* [hardknott 00/18] Patch review
@ 2021-08-15 14:06 Armin Kuster
2021-08-15 14:06 ` [hardknott 01/18] wireshark: update to 3.4.7 Armin Kuster
` (17 more replies)
0 siblings, 18 replies; 19+ messages in thread
From: Armin Kuster @ 2021-08-15 14:06 UTC (permalink / raw
To: openembedded-devel
Please have comments back by Tuesday
The following changes since commit 5a4b2ab29d38c02535f24d5308cc40615739f557:
python3-urllib3: Upgrade 1.26.4 -> 1.26.5 (2021-07-30 16:20:20 -0700)
are available in the Git repository at:
git://git.openembedded.org/meta-openembedded-contrib stable/hardknott-nut
http://cgit.openembedded.org/meta-openembedded-contrib/log/?h=stable/hardknott-nut
Anastasios Kavoukis (1):
pm-qa: fix paths for shell scripts
Armin Kuster (1):
wireshark: update to 3.4.7
Changqing Li (1):
ndpi: fix CVE-2021-36082
Devendra Tewari (1):
Suppress eol in functionfs setup scripts (#147)
Gianfranco (1):
vboxguestdrivers: upgrade 6.1.22 -> 6.1.24
Joe Slater (1):
php: move to version 7.4.21
Kai Kang (1):
libdbi-perl: fix CVE-2014-10402
Li Wang (1):
openlldp: fix segfault
Michael Opdenacker (1):
bigbuckbunny-1080p: fix sample video URL
Mingli Yu (2):
mariadb: redefine log-error item
mariadb: Update SRC_URI
Paulo Neves (1):
htop: Add ncurses-terminfo-base to RDEPENDS
Tony Battersby (3):
net-snmp: fix QA Issue after LDFLAGS change
curlpp: fix QA Issue after LDFLAGS change
ldns: fix QA Issue after LDFLAGS change
Tony Tascioglu (1):
redis: fix CVE-2021-32625
wangmy (2):
nghttp2: upgrade 1.43.0 -> 1.44.0
libtalloc: upgrade 2.3.2 -> 2.3.3
.../sample-content/bigbuckbunny-1080p.bb | 2 +-
.../net-snmp/net-snmp_5.9.1.bb | 5 +
.../lldp_head-remove-all-references.patch | 331 ++++++++++++++++++
.../openlldp/openlldp_1.0.1.bb | 1 +
.../recipes-support/curlpp/curlpp_0.8.1.bb | 7 +
...{libtalloc_2.3.2.bb => libtalloc_2.3.3.bb} | 6 +-
.../{nghttp2_1.43.0.bb => nghttp2_1.44.0.bb} | 2 +-
.../ntopng/files/CVE-2021-36082.patch | 116 ++++++
.../recipes-support/ntopng/ndpi_3.4.bb | 1 +
...{wireshark_3.4.6.bb => wireshark_3.4.7.bb} | 2 +-
meta-oe/recipes-dbs/mysql/mariadb.inc | 7 +-
meta-oe/recipes-dbs/mysql/mariadb/my.cnf | 2 +-
.../android-gadget-cleanup | 2 +-
.../android-gadget-setup | 4 +-
.../android-gadget-start | 2 +-
meta-oe/recipes-devtools/ldns/ldns_1.7.1.bb | 7 +
.../perl/libdbi-perl/CVE-2014-10402.patch | 56 +++
.../perl/libdbi-perl_1.643.bb | 4 +-
.../php/{php_7.4.16.bb => php_7.4.21.bb} | 3 +-
.../redis/redis/fix-CVE-2021-32625.patch | 61 ++++
meta-oe/recipes-extended/redis/redis_6.2.2.bb | 1 +
meta-oe/recipes-support/htop/htop_3.0.5.bb | 2 +
.../40-linux-5.13-support.patch | 276 ---------------
...s_6.1.22.bb => vboxguestdrivers_6.1.26.bb} | 6 +-
meta-oe/recipes-test/pm-qa/pm-qa_git.bb | 3 +-
25 files changed, 610 insertions(+), 299 deletions(-)
create mode 100644 meta-networking/recipes-protocols/openlldp/files/lldp_head-remove-all-references.patch
rename meta-networking/recipes-support/libtalloc/{libtalloc_2.3.2.bb => libtalloc_2.3.3.bb} (91%)
rename meta-networking/recipes-support/nghttp2/{nghttp2_1.43.0.bb => nghttp2_1.44.0.bb} (93%)
create mode 100644 meta-networking/recipes-support/ntopng/files/CVE-2021-36082.patch
rename meta-networking/recipes-support/wireshark/{wireshark_3.4.6.bb => wireshark_3.4.7.bb} (97%)
create mode 100644 meta-oe/recipes-devtools/perl/libdbi-perl/CVE-2014-10402.patch
rename meta-oe/recipes-devtools/php/{php_7.4.16.bb => php_7.4.21.bb} (99%)
create mode 100644 meta-oe/recipes-extended/redis/redis/fix-CVE-2021-32625.patch
delete mode 100644 meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers/40-linux-5.13-support.patch
rename meta-oe/recipes-support/vboxguestdrivers/{vboxguestdrivers_6.1.22.bb => vboxguestdrivers_6.1.26.bb} (94%)
--
2.25.1
^ permalink raw reply [flat|nested] 19+ messages in thread
* [hardknott 01/18] wireshark: update to 3.4.7
2021-08-15 14:06 [hardknott 00/18] Patch review Armin Kuster
@ 2021-08-15 14:06 ` Armin Kuster
2021-08-15 14:06 ` [hardknott 02/18] nghttp2: upgrade 1.43.0 -> 1.44.0 Armin Kuster
` (16 subsequent siblings)
17 siblings, 0 replies; 19+ messages in thread
From: Armin Kuster @ 2021-08-15 14:06 UTC (permalink / raw
To: openembedded-devel
Stable branch bug fix update. Includes:
CVE-2021-22235
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit b68fe48192f0e029a1ca60a8f72199fbbccd3c1e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../wireshark/{wireshark_3.4.6.bb => wireshark_3.4.7.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta-networking/recipes-support/wireshark/{wireshark_3.4.6.bb => wireshark_3.4.7.bb} (97%)
diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.4.6.bb b/meta-networking/recipes-support/wireshark/wireshark_3.4.7.bb
similarity index 97%
rename from meta-networking/recipes-support/wireshark/wireshark_3.4.6.bb
rename to meta-networking/recipes-support/wireshark/wireshark_3.4.7.bb
index 6acd849f89..2e0fdae63b 100644
--- a/meta-networking/recipes-support/wireshark/wireshark_3.4.6.bb
+++ b/meta-networking/recipes-support/wireshark/wireshark_3.4.7.bb
@@ -19,7 +19,7 @@ SRC_URI += " \
UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src"
-SRC_URI[sha256sum] = "12a678208f8cb009e6b9d96026e41a6ef03c7ad086b9e1029f42053b249b4628"
+SRC_URI[sha256sum] = "6c4cee51ef997cb9d9aaee84113525a5629157d3c743d7c4e320000de804a09d"
PE = "1"
--
2.25.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [hardknott 02/18] nghttp2: upgrade 1.43.0 -> 1.44.0
2021-08-15 14:06 [hardknott 00/18] Patch review Armin Kuster
2021-08-15 14:06 ` [hardknott 01/18] wireshark: update to 3.4.7 Armin Kuster
@ 2021-08-15 14:06 ` Armin Kuster
2021-08-15 14:06 ` [hardknott 03/18] libtalloc: upgrade 2.3.2 -> 2.3.3 Armin Kuster
` (15 subsequent siblings)
17 siblings, 0 replies; 19+ messages in thread
From: Armin Kuster @ 2021-08-15 14:06 UTC (permalink / raw
To: openembedded-devel
From: wangmy <wangmy@fujitsu.com>
v1.44.0 changelog:
lib: Port new ngtcp2 map implementation
doc: Replace master with main
build: Add precious variables for libev and jemalloc and use JEMALLOC_CFLAGS
build: Add more --with-* configure flags
build: Add LIBTOOL_LDFLAGS configure variable
third-party: Bump llhttp to 6.0.2
src: Replace black-list with block-list
nghttpx: Fix max distance in weight group/address cycle comparison
nghttpx: Set connect_blocker and live_check after shuffling addresses
nghttpx: Replace master with main
nghttpx: Remove trailing white space after $method log variable
(https://github.com/nghttp2/nghttp2/pull/1553)
h2load: Add --rps option
(https://github.com/nghttp2/nghttp2/pull/1559)
h2load: Allow unit in -D option
asio: fix some typos (Patch from Jan Kundrát)
(https://github.com/nghttp2/nghttp2/pull/1550)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit b767b37e3aabc3c9e95adb7eb469bd6d32979fb8)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../nghttp2/{nghttp2_1.43.0.bb => nghttp2_1.44.0.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta-networking/recipes-support/nghttp2/{nghttp2_1.43.0.bb => nghttp2_1.44.0.bb} (93%)
diff --git a/meta-networking/recipes-support/nghttp2/nghttp2_1.43.0.bb b/meta-networking/recipes-support/nghttp2/nghttp2_1.44.0.bb
similarity index 93%
rename from meta-networking/recipes-support/nghttp2/nghttp2_1.43.0.bb
rename to meta-networking/recipes-support/nghttp2/nghttp2_1.44.0.bb
index 959cccf357..32a9307c3f 100644
--- a/meta-networking/recipes-support/nghttp2/nghttp2_1.43.0.bb
+++ b/meta-networking/recipes-support/nghttp2/nghttp2_1.44.0.bb
@@ -11,7 +11,7 @@ SRC_URI = "\
https://github.com/nghttp2/nghttp2/releases/download/v${PV}/nghttp2-${PV}.tar.xz \
file://0001-fetch-ocsp-response-use-python3.patch \
"
-SRC_URI[sha256sum] = "f7d54fa6f8aed29f695ca44612136fa2359013547394d5dffeffca9e01a26b0f"
+SRC_URI[sha256sum] = "5699473b29941e8dafed10de5c8cb37a3581edf62ba7d04b911ca247d4de3c5d"
inherit cmake manpages python3native
PACKAGECONFIG[manpages] = ""
--
2.25.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [hardknott 03/18] libtalloc: upgrade 2.3.2 -> 2.3.3
2021-08-15 14:06 [hardknott 00/18] Patch review Armin Kuster
2021-08-15 14:06 ` [hardknott 01/18] wireshark: update to 3.4.7 Armin Kuster
2021-08-15 14:06 ` [hardknott 02/18] nghttp2: upgrade 1.43.0 -> 1.44.0 Armin Kuster
@ 2021-08-15 14:06 ` Armin Kuster
2021-08-15 14:06 ` [hardknott 04/18] openlldp: fix segfault Armin Kuster
` (14 subsequent siblings)
17 siblings, 0 replies; 19+ messages in thread
From: Armin Kuster @ 2021-08-15 14:06 UTC (permalink / raw
To: openembedded-devel
From: wangmy <wangmy@fujitsu.com>
License-Update:
add note:
** NOTE! The following LGPL license applies to the talloc
** library. This does NOT imply that all of Samba is released
** under the LGPL
"GNU General Public License" changed to "GNU Lesser General Public License"
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 173cf5fd6b3fa2b0ee74ccb5fc11a96319943821)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../libtalloc/{libtalloc_2.3.2.bb => libtalloc_2.3.3.bb} | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
rename meta-networking/recipes-support/libtalloc/{libtalloc_2.3.2.bb => libtalloc_2.3.3.bb} (91%)
diff --git a/meta-networking/recipes-support/libtalloc/libtalloc_2.3.2.bb b/meta-networking/recipes-support/libtalloc/libtalloc_2.3.3.bb
similarity index 91%
rename from meta-networking/recipes-support/libtalloc/libtalloc_2.3.2.bb
rename to meta-networking/recipes-support/libtalloc/libtalloc_2.3.3.bb
index ae92de2db3..1d227dac6c 100644
--- a/meta-networking/recipes-support/libtalloc/libtalloc_2.3.2.bb
+++ b/meta-networking/recipes-support/libtalloc/libtalloc_2.3.3.bb
@@ -3,14 +3,14 @@ HOMEPAGE = "http://talloc.samba.org"
SECTION = "libs"
LICENSE = "LGPL-3.0+ & GPL-3.0+"
LIC_FILES_CHKSUM = "file://talloc.h;beginline=3;endline=27;md5=a301712782cad6dd6d5228bfa7825249 \
- file://pytalloc.h;beginline=1;endline=18;md5=2c498cc6f2263672483237b20f46b43d"
+ file://pytalloc.h;beginline=1;endline=18;md5=21ab13bd853679d7d47a1739cb3b7db6 \
+ "
SRC_URI = "https://www.samba.org/ftp/talloc/talloc-${PV}.tar.gz \
file://options-2.2.0.patch \
"
-SRC_URI[md5sum] = "3376a86bdf9dd4abc6b8d8d645390902"
-SRC_URI[sha256sum] = "27a03ef99e384d779124df755deb229cd1761f945eca6d200e8cfd9bf5297bd7"
+SRC_URI[sha256sum] = "6be95b2368bd0af1c4cd7a88146eb6ceea18e46c3ffc9330bf6262b40d1d8aaa"
inherit waf-samba
--
2.25.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [hardknott 04/18] openlldp: fix segfault
2021-08-15 14:06 [hardknott 00/18] Patch review Armin Kuster
` (2 preceding siblings ...)
