From 26bdd44576f25d63bf32632369b0cbdd94c93d7a Mon Sep 17 00:00:00 2001 From: Brad Bishop Date: Fri, 16 Aug 2019 17:08:17 -0400 Subject: subtree updates MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit meta-openembedded: 64974b8779..c95842cdca: Adrian Bunk (46): modemmanager: Remove the obsolete dependency on dbus-glib gpsd: Remove the obsolete dependency on dbus-glib eggdbus: Remove this obsolete package sanity-meta-gnome: Remove obsolete class gssdp: Merge inc vlc: notify switched to GTK+3 some time ago tremor: Upgrade 20150107 -> 20180319 vlc: Remove the obsolete dependency on dbus-glib blueman: Enable thunar support by default but don't rdepend on it gnome-bluetooth: Drop bluez4 support networkmanager: Drop bluez4 support packagegroup-meta-networking-connectivity: Correct a DISTRO_FEATURES check packagegroup-tools-bluetooth: Remove bluez4 support cpprest: Fix build failure with gcc 8 packagegroup-basic: Remove bluez4 support packagegroup-meta-oe: Remove bogus bluez4 DISTRO_FEATURES checks esound: Remove this obsolete package gpsd: Remove obsolete musl patch gpsd: Don't build without optimization zeromq: Upgrade 4.3.1 -> 4.3.2 obex-data-server: Drop bluez4 support openobex: Drop bluez4 support gpsd: Drop bluez4 support libao: Remove the non-default esound PACKAGECONFIG gpsd: Disable manpage building by config option instead of patching gpsd: Upgrade 3.18.1 -> 3.19 gnome-desktop3: Fix REQUIRED_DISTRO_FEATURES meta-gnome: Remove GNOME_COMPRESS_TYPE = "xz" in recipes jasper: Use the new upstream GitHub location instead of the defunct tarball URL fluidsynth: Add PACKAGECONFIG for readline meta-multimedia: Remove GNOME_COMPRESS_TYPE = "xz" in recipes udisks: Remove this obsolete version gpsd: Switch from python-scons-native to python3-scons-native meta-gnome: Inherit gnomebase instead of gnome meta-oe: Inherit gnomebase instead of gnome libgsf: Drop the obsolete inherit gconf gnome-system-monitor: Add DEPENDS on polkit meta-oe: Change some ftp:// URIs to http(s):// meta-oe: Use GNU_MIRROR in more recipes wireshark: Use an upstream URL that stays valid longer modemmanager: Use a simpler workaround for the clang build network-manager-applet: Remove obsolete do_configure_append network-manager-applet: Remove the obsolete DEPENDS on gconf wv: Remove, abiword was the only user gtkmathview: Remove, abiword was the last user t1lib: Remove, gtkmathview was the last user Alex Kiernan (6): keyutils: Fix build with usrmerge iwd: update to 0.18 libzip: Upgrade 1.5.1 -> 1.5.2 zstd: New recipe zstd: Update 1.4.0 -> 1.4.2 iwd: Upgrade 0.18 -> 0.19 Alexander Kanavin (3): python-matplotlib: remove the python 2.x version of the recipe python-oauthlib: remove the 2.x version of the recipe python-pandas: remove the python 2.x version of the recipe Alistair Francis (3): gpsd: Upgrade from 3.17 to 3.18.1 gpsd: Fix the systemd service run paths python: pypi: Add python3-term Anatol Belski (1): gperftools: separate off libtcmalloc-minimal Andreas Müller (2): meta-xfce: Make Kai Kang layer maintainer abiword: remove Andrej Valek (2): nodejs: 10.15.3 -> 10.16.0 nodejs: 10.16.0 -> 10.16.2 André Draszik (1): layer.conf: ignore wireless-regdb->crda dep for siggen purposes Ankit Navik (1): safec: Remove aarch64 from COMPATIBLE_HOST Anuj Mittal (2): xterm: upgrade 330 -> 347 libsdl: import from OE-Core Armin Kuster (5): keyutils: update to 1.6 keyutils: improve ptests keyutils: fix QA WARNING keyutils: fix pulling in glibc when musl enabled keyutils: fix library install path Arturo Buzarra (1): lvm2: Fix RDEPEND on lvm2 to lvm2-udevrules Ayoub Zaki (1): pegtl: Initial recipe Bartosz Golaszewski (2): bats: new package libgpiod: bump version to v1.4.1 Beniamin Sandu (1): unbound: create recipe for version 1.9.2 Callaghan, Dan (1): unixodbc: mysql5 is not required but readline is Changqing Li (15): python-pygobject: fix install dir for python2 dlm: upgrade 4.0.7 -> 4.0.9 uthash: remove uthash-ptest dependencies waf-samba: switch to python3 libtevent: upgrade 0.9.37 -> 0.10.0 libtdb: upgrade 1.3.17 -> 1.4.0 libtalloc: upgrade 2.1.14 -> 2.2.0 samba: upgrade 4.8.12 -> 4.10.5 libldb: upgrade 1.4.1 -> 1.5.4 volume-key: fix "Nothing RPROVIDES" when multilib enabled isomd5sum: fix "Nothing RPROVIDES" when multilib enabled satyr: fix "Nothing RPROVIDES" when multilib enabled libtevent: fix do_package_qa issue libtdb: fix do_package_qa issue fio: Delete redundant tag Chin Huat Ang (1): opencv: 3.4.5 -> 4.1.0 Denys Dmytriyenko (1): ufs-tool: add tool to access UFS (Universal Flash Storage) devices Douglas Royds (2): grpc: DEPENDS on googletest packagegroup-meta-oe: RDEPENDS on googletest Drew Moseley (1): networkmanager: Use ALTERNATIVES for resolv-conf handling. Erik Botö (1): paho-mqtt-c: enable SSL Fabian Klemp (1): openvpn: respect pid file in init.d service start Gianfranco Costamagna (3): iniparser: add initial recipe cpprest: update to 2.10.14 cpprest: Do not export Werror from build system instead of adding -Wno-error to the same build command He Zhe (1): drbd-utils: Fix netlink failure with nested attributes for kernel v5.2 Hongxu Jia (24): packagegroup-xfce-extended: conditional runtime recommends on xfce-polkit xfce-polkit: add required distro feature check to polkit xfce4-session: optional support polkit upower: remove polkit dependency gvfs: add meson option admin and udisks2 to PACKAGECONFIG mongodb: add to PNBLACKLIST itstool: use libxml2 to instead of python3-lxml meta-multimedia: add layer depends on meta-python itstool: use libxml2 to instead of python3-lxml python-six: remove duplicated recipe libauthen-radius-perl: ptest requires meta-networking to be present xfce4-panel: use lxdm to replace dm-tool drop lxdm_%.bbappend python3-pykickstart: 3.18 -> 3.20 python3-blivet: 3.1.2 -> 3.1.4 python-pyparted/python3-pyparted: 3.11.1 -> 3.11.2 libbytesize: 1.4 -> 2.0 libblockdev: 2.20 -> 2.22 network-manager-applet: 1.8.20 -> 1.8.22 thin-provisioning-tools: 0.7.6 -> 0.8.5 libreport: 2.9.7 -> 2.10.0 python3-blivetgui: fix blivet-gui broken php: remove 5.6.40 lmsensors: support package lmsensors Jackie Huang (1): keyutils: add new recipe Jason Wessel (1): libbytesize: Add depends for gettext-native Joshua Lock (3): python-cffi: add missing RDEPENDS on pycparser python-attrs: add native BBCLASSEXTEND python-dateutil: add native BBCLASSEXTEND Kai Kang (39): mozjs: fix configure failure on CentOS 7.6 libvncserver: update to latest commit 1354f7f libxfce4util: 4.13.3 -> 4.13.4 libxfce4ui: 4.13.5 -> 4.13.6 exo: 0.12.5 -> 0.12.6 xfconf: 4.13.7 -> 4.13.8 thunar: 1.8.6 -> 1.8.7 xfce4-session: 4.13.2 -> 4.13.3 xfwm4: 4.13.2 -> 4.13.3 xfdesktop: 4.13.4 -> 4.13.5 xfce4-power-manager: 1.6.2 -> 1.6.3 xfce4-panel: 4.13.5 -> 4.13.6 xfce4-dev-tools: 4.12.0 -> 4.13.0 thunar-volman: 0.9.2 -> 0.9.3 garcon: 0.6.2 -> 0.6.3 xfce4-settings: 4.12.4 -> 4.13.7 xfce4-pulseaudio-plugin: add dependency dbus-glib xfce4-verve-plugin: 1.1.0 -> 2.0.0 net-snmp: update SRC_URI xfwm4: fix assertion error poppler: toggle gobject-introspection support xfce4-settings: rrecommends xfce4-datetime-setter xfce4-datetime-setter: add recipe libxfce4util: 4.13.4 -> 4.14.0 xfconf: 4.13.8 -> 4.14.1 libxfce4ui: 4.13.6 -> 4.14.1 exo: 0.12.6 -> 0.12.8 garcon: 0.6.3 -> 0.6.4 thunar: 1.8.7 -> 1.8.9 thunar-volman: 0.9.3 -> 0.9.5 tumbler: 0.2.0 -> 0.2.7 xfce4-appfinder: 4.13.3 -> 4.14.0 xfce4-dev-tools: 4.13.0 -> 4.14.0 xfce4-panel: 4.13.6 -> 4.14.0 xfce4-power-manager: 1.6.3 -> 1.6.5 xfce4-session: 4.13.3 -> 4.14.0 xfce4-settings: 4.13.7 -> 4.14.0 xfdesktop: 4.13.5 -> 4.14.1 xfwm4: 4.13.3 -> 4.14.0 Khem Raj (44): wvdial: Fix build with musl librelp: Pass Wno-error to compiler recipes: Use BPN instead of PN in SRC_URIs cli11: Refresh patch to fix fuzz sthttpd: Use git SRC_URI instead of github archive arno-iptables-firewall: Switch to git fetcher firewalld: Update to 0.6.3->0.6.4 python-matplotlib: Use git src_uri mpv: Switch to using git fetcher x11vnc: Switch to git fetcher dumb-init: Switch to git fetcher pam-plugin-ldapdb: Use git fetcher libuv: Switch to using git fetcher usbctl: Switch to git fetcher pmdk: Fix libdir which is multi-lib aware kexec-tools-klibc: Refresh patch with no code change log4cplus: Fix build with gold linker