diff options
Diffstat (limited to 'poky/meta/recipes-devtools')
27 files changed, 427 insertions, 14 deletions
diff --git a/poky/meta/recipes-devtools/binutils/binutils-2.34.inc b/poky/meta/recipes-devtools/binutils/binutils-2.34.inc index b5f5a1c69a..f557fe970c 100644 --- a/poky/meta/recipes-devtools/binutils/binutils-2.34.inc +++ b/poky/meta/recipes-devtools/binutils/binutils-2.34.inc @@ -44,5 +44,7 @@ SRC_URI = "\ file://0017-binutils-drop-redundant-program_name-definition-fno-.patch \ file://CVE-2020-0551.patch \ file://0001-gas-improve-reproducibility-for-stabs-debugging-data.patch \ + file://CVE-2020-16592.patch \ + file://CVE-2020-16598.patch \ " S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-devtools/binutils/binutils/CVE-2020-16592.patch b/poky/meta/recipes-devtools/binutils/binutils/CVE-2020-16592.patch new file mode 100644 index 0000000000..f5f9ccdd53 --- /dev/null +++ b/poky/meta/recipes-devtools/binutils/binutils/CVE-2020-16592.patch @@ -0,0 +1,61 @@ +From 7ecb51549ab1ec22aba5aaf34b70323cf0b8509a Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Wed, 15 Apr 2020 18:58:11 +0930 +Subject: [PATCH] PR25823, Use after free in bfd_hash_lookup + + PR 25823 + * peXXigen.c (_bfd_XXi_swap_sym_in <C_SECTION>): Don't use a + pointer into strings that may be freed for section name, always + allocate a new string. + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=7ecb51549ab1ec22aba5aaf34b70323cf0b8509a] +CVE: CVE-2020-16592 +Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> + +--- + bfd/peXXigen.c | 20 ++++++++++---------- + 1 files changed, 10 insertions(+), 10 deletions(-) + +diff --git a/bfd/peXXigen.c b/bfd/peXXigen.c +index b9eeb775d9b..8aa5914acd9 100644 +--- a/bfd/peXXigen.c ++++ b/bfd/peXXigen.c +@@ -177,25 +177,25 @@ _bfd_XXi_swap_sym_in (bfd * abfd, void * ext1, void * in1) + int unused_section_number = 0; + asection *sec; + flagword flags; ++ size_t name_len; ++ char *sec_name; + + for (sec = abfd->sections; sec; sec = sec->next) + if (unused_section_number <= sec->target_index) + unused_section_number = sec->target_index + 1; + +- if (name == namebuf) ++ name_len = strlen (name) + 1; ++ sec_name = bfd_alloc (abfd, name_len); ++ if (sec_name == NULL) + { +- name = (const char *) bfd_alloc (abfd, strlen (namebuf) + 1); +- if (name == NULL) +- { +- _bfd_error_handler (_("%pB: out of memory creating name for empty section"), +- abfd); +- return; +- } +- strcpy ((char *) name, namebuf); ++ _bfd_error_handler (_("%pB: out of memory creating name " ++ "for empty section"), abfd); ++ return; + } ++ memcpy (sec_name, name, name_len); + + flags = SEC_HAS_CONTENTS | SEC_ALLOC | SEC_DATA | SEC_LOAD; +- sec = bfd_make_section_anyway_with_flags (abfd, name, flags); ++ sec = bfd_make_section_anyway_with_flags (abfd, sec_name, flags); + if (sec == NULL) + { + _bfd_error_handler (_("%pB: unable to create fake empty section"), +-- +2.27.0 + diff --git a/poky/meta/recipes-devtools/binutils/binutils/CVE-2020-16598.patch b/poky/meta/recipes-devtools/binutils/binutils/CVE-2020-16598.patch new file mode 100644 index 0000000000..52bd925c97 --- /dev/null +++ b/poky/meta/recipes-devtools/binutils/binutils/CVE-2020-16598.patch @@ -0,0 +1,32 @@ +From ca3f923f82a079dcf441419f4a50a50f8b4b33c2 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Fri, 17 Apr 2020 10:38:16 +0930 +Subject: [PATCH] PR25840, Null pointer dereference in objdump + + PR 25840 + * debug.c (debug_class_type_samep): Don't segfault on NULL type. + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=ca3f923f82a079dcf441419f4a50a50f8b4b33c2] +CVE: CVE-2020-16598 +Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> + +--- + binutils/debug.c | 2 ++ + 1 files changed, 2 insertions(+) + +diff --git a/binutils/debug.c b/binutils/debug.c +index 022fa4edffb..5470e155edc 100644 +--- a/binutils/debug.c ++++ b/binutils/debug.c +@@ -3277,6 +3277,8 @@ debug_class_type_samep (struct debug_handle *info, struct debug_type_s *t1, + names, since that sometimes fails in the presence of + typedefs and we really don't care. */ + if (strcmp (f1->name, f2->name) != 0 ++ || f1->type == NULL ++ || f2->type == NULL + || ! debug_type_samep (info, + debug_get_real_type ((void *) info, + f1->type, NULL), +-- +2.27.0 + diff --git a/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.4.1.bb b/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.4.1.bb index cdc971cf5d..4112cf484f 100644 --- a/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.4.1.bb +++ b/poky/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.4.1.bb @@ -49,4 +49,4 @@ do_install_append() { fi } -BBCLASSEXTEND = "native" +BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-devtools/diffstat/diffstat_1.63.bb b/poky/meta/recipes-devtools/diffstat/diffstat_1.63.bb index 61b2ea5dc2..863f924b22 100644 --- a/poky/meta/recipes-devtools/diffstat/diffstat_1.63.bb +++ b/poky/meta/recipes-devtools/diffstat/diffstat_1.63.bb @@ -5,7 +5,7 @@ reviewing large, complex patch files." HOMEPAGE = "http://invisible-island.net/diffstat/" SECTION = "devel" LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://install-sh;endline=42;md5=b3549726c1022bee09c174c72a0ca4a5" +LIC_FILES_CHKSUM = "file://COPYING;md5=a3d0bb117493e804b0c1a868ddf23321" SRC_URI = "http://invisible-mirror.net/archives/${BPN}/${BP}.tgz \ file://run-ptest \ @@ -16,8 +16,6 @@ SRC_URI = "http://invisible-mirror.net/archives/${BPN}/${BP}.tgz \ SRC_URI[md5sum] = "b9272ec8af6257103261ec3622692991" SRC_URI[sha256sum] = "7eddd53401b99b90bac3f7ebf23dd583d7d99c6106e67a4f1161b7a20110dc6f" -S = "${WORKDIR}/diffstat-${PV}" - inherit autotools gettext ptest EXTRA_AUTORECONF += "--exclude=aclocal" diff --git a/poky/meta/recipes-devtools/dosfstools/dosfstools_4.1.bb b/poky/meta/recipes-devtools/dosfstools/dosfstools_4.1.bb index e4ab113391..4bd4aef099 100644 --- a/poky/meta/recipes-devtools/dosfstools/dosfstools_4.1.bb +++ b/poky/meta/recipes-devtools/dosfstools/dosfstools_4.1.bb @@ -22,7 +22,7 @@ EXTRA_OECONF = "--without-udev --enable-compat-symlinks" CFLAGS += "-D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64" -BBCLASSEXTEND = "native" +BBCLASSEXTEND = "native nativesdk" # Add codepage437 to avoid error from `dosfsck -l` RRECOMMENDS_${PN}_append_libc-glibc = " glibc-gconv-ibm437" diff --git a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.4.bb b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.4.bb index 4f7cafeac9..439928e433 100644 --- a/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.4.bb +++ b/poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.4.bb @@ -128,6 +128,8 @@ do_compile_ptest() { } do_install_ptest() { + # This file's permissions depends on the host umask so be deterministic + chmod 0644 ${B}/tests/test_data.tmp cp -R --no-dereference --preserve=mode,links -v ${B}/tests ${D}${PTEST_PATH}/test cp -R --no-dereference --preserve=mode,links -v ${S}/tests/* ${D}${PTEST_PATH}/test sed -e 's!../e2fsck/e2fsck!e2fsck!g' \ diff --git a/poky/meta/recipes-devtools/gcc/gcc-9.3/0012-gcc-Fix-argument-list-too-long-error.patch b/poky/meta/recipes-devtools/gcc/gcc-9.3/0012-gcc-Fix-argument-list-too-long-error.patch index 9d98878096..f0b79ee145 100644 --- a/poky/meta/recipes-devtools/gcc/gcc-9.3/0012-gcc-Fix-argument-list-too-long-error.patch +++ b/poky/meta/recipes-devtools/gcc/gcc-9.3/0012-gcc-Fix-argument-list-too-long-error.patch @@ -17,6 +17,10 @@ $(sort list) doesn't need this. