From 93c203f3a38be7db9cd7bb6b4954f3eb655acc8e Mon Sep 17 00:00:00 2001 From: Patrick Williams Date: Wed, 6 Oct 2021 16:15:23 -0500 Subject: subtree updates MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit meta-security: de6712a806..a85fbe980e: Anton Antonov (1): Upgrade parsec-service 0.8.1 and parsec-tool 0.4.0 Armin Kuster (1): chkrootkit: update to 0.55 Bhupesh Sharma (1): recipes-security/fscrypt: Add fscrypt .bb file Christer Fletcher (1): dmverity: Make use of DATA_BLOCK_SIZE variable in initrdscript. Kristian Klausen (1): libtpm: update to 0.8.7 Zoltán Böszörményi (1): clamav: Set clamav:clamav ownership on /var/lib/clamav in do_install poky: 06dcace68b..80f2b56ad8: Anibal Limon (1): recipes-support/ptest-runner: Bump to v2.4.2 Bruce Ashfield (5): linux-yocto-dev: update to v5.15-rcX lttng-modules/dev-upstream: update to 2.13-latest lttng-modules: fix build against 5.15+ linux-yocto/5.13: drop recipes yocto-bsp/5.13: drop recipes Chandana kalluri (1): scriptutils.py: Add check before deleting path Daniel Wagenknecht (2): common-tasks: add note about license implications of bundled initramfs ref-manual: add note about license implications of bundled initramfs Joshua Watt (2): lib/oe/spdx.py: Add comments python3: Fix sysroot reproducibility Kenfe-Mickael Laventure (1): package_ipk: Use localdata store when signing packages Kiran Surendran (1): ffmpeg: fix CVE-2021-38171 Kristian Klausen (2): ovmf: add TPM PACKAGECONFIG and enable if tpm is in MACHINE_FEATURES wic/bootimg-efi: Add Unified Kernel Image option Markus Volk (1): wic:direct.py: ignore invalid mountpoints during fstab update Matt Madison (1): autotools.bbclass: use ordinary append for file-checksums update Michael Halstead (1): releases: update to include 3.1.11 Minjae Kim (1): vim: fix CVE-2021-3778 Quentin Schulz (1): ref-manual: fix missed override syntax change Rasmus Villemoes (1): kernel.bbclass: remove unnecessary dead code Richard Purdie (29): oeqa/qemurunner: Use oe._exit(), not sys.exit() pseudo: Add in ability to flush database with shutdown request packagegroup-core-tools-profile: Exclude systemtap from riscv32 as well bitbake: bitbake-worker: Allow shutdown/database flush of pseudo server at task exit bitbake: siggen: Fix sorting in diff output bitbake: cooker/command: Add a dummy event for tinfoil testing oeqa/selftest/gotoolchain: Fix temp file cleanup oeqa/buildproject: Ensure temp directories are cleaned up libc_package/buildstats: Fix python regex quoting warnings oeqa/selftest/tinfoil: Update to use test command glew: Stop polluting /tmp during builds rpm: Ensure compression parallelism isn't coded into rpms package: Ensure pclist files are deterministic and don't use full paths gnupg: Be deterministic about sendmail mesa: Ensure megadrivers runtime mappings are deterministic util-linux: Fix reproducibility libtool: Allow libtool-cross to reproduce gobject-introspection: Don't write $HOME into scripts oeqa/selftest/bbtests: Add uuid to force build test image: Exclude IMAGE_VERSION_SUFFIX from expansion in image tasks sstatesig: Revert "Test cross/native hashserv method extension" bitbake: data: Ensure functions are defined in a deterministic order bitbake.conf: Set vardepvalue for PARALLEL_MAKEINST externalsrc: Fix a source date epoch race in reproducible builds sstatesig: Add processing for full build paths in sysroot files python3: Drop broken pyc files image-artifact-names: Use SOURCE_DATE_EPOCH when making reproducible builds for deploy abi_version/sstate: Bump HASH_VERSION and SSTATE_VERSION reproducible_build: Work around caching issues Robert P. J. Day (3): ref-manual: extend explanation of PACKAGE_DEBUG_SPLIT_STYLE ref-manual: mention INHIBIT_PACKAGE_DEBUG_SPLIT variable overview-manual: delete bad backslashes in SSTATE_MIRRORS example Saul Wold (3): spdx-licenses.json: Use 3.14 tagged version spdx.py: Add SPDXAnnotation Object create-spdx: Use SPDXAnnotation to track native recipes Thomas Perrot (2): libevent: mark util/monotonic_prc_fallback as retriable ruby: fix the reproducibility issue Tom Pollard (2): bzip2: Update soname for libbz2 1.0.8 libsamplerate0: Set correct soname for 0.1.9 Trevor Woerner (1): hello-mod/hello.c: convert printk to pr_xxx William A. Kennington III (1): rm_work.bbclass: Fix for files starting with - Yi Zhao (1): inetutils: fix CVE-2021-40491 wangmy (1): strace: upgrade 5.13 -> 5.14 meta-openembedded: cff8331f96..23dc4f060f: Armin Kuster (1): README: update to main repo Chandana kalluri (1): python3-humanfriendly: Add nativesdk to BBCLASSEXTEND Changqing Li (1): layer.conf: add openembedded-layer as LAYERDEPENDS Khem Raj (3): smcroute: Add missing pkgconfig inherit packagegroup-meta-oe: Add new packages smarty and libjs-jquery-icheck gattlib: Upgrade to latest LiweiSong (1): chipsec: platform security assessment framework Martin Jansa (5): opencv: fix build with protobuf-3.18 when dnn PACKAGECONFIG is enabled libeigen: backport fix for -Werror=class-memaccess issues when NEON is enabled README: mention linux-libc-dev:i386 for luajit on ubuntu-21.10 gpsd: inherit pkgconfig pahole: use MACHINE_ARCH Matteo Croce (1): pahole: don't download vendored libbpf Mingli Yu (1): libqb: Upgrade to 2.0.3 Nandor Han (1): libiio: depend on avahi only when network backed is used Peter Kjellerstedt (1): netdata: Move the version to the file name and correct the SRC_URI Richard Purdie (1): gattlib: Place pkgconfig file in correct package Yi Zhao (1): phpmyadmin: upgrade 5.1.0 -> 5.1.1 wangmy (7): unionfs-fuse: upgrade 2.1 -> 2.2 smcroute: upgrade 2.4.4 -> 2.5.3 snort: upgrade 2.9.18 -> 2.9.18.1 libsass: upgrade 3.6.4 -> 3.6.5 sanlock: upgrade 3.8.3 -> 3.8.4 sassc: upgrade 3.6.1 -> 3.6.2 valijson: upgrade 0.5 -> 0.6 zangrc (8): python3-pychromecast: upgrade 9.2.0 -> 9.2.1 python3-pyro4: upgrade 4.80 -> 4.81 python3-pyzmq: upgrade 22.2.1 -> 22.3.0 python3-robotframework: upgrade 4.1 -> 4.1.1 python3-sqlparse: upgrade 0.4.1 -> 0.4.2 python3-tqdm: upgrade 4.62.2 -> 4.62.3 libjs-jquery-icheck: Add recipe smarty: Add recipe zhengruoqin (6): python3-cmd2: upgrade 2.1.2 -> 2.2.0 python3-huey: upgrade 2.4.0 -> 2.4.1 python3-humanfriendly: upgrade 9.2 -> 10.0 cifs-utils: upgrade 6.13 -> 6.14 cmark: upgrade 0.30.1 -> 0.30.2 gpsd: upgrade 3.23 -> 3.23.1 Signed-off-by: Patrick Williams Change-Id: Ie782ff5d7f3004fb1f1ac9a4c8644a178bae46ad --- poky/meta/recipes-support/gnupg/gnupg_2.3.1.bb | 1 + ...