orage: Fix build with libical3 pegtl: Fix build with clang/libc++ postfix: Fix build failures with glibc 2.30 snort: Fix build with glibc 2.30 opensaf: Add configure time check to detect gettid API in libc ypbind-mt: Fix build with glibc 2.30 openocd: Fix build with glibc 2.30 netkit-rusers: Add dep on rpcsvc-proto for rpc headers collectd: Fix build with glibc 2.30 alsa-oss: Drop now not needed patch klcc-cross: Recognise --unwindlib clang option libsub-exporter-progressive-perl: Remove unneeded DEPENDS_PN libedit: Delete sjf2410-linux-native: Do not include sys/io.h gradm: Upgrade to 3.1-201903191516 release pmdk: Fix packaging errors when building on non-x86 host klibc: Pass -fno-builtin-bcmp with musl/clang combo graphviz: Fix build error that surfaced with latest pango graphviz: Do not build tcl support for target python-grpcio: Use gettid API from glibc 2.30+ grpc: Update to 1.22.0 android-tools: Fix build with glibc 2.30 iperf2: Upgrade to 2.0.13 netkit-rusers: Depend on rpcsvc-proto-native for rpcgen tool kpatch: Pass ARCH from environment python3-pillow: Provide python3-imaging netkit-rusers: Fix cross-build after glibc dropped rpc Laszlo Toth (1): networkmanager: fix typo in nonarch_base_libdir Liwei Song (2): pm-graph: fix time format parse error fio: fix first direct IO errored when ioengine is splice Luca Boccassi (2): python-pygobject: move python-setuptools from RDEPENDS to DEPENDS python-pygobject: remove build-dependency on setuptools and add dependency on pkgutil Luca Ceresoli (4): fuse-exfat: moved to github exfat-utils: moved to github fuse-exfat: update 1.2.3 -> 1.3.0 exfat-utils: update 1.2.3 -> 1.3.0 Luca Palano (1): Netdata upgrade: 1.8.0 -> 1.16.0 Maciej Pijanowski (8): python3-websockets: upgrade to 8.0.2 python3-multidict: upgrade to 4.5.2 python-engineio: upgrade to 3.9.3 python-socketio: upgrade to 4.3.1 python-aiohttp.inc: add missing RDEPENDS python-async-timeout: add asyncio to RDEPENDS python-socketio.inc: add missing RDEPENDS python3-aiofiles: add recipe Mariano Lopez (1): nftables: 0.9.0 > 0.9.1 Martin Jansa (8): protobuf: fix build with gold SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS add lsb and util-linux for phoronix-test-suite oprofile: drop kernel-vmlinux from RRECOMMENDS libdbi-perl: prevent native libdbi-perl depending on target perl redis: backport a fix for stack trace generation on aarch64 ntop: fix missing return from non-void function python3-twofish: Fix missing return statements in module stubs kernel-selftest: skip -Werror=format-security and fortify Max Krummenacher (1): joe: update to 4.6 Mikko Rapeli (2): protobuf: fix ptest compilation with hardening flags stress-ng: delete recipe Mingli Yu (7): fio: Upgrade to 3.15 crash: Upgrade to 7.2.6 makedumpfile: Upgrade to 1.6.6 hwloc: Upgrade to 1.11.13 iperf3: Upgrade to 3.7 log4cplus: Upgrade to 2.0.4 log4cplus: remove gold linker setting Oleksandr Kravchuk (22): nghttp2: update to 1.39.1 drbd-utils: update to 9.10.0 drbd: update to 9.0.18-1 keepalived: update to 2.0.16 nano: update to 4.3 nuttcp: add systemd unit file mbedtls: update to 2.16.2 dhcpcd: update to 7.2.2 freediameter: update to 1.2.1 sethdlc: set PV in filename miniupnpd: update to 2.1.20190210 ipvsadm: update to 1.30 uftp: update to 4.9.11 libnftnl: update to 1.1.3 dhcpcd: update to 7.2.3 blueman: update to 2.1.1 uftp: update to 4.10 htpdate: update to 1.2.1 dhcpcd: update to 8.0.1 chrony: update to 3.5 wolfssl: update to 4.1.0 dhcpcd: update to 8.0.2 Ovidiu Panait (2): python3-pillow: 5.4.1 -> 6.1 python3-pillow: Add python3-misc/logging/numbers to RDEPENDS Paolo Valente (1): s-suite: push SRCREV to version 3.5 Parthiban Nallathambi (1): python3-matplotlib: add version 3.1.1 Pascal Bach (1): protobuf: 1.3.1 -> 1.3.2 Paul Eggleton (3): mraa: update to 2.0.0 upm: update to 2.0.0 picocom: update to 3.1 Pierre-Jean Texier (2): stunnel: bump to version 5.55 cppzmq: bump to version 4.4.1 Piotr Tworek (1): itstool: Don't use hardcoded, absolute path to python3 binary. Qi.Chen@windriver.com (3): turbostat: set PACKAGE_ARCH as MACHINE_ARCH esmtp: use alternatives to manage /usr/lib/sendmail postfix: use alternatives to manage /usr/lib/sendmail Radovan Scasny (2): dhcpcd: enable udev by default dhcpcd: fix building with pkgconfig Randy MacLeod (2): poppler: update from 0.75.0 to 0.79.0 rsyslog: update from 8.1903.0 to 8.1907.0 Ricardo Ribalda Delgado (1): fwts: Update to 19.06.00 Robert Joslyn (1): cryptsetup: Don't enable udev for native build Roman Stratiienko (1): glmark2: Upgrade SRCREV to latest Ross Burton (2): gtk+: add (from oe-core) gnome-themes-standard: add recipe for GTK+ 2 Adwaita Ruslan Bilovol (2): libnss-nisplus: Add recipe kpatch: fix QA build errors for nativesdk Saravanan Sekar (1): liblightmodbus: Add version 2.0.2 Scott Ellis (1): wireguard: Upgrade 20190406 to 20190702 Slater, Joseph (3): drbd-utils: enable reproducible_build awareness php: remove host specific info from header file mozjs: do not expose intl api for mips64 Tim Orling (9): libencode-perl: upgrade 2.94 -> 3.01; enable ptest libdbi-perl: fix dependencies libtest-nowarnings-perl: add recipe for 1.04 libdbd-sqlite-perl: upgrade 1.54 -> 1.62; enable ptest libsub-uplevel-perl: add recipe for 0.36 libtest-warn-perl: add recipe for 0.36 libcgi-perl: upgrade 4.43 -> 4.44 libnet-ldap-perl: upgrade 0.65 -> 0.66; enable ptest libunicode-linebreak-perl: upgrade 2017.004 -> 2019.001; enable ptest Trevor Gamblin (2): metacity; upgrade from 3.30.1 to 3.32.0 gvfs: upgrade from 1.40.0 to 1.40.2 Vincent Prince (1): mongodb: add mongo shell as a PACKAGECONF option William A. Kennington III via Openembedded-devel (5): gtest: Googletest project is back under github.com/google/googletest googletest: The gtest and gmock projects were combined under googletest in 2015 libtar: Enable libtar-native build fmt: Init at 5.3.0 cli11: 1.7.1 -> 1.8.0 Windel Bouwman (3): python-humanfriendly: Add recipe for the humanfriendly package. Fix python-humanfriendly recipe for python2. Add recipe for the coloredlogs python package. Yi Zhao (7): strongswan: upgrade 5.7.1 -> 5.8.0 snort: fix compile-host-path QA issue cryptsetup: set the default luks format to LUKS1 libldb: upgrade 1.5.4 -> 1.5.5 samba: upgrade 4.10.5 -> 4.10.6 snort: upgrade 2.9.13 -> 2.9.14 snort: upgrade 2.9.14 -> 2.9.14.1 Yong, Jonathan (1): icewm: add recipe Yongxin Liu (3): keyutils: move recipe and patches from meta-security to meta-oe ndctl: v63 -> v65 pmdk: update from 1.4.2 to 1.6 Yuan Chao (9): python-pycodestyle: upgrade 2.4.0 -> 2.5.0 python-lxml: upgrade 4.3.4 -> 4.4.0 python-configparser: upgrade 3.5.0 -> 3.7.4 protobuf: upgrade 3.9.0 -> 3.9.1 python-markupsafe: upgrade 1.0 -> 1.1.1 hostapd: upgrade 2.8 -> 2.9 python-configparser: upgrade 3.7.4 -> 3.8.1 python-lxml: upgrade 4.4.0 -> 4.4.1 python-pip: upgrade 19.2.1 -> 19.2.2 Zang Ruochen (47): postgresql: upgrade 11.3 -> 11.4 wireshark: upgrade 3.0.1 -> 3.0.2 python-pygobject: upgrade 3.32.1 -> 3.32.2 python-alembic: upgrade 1.0.10 -> 1.0.11 logwatch: upgrade 7.4.3 -> 7.5.1 tcsh: upgrade 6.20.00 -> 6.21.00 python-cython: upgrade 0.29.10 -> 0.29.11 dialog: upgrade 1.3-20180621 -> 1.3-20190211 php: upgrade 7.3.6 -> 7.3.7 sessreg: upgrade 1.1.1 -> 1.1.2 python-typing: upgrade 3.6.6 -> 3.7.4 python-mako: upgrade 1.0.12 -> 1.0.13 python-pbr: upgrade 5.2.1 -> 5.4.0 python-cython: upgrade 0.29.11 -> 0.29.12 adcli: added new recipe. python-pyflakes: upgrade 1.6.0 -> 2.1.1 python-protobuf: upgrade 3.8.0 -> 3.9.0 protobuf: upgrade 3.8.0 -> 3.9.0 setxkbmap: upgrade 1.3.1 -> 1.3.2 uftrace: upgrade 0.9.2 -> 0.9.3 wireshark: upgrade 3.0.2 -> 3.0.3 python-pbr: upgrade 5.4.0 -> 5.4.1 dstat: upgrade 0.7.3 -> 0.7.4 python-mako: upgrade 1.0.13 -> 1.0.14 xfsprogs: upgrade 5.0.0 -> 5.1.0 python-beautifulsoup4: upgrade 4.7.1 -> 4.8.0 xterm: upgrade 347 -> 348 python-pip: upgrade 19.1.1 -> 19.2.1 python-paste: upgrade 3.0.8 -> 3.1.0 syslog-ng: append syslog-ng.service dialog: upgrade 1.3-20190211 -> 1.3-20190728 openldap: upgrade 2.4.47 -> 2.4.48 python-cython: upgrade 0.29.12 -> 0.29.13 libsodium: upgrade 1.0.17 -> 1.0.18 hwdata: upgrade 0.322 -> 0.326 python-jsonpatch: upgrade 1.23 -> 1.24 python-pyasn1: upgrade 0.4.5 -> 0.4.6 python-pyasn1-modules: upgrade 0.2.2 -> 0.2.6 python-pyparsing: upgrade 2.4.0 -> 2.4.2 python-pytest-runner: upgrade 4.2 -> 5.1 python-pytz: upgrade 2019.1 -> 2019.2 itstool: upgrade 2.0.5 -> 2.0.6 opensaf: upgrade 5.19.03 -> 5.19.07 libkcapi: upgrade 1.1.4 -> 1.1.5 mcelog: upgrade 162 -> 164 php: upgrade 7.3.7 -> 7.3.8 kpatch: upgrade 0.61 -> 0.71 Zheng Ruoqin (3): python-mako: upgrade 1.0.14 -> 1.1.0 python-pbr: upgrade 5.4.1 -> 5.4.2 dnf-plugin-tui: new recipe wouterlucas (1): python-jsonref: add recipe meta-phosphor: fbd01b6e08..fe8cee7488: Brad Bishop (1): meta-phosphor: sdk: react to upstream gtest rename meta-xilinx: 64aa3d35ae..f3c8b1c9a8: Alejandro Enedino Hernandez Samaniego (7): opencl-clhpp: Allow empty packages to be built opencl-headers: Allow empty packages to be built gcc-8: rebase microblaze patches for gcc 8.2.0 gcc8: update microblaze patches gcc: update microblaze patches update gcc-8 patches gcc: Remove xilinx.ld requirement Jaewon Lee (6): zc1254-zynqmp.conf: Add support for zc1254 evaluation board zc1275-zynqmp.conf: Add support for zc1275 evaluation board zcu102-zynqmp.conf: Changing qemu boot mode Adding FPGA_MNGR_RECONFIG_ENABLE to control enabling fpga manager gcc: Removing already upstreamed patch Rebasing binutils patches from 2.31 to 2.32 Madhurkiran Harikrishnan (2): kernel-module-mali: Fix errors associated with kernel upgrade to 4.19 xf86-video-armsoc: Remove the recipe for xf86-video-armsoc Manjukumar Matha (10): libmali-xlnx_git.bb: Fix the package arch for libmali zcu111-zynqmp.conf: Add support for ZCU111 evaluation board qemu-system-aarch64-multiarch: Enable plm argument in runqemu arm-trusted-firmware.inc: Add support to build ATF for versal devices linux-xlnx.inc: Add support to build kernel for versal devices linux-xlnx.inc: Use KBUILD_DEFCONFIG in externalsrc mode if defined kernel-simpleimage.bbclass: Use dts for simpleImage generation for Microblaze kernel-simpleimage.bbclass: Deploy simpleImage unstrip file kernel-simpleimage.bbclass: Deploy simpleImage strip binutils%.bbappend: Update Microblaze binutils patches to v2.31 Min Ma (4): ocl-icd_git.bb: Add recipe for OpenCL ICD loaders opencl-clhpp_git.bb: Recipe for OpenCL Host API C++ bindings zocl: Recipe for Xilinx runtime driver module xrt: Xilinx Runtime User Space Libraries and headers Sai Hari Chandana Kalluri (1): xilinx-testimage.bbclass: Include IMAGE_AUTOLOGIN and IMAGE_FSTYPES values for runqemu Sreeja Vadakattu (1): machine-xilinx-default.inc: Make u-boot.elf as UBOOT_ELF for zynq Vineeth Chowdary Karumanchi (1): tune-zynq.inc: Build zImage in addition to uImage meta-security: c28b72e91d..ecb526ffab: Armin Kuster (34): linux-bbappends: simplify layers: set warrior only security-test-image: add a testing image runtime: clamav test cleanup packagegroup-core-security: cleanup and remove ptest test-image: add packagegroup-core-security-ptest test-image: add a few more packages to image ima-evm-utils: update to tip runtime: tpm2 fix names in packagecheck tpm2 images: create tpm2 image and fix packagegroup tpm image: split out tpm2 tpm2-pkcs11/tpm2-pkcs11: update to tip tpm2-tcti-uefi: update to tip tpm2-tools: update to 3.2.0 tpm2-tss: update to 2.2.3 tpm2-totp: update to offical release v0.1.1 tpm2-tss-engine: update to 1.0.0 libmspack: update SRC_URI and package clamav: minor recipe cleanup lynis: update to 2.7.5 meta-security-compliance: update README openscap_git: update to 1.3.0 openscap: add 1.3.1 recipes for upstream source scap-security-guide: update to 0.1.44 meta-security-compliance: add meta-python libldb: remove recipe waf-cross-answers: remove files samhain: update to 4.3.3 keyutils: remove from meta-security linux-%: remove kernel fragments now in cache meta-integrity: remove kernel fragments now in cache linux-stable/5.2: add stable bbappend linux-yocto: use 4.19 kernel cache now linux-yocto-dev: update to use kernel cache Dmitry Eremin-Solenikov (11): packagegroup-security-tpm2: stop including tpm2-tcti-uefi tpm2-tss: fix compilation when using updated AX_CODE_COVERAGE macro tpm2-tcti-uefi: add autoconf-archive-native dependency tpm2-tcti-uefi: fix configure arguments tpm2-tcti-uefi: stop inserting host directories into build path tpm2-tcti-uefi: build and install examples meta-integrity: rename IMA_EVM_BASE to INTEGRITY_BASE ima-evm-utils: bump to release 1.2.1 kernel-modsign.bbclass: add support for kernel modules signing linux: add support for kernel modules signing layer.conf: switch to keyutils from meta-oe He Zhe (1): kernel: Add conditional inclusion of fragments for linux-yocto-dev Mark Asselstine (1): openscap/scap-security-guide: use _git instead of versioned filenames Yi Zhao (5): openscap: update recipe scap-security-guide: update recipe openscap: cleanup DEPENDS scap-security-guide: fix typo xmlsec1: upgrade 1.2.27 -> 1.2.28 lumag (3): layer.conf: add dependency on meta-security ima-evm-utils: bump version ima-evm-utils: refresh xattr patch meta-raspberrypi: 8636b63752..b112816e95: Andrei Gherzan (46): rpi-base.inc: Include rpi4 dtb raspberrypi3.conf: Clarify machine mode linux-raspberrypi: Include configuration for RaspberryPi3 defconfig linux-raspberrypi: Update 4.19 kernel to 4.19.56 rpi-base: Rename the rpi0w dtb firmware: Update to 20190620 raspberrypi4.conf: Add initial machine 32 bit configuration linux-firmware-rpidistro: Fix WiFi on RaspberryPi 4 rpi-base.inc: Include the "fake" KMS dtbo raspberrypi4: Use vc4-fkms-v3d linux-raspberrypi: Bump 4.19 revision to fix RPi 4 arm64 builds raspberrypi4-64.conf: Introduce RPi arm64 machine firmware: Rename firmware inc file to raspberrypi-firmware.inc armstubs: Add support for compiling ARM stubs rpi-config: Handle ARMSTUB sdcard_image-rpi.bbclass: Include in the SD card image the armstub file raspberrypi4-64.conf: Initial machine configuration raspberrypi-tools: Update to remove Makefile patch linux-raspberrypi: Fix defconfig for RPi4-64 linux-raspberrypi.inc: Explicitly set defconfig for raspberrypi4-64 sdcard_image-rpi.bbclass: Fix typo linux-raspberrypi: Bump 4.19 revision to have proper coherent_pool set raspberrypi4-64.conf: Define a machine feature for armstubs sdcard_image-rpi.bbclass: Use armstub machine feature linux-raspberrypi: Bump 4.19.57 revision raspberrypi4.conf: Define uboot defconfig raspberrypi4-64.conf: Uboot configuration and drop armstub u-boot: Use a temporary fork for RPi4 support raspberrypi-firmware: Update to 20190709 raspberrypi4.conf: The firmware uses kernel7l.img when LPAE is supported linux-raspberrypi: Bump 4.19 to 4.19.58 linux-raspberrypi: Build dtbs with dtbs make target for all 64bit targets linux-raspberrypi: Bump 4.19 revision raspberrypi4-64.conf: Remove memory limitation u-boot: Replace custom fork by patches u-boot: Update patches for RPi4 rpi-config: Check for armstub based on machine feature sdcard_image-rpi: Check for armstub based on machine feature armstubs: Error out when ARMSTUBS is not defined raspberrypi*: Define ARMSTUB for all machines raspberrypi4-64.conf: Limit RAM to 3G README.md: Use matrix chat room raspberrypi-firmware.inc: Update to 20190718 linux-raspberrypi: Update 4.19 recipe to 4.19.66 mesa: Add v3d and kmsro driver as well raspberrypi4-64: Remove the 3G RAM limitation Carton (2): bluez5: Fixed typo (RC_URI -> SRC_URI) rpi-config: Check some config values against "1" Francesco Giancane (1): linux-raspberrypi: update to 4.14.114 Khem Raj (8): linux-raspberrypi: Upgrade to 4.19.57 userland: Upgrade to latest webkitgtk: Remove -DUSE_GSTREAMER_GL=OFF for vc4graphics layer.conf: Add meta-networking to dynamic layers drbd: Disable for rpi machines packagegroup-rpi-test: Depend on wireless-regdb instead of crda xorg-xserver: Adapt bbappend to latest OE-core python-rtimu,python-sense-hat: Convert to py3 modules Kirill Goncharov (1): omxplayer: Bump revision Martin Jansa (1): sdcard_image-rpi.bbclass: use -v for all mcopy calls and add bbfatal in case mcopy fails Riyaz (1): rpi-base.inc: Enabling open-source vc4graphics driver for all RPI platforms Change-Id: I9e37b5952a2e2e30745275fc89e4dd7c47b851e2 Signed-off-by: Brad Bishop --- ...