From patchwork Sat Jul 20 12:42:42 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46678 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5352DC3DA59 for ; Sat, 20 Jul 2024 12:42:54 +0000 (UTC) Received: from mail-pf1-f176.google.com (mail-pf1-f176.google.com [209.85.210.176]) by mx.groups.io with SMTP id smtpd.web10.5373.1721479373698696556 for ; Sat, 20 Jul 2024 05:42:53 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=kSrgN+fN; spf=softfail (domain: sakoman.com, ip: 209.85.210.176, mailfrom: steve@sakoman.com) Received: by mail-pf1-f176.google.com with SMTP id d2e1a72fcca58-70d199fb3dfso22793b3a.3 for ; Sat, 20 Jul 2024 05:42:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1721479373; x=1722084173; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Ze1wXXA8VmIFPm/LDUhSSYy+mDKDr2J0qBfMDmkhdbg=; b=kSrgN+fNKV316r9kRVgH+IwTuzNXNbwqcqSBgpSc20lb8jkhcgTlm0Q1xgfIDoVFUw j0x4zrw3Ky/teSi+2wa7o4QjAsm6FfV7Lw3ryvOF+sUZKR/tMHjv+P5t2p9P4zSoeC4E X9uOpD1+P8fObHX1ENgN55C+NEQbefiFCSNjigKU6HyYKs9B+iPeI9Jw1Q7PodWA9OUC h5IDLSOnnBufnRWpcpZ/+5gBFsk7GRiiE3H4IstCxpCy2MtZG27rWO8HNdzHwSVBlojU nL2D7Iw7ZtpdwQisd+ys/0H+NN8VqNR1Kn5O0DqmaKh1FCCrM7rOrzdc+MSxA7FcAyeQ XeGQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721479373; x=1722084173; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Ze1wXXA8VmIFPm/LDUhSSYy+mDKDr2J0qBfMDmkhdbg=; b=eVpHzbbCN4zXDc05+Pfg1v61jrgLRTVqdPWpIJBLbt7e6aPbKxmkHa6ZoCPimnfmCP 0hjMBzaUS/QvgjA7RtXVBfqYamJbaiFOeXvLV48wpZmUyareacA4e5TW3cL9GoUchkIl 9XpivhIFIrBaihqnXJgbNC0byW/cjheINQYYmhhKF3vHttB/UAJgJX9PjEqv4n5NH3Ie eF04abcAbPgGujd38oSn8cV5UnyJZfCeU4JgozxSYiRAAt4cQBMnqsp3Le1n+OMf/npE 7kE7/DZhqBgmOTyr4xd8msy/c0ReO/BW81vu2cSIhU4PU2MWNLKSTF/eu2AfeEJk8seW kOag== X-Gm-Message-State: AOJu0YzmpME6jeGmAhERqhGOVTCjFgJqyXWUzSeBxCLYsxnmT3hcZ3pz JF3yzcbDrqAoVUK+4YsWFi+QBaWWLJ+2wpo9SglHHNijkDQR/qYPpIxkmCjlr74iwuB46wV7kHX 19YE= X-Google-Smtp-Source: AGHT+IFKCIJJfd9BemnylfLB/1Ms/jR8UVzfPR3ff36sRB0ImGjb2yDA6t9vFtdZZ7T5fQTkiWh40g== X-Received: by 2002:a05:6a20:a104:b0:1be:e265:81fa with SMTP id adf61e73a8af0-1c4229527eemr3656326637.35.1721479372523; Sat, 20 Jul 2024 05:42:52 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-70d0fe2e2b4sm796604b3a.10.2024.07.20.05.42.51 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 20 Jul 2024 05:42:52 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 1/6] busybox: Fix CVE-2023-42363 Date: Sat, 20 Jul 2024 05:42:42 -0700 Message-Id: <929deb4a80d65dc3a6e9a523f1aed12635ed7d53.1721479252.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 20 Jul 2024 12:42:54 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/202278 From: Hitendra Prajapati Upstream-Status: Backport from https://git.busybox.net/busybox/commit/?id=fb08d43d44d1fea1f741fafb9aa7e1958a5f69aa Signed-off-by: Hitendra Prajapati Signed-off-by: Steve Sakoman --- .../busybox/busybox/CVE-2023-42363.patch | 67 +++++++++++++++++++ meta/recipes-core/busybox/busybox_1.35.0.bb | 1 + 2 files changed, 68 insertions(+) create