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> +RP: gcc then added *.h and *.def additions to this list, breaking the original +fix. Add the sort to the original gcc code, leaving the tr+sort to fix the original +issue but include the new files too as reported by Zhuang <qiuguang.zqg@alibaba-inc.com> + Upstream-Status: Pending --- gcc/Makefile.in | 2 +- @@ -31,7 +35,7 @@ index fef6c4c61e3..57cf7804f0a 100644 # files. All other files are flattened to a single directory. $(mkinstalldirs) $(DESTDIR)$(plugin_includedir) - headers=`echo $(PLUGIN_HEADERS) $$(cd $(srcdir); echo *.h *.def) | tr ' ' '\012' | sort -u`; \ -+ headers="$(sort $(PLUGIN_HEADERS) $$(cd $(srcdir); echo *.h *.def))"; \ ++ headers=`echo $(sort $(PLUGIN_HEADERS)) $$(cd $(srcdir); echo *.h *.def) | tr ' ' '\012' | sort -u`; \ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`; \ for file in $$headers; do \ if [ -f $$file ] ; then \ diff --git a/poky/meta/recipes-devtools/go/go-1.14.inc b/poky/meta/recipes-devtools/go/go-1.14.inc index 8f8ed89de8..02c40f4e25 100644 --- a/poky/meta/recipes-devtools/go/go-1.14.inc +++ b/poky/meta/recipes-devtools/go/go-1.14.inc @@ -1,7 +1,7 @@ require go-common.inc GO_BASEVERSION = "1.14" -GO_MINOR = ".7" +GO_MINOR = ".12" PV .= "${GO_MINOR}" FILESEXTRAPATHS_prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:" @@ -16,6 +16,7 @@ SRC_URI += "\ file://0006-cmd-dist-separate-host-and-target-builds.patch \ file://0007-cmd-go-make-GOROOT-precious-by-default.patch \ file://0008-use-GOBUILDMODE-to-set-buildmode.patch \ + file://0010-cmd-go-permit-CGO_LDFLAGS-to-appear-in-go-ldflag.patch \ " SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch" -SRC_URI[main.sha256sum] = "064392433563660c73186991c0a315787688e7c38a561e26647686f89b6c30e3" +SRC_URI[main.sha256sum] = "b34f4b7ad799eab4c1a52bdef253602ce957125a512f5a1b28dce43c6841b971" diff --git a/poky/meta/recipes-devtools/go/go-1.14/0010-cmd-go-permit-CGO_LDFLAGS-to-appear-in-go-ldflag.patch b/poky/meta/recipes-devtools/go/go-1.14/0010-cmd-go-permit-CGO_LDFLAGS-to-appear-in-go-ldflag.patch new file mode 100644 index 0000000000..85bf39c752 --- /dev/null +++ b/poky/meta/recipes-devtools/go/go-1.14/0010-cmd-go-permit-CGO_LDFLAGS-to-appear-in-go-ldflag.patch @@ -0,0 +1,98 @@ +From 782cf560db4c919790fdb476d1bbe18e5ddf5ffd Mon Sep 17 00:00:00 2001 +From: Ian Lance Taylor <iant@golang.org> +Date: Fri, 13 Nov 2020 11:05:37 -0800 +Subject: [PATCH] cmd/go: permit CGO_LDFLAGS to appear in //go:ldflag + +Fixes #42565 + +Change-Id: If7cf39905d124dbd54dfac6a53ee38270498efed +Reviewed-on: https://go-review.googlesource.com/c/go/+/269818 +Trust: Ian Lance Taylor <iant@golang.org> +Run-TryBot: Ian Lance Taylor <iant@golang.org> +TryBot-Result: Go Bot <gobot@golang.org> +Reviewed-by: Jay Conrod <jayconrod@google.com> + +Upstream-Status: Backport [https://github.com/golang/go/commit/782cf560db4c919790fdb476d1bbe18e5ddf5ffd] +Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> +--- + src/cmd/go/internal/work/exec.go | 15 +++++++++ + src/cmd/go/testdata/script/ldflag.txt | 44 +++++++++++++++++++++++++++ + 2 files changed, 59 insertions(+) + create mode 100644 src/cmd/go/testdata/script/ldflag.txt + +diff --git a/src/cmd/go/internal/work/exec.go b/src/cmd/go/internal/work/exec.go +index 2c40a4bf001e..157ac4cafc70 100644 +--- a/src/cmd/go/internal/work/exec.go ++++ b/src/cmd/go/internal/work/exec.go +@@ -2883,6 +2883,21 @@ func (b *Builder) cgo(a *Action, cgoExe, objdir string, pcCFLAGS, pcLDFLAGS, cgo + idx = bytes.Index(src, []byte(cgoLdflag)) + } + } ++ ++ // We expect to find the contents of cgoLDFLAGS in