[meta-oe,wrynose,2/2] haveged: upgrade 1.9.20 -> 1.9.22

Message ID	20260611191749.2897262-3-venkatasainath.ravikanti@windriver.com
State	New
Headers	show Return-Path: <philip@balister.org> ip: 205.220.166.238, mailfrom: prvs=0622d0867b=venkatasainath.ravikanti@windriver.com) From: "Ravikanti, Venkatasainath" <Venkatasainath.Ravikanti@windriver.com> To: <openembedded-devel@lists.openembedded.org> CC: <Randy.MacLeod@windriver.com>, <khem.raj@oss.qualcomm.com>, <li.zhou@windriver.com>, <wangmy@fujitsu.com>, <venkatasainath.ravikanti@windriver.com> Subject: [meta-oe][wrynose][PATCH 2/2] haveged: upgrade 1.9.20 -> 1.9.22 Date: Thu, 11 Jun 2026 19:17:49 +0000 Message-ID: <20260611191749.2897262-3-venkatasainath.ravikanti@windriver.com> In-Reply-To: <20260611191749.2897262-1-venkatasainath.ravikanti@windriver.com> References: <20260611191749.2897262-1-venkatasainath.ravikanti@windriver.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain
Series	haveged: upgrade to 1.9.22 (CVE-2026-41054) \| expand [meta-oe,wrynose,0/2] haveged: upgrade to 1.9.22 (CVE-2026-41054) [meta-oe,wrynose,1/2] haveged: upgrade 1.9.19 -> 1.9.20 [meta-oe,wrynose,2/2] haveged: upgrade 1.9.20 -> 1.9.22

Message ID

20260611191749.2897262-3-venkatasainath.ravikanti@windriver.com

State

New

Headers

From: "Ravikanti, Venkatasainath" <Venkatasainath.Ravikanti@windriver.com>
To: <openembedded-devel@lists.openembedded.org>
CC: <Randy.MacLeod@windriver.com>, <khem.raj@oss.qualcomm.com>,
        <li.zhou@windriver.com>, <wangmy@fujitsu.com>,
        <venkatasainath.ravikanti@windriver.com>
Subject: [meta-oe][wrynose][PATCH 2/2] haveged: upgrade 1.9.20 -> 1.9.22
Date: Thu, 11 Jun 2026 19:17:49 +0000
Message-ID: <20260611191749.2897262-3-venkatasainath.ravikanti@windriver.com>
In-Reply-To: <20260611191749.2897262-1-venkatasainath.ravikanti@windriver.com>
References: <20260611191749.2897262-1-venkatasainath.ravikanti@windriver.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain

Series

haveged: upgrade to 1.9.22 (CVE-2026-41054) | expand

Commit Message

Ravikanti, Venkatasainath June 11, 2026, 7:17 p.m. UTC

From: Wang Mingyu <wangmy@fujitsu.com>

Changelog:
===========
* Add ReadWritePaths=/dev/shm to systemd service for semaphore creation
  under ProtectSystem=full sandboxing
* Fix privilege escalation via command socket (CVE-2026-41054)
* Check peer credentials before reading command (CVE-2026-41054)
* Handle failing opening of semaphore
* Fix /dev/shm permissions to use sticky bit
* Use chmod after mkdir to ensure correct /dev/shm permissions
* Update libtool: add lib64 search paths, remove dead code

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <khem.raj@oss.qualcomm.com>
Signed-off-by: Venkatasainath Ravikanti <venkatasainath.ravikanti@windriver.com>
---
 .../haveged/{haveged_1.9.20.bb => haveged_1.9.22.bb}          | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta-oe/recipes-extended/haveged/{haveged_1.9.20.bb => haveged_1.9.22.bb} (91%)

diff --git a/meta-oe/recipes-extended/haveged/haveged_1.9.20.bb b/meta-oe/recipes-extended/haveged/haveged_1.9.22.bb
similarity index 91%
rename from meta-oe/recipes-extended/haveged/haveged_1.9.20.bb
rename to meta-oe/recipes-extended/haveged/haveged_1.9.22.bb
index 2ea12b3977..281fe1c2c9 100644
--- a/meta-oe/recipes-extended/haveged/haveged_1.9.20.bb
+++ b/meta-oe/recipes-extended/haveged/haveged_1.9.22.bb
@@ -6,8 +6,8 @@  HOMEPAGE = "https://www.issihosts.com/haveged/index.html"
 LICENSE = "GPL-3.0-only"
 LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
 
-SRCREV = "e2d96806273caa9ce7457e2f8669a3c40517ca27"
-SRC_URI = "git://github.com/jirka-h/haveged.git;branch=master;protocol=https \
+SRCREV = "21bad00a09233855fbea14ac062bc72b5eabc9a6"
+SRC_URI = "git://github.com/jirka-h/haveged.git;branch=master;protocol=https;tag=v${PV} \
 "
 
 UPSTREAM_CHECK_URI = "https://github.com/jirka-h/haveged/releases"

[meta-oe,wrynose,2/2] haveged: upgrade 1.9.20 -> 1.9.22

Commit Message

Patch