[meta-oe,v3,0/2] polkit: switch from mozjs to duktape javascript engine

Message ID	20220325085627.45116-1-mikko.rapeli@bmw.de
Headers	show Return-Path: <mikko.rapeli@bmw.de> ip: 91.232.154.25, mailfrom: mcfrisk@lakka.kapsi.fi) From: mikko.rapeli@bmw.de To: openembedded-devel@lists.openembedded.org Cc: Mikko Rapeli <mikko.rapeli@bmw.de> Subject: [meta-oe][PATCH v3 0/2] polkit: switch from mozjs to duktape javascript engine Date: Fri, 25 Mar 2022 10:56:25 +0200 Message-Id: <20220325085627.45116-1-mikko.rapeli@bmw.de> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Symbol: RCVD_TLS_LAST(0.00) Symbol: ARC_NA(0.00) Symbol: DMARC_POLICY_SOFTFAIL(0.10) Symbol: TO_DN_SOME(0.00) Symbol: R_MISSING_CHARSET(0.50) Symbol: TO_MATCH_ENVRCPT_ALL(0.00) Symbol: MIME_GOOD(-0.10) Symbol: RCPT_COUNT_TWO(0.00) Symbol: FROM_NO_DN(0.00) Symbol: MID_CONTAINS_FROM(1.00) Symbol: NEURAL_HAM(-0.00) Symbol: R_SPF_NA(0.00) Symbol: FORGED_SENDER(0.30) Symbol: R_DKIM_NA(0.00) Symbol: MIME_TRACE(0.00) Symbol: ASN(0.00) Symbol: FROM_NEQ_ENVFROM(0.00) Symbol: BAYES_HAM(-3.00) Symbol: RCVD_COUNT_TWO(0.00) Message-ID: 20220325085627.45116-1-mikko.rapeli@bmw.de
Series	polkit: switch from mozjs to duktape javascript engine \| expand [meta-oe,v3,0/2] polkit: switch from mozjs to duktape javascript engine [meta-oe,v3,1/2] polkit: add patches for CVE-2021-4034 and CVE-2021-4115

Message ID

20220325085627.45116-1-mikko.rapeli@bmw.de

Headers

From: mikko.rapeli@bmw.de
To: openembedded-devel@lists.openembedded.org
Cc: Mikko Rapeli <mikko.rapeli@bmw.de>
Subject: [meta-oe][PATCH v3 0/2] polkit: switch from mozjs to duktape
 javascript engine
Date: Fri, 25 Mar 2022 10:56:25 +0200
Message-Id: <20220325085627.45116-1-mikko.rapeli@bmw.de>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

polkit: switch from mozjs to duktape javascript engine | expand

Message

Mikko Rapeli March 25, 2022, 8:56 a.m. UTC

From: Mikko Rapeli <mikko.rapeli@bmw.de>

polkit 0.121 will contain support for duktape but the patch applies
to 0.119 already so use it to get rid of mozjs and free 20 Mb of space.
Pick some CVE patches from master while at it.

v3: rebased to master-next

v2: added Signed-off-By lines to all patches

Mikko Rapeli (2):
  polkit: add patches for CVE-2021-4034 and CVE-2021-4115
  polkit: switch from mozjs to duktape javascript engine

 ...l-privilege-escalation-CVE-2021-4034.patch |   84 +
 ...0002-CVE-2021-4115-GHSL-2021-077-fix.patch |   88 +
 .../0002-jsauthority-port-to-mozjs-91.patch   |   38 -
 ...ded-support-for-duktape-as-JS-engine.patch | 3463 +++++++++++++++++
 ...re-to-call-JS_Init-and-JS_ShutDown-e.patch |   63 -
 .../recipes-extended/polkit/polkit_0.119.bb   |    8 +-
 6 files changed, 3640 insertions(+), 104 deletions(-)
 create mode 100644 meta-oe/recipes-extended/polkit/polkit/0001-pkexec-local-privilege-escalation-CVE-2021-4034.patch
 create mode 100644 meta-oe/recipes-extended/polkit/polkit/0002-CVE-2021-4115-GHSL-2021-077-fix.patch
 delete mode 100644 meta-oe/recipes-extended/polkit/polkit/0002-jsauthority-port-to-mozjs-91.patch
 create mode 100644 meta-oe/recipes-extended/polkit/polkit/0003-Added-support-for-duktape-as-JS-engine.patch
 delete mode 100644 meta-oe/recipes-extended/polkit/polkit/0003-jsauthority-ensure-to-call-JS_Init-and-JS_ShutDown-e.patch