 +24,7 @@ LIC_FILES_CHKSUM = "\ file://COPYING;md5=2d5025d4aa3495befef8f17206a5b0a1" EXTRA_OECONF = "--enable-debug --disable-static --disable-rebuilds --enable-compile-warnings=minimum" -DEPENDS += "gtk+ glib-2.0 glib-2.0-native ruby-native intltool-native gnome-common-native" +DEPENDS += "gtk+ glib-2.0 glib-2.0-native ruby-native intltool-native gnome-common-native autoconf-archive-native" inherit features_check autotools pkgconfig gettext diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7/0001-src-Do-not-reset-FINAL_LIBS.patch b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.12/0001-src-Do-not-reset-FINAL_LIBS.patch index e8d8b1d53f..e8d8b1d53f 100644 --- a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7/0001-src-Do-not-reset-FINAL_LIBS.patch +++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.12/0001-src-Do-not-reset-FINAL_LIBS.patch diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7/0006-Define-correct-gregs-for-RISCV32.patch b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.12/0006-Define-correct-gregs-for-RISCV32.patch index 385b0aeed0..385b0aeed0 100644 --- a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7/0006-Define-correct-gregs-for-RISCV32.patch +++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.12/0006-Define-correct-gregs-for-RISCV32.patch diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7/GNU_SOURCE-7.patch b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.12/GNU_SOURCE-7.patch index 6e07c25c6a..6e07c25c6a 100644 --- a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7/GNU_SOURCE-7.patch +++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.12/GNU_SOURCE-7.patch diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7/hiredis-use-default-CC-if-it-is-set.patch b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.12/hiredis-use-default-CC-if-it-is-set.patch index 657b0923e2..657b0923e2 100644 --- a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7/hiredis-use-default-CC-if-it-is-set.patch +++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.12/hiredis-use-default-CC-if-it-is-set.patch diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7/init-redis-server b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.12/init-redis-server index c5f335f57d..c5f335f57d 100755 --- a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7/init-redis-server +++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.12/init-redis-server diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7/lua-update-Makefile-to-use-environment-build-setting.patch b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.12/lua-update-Makefile-to-use-environment-build-setting.patch index c6c6fde162..c6c6fde162 100644 --- a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7/lua-update-Makefile-to-use-environment-build-setting.patch +++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.12/lua-update-Makefile-to-use-environment-build-setting.patch diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7/oe-use-libc-malloc.patch b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.12/oe-use-libc-malloc.patch index bf6d0cf3c1..bf6d0cf3c1 100644 --- a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7/oe-use-libc-malloc.patch +++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.12/oe-use-libc-malloc.patch diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7/redis.conf b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.12/redis.conf index 75037d6dc8..75037d6dc8 100644 --- a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7/redis.conf +++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.12/redis.conf diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7/redis.service b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.12/redis.service index a52204cc70..a52204cc70 100644 --- a/meta-openembedded/meta-oe/recipes-extended/redis/redis-7/redis.service +++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis-7.0.12/redis.service diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis_6.2.12.bb b/meta-openembedded/meta-oe/recipes-extended/redis/redis_6.2.13.bb index 3ed6867816..640831c525 100644 --- a/meta-openembedded/meta-oe/recipes-extended/redis/redis_6.2.12.bb +++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis_6.2.13.bb @@ -17,7 +17,7 @@ SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \ file://GNU_SOURCE.patch \ file://0006-Define-correct-gregs-for-RISCV32.patch \ " -SRC_URI[sha256sum] = "75352eef41e97e84bfa94292cbac79e5add5345fc79787df5cbdff703353fb1b" +SRC_URI[sha256sum] = "89ff27c80d420456a721ccfb3beb7cc628d883c53059803513749e13214a23d1" inherit autotools-brokensep update-rc.d systemd useradd diff --git a/meta-openembedded/meta-oe/recipes-extended/redis/redis_7.0.11.bb b/meta-openembedded/meta-oe/recipes-extended/redis/redis_7.0.12.bb index 4626044781..321b90dadf 100644 --- a/meta-openembedded/meta-oe/recipes-extended/redis/redis_7.0.11.bb +++ b/meta-openembedded/meta-oe/recipes-extended/redis/redis_7.0.12.bb @@ -6,8 +6,6 @@ LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://COPYING;md5=8ffdd6c926faaece928cf9d9640132d2" DEPENDS = "readline lua ncurses" -FILESPATH =. "${FILE_DIRNAME}/${BPN}-7:" - SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \ file://redis.conf \ file://init-redis-server \ @@ -19,7 +17,7 @@ SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \ file://GNU_SOURCE-7.patch \ file://0006-Define-correct-gregs-for-RISCV32.patch \ " -SRC_URI[sha256sum] = "ce250d1fba042c613de38a15d40889b78f7cb6d5461a27e35017ba39b07221e3" +SRC_URI[sha256sum] = "9dd83d5b278bb2bf0e39bfeb75c3e8170024edbaf11ba13b7037b2945cf48ab7" inherit autotools-brokensep update-rc.d systemd useradd diff --git a/meta-openembedded/meta-oe/recipes-graphics/vk-gl-cts/khronos-cts.inc b/meta-openembedded/meta-oe/recipes-graphics/vk-gl-cts/khronos-cts.inc index 01f4a572f8..e05e35fe0e 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/vk-gl-cts/khronos-cts.inc +++ b/meta-openembedded/meta-oe/recipes-graphics/vk-gl-cts/khronos-cts.inc @@ -21,7 +21,7 @@ S = "${WORKDIR}/git" inherit pkgconfig cmake features_check python3native qemu -ANY_OF_DISTRO_FEATURES += "opengl wayland" +ANY_OF_DISTRO_FEATURES += "opengl vulkan" DEPENDS += "python3-lxml-native libpng zlib virtual/libgles2 qemu-native" @@ -72,9 +72,9 @@ python __anonymous() { distrofeatures = (d.getVar("DISTRO_FEATURES") or "") if not bb.utils.contains_any("PACKAGECONFIG", ["surfaceless", "wayland", "x11_egl", "x11_glx", "x11_egl_glx"], True, False, d): if "wayland" in distrofeatures: - d.appendVar("DEPENDS", " wayland-native wayland wayland-protocols") + d.appendVar("DEPENDS", " wayland-native ${MLPREFIX}wayland ${MLPREFIX}wayland-protocols") if "x11" in distrofeatures: - d.appendVar("DEPENDS", " virtual/libx11 virtual/egl ") + d.appendVar("DEPENDS", " virtual/${MLPREFIX}libx11 virtual/${MLPREFIX}egl ") } CTSDIR = "/usr/lib/${BPN}" diff --git a/meta-openembedded/meta-oe/recipes-graphics/x11vnc/files/CVE-2020-29074.patch b/meta-openembedded/meta-oe/recipes-graphics/x11vnc/files/CVE-2020-29074.patch new file mode 100644 index 0000000000..fbdb9123cc --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-graphics/x11vnc/files/CVE-2020-29074.patch @@ -0,0 +1,27 @@ +CVE: CVE-2020-29074 +Upstream-Status: Backport [https://github.com/LibVNC/x11vnc/commit/69eeb9f7baa14ca03b16c9de821f9876def7a36a ] +Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> + + +From 69eeb9f7baa14ca03b16c9de821f9876def7a36a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Gu=C3=A9nal=20DAVALAN?= <guenal.davalan@uca.fr> +Date: Wed, 18 Nov 2020 08:40:45 +0100 +Subject: [PATCH] scan: limit access to shared memory segments to current user + +--- + src/scan.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/scan.c b/src/scan.c +index 43e00d20..12994d52 100644 +--- a/src/scan.c ++++ b/src/scan.c +@@ -320,7 +320,7 @@ static int shm_create(XShmSegmentInfo *shm, XImage **ximg_ptr, int w, int h, + + #if HAVE_XSHM + shm->shmid = shmget(IPC_PRIVATE, +- xim->bytes_per_line * xim->height, IPC_CREAT | 0777); ++ xim->bytes_per_line * xim->height, IPC_CREAT | 0600); + + if (shm->shmid == -1) { + rfbErr("shmget(%s) failed.\n", name); diff --git a/meta-openembedded/meta-oe/recipes-graphics/x11vnc/x11vnc_0.9.16.bb b/meta-openembedded/meta-oe/recipes-graphics/x11vnc/x11vnc_0.9.16.bb index 5f7c0beb66..be9ef3cbaa 100644 --- a/meta-openembedded/meta-oe/recipes-graphics/x11vnc/x11vnc_0.9.16.bb +++ b/meta-openembedded/meta-oe/recipes-graphics/x11vnc/x11vnc_0.9.16.bb @@ -12,6 +12,7 @@ PV .= "+git${SRCPV}" SRC_URI = "git://github.com/LibVNC/x11vnc;branch=master;protocol=https \ file://starting-fix.patch \ + file://CVE-2020-29074.patch \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-kernel/libbpf/libbpf_1.1.0.bb b/meta-openembedded/meta-oe/recipes-kernel/libbpf/libbpf_1.1.0.bb index 1aee51f1eb..9517481ee5 100644 --- a/meta-openembedded/meta-oe/recipes-kernel/libbpf/libbpf_1.1.0.bb +++ b/meta-openembedded/meta-oe/recipes-kernel/libbpf/libbpf_1.1.0.bb @@ -17,6 +17,7 @@ COMPATIBLE_HOST = "(x86_64|i.86|aarch64|riscv64|powerpc64).*-linux" S = "${WORKDIR}/git/src" EXTRA_OEMAKE += "DESTDIR=${D} LIBDIR=${libdir} INCLUDEDIR=${includedir}" +EXTRA_OEMAKE:append:class-native = " UAPIDIR=${includedir}" inherit pkgconfig @@ -28,4 +29,8 @@ do_install() { oe_runmake install } +do_install:append:class-native() { + oe_runmake install_uapi_headers +} + BBCLASSEXTEND = "native nativesdk" diff --git a/meta-openembedded/meta-oe/recipes-support/c-ares/c-ares_1.19.0.bb b/meta-openembedded/meta-oe/recipes-support/c-ares/c-ares_1.19.1.bb index bb19ff1bd3..1440d72711 100644 --- a/meta-openembedded/meta-oe/recipes-support/c-ares/c-ares_1.19.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/c-ares/c-ares_1.19.1.bb @@ -6,7 +6,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.md;md5=fb997454c8d62aa6a47f07a8cd48b006" SRC_URI = "git://github.com/c-ares/c-ares.git;branch=main;protocol=https" -SRCREV = "fddf01938d3789e06cc1c3774e4cd0c7d2a89976" +SRCREV = "6360e96b5cf8e5980c887ce58ef727e53d77243a" UPSTREAM_CHECK_GITTAGREGEX = "cares-(?P<pver>\d+_(\d_?)