-Pass-tag-CC-explictly-when-using-libtool.patch | 73 ++++++++ .../libsdl/libsdl-1.2.15/CVE-2019-7572.patch | 114 ++++++++++++ .../libsdl/libsdl-1.2.15/CVE-2019-7574.patch | 68 ++++++++ .../libsdl/libsdl-1.2.15/CVE-2019-7575.patch | 81 +++++++++ .../libsdl/libsdl-1.2.15/CVE-2019-7576.patch | 80 +++++++++ .../libsdl/libsdl-1.2.15/CVE-2019-7577.patch | 123 +++++++++++++ .../libsdl/libsdl-1.2.15/CVE-2019-7578.patch | 64 +++++++ .../libsdl/libsdl-1.2.15/CVE-2019-7635.patch | 63 +++++++ .../libsdl/libsdl-1.2.15/CVE-2019-7637.patch | 192 +++++++++++++++++++++ .../libsdl/libsdl-1.2.15/CVE-2019-7638.patch | 38 ++++ .../libsdl-1.2.15/libsdl-1.2.15-xdata32.patch | 19 ++ .../libsdl/libsdl-1.2.15/pkgconfig.patch | 187 ++++++++++++++++++++ 12 files changed, 1102 insertions(+) create mode 100644 meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/0001-build-Pass-tag-CC-explictly-when-using-libtool.patch create mode 100644 meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7572.patch create mode 100644 meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7574.patch create mode 100644 meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7575.patch create mode 100644 meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7576.patch create mode 100644 meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7577.patch create mode 100644 meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7578.patch create mode 100644 meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7635.patch create mode 100644 meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7637.patch create mode 100644 meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7638.patch create mode 100644 meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/libsdl-1.2.15-xdata32.patch create mode 100644 meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/pkgconfig.patch (limited to 'meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15') diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/0001-build-Pass-tag-CC-explictly-when-using-libtool.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/0001-build-Pass-tag-CC-explictly-when-using-libtool.patch new file mode 100644 index 0000000000..ec8c0fd4fb --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/0001-build-Pass-tag-CC-explictly-when-using-libtool.patch @@ -0,0 +1,73 @@ +From 44e4bb4cfb81024c8f5fd2e179e8a32c42756a2f Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Sun, 23 Jul 2017 16:52:43 -0700 +Subject: [PATCH] build: Pass --tag=CC explictly when using libtool + +Do not depend solely on libtool heuristics which fail +in OE case when building with external compiler and +hardening flags + +Upstream-Status: Pending + +Signed-off-by: Khem Raj +--- + Makefile.in | 4 ++-- + build-scripts/makedep.sh | 8 ++++---- + 2 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/Makefile.in b/Makefile.in +index ab51035..743ce30 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -72,10 +72,10 @@ depend: + include $(depend) + + $(objects)/$(TARGET): $(OBJECTS) +- $(LIBTOOL) --mode=link $(CC) -o $@ $^ $(LDFLAGS) $(EXTRA_LDFLAGS) $(LT_LDFLAGS) ++ $(LIBTOOL) --tag=CC --mode=link $(CC) -o $@ $^ $(LDFLAGS) $(EXTRA_LDFLAGS) $(LT_LDFLAGS) + + $(objects)/$(SDLMAIN_TARGET): $(SDLMAIN_OBJECTS) +- $(LIBTOOL) --mode=link $(CC) -o $@ $^ $(LDFLAGS) $(EXTRA_LDFLAGS) $(LT_LDFLAGS) $(SDLMAIN_LDFLAGS) ++ $(LIBTOOL) --tag=CC --mode=link $(CC) -o $@ $^ $(LDFLAGS) $(EXTRA_LDFLAGS) $(LT_LDFLAGS) $(SDLMAIN_LDFLAGS) + + + install: all install-bin install-hdrs install-lib install-data install-man +diff --git a/build-scripts/makedep.sh b/build-scripts/makedep.sh +index 3b3863b..dba28f2 100755 +--- a/build-scripts/makedep.sh ++++ b/build-scripts/makedep.sh +@@ -51,19 +51,19 @@ do echo "Generating dependencies for $src" + case $ext in + c) cat >>${output}.new <<__EOF__ + +- \$(LIBTOOL) --mode=compile \$(CC) \$(CFLAGS) \$(EXTRA_CFLAGS) -c $src -o \$@ ++ \$(LIBTOOL) --tag=CC --mode=compile \$(CC) \$(CFLAGS) \$(EXTRA_CFLAGS) -c $src -o \$@ + + __EOF__ + ;; + cc) cat >>${output}.new <<__EOF__ + +- \$(LIBTOOL) --mode=compile \$(CC) \$(CFLAGS) \$(EXTRA_CFLAGS) -c $src -o \$@ ++ \$(LIBTOOL) --tag=CC --mode=compile \$(CC) \$(CFLAGS) \$(EXTRA_CFLAGS) -c $src -o \$@ + + __EOF__ + ;; + m) cat >>${output}.new <<__EOF__ + +- \$(LIBTOOL) --mode=compile \$(CC) \$(CFLAGS) \$(EXTRA_CFLAGS) -c $src -o \$@ ++ \$(LIBTOOL) --tag=CC --mode=compile \$(CC) \$(CFLAGS) \$(EXTRA_CFLAGS) -c $src -o \$@ + + __EOF__ + ;; +@@ -75,7 +75,7 @@ __EOF__ + ;; + S) cat >>${output}.new <<__EOF__ + +- \$(LIBTOOL) --mode=compile \$(CC) \$(CFLAGS) \$(EXTRA_CFLAGS) -c $src -o \$@ ++ \$(LIBTOOL) --tag=CC --mode=compile \$(CC) \$(CFLAGS) \$(EXTRA_CFLAGS) -c $src -o \$@ + + __EOF__ + ;; +-- +2.13.3 + diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7572.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7572.patch new file mode 100644 index 0000000000..c41c2de0f3 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7572.patch @@ -0,0 +1,114 @@ +# HG changeset patch +# User Petr Písař +# Date 1560182231 25200 +# Mon Jun 10 08:57:11 2019 -0700 +# Branch SDL-1.2 +# Node ID a8afedbcaea0e84921dc770195c4699bda3ccdc5 +# Parent faf9abbcfb5fe0d0ca23c4bf0394aa226ceccf02 +CVE-2019-7572: Fix a buffer overwrite in IMA_ADPCM_decode +If data chunk was longer than expected based on a WAV format +definition, IMA_ADPCM_decode() tried to write past the output +buffer. This patch fixes it. + +Based on patch from +. + +CVE-2019-7572 +https://bugzilla.libsdl.org/show_bug.cgi?id=4495 + +Signed-off-by: Petr Písař + +# HG changeset patch +# User Petr Písař +# Date 1560041863 25200 +# Sat Jun 08 17:57:43 2019 -0700 +# Branch SDL-1.2 +# Node ID e52413f5258600878f9a10d2f92605a729aa8976 +# Parent 4e73be7b47877ae11d2279bd916910d469d18f8e +CVE-2019-7572: Fix a buffer overread in IMA_ADPCM_nibble +If an IMA ADPCM block contained an initial index out of step table +range (loaded in IMA_ADPCM_decode()), IMA_ADPCM_nibble() blindly used +this bogus value and that lead to a buffer overread. + +This patch fixes it by moving clamping the index value at the +beginning of IMA_ADPCM_nibble() function instead of the end after +an update. + +CVE-2019-7572 +https://bugzilla.libsdl.org/show_bug.cgi?id=4495 + +Signed-off-by: Petr Písař + +CVE: CVE-2019-7572 +Upstream-Status: Backport +Signed-off-by: Anuj Mittal + +diff -r faf9abbcfb5f -r a8afedbcaea0 src/audio/SDL_wave.c +--- a/src/audio/SDL_wave.c Mon Jun 10 08:54:29 2019 -0700 ++++ b/src/audio/SDL_wave.c Mon Jun 10 08:57:11 2019 -0700 +@@ -346,7 +346,7 @@ + static int IMA_ADPCM_decode(Uint8 **audio_buf, Uint32 *audio_len) + { + struct IMA_ADPCM_decodestate *state; +- Uint8 *freeable, *encoded, *encoded_end, *decoded; ++ Uint8 *freeable, *encoded, *encoded_end, *decoded, *decoded_end; + Sint32 encoded_len, samplesleft; + unsigned int c, channels; + +@@ -373,6 +373,7 @@ + return(-1); + } + decoded = *audio_buf; ++ decoded_end = decoded + *audio_len; + + /* Get ready... Go! */ + while ( encoded_len >= IMA_ADPCM_state.wavefmt.blockalign ) { +@@ -392,6 +393,7 @@ + } + + /* Store the initial sample we start with */ ++ if (decoded + 2 > decoded_end) goto invalid_size; + decoded[0] = (Uint8)(state[c].sample&0xFF); + decoded[1] = (Uint8)(state[c].sample>>8); + decoded += 2; +@@ -402,6 +404,8 @@ + while ( samplesleft > 0 ) { + for ( c=0; c encoded_end) goto invalid_size; ++ if (decoded + 4 * 4 * channels > decoded_end) ++ goto invalid_size; + Fill_IMA_ADPCM_block(decoded, encoded, + c, channels, &state[c]); + encoded += 4; + +diff -r 4e73be7b4787 -r e52413f52586 src/audio/SDL_wave.c +--- a/src/audio/SDL_wave.c Sat Jun 01 18:27:46 2019 +0100 ++++ b/src/audio/SDL_wave.c Sat Jun 08 17:57:43 2019 -0700 +@@ -264,6 +264,14 @@ + }; + Sint32 delta, step; + ++ /* Clamp index value. The inital value can be invalid. */ ++ if ( state->index > 88 ) { ++ state->index = 88; ++ } else ++ if ( state->index < 0 ) { ++ state->index = 0; ++ } ++ + /* Compute difference and new sample value */ + step = step_table[state->index]; + delta = step >> 3; +@@ -275,12 +283,6 @@ + + /* Update index value */ + state->index += index_table[nybble]; +- if ( state->index > 88 ) { +- state->index = 88; +- } else +- if ( state->index < 0 ) { +- state->index = 0; +- } + + /* Clamp output sample */ + if ( state->sample > max_audioval ) { diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7574.