flags. ++ if len(cgoLDFLAGS) > 0 { ++ outer: ++ for i := range flags { ++ for j, f := range cgoLDFLAGS { ++ if f != flags[i+j] { ++ continue outer ++ } ++ } ++ flags = append(flags[:i], flags[i+len(cgoLDFLAGS):]...) ++ break ++ } ++ } ++ + if err := checkLinkerFlags("LDFLAGS", "go:cgo_ldflag", flags); err != nil { + return nil, nil, err + } +diff --git a/src/cmd/go/testdata/script/ldflag.txt b/src/cmd/go/testdata/script/ldflag.txt +new file mode 100644 +index 000000000000..6ceb33bb70e7 +--- /dev/null ++++ b/src/cmd/go/testdata/script/ldflag.txt +@@ -0,0 +1,44 @@ ++# Issue #42565 ++ ++[!cgo] skip ++ ++# We can't build package bad, which uses #cgo LDFLAGS. ++cd bad ++! go build ++stderr no-such-warning ++ ++# We can build package ok with the same flags in CGO_LDFLAGS. ++env CGO_LDFLAGS=-Wno-such-warning -Wno-unknown-warning-option ++cd ../ok ++go build ++ ++# Build a main program that actually uses LDFLAGS. ++cd .. ++go build -ldflags=-v ++ ++# Because we passed -v the Go linker should print the external linker ++# command which should include the flag we passed in CGO_LDFLAGS. ++stderr no-such-warning ++ ++-- go.mod -- ++module ldflag ++ ++-- bad/bad.go -- ++package bad ++ ++// #cgo LDFLAGS: -Wno-such-warning -Wno-unknown-warning ++import "C" ++ ++func F() {} ++-- ok/ok.go -- ++package ok ++ ++import "C" ++ ++func F() {} ++-- main.go -- ++package main ++ ++import _ "ldflag/ok" ++ ++func main() {} diff --git a/poky/meta/recipes-devtools/llvm/llvm/0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch b/poky/meta/recipes-devtools/llvm/llvm/0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch new file mode 100644 index 0000000000..20eea060b1 --- /dev/null +++ b/poky/meta/recipes-devtools/llvm/llvm/0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch @@ -0,0 +1,31 @@ +From 86940d87026432683fb6741cd8a34d3b9b18e40d Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin <alex.kanavin@gmail.com> +Date: Fri, 27 Nov 2020 10:11:08 +0000 +Subject: [PATCH] AsmMatcherEmitter: sort ClassInfo lists by name as well + +Otherwise, there are instances which are identical in +every other field and therefore sort non-reproducibly +(which breaks binary and source reproducibiliy). + +Upstream-Status: Pending +Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> +--- + llvm/utils/TableGen/AsmMatcherEmitter.cpp | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/llvm/utils/TableGen/AsmMatcherEmitter.cpp b/llvm/utils/TableGen/AsmMatcherEmitter.cpp +index ccf0959389b..1f801e83b7d 100644 +--- a/llvm/utils/TableGen/AsmMatcherEmitter.cpp ++++ b/llvm/utils/TableGen/AsmMatcherEmitter.cpp +@@ -359,7 +359,10 @@ public: + // name of a class shouldn't be significant. However, some of the backends + // accidentally rely on this behaviour, so it will have to stay like this + // until they are fixed. +- return ValueName < RHS.ValueName; ++ if (ValueName != RHS.ValueName) ++ return ValueName < RHS.ValueName; ++ // All else being equal, we should sort by name, for source and binary reproducibility ++ return Name < RHS.Name; + } + }; + diff --git a/poky/meta/recipes-devtools/llvm/llvm_git.bb b/poky/meta/recipes-devtools/llvm/llvm_git.bb index a8607f5008..534e2c685f 100644 --- a/poky/meta/recipes-devtools/llvm/llvm_git.bb +++ b/poky/meta/recipes-devtools/llvm/llvm_git.bb @@ -33,7 +33,8 @@ SRCREV = "c1a0a213378a458fbea1a5c77b315c7dce08fd05" SRC_URI = "git://github.com/llvm/llvm-project.git;branch=${BRANCH} \ file://0006-llvm-TargetLibraryInfo-Undefine-libc-functions-if-th.patch;striplevel=2 \ file://0007-llvm-allow-env-override-of-exe-path.patch;striplevel=2 \ - " + file://0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch;striplevel=2 \ + " UPSTREAM_CHECK_GITTAGREGEX = "llvmorg-(?P<pver>\d+(\.