+)" diff --git a/meta-openembedded/meta-oe/recipes-support/fftw/fftw_3.3.10.bb b/meta-openembedded/meta-oe/recipes-support/fftw/fftw_3.3.10.bb index 1fead4d029..33e8279880 100644 --- a/meta-openembedded/meta-oe/recipes-support/fftw/fftw_3.3.10.bb +++ b/meta-openembedded/meta-oe/recipes-support/fftw/fftw_3.3.10.bb @@ -55,7 +55,7 @@ do_configure() { do_compile() { for lib in fftw fftwl fftwf; do cd ${WORKDIR}/build-$lib - sed -i -e 's|${TOOLCHAIN_OPTIONS}||g' config.h + test -n "${TOOLCHAIN_OPTIONS}" && sed -i -e 's|${TOOLCHAIN_OPTIONS}||g' config.h autotools_do_compile done } diff --git a/meta-openembedded/meta-oe/recipes-support/gnulib/gnulib_2018-12-18.bb b/meta-openembedded/meta-oe/recipes-support/gnulib/gnulib_2018-12-18.bb index a27968079e..9e09b971c9 100644 --- a/meta-openembedded/meta-oe/recipes-support/gnulib/gnulib_2018-12-18.bb +++ b/meta-openembedded/meta-oe/recipes-support/gnulib/gnulib_2018-12-18.bb @@ -13,7 +13,7 @@ LICENSE = "LGPL-2.0-or-later" LIC_FILES_CHKSUM = "file://COPYING;md5=56a22a6e5bcce45e2c8ac184f81412b5" SRCREV = "0d6e3307bbdb8df4d56043d5f373eeeffe4cbef3" -SRC_URI = "git://git.savannah.gnu.org/git/gnulib.git;branch=master \ +SRC_URI = "git://git.savannah.gnu.org/git/gnulib.git;branch=master;protocol=https \ " S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/iniparser/iniparser/CVE-2023-33461.patch b/meta-openembedded/meta-oe/recipes-support/iniparser/iniparser/CVE-2023-33461.patch new file mode 100644 index 0000000000..ae714c5318 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/iniparser/iniparser/CVE-2023-33461.patch @@ -0,0 +1,52 @@ +From ace9871f65d11b5d73f0b9ee8cf5d2807439442d Mon Sep 17 00:00:00 2001 +From: Antonio <antoniolrt@gmail.com> +Date: Fri, 2 Jun 2023 15:03:10 -0300 +Subject: [PATCH] Handle null return from iniparser_getstring + +Fix handling of NULL returns from iniparser_getstring in +iniparser_getboolean, iniparser_getlongint and iniparser_getdouble, +avoiding a crash. + +CVE: CVE-2023-33461 + +Upstream-Status: Submitted [https://github.com/ndevilla/iniparser/pull/146/commits/ace9871f65d11b5d73f0b9ee8cf5d2807439442d] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + src/iniparser.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/iniparser.c b/src/iniparser.c +index f1d1658..dbceb20 100644 +--- a/src/iniparser.c ++++ b/src/iniparser.c +@@ -456,7 +456,7 @@ long int iniparser_getlongint(const dictionary * d, const char * key, long int n + const char * str ; + + str = iniparser_getstring(d, key, INI_INVALID_KEY); +- if (str==INI_INVALID_KEY) return notfound ; ++ if (str==NULL || str==INI_INVALID_KEY) return notfound ; + return strtol(str, NULL, 0); + } + +@@ -511,7 +511,7 @@ double iniparser_getdouble(const dictionary * d, const char * key, double notfou + const char * str ; + + str = iniparser_getstring(d, key, INI_INVALID_KEY); +- if (str==INI_INVALID_KEY) return notfound ; ++ if (str==NULL || str==INI_INVALID_KEY) return notfound ; + return atof(str); + } + +@@ -553,7 +553,7 @@ int iniparser_getboolean(const dictionary * d, const char * key, int notfound) + const char * c ; + + c = iniparser_getstring(d, key, INI_INVALID_KEY); +- if (c==INI_INVALID_KEY) return notfound ; ++ if (c==NULL || c==INI_INVALID_KEY) return notfound ; + if (c[0]=='y' || c[0]=='Y' || c[0]=='1' || c[0]=='t' || c[0]=='T') { + ret = 1 ; + } else if (c[0]=='n' || c[0]=='N' || c[0]=='0' || c[0]=='f' || c[0]=='F') { +-- +2.25.1 + diff --git a/meta-openembedded/meta-oe/recipes-support/iniparser/iniparser_4.1.bb b/meta-openembedded/meta-oe/recipes-support/iniparser/iniparser_4.1.bb index f9e1530161..166a74824f 100644 --- a/meta-openembedded/meta-oe/recipes-support/iniparser/iniparser_4.1.bb +++ b/meta-openembedded/meta-oe/recipes-support/iniparser/iniparser_4.1.bb @@ -10,7 +10,8 @@ PV .= "+git${SRCPV}" SRC_URI = "git://github.com/ndevilla/iniparser.git;protocol=https;branch=master \ file://0001-iniparser.pc-Make-libpath-a-variable.patch \ - file://Add-CMake-support.patch" + file://Add-CMake-support.patch \ + file://CVE-2023-33461.patch" SRCREV= "deb85ad4936d4ca32cc2260ce43323d47936410d" diff --git a/meta-openembedded/meta-oe/recipes-support/libcyusbserial/libcyusbserial/0001-CMakeLists.txt-don-t-fall-back-CMAKE_INSTALL_LIBDIR-.patch b/meta-openembedded/meta-oe/recipes-support/libcyusbserial/libcyusbserial/0001-CMakeLists.txt-don-t-fall-back-CMAKE_INSTALL_LIBDIR-.patch new file mode 100644 index 0000000000..d9e10469d3 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/libcyusbserial/libcyusbserial/0001-CMakeLists.txt-don-t-fall-back-CMAKE_INSTALL_LIBDIR-.patch @@ -0,0 +1,43 @@ +From 655c5c32b37a2bea12389ed69c0869215fcf5abe Mon Sep 17 00:00:00 2001 +From: Martin Jansa <Martin.Jansa@gmail.com> +Date: Sun, 3 Sep 2023 11:22:35 +0200 +Subject: [PATCH] CMakeLists.txt: don't fall back CMAKE_INSTALL_LIBDIR to lib + +* testing ${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR} existence + doesn't really work in cross compilation and on some hosts was causing: + + ERROR: QA Issue: libcyusbserial: Files/directories were installed but not shipped in any package: + /usr/lib/libcyusbserial.so.1 + /usr/lib/libcyusbserial.so + Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install. + libcyusbserial: 2 installed and not shipped