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7574.patch new file mode 100644 index 0000000000..9fd53da29b --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7574.patch @@ -0,0 +1,68 @@ +# HG changeset patch +# User Petr Písař +# Date 1560181859 25200 +# Mon Jun 10 08:50:59 2019 -0700 +# Branch SDL-1.2 +# Node ID a6e3d2f5183e1cc300ad993e10e9ce077e13bd9c +# Parent 388987dff7bf8f1e214e69c2e4f1aa31e06396b5 +CVE-2019-7574: Fix a buffer overread in IMA_ADPCM_decode +If data chunk was shorter than expected based on a WAV format +definition, IMA_ADPCM_decode() tried to read past the data chunk +buffer. This patch fixes it. + +CVE-2019-7574 +https://bugzilla.libsdl.org/show_bug.cgi?id=4496 + +Signed-off-by: Petr Písař + +CVE: CVE-2019-7574 +Upstream-Status: Backport +Signed-off-by: Anuj Mittal + +diff -r 388987dff7bf -r a6e3d2f5183e src/audio/SDL_wave.c +--- a/src/audio/SDL_wave.c Sat Jun 08 18:02:09 2019 -0700 ++++ b/src/audio/SDL_wave.c Mon Jun 10 08:50:59 2019 -0700 +@@ -331,7 +331,7 @@ + static int IMA_ADPCM_decode(Uint8 **audio_buf, Uint32 *audio_len) + { + struct IMA_ADPCM_decodestate *state; +- Uint8 *freeable, *encoded, *decoded; ++ Uint8 *freeable, *encoded, *encoded_end, *decoded; + Sint32 encoded_len, samplesleft; + unsigned int c, channels; + +@@ -347,6 +347,7 @@ + /* Allocate the proper sized output buffer */ + encoded_len = *audio_len; + encoded = *audio_buf; ++ encoded_end = encoded + encoded_len; + freeable = *audio_buf; + *audio_len = (encoded_len/IMA_ADPCM_state.wavefmt.blockalign) * + IMA_ADPCM_state.wSamplesPerBlock* +@@ -362,6 +363,7 @@ + while ( encoded_len >= IMA_ADPCM_state.wavefmt.blockalign ) { + /* Grab the initial information for this block */ + for ( c=0; c encoded_end) goto invalid_size; + /* Fill the state information for this block */ + state[c].sample = ((encoded[1]<<8)|encoded[0]); + encoded += 2; +@@ -384,6 +386,7 @@ + samplesleft = (IMA_ADPCM_state.wSamplesPerBlock-1)*channels; + while ( samplesleft > 0 ) { + for ( c=0; c encoded_end) goto invalid_size; + Fill_IMA_ADPCM_block(decoded, encoded, + c, channels, &state[c]); + encoded += 4; +@@ -395,6 +398,10 @@ + } + SDL_free(freeable); + return(0); ++invalid_size: ++ SDL_SetError("Unexpected chunk length for an IMA ADPCM decoder"); ++ SDL_free(freeable); ++ return(-1); + } + + SDL_AudioSpec * SDL_LoadWAV_RW (SDL_RWops *src, int freesrc, diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7575.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7575.patch new file mode 100644 index 0000000000..a3e8416d0e --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7575.patch @@ -0,0 +1,81 @@ +# HG changeset patch +# User Petr Písař +# Date 1560183905 25200 +# Mon Jun 10 09:25:05 2019 -0700 +# Branch SDL-1.2 +# Node ID a936f9bd3e381d67d8ddee8b9243f85799ea4798 +# Parent fcbecae427951bac1684baaba2ade68221315140 +CVE-2019-7575: Fix a buffer overwrite in MS_ADPCM_decode +If a WAV format defines shorter audio stream and decoded MS ADPCM data chunk +is longer, decoding continued past the output audio buffer. + +This fix is based on a patch from +. + +https://bugzilla.libsdl.org/show_bug.cgi?id=4493 +CVE-2019-7575 + +Signed-off-by: Petr Písař + +CVE: CVE-2019-7575 +Upstream-Status: Backport +Signed-off-by: Anuj Mittal + +diff -r fcbecae42795 -r a936f9bd3e38 src/audio/SDL_wave.c +--- a/src/audio/SDL_wave.c Mon Jun 10 09:06:23 2019 -0700 ++++ b/src/audio/SDL_wave.c Mon Jun 10 09:25:05 2019 -0700 +@@ -122,7 +122,7 @@ + static int MS_ADPCM_decode(Uint8 **audio_buf, Uint32 *audio_len) + { + struct MS_ADPCM_decodestate *state[2]; +- Uint8 *freeable, *encoded, *encoded_end, *decoded; ++ Uint8 *freeable, *encoded, *encoded_end, *decoded, *decoded_end; + Sint32 encoded_len, samplesleft; + Sint8 nybble, stereo; + Sint16 *coeff[2]; +@@ -142,6 +142,7 @@ + return(-1); + } + decoded = *audio_buf; ++ decoded_end = decoded + *audio_len; + + /* Get ready... Go! */ + stereo = (MS_ADPCM_state.wavefmt.channels == 2); +@@ -149,7 +150,7 @@ + state[1] = &MS_ADPCM_state.state[stereo]; + while ( encoded_len >= MS_ADPCM_state.wavefmt.blockalign ) { + /* Grab the initial information for this block */ +- if (encoded + 7 + (stereo ? 7 : 0) > encoded_end) goto too_short; ++ if (encoded + 7 + (stereo ? 7 : 0) > encoded_end) goto invalid_size; + state[0]->hPredictor = *encoded++; + if ( stereo ) { + state[1]->hPredictor = *encoded++; +@@ -179,6 +180,7 @@ + coeff[1] = MS_ADPCM_state.aCoeff[state[1]->hPredictor]; + + /* Store the two initial samples we start with */ ++ if (decoded + 4 + (stereo ? 4 : 0) > decoded_end) goto invalid_size; + decoded[0] = state[0]->iSamp2&0xFF; + decoded[1] = state[0]->iSamp2>>8; + decoded += 2; +@@ -200,7 +202,8 @@ + samplesleft = (MS_ADPCM_state.wSamplesPerBlock-2)* + MS_ADPCM_state.wavefmt.channels; + while ( samplesleft > 0 ) { +- if (encoded + 1 > encoded_end) goto too_short; ++ if (encoded + 1 > encoded_end) goto invalid_size; ++ if (decoded + 4 > decoded_end) goto invalid_size; + + nybble = (*encoded)>>4; + new_sample = MS_ADPCM_nibble(state[0],nybble,coeff[0]); +@@ -223,8 +226,8 @@ + } + SDL_free(freeable); + return(0); +-too_short: +- SDL_SetError("Too short chunk for a MS ADPCM decoder"); ++invalid_size: ++ SDL_SetError("Unexpected chunk length for a MS ADPCM decoder"); + SDL_free(freeable); + return(-1); + invalid_predictor: diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7576.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7576.patch new file mode 100644 index 0000000000..d9a505217b --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7576.patch @@ -0,0 +1,80 @@ +# HG changeset patch +# User Petr Písař +# Date 1560182783 25200 +# Mon Jun 10 09:06:23 2019 -0700 +# Branch SDL-1.2 +# Node ID fcbecae427951bac1684baaba2ade68221315140 +# Parent a8afedbcaea0e84921dc770195c4699bda3ccdc5 +CVE-2019-7573, CVE-2019-7576: Fix buffer overreads in InitMS_ADPCM +If MS ADPCM format chunk was too short, InitMS_ADPCM() parsing it +could read past the end of chunk data. This patch fixes it. + +CVE-2019-7573 +https://bugzilla.libsdl.org/show_bug.cgi?id=4491 +CVE-2019-7576 +https://bugzilla.libsdl.org/show_bug.cgi?id=4490 + +Signed-off-by: Petr Písař + +CVE: CVE-2019-7573 +CVE: CVE-2019-7576 +Upstream-Status: Backport +Signed-off-by: Anuj Mittal + +diff -r a8afedbcaea0 -r fcbecae42795 src/audio/SDL_wave.c +--- a/src/audio/SDL_wave.c Mon Jun 10 08:57:11 2019 -0700 ++++ b/src/audio/SDL_wave.c Mon Jun 10 09:06:23 2019 -0700 +@@ -44,12 +44,13 @@ + struct MS_ADPCM_decodestate state[2]; + } MS_ADPCM_state; + +-static int InitMS_ADPCM(WaveFMT *format) ++static int InitMS_ADPCM(WaveFMT *format, int length) + { +- Uint8 *rogue_feel; ++ Uint8 *rogue_feel, *rogue_feel_end; + int i; + + /* Set the rogue pointer to the MS_ADPCM specific data */ ++ if (length < sizeof(*format)) goto too_short; + MS_ADPCM_state.wavefmt.encoding = SDL_SwapLE16(format->encoding); + MS_ADPCM_state.wavefmt.channels = SDL_SwapLE16(format->channels); + MS_ADPCM_state.wavefmt.frequency = SDL_SwapLE32(format->frequency); +@@ -58,9 +59,11 @@ + MS_ADPCM_state.wavefmt.bitspersample = + SDL_SwapLE16(format->bitspersample); + rogue_feel = (Uint8 *)format+sizeof(*format); ++ rogue_feel_end = (Uint8 *)format + length; + if ( sizeof(*format) == 16 ) { + rogue_feel += sizeof(Uint16); + } ++ if (rogue_feel + 4 > rogue_feel_end) goto too_short; + MS_ADPCM_state.wSamplesPerBlock = ((rogue_feel[1]<<8)|rogue_feel[0]); + rogue_feel += sizeof(Uint16); + MS_ADPCM_state.wNumCoef = ((rogue_feel[1]<<8)|rogue_feel[0]); +@@ -70,12 +73,16 @@ + return(-1); + } + for ( i=0; i rogue_feel_end) goto too_short; + MS_ADPCM_state.aCoeff[i][0] = ((rogue_feel[1]<<8)|rogue_feel[0]); + rogue_feel += sizeof(Uint16); + MS_ADPCM_state.aCoeff[i][1] = ((rogue_feel[1]<<8)|rogue_feel[0]); + rogue_feel += sizeof(Uint16); + } + return(0); ++too_short: ++ SDL_SetError("Unexpected length of a chunk with a MS ADPCM format"); ++ return(-1); + } + + static Sint32 MS_ADPCM_nibble(struct MS_ADPCM_decodestate *state, +@@ -495,7 +502,7 @@ + break; + case MS_ADPCM_CODE: + /* Try to understand this */ +- if ( InitMS_ADPCM(format) < 0 ) { ++ if ( InitMS_ADPCM(format, lenread) < 0 ) { + was_error = 1; + goto done; + } diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7577.