2021-08-15 14:06 ` [hardknott 03/18] libtalloc: upgrade 2.3.2 -> 2.3.3 Armin Kuster
@ 2021-08-15 14:06 ` Armin Kuster
2021-08-15 14:06 ` [hardknott 05/18] htop: Add ncurses-terminfo-base to RDEPENDS Armin Kuster
` (13 subsequent siblings)
17 siblings, 0 replies; 19+ messages in thread
From: Armin Kuster @ 2021-08-15 14:06 UTC (permalink / raw
To: openembedded-devel
From: Li Wang <li.wang@windriver.com>
~ lldpad -d
~ 8021q: 802.1Q VLAN Support v1.8
~ 8021q: adding VLAN 0 to HW filter on device eth0
~ lldpad[xxx]: segfault at 0 ip xxx sp xxx error 4 in lldpad[xxx+xxx]
~ Code: xxx
the issue is introduced by:
0002-lldp_head-rename-and-make-extern.patch
Upstream patches:
https://github.com/intel/openlldp/commit/ed6a8e5a75f56b7034a46294a0bf2a9a7fd14fbc
Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 145f59ba75c992c4ce1f808308c041c1f7519244)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../lldp_head-remove-all-references.patch | 331 ++++++++++++++++++
.../openlldp/openlldp_1.0.1.bb | 1 +
2 files changed, 332 insertions(+)
create mode 100644 meta-networking/recipes-protocols/openlldp/files/lldp_head-remove-all-references.patch
diff --git a/meta-networking/recipes-protocols/openlldp/files/lldp_head-remove-all-references.patch b/meta-networking/recipes-protocols/openlldp/files/lldp_head-remove-all-references.patch
new file mode 100644
index 0000000000..bb3400cfa6
--- /dev/null
+++ b/meta-networking/recipes-protocols/openlldp/files/lldp_head-remove-all-references.patch
@@ -0,0 +1,331 @@
+From ed6a8e5a75f56b7034a46294a0bf2a9a7fd14fbc Mon Sep 17 00:00:00 2001
+From: Aaron Conole <aconole@redhat.com>
+Date: Fri, 23 Oct 2020 14:40:32 -0400
+Subject: [PATCH] lldp_head: remove all references
+
+There were a number of references missed during the module cleanup. This hits the remaining
+ones.
+
+Fixes: 07a83c583b9d ("lldp_head: rename and make extern")
+Signed-off-by: Aaron Conole <aconole@redhat.com>
+
+Reference to upstream patch:
+https://github.com/intel/openlldp/commit/ed6a8e5a75f56b7034a46294a0bf2a9a7fd14fbc
+
+Signed-off-by: Li Wang <li.wang@windriver.com>
+---
+ ctrl_iface.c | 4 +---
+ lldp_8021qaz.c | 11 +++++------
+ lldp_8023.c | 6 ++----
+ lldp_basman.c | 6 ++----
+ lldp_evb.c | 6 ++----
+ lldp_evb22.c | 6 ++----
+ lldp_mand.c | 10 ++++------
+ lldp_med.c | 6 ++----
+ qbg_utils.c | 3 +--
+ 9 files changed, 21 insertions(+), 37 deletions(-)
+
+diff --git a/ctrl_iface.c b/ctrl_iface.c
+index 1734f49..666f7c8 100644
+--- a/ctrl_iface.c
++++ b/ctrl_iface.c
+@@ -53,8 +53,6 @@
+ #include "lldp_util.h"
+ #include "messages.h"
+
+-extern struct lldp_head lldp_head;
+-
+ struct ctrl_dst {
+ struct ctrl_dst *next;
+ struct sockaddr_un addr;
+@@ -116,7 +114,7 @@ int clif_iface_module(struct clif_data *clifd,
+ return cmd_invalid;
+ }
+
+- mod = find_module_by_id(&lldp_head, module_id);
++ mod = find_module_by_id(&lldp_mod_head, module_id);
+ if (mod && mod->ops && mod->ops->client_cmd)
+ return (mod->ops->client_cmd)(clifd, from, fromlen,
+ cmd_start, cmd_len, rbuf+strlen(rbuf), rlen);
+diff --git a/lldp_8021qaz.c b/lldp_8021qaz.c
+index 16ae167..e747710 100644
+--- a/lldp_8021qaz.c
++++ b/lldp_8021qaz.c
+@@ -48,7 +48,6 @@
+ #include "lldp_dcbx.h"
+
+
+-struct lldp_head lldp_head;
+ extern config_t lldpad_cfg;
+ extern bool read_only_8021qaz;
+
+@@ -84,7 +83,7 @@ static int ieee8021qaz_check_pending(struct port *port,
+ if (!port->portEnabled)
+ return 0;
+
+- iud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_8021QAZ);
++ iud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_8021QAZ);
+ if (iud) {
+ LIST_FOREACH(tlv, &iud->head, entry) {
+ if (!strncmp(port->ifname, tlv->ifname, IFNAMSIZ)) {
+@@ -143,7 +142,7 @@ struct ieee8021qaz_tlvs *ieee8021qaz_data(const char *ifname)
+ struct ieee8021qaz_user_data *iud;
+ struct ieee8021qaz_tlvs *tlv = NULL;
+
+- iud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_8021QAZ);
++ iud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_8021QAZ);
+ if (iud) {
+ LIST_FOREACH(tlv, &iud->head, entry) {
+ if (!strncmp(tlv->ifname, ifname, IFNAMSIZ))
+@@ -629,7 +628,7 @@ void ieee8021qaz_ifup(char *ifname, struct lldp_agent *agent)
+ LIST_INIT(&tlvs->app_head);
+ read_cfg_file(port->ifname, agent, tlvs);
+
+- iud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_8021QAZ);
++ iud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_8021QAZ);
+ LIST_INSERT_HEAD(&iud->head, tlvs, entry);
+
+ initialized:
+@@ -2179,7 +2178,7 @@ int ieee8021qaz_tlvs_rxed(const char *ifname)
+ struct ieee8021qaz_user_data *iud;
+ struct ieee8021qaz_tlvs *tlv = NULL;
+
+- iud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_8021QAZ);
++ iud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_8021QAZ);
+ if (iud) {
+ LIST_FOREACH(tlv, &iud->head, entry) {
+ if (!strncmp(tlv->ifname, ifname, IFNAMSIZ))
+@@ -2198,7 +2197,7 @@ int ieee8021qaz_check_active(const char *ifname)
+ struct ieee8021qaz_user_data *iud;
+ struct ieee8021qaz_tlvs *tlv = NULL;
+
+- iud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_8021QAZ);
++ iud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_8021QAZ);
+ if (iud) {
+ LIST_FOREACH(tlv, &iud->head, entry) {
+ if (!strncmp(tlv->ifname, ifname, IFNAMSIZ))
+diff --git a/lldp_8023.c b/lldp_8023.c
+index 422026e..8a03211 100644
+--- a/lldp_8023.c
++++ b/lldp_8023.c
+@@ -39,8 +39,6 @@
+ #include "lldp_8023_clif.h"
+ #include "lldp_8023_cmds.h"
+
+-extern struct lldp_head lldp_head;
+-
+ struct tlv_info_8023_maccfg {
+ u8 oui[3];
+ u8 sub;
+@@ -84,7 +82,7 @@ static struct ieee8023_data *ieee8023_data(const char *ifname, enum agent_type t
+ struct ieee8023_user_data *ud;
+ struct ieee8023_data *bd = NULL;
+
+- ud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_8023);
++ ud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_8023);
+ if (ud) {
+ LIST_FOREACH(bd, &ud->head, entry) {
+ if (!strncmp(ifname, bd->ifname, IFNAMSIZ) &&
+@@ -456,7 +454,7 @@ void ieee8023_ifup(char *ifname, struct lldp_agent *agent)
+ goto out_err;
+ }
+
+- ud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_8023);
++ ud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_8023);
+ LIST_INSERT_HEAD(&ud->head, bd, entry);
+ LLDPAD_INFO("%s:port %s added\n", __func__, ifname);
+ return;
+diff --git a/lldp_basman.c b/lldp_basman.c
+index a4f69c1..614e2a2 100644
+--- a/lldp_basman.c
++++ b/lldp_basman.c
+@@ -75,8 +75,6 @@ struct tlv_info_manaddr {
+ struct tlv_info_maoid o;
+ } __attribute__ ((__packed__));
+
+-extern struct lldp_head lldp_head;
+-
+ static const struct lldp_mod_ops basman_ops = {
+ .lldp_mod_register = basman_register,
+ .lldp_mod_unregister = basman_unregister,
+@@ -91,7 +89,7 @@ static struct basman_data *basman_data(const char *ifname, enum agent_type type)
+ struct basman_user_data *bud;
+ struct basman_data *bd = NULL;
+
+- bud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_BASIC);
++ bud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_BASIC);
+ if (bud) {
+ LIST_FOREACH(bd, &bud->head, entry) {
+ if (!strncmp(ifname, bd->ifname, IFNAMSIZ) &&
+@@ -688,7 +686,7 @@ void basman_ifup(char *ifname, struct lldp_agent *agent)
+ goto out_err;
+ }
+
+- bud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_BASIC);
++ bud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_BASIC);
+ LIST_INSERT_HEAD(&bud->head, bd, entry);
+ LLDPAD_DBG("%s:port %s added\n", __func__, ifname);
+ return;
+diff --git a/lldp_evb.c b/lldp_evb.c
+index dcdcc7e..a8f3965 100644
+--- a/lldp_evb.c
++++ b/lldp_evb.c
+@@ -36,14 +36,12 @@
+ #include "messages.h"
+ #include "config.h"
+
+-extern struct lldp_head lldp_head;
+-
+ struct evb_data *evb_data(char *ifname, enum agent_type type)
+ {
+ struct evb_user_data *ud;
+ struct evb_data *ed = NULL;
+
+- ud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_EVB);
++ ud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_EVB);
+ if (ud) {
+ LIST_FOREACH(ed, &ud->head, entry) {
+ if (!strncmp(ifname, ed->ifname, IFNAMSIZ) &&
+@@ -347,7 +345,7 @@ static void evb_ifup(char *ifname, struct lldp_agent *agent)
+
+ evb_init_tlv(ed, agent);
+
+- ud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_EVB);
++ ud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_EVB);
+ LIST_INSERT_HEAD(&ud->head, ed, entry);
+ LLDPAD_DBG("%s:%s agent %d added\n", __func__, ifname, agent->type);
+ }
+diff --git a/lldp_evb22.c b/lldp_evb22.c