files. [installed-vs-shipped] + + with multilib using /usr/lib32 or /usr/lib64 when the same didn't + exist on host. + +Upstream-Status: Pending +Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> +--- + lib/CMakeLists.txt | 9 --------- + 1 file changed, 9 deletions(-) + +diff --git a/lib/CMakeLists.txt b/lib/CMakeLists.txt +index 2b031cb..53a7263 100644 +--- a/lib/CMakeLists.txt ++++ b/lib/CMakeLists.txt +@@ -6,15 +6,6 @@ if (NOT CMAKE_INSTALL_LIBDIR) + include(GNUInstallDirs) + endif (NOT CMAKE_INSTALL_LIBDIR) + +-# Fall back to just "lib" if the item provided by GNUInstallDirs doesn't exist +-# For example, on Ubuntu 13.10 with CMake 2.8.11.2, +-# /usr/lib/${CMAKE_LIBRARY_ARCHITECTURE} doesn't exist. +-if (NOT EXISTS "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR}") +- message(STATUS "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR} does not exist. Defaulting libcyusbserial install location to ${CMAKE_INSTALL_PREFIX}/lib.") +- set(CMAKE_INSTALL_LIBDIR lib) +-endif() +- +- + ################################################################################ + # Include paths + ################################################################################ diff --git a/meta-openembedded/meta-oe/recipes-support/libcyusbserial/libcyusbserial_git.bb b/meta-openembedded/meta-oe/recipes-support/libcyusbserial/libcyusbserial_git.bb index 81453fb888..a69194996b 100644 --- a/meta-openembedded/meta-oe/recipes-support/libcyusbserial/libcyusbserial_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/libcyusbserial/libcyusbserial_git.bb @@ -8,7 +8,9 @@ DEPENDS = "libusb udev" PV = "1.0.0+git${SRCPV}" SRCREV = "655e2d544183d094f0e2d119c7e0c6206a0ddb3f" -SRC_URI = "git://github.com/cyrozap/${BPN}.git;branch=master;protocol=https" +SRC_URI = "git://github.com/cyrozap/${BPN}.git;branch=master;protocol=https \ + file://0001-CMakeLists.txt-don-t-fall-back-CMAKE_INSTALL_LIBDIR-.patch \ +" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-oe/recipes-support/libgpiod/libgpiod-2.0/gpio-tools-test-bats-modify.patch b/meta-openembedded/meta-oe/recipes-support/libgpiod/libgpiod-2.0/gpio-tools-test-bats-modify.patch new file mode 100644 index 0000000000..4d49467968 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/libgpiod/libgpiod-2.0/gpio-tools-test-bats-modify.patch @@ -0,0 +1,67 @@ +From 53f9670d6af1bd0745c1df9c469b269c72607b23 Mon Sep 17 00:00:00 2001 +From: Joe Slater <joe.slater@windriver.com> +Date: Tue, 6 Jun 2023 08:04:27 -0700 +Subject: [PATCH] tools: tests: modify delays in toggle test + +The test "gpioset: toggle (continuous)" uses fixed delays to test +toggling values. This is not reliable, so we switch to looking +for transitions from one value to another. + +We wait for a transition up to 1.5 seconds. + +Signed-off-by: Joe Slater <joe.slater@windriver.com> +Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org> + +Upstream-status: accepted + +Signed-off-by: Joe Slater <joe.slater@windriver.com> +--- + tools/gpio-tools-test.bats | 21 ++++++++++++++++----- + 1 file changed, 16 insertions(+), 5 deletions(-) + +diff --git a/tools/gpio-tools-test.bats b/tools/gpio-tools-test.bats +index c83ca7d..929c35a 100755 +--- a/tools/gpio-tools-test.bats ++++ b/tools/gpio-tools-test.bats +@@ -141,6 +141,20 @@ gpiosim_check_value() { + [ "$VAL" = "$EXPECTED" ] + } + ++gpiosim_wait_value() { ++ local OFFSET=$2 ++ local EXPECTED=$3 ++ local DEVNAME=${GPIOSIM_DEV_NAME[$1]} ++ local CHIPNAME=${GPIOSIM_CHIP_NAME[$1]} ++ local PORT=$GPIOSIM_SYSFS/$DEVNAME/$CHIPNAME/sim_gpio$OFFSET/value ++ ++ for i in {1..15}; do ++ [ "$(<$PORT)" = "$EXPECTED" ] && return ++ sleep 0.1 ++ done ++ return 1 ++} ++ + gpiosim_cleanup() { + for CHIP in ${!GPIOSIM_CHIP_NAME[@]} + do +@@ -1567,15 +1581,12 @@ request_release_line() { + gpiosim_check_value sim0 4 0 + gpiosim_check_value sim0 7 0 + +- sleep 1 +- +- gpiosim_check_value sim0 1 0 ++ gpiosim_wait_value sim0 1 0 + gpiosim_check_value sim0 4 1 + gpiosim_check_value sim0 7 1 + +- sleep 1 + +- gpiosim_check_value sim0 1 1 ++ gpiosim_wait_value sim0 1 1 + gpiosim_check_value sim0 4 0 + gpiosim_check_value sim0 7 0 + } +-- +2.25.1 + diff --git a/meta-openembedded/meta-oe/recipes-support/libgpiod/libgpiod.inc b/meta-openembedded/meta-oe/recipes-support/libgpiod/libgpiod.inc index abb6544ec2..cf6c0ae0f6 100644 --- a/meta-openembedded/meta-oe/recipes-support/libgpiod/libgpiod.inc +++ b/meta-openembedded/meta-oe/recipes-support/libgpiod/libgpiod.inc @@ -38,7 +38,7 @@ FILES:${PN}-ptest += " \ FILES:libgpiodcxx = "${libdir}/libgpiodcxx.so.*" RRECOMMENDS:${PN}-ptest += "coreutils" -RDEPENDS:${PN}-ptest += "bats" +RDEPENDS:${PN}-ptest += "${@bb.utils.contains('PTEST_ENABLED', '1', 'bats', '', d)}" do_install_ptest() { install -d ${D}${PTEST_PATH}/tests/ diff --git a/meta-openembedded/meta-oe/recipes-support/libgpiod/libgpiod_2.0.bb b/meta-openembedded/meta-oe/recipes-support/libgpiod/libgpiod_2.0.bb index 179fe170e2..ee20aaf792 100644 --- a/meta-openembedded/meta-oe/recipes-support/libgpiod/libgpiod_2.