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7577.patch new file mode 100644 index 0000000000..92e40aec5e --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7577.patch @@ -0,0 +1,123 @@ +# HG changeset patch +# User Petr Písař +# Date 1560182051 25200 +# Mon Jun 10 08:54:11 2019 -0700 +# Branch SDL-1.2 +# Node ID 416136310b88cbeeff8773e573e90ac1e22b3526 +# Parent a6e3d2f5183e1cc300ad993e10e9ce077e13bd9c +CVE-2019-7577: Fix a buffer overread in MS_ADPCM_decode +If RIFF/WAV data chunk length is shorter then expected for an audio +format defined in preceeding RIFF/WAV format headers, a buffer +overread can happen. + +This patch fixes it by checking a MS ADPCM data to be decoded are not +past the initialized buffer. + +CVE-2019-7577 +Reproducer: https://bugzilla.libsdl.org/show_bug.cgi?id=4492 + +Signed-off-by: Petr Písař + +# HG changeset patch +# User Petr Písař +# Date 1560182069 25200 +# Mon Jun 10 08:54:29 2019 -0700 +# Branch SDL-1.2 +# Node ID faf9abbcfb5fe0d0ca23c4bf0394aa226ceccf02 +# Parent 416136310b88cbeeff8773e573e90ac1e22b3526 +CVE-2019-7577: Fix a buffer overread in MS_ADPCM_nibble and MS_ADPCM_decode +If a chunk of RIFF/WAV file with MS ADPCM encoding contains an invalid +predictor (a valid predictor's value is between 0 and 6 inclusive), +a buffer overread can happen when the predictor is used as an index +into an array of MS ADPCM coefficients. + +The overead happens when indexing MS_ADPCM_state.aCoeff[] array in +MS_ADPCM_decode() and later when dereferencing a coef pointer in +MS_ADPCM_nibble(). + +This patch fixes it by checking the MS ADPCM predictor values fit +into the valid range. + +CVE-2019-7577 +Reproducer: https://bugzilla.libsdl.org/show_bug.cgi?id=4492 + +Signed-off-by: Petr Písař + +CVE: CVE-2019-7577 +Upstream-Status: Backport +Signed-off-by: Anuj Mittal + +diff -r a6e3d2f5183e -r 416136310b88 src/audio/SDL_wave.c +--- a/src/audio/SDL_wave.c Mon Jun 10 08:50:59 2019 -0700 ++++ b/src/audio/SDL_wave.c Mon Jun 10 08:54:11 2019 -0700 +@@ -115,7 +115,7 @@ + static int MS_ADPCM_decode(Uint8 **audio_buf, Uint32 *audio_len) + { + struct MS_ADPCM_decodestate *state[2]; +- Uint8 *freeable, *encoded, *decoded; ++ Uint8 *freeable, *encoded, *encoded_end, *decoded; + Sint32 encoded_len, samplesleft; + Sint8 nybble, stereo; + Sint16 *coeff[2]; +@@ -124,6 +124,7 @@ + /* Allocate the proper sized output buffer */ + encoded_len = *audio_len; + encoded = *audio_buf; ++ encoded_end = encoded + encoded_len; + freeable = *audio_buf; + *audio_len = (encoded_len/MS_ADPCM_state.wavefmt.blockalign) * + MS_ADPCM_state.wSamplesPerBlock* +@@ -141,6 +142,7 @@ + state[1] = &MS_ADPCM_state.state[stereo]; + while ( encoded_len >= MS_ADPCM_state.wavefmt.blockalign ) { + /* Grab the initial information for this block */ ++ if (encoded + 7 + (stereo ? 7 : 0) > encoded_end) goto too_short; + state[0]->hPredictor = *encoded++; + if ( stereo ) { + state[1]->hPredictor = *encoded++; +@@ -188,6 +190,8 @@ + samplesleft = (MS_ADPCM_state.wSamplesPerBlock-2)* + MS_ADPCM_state.wavefmt.channels; + while ( samplesleft > 0 ) { ++ if (encoded + 1 > encoded_end) goto too_short; ++ + nybble = (*encoded)>>4; + new_sample = MS_ADPCM_nibble(state[0],nybble,coeff[0]); + decoded[0] = new_sample&0xFF; +@@ -209,6 +213,10 @@ + } + SDL_free(freeable); + return(0); ++too_short: ++ SDL_SetError("Too short chunk for a MS ADPCM decoder"); ++ SDL_free(freeable); ++ return(-1); + } + + struct IMA_ADPCM_decodestate { + + +diff -r 416136310b88 -r faf9abbcfb5f src/audio/SDL_wave.c +--- a/src/audio/SDL_wave.c Mon Jun 10 08:54:11 2019 -0700 ++++ b/src/audio/SDL_wave.c Mon Jun 10 08:54:29 2019 -0700 +@@ -147,6 +147,9 @@ + if ( stereo ) { + state[1]->hPredictor = *encoded++; + } ++ if (state[0]->hPredictor >= 7 || state[1]->hPredictor >= 7) { ++ goto invalid_predictor; ++ } + state[0]->iDelta = ((encoded[1]<<8)|encoded[0]); + encoded += sizeof(Sint16); + if ( stereo ) { +@@ -217,6 +220,10 @@ + SDL_SetError("Too short chunk for a MS ADPCM decoder"); + SDL_free(freeable); + return(-1); ++invalid_predictor: ++ SDL_SetError("Invalid predictor value for a MS ADPCM decoder"); ++ SDL_free(freeable); ++ return(-1); + } + + struct IMA_ADPCM_decodestate { diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7578.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7578.patch new file mode 100644 index 0000000000..7028890333 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7578.patch @@ -0,0 +1,64 @@ +# HG changeset patch +# User Petr Písař +# Date 1560042129 25200 +# Sat Jun 08 18:02:09 2019 -0700 +# Branch SDL-1.2 +# Node ID 388987dff7bf8f1e214e69c2e4f1aa31e06396b5 +# Parent e52413f5258600878f9a10d2f92605a729aa8976 +CVE-2019-7578: Fix a buffer overread in InitIMA_ADPCM +If IMA ADPCM format chunk was too short, InitIMA_ADPCM() parsing it +could read past the end of chunk data. This patch fixes it. + +CVE-2019-7578 +https://bugzilla.libsdl.org/show_bug.cgi?id=4494 + +Signed-off-by: Petr Písař + +CVE: CVE-2019-7578 +Upstream-Status: Backport +Signed-off-by: Anuj Mittal + +diff -r e52413f52586 -r 388987dff7bf src/audio/SDL_wave.c +--- a/src/audio/SDL_wave.c Sat Jun 08 17:57:43 2019 -0700 ++++ b/src/audio/SDL_wave.c Sat Jun 08 18:02:09 2019 -0700 +@@ -222,11 +222,12 @@ + struct IMA_ADPCM_decodestate state[2]; + } IMA_ADPCM_state; + +-static int InitIMA_ADPCM(WaveFMT *format) ++static int InitIMA_ADPCM(WaveFMT *format, int length) + { +- Uint8 *rogue_feel; ++ Uint8 *rogue_feel, *rogue_feel_end; + + /* Set the rogue pointer to the IMA_ADPCM specific data */ ++ if (length < sizeof(*format)) goto too_short; + IMA_ADPCM_state.wavefmt.encoding = SDL_SwapLE16(format->encoding); + IMA_ADPCM_state.wavefmt.channels = SDL_SwapLE16(format->channels); + IMA_ADPCM_state.wavefmt.frequency = SDL_SwapLE32(format->frequency); +@@ -235,11 +236,16 @@ + IMA_ADPCM_state.wavefmt.bitspersample = + SDL_SwapLE16(format->bitspersample); + rogue_feel = (Uint8 *)format+sizeof(*format); ++ rogue_feel_end = (Uint8 *)format + length; + if ( sizeof(*format) == 16 ) { + rogue_feel += sizeof(Uint16); + } ++ if (rogue_feel + 2 > rogue_feel_end) goto too_short; + IMA_ADPCM_state.wSamplesPerBlock = ((rogue_feel[1]<<8)|rogue_feel[0]); + return(0); ++too_short: ++ SDL_SetError("Unexpected length of a chunk with an IMA ADPCM format"); ++ return(-1); + } + + static Sint32 IMA_ADPCM_nibble(struct IMA_ADPCM_decodestate *state,Uint8 nybble) +@@ -471,7 +477,7 @@ + break; + case IMA_ADPCM_CODE: + /* Try to understand this */ +- if ( InitIMA_ADPCM(format) < 0 ) { ++ if ( InitIMA_ADPCM(format, lenread) < 0 ) { + was_error = 1; + goto done; + } diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7635.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7635.patch new file mode 100644 index 0000000000..78af1b061d --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7635.patch @@ -0,0 +1,63 @@ +# HG changeset patch +# User Petr Písař +# Date 1560259692 25200 +# Tue Jun 11 06:28:12 2019 -0700 +# Branch SDL-1.2 +# Node ID f1f5878be5dbf63c1161a8ee52b8a86ece30e552 +# Parent a936f9bd3e381d67d8ddee8b9243f85799ea4798 +CVE-2019-7635: Reject BMP images with pixel colors out the palette +If a 1-, 4-, or 8-bit per pixel BMP image declares less used colors +than the palette offers an SDL_Surface with a palette of the indicated +number of used colors is created. If some of the image's pixel +refer to a color number higher then the maximal used colors, a subsequent +bliting operation on the surface will look up a color past a blit map +(that is based on the palette) memory. I.e. passing such SDL_Surface +to e.g. an SDL_DisplayFormat() function will result in a buffer overread in +a blit function. + +This patch fixes it by validing each pixel's color to be less than the +maximal color number in the palette. A validation failure raises an +error from a SDL_LoadBMP_RW() function. + +CVE-2019-7635 +https://bugzilla.libsdl.org/show_bug.cgi?id=4498 + +Signed-off-by: Petr Písař + +CVE: CVE-2019-7635 +Upstream-Status: Backport +Signed-off-by: Anuj Mittal + +diff -r a936f9bd3e38 -r f1f5878be5db src/video/SDL_bmp.c +--- a/src/video/SDL_bmp.c Mon Jun 10 09:25:05 2019 -0700 ++++ b/src/video/SDL_bmp.c Tue Jun 11 06:28:12 2019 -0700 +@@ -308,6 +308,12 @@ + } + *(bits+i) = (pixel>>shift); + pixel <<= ExpandBMP; ++ if ( bits[i] >= biClrUsed ) { ++ SDL_SetError( ++ "A BMP image contains a pixel with a color out of the palette"); ++ was_error = SDL_TRUE; ++ goto done; ++ } + } } + break; + +@@ -318,6 +324,16 @@ + was_error = SDL_TRUE; + goto done; + } ++ if ( 8 == biBitCount && palette && biClrUsed < (1 << biBitCount ) ) { ++ for ( i=0; iw; ++i ) { ++ if ( bits[i] >= biClrUsed ) { ++ SDL_SetError( ++ "A BMP image contains a pixel with a color out of the palette"); ++ was_error = SDL_TRUE; ++ goto done; ++ } ++ } ++ } + #if SDL_BYTEORDER == SDL_BIG_ENDIAN + /* Byte-swap the pixels if needed. Note that the 24bpp + case has already been taken care of above. */ diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7637.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7637.patch new file mode 100644 index 0000000000..c95338e61a --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7637.patch @@ -0,0 +1,192 @@ +# HG changeset patch +# User Petr Písař +# Date 1552788984 25200 +# Sat Mar 16 19:16:24 2019 -0700 +# Branch SDL-1.2 +# Node ID 9b0e5c555c0f5ce6d2c3c19da6cc2c7fb5048bf2 +# Parent 4646533663ae1d80c2cc6b2d6dbfb37c62491c1e +CVE-2019-7637: Fix in integer overflow in SDL_CalculatePitch +If a too large width is passed to SDL_SetVideoMode() the width travels +to SDL_CalculatePitch() where the width (e.g. 65535) is multiplied by +BytesPerPixel (e.g. 4) and the result is stored into Uint16 pitch +variable. During this arithmetics an integer overflow can happen (e.g. +the value is clamped as 65532). As a result SDL_Surface with a pitch +smaller than width * BytesPerPixel is created, too small pixel buffer +is allocated and when the SDL_Surface is processed in SDL_FillRect() +a buffer overflow occurs. + +This can be reproduced with "./graywin -width 21312312313123213213213" +command. + +This patch fixes is by using a very careful arithmetics in +SDL_CalculatePitch(). If an overflow is detected, an error is reported +back as a special 0 value. We assume that 0-width surfaces do not +occur in the wild. Since SDL_CalculatePitch() is a private function, +we can change the semantics. + +CVE-2019-7637 +https://bugzilla.libsdl.org/show_bug.cgi?id=4497 + +Signed-off-by: Petr Písař + +CVE: CVE-2019-7637 +Upstream-Status: Backport +Signed-off-by: Anuj Mittal + +diff -r 4646533663ae -r 9b0e5c555c0f src/video/SDL_pixels.c +--- a/src/video/SDL_pixels.c Sat Mar 16 18:35:33 2019 -0700 ++++ b/src/video/SDL_pixels.c Sat Mar 16 19:16:24 2019 -0700 +@@ -286,26 +286,53 @@ + } + } + /* +- * Calculate the pad-aligned scanline width of a surface ++ * Calculate the pad-aligned scanline width of a surface. Return 0 in case of ++ * an error. + */ + Uint16 SDL_CalculatePitch(SDL_Surface *surface) + { +- Uint16 pitch; ++ unsigned int pitch = 0; + + /* Surface should be 4-byte aligned for speed */ +- pitch = surface->w*surface->format->BytesPerPixel; ++ /* The code tries to prevent from an Uint16 overflow. */; ++ for (Uint8 byte = surface->format->BytesPerPixel; byte; byte--) { ++ pitch += (unsigned int)surface->w; ++ if (pitch < surface->w) { ++ SDL_SetError("A scanline is too wide"); ++ return(0); ++ } ++ } + switch (surface->format->BitsPerPixel) { + case 1: +- pitch = (pitch+7)/8; ++ if (pitch % 8) { ++ pitch = pitch / 8 + 1; ++ } else { ++ pitch = pitch / 8; ++ } + break; + case 4: +- pitch = (pitch+1)/2; ++ if (pitch % 2) { ++ pitch = pitch / 2 + 1; ++ } else { ++ pitch = pitch / 2; ++ } + break; + default: + break; + } +- pitch = (pitch + 3) & ~3; /* 4-byte aligning */ +- return(pitch); ++ /* 4-byte aligning */ ++ if (pitch & 3) { ++ if (pitch + 3 < pitch) { ++ SDL_SetError("A scanline is too wide"); ++ return(0); ++ } ++ pitch = (pitch + 3) & ~3; ++ } ++ if (pitch > 0xFFFF) { ++ SDL_SetError("A scanline is too wide"); ++ return(0); ++ } ++ return((Uint16)pitch); + } + /* + * Match an RGB value to a particular palette index +diff -r 4646533663ae -r 9b0e5c555c0f src/video/gapi/SDL_gapivideo.c +--- a/src/video/gapi/SDL_gapivideo.c Sat Mar 16 18:35:33 2019 -0700 ++++ b/src/video/gapi/SDL_gapivideo.c Sat Mar 16 19:16:24 2019 -0700 +@@ -733,6 +733,9 @@ + video->w = gapi->w = width; + video->h = gapi->h = height; + video->pitch = SDL_CalculatePitch(video); ++ if (!current->pitch) { ++ return(NULL); ++ } + + /* Small fix for WinCE/Win32 - when activating window + SDL_VideoSurface is equal to zero, so activating code +diff -r 4646533663ae -r 9b0e5c555c0f src/video/nanox/SDL_nxvideo.c +--- a/src/video/nanox/SDL_nxvideo.c Sat Mar 16 18:35:33 2019 -0700 ++++ b/src/video/nanox/SDL_nxvideo.c Sat Mar 16 19:16:24 2019 -0700 +@@ -378,6 +378,10 @@ + current -> w = width ; + current -> h = height ; + current -> pitch = SDL_CalculatePitch (current) ; ++ if (!current->pitch) { ++ current = NULL; ++ goto done; ++ } + NX_ResizeImage (this, current, flags) ; + } + +diff -r 4646533663ae -r 9b0e5c555c0f src/video/ps2gs/SDL_gsvideo.c +--- a/src/video/ps2gs/SDL_gsvideo.c Sat Mar 16 18:35:33 2019 -0700 ++++ b/src/video/ps2gs/SDL_gsvideo.c Sat Mar 16 19:16:24 2019 -0700 +@@ -479,6 +479,9 @@ + current->w = width; + current->h = height; + current->pitch = SDL_CalculatePitch(current); ++ if (!current->pitch) { ++ return(NULL); ++ } + + /* Memory map the DMA area for block memory transfer */ + if ( ! mapped_mem ) { +diff -r 4646533663ae -r 9b0e5c555c0f src/video/ps3/SDL_ps3video.c +--- a/src/video/ps3/SDL_ps3video.c Sat Mar 16 18:35:33 2019 -0700 ++++ b/src/video/ps3/SDL_ps3video.c Sat Mar 16 19:16:24 2019 -0700 +@@ -339,6 +339,9 @@ + current->w = width; + current->h = height; + current->pitch = SDL_CalculatePitch(current); ++ if (!current->pitch) { ++ return(NULL); ++ } + + /* Alloc aligned mem for current->pixels */ + s_pixels = memalign(16, current->h * current->pitch); +diff -r 4646533663ae -r 9b0e5c555c0f src/video/windib/SDL_dibvideo.c +--- a/src/video/windib/SDL_dibvideo.c Sat Mar 16 18:35:33 2019 -0700 ++++ b/src/video/windib/SDL_dibvideo.c Sat Mar 16 19:16:24 2019 -0700 +@@ -675,6 +675,9 @@ + video->w = width; + video->h = height; + video->pitch = SDL_CalculatePitch(video); ++ if (!current->pitch) { ++ return(NULL); ++ } + + /* Small fix for WinCE/Win32 - when activating window + SDL_VideoSurface is equal to zero, so activating code +diff -r 4646533663ae -r 9b0e5c555c0f src/video/windx5/SDL_dx5video.c +--- a/src/video/windx5/SDL_dx5video.c Sat Mar 16 18:35:33 2019 -0700 ++++ b/src/video/windx5/SDL_dx5video.c Sat Mar 16 19:16:24 2019 -0700 +@@ -1127,6 +1127,9 @@ + video->w = width; + video->h = height; + video->pitch = SDL_CalculatePitch(video); ++ if (!current->pitch) { ++ return(NULL); ++ } + + #ifndef NO_CHANGEDISPLAYSETTINGS + /* Set fullscreen mode if appropriate. +diff -r 4646533663ae -r 9b0e5c555c0f src/video/x11/SDL_x11video.c +--- a/src/video/x11/SDL_x11video.c Sat Mar 16 18:35:33 2019 -0700 ++++ b/src/video/x11/SDL_x11video.c Sat Mar 16 19:16:24 2019 -0700 +@@ -1225,6 +1225,10 @@ + current->w = width; + current->h = height; + current->pitch = SDL_CalculatePitch(current); ++ if (!current->pitch) { ++ current = NULL; ++ goto done; ++ } + if (X11_ResizeImage(this, current, flags) < 0) { + current = NULL; + goto done; diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7638.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7638.patch new file mode 100644 index 0000000000..dab9aaeb2b --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2019-7638.patch @@ -0,0 +1,38 @@ +# HG changeset patch +# User Sam Lantinga +# Date 1550504903 28800 +# Mon Feb 18 07:48:23 2019 -0800 +# Branch SDL-1.2 +# Node ID 19d8c3b9c25143f71a34ff40ce1df91b4b3e3b78 +# Parent 8586f153eedec4c4e07066d6248ebdf67f10a229 +Fixed bug 4500 - Heap-Buffer Overflow in Map1toN pertaining to SDL_pixels.c + +Petr Pisar + +The reproducer has these data in BITMAPINFOHEADER: + +biSize = 40 +biBitCount = 8 +biClrUsed = 131075 + +SDL_LoadBMP_RW() function passes biBitCount as a color depth to SDL_CreateRGBSurface(), thus 256-color pallete is allocated. But then biClrUsed colors are read from a file and stored into the palette. SDL_LoadBMP_RW should report an error if biClrUsed is greater than 2^biBitCount. + +CVE: CVE-2019-7638 +CVE: CVE-2019-7636 +Upstream-Status: Backport +Signed-off-by: Anuj Mittal + +diff -r 8586f153eede -r 19d8c3b9c251 src/video/SDL_bmp.c +--- a/src/video/SDL_bmp.c Sun Jan 13 15:27:50 2019 +0100 ++++ b/src/video/SDL_bmp.c Mon Feb 18 07:48:23 2019 -0800 +@@ -233,6 +233,10 @@ + if ( palette ) { + if ( biClrUsed == 0 ) { + biClrUsed = 1 << biBitCount; ++ } else if ( biClrUsed > (1 << biBitCount) ) { ++ SDL_SetError("BMP file has an invalid number of colors"); ++ was_error = SDL_TRUE; ++ goto done; + } + if ( biSize == 12 ) { + for ( i = 0; i < (int)biClrUsed; ++i ) { diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/libsdl-1.2.15-xdata32.