+index 76ba883..6e92d9d 100644
+--- a/lldp_evb22.c
++++ b/lldp_evb22.c
+@@ -37,14 +37,12 @@
+ #include "messages.h"
+ #include "config.h"
+
+-extern struct lldp_head lldp_head;
+-
+ struct evb22_data *evb22_data(char *ifname, enum agent_type type)
+ {
+ struct evb22_user_data *ud;
+ struct evb22_data *ed = NULL;
+
+- ud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_EVB22);
++ ud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_EVB22);
+ if (ud) {
+ LIST_FOREACH(ed, &ud->head, entry) {
+ if (!strncmp(ifname, ed->ifname, IFNAMSIZ) &&
+@@ -453,7 +451,7 @@ static void evb22_ifup(char *ifname, struct lldp_agent *agent)
+ STRNCPY_TERMINATED(ed->ifname, ifname, IFNAMSIZ);
+ ed->agenttype = agent->type;
+ evb22_init_tlv(ed, agent);
+- ud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_EVB22);
++ ud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_EVB22);
+ LIST_INSERT_HEAD(&ud->head, ed, entry);
+ LLDPAD_DBG("%s:%s agent %d added\n", __func__, ifname, agent->type);
+ }
+diff --git a/lldp_mand.c b/lldp_mand.c
+index 0db63cb..b857a88 100644
+--- a/lldp_mand.c
++++ b/lldp_mand.c
+@@ -42,8 +42,6 @@
+ #include "lldp/l2_packet.h"
+ #include "lldp_tlv.h"
+
+-extern struct lldp_head lldp_head;
+-
+ static const struct lldp_mod_ops mand_ops = {
+ .lldp_mod_register = mand_register,
+ .lldp_mod_unregister = mand_unregister,
+@@ -59,7 +57,7 @@ struct mand_data *mand_data(const char *ifname, enum agent_type type)
+ struct mand_user_data *mud;
+ struct mand_data *md = NULL;
+
+- mud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_MAND);
++ mud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_MAND);
+ if (mud) {
+ LIST_FOREACH(md, &mud->head, entry) {
+ if (!strncmp(ifname, md->ifname, IFNAMSIZ) &&
+@@ -608,7 +606,7 @@ void mand_ifup(char *ifname, struct lldp_agent *agent)
+ STRNCPY_TERMINATED(md->ifname, ifname, IFNAMSIZ);
+ md->agenttype = agent->type;
+
+- mud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_MAND);
++ mud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_MAND);
+ LIST_INSERT_HEAD(&mud->head, md, entry);
+ }
+
+@@ -636,7 +634,7 @@ struct lldp_module *mand_register(void)
+ LLDPAD_ERR("failed to malloc LLDP Mandatory module data\n");
+ goto out_err;
+ }
+- mud = malloc(sizeof(struct mand_user_data));
++ mud = malloc(sizeof(struct mand_user_data));
+ if (!mud) {
+ free(mod);
+ LLDPAD_ERR("failed to malloc LLDP Mandatory module user data\n");
+@@ -644,8 +642,8 @@ struct lldp_module *mand_register(void)
+ }
+ LIST_INIT(&mud->head);
+ mod->id = LLDP_MOD_MAND;
++ mod->data = mud;
+ mod->ops = &mand_ops;
+- mod->data = mud;
+ LLDPAD_INFO("%s:done\n", __func__);
+ return mod;
+ out_err:
+diff --git a/lldp_med.c b/lldp_med.c
+index f6c373e..7b6996e 100644
+--- a/lldp_med.c
++++ b/lldp_med.c
+@@ -40,8 +40,6 @@
+ #include "lldp_mand_clif.h"
+ #include "lldp_med_cmds.h"
+
+-extern struct lldp_head lldp_head;
+-
+ struct tlv_info_medcaps {
+ u8 oui[OUI_SIZE];
+ u8 subtype;
+@@ -95,7 +93,7 @@ static struct med_data *med_data(const char *ifname, enum agent_type type)
+ struct med_user_data *mud;
+ struct med_data *md = NULL;
+
+- mud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_MED);
++ mud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_MED);
+ if (mud) {
+ LIST_FOREACH(md, &mud->head, entry) {
+ if (!strncmp(ifname, md->ifname, IFNAMSIZ) &&
+@@ -914,7 +912,7 @@ void med_ifup(char *ifname, struct lldp_agent *agent)
+ free(md);
+ goto out_err;
+ }
+- mud = find_module_user_data_by_id(&lldp_head, LLDP_MOD_MED);
++ mud = find_module_user_data_by_id(&lldp_mod_head, LLDP_MOD_MED);
+ LIST_INSERT_HEAD(&mud->head, md, entry);
+ LLDPAD_INFO("%s:port %s added\n", __func__, ifname);
+ return;
+diff --git a/qbg_utils.c b/qbg_utils.c
+index 9daeade..0d40c5b 100644
+--- a/qbg_utils.c
++++ b/qbg_utils.c
+@@ -36,7 +36,6 @@
+ #include "qbg_utils.h"
+
+ extern int loglvl; /* Global lldpad log level */
+-extern struct lldp_head lldp_head;
+
+ /*
+ * hexdump_frame - print raw evb/ecp/vdp frame
+@@ -73,7 +72,7 @@ void hexdump_frame(const char *ifname, char *txt, const unsigned char *buf,
+ */
+ int modules_notify(int id, int sender_id, char *ifname, void *data)
+ {
+- struct lldp_module *mp = find_module_by_id(&lldp_head, id);
++ struct lldp_module *mp = find_module_by_id(&lldp_mod_head, id);
+ int rc = 0;
+
+ if (mp && mp->ops->lldp_mod_notify)
+--
+2.18.1
+
diff --git a/meta-networking/recipes-protocols/openlldp/openlldp_1.0.1.bb b/meta-networking/recipes-protocols/openlldp/openlldp_1.0.1.bb
index d8a0d6913a..ec3e557ad9 100644
--- a/meta-networking/recipes-protocols/openlldp/openlldp_1.0.1.bb
+++ b/meta-networking/recipes-protocols/openlldp/openlldp_1.0.1.bb
@@ -27,6 +27,7 @@ SRC_URI = "git://github.com/intel/openlldp.git;protocol=https;branch=master \
file://0007-lldp_8021qaz-extern-config-object.patch \
file://0008-stringops-fix-some-string-copy-errors.patch \
file://0009-8021qaz-mark-prio-map-functions-static.patch \
+ file://lldp_head-remove-all-references.patch \
"
# Makefile.am adds -Werror to AM_CFLAGS. There are warnings so disable it.
--
2.25.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [hardknott 05/18] htop: Add ncurses-terminfo-base to RDEPENDS
2021-08-15 14:06 [hardknott 00/18] Patch review Armin Kuster
` (3 preceding siblings ...)
2021-08-15 14:06 ` [hardknott 04/18] openlldp: fix segfault Armin Kuster
@ 2021-08-15 14:06 ` Armin Kuster
2021-08-15 14:06 ` [hardknott 06/18] php: move to version 7.4.21 Armin Kuster
` (12 subsequent siblings)
17 siblings, 0 replies; 19+ messages in thread
From: Armin Kuster @ 2021-08-15 14:06 UTC (permalink / raw
To: openembedded-devel
From: Paulo Neves <ptsneves@gmail.com>
Without it there are no terminal configurations on the target
and htop refuses to run.
(cherry picked from commit b5d74f8a6bd33e8468dd04d990f08d89d1e6928a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta-oe/recipes-support/htop/htop_3.0.5.bb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta-oe/recipes-support/htop/htop_3.0.5.bb b/meta-oe/recipes-support/htop/htop_3.0.5.bb
index 8e9b95d91d..c757f7fb59 100644
--- a/meta-oe/recipes-support/htop/htop_3.0.5.bb
+++ b/meta-oe/recipes-support/htop/htop_3.0.5.bb
@@ -31,3 +31,5 @@ PACKAGECONFIG[delayacct] = "--enable-delayacct,--disable-delayacct,libnl"
PACKAGECONFIG[sensors] = "--with-sensors,--without-sensors,lmsensors,lmsensors-libsensors"
FILES_${PN} += "${datadir}/icons/hicolor/scalable/apps/htop.svg"
+
+RDEPENDS_${PN} += "ncurses-terminfo-base"
--
2.25.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [hardknott 06/18] php: move to version 7.4.21
2021-08-15 14:06 [hardknott 00/18] Patch review Armin Kuster
` (4 preceding siblings ...)
2021-08-15 14:06 ` [hardknott 05/18] htop: Add ncurses-terminfo-base to RDEPENDS Armin Kuster
@ 2021-08-15 14:06 ` Armin Kuster
2021-08-15 14:06 ` [hardknott 07/18] net-snmp: fix QA Issue after LDFLAGS change Armin Kuster
` (11 subsequent siblings)
17 siblings, 0 replies; 19+ messages in thread
From: Armin Kuster @ 2021-08-15 14:06 UTC (permalink / raw
To: openembedded-devel
From: Joe Slater <joe.slater@windriver.com>
Lots of bug fixes.
CVE: CVE-2021-21704 CVE-2021-21705
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 93045c3db744a9f1cd0a9b0ce992d44d9c44c309)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta-oe/recipes-devtools/php/{php_7.4.16.bb => php_7.4.21.bb} | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
rename meta-oe/recipes-devtools/php/{php_7.4.16.bb => php_7.4.21.bb} (99%)
diff --git a/meta-oe/recipes-devtools/php/php_7.4.16.bb b/meta-oe/recipes-devtools/php/php_7.4.21.bb
similarity index 99%
rename from meta-oe/recipes-devtools/php/php_7.4.16.bb
rename to meta-oe/recipes-devtools/php/php_7.4.21.bb
index 821d9cd046..4d427252f1 100644
--- a/meta-oe/recipes-devtools/php/php_7.4.16.bb
+++ b/meta-oe/recipes-devtools/php/php_7.4.21.bb
@@ -33,7 +33,8 @@ SRC_URI_append_class-target = " \
"
S = "${WORKDIR}/php-${PV}"
-SRC_URI[sha256sum] = "85710f007cfd0fae94e13a02a3a036f4e81ef43693260cae8a2e1ca93659ce3e"
+SRC_URI[sha256sum] = "36ec6102e757e2c2b7742057a700bbff77c76fa0ccbe9c860398c3d24e32822a"
+
inherit autotools pkgconfig python3native gettext
--
2.25.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [hardknott 07/18] net-snmp: fix QA Issue after LDFLAGS change
2021-08-15 14:06 [hardknott 00/18] Patch review Armin Kuster
` (5 preceding siblings ...)