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/libgpiod/libgpiod_2.0.bb @@ -11,6 +11,8 @@ SRC_URI[sha256sum] = "f74cbf82038b3cb98ebeb25bce55ee2553be28194002d2a9889b9268cc S = "${WORKDIR}/libgpiod-2.0" +SRC_URI += "file://gpio-tools-test-bats-modify.patch" + # We must enable gpioset-interactive for all gpio-tools tests to pass PACKAGECONFIG[tests] = "--enable-tests --enable-gpioset-interactive,--disable-tests,kmod util-linux glib-2.0 catch2 libedit" PACKAGECONFIG[gpioset-interactive] = "--enable-gpioset-interactive,--disable-gpioset-interactive,libedit" diff --git a/meta-openembedded/meta-oe/recipes-support/libiio/libiio_git.bb b/meta-openembedded/meta-oe/recipes-support/libiio/libiio_git.bb index bb253f421a..612dd897be 100644 --- a/meta-openembedded/meta-oe/recipes-support/libiio/libiio_git.bb +++ b/meta-openembedded/meta-oe/recipes-support/libiio/libiio_git.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING.txt;md5=7c13b3376cea0ce68d2d2da0a1b3a72c" SRCREV = "92d6a35f3d8d721cda7d6fe664b435311dd368b4" PV = "0.23" -SRC_URI = "git://github.com/analogdevicesinc/libiio.git;protocol=https;branch=master \ +SRC_URI = "git://github.com/analogdevicesinc/libiio.git;protocol=https;branch=main \ file://0001-CMake-Move-include-CheckCSourceCompiles-before-its-m.patch \ " UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>\d+(\.\d+)+)" diff --git a/meta-openembedded/meta-oe/recipes-support/mcelog/mcelog_191.bb b/meta-openembedded/meta-oe/recipes-support/mcelog/mcelog_191.bb index e713433469..3c1c451c02 100644 --- a/meta-openembedded/meta-oe/recipes-support/mcelog/mcelog_191.bb +++ b/meta-openembedded/meta-oe/recipes-support/mcelog/mcelog_191.bb @@ -18,11 +18,18 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263" S = "${WORKDIR}/git" -inherit autotools-brokensep ptest +inherit ptest COMPATIBLE_HOST = '(x86_64.*|i.86.*)-linux' -do_install:append() { +EXTRA_OEMAKE += "CFLAGS='${CFLAGS}'" + +do_compile() { + oe_runmake +} + +do_install() { + oe_runmake install DESTDIR=${D} install -d ${D}${sysconfdir}/cron.hourly install -m 0755 ${S}/mcelog.cron ${D}${sysconfdir}/cron.hourly/ sed -i 's/bash/sh/' ${D}${sysconfdir}/cron.hourly/mcelog.cron diff --git a/meta-openembedded/meta-oe/recipes-support/opencv/opencv/CVE-2023-2617.patch b/meta-openembedded/meta-oe/recipes-support/opencv/opencv/CVE-2023-2617.patch new file mode 100644 index 0000000000..92c096e29c --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/opencv/opencv/CVE-2023-2617.patch @@ -0,0 +1,88 @@ +commit ccc277247ac1a7aef0a90353edcdec35fbc5903c +Author: Nano <nanoapezlk@gmail.com> +Date: Wed Apr 26 15:09:52 2023 +0800 + + fix(wechat_qrcode): Init nBytes after the count value is determined (#3480) + + * fix(wechat_qrcode): Initialize nBytes after the count value is determined + + * fix(wechat_qrcode): Incorrect count data repair + + * chore: format expr + + * fix(wechat_qrcode): Avoid null pointer exception + + * fix(wechat_qrcode): return when bytes_ is empty + + * test(wechat_qrcode): add test case + + --------- + + Co-authored-by: GZTime <Time.GZ@outlook.com> + +CVE: CVE-2023-2617 + +Upstream-Status: Backport [https://github.com/opencv/opencv_contrib/commit/ccc277247ac1a7aef0a90353edcdec35fbc5903c] + +Signed-off-by: Soumya <soumya.sambu@windriver.com> +--- + +diff --git a/modules/wechat_qrcode/src/zxing/qrcode/decoder/decoded_bit_stream_parser.cpp b/modules/wechat_qrcode/src/zxing/qrcode/decoder/decoded_bit_stream_parser.cpp +index 05de793c..b3a0a69c 100644 +--- a/modules/wechat_qrcode/src/zxing/qrcode/decoder/decoded_bit_stream_parser.cpp ++++ b/modules/wechat_qrcode/src/zxing/qrcode/decoder/decoded_bit_stream_parser.cpp +@@ -65,7 +65,8 @@ void DecodedBitStreamParser::append(std::string& result, string const& in, + + void DecodedBitStreamParser::append(std::string& result, const char* bufIn, size_t nIn, + ErrorHandler& err_handler) { +- if (err_handler.ErrCode()) return; ++ // avoid null pointer exception ++ if (err_handler.ErrCode() || bufIn == nullptr) return; + #ifndef NO_ICONV_INSIDE + if (nIn == 0) { + return; +@@ -190,16 +191,20 @@ void DecodedBitStreamParser::decodeByteSegment(Ref<BitSource> bits_, string& res + CharacterSetECI* currentCharacterSetECI, + ArrayRef<ArrayRef<char> >& byteSegments, + ErrorHandler& err_handler) { +- int nBytes = count; + BitSource& bits(*bits_); + // Don't crash trying to read more bits than we have available. + int available = bits.available(); + // try to repair count data if count data is invalid + if (count * 8 > available) { +- count = (available + 7 / 8); ++ count = (available + 7) / 8; + } ++ size_t nBytes = count; ++ ++ ArrayRef<char> bytes_(nBytes); ++ // issue https://github.com/opencv/opencv_contrib/issues/3478 ++ if (bytes_->empty()) ++ return; + +- ArrayRef<char> bytes_(count); + char* readBytes = &(*bytes_)[0]; + for (int i = 0; i < count; i++) { + // readBytes[i] = (char) bits.readBits(8); +diff --git a/modules/wechat_qrcode/test/test_qrcode.cpp b/modules/wechat_qrcode/test/test_qrcode.cpp +index d59932b8..ec2559b0 100644 +--- a/modules/wechat_qrcode/test/test_qrcode.cpp ++++ b/modules/wechat_qrcode/test/test_qrcode.cpp +@@ -455,5 +455,16 @@ TEST_P(Objdetect_QRCode_Easy_Multi, regression) { + std::string