mode 100644 meta/recipes-core/busybox/busybox/CVE-2023-42363.patch diff --git a/meta/recipes-core/busybox/busybox/CVE-2023-42363.patch b/meta/recipes-core/busybox/busybox/CVE-2023-42363.patch new file mode 100644 index 0000000000..b401a6e3e5 --- /dev/null +++ b/meta/recipes-core/busybox/busybox/CVE-2023-42363.patch @@ -0,0 +1,67 @@ +From fb08d43d44d1fea1f741fafb9aa7e1958a5f69aa Mon Sep 17 00:00:00 2001 +From: Natanael Copa +Date: Mon, 20 May 2024 17:55:28 +0200 +Subject: awk: fix use after free (CVE-2023-42363) + +function old new delta +evaluate 3377 3385 +8 + +Fixes https://bugs.busybox.net/show_bug.cgi?id=15865 + +Signed-off-by: Natanael Copa +Signed-off-by: Denys Vlasenko + +Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=fb08d43d44d1fea1f741fafb9aa7e1958a5f69aa] +CVE: CVE-2023-42363 +Signed-off-by: Hitendra Prajapati +--- + editors/awk.c | 21 +++++++++++++-------- + 1 file changed, 13 insertions(+), 8 deletions(-) + +diff --git a/editors/awk.c b/editors/awk.c +index 654cbac..4fbc11d 100644 +--- a/editors/awk.c ++++ b/editors/awk.c +@@ -2889,19 +2889,14 @@ static var *evaluate(node *op, var *res) + if ((opinfo & OF_REQUIRED) && !op1) + syntax_error(EMSG_TOO_FEW_ARGS); + L.v = evaluate(op1, TMPVAR0); +- if (opinfo & OF_STR1) { +- L.s = getvar_s(L.v); +- debug_printf_eval("L.s:'%s'\n", L.s); +- } + if (opinfo & OF_NUM1) { + L_d = getvar_i(L.v); + debug_printf_eval("L_d:%f\n", L_d); + } + } +- /* NB: Must get string/numeric values of L (done above) +- * _before_ evaluate()'ing R.v: if both L and R are $NNNs, +- * and right one is large, then L.v points to Fields[NNN1], +- * second evaluate() reallocates and moves (!) Fields[], ++ /* NB: if both L and R are $NNNs, and right one is large, ++ * then at this pint L.v points to Fields[NNN1], second ++ * evaluate() below reallocates and moves (!) Fields[], + * R.v points to Fields[NNN2] but L.v now points to freed mem! + * (Seen trying to evaluate "$444 $44444") + */ +@@ -2914,6 +2909,16 @@ static var *evaluate(node *op, var *res) + debug_printf_eval("R.s:'%s'\n", R.s); + } + } ++ /* Get L.s _after_ R.v is evaluated: it may have realloc'd L.v ++ * so we must get the string after "old_Fields_ptr" correction ++ * above. Testcase: x = (v = "abc", gsub("b", "X", v)); ++ */ ++ if (opinfo & OF_RES1) { ++ if (opinfo & OF_STR1) { ++ L.s = getvar_s(L.v); ++ debug_printf_eval("L.s:'%s'\n", L.s); ++ } ++ } + + debug_printf_eval("switch(0x%x)\n", XC(opinfo & OPCLSMASK)); + switch (XC(opinfo & OPCLSMASK)) { +-- +2.25.1 + diff --git a/meta/recipes-core/busybox/busybox_1.35.0.bb b/meta/recipes-core/busybox/busybox_1.35.0.bb index 07a5137d2a..842562c4c4 100644 --- a/meta/recipes-core/busybox/busybox_1.35.0.bb +++ b/meta/recipes-core/busybox/busybox_1.35.0.bb @@ -52,6 +52,7 @@ SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \ file://CVE-2022-30065.patch \ file://0001-devmem-add-128-bit-width.patch \ file://CVE-2022-48174.patch \ + file://CVE-2023-42363.patch \ " SRC_URI:append:libc-musl = " file://musl.cfg " From patchwork Sat Jul 20 12:42:43 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46680 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 266C8C3DA49 for ; Sat, 20 Jul 2024 12:43:04 +0000 (UTC) Received: from mail-pf1-f173.google.com (mail-pf1-f173.google.com [209.85.210.173]) by mx.groups.io with SMTP id smtpd.web10.5375.1721479374710344864 for ; Sat, 20 Jul 2024 05:42:54 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=jfsvB0Jl; spf=softfail (domain: sakoman.com, ip: 209.85.210.173, mailfrom: steve@sakoman.com) Received: by mail-pf1-f173.google.com with SMTP id d2e1a72fcca58-70b1207bc22so1380876b3a.3 for ; Sat, 20 Jul 2024 05:42:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1721479374; x=1722084174; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=a8rCtJ2Rjwk2dh7otpMzlr6tHACpxLpAenRpzo5J/18=; b=jfsvB0Jl1QxUAO6b+3V5xYjDmCN8E4In7maPHDEzTgIki7q2pZDEEiQsNa68RNaSg5 ogsPuuIV3VciHJSYmcjyTA3Qgvr3PLZBaOJUoJywN1e+2nHkjcbOUjBNx2iq7tgTFC9V ljK5AtIDxI1oUaiUqrHKUNWSdmhfkWw8XGYwWOkWl7tsclb3P+W//6LCXMm8hHhSE5TJ +YkYSiDPE6U8DJ91a3k0fjLj4bL0uT/dh3Mr9Cr33BILmhg38z9aKXb9U1IDh+2Da54N +xoH13+34S3EiF2647F21cN7Lq/Wgj6AN4MqlSBv2Yz3Nh0Eco4iphwJ+SF5Rfak1Yrc D2rg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721479374; x=1722084174; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=a8rCtJ2Rjwk2dh7otpMzlr6tHACpxLpAenRpzo5J/18=; b=njLkCYKEobSIQdO0T9yEM27nhavg2IwFF1GaWQz/8lYipGIpK+9aLYdX54LTK9avv6 MbCW+wxw3M9AaJbseZ8cw5l+BhFZ1XHm8tn9JjSvrHyaQs5jK4zZ52BHMUuile5p5Wti nfbEt8f/AHAN9NQZkXR5O4m4ea72B1OPyWULoFPrsqcmVYzNpFfr+4FHd7BrLgyvWioG cOx3Y+rcmaJk3ngHKWBbwg0smKm0MEM/3cXl7GCqdWdawx9unm6l1lTtzvjfK4JzfXwn ZntvhoYTYvkqvhugrSsDD+Rtnwpr300AQLc6Ek0YBtU6hSdxS6D4b3+z393TGTUSEQbZ 42Pg== X-Gm-Message-State: AOJu0Yzd6toHYZ+Md5uYeVkrNbFyF4XoFr9XOklZCc1yC4f7HSMl8y30 2k45cpysoR1CrSi/xALdfPOtqkOAZviNuARfYhHgEUAp66H/hhjrMUV1ykXumhZoQlFCZ7//mNP NwAw= X-Google-Smtp-Source: AGHT+IHfO9za6hnJYVERT1cp72BtbNPlmRJV6R+PAq7SX3y/LxDEJycgUZ5/kpEIq6jBHxn+U7Zfzg== X-Received: by 2002:a05:6a00:1250:b0:70b:29bf:bbde with SMTP id d2e1a72fcca58-70d084b4cf9mr3708565b3a.12.1721479373867; Sat, 20 Jul 2024 05:42:53 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-70d0fe2e2b4sm796604b3a.10.2024.07.20.05.42.53 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 20 Jul 2024 05:42:53 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 2/6] ruby: backport fix for CVE-2024-27282 Date: Sat, 20 Jul 2024 05:42:43 -0700 Message-Id: <94a0350058e51c4b05bf5d4e02d048c2e6256725.1721479252.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 20 Jul 2024 12:43:04 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/202279 From: Ashish Sharma Upstream-Status: Backport [https://github.com/ruby/ruby/commit/989a2355808a63fc45367785c82ffd46d18c900a] Signed-off-by: Ashish Sharma Signed-off-by: Steve Sakoman --- .../ruby/ruby/CVE-2024-27282.patch | 29 +++++++++++++++++++ meta/recipes-devtools/ruby/ruby_3.1.3.bb | 1 + 2 files changed, 