2021-08-15 14:06 ` [hardknott 06/18] php: move to version 7.4.21 Armin Kuster
@ 2021-08-15 14:06 ` Armin Kuster
2021-08-15 14:06 ` [hardknott 08/18] Suppress eol in functionfs setup scripts (#147) Armin Kuster
` (10 subsequent siblings)
17 siblings, 0 replies; 19+ messages in thread
From: Armin Kuster @ 2021-08-15 14:06 UTC (permalink / raw
To: openembedded-devel
From: Tony Battersby <tonyb@cybernetics.com>
Adding -f*-prefix-map to LDFLAGS caused the following issue:
QA Issue: netsnmp-agent.pc failed sanity test (tmpdir)
Fix by filtering out -f*-prefix-map from *.pc files.
[YOCTO #14481]
Signed-off-by: Tony Battersby <tonyb@cybernetics.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 5e042ac2079bffa3ae3d9839a50bf6a3d3f1930a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb b/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb
index 7c3d5babd8..0150d3e38a 100644
--- a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb
+++ b/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb
@@ -131,6 +131,11 @@ do_install_append() {
-e 's@[^ ]*PKG_CONFIG_LIBDIR=[^ "]*@@g' \
-i ${D}${bindir}/net-snmp-config
+ sed -e 's@[^ ]*-ffile-prefix-map=[^ "]*@@g' \
+ -e 's@[^ ]*-fdebug-prefix-map=[^ "]*@@g' \
+ -e 's@[^ ]*-fmacro-prefix-map=[^ "]*@@g' \
+ -i ${D}${libdir}/pkgconfig/netsnmp*.pc
+
# ${STAGING_DIR_HOST} is empty for native builds, and the sed command below
# will result in errors if run for native.
if [ "${STAGING_DIR_HOST}" ]; then
--
2.25.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [hardknott 08/18] Suppress eol in functionfs setup scripts (#147)
2021-08-15 14:06 [hardknott 00/18] Patch review Armin Kuster
` (6 preceding siblings ...)
2021-08-15 14:06 ` [hardknott 07/18] net-snmp: fix QA Issue after LDFLAGS change Armin Kuster
@ 2021-08-15 14:06 ` Armin Kuster
2021-08-15 14:06 ` [hardknott 09/18] pm-qa: fix paths for shell scripts Armin Kuster
` (9 subsequent siblings)
17 siblings, 0 replies; 19+ messages in thread
From: Armin Kuster @ 2021-08-15 14:06 UTC (permalink / raw
To: openembedded-devel
From: Devendra Tewari <devendra.tewari@gmail.com>
Stray newline character causes errors in functionfs setup scripts
used by android-tools-adbd.service, when using musl libc and/or toybox.
Signed-off-by: Devendra Tewari <devendra.tewari@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit db5f48734404a52ee5323659082f1d6baa225ca7)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../android-tools-conf-configfs/android-gadget-cleanup | 2 +-
.../android-tools-conf-configfs/android-gadget-setup | 4 ++--
.../android-tools-conf-configfs/android-gadget-start | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-cleanup b/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-cleanup
index 517227d4a6..f27d77df51 100644
--- a/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-cleanup
+++ b/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-cleanup
@@ -6,7 +6,7 @@ cd /sys/kernel/config/usb_gadget
cd adb
-echo "" > UDC || true
+echo -n "" > UDC || true
killall adbd || true
diff --git a/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-setup b/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-setup
index e44d1bacbe..dbd7115151 100644
--- a/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-setup
+++ b/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-setup
@@ -23,8 +23,8 @@ mkdir configs/c.1
mkdir functions/ffs.usb0
mkdir strings/0x409
mkdir configs/c.1/strings/0x409
-echo 0x18d1 > idVendor
-echo 0xd002 > idProduct
+echo -n 0x18d1 > idVendor
+echo -n 0xd002 > idProduct
echo "$serial" > strings/0x409/serialnumber
echo "$manufacturer" > strings/0x409/manufacturer
echo "$model" > strings/0x409/product
diff --git a/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-start b/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-start
index ca6c3df275..d67878fef9 100644
--- a/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-start
+++ b/meta-oe/recipes-devtools/android-tools/android-tools-conf-configfs/android-gadget-start
@@ -4,4 +4,4 @@ set -e
sleep 3
-ls /sys/class/udc/ > /sys/kernel/config/usb_gadget/adb/UDC
+ls /sys/class/udc/ | xargs echo -n > /sys/kernel/config/usb_gadget/adb/UDC
--
2.25.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [hardknott 09/18] pm-qa: fix paths for shell scripts
2021-08-15 14:06 [hardknott 00/18] Patch review Armin Kuster
` (7 preceding siblings ...)
2021-08-15 14:06 ` [hardknott 08/18] Suppress eol in functionfs setup scripts (#147) Armin Kuster
@ 2021-08-15 14:06 ` Armin Kuster
2021-08-15 14:06 ` [hardknott 10/18] vboxguestdrivers: upgrade 6.1.22 -> 6.1.24 Armin Kuster
` (8 subsequent siblings)
17 siblings, 0 replies; 19+ messages in thread
From: Armin Kuster @ 2021-08-15 14:06 UTC (permalink / raw
To: openembedded-devel
From: Anastasios Kavoukis <anastasios.kavoukis@arm.com>
A commit in the repo of pm-qa:
"adf9df9 Fix path to library files and change shebang line"
Changed the text that sed was using to replace relative to
absolute paths.
As a result sed was not effectively finding the text
"source ../include" to replace it, as the sed should be now
searching for ". ../include".
Similarly for "../Switches"
Signed-off-by: Anastasios Kavoukis <anastasios.kavoukis@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 06a93a04efe2c2cbae6de93d07962be4dfa35019)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta-oe/recipes-test/pm-qa/pm-qa_git.bb | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/meta-oe/recipes-test/pm-qa/pm-qa_git.bb b/meta-oe/recipes-test/pm-qa/pm-qa_git.bb
index 7e9971ea4c..bb641437c9 100644
--- a/meta-oe/recipes-test/pm-qa/pm-qa_git.bb
+++ b/meta-oe/recipes-test/pm-qa/pm-qa_git.bb
@@ -42,6 +42,7 @@ do_install () {
do
# Remove hardcoded relative paths
sed -i -e 's#..\/utils\/##' ${script}
+ sed -i -e 's#. ..\/Switches#${bindir}#g' ${script}
script_basename=`basename ${script}`
install -m 0755 $script ${D}${libdir}/${BPN}/${script_basename}
@@ -54,7 +55,7 @@ do_install () {
# if the script includes any helper scripts from the $libdir
# directory then change the source path to the absolute path
# to reflect the install location of the helper scripts.
- sed -i -e "s#source ../include#source ${libdir}/${BPN}#g" ${script}
+ sed -i -e "s#. ../include#. ${libdir}/${BPN}#g" ${script}
# Remove hardcoded relative paths
sed -i -e 's#..\/utils\/##' ${script}
--
2.25.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [hardknott 10/18] vboxguestdrivers: upgrade 6.1.22 -> 6.1.24
2021-08-15 14:06 [hardknott 00/18] Patch review Armin Kuster
` (8 preceding siblings ...)
2021-08-15 14:06 ` [hardknott 09/18] pm-qa: fix paths for shell scripts Armin Kuster
@ 2021-08-15 14:06 ` Armin Kuster
2021-08-15 14:06 ` [hardknott 11/18] mariadb: redefine log-error item Armin Kuster
` (7 subsequent siblings)
17 siblings, 0 replies; 19+ messages in thread
From: Armin Kuster @ 2021-08-15 14:06 UTC (permalink / raw
To: openembedded-devel
From: Gianfranco <costamagna.gianfranco@gmail.com>
Drop patch to fix build failure with kernel 5.13, now part of upstream codebase
Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Gianfranco Costamagna <locutusofborg@debian.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 66b5131e266a6e4a82b467d58cb657a28a2e4b7e)
[stable branch]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../40-linux-5.13-support.patch | 276 ------------------
...s_6.1.22.bb => vboxguestdrivers_6.1.26.bb} | 6 +-
2 files changed, 3 insertions(+), 279 deletions(-)
delete mode 100644 meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers/40-linux-5.13-support.patch
rename meta-oe/recipes-support/vboxguestdrivers/{vboxguestdrivers_6.1.22.bb => vboxguestdrivers_6.1.26.bb} (94%)
diff --git a/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers/40-linux-5.13-support.patch b/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers/40-linux-5.13-support.patch
deleted file mode 100644
index e95e240492..0000000000
--- a/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers/40-linux-5.13-support.patch
+++ /dev/null
@@ -1,276 +0,0 @@
-Subject: Fix build errors with linux 5.13
-Origin: upstream, https://www.virtualbox.org/browser/vbox/trunk
-Bug: https://bugs.launchpad.net/bugs/1929193
-
-diff -urpN virtualbox-6.1.22-dfsg.orig/src/VBox/Additions/linux/drm/vbox_drv.h virtualbox-6.1.22-dfsg/src/VBox/Additions/linux/drm/vbox_drv.h
---- virtualbox-6.1.22-dfsg.orig/src/VBox/Additions/linux/drm/vbox_drv.h 2021-04-28 16:24:47.000000000 +0000
-+++ virtualbox-6.1.22-dfsg/src/VBox/Additions/linux/drm/vbox_drv.h 2021-06-23 10:08:44.431714404 +0000
-@@ -46,20 +41,20 @@
- * Evaluates to true if the linux kernel version is equal or higher to the
- * one specfied. */
- #define RTLNX_VER_MIN(a_Major, a_Minor, a_Patch) \
-- (LINUX_VERSION_CODE >= KERNEL_VERSION(a_Major, a_Minor, a_Patch))
-+ (LINUX_VERSION_CODE >= KERNEL_VERSION(a_Major, a_Minor, a_Patch))
-
- /** @def RTLNX_VER_MAX
- * Evaluates to true if the linux kernel version is less to the one specfied
- * (exclusive). */
- #define RTLNX_VER_MAX(a_Major, a_Minor, a_Patch) \
-- (LINUX_VERSION_CODE < KERNEL_VERSION(a_Major, a_Minor, a_Patch))
-+ (LINUX_VERSION_CODE < KERNEL_VERSION(a_Major, a_Minor, a_Patch))
-
- /** @def RTLNX_VER_RANGE
- * Evaluates to true if the linux kernel version is equal or higher to the given
- * minimum version and less (but not equal) to the maximum version (exclusive). */
- #define RTLNX_VER_RANGE(a_MajorMin, a_MinorMin, a_PatchMin, a_MajorMax, a_MinorMax, a_PatchMax) \
-- ( LINUX_VERSION_CODE >= KERNEL_VERSION(a_MajorMin, a_MinorMin, a_PatchMin) \