\d+)+)" @@ -101,6 +102,11 @@ do_configure_prepend() { sed -ri "s#lib/${LLVM_DIR}#${baselib}/${LLVM_DIR}#g" ${S}/tools/llvm-config/llvm-config.cpp } +# patch out build host paths for reproducibility +do_compile_prepend_class-target() { + sed -i -e "s,${WORKDIR},,g" ${B}/tools/llvm-config/BuildVariables.inc +} + do_compile() { ninja -v ${PARALLEL_MAKE} } diff --git a/poky/meta/recipes-devtools/patch/patch/CVE-2019-20633.patch b/poky/meta/recipes-devtools/patch/patch/CVE-2019-20633.patch new file mode 100644 index 0000000000..03988a179c --- /dev/null +++ b/poky/meta/recipes-devtools/patch/patch/CVE-2019-20633.patch @@ -0,0 +1,31 @@ +From 15b158db3ae11cb835f2eb8d2eb48e09d1a4af48 Mon Sep 17 00:00:00 2001 +From: Andreas Gruenbacher <agruen@gnu.org> +Date: Mon, 15 Jul 2019 19:10:02 +0200 +Subject: Avoid invalid memory access in context format diffs + +* src/pch.c (another_hunk): Avoid invalid memory access in context format +diffs. + +CVE: CVE-2019-20633 +Upstream-Status: Backport[https://git.savannah.gnu.org/cgit/patch.git/patch/?id=15b158db3ae11cb835f2eb8d2eb48e09d1a4af48] +Signed-off-by: Scott Murray <scott.murray@konsulko.com> + +--- + src/pch.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/pch.c b/src/pch.c +index a500ad9..cb54e03 100644 +--- a/src/pch.c ++++ b/src/pch.c +@@ -1328,6 +1328,7 @@ another_hunk (enum diff difftype, bool rev) + ptrn_prefix_context = context; + ptrn_suffix_context = context; + if (repl_beginning ++ || p_end <= 0 + || (p_end + != p_ptrn_lines + 1 + (p_Char[p_end - 1] == '\n'))) + { +-- +cgit v1.2.1 + diff --git a/poky/meta/recipes-devtools/patch/patch_2.7.6.bb b/poky/meta/recipes-devtools/patch/patch_2.7.6.bb index b5897b357a..1997af0c25 100644 --- a/poky/meta/recipes-devtools/patch/patch_2.7.6.bb +++ b/poky/meta/recipes-devtools/patch/patch_2.7.6.bb @@ -10,6 +10,7 @@ SRC_URI += "file://0001-Unset-need_charset_alias-when-building-for-musl.patch \ file://0001-Invoke-ed-directly-instead-of-using-the-shell.patch \ file://0001-Don-t-leak-temporary-file-on-failed-ed-style-patch.patch \ file://0001-Don-t-leak-temporary-file-on-failed-multi-file-ed.patch \ + file://CVE-2019-20633.patch \ " SRC_URI[md5sum] = "4c68cee989d83c87b00a3860bcd05600" diff --git a/poky/meta/recipes-devtools/perl/perl_5.30.1.bb b/poky/meta/recipes-devtools/perl/perl_5.30.1.bb index b53aff1216..ee6eb6ef0f 100644 --- a/poky/meta/recipes-devtools/perl/perl_5.30.1.bb +++ b/poky/meta/recipes-devtools/perl/perl_5.30.1.bb @@ -146,8 +146,9 @@ do_install() { install lib/ExtUtils/typemap ${D}${libdir}/perl5/${PV}/ExtUtils/ # Fix up shared library - rm ${D}/${libdir}/perl5/${PV}/*/CORE/libperl.so - ln -sf ../../../../libperl.so.${PERL_LIB_VER} $(echo ${D}/${libdir}/perl5/${PV}/*/CORE)/libperl.so + dir=$(echo ${D}/${libdir}/perl5/${PV}/*/CORE) + rm $dir/libperl.so + ln -sf ../../../../libperl.so.${PERL_LIB_VER} $dir/libperl.so } do_install_append_class-target() { diff --git a/poky/meta/recipes-devtools/python/files/0001-bpo-39503-CVE-2020-8492-Fix-AbstractBasicAuthHandler.patch b/poky/meta/recipes-devtools/python/python3/0001-bpo-39503-CVE-2020-8492-Fix-AbstractBasicAuthHandler.patch index e16b99bcb9..e16b99bcb9 100644 --- a/poky/meta/recipes-devtools/python/files/0001-bpo-39503-CVE-2020-8492-Fix-AbstractBasicAuthHandler.patch +++ b/poky/meta/recipes-devtools/python/python3/0001-bpo-39503-CVE-2020-8492-Fix-AbstractBasicAuthHandler.patch diff --git a/poky/meta/recipes-devtools/python/python3/CVE-2019-20907.patch b/poky/meta/recipes-devtools/python/python3/CVE-2019-20907.patch new file mode 100644 index 0000000000..a2e72372dd --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3/CVE-2019-20907.patch @@ -0,0 +1,44 @@ +From a06a6bf4e67a50561f6d6fb33534df1d3035ea34 Mon Sep 17 00:00:00 2001 +From: Rishi <rishi_devan@mail.com> +Date: Wed, 15 Jul 2020 13:51:00 +0200 +Subject: [PATCH] bpo-39017: Avoid infinite loop in the tarfile module + (GH-21454) + +Avoid infinite loop when reading specially crafted TAR files using the tarfile module +(CVE-2019-20907). +(cherry picked from commit 5a8d121a1f3ef5ad7c105ee378cc79a3eac0c7d4) + +Co-authored-by: Rishi <rishi_devan@mail.com> + +Removed testing 'recursion.tar' tar file due to binary data + +Upstream-Status: Backport [https://github.com/python/cpython/commit/c55479556db015f48fc8bbca17f64d3e65598559] +CVE: CVE-2019-20907 +Signed-off-by: Andrej Valek <andrej.valek@siemens.com> +--- + Lib/tarfile.py | 2 ++ + .../2020-07-12-22-16-58.bpo-39017.x3Cg-9.rst | 1 + + 4 files changed, 10 insertions(+) + create mode 100644 Lib/test/recursion.tar + create mode 100644 Misc/NEWS.d/next/Library/2020-07-12-22-16-58.bpo-39017.x3Cg-9.rst + +diff --git a/Lib/tarfile.py b/Lib/tarfile.py +index d31b9cbb51d65..7a69e1b1aa544 100755 +--- a/Lib/tarfile.py ++++ b/Lib/tarfile.py +@@ -1241,6 +1241,8 @@ def _proc_pax(self, tarfile): + + length, keyword = match.groups() + length = int(length) ++ if length == 0: ++ raise InvalidHeaderError("invalid header") + value = buf[match.end(2) + 1:match.start(1) + length - 1] + + # Normally, we could just use "utf-8" as the encoding and "strict" +diff --git a/Misc/NEWS.d/next/Library/2020-07-12-22-16-58.bpo-39017.x3Cg-9.rst b/Misc/NEWS.d/next/Library/2020-07-12-22-16-58.bpo-39017.x3Cg-9.rst +new file mode 100644 +index 0000000000000..ad26676f8b856 +--- /dev/null ++++ b/Misc/NEWS.d/next/Library/2020-07-12-22-16-58.bpo-39017.x3Cg-9.rst +@@ -0,0 +1 @@ ++Avoid infinite loop when reading specially crafted TAR files using the tarfile module (CVE-2019-20907). diff --git a/poky/meta/recipes-devtools/python/python3_3.8.2.bb b/poky/meta/recipes-devtools/python/python3_3.8.2.bb index 1d0b4cdb77..9eddad4ad4 100644 --- a/poky/meta/recipes-devtools/python/python3_3.8.2.bb +++ b/poky/meta/recipes-devtools/python/python3_3.8.2.bb @@ -33,6 +33,7 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \ file://0001-python3-Do-not-hardcode-lib-for-distutils.patch \ file://0020-configure.ac-setup.py-do-not-add-a-curses-include-pa.patch \ file://0001-bpo-39503-CVE-2020-8492-Fix-AbstractBasicAuthHandler.patch \ + file://CVE-2019-20907.patch \ file://CVE-2020-14422.patch \ file://CVE-2020-26116.patch \ file://CVE-2020-27619.patch \ @@ -52,6 +53,8 @@ UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar" CVE_PRODUCT = "python" +# Upstream consider this expected behaviour +CVE_CHECK_WHITELIST += "CVE-2007-4559" # This is not exploitable when glibc has CVE-2016-10739 fixed. CVE_CHECK_WHITELIST += "CVE-2019-18348" diff --git a/poky/meta/recipes-devtools/qemu/qemu.inc b/poky/meta/recipes-devtools/qemu/qemu.inc index 067179fdeb..7a963ad57c 100644 --- a/poky/meta/recipes-devtools/qemu/qemu.inc +++ b/poky/meta/recipes-devtools/qemu/qemu.inc @@ -51,6 +51,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ file://0001-target-mips-Increase-number-of-TLB-entries-on-the-34.patch \ file://CVE-2019-20175.patch \ file://CVE-2020-24352.patch \ + file://CVE-2020-25723.patch \ " UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar" diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-25723.