[meta-oe,04/47] haveged: upgrade 1.9.22 -> 1.9.24

Message ID	20260625090127.1563-4-wangmy@fujitsu.com
State	New
Headers	show Return-Path: <wangmy@fujitsu.com> ip: 139.138.61.252, mailfrom: wangmy@fujitsu.com) From: Wang Mingyu < wangmy@fujitsu.com> To: openembedded-devel@lists.openembedded.org Cc: Wang Mingyu <wangmy@fujitsu.com> Subject: [oe] [meta-oe] [PATCH 04/47] haveged: upgrade 1.9.22 -> 1.9.24 Date: Thu, 25 Jun 2026 17:00:44 +0800 Message-ID: <20260625090127.1563-4-wangmy@fujitsu.com> In-Reply-To: <20260625090127.1563-1-wangmy@fujitsu.com> References: <20260625090127.1563-1-wangmy@fujitsu.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[meta-oe,01/47] ctags: upgrade 6.2.20260607.0 -> 6.2.20260621.0 \| expand [meta-oe,01/47] ctags: upgrade 6.2.20260607.0 -> 6.2.20260621.0 [meta-oe,02/47] freerdp3: upgrade 3.26.0 -> 3.27.1 [meta-oe,03/47] glaze: upgrade 7.8.1 -> 7.8.2 [meta-oe,04/47] haveged: upgrade 1.9.22 -> 1.9.24 [meta-oe,05/47] imagemagick: upgrade 7.1.2-25 -> 7.1.2-26 [meta-oe,06/47] libdbi-perl: upgrade 1.648 -> 1.649 [meta-perl,07/47] libio-compress-perl: upgrade 2.220 -> 2.221 [meta-oe,08/47] libnvme: upgrade 1.16.1 -> 1.16.2 [meta-oe,09/47] libtsm: upgrade 4.5.0 -> 4.6.0 [meta-networking,10/47] mdns: upgrade 2881.100.56.0.1 -> 2881.120.11 [meta-oe,11/47] monit: upgrade 5.35.2 -> 6.0.0 [meta-oe,12/47] monocypher: upgrade 4.0.2 -> 4.0.3 [meta-networking,13/47] postfix: upgrade 3.11.3 -> 3.11.4 [meta-oe,14/47] pugixml: upgrade 1.15 -> 1.16 [meta-python,15/47] python3-anyio: upgrade 4.13.0 -> 4.14.0 [meta-python,16/47] python3-bitarray: upgrade 3.8.1 -> 3.8.2 [meta-python,17/47] python3-cmake: upgrade 4.3.2 -> 4.3.4 [meta-python,18/47] python3-coverage: upgrade 7.14.1 -> 7.14.3 [meta-python,19/47] python3-cyclonedx-python-lib: upgrade 11.10.0 -> 11.11.0 [meta-python,20/47] python3-engineio: upgrade 4.13.2 -> 4.13.3 [meta-python,21/47] python3-fastapi-cli: upgrade 0.0.24 -> 0.0.27 [meta-python,22/47] python3-fastapi: upgrade 0.137.1 -> 0.138.0 [meta-python,23/47] python3-fsspec: upgrade 2026.4.0 -> 2026.6.0 [meta-python,24/47] python3-google-auth: upgrade 2.54.0 -> 2.55.0 [meta-python,25/47] python3-inline-snapshot: upgrade 0.34.1 -> 0.34.2 [meta-python,26/47] python3-jsbeautifier: upgrade 1.15.4 -> 2.0.1 [meta-python,27/47] python3-msgpack: upgrade 1.2.0 -> 1.2.1 [meta-python,28/47] python3-nanobind: upgrade 2.12.0 -> 2.13.0 [meta-python,29/47] python3-prettytable: upgrade 3.17.0 -> 3.18.0 [meta-python,30/47] python3-py7zr: upgrade 1.1.2 -> 1.1.3 [meta-python,31/47] python3-pyfuse3: upgrade 3.4.2 -> 3.5.0 [meta-python,32/47] python3-pyro5: upgrade 5.16 -> 5.17 [meta-python,33/47] python3-pytest-unordered: upgrade 0.7.0 -> 0.8.0 [meta-python,34/47] python3-reportlab: upgrade 4.5.1 -> 5.0.0 [meta-python,35/47] python3-scikit-build: upgrade 0.19.0 -> 0.19.1 [meta-python,36/47] python3-sentry-sdk: upgrade 2.62.0 -> 2.63.0 [meta-python,37/47] python3-socketio: upgrade 5.16.2 -> 5.16.3 [meta-python,38/47] python3-sqlalchemy: upgrade 2.0.50 -> 2.0.51 [meta-python,39/47] python3-svglib: upgrade 1.6.0 -> 2.0.2 [meta-python,40/47] python3-telnetlib3: upgrade 4.0.4 -> 4.0.5 [meta-python,41/47] python3-tqdm: upgrade 4.67.3 -> 4.68.3 [meta-python,42/47] python3-txaio: upgrade 25.12.2 -> 26.6.1 [meta-python,43/47] python3-virtualenv: upgrade 21.5.0 -> 21.5.1 [meta-python,44/47] python3-wrapt: upgrade 2.2.1 -> 2.2.2 [meta-webserver,45/47] swagger-ui: upgrade 5.32.6 -> 5.32.7 [meta-oe,46/47] syslog-ng: upgrade 4.11.0 -> 4.12.0 [meta-xfce,47/47] xfce4-settings: upgrade 4.21.1 -> 4.21.2