-- && LINUX_VERSION_CODE < KERNEL_VERSION(a_MajorMax, a_MinorMax, a_PatchMax) )
-+ ( LINUX_VERSION_CODE >= KERNEL_VERSION(a_MajorMin, a_MinorMin, a_PatchMin) \
-+ && LINUX_VERSION_CODE < KERNEL_VERSION(a_MajorMax, a_MinorMax, a_PatchMax) )
-
-
- /** @def RTLNX_RHEL_MIN
-@@ -70,7 +65,7 @@
- */
- #if defined(RHEL_MAJOR) && defined(RHEL_MINOR)
- # define RTLNX_RHEL_MIN(a_iMajor, a_iMinor) \
-- ((RHEL_MAJOR) > (a_iMajor) || ((RHEL_MAJOR) == (a_iMajor) && (RHEL_MINOR) >= (a_iMinor)))
-+ ((RHEL_MAJOR) > (a_iMajor) || ((RHEL_MAJOR) == (a_iMajor) && (RHEL_MINOR) >= (a_iMinor)))
- #else
- # define RTLNX_RHEL_MIN(a_iMajor, a_iMinor) (0)
- #endif
-@@ -83,7 +78,7 @@
- */
- #if defined(RHEL_MAJOR) && defined(RHEL_MINOR)
- # define RTLNX_RHEL_MAX(a_iMajor, a_iMinor) \
-- ((RHEL_MAJOR) < (a_iMajor) || ((RHEL_MAJOR) == (a_iMajor) && (RHEL_MINOR) < (a_iMinor)))
-+ ((RHEL_MAJOR) < (a_iMajor) || ((RHEL_MAJOR) == (a_iMajor) && (RHEL_MINOR) < (a_iMinor)))
- #else
- # define RTLNX_RHEL_MAX(a_iMajor, a_iMinor) (0)
- #endif
-@@ -95,7 +90,7 @@
- */
- #if defined(RHEL_MAJOR) && defined(RHEL_MINOR)
- # define RTLNX_RHEL_RANGE(a_iMajorMin, a_iMinorMin, a_iMajorMax, a_iMinorMax) \
-- (RTLNX_RHEL_MIN(a_iMajorMin, a_iMinorMin) && RTLNX_RHEL_MAX(a_iMajorMax, a_iMinorMax))
-+ (RTLNX_RHEL_MIN(a_iMajorMin, a_iMinorMin) && RTLNX_RHEL_MAX(a_iMajorMax, a_iMinorMax))
- #else
- # define RTLNX_RHEL_RANGE(a_iMajorMin, a_iMinorMin, a_iMajorMax, a_iMinorMax) (0)
- #endif
-@@ -173,7 +168,9 @@
- #include <drm/ttm/ttm_bo_api.h>
- #include <drm/ttm/ttm_bo_driver.h>
- #include <drm/ttm/ttm_placement.h>
-+#if RTLNX_VER_MAX(5,13,0)
- #include <drm/ttm/ttm_memory.h>
-+#endif
- #if RTLNX_VER_MAX(5,12,0)
- # include <drm/ttm/ttm_module.h>
- #endif
-@@ -222,7 +219,7 @@ static inline void drm_gem_object_put(st
- VBVA_ADAPTER_INFORMATION_SIZE)
- #define GUEST_HEAP_SIZE VBVA_ADAPTER_INFORMATION_SIZE
- #define GUEST_HEAP_USABLE_SIZE (VBVA_ADAPTER_INFORMATION_SIZE - \
-- sizeof(HGSMIHOSTFLAGS))
-+ sizeof(struct hgsmi_host_flags))
- #define HOST_FLAGS_OFFSET GUEST_HEAP_USABLE_SIZE
-
- /** How frequently we refresh if the guest is not providing dirty rectangles. */
-@@ -232,7 +229,7 @@ static inline void drm_gem_object_put(st
- static inline void *devm_kcalloc(struct device *dev, size_t n, size_t size,
- gfp_t flags)
- {
-- return devm_kzalloc(dev, n * size, flags);
-+ return devm_kzalloc(dev, n * size, flags);
- }
- #endif
-
-@@ -244,7 +241,7 @@ struct vbox_private {
- u8 __iomem *guest_heap;
- u8 __iomem *vbva_buffers;
- struct gen_pool *guest_pool;
-- struct VBVABUFFERCONTEXT *vbva_info;
-+ struct vbva_buf_context *vbva_info;
- bool any_pitch;
- u32 num_crtcs;
- /** Amount of available VRAM, including space used for buffers. */
-@@ -252,7 +249,7 @@ struct vbox_private {
- /** Amount of available VRAM, not including space used for buffers. */
- u32 available_vram_size;
- /** Array of structures for receiving mode hints. */
-- VBVAMODEHINT *last_mode_hints;
-+ struct vbva_modehint *last_mode_hints;
-
- struct vbox_fbdev *fbdev;
-
-@@ -263,7 +260,11 @@ struct vbox_private {
- struct drm_global_reference mem_global_ref;
- struct ttm_bo_global_ref bo_global_ref;
- #endif
-+#if RTLNX_VER_MIN(5,13,0)
-+ struct ttm_device bdev;
-+#else
- struct ttm_bo_device bdev;
-+#endif
- bool mm_initialised;
- } ttm;
-
-diff -urpN virtualbox-6.1.22-dfsg.orig/src/VBox/Additions/linux/drm/vbox_ttm.c virtualbox-6.1.22-dfsg/src/VBox/Additions/linux/drm/vbox_ttm.c
---- virtualbox-6.1.22-dfsg.orig/src/VBox/Additions/linux/drm/vbox_ttm.c 2021-04-28 16:24:47.000000000 +0000
-+++ virtualbox-6.1.22-dfsg/src/VBox/Additions/linux/drm/vbox_ttm.c 2021-06-23 10:08:07.164057918 +0000
-@@ -48,7 +43,11 @@
- #endif
-
-
-+#if RTLNX_VER_MIN(5,13,0)
-+static inline struct vbox_private *vbox_bdev(struct ttm_device *bd)
-+#else
- static inline struct vbox_private *vbox_bdev(struct ttm_bo_device *bd)
-+#endif
- {
- return container_of(bd, struct vbox_private, ttm.bdev);
- }
-@@ -188,7 +187,7 @@ static int vbox_ttm_io_mem_reserve(struc
- mem->bus.size = mem->num_pages << PAGE_SHIFT;
- mem->bus.base = 0;
- mem->bus.is_iomem = false;
-- if (!(man->flags & TTM_MEMTYPE_FLAG_MAPPABLE))
-+ if (!(man->flags & TTM_MEMTYPE_FLAG_MAPPABLE))
- return -EINVAL;
- switch (mem->mem_type) {
- case TTM_PL_SYSTEM:
-@@ -205,8 +204,13 @@ static int vbox_ttm_io_mem_reserve(struc
- return 0;
- }
- #else
-+# if RTLNX_VER_MAX(5,13,0)
- static int vbox_ttm_io_mem_reserve(struct ttm_bo_device *bdev,
- struct ttm_resource *mem)
-+# else /* > 5.13.0 */
-+static int vbox_ttm_io_mem_reserve(struct ttm_device *bdev,
-+ struct ttm_resource *mem)
-+# endif /* > 5.13.0 */
- {
- struct vbox_private *vbox = vbox_bdev(bdev);
- mem->bus.addr = NULL;
-@@ -241,7 +245,12 @@ static int vbox_ttm_io_mem_reserve(struc
-
-
-
--#if RTLNX_VER_MIN(5,10,0)
-+#if RTLNX_VER_MIN(5,13,0)
-+static void vbox_ttm_io_mem_free(struct ttm_device *bdev,
-+ struct ttm_resource *mem)
-+{
-+}
-+#elif RTLNX_VER_MIN(5,10,0)
- static void vbox_ttm_io_mem_free(struct ttm_bo_device *bdev,
- struct ttm_resource *mem)
- {
-@@ -253,7 +262,13 @@ static void vbox_ttm_io_mem_free(struct
- }
- #endif
-
--#if RTLNX_VER_MIN(5,10,0)
-+#if RTLNX_VER_MIN(5,13,0)
-+static void vbox_ttm_tt_destroy(struct ttm_device *bdev, struct ttm_tt *tt)
-+{
-+ ttm_tt_fini(tt);
-+ kfree(tt);
-+}
-+#elif RTLNX_VER_MIN(5,10,0)
- static void vbox_ttm_tt_destroy(struct ttm_bo_device *bdev, struct ttm_tt *tt)
- {
- ttm_tt_fini(tt);
-@@ -333,7 +348,11 @@ static int vbox_bo_move(struct ttm_buffe
- }
- #endif
-
-+#if RTLNX_VER_MIN(5,13,0)
-+static struct ttm_device_funcs vbox_bo_driver = {
-+#else /* < 5.13.0 */
- static struct ttm_bo_driver vbox_bo_driver = {
-+#endif /* < 5.13.0 */
- .ttm_tt_create = vbox_ttm_tt_create,
- #if RTLNX_VER_MIN(5,10,0)
- .ttm_tt_destroy = vbox_ttm_tt_destroy,
-@@ -370,14 +389,22 @@ int vbox_mm_init(struct vbox_private *vb
- {
- int ret;
- struct drm_device *dev = vbox->dev;
-+#if RTLNX_VER_MIN(5,13,0)
-+ struct ttm_device *bdev = &vbox->ttm.bdev;
-+#else
- struct ttm_bo_device *bdev = &vbox->ttm.bdev;
-+#endif
-
- #if RTLNX_VER_MAX(5,0,0) && !RTLNX_RHEL_MAJ_PREREQ(7,7) && !RTLNX_RHEL_MAJ_PREREQ(8,1)
- ret = vbox_ttm_global_init(vbox);
- if (ret)
- return ret;
- #endif
-+#if RTLNX_VER_MIN(5,13,0)
-+ ret = ttm_device_init(&vbox->ttm.bdev,
-+#else
- ret = ttm_bo_device_init(&vbox->ttm.bdev,
-+#endif
- #if RTLNX_VER_MAX(5,0,0) && !RTLNX_RHEL_MAJ_PREREQ(7,7) && !RTLNX_RHEL_MAJ_PREREQ(8,1)
- vbox->ttm.bo_global_ref.ref.object,
- #endif
-@@ -429,7 +456,11 @@ int vbox_mm_init(struct vbox_private *vb
- return 0;
-
- err_device_release:
-+#if RTLNX_VER_MIN(5,13,0)
-+ ttm_device_fini(&vbox->ttm.bdev);
-+#else
- ttm_bo_device_release(&vbox->ttm.bdev);
-+#endif
- #if RTLNX_VER_MAX(5,0,0) && !RTLNX_RHEL_MAJ_PREREQ(7,7) && !RTLNX_RHEL_MAJ_PREREQ(8,1)
- err_ttm_global_release:
- vbox_ttm_global_release(vbox);
-@@ -446,7 +477,11 @@ void vbox_mm_fini(struct vbox_private *v
- #else
- arch_phys_wc_del(vbox->fb_mtrr);
- #endif
-+#if RTLNX_VER_MIN(5,13,0)
-+ ttm_device_fini(&vbox->ttm.bdev);
-+#else
- ttm_bo_device_release(&vbox->ttm.bdev);
-+#endif
- #if RTLNX_VER_MAX(5,0,0) && !RTLNX_RHEL_MAJ_PREREQ(7,7) && !RTLNX_RHEL_MAJ_PREREQ(8,1)
- vbox_ttm_global_release(vbox);
- #endif
-@@ -528,7 +563,9 @@ int vbox_bo_create(struct drm_device *de
- {
- struct vbox_private *vbox = dev->dev_private;
- struct vbox_bo *vboxbo;
-+#if RTLNX_VER_MAX(5,13,0)
- size_t acc_size;
-+#endif
- int ret;
-
- vboxbo = kzalloc(sizeof(*vboxbo), GFP_KERNEL);
-@@ -551,16 +588,20 @@ int vbox_bo_create(struct drm_device *de
-
- vbox_ttm_placement(vboxbo, VBOX_MEM_TYPE_VRAM | VBOX_MEM_TYPE_SYSTEM);
-
-+#if RTLNX_VER_MAX(5,13,0)
- acc_size = ttm_bo_dma_acc_size(&vbox->ttm.bdev, size,
- sizeof(struct vbox_bo));
-+#endif
-
- ret = ttm_bo_init(&vbox->ttm.bdev, &vboxbo->bo, size,
- ttm_bo_type_device, &vboxbo->placement,
- #if RTLNX_VER_MAX(4,17,0) && !RTLNX_RHEL_MAJ_PREREQ(7,6) && !RTLNX_SUSE_MAJ_PREREQ(15,1) && !RTLNX_SUSE_MAJ_PREREQ(12,5)
- align >> PAGE_SHIFT, false, NULL, acc_size,
--#else
-+#elif RTLNX_VER_MAX(5,13,0) /* < 5.13.0 */
- align >> PAGE_SHIFT, false, acc_size,
--#endif
-+#else /* > 5.13.0 */
-+ align >> PAGE_SHIFT, false,
-+#endif /* > 5.13.0 */
- #if RTLNX_VER_MIN(3,18,0) || RTLNX_RHEL_MAJ_PREREQ(7,2)
- NULL, NULL, vbox_bo_ttm_destroy);
- #else
diff --git a/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.22.bb b/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.26.bb
similarity index 94%
rename from meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.22.bb
rename to meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.26.bb
index 19b8f8f46e..1b2fb44036 100644
--- a/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.22.bb
+++ b/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.26.bb
@@ -13,11 +13,11 @@ VBOX_NAME = "VirtualBox-${PV}"
SRC_URI = "http://download.virtualbox.org/virtualbox/${PV}/${VBOX_NAME}.tar.bz2 \
file://Makefile.utils \
- file://40-linux-5.13-support.patch \
file://add__divmoddi4.patch \
"
-SRC_URI[md5sum] = "abb1a20021e5915fe38c666e8c11cf80"
-SRC_URI[sha256sum] = "99816d2a15205d49362a31e8ffeb8262d2fa0678c751dfd0a7c43b2faca8be49"
+
+SRC_URI[md5sum] = "fce04bbef244b4df1a50e53d132d3e6f"
+SRC_URI[sha256sum] = "0212602eea878d6c9fd7f4a3e0182da3e4505f31d25f5539fb8f7b1fbe366195"
S ?= "${WORKDIR}/vbox_module"
S_task-patch = "${WORKDIR}/${VBOX_NAME}"
--
2.25.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [hardknott 11/18] mariadb: redefine log-error item
2021-08-15 14:06 [hardknott 00/18] Patch review Armin Kuster
` (9 preceding siblings ...)