-util-monotonic_prc_fallback-as-retriable.patch | 28 ++++++++ ...e-tests-are-marked-failed-only-when-all-a.patch | 81 ++++++++++++++++++++++ .../recipes-support/libevent/libevent/run-ptest | 10 +-- .../recipes-support/libevent/libevent_2.1.12.bb | 4 +- .../ptest-runner/ptest-runner_2.4.1.bb | 30 -------- .../ptest-runner/ptest-runner_2.4.2.bb | 30 ++++++++ .../recipes-support/vim/files/CVE-2021-3778.patch | 46 ++++++++++++ poky/meta/recipes-support/vim/vim.inc | 1 + 9 files changed, 195 insertions(+), 36 deletions(-) create mode 100644 poky/meta/recipes-support/libevent/libevent/0003-test-mark-util-monotonic_prc_fallback-as-retriable.patch create mode 100644 poky/meta/recipes-support/libevent/libevent/0004-test-retriable-tests-are-marked-failed-only-when-all-a.patch delete mode 100644 poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.1.bb create mode 100644 poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb create mode 100644 poky/meta/recipes-support/vim/files/CVE-2021-3778.patch (limited to 'poky/meta/recipes-support') diff --git a/poky/meta/recipes-support/gnupg/gnupg_2.3.1.bb b/poky/meta/recipes-support/gnupg/gnupg_2.3.1.bb index b8b0314d2f..411ea9579d 100644 --- a/poky/meta/recipes-support/gnupg/gnupg_2.3.1.bb +++ b/poky/meta/recipes-support/gnupg/gnupg_2.3.1.bb @@ -31,6 +31,7 @@ EXTRA_OECONF = "--disable-ldap \ --with-zlib=${STAGING_LIBDIR}/.. \ --with-bzip2=${STAGING_LIBDIR}/.. \ --with-readline=${STAGING_LIBDIR}/.. \ + --with-mailprog=${sbindir}/sendmail \ --enable-gpg-is-gpg2 \ " diff --git a/poky/meta/recipes-support/libevent/libevent/0003-test-mark-util-monotonic_prc_fallback-as-retriable.patch b/poky/meta/recipes-support/libevent/libevent/0003-test-mark-util-monotonic_prc_fallback-as-retriable.patch new file mode 100644 index 0000000000..8a2c78983e --- /dev/null +++ b/poky/meta/recipes-support/libevent/libevent/0003-test-mark-util-monotonic_prc_fallback-as-retriable.patch @@ -0,0 +1,28 @@ +From d01a57a998798da977c470f3b8d6a457c1adb144 Mon Sep 17 00:00:00 2001 +From: Azat Khuzhin +Date: Sun, 19 Sep 2021 00:57:31 +0300 +Subject: [PATCH] test: mark util/monotonic_prc_fallback as retriable + +Refs: #1193 + +Upstream-status: Backported +--- + test/regress_util.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/test/regress_util.c b/test/regress_util.c +index 45caa2700a40..a9e80db20149 100644 +--- a/test/regress_util.c ++++ b/test/regress_util.c +@@ -1672,7 +1672,7 @@ struct testcase_t util_testcases[] = { + { "monotonic_res_fallback", test_evutil_monotonic_res, TT_OFF_BY_DEFAULT, &basic_setup, (void*)"fallback" }, + { "monotonic_prc", test_evutil_monotonic_prc, 0, &basic_setup, (void*)"" }, + { "monotonic_prc_precise", test_evutil_monotonic_prc, TT_RETRIABLE, &basic_setup, (void*)"precise" }, +- { "monotonic_prc_fallback", test_evutil_monotonic_prc, 0, &basic_setup, (void*)"fallback" }, ++ { "monotonic_prc_fallback", test_evutil_monotonic_prc, TT_RETRIABLE, &basic_setup, (void*)"fallback" }, + { "date_rfc1123", test_evutil_date_rfc1123, 0, NULL, NULL }, + { "evutil_v4addr_is_local", test_evutil_v4addr_is_local, 0, NULL, NULL }, + { "evutil_v6addr_is_local", test_evutil_v6addr_is_local, 0, NULL, NULL }, +-- +2.31.1 + diff --git