Message ID

20260625090127.1563-4-wangmy@fujitsu.com

State

New

Headers

From: Wang Mingyu < wangmy@fujitsu.com>
To: openembedded-devel@lists.openembedded.org
Cc: Wang Mingyu <wangmy@fujitsu.com>
Subject: [oe] [meta-oe] [PATCH 04/47] haveged: upgrade 1.9.22 -> 1.9.24
Date: Thu, 25 Jun 2026 17:00:44 +0800
Message-ID: <20260625090127.1563-4-wangmy@fujitsu.com>
In-Reply-To: <20260625090127.1563-1-wangmy@fujitsu.com>
References: <20260625090127.1563-1-wangmy@fujitsu.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[meta-oe,01/47] ctags: upgrade 6.2.20260607.0 -> 6.2.20260621.0 | expand

Commit Message

Wang Mingyu June 25, 2026, 9 a.m. UTC

From: Wang Mingyu <wangmy@fujitsu.com>

Changelog:
===========
- Add --no-command / -C flag to disable command mode at runtime
- Disable command mode in haveged.service and haveged-once.service
- Enable PrivateNetwork=true and remove ReadWritePaths=/dev/shm in service files
- Add PractRand example to man page
- Use O_EXCL with sem_open to prevent semaphore pre-planting attacks [pyllyukko]
- Recover stale semaphores after SIGKILL by unlinking and retrying
- Add sem_close before sem_unlink for proper cleanup ordering
- Fix compilation when NO_COMMAND_MODE is defined
- Fix out-of-bounds memory access in safein()/safeout() on socket errors
- Reject command socket connections from different user namespaces
- Use O_NOFOLLOW for PID file to prevent symlink attacks
- Open random device with O_CLOEXEC to prevent fd leak across execv
- Restrict semaphore permissions from 0644 to 0600

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
---
 .../haveged/{haveged_1.9.22.bb => haveged_1.9.24.bb}            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta-oe/recipes-extended/haveged/{haveged_1.9.22.bb => haveged_1.9.24.bb} (94%)

diff --git a/meta-oe/recipes-extended/haveged/haveged_1.9.22.bb b/meta-oe/recipes-extended/haveged/haveged_1.9.24.bb
similarity index 94%
rename from meta-oe/recipes-extended/haveged/haveged_1.9.22.bb
rename to meta-oe/recipes-extended/haveged/haveged_1.9.24.bb
index 281fe1c2c9..68c8d2bdb2 100644
--- a/meta-oe/recipes-extended/haveged/haveged_1.9.22.bb
+++ b/meta-oe/recipes-extended/haveged/haveged_1.9.24.bb
@@ -6,7 +6,7 @@  HOMEPAGE = "https://www.issihosts.com/haveged/index.html"
 LICENSE = "GPL-3.0-only"
 LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
 
-SRCREV = "21bad00a09233855fbea14ac062bc72b5eabc9a6"
+SRCREV = "b52433d9234863050d52358f4a6cea86fbfb8e52"
 SRC_URI = "git://github.com/jirka-h/haveged.git;branch=master;protocol=https;tag=v${PV} \
 "

[meta-oe,04/47] haveged: upgrade 1.9.22 -> 1.9.24

Commit Message

Patch