2021-08-15 14:06 ` [hardknott 10/18] vboxguestdrivers: upgrade 6.1.22 -> 6.1.24 Armin Kuster
@ 2021-08-15 14:06 ` Armin Kuster
2021-08-15 14:06 ` [hardknott 12/18] mariadb: Update SRC_URI Armin Kuster
` (6 subsequent siblings)
17 siblings, 0 replies; 19+ messages in thread
From: Armin Kuster @ 2021-08-15 14:06 UTC (permalink / raw
To: openembedded-devel
From: Mingli Yu <mingli.yu@windriver.com>
The log-error item which defined in my.cnf is "/var/log/mysqld.err"
previouly and it's not consistent with which created in install_db
service file which will call mysql-systemd-start to create the file
"/var/log/mysqld.log".
And it fails when boot with sysvinit as below:
$ service mysqld start
Starting MariaDB.210727 04:05:03 mysqld_safe Logging to '/var/log/mysqld.err'.
210727 04:05:03 mysqld_safe Starting mariadbd daemon with databases from /var/lib/mysql
/usr/bin/mysqld_safe_helper: Can't create/write to file '/var/log/mysqld.err' (Errcode: 13 "Permission denied")
So make the log-error item consistent to fix the above failure
and also remove the related workaround when boot with systemd.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 1a4144d954692ad68121d16adae09dc990e8ab1f)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta-oe/recipes-dbs/mysql/mariadb.inc | 5 -----
meta-oe/recipes-dbs/mysql/mariadb/my.cnf | 2 +-
2 files changed, 1 insertion(+), 6 deletions(-)
diff --git a/meta-oe/recipes-dbs/mysql/mariadb.inc b/meta-oe/recipes-dbs/mysql/mariadb.inc
index 5787ae4bd7..7cf08f4719 100644
--- a/meta-oe/recipes-dbs/mysql/mariadb.inc
+++ b/meta-oe/recipes-dbs/mysql/mariadb.inc
@@ -168,11 +168,6 @@ do_install() {
sed -i -e 's,@BINDIR@,${bindir},g' -e 's,@PREFIX@,${prefix},g' ${D}${systemd_unitdir}/system/mysqld.service \
${D}${systemd_unitdir}/system/install_db.service
- if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
- install -d ${D}${sysconfdir}/tmpfiles.d
- echo "f /var/log/mysqld.err 0640 mysql mysql -" \
- > ${D}${sysconfdir}/tmpfiles.d/99-mysqld.conf
- fi
install -d ${D}${bindir}
install -m 755 ${WORKDIR}/mysql-systemd-start ${D}${bindir}
install -d ${D}${datadir}/doc/${PN}
diff --git a/meta-oe/recipes-dbs/mysql/mariadb/my.cnf b/meta-oe/recipes-dbs/mysql/mariadb/my.cnf
index dc4c172e54..75db46a559 100644
--- a/meta-oe/recipes-dbs/mysql/mariadb/my.cnf
+++ b/meta-oe/recipes-dbs/mysql/mariadb/my.cnf
@@ -10,7 +10,7 @@ user = mysql
port = 3306
socket = /var/lib/mysql/mysql.sock
pid-file = /var/lib/mysql/mysqld.pid
-log-error = /var/log/mysqld.err
+log-error = /var/log/mysqld.log
basedir = /usr
datadir = /var/lib/mysql
skip-external-locking
--
2.25.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [hardknott 12/18] mariadb: Update SRC_URI
2021-08-15 14:06 [hardknott 00/18] Patch review Armin Kuster
` (10 preceding siblings ...)
2021-08-15 14:06 ` [hardknott 11/18] mariadb: redefine log-error item Armin Kuster
@ 2021-08-15 14:06 ` Armin Kuster
2021-08-15 14:06 ` [hardknott 13/18] ndpi: fix CVE-2021-36082 Armin Kuster
` (5 subsequent siblings)
17 siblings, 0 replies; 19+ messages in thread
From: Armin Kuster @ 2021-08-15 14:06 UTC (permalink / raw
To: openembedded-devel
From: Mingli Yu <mingli.yu@windriver.com>
The previous SRC_URI only stores the latest source tarball and we
will meet do_fetch issue if not upgrade timely.
Update the SRC_URI which stores all versions to fix some warning
like below:
WARNING: mariadb-10.5.9-r0 do_fetch: Failed to fetch URL https://downloads.mariadb.org/interstitial/mariadb-10.5.9/source/mariadb-10.5.9.tar.gz, attempting MIRRORS if available
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit da798f15ffd93759e1ba3f21bd1ba80c73e962af)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta-oe/recipes-dbs/mysql/mariadb.inc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta-oe/recipes-dbs/mysql/mariadb.inc b/meta-oe/recipes-dbs/mysql/mariadb.inc
index 7cf08f4719..63ab940928 100644
--- a/meta-oe/recipes-dbs/mysql/mariadb.inc
+++ b/meta-oe/recipes-dbs/mysql/mariadb.inc
@@ -4,7 +4,7 @@ SECTION = "libs"
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=b1becf0cfa3366e0f4d854d1d264f311"
-SRC_URI = "https://downloads.mariadb.org/interstitial/${BP}/source/${BP}.tar.gz \
+SRC_URI = "https://archive.mariadb.org/${BP}/source/${BP}.tar.gz \
file://my.cnf \
file://mysqld.service \
file://install_db.service \
--
2.25.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [hardknott 13/18] ndpi: fix CVE-2021-36082
2021-08-15 14:06 [hardknott 00/18] Patch review Armin Kuster
` (11 preceding siblings ...)