qrcode_model_path[] = {"", "dnn/wechat_2021-01"}; + INSTANTIATE_TEST_CASE_P(/**/, Objdetect_QRCode_Easy_Multi, testing::ValuesIn(qrcode_model_path)); + ++TEST(Objdetect_QRCode_bug, issue_3478) { ++ auto detector = wechat_qrcode::WeChatQRCode(); ++ std::string image_path = findDataFile("qrcode/issue_3478.png"); ++ Mat src = imread(image_path, IMREAD_GRAYSCALE); ++ ASSERT_FALSE(src.empty()) << "Can't read image: " << image_path; ++ std::vector<std::string> outs = detector.detectAndDecode(src); ++ ASSERT_EQ(1, (int) outs.size()); ++ ASSERT_EQ(16, (int) outs[0].size()); ++ ASSERT_EQ("KFCVW50 ", outs[0]); ++} ++ + } // namespace + } // namespace opencv_test diff --git a/meta-openembedded/meta-oe/recipes-support/opencv/opencv_4.7.0.bb b/meta-openembedded/meta-oe/recipes-support/opencv/opencv_4.7.0.bb index 361b004308..a1fbaaa091 100644 --- a/meta-openembedded/meta-oe/recipes-support/opencv/opencv_4.7.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/opencv/opencv_4.7.0.bb @@ -31,6 +31,7 @@ SRC_URI = "git://github.com/opencv/opencv.git;name=opencv;branch=master;protocol file://download.patch \ file://0001-Make-ts-module-external.patch \ file://0008-Do-not-embed-build-directory-in-binaries.patch \ + file://CVE-2023-2617.patch;patchdir=contrib \ " SRC_URI:append:riscv64 = " file://0001-Use-Os-to-compile-tinyxml2.cpp.patch;patchdir=contrib" @@ -162,7 +163,7 @@ python populate_packages:prepend () { metapkg = pn d.setVar('ALLOW_EMPTY:' + metapkg, "1") - blacklist = [ metapkg, "libopencv-ts" ] + blacklist = [ metapkg ] metapkg_rdepends = [ ] for pkg in packages[1:]: if not pkg in blacklist and not pkg in metapkg_rdepends and not pkg.endswith('-dev') and not pkg.endswith('-dbg') and not pkg.endswith('-doc') and not pkg.endswith('-locale') and not pkg.endswith('-staticdev'): diff --git a/meta-openembedded/meta-oe/recipes-support/openldap/openldap/0001-configure-Pass-pthread_t-to-pthread_detach.patch b/meta-openembedded/meta-oe/recipes-support/openldap/openldap/0001-configure-Pass-pthread_t-to-pthread_detach.patch deleted file mode 100644 index 6e73f8b382..0000000000 --- a/meta-openembedded/meta-oe/recipes-support/openldap/openldap/0001-configure-Pass-pthread_t-to-pthread_detach.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 7577b120acda087bf3f5f613c2c72663b3864ad8 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Sun, 4 Sep 2022 09:43:06 -0700 -Subject: [PATCH] configure: Pass pthread_t to pthread_detach - -This helps compilers when using C2X standard - -Upstream-Status: Pending -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - configure.ac | 5 +---- - 1 file changed, 1 insertion(+), 4 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 0978eeb..58d15f8 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1467,10 +1467,7 @@ pthread_rwlock_t rwlock; - dnl save the flags - AC_LINK_IFELSE([AC_LANG_PROGRAM([[ - #include <pthread.h> --#ifndef NULL --#define NULL (void*)0 --#endif --]], [[pthread_detach(NULL);]])],[ol_cv_func_pthread_detach=yes],[ol_cv_func_pthread_detach=no]) -+]], [[pthread_detach((pthread_t)-1);]])],[ol_cv_func_pthread_detach=yes],[ol_cv_func_pthread_detach=no]) - ]) - - if test $ol_cv_func_pthread_detach = no ; then --- -2.37.3 - diff --git a/meta-openembedded/meta-oe/recipes-support/openldap/openldap_2.5.13.bb b/meta-openembedded/meta-oe/recipes-support/openldap/openldap_2.5.16.bb index b117677f9b..a56b454dc0 100644 --- a/meta-openembedded/meta-oe/recipes-support/openldap/openldap_2.5.13.bb +++ b/meta-openembedded/meta-oe/recipes-support/openldap/openldap_2.5.16.bb @@ -19,10 +19,9 @@ SRC_URI = "http://www.openldap.org/software/download/OpenLDAP/openldap-release/$ file://slapd.service \ file://remove-user-host-pwd-from-version.patch \ file://0001-build-top.mk-unset-STRIP_OPTS.patch \ - file://0001-configure-Pass-pthread_t-to-pthread_detach.patch \ " -SRC_URI[sha256sum] = "ee3c430c4ef7b87c57b622108c7339376d6c27fbbf2767770be3de1df63d008c" +SRC_URI[sha256sum] = "546ba591822e8bb0e467d40c4d4a30f89d937c3a507fe83a578f582f6a211327" DEPENDS = "util-linux groff-native" diff --git a/meta-openembedded/meta-oe/recipes-support/opensc/files/CVE-2023-2977.patch b/meta-openembedded/meta-oe/recipes-support/opensc/files/CVE-2023-2977.patch new file mode 100644 index 0000000000..165fc316bf --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/opensc/files/CVE-2023-2977.patch @@ -0,0 +1,54 @@ +CVE: CVE-2023-2977 +Upstream-Status: Backport [ https://github.com/OpenSC/OpenSC/commit/81944d1529202bd28359bede57c0a15deb65ba8a ] +Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> + + +From 81944d1529202bd28359bede57c0a15deb65ba8a Mon Sep 17 00:00:00 2001 +From: fullwaywang <fullwaywang@tencent.com> +Date: Mon, 29 May 2023 10:38:48 +0800 +Subject: [PATCH] pkcs15init: correct left length calculation to fix buffer + overrun bug. Fixes #2785 + +--- + src/pkcs15init/pkcs15-cardos.