a/poky/meta/recipes-support/libevent/libevent/0004-test-retriable-tests-are-marked-failed-only-when-all-a.patch b/poky/meta/recipes-support/libevent/libevent/0004-test-retriable-tests-are-marked-failed-only-when-all-a.patch new file mode 100644 index 0000000000..ae7db0b7aa --- /dev/null +++ b/poky/meta/recipes-support/libevent/libevent/0004-test-retriable-tests-are-marked-failed-only-when-all-a.patch @@ -0,0 +1,81 @@ +From 36ebd92fa53c0097f1e2f9ec5aa5b5c6ec1b411d Mon Sep 17 00:00:00 2001 +From: Thomas Perrot +Date: Wed, 29 Sep 2021 13:50:35 +0200 +Subject: [PATCH] test: retriable tests are marked failed only when all + attempts have failed + +Fixes: #1193 + +Upstream-status: Pending + +Signed-off-by: Thomas Perrot +--- + test/tinytest.c | 13 ++++++------- + test/tinytest.h | 2 +- + 2 files changed, 7 insertions(+), 8 deletions(-) + +diff --git a/test/tinytest.c b/test/tinytest.c +index 85dfe74a720e..bf2882418eb6 100644 +--- a/test/tinytest.c ++++ b/test/tinytest.c +@@ -310,7 +310,8 @@ testcase_run_forked_(const struct testgroup_t *group, + + int + testcase_run_one(const struct testgroup_t *group, +- const struct testcase_t *testcase) ++ const struct testcase_t *testcase, ++ const int test_attempts) + { + enum outcome outcome; + +@@ -348,7 +349,7 @@ testcase_run_one(const struct testgroup_t *group, + if (opt_verbosity>0 && !opt_forked) + puts("SKIPPED"); + } else { +- if (!opt_forked) ++ if (!opt_forked && (testcase->flags & TT_RETRIABLE) && !test_attempts) + printf("\n [%s FAILED]\n", testcase->name); + } + +@@ -525,22 +526,20 @@ tinytest_main(int c, const char **v, struct testgroup_t *groups) + struct testgroup_t *group = &groups[i]; + for (j = 0; group->cases[j].name; ++j) { + struct testcase_t *testcase = &group->cases[j]; +- int test_attempts = 3; ++ int test_attempts = (testcase->flags & TT_RETRIABLE) ? 3: 1; + int test_ret_err; + + if (!(testcase->flags & TT_ENABLED_)) + continue; + + for (;;) { +- test_ret_err = testcase_run_one(group, testcase); ++ test_ret_err = testcase_run_one(group, testcase, test_attempts); + + if (test_ret_err == OK) + break; +- if (!(testcase->flags & TT_RETRIABLE)) ++ if (!--test_attempts) + break; + printf("\n [RETRYING %s (%i)]\n", testcase->name, test_attempts); +- if (!test_attempts--) +- break; + } + + switch (test_ret_err) { +diff --git a/test/tinytest.h b/test/tinytest.h +index d321dd467542..c276b5339331 100644 +--- a/test/tinytest.h ++++ b/test/tinytest.h +@@ -92,7 +92,7 @@ char *tinytest_format_hex_(const void *, unsigned long); + tinytest_set_flag_(groups, named, 1, TT_SKIP) + + /** Run a single testcase in a single group. */ +-int testcase_run_one(const struct testgroup_t *,const struct testcase_t *); ++int testcase_run_one(const struct testgroup_t *,const struct testcase_t *, const int test_attempts); + + void tinytest_set_aliases(const struct testlist_alias_t *aliases); + +-- +2.31.1 + diff --git a/poky/meta/recipes-support/libevent/libevent/run-ptest b/poky/meta/recipes-support/libevent/libevent/run-ptest index d3b5e793c3..ef4260d1c4 100644 --- a/poky/meta/recipes-support/libevent/libevent/run-ptest +++ b/poky/meta/recipes-support/libevent/libevent/run-ptest @@ -1,14 +1,14 @@ #!