2021-08-15 14:06 ` [hardknott 12/18] mariadb: Update SRC_URI Armin Kuster
@ 2021-08-15 14:06 ` Armin Kuster
2021-08-15 14:06 ` [hardknott 14/18] libdbi-perl: fix CVE-2014-10402 Armin Kuster
` (4 subsequent siblings)
17 siblings, 0 replies; 19+ messages in thread
From: Armin Kuster @ 2021-08-15 14:06 UTC (permalink / raw
To: openembedded-devel
From: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../ntopng/files/CVE-2021-36082.patch | 116 ++++++++++++++++++
.../recipes-support/ntopng/ndpi_3.4.bb | 1 +
2 files changed, 117 insertions(+)
create mode 100644 meta-networking/recipes-support/ntopng/files/CVE-2021-36082.patch
diff --git a/meta-networking/recipes-support/ntopng/files/CVE-2021-36082.patch b/meta-networking/recipes-support/ntopng/files/CVE-2021-36082.patch
new file mode 100644
index 0000000000..8fdd62d186
--- /dev/null
+++ b/meta-networking/recipes-support/ntopng/files/CVE-2021-36082.patch
@@ -0,0 +1,116 @@
+From 1ec621c85b9411cc611652fd57a892cfef478af3 Mon Sep 17 00:00:00 2001
+From: Luca Deri <deri@ntop.org>
+Date: Sat, 15 May 2021 19:53:46 +0200
+Subject: [PATCH] Added further checks
+
+Upstream-Status: Backport [https://github.com/ntop/nDPI/commit/1ec621c85b9411cc611652fd57a892cfef478af3]
+CVE: CVE-2021-36082
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+
+---
+ src/lib/protocols/netbios.c | 2 +-
+ src/lib/protocols/tls.c | 32 +++++++++++++++++---------------
+ 2 files changed, 18 insertions(+), 16 deletions(-)
+
+diff --git a/src/lib/protocols/netbios.c b/src/lib/protocols/netbios.c
+index 1f3850cb..0d3b705f 100644
+--- a/src/lib/protocols/netbios.c
++++ b/src/lib/protocols/netbios.c
+@@ -42,7 +42,7 @@ int ndpi_netbios_name_interpret(char *in, size_t inlen, char *out, u_int out_len
+ int ret = 0, len, idx = inlen;
+ char *b;
+
+- len = (*in++)/2;
++ len = (*in++)/2, inlen--;
+ b = out;
+ *out = 0;
+
+diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c
+index 5b572cae..c115ac08 100644
+--- a/src/lib/protocols/tls.c
++++ b/src/lib/protocols/tls.c
+@@ -994,21 +994,23 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct,
+ i += 4 + extension_len, offset += 4 + extension_len;
+ }
+
+- ja3_str_len = snprintf(ja3_str, sizeof(ja3_str), "%u,", ja3.tls_handshake_version);
++ ja3_str_len = snprintf(ja3_str, JA3_STR_LEN, "%u,", ja3.tls_handshake_version);
+
+- for(i=0; i<ja3.num_cipher; i++) {
+- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.cipher[i]);
++ for(i=0; (i<ja3.num_cipher) && (JA3_STR_LEN > ja3_str_len); i++) {
++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.cipher[i]);
+
+ if(rc <= 0) break; else ja3_str_len += rc;
+ }
+
+- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, ",");
+- if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc;
++ if(JA3_STR_LEN > ja3_str_len) {
++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ",");
++ if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc;
++ }
+
+ /* ********** */
+
+- for(i=0; i<ja3.num_tls_extension; i++) {
+- int rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.tls_extension[i]);
++ for(i=0; (i<ja3.num_tls_extension) && (JA3_STR_LEN-ja3_str_len); i++) {
++ int rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.tls_extension[i]);
+
+ if(rc <= 0) break; else ja3_str_len += rc;
+ }
+@@ -1443,41 +1445,41 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct,
+ int rc;
+
+ compute_ja3c:
+- ja3_str_len = snprintf(ja3_str, sizeof(ja3_str), "%u,", ja3.tls_handshake_version);
++ ja3_str_len = snprintf(ja3_str, JA3_STR_LEN, "%u,", ja3.tls_handshake_version);
+
+ for(i=0; i<ja3.num_cipher; i++) {
+- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u",
++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u",
+ (i > 0) ? "-" : "", ja3.cipher[i]);
+ if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; else break;
+ }
+
+- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, ",");
++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ",");
+ if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc;
+
+ /* ********** */
+
+ for(i=0; i<ja3.num_tls_extension; i++) {
+- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u",
++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u",
+ (i > 0) ? "-" : "", ja3.tls_extension[i]);
+ if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; else break;
+ }
+
+- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, ",");
++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ",");
+ if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc;
+
+ /* ********** */
+
+ for(i=0; i<ja3.num_elliptic_curve; i++) {
+- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u",
++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u",
+ (i > 0) ? "-" : "", ja3.elliptic_curve[i]);
+ if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; else break;
+ }
+
+- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, ",");
++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ",");
+ if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc;
+
+ for(i=0; i<ja3.num_elliptic_curve_point_format; i++) {
+- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u",
++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u",
+ (i > 0) ? "-" : "", ja3.elliptic_curve_point_format[i]);
+ if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; else break;
+ }
+--
+2.17.1
+
diff --git a/meta-networking/recipes-support/ntopng/ndpi_3.4.bb b/meta-networking/recipes-support/ntopng/ndpi_3.4.bb
index 22e4d8e9ae..b90f575b93 100644
--- a/meta-networking/recipes-support/ntopng/ndpi_3.4.bb
+++ b/meta-networking/recipes-support/ntopng/ndpi_3.4.bb
@@ -11,6 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b52f2d57d10c4f7ee67a7eb9615d5d24"
SRCREV = "64929a75e0a7a60d864bd25a9fd97fdf9ac892a2"
SRC_URI = "git://github.com/ntop/nDPI.git;branch=3.4-stable \
file://0001-autogen.sh-not-generate-configure.patch \
+ file://CVE-2021-36082.patch \
"
S = "${WORKDIR}/git"
--
2.25.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [hardknott 14/18] libdbi-perl: fix CVE-2014-10402
2021-08-15 14:06 [hardknott 00/18] Patch review Armin Kuster
` (12 preceding siblings ...)
2021-08-15 14:06 ` [hardknott 13/18] ndpi: fix CVE-2021-36082 Armin Kuster
@ 2021-08-15 14:06 ` Armin Kuster
2021-08-15 14:06 ` [hardknott 15/18] curlpp: fix QA Issue after LDFLAGS change Armin Kuster
` (3 subsequent siblings)
17 siblings, 0 replies; 19+ messages in thread
From: Armin Kuster @ 2021-08-15 14:06 UTC (permalink / raw
To: openembedded-devel
From: Kai Kang <kai.kang@windriver.com>
Backport patch to fix CVE-2014-10402.
CVE: CVE-2014-10402
Ref:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972180#12
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c80b3757ffc762a1577bcf7d0da41ebf1954b3f1)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../perl/libdbi-perl/CVE-2014-10402.patch | 56 +++++++++++++++++++
.../perl/libdbi-perl_1.643.bb | 4 +-
2 files changed, 59 insertions(+), 1 deletion(-)
create mode 100644 meta-oe/recipes-devtools/perl/libdbi-perl/CVE-2014-10402.patch
diff --git a/meta-oe/recipes-devtools/perl/libdbi-perl/CVE-2014-10402.patch b/meta-oe/recipes-devtools/perl/libdbi-perl/CVE-2014-10402.patch
new file mode 100644
index 0000000000..b41bbe0a50
--- /dev/null
+++ b/meta-oe/recipes-devtools/perl/libdbi-perl/CVE-2014-10402.patch
@@ -0,0 +1,56 @@
+Backport patch to fix CVE-2014-10402.
+
+CVE: CVE-2014-10402
+Upstream-Status: Backport [https://github.com/rehsack/dbi/commit/19d0fb1]
+
+Ref:
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972180#12
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+
+From 19d0fb169eed475e1c053e99036b8668625cfa94 Mon Sep 17 00:00:00 2001
+From: Jens Rehsack <sno@netbsd.org>
+Date: Tue, 6 Oct 2020 10:22:17 +0200
+Subject: [PATCH] lib/DBD/File.pm: fix CVE-2014-10401
+
+Dig into the root cause of RT#99508 - which resulted in CVE-2014-10401 - and
+figure out that DBI->parse_dsn is the wrong helper to parse our attributes in
+DSN, since in DBD::dr::connect only the "dbname" remains from DSN which causes
+parse_dsn to bailout.
+
+Parsing on our own similar to parse_dsn shows the way out.
+
+Signed-off-by: Jens Rehsack <sno@netbsd.org>
+---
+ lib/DBD/File.pm | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/lib/DBD/File.pm b/lib/DBD/File.pm
+index fb14e9a..f55076f 100644
+--- a/lib/DBD/File.pm
++++ b/lib/DBD/File.pm
+@@ -109,7 +109,11 @@ sub connect
+ # We do not (yet) care about conflicting attributes here
+ # my $dbh = DBI->connect ("dbi:CSV:f_dir=test", undef, undef, { f_dir => "text" });
+ # will test here that both test and text should exist
+- if (my $attr_hash = (DBI->parse_dsn ($dbname))[3]) {
++ #
++ # Parsing on our own similar to parse_dsn to find attributes in 'dbname' parameter.
++ if ($dbname) {
++ my @attrs = split /;/ => $dbname;
++ my $attr_hash = { map { split /\s*=>?\s*|\s*,\s*/, $_} @attrs };
+ if (defined $attr_hash->{f_dir} && ! -d $attr_hash->{f_dir}) {
+ my $msg = "No such directory '$attr_hash->{f_dir}";
+ $drh->set_err (2, $msg);
+@@ -120,7 +124,6 @@ sub connect
+ if ($attr and defined $attr->{f_dir} && ! -d $attr->{f_dir}) {
+ my $msg = "No such directory '$attr->{f_dir}";
+ $drh->set_err (2, $msg);
+- $attr->{RaiseError} and croak $msg;
+ return;
+ }
+
+--
+2.17.1
+
diff --git a/meta-oe/recipes-devtools/perl/libdbi-perl_1.643.bb b/meta-oe/recipes-devtools/perl/libdbi-perl_1.643.bb
index 75fad46bfd..c8abae628f 100644
--- a/meta-oe/recipes-devtools/perl/libdbi-perl_1.643.bb
+++ b/meta-oe/recipes-devtools/perl/libdbi-perl_1.643.bb
@@ -9,7 +9,9 @@ SECTION = "libs"
LICENSE = "Artistic-1.0 | GPL-1.0+"
LIC_FILES_CHKSUM = "file://LICENSE;md5=10982c7148e0a012c0fd80534522f5c5"
-SRC_URI = "http://search.cpan.org/CPAN/authors/id/T/TI/TIMB/DBI-${PV}.tar.gz"
+SRC_URI = "http://search.cpan.org/CPAN/authors/id/T/TI/TIMB/DBI-${PV}.tar.gz \
+ file://CVE-2014-10402.patch \
+ "
SRC_URI[md5sum] = "352f80b1e23769c116082a90905d7398"
SRC_URI[sha256sum] = "8a2b993db560a2c373c174ee976a51027dd780ec766ae17620c20393d2e836fa"
--
2.25.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [hardknott 15/18] curlpp: fix QA Issue after LDFLAGS change
2021-08-15 14:06 [hardknott 00/18] Patch review Armin Kuster
` (13 preceding siblings ...)
2021-08-15 14:06 ` [hardknott 14/18] libdbi-perl: fix CVE-2014-10402 Armin Kuster
@ 2021-08-15 14:06 ` Armin Kuster
2021-08-15 14:06 ` [hardknott 16/18] ldns: " Armin Kuster
` (2 subsequent siblings)
17 siblings, 0 replies; 19+ messages in thread
From: Armin Kuster @ 2021-08-15 14:06 UTC (permalink / raw
To: openembedded-devel
From: Tony Battersby <tonyb@cybernetics.com>
Adding -f*-prefix-map to LDFLAGS caused the following issue:
QA Issue: curlpp.pc failed sanity test (tmpdir)
Fix by filtering out -f*-prefix-map from *.pc files.
[YOCTO #14481]
Signed-off-by: Tony Battersby <tonyb@cybernetics.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c40e01b0fce73bc289d9499b204350359afc7884)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb b/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb
index 799cf8611c..5df9238a67 100644
--- a/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb
+++ b/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb
@@ -16,3 +16,10 @@ S = "${WORKDIR}/git"
inherit cmake pkgconfig binconfig
BBCLASSEXTEND = "native nativesdk"
+
+do_install:append() {
+ sed -e 's@[^ ]*-ffile-prefix-map=[^ "]*@@g' \
+ -e 's@[^ ]*-fdebug-prefix-map=[^ "]*@@g' \
+ -e 's@[^ ]*-fmacro-prefix-map=[^ "]*@@g' \
+ -i ${D}${libdir}/pkgconfig/*.pc
+}
--
2.25.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [hardknott 16/18] ldns: fix QA Issue after LDFLAGS change
2021-08-15 14:06 [hardknott 00/18] Patch review Armin Kuster
` (14 preceding siblings ...)
2021-08-15 14:06 ` [hardknott 15/18] curlpp: fix QA Issue after LDFLAGS change Armin Kuster
@ 2021-08-15 14:06 ` Armin Kuster
2021-08-15 14:06 ` [hardknott 17/18] bigbuckbunny-1080p: fix sample video URL Armin Kuster
2021-08-15 14:06 ` [hardknott 18/18] redis: fix CVE-2021-32625 Armin Kuster
17 siblings, 0 replies; 19+ messages in thread
From: Armin Kuster @ 2021-08-15 14:06 UTC (permalink / raw
To: openembedded-devel
From: Tony Battersby <tonyb@cybernetics.com>
Adding -f*-prefix-map to LDFLAGS caused the following issue:
QA Issue: ldns.pc failed sanity test (tmpdir)
Fix by filtering out -f*-prefix-map from *.pc files.