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-25723.patch new file mode 100644 index 0000000000..e6e0f5ec30 --- /dev/null +++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2020-25723.patch @@ -0,0 +1,52 @@ +From 2fdb42d840400d58f2e706ecca82c142b97bcbd6 Mon Sep 17 00:00:00 2001 +From: Li Qiang <liq3ea@163.com> +Date: Wed, 12 Aug 2020 09:17:27 -0700 +Subject: [PATCH] hw: ehci: check return value of 'usb_packet_map' + +If 'usb_packet_map' fails, we should stop to process the usb +request. + +Signed-off-by: Li Qiang <liq3ea@163.com> +Message-Id: <20200812161727.29412-1-liq3ea@163.com> +Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> + + +Upstream-Status: Backport [https://git.qemu.org/?p=qemu.git;a=commit;h=2fdb42d840400d58f2e706ecca82c142b97bcbd6] +CVE: CVE-2020-25723 +Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> + +--- + hw/usb/hcd-ehci.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/hw/usb/hcd-ehci.c b/hw/usb/hcd-ehci.c +index 58cceac..4da446d 100644 +--- a/hw/usb/hcd-ehci.c ++++ b/hw/usb/hcd-ehci.c +@@ -1373,7 +1373,10 @@ static int ehci_execute(EHCIPacket *p, const char *action) + spd = (p->pid == USB_TOKEN_IN && NLPTR_TBIT(p->qtd.altnext) == 0); + usb_packet_setup(&p->packet, p->pid, ep, 0, p->qtdaddr, spd, + (p->qtd.token & QTD_TOKEN_IOC) != 0); +- usb_packet_map(&p->packet, &p->sgl); ++ if (usb_packet_map(&p->packet, &p->sgl)) { ++ qemu_sglist_destroy(&p->sgl); ++ return -1; ++ } + p->async = EHCI_ASYNC_INITIALIZED; + } + +@@ -1453,7 +1456,10 @@ static int ehci_process_itd(EHCIState *ehci, + if (ep && ep->type == USB_ENDPOINT_XFER_ISOC) { + usb_packet_setup(&ehci->ipacket, pid, ep, 0, addr, false, + (itd->transact[i] & ITD_XACT_IOC) != 0); +- usb_packet_map(&ehci->ipacket, &ehci->isgl); ++ if (usb_packet_map(&ehci->ipacket, &ehci->isgl)) { ++ qemu_sglist_destroy(&ehci->isgl); ++ return -1; ++ } + usb_handle_packet(dev, &ehci->ipacket); + usb_packet_unmap(&ehci->ipacket, &ehci->isgl); + } else { +-- +1.8.3.1 + diff --git a/poky/meta/recipes-devtools/ruby/ruby.inc b/poky/meta/recipes-devtools/ruby/ruby.inc index a38b3fe624..7b6d4edc61 100644 --- a/poky/meta/recipes-devtools/ruby/ruby.inc +++ b/poky/meta/recipes-devtools/ruby/ruby.inc @@ -14,7 +14,7 @@ LIC_FILES_CHKSUM = "\ file://LEGAL;md5=2b6d62dc0d608f34d510ca3f428110ec \ " -DEPENDS = "ruby-native zlib openssl tcl libyaml gdbm readline libffi" +DEPENDS = "ruby-native zlib openssl libyaml gdbm readline libffi" DEPENDS_class-native = "openssl-native libyaml-native readline-native zlib-native" SHRT_VER = "${@oe.utils.trim_version("${PV}", 2)}" diff --git a/poky/meta/recipes-devtools/ruby/ruby/0001-template-Makefile.in-do-not-write-host-cross-cc-item.patch b/poky/meta/recipes-devtools/ruby/ruby/0001-template-Makefile.in-do-not-write-host-cross-cc-item.patch new file mode 100644 index 0000000000..826daf2cda --- /dev/null +++ b/poky/meta/recipes-devtools/ruby/ruby/0001-template-Makefile.in-do-not-write-host-cross-cc-item.patch @@ -0,0 +1,32 @@ +From 2368d07660a93a2c41d63f3ab6054ca4daeef820 Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin <alex.kanavin@gmail.com> +Date: Tue, 17 Nov 2020 18:31:40 +0000 +Subject: [PATCH] template/Makefile.in: do not write host cross-cc items into + target config + +This helps reproducibility. + +Upstream-Status: Inapproppriate [oe-core specific] +Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> +--- + template/Makefile.in | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/template/Makefile.in b/template/Makefile.in +index 10dc826..940ee07 100644 +--- a/template/Makefile.in ++++ b/template/Makefile.in +@@ -657,11 +657,11 @@ mjit_config.h: + echo '#endif'; \ + quote MJIT_MIN_HEADER_NAME "$(MJIT_MIN_HEADER_NAME)"; \ + sep=,; \ +- quote "MJIT_CC_COMMON " $(MJIT_CC); \ ++ quote "MJIT_CC_COMMON " ; \ + quote "MJIT_CFLAGS MJIT_ARCHFLAG" $(MJIT_CFLAGS); \ + quote "MJIT_OPTFLAGS " $(MJIT_OPTFLAGS); \ + quote "MJIT_DEBUGFLAGS " $(MJIT_DEBUGFLAGS); \ +- quote "MJIT_LDSHARED " $(MJIT_LDSHARED); \ ++ quote "MJIT_LDSHARED " ; \ + quote "MJIT_DLDFLAGS MJIT_ARCHFLAG" $(MJIT_DLDFLAGS); \ + quote "MJIT_LIBS " $(LIBRUBYARG_SHARED); \ + quote 'PRELOADENV "@PRELOADENV@"'; \ diff --git a/poky/meta/recipes-devtools/ruby/ruby_2.7.1.bb b/poky/meta/recipes-devtools/ruby/ruby_2.7.1.bb index f87686f6f7..a6c65e887b 100644 --- a/poky/meta/recipes-devtools/ruby/ruby_2.7.1.bb +++ b/poky/meta/recipes-devtools/ruby/ruby_2.7.1.bb @@ -7,6 +7,7 @@ SRC_URI += " \ file://run-ptest \ file://0001-Modify-shebang-of-libexec-y2racc-and-libexec-racc2y.patch \ file://CVE-2020-25613.patch \ + file://0001-template-Makefile.in-do-not-write-host-cross-cc-item.patch \ " SRC_URI[md5sum] = "debb9c325bf65021214451660f46e909" diff --git a/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-aarch64 b/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-aarch64 index a3a0c6e50f..93bfd45a4e 100644 --- a/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-aarch64 +++ b/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-aarch64 @@ -31,8 +31,6 @@ drd/tests/annotate_static drd/tests/annotate_trace_memory drd/tests/annotate_trace_memory_xml drd/tests/atomic_var -drd/tests/bar_bad -drd/tests/bar_bad_xml drd/tests/bar_trivial drd/tests/bug-235681 drd/tests/bug322621 diff --git a/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-all b/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-all new file mode 100644 index 0000000000..d6a85c4735 --- /dev/null +++ b/poky/meta/recipes-devtools/valgrind/valgrind/remove-for-all @@ -0,0 +1,2 @@ +drd/tests/bar_bad +drd/tests/bar_bad_xml diff --git a/poky/meta/recipes-devtools/valgrind/valgrind/run-ptest b/poky/meta/recipes-devtools/valgrind/valgrind/run-ptest index 97b0a85dbf..7217dfca5d 100755 --- a/poky/meta/recipes-devtools/valgrind/valgrind/run-ptest +++ b/poky/meta/recipes-devtools/valgrind/valgrind/run-ptest @@ -17,6 +17,12 @@ EXP_TOOLS="exp-bbv exp-dhat exp-sgcheck" GDB_BIN=@bindir@/gdb cd ${VALGRIND_LIB}/ptest && ./gdbserver_tests/make_local_links ${GDB_BIN} +echo "Hide valgrind tests that are non-deterministic" +echo "Reported at https://bugs.kde.org/show_bug.cgi?id=430321" +for i in `cat remove-for-all`; do + mv $i.vgtest $i.IGNORE; +done + arch=`arch` if [ "$arch" = "aarch64" ]; then echo "Aarch64: Hide valgrind tests that result in defunct process and then out of memory" @@ -44,6 +50,10 @@ if [ "$arch" = "aarch64" ]; then done fi +echo "Restore valgrind tests that are non-deterministc" +for i in `cat remove-for-all`; do + mv $i.IGNORE $i.vgtest; +done passed=`grep PASS: ${LOG}|wc -l` failed=`grep FAIL: ${LOG}|wc -l` diff --git a/poky/meta/recipes-devtools/valgrind/valgrind_3.15.0.bb b/poky/meta/recipes-devtools/valgrind/valgrind_3.15.0.bb index a764d18177..e16a58fc62 100644 --- a/poky/meta/recipes-devtools/valgrind/valgrind_3.15.0.bb +++ b/poky/meta/recipes-devtools/valgrind/valgrind_3.15.0.bb @@ -16,6 +16,7 @@ SRC_URI = "https://sourceware.org/pub/valgrind/valgrind-${PV}.tar.bz2 \ file://Added-support-for-PPC-instructions-mfatbu-mfatbl.patch \ file://run-ptest \ file://remove-for-aarch64 \ + file://remove-for-all \ file://0004-Fix-out-of-tree-builds.patch \ file://0005-Modify-vg_test-wrapper-to-support-PTEST-formats.patch \ file://0001-Remove-tests-that-fail-to-build-on-some-PPC32-config.patch \ @@ -171,6 +172,7 @@ do_install_ptest() { # The scripts reference config.h so add it to the top ptest dir. cp ${B}/config.h ${D}${PTEST_PATH} install -D ${WORKDIR}/remove-for-aarch64 ${D}${PTEST_PATH} + install -D ${WORKDIR}/remove-for-all ${D}${PTEST_PATH} # Add an executable need by none/tests/bigcode mkdir ${D}${PTEST_PATH}/perf |