/bin/sh # run-ptest - 'ptest' test infrastructure shell script that -# wraps the libevent test scripts +# wraps the libevent test scripts # # Trevor Gamblin ############################################################### LIBEVENTLIB=@libdir@/libevent LOG="${LIBEVENTLIB}/ptest/libevent_ptest_$(date +%Y%m%d-%H%M%S).log" -cd ${LIBEVENTLIB}/ptest +cd ${LIBEVENTLIB}/ptest # Run only the libevent "regress" test. All other test scripts in the # libevent "test" folder are related to performance, e.g. read/write @@ -16,9 +16,9 @@ cd ${LIBEVENTLIB}/ptest # in the ptest log. ./test/regress 2>&1| sed -e '/TESTS/d' -e '/tests/d' -e '/OK/ s/^/PASS: / ; /FAILED/ s/^/FAIL: / ; /SKIPPED/ s/^/SKIP: / ; /DISABLED/ s/^/SKIP: /' | cut -f1,2 -d ':' | tee -a ${LOG} -passed=`grep PASS ${LOG}|wc -l` -failed=`grep FAIL ${LOG}|wc -l` -skipped=`grep -E SKIP ${LOG}|wc -l` +passed=`grep PASS: ${LOG}|wc -l` +failed=`grep FAIL: ${LOG}|wc -l` +skipped=`grep -E SKIP: ${LOG}|wc -l` all=$((passed + failed + skipped)) ( echo "=== Test Summary ===" diff --git a/poky/meta/recipes-support/libevent/libevent_2.1.12.bb b/poky/meta/recipes-support/libevent/libevent_2.1.12.bb index 4b419eab22..e26e8a9b57 100644 --- a/poky/meta/recipes-support/libevent/libevent_2.1.12.bb +++ b/poky/meta/recipes-support/libevent/libevent_2.1.12.bb @@ -16,6 +16,8 @@ SRC_URI = "https://github.com/libevent/libevent/releases/download/release-${PV}- file://run-ptest \ file://0001-test-regress_dns.c-patch-out-tests-that-require-a-wo.patch \ file://0002-test-regress.h-Increase-default-timeval-tolerance-50.patch \ + file://0003-test-mark-util-monotonic_prc_fallback-as-retriable.patch \ + file://0004-test-retriable-tests-are-marked-failed-only-when-all-a.patch \ " SRC_URI[sha256sum] = "92e6de1be9ec176428fd2367677e61ceffc2ee1cb119035037a27d346b0403bb" @@ -56,7 +58,7 @@ do_install_ptest() { do install -m 0755 $file ${D}${PTEST_PATH}/test done - + # handle multilib sed -i s:@libdir@:${libdir}:g ${D}${PTEST_PATH}/run-ptest } diff --git a/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.1.bb b/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.1.bb deleted file mode 100644 index c6a1ab1781..0000000000 --- a/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.1.bb +++ /dev/null @@ -1,30 +0,0 @@ -SUMMARY = "A C program to run all installed ptests" -DESCRIPTION = "The ptest-runner2 package installs a ptest-runner \ -program which loops through all installed ptest test suites and \ -runs them in sequence." -HOMEPAGE = "http://git.yoctoproject.org/cgit/cgit.cgi/ptest-runner2/about/" - -LICENSE = "GPLv2+" -LIC_FILES_CHKSUM = "file://LICENSE;md5=751419260aa954499f7abaabaa882bbe" - -SRCREV = "cce0edb4282ee081d043030bfdf29f3e4052f86c" -PV .= "+git${SRCPV}" - -SRC_URI = "git://git.yoctoproject.org/ptest-runner2 \ -" - -S = "${WORKDIR}/git" - -FILES:${PN} = "${bindir}/ptest-runner" - -EXTRA_OEMAKE = "-e MAKEFLAGS= CFLAGS="${CFLAGS} -DDEFAULT_DIRECTORY=\\\"${libdir}\\\""" - -do_compile () { - oe_runmake -} - -do_install () { - install -D -m 0755 ${S}/ptest-runner ${D}${bindir}/ptest-runner -} - -RDEPENDS:${PN}:append:libc-glibc = " libgcc" diff --git a/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb b/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb new file mode 100644 