[YOCTO #14481]
Signed-off-by: Tony Battersby <tonyb@cybernetics.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a4791bf2f37de55dd51971d34ac2252d3cf68f30)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta-oe/recipes-devtools/ldns/ldns_1.7.1.bb | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/meta-oe/recipes-devtools/ldns/ldns_1.7.1.bb b/meta-oe/recipes-devtools/ldns/ldns_1.7.1.bb
index 2a52dd688a..2ce669154a 100644
--- a/meta-oe/recipes-devtools/ldns/ldns_1.7.1.bb
+++ b/meta-oe/recipes-devtools/ldns/ldns_1.7.1.bb
@@ -16,3 +16,10 @@ PACKAGECONFIG[drill] = "--with-drill,--without-drill"
EXTRA_OECONF = "--with-ssl=${STAGING_EXECPREFIXDIR} \
libtool=${TARGET_PREFIX}libtool"
+
+do_install:append() {
+ sed -e 's@[^ ]*-ffile-prefix-map=[^ "]*@@g' \
+ -e 's@[^ ]*-fdebug-prefix-map=[^ "]*@@g' \
+ -e 's@[^ ]*-fmacro-prefix-map=[^ "]*@@g' \
+ -i ${D}${libdir}/pkgconfig/*.pc
+}
--
2.25.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [hardknott 17/18] bigbuckbunny-1080p: fix sample video URL
2021-08-15 14:06 [hardknott 00/18] Patch review Armin Kuster
` (15 preceding siblings ...)
2021-08-15 14:06 ` [hardknott 16/18] ldns: " Armin Kuster
@ 2021-08-15 14:06 ` Armin Kuster
2021-08-15 14:06 ` [hardknott 18/18] redis: fix CVE-2021-32625 Armin Kuster
17 siblings, 0 replies; 19+ messages in thread
From: Armin Kuster @ 2021-08-15 14:06 UTC (permalink / raw
To: openembedded-devel
From: Michael Opdenacker <michael.opdenacker@bootlin.com>
Replace a link that's now broken.
The original download link on blender.org still works
(https://download.blender.org/peach/bigbuckbunny_movies/big_buck_bunny_1080p_surround.avi)
but is still extremely slow.
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 223243d649b623db398d2f39f067b4c72b54e710)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../recipes-multimedia/sample-content/bigbuckbunny-1080p.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta-multimedia/recipes-multimedia/sample-content/bigbuckbunny-1080p.bb b/meta-multimedia/recipes-multimedia/sample-content/bigbuckbunny-1080p.bb
index 70eb6e4be7..c651d8113d 100644
--- a/meta-multimedia/recipes-multimedia/sample-content/bigbuckbunny-1080p.bb
+++ b/meta-multimedia/recipes-multimedia/sample-content/bigbuckbunny-1080p.bb
@@ -3,7 +3,7 @@ LICENSE = "CC-BY-3.0"
# http://www.bigbuckbunny.org/index.php/about/
LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/CC-BY-3.0;md5=dfa02b5755629022e267f10b9c0a2ab7"
-SRC_URI = "http://themazzone.com/big_buck_bunny_1080p_surround.avi"
+SRC_URI = "https://www.mediaspip.net/IMG/avi/big_buck_bunny_1080p_surround.avi"
SRC_URI[md5sum] = "223991c8b33564eb77988a4c13c1c76a"
SRC_URI[sha256sum] = "69fe2cfe7154a6e752688e3a0d7d6b07b1605bbaf75b56f6470dc7b4c20c06ea"
--
2.25.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
* [hardknott 18/18] redis: fix CVE-2021-32625
2021-08-15 14:06 [hardknott 00/18] Patch review Armin Kuster
` (16 preceding siblings ...)
2021-08-15 14:06 ` [hardknott 17/18] bigbuckbunny-1080p: fix sample video URL Armin Kuster
@ 2021-08-15 14:06 ` Armin Kuster
17 siblings, 0 replies; 19+ messages in thread
From: Armin Kuster @ 2021-08-15 14:06 UTC (permalink / raw
To: openembedded-devel
From: Tony Tascioglu <tony.tascioglu@windriver.com>
CVE: CVE-2021-32625
Upstream-Status: Backport [e9a1438ac4c52aa68dfa2a8324b6419356842116]
Fix integer overflow in STRALGO LCS (CVE-2021-32625) (#9011)
An integer overflow bug in Redis version 6.0 or newer can be exploited using the
STRALGO LCS command to corrupt the heap and potentially result with remote code
execution. This is a result of an incomplete fix by CVE-2021-29477.
Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../redis/redis/fix-CVE-2021-32625.patch | 61 +++++++++++++++++++
meta-oe/recipes-extended/redis/redis_6.2.2.bb | 1 +
2 files changed, 62 insertions(+)
create mode 100644 meta-oe/recipes-extended/redis/redis/fix-CVE-2021-32625.patch
diff --git a/meta-oe/recipes-extended/redis/redis/fix-CVE-2021-32625.patch b/meta-oe/recipes-extended/redis/redis/fix-CVE-2021-32625.patch
new file mode 100644
index 0000000000..6311a5db10
--- /dev/null
+++ b/meta-oe/recipes-extended/redis/redis/fix-CVE-2021-32625.patch
@@ -0,0 +1,61 @@
+From e9a1438ac4c52aa68dfa2a8324b6419356842116 Mon Sep 17 00:00:00 2001
+From: Oran Agra <oran@redislabs.com>
+Date: Tue, 1 Jun 2021 09:12:45 +0300
+Subject: [PATCH] Fix integer overflow in STRALGO LCS (CVE-2021-32625) (#9011)
+
+An integer overflow bug in Redis version 6.0 or newer can be exploited using the
+STRALGO LCS command to corrupt the heap and potentially result with remote code
+execution. This is a result of an incomplete fix by CVE-2021-29477.
+
+(cherry picked from commit 1ddecf1958924b178b76a31d989ef1e05af81964)
+
+
+CVE: CVE-2021-32625
+Upstream-Status: Backport [e9a1438ac4c52aa68dfa2a8324b6419356842116]
+
+Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
+---
+ src/t_string.c | 18 +++++++++++++++++-
+ 1 file changed, 17 insertions(+), 1 deletion(-)
+
+diff --git a/src/t_string.c b/src/t_string.c
+index 490d5983a..587d3aeb8 100644
+--- a/src/t_string.c
++++ b/src/t_string.c
+@@ -797,6 +797,12 @@ void stralgoLCS(client *c) {
+ goto cleanup;
+ }
+
++ /* Detect string truncation or later overflows. */
++ if (sdslen(a) >= UINT32_MAX-1 || sdslen(b) >= UINT32_MAX-1) {
++ addReplyError(c, "String too long for LCS");
++ goto cleanup;
++ }
++
+ /* Compute the LCS using the vanilla dynamic programming technique of
+ * building a table of LCS(x,y) substrings. */
+ uint32_t alen = sdslen(a);
+@@ -805,9 +811,19 @@ void stralgoLCS(client *c) {
+ /* Setup an uint32_t array to store at LCS[i,j] the length of the
+ * LCS A0..i-1, B0..j-1. Note that we have a linear array here, so
+ * we index it as LCS[j+(blen+1)*j] */
+- uint32_t *lcs = zmalloc((size_t)(alen+1)*(blen+1)*sizeof(uint32_t));
+ #define LCS(A,B) lcs[(B)+((A)*(blen+1))]
+
++ /* Try to allocate the LCS table, and abort on overflow or insufficient memory. */
++ unsigned long long lcssize = (unsigned long long)(alen+1)*(blen+1); /* Can't overflow due to the size limits above. */
++ unsigned long long lcsalloc = lcssize * sizeof(uint32_t);
++ uint32_t *lcs = NULL;
++ if (lcsalloc < SIZE_MAX && lcsalloc / lcssize == sizeof(uint32_t))
++ lcs = ztrymalloc(lcsalloc);
++ if (!lcs) {
++ addReplyError(c, "Insufficient memory");
++ goto cleanup;
++ }
++
+ /* Start building the LCS table. */
+ for (uint32_t i = 0; i <= alen; i++) {
+ for (uint32_t j = 0; j <= blen; j++) {
+--
+2.32.0
+
diff --git a/meta-oe/recipes-extended/redis/redis_6.2.2.bb b/meta-oe/recipes-extended/redis/redis_6.2.2.bb
index a36c190af3..a9e6eaffaa 100644
--- a/meta-oe/recipes-extended/redis/redis_6.2.2.bb
+++ b/meta-oe/recipes-extended/redis/redis_6.2.2.bb
@@ -18,6 +18,7 @@ SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \
file://0006-Define-correct-gregs-for-RISCV32.patch \
file://fix-CVE-2021-29477.patch \
file://fix-CVE-2021-29478.patch \
+ file://fix-CVE-2021-32625.patch \
"
SRC_URI[sha256sum] = "7a260bb74860f1b88c3d5942bf8ba60ca59f121c6dce42d3017bed6add0b9535"
--
2.25.1
^ permalink raw reply related [flat|nested] 19+ messages in thread
end of thread, other threads:[~2021-08-15 14:06 UTC | newest]
Thread overview: 19+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-08-15 14:06 [hardknott 00/18] Patch review Armin Kuster
2021-08-15 14:06 ` [hardknott 01/18] wireshark: update to 3.4.7 Armin Kuster
2021-08-15 14:06 ` [hardknott 02/18] nghttp2: upgrade 1.43.0 -> 1.44.0 Armin Kuster
2021-08-15 14:06 ` [hardknott 03/18] libtalloc: upgrade 2.3.2 -> 2.3.3 Armin Kuster
2021-08-15 14:06 ` [hardknott 04/18] openlldp: fix segfault Armin Kuster
2021-08-15 14:06 ` [hardknott 05/18] htop: Add ncurses-terminfo-base to RDEPENDS Armin Kuster
2021-08-15 14:06 ` [hardknott 06/18] php: move to version 7.4.21 Armin Kuster
2021-08-15 14:06 ` [hardknott 07/18] net-snmp: fix QA Issue after LDFLAGS change Armin Kuster
2021-08-15 14:06 ` [hardknott 08/18] Suppress eol in functionfs setup scripts (#147) Armin Kuster
2021-08-15 14:06 ` [hardknott 09/18] pm-qa: fix paths for shell scripts Armin Kuster
2021-08-15 14:06 ` [hardknott 10/18] vboxguestdrivers: upgrade 6.1.22 -> 6.1.24 Armin Kuster
2021-08-15 14:06 ` [hardknott 11/18] mariadb: redefine log-error item Armin Kuster
2021-08-15 14:06 ` [hardknott 12/18] mariadb: Update SRC_URI Armin Kuster
2021-08-15 14:06 ` [hardknott 13/18] ndpi: fix CVE-2021-36082 Armin Kuster
2021-08-15 14:06 ` [hardknott 14/18] libdbi-perl: fix CVE-2014-10402 Armin Kuster
2021-08-15 14:06 ` [hardknott 15/18] curlpp: fix QA Issue after LDFLAGS change Armin Kuster
2021-08-15 14:06 ` [hardknott 16/18] ldns: " Armin Kuster
2021-08-15 14:06 ` [hardknott 17/18] bigbuckbunny-1080p: fix sample video URL Armin Kuster
2021-08-15 14:06 ` [hardknott 18/18] redis: fix CVE-2021-32625 Armin Kuster
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.