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/src/pkcs15init/pkcs15-cardos.c b/src/pkcs15init/pkcs15-cardos.c +index 9715cf390f..f41f73c349 100644 +--- a/src/pkcs15init/pkcs15-cardos.c ++++ b/src/pkcs15init/pkcs15-cardos.c +@@ -872,7 +872,7 @@ static int cardos_have_verifyrc_package(sc_card_t *card) + sc_apdu_t apdu; + u8 rbuf[SC_MAX_APDU_BUFFER_SIZE]; + int r; +- const u8 *p = rbuf, *q; ++ const u8 *p = rbuf, *q, *pp; + size_t len, tlen = 0, ilen = 0; + + sc_format_apdu(card, &apdu, SC_APDU_CASE_2_SHORT, 0xca, 0x01, 0x88); +@@ -888,13 +888,13 @@ static int cardos_have_verifyrc_package(sc_card_t *card) + return 0; + + while (len != 0) { +- p = sc_asn1_find_tag(card->ctx, p, len, 0xe1, &tlen); +- if (p == NULL) ++ pp = sc_asn1_find_tag(card->ctx, p, len, 0xe1, &tlen); ++ if (pp == NULL) + return 0; + if (card->type == SC_CARD_TYPE_CARDOS_M4_3) { + /* the verifyRC package on CardOS 4.3B use Manufacturer ID 0x01 */ + /* and Package Number 0x07 */ +- q = sc_asn1_find_tag(card->ctx, p, tlen, 0x01, &ilen); ++ q = sc_asn1_find_tag(card->ctx, pp, tlen, 0x01, &ilen); + if (q == NULL || ilen != 4) + return 0; + if (q[0] == 0x07) +@@ -902,7 +902,7 @@ static int cardos_have_verifyrc_package(sc_card_t *card) + } else if (card->type == SC_CARD_TYPE_CARDOS_M4_4) { + /* the verifyRC package on CardOS 4.4 use Manufacturer ID 0x03 */ + /* and Package Number 0x02 */ +- q = sc_asn1_find_tag(card->ctx, p, tlen, 0x03, &ilen); ++ q = sc_asn1_find_tag(card->ctx, pp, tlen, 0x03, &ilen); + if (q == NULL || ilen != 4) + return 0; + if (q[0] == 0x02) diff --git a/meta-openembedded/meta-oe/recipes-support/opensc/opensc_0.23.0.bb b/meta-openembedded/meta-oe/recipes-support/opensc/opensc_0.23.0.bb index f68107df87..b3fc1f0458 100644 --- a/meta-openembedded/meta-oe/recipes-support/opensc/opensc_0.23.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/opensc/opensc_0.23.0.bb @@ -16,6 +16,7 @@ SRCREV = "5497519ea6b4af596628f8f8f2f904bacaa3148f" SRC_URI = "git://github.com/OpenSC/OpenSC;branch=master;protocol=https \ file://0001-pkcs11-tool-Fix-private-key-import.patch \ file://0002-pkcs11-tool-Log-more-information-on-OpenSSL-errors.patch \ + file://CVE-2023-2977.patch \ " DEPENDS = "virtual/libiconv openssl" diff --git a/meta-openembedded/meta-oe/recipes-support/poppler/poppler/CVE-2023-34872.patch b/meta-openembedded/meta-oe/recipes-support/poppler/poppler/CVE-2023-34872.patch new file mode 100644 index 0000000000..69f164de96 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/poppler/poppler/CVE-2023-34872.patch @@ -0,0 +1,46 @@ +From 591235c8b6c65a2eee88991b9ae73490fd9afdfe Sep 17 00:00:00 2001 +From: Albert Astals Cid <aacid@kde.org> +Date: Fri, 18 Aug 2023 09:17:07 +0000 +Subject: [PATCH] OutlineItem::open: Fix crash on malformed files + +Fixes #1399 + +CVE: CVE-2023-34872 + +Upstream-Status: Backport [https://gitlab.freedesktop.org/poppler/poppler/-/commit/591235c8b6c65a2eee88991b9ae73490fd9afdfe] + +Signed-off-by: Yogita Urade <yogita.urade@windriver.com> +--- + poppler/Outline.cc | 10 +++++++--- + 1 file changed, 7 insertions(+), 3 deletions(-) + +diff --git a/poppler/Outline.cc b/poppler/Outline.cc +index cbb6cb4..4c68be9 100644 +--- a/poppler/Outline.cc ++++ b/poppler/Outline.cc +@@ -14,7 +14,7 @@ + // under GPL version 2 or later + // + // Copyright (C) 2005 Marco Pesenti Gritti <mpg@redhat.com> +-// Copyright (C) 2008, 2016-2019, 2021 Albert Astals Cid <aacid@kde.org> ++// Copyright (C) 2008, 2016-2019, 2021, 2023 Albert Astals Cid <aacid@kde.org> + // Copyright (C) 2009 Nick Jones <nick.jones@network-box.com> + // Copyright (C) 2016 Jason Crain <jason@aquaticape.us> + // Copyright (C) 2017 Adrian Johnson <ajohnson@redneon.com> +@@ -483,8 +483,12 @@ void OutlineItem::open() + { + if (!kids) { + Object itemDict = xref->fetch(ref); +- const Object &firstRef = itemDict.dictLookupNF("First"); +- kids = readItemList(this, &firstRef, xref, doc); ++ if (itemDict.isDict()) { ++ const Object &firstRef = itemDict.dictLookupNF("First"); ++ kids = readItemList(this, &firstRef, xref, doc); ++ } else { ++ kids = new std::vector<OutlineItem *>(); ++ } + } + } + +-- +2.35.5 diff --git a/meta-openembedded/meta-oe/recipes-support/poppler/poppler_23.03.0.bb b/meta-openembedded/meta-oe/recipes-support/poppler/poppler_23.03.0.bb index 165e155ec9..81e776d8f6 100644 --- a/meta-openembedded/meta-oe/recipes-support/poppler/poppler_23.03.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/poppler/poppler_23.03.0.bb @@ -7,6 +7,7 @@ SRC_URI = "http://poppler.freedesktop.org/${BP}.tar.xz \ file://0001-Do-not-overwrite-all-our-build-flags.patch \ file://basename-include.patch \ file://0001-cmake-Do-not-use-isystem.patch \ + file://CVE-2023-34872.patch \ " SRC_URI[sha256sum] = "b04148bf849c1965ada7eff6be4685130e3a18a84e0cce73bf9bc472ec32f2b4" diff --git a/meta-openembedded/meta-oe/recipes-support/yaml-cpp/yaml-cpp/0001-Fix-CMake-export-files-1077.patch b/meta-openembedded/meta-oe/recipes-support/yaml-cpp/yaml-cpp/0001-Fix-CMake-export-files-1077.patch new file mode 100644 index 0000000000..b6c4a3b883 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-support/yaml-cpp/yaml-cpp/0001-Fix-CMake-export-files-1077.patch @@ -0,0 +1,117 @@ +From 3d436f6cfc2dfe52fc1533c01f57c25ae7ffac9c Mon Sep 17 00:00:00 2001 +From: Felix Schwitzer <flx107809@gmail.com> +Date: Fri, 1 Apr 2022 05:26:47 +0200 +Subject: [PATCH] Fix CMake export