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/libsdl-1.2.15-xdata32.patch new file mode 100644 index 0000000000..f98b927522 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/libsdl-1.2.15-xdata32.patch @@ -0,0 +1,19 @@ +libX11-1.5.99.901 has changed prototype of _XData32 + +Upstream-Status: Backport + + +Signed-off-by: Saul Wold + +diff -r b6b2829cd7ef src/video/x11/SDL_x11sym.h +--- a/src/video/x11/SDL_x11sym.h Wed Feb 27 15:20:31 2013 -0800 ++++ b/src/video/x11/SDL_x11sym.h Wed Mar 27 16:07:23 2013 +0100 +@@ -165,7 +165,7 @@ + */ + #ifdef LONG64 + SDL_X11_MODULE(IO_32BIT) +-SDL_X11_SYM(int,_XData32,(Display *dpy,register long *data,unsigned len),(dpy,data,len),return) ++SDL_X11_SYM(int,_XData32,(Display *dpy,register _Xconst long *data,unsigned len),(dpy,data,len),return) + SDL_X11_SYM(void,_XRead32,(Display *dpy,register long *data,long len),(dpy,data,len),) + #endif + diff --git a/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/pkgconfig.patch b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/pkgconfig.patch new file mode 100644 index 0000000000..913baa92a0 --- /dev/null +++ b/meta-openembedded/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/pkgconfig.patch @@ -0,0 +1,187 @@ +Rather than code which doesn't even work properly when cross compiling, +lets just use pkg-config instead. Its a little simpler. + +RP 2014/6/20 + +Upstream-Status: Pending + +Index: SDL-1.2.15/sdl.m4 +=================================================================== +--- SDL-1.2.15.orig/sdl.m4 ++++ SDL-1.2.15/sdl.m4 +@@ -12,174 +12,8 @@ dnl Test for SDL, and define SDL_CFLAGS + dnl + AC_DEFUN([AM_PATH_SDL], + [dnl +-dnl Get the cflags and libraries from the sdl-config script +-dnl +-AC_ARG_WITH(sdl-prefix,[ --with-sdl-prefix=PFX Prefix where SDL is installed (optional)], +- sdl_prefix="$withval", sdl_prefix="") +-AC_ARG_WITH(sdl-exec-prefix,[ --with-sdl-exec-prefix=PFX Exec prefix where SDL is installed (optional)], +- sdl_exec_prefix="$withval", sdl_exec_prefix="") +-AC_ARG_ENABLE(sdltest, [ --disable-sdltest Do not try to compile and run a test SDL program], +- , enable_sdltest=yes) +- +- if test x$sdl_exec_prefix != x ; then +- sdl_config_args="$sdl_config_args --exec-prefix=$sdl_exec_prefix" +- if test x${SDL_CONFIG+set} != xset ; then +- SDL_CONFIG=$sdl_exec_prefix/bin/sdl-config +- fi +- fi +- if test x$sdl_prefix != x ; then +- sdl_config_args="$sdl_config_args --prefix=$sdl_prefix" +- if test x${SDL_CONFIG+set} != xset ; then +- SDL_CONFIG=$sdl_prefix/bin/sdl-config +- fi +- fi +- +- as_save_PATH="$PATH" +- if test "x$prefix" != xNONE; then +- PATH="$prefix/bin:$prefix/usr/bin:$PATH" +- fi +- AC_PATH_PROG(SDL_CONFIG, sdl-config, no, [$PATH]) +- PATH="$as_save_PATH" + min_sdl_version=ifelse([$1], ,0.11.0,$1) +- AC_MSG_CHECKING(for SDL - version >= $min_sdl_version) +- no_sdl="" +- if test "$SDL_CONFIG" = "no" ; then +- no_sdl=yes +- else +- SDL_CFLAGS=`$SDL_CONFIG $sdl_config_args --cflags` +- SDL_LIBS=`$SDL_CONFIG $sdl_config_args --libs` +- +- sdl_major_version=`$SDL_CONFIG $sdl_config_args --version | \ +- sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\1/'` +- sdl_minor_version=`$SDL_CONFIG $sdl_config_args --version | \ +- sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\2/'` +- sdl_micro_version=`$SDL_CONFIG $sdl_config_args --version | \ +- sed 's/\([[0-9]]*\).\([[0-9]]*\).\([[0-9]]*\)/\3/'` +- if test "x$enable_sdltest" = "xyes" ; then +- ac_save_CFLAGS="$CFLAGS" +- ac_save_CXXFLAGS="$CXXFLAGS" +- ac_save_LIBS="$LIBS" +- CFLAGS="$CFLAGS $SDL_CFLAGS" +- CXXFLAGS="$CXXFLAGS $SDL_CFLAGS" +- LIBS="$LIBS $SDL_LIBS" +-dnl +-dnl Now check if the installed SDL is sufficiently new. (Also sanity +-dnl checks the results of sdl-config to some extent +-dnl +- rm -f conf.sdltest +- AC_TRY_RUN([ +-#include +-#include +-#include +-#include "SDL.h" +- +-char* +-my_strdup (char *str) +-{ +- char *new_str; +- +- if (str) +- { +- new_str = (char *)malloc ((strlen (str) + 1) * sizeof(char)); +- strcpy (new_str, str); +- } +- else +- new_str = NULL; +- +- return new_str; +-} +- +-int main (int argc, char *argv[]) +-{ +- int major, minor, micro; +- char *tmp_version; +- +- /* This hangs on some systems (?) +- system ("touch conf.sdltest"); +- */ +- { FILE *fp = fopen("conf.sdltest", "a"); if ( fp ) fclose(fp); } +- +- /* HP/UX 9 (%@#!) writes to sscanf strings */ +- tmp_version = my_strdup("$min_sdl_version"); +- if (sscanf(tmp_version, "%d.%d.%d", &major, &minor, µ) != 3) { +- printf("%s, bad version string\n", "$min_sdl_version"); +- exit(1); +- } +- +- if (($sdl_major_version > major) || +- (($sdl_major_version == major) && ($sdl_minor_version > minor)) || +- (($sdl_major_version == major) && ($sdl_minor_version == minor) && ($sdl_micro_version >= micro))) +- { +- return 0; +- } +- else +- { +- printf("\n*** 'sdl-config --version' returned %d.%d.%d, but the minimum version\n", $sdl_major_version, $sdl_minor_version, $sdl_micro_version); +- printf("*** of SDL required is %d.%d.%d. If sdl-config is correct, then it is\n", major, minor, micro); +- printf("*** best to upgrade to the required version.\n"); +- printf("*** If sdl-config was wrong, set the environment variable SDL_CONFIG\n"); +- printf("*** to point to the correct copy of sdl-config, and remove the file\n"); +- printf("*** config.cache before re-running configure\n"); +- return 1; +- } +-} +- +-],, no_sdl=yes,[echo $ac_n "cross compiling; assumed OK... $ac_c"]) +- CFLAGS="$ac_save_CFLAGS" +- CXXFLAGS="$ac_save_CXXFLAGS" +- LIBS="$ac_save_LIBS" +- fi +- fi +- if test "x$no_sdl" = x ; then +- AC_MSG_RESULT(yes) +- ifelse([$2], , :, [$2]) +- else +- AC_MSG_RESULT(no) +- if test "$SDL_CONFIG" = "no" ; then +- echo "*** The sdl-config script installed by SDL could not be found" +- echo "*** If SDL was installed in PREFIX, make sure PREFIX/bin is in" +- echo "*** your path, or set the SDL_CONFIG environment variable to the" +- echo "*** full path to sdl-config." +- else +- if test -f conf.sdltest ; then +- : +- else +- echo "*** Could not run SDL test program, checking why..." +- CFLAGS="$CFLAGS $SDL_CFLAGS" +- CXXFLAGS="$CXXFLAGS $SDL_CFLAGS" +- LIBS="$LIBS $SDL_LIBS" +- AC_TRY_LINK([ +-#include +-#include "SDL.h" +- +-int main(int argc, char *argv[]) +-{ return 0; } +-#undef main +-#define main K_and_R_C_main +-], [ return 0; ], +- [ echo "*** The test program compiled, but did not run. This usually means" +- echo "*** that the run-time linker is not finding SDL or finding the wrong" +- echo "*** version of SDL. If it is not finding SDL, you'll need to set your" +- echo "*** LD_LIBRARY_PATH environment variable, or edit /etc/ld.so.conf to point" +- echo "*** to the installed location Also, make sure you have run ldconfig if that" +- echo "*** is required on your system" +- echo "***" +- echo "*** If you have an old version installed, it is best to remove it, although" +- echo "*** you may also be able to get things to work by modifying LD_LIBRARY_PATH"], +- [ echo "*** The test program failed to compile or link. See the file config.log for the" +- echo "*** exact error that occured. This usually means SDL was incorrectly installed" +- echo "*** or that you have moved SDL since it was installed. In the latter case, you" +- echo "*** may want to edit the sdl-config script: $SDL_CONFIG" ]) +- CFLAGS="$ac_save_CFLAGS" +- CXXFLAGS="$ac_save_CXXFLAGS" +- LIBS="$ac_save_LIBS" +- fi +- fi +- SDL_CFLAGS="" +- SDL_LIBS="" +- ifelse([$3], , :, [$3]) +- fi ++ PKG_CHECK_MODULES([SDL], [sdl >= $min_sdl_version]) + AC_SUBST(SDL_CFLAGS) + AC_SUBST(SDL_LIBS) +- rm -f conf.sdltest + ]) -- cgit v1.2.3