index 0000000000..1d3c24a177 --- /dev/null +++ b/poky/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb @@ -0,0 +1,30 @@ +SUMMARY = "A C program to run all installed ptests" +DESCRIPTION = "The ptest-runner2 package installs a ptest-runner \ +program which loops through all installed ptest test suites and \ +runs them in sequence." +HOMEPAGE = "http://git.yoctoproject.org/cgit/cgit.cgi/ptest-runner2/about/" + +LICENSE = "GPLv2+" +LIC_FILES_CHKSUM = "file://LICENSE;md5=751419260aa954499f7abaabaa882bbe" + +SRCREV = "bcb82804daa8f725b6add259dcef2067e61a75aa" +PV .= "+git${SRCPV}" + +SRC_URI = "git://git.yoctoproject.org/ptest-runner2 \ +" + +S = "${WORKDIR}/git" + +FILES:${PN} = "${bindir}/ptest-runner" + +EXTRA_OEMAKE = "-e MAKEFLAGS= CFLAGS="${CFLAGS} -DDEFAULT_DIRECTORY=\\\"${libdir}\\\""" + +do_compile () { + oe_runmake +} + +do_install () { + install -D -m 0755 ${S}/ptest-runner ${D}${bindir}/ptest-runner +} + +RDEPENDS:${PN}:append:libc-glibc = " libgcc" diff --git a/poky/meta/recipes-support/vim/files/CVE-2021-3778.patch b/poky/meta/recipes-support/vim/files/CVE-2021-3778.patch new file mode 100644 index 0000000000..769a7a07ac --- /dev/null +++ b/poky/meta/recipes-support/vim/files/CVE-2021-3778.patch @@ -0,0 +1,46 @@ +From eb41373c8c88b0789e5cf04669d6116f9a199264 Mon Sep 17 00:00:00 2001 +From: Minjae Kim +Date: Sun, 26 Sep 2021 23:48:00 +0000 +Subject: [PATCH] patch 8.2.3409: reading beyond end of line with invalid utf-8 + character + +Problem: Reading beyond end of line with invalid utf-8 character. +Solution: Check for NUL when advancing. + +Upstream-Status: Accepted [https://github.com/vim/vim/commit/65b605665997fad54ef39a93199e305af2fe4d7f] +CVE: CVE-2021-3778 +Signed-off-by: Minjae Kim +--- + src/regexp_nfa.c | 3 ++- + src/testdir/test_regexp_utf8.vim | 7 +++++++ + 2 files changed, 9 insertions(+), 1 deletion(-) + +Index: git/src/regexp_nfa.c +=================================================================== +--- git.orig/src/regexp_nfa.c ++++ git/src/regexp_nfa.c +@@ -5455,7 +5455,8 @@ find_match_text(colnr_T startcol, int re + match = FALSE; + break; + } +- len2 += MB_CHAR2LEN(c2); ++ len2 += enc_utf8 ? utf_ptr2len(rex.line + col + len2) ++ : MB_CHAR2LEN(c2); + } + if (match + // check that no composing char follows +Index: git/src/testdir/test_regexp_utf8.vim +=================================================================== +--- git.orig/src/testdir/test_regexp_utf8.vim ++++ git/src/testdir/test_regexp_utf8.vim +@@ -215,3 +215,10 @@ func Test_optmatch_toolong() + set re=0 + endfunc + ++func Test_match_invalid_byte() ++ call writefile(0z630a.765d30aa0a.2e0a.790a.4030, 'Xinvalid') ++ new ++ source Xinvalid ++ bwipe! ++ call delete('Xinvalid') ++endfunc diff --git a/poky/meta/recipes-support/vim/vim.inc b/poky/meta/recipes-support/vim/vim.inc index 7e9225fbcb..db1e9caf4d 100644 --- a/poky/meta/recipes-support/vim/vim.inc +++ b/poky/meta/recipes-support/vim/vim.inc @@ -18,6 +18,7 @@ SRC_URI = "git://github.com/vim/vim.git \ file://no-path-adjust.patch \ file://racefix.patch \ file://b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch \ + file://CVE-2021-3778.patch \ " SRCREV = "98056533b96b6b5d8849641de93185dd7bcadc44" -- cgit v1.2.3