files (#1077) + +After configuring the file `yaml-cpp-config.cmake.in`, the result ends up with +empty variables. (see also the discussion in #774). + +Rework this file and the call to `configure_package_config_file` according the +cmake documentation +(https://cmake.org/cmake/help/v3.22/module/CMakePackageConfigHelpers.html?highlight=configure_package_config#command:configure_package_config_file) +to overcome this issue and allow a simple `find_package` after install. + +As there was some discussion about the place where to install the +`yaml-cpp-config.cmake` file, e.g. #1055, factor out the install location into +an extra variable to make it easier changing this location in the future. + +Also untabify CMakeLists.txt in some places to align with the other code parts in this file. + +Upstream-Status: Accepted [https://github.com/jbeder/yaml-cpp/pull/1077] + +Signed-off-by: Jasper Orschulko <jasper@fancydomain.eu> +--- + CMakeLists.txt | 29 ++++++++++++++++++----------- + yaml-cpp-config.cmake.in | 10 ++++++---- + 2 files changed, 24 insertions(+), 15 deletions(-) + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index b230b9e..983d1a4 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -127,10 +127,16 @@ set_target_properties(yaml-cpp PROPERTIES + PROJECT_LABEL "yaml-cpp ${yaml-cpp-label-postfix}" + DEBUG_POSTFIX "${CMAKE_DEBUG_POSTFIX}") + ++# FIXME(felix2012): A more common place for the cmake export would be ++# `CMAKE_INSTALL_LIBDIR`, as e.g. done in ubuntu or in this project for GTest ++set(CONFIG_EXPORT_DIR "${CMAKE_INSTALL_DATADIR}/cmake/yaml-cpp") ++set(EXPORT_TARGETS yaml-cpp) + configure_package_config_file( + "${PROJECT_SOURCE_DIR}/yaml-cpp-config.cmake.in" + "${PROJECT_BINARY_DIR}/yaml-cpp-config.cmake" +- INSTALL_DESTINATION "${CMAKE_INSTALL_DATADIR}/cmake/yaml-cpp") ++ INSTALL_DESTINATION "${CONFIG_EXPORT_DIR}" ++ PATH_VARS CMAKE_INSTALL_INCLUDEDIR CONFIG_EXPORT_DIR) ++unset(EXPORT_TARGETS) + + write_basic_package_version_file( + "${PROJECT_BINARY_DIR}/yaml-cpp-config-version.cmake" +@@ -139,30 +145,31 @@ write_basic_package_version_file( + configure_file(yaml-cpp.pc.in yaml-cpp.pc @ONLY) + + if (YAML_CPP_INSTALL) +- install(TARGETS yaml-cpp ++ install(TARGETS yaml-cpp + EXPORT yaml-cpp-targets + RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR} + LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR} + ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR}) +- install(DIRECTORY ${PROJECT_SOURCE_DIR}/include/ ++ install(DIRECTORY ${PROJECT_SOURCE_DIR}/include/ + DESTINATION ${CMAKE_INSTALL_INCLUDEDIR} +- FILES_MATCHING PATTERN "*.h") ++ FILES_MATCHING PATTERN "*.h") + install(EXPORT yaml-cpp-targets +- DESTINATION "${CMAKE_INSTALL_DATADIR}/cmake/yaml-cpp") +- install(FILES +- "${PROJECT_BINARY_DIR}/yaml-cpp-config.cmake" +- "${PROJECT_BINARY_DIR}/yaml-cpp-config-version.cmake" +- DESTINATION "${CMAKE_INSTALL_DATADIR}/cmake/yaml-cpp") ++ DESTINATION "${CONFIG_EXPORT_DIR}") ++ install(FILES ++ "${PROJECT_BINARY_DIR}/yaml-cpp-config.cmake" ++ "${PROJECT_BINARY_DIR}/yaml-cpp-config-version.cmake" ++ DESTINATION "${CONFIG_EXPORT_DIR}") + install(FILES "${PROJECT_BINARY_DIR}/yaml-cpp.pc" + DESTINATION ${CMAKE_INSTALL_DATADIR}/pkgconfig) + endif() ++unset(CONFIG_EXPORT_DIR) + + if(YAML_CPP_BUILD_TESTS) +- add_subdirectory(test) ++ add_subdirectory(test) + endif() + + if(YAML_CPP_BUILD_TOOLS) +- add_subdirectory(util) ++ add_subdirectory(util) + endif() + + if (YAML_CPP_CLANG_FORMAT_EXE) +diff --git a/yaml-cpp-config.cmake.in b/yaml-cpp-config.cmake.in +index 7b41e3f..a7ace3d 100644 +--- a/yaml-cpp-config.cmake.in ++++ b/yaml-cpp-config.cmake.in +@@ -3,12 +3,14 @@ + # YAML_CPP_INCLUDE_DIR - include directory + # YAML_CPP_LIBRARIES - libraries to link against + +-# Compute paths +-get_filename_component(YAML_CPP_CMAKE_DIR "${CMAKE_CURRENT_LIST_FILE}" PATH) +-set(YAML_CPP_INCLUDE_DIR "@CONFIG_INCLUDE_DIRS@") ++@PACKAGE_INIT@ ++ ++set_and_check(YAML_CPP_INCLUDE_DIR "@PACKAGE_CMAKE_INSTALL_INCLUDEDIR@") + + # Our library dependencies (contains definitions for IMPORTED targets) +-include("${YAML_CPP_CMAKE_DIR}/yaml-cpp-targets.cmake") ++include(@PACKAGE_CONFIG_EXPORT_DIR@/yaml-cpp-targets.cmake) + + # These are IMPORTED targets created by yaml-cpp-targets.cmake + set(YAML_CPP_LIBRARIES "@EXPORT_TARGETS@") ++ ++check_required_components(@EXPORT_TARGETS@) +-- +2.39.2 + diff --git a/meta-openembedded/meta-oe/recipes-support/yaml-cpp/yaml-cpp_0.7.0.bb b/meta-openembedded/meta-oe/recipes-support/yaml-cpp/yaml-cpp_0.7.0.bb index d3984abe8b..e04d4705a4 100644 --- a/meta-openembedded/meta-oe/recipes-support/yaml-cpp/yaml-cpp_0.7.0.bb +++ b/meta-openembedded/meta-oe/recipes-support/yaml-cpp/yaml-cpp_0.7.0.bb @@ -8,6 +8,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=6a8aaf0595c2efc1a9c2e0913e9c1a2c" # yaml-cpp releases are stored as archive files in github. # download the exact revision of release SRC_URI = "git://github.com/jbeder/yaml-cpp.git;branch=master;protocol=https" +SRC_URI += "file://0001-Fix-CMake-export-files-1077.patch" SRCREV = "0579ae3d976091d7d664aa9d2527e0d0cff25763" S = "${WORKDIR}/git" |