30 insertions(+) create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-27282.patch diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2024-27282.patch b/meta/recipes-devtools/ruby/ruby/CVE-2024-27282.patch new file mode 100644 index 0000000000..5d64a51488 --- /dev/null +++ b/meta/recipes-devtools/ruby/ruby/CVE-2024-27282.patch @@ -0,0 +1,29 @@ +From 989a2355808a63fc45367785c82ffd46d18c900a Mon Sep 17 00:00:00 2001 +From: Hiroshi SHIBATA +Date: Fri, 12 Apr 2024 15:01:47 +1000 +Subject: [PATCH] Fix Use-After-Free issue for Regexp + +Co-authored-by: Isaac Peka <7493006+isaac-peka@users.noreply.github.com> + +Upstream-Status: Backport [https://github.com/ruby/ruby/commit/989a2355808a63fc45367785c82ffd46d18c900a] +CVE: CVE-2024-27282 +Signed-off-by: Ashish Sharma + + + regexec.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/regexec.c b/regexec.c +index 73694ab14a0b0a..140691ad42489f 100644 +--- a/regexec.c ++++ b/regexec.c +@@ -3449,8 +3449,8 @@ match_at(regex_t* reg, const UChar* str, const UChar* end, + CASE(OP_MEMORY_END_PUSH_REC) MOP_IN(OP_MEMORY_END_PUSH_REC); + GET_MEMNUM_INC(mem, p); + STACK_GET_MEM_START(mem, stkp); /* should be before push mem-end. */ +- STACK_PUSH_MEM_END(mem, s); + mem_start_stk[mem] = GET_STACK_INDEX(stkp); ++ STACK_PUSH_MEM_END(mem, s); + MOP_OUT; + JUMP; + diff --git a/meta/recipes-devtools/ruby/ruby_3.1.3.bb b/meta/recipes-devtools/ruby/ruby_3.1.3.bb index d4b977cdfe..7a927d2041 100644 --- a/meta/recipes-devtools/ruby/ruby_3.1.3.bb +++ b/meta/recipes-devtools/ruby/ruby_3.1.3.bb @@ -35,6 +35,7 @@ SRC_URI = "http://cache.ruby-lang.org/pub/ruby/${SHRT_VER}/ruby-${PV}.tar.gz \ file://CVE-2023-36617_2.patch \ file://CVE-2024-27281.patch \ file://CVE-2024-27280.patch \ + file://CVE-2024-27282.patch \ " UPSTREAM_CHECK_URI = "https://www.ruby-lang.org/en/downloads/" From patchwork Sat Jul 20 12:42:44 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46683 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 48839C3DA7E for ; Sat, 20 Jul 2024 12:43:04 +0000 (UTC) Received: from mail-il1-f172.google.com (mail-il1-f172.google.com [209.85.166.172]) by mx.groups.io with SMTP id smtpd.web11.5278.1721479376637789235 for ; Sat, 20 Jul 2024 05:42:56 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=ucZ0asuw; spf=softfail (domain: sakoman.com, ip: 209.85.166.172, mailfrom: steve@sakoman.com) Received: by mail-il1-f172.google.com with SMTP id e9e14a558f8ab-39943ace9a2so421035ab.3 for ; Sat, 20 Jul 2024 05:42:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1721479376; x=1722084176; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=RDnJN5e1XnG88oqTK8c3esQheIi7DKaaKfO5u27LGOU=; b=ucZ0asuw2ma96Z4IpmLFl6kAA1jrtzrYz4lrJuZ5DA9yCG5NLri38Lw+T1M0NcYNvH LEh4n7HgMAM4H2hHBXF3xTcLjQbEh6ZXU9zXToaQTkCiNCT642HKVRGXu1C3DPd62cYc QDJ821hoPOZP/zuQ7aGq02c90v1Syz3CaxF16bBNczlwxGIZYfc5/mPu8sUG1Q9un6ZW UMlCawVYBWvLX9ouN/5jhtYkA29H9ZOrceBoDgg0Hlq9X/UUnCbwNUhuWQ31tWUHFz+V B2V1+Fu1vlvBGwHBc8UdNqZz4kgdkopY0uskQjBDX3uHbmla4aEE4ksvRbNOTRZ7g6cQ loRA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721479376; x=1722084176; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=RDnJN5e1XnG88oqTK8c3esQheIi7DKaaKfO5u27LGOU=; b=If6AryXa+L2TZCWqcj0bO53aBjJLYrkoHH7iCVytpdp0EACVmEux3JIgpNwB1uVz4M 8A5D6JHF9VU68FAjtiEBbZEttqgqKQ7ZtHvMuDUCIWIg2yuopyuEpBDehRJiN8os/S13 Tzq1ezuKQ9bJovpd+uT7ks1IdU2X5CZvmyq2o2PIYLUA4SWX40P7/OUzJ3I3Hv3maqos 6UyZ7O/RGFVRONuDMqrnQcAEY2ei2q4bDHN7Exgz0NpxKKNzENWgTSLdS9StLXMJkUq4 BD1wcV0c4ede7S+cIl9pLiAGvvz/KFiNQMHdCTjfNBGx0SIrseal3TEyliZ+ZxWvV87Y 4kyA== X-Gm-Message-State: AOJu0YyQg3Xzwg2mMWVf++aGpqUx9Cs0YdFNWcjYd45T7O1uW0GWDgJA P6s/ZymtRH36Vgo9C+L20DguYuZnKaIK1DLZF0PWL9/XoDOcbbK010s0O7VbRnIFif22FyTmIRv wd1Y= X-Google-Smtp-Source: AGHT+IGL+BJFSehcKtOj0TtPTSXM7A8LjGD1+qlJIaTZ9LIXJQlits5vtG8yIsQIHhZ18VMjb6owvw== X-Received: by 2002:a05:6e02:1945:b0:398:3f0e:8bd7 with SMTP id e9e14a558f8ab-398e8b652e4mr35485645ab.9.1721479375549; Sat, 20 Jul 2024 05:42:55 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-70d0fe2e2b4sm796604b3a.10.2024.07.20.05.42.54 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 20 Jul 2024 05:42:55 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 3/6] busybox: Patch CVE-2021-42380 Date: Sat, 20 Jul 2024 05:42:44 -0700 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 20 Jul 2024 12:43:04 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/202280 From: Peter Marko Backport patch for CVE-2021-42380. Move if before patch for CVE-2023-42363 because they touch the same code and they are in this order in git history so we avoid fuzz modifications. This will remove fuzz modifications from CVE-2023-42363 and both will apply cleanly without modifications (except line number changes and the first one also has little fuzz fix in tests). This will also make it equal to master/scarthgap patch order/content. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../busybox/busybox/CVE-2021-42380.patch | 151 ++++++++++++++++++ .../busybox/busybox/CVE-2023-42363.patch | 11 +- meta/recipes-core/busybox/busybox_1.35.0.bb | 1 + 3 files changed, 158 insertions(+), 5 deletions(-) create mode 100644 meta/recipes-core/busybox/busybox/CVE-2021-42380.patch diff --git a/meta/recipes-core/busybox/busybox/CVE-2021-42380.patch b/meta/recipes-core/busybox/busybox/CVE-2021-42380.patch new file mode 100644 index 0000000000..f40fe582c5 --- /dev/null +++ b/meta/recipes-core/busybox/busybox/CVE-2021-42380.patch @@ -0,0 +1,151 @@ +From 5dcc443dba039b305a510c01883e9f34e42656ae Mon Sep 17 00:00:00 2001 +From: Denys Vlasenko +Date: Fri, 26 May 2023 19:36:58 +0200 +Subject: [PATCH] awk: fix use-after-realloc (CVE-2021-42380), closes 15601 + +Signed-off-by: Denys Vlasenko + +CVE: CVE-2021-42380 +Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=5dcc443dba039b305a510c01883e9f34e42656ae] +Signed-off-by: Peter Marko +--- + editors/awk.c | 26 ++++++++++++++++----- + testsuite/awk.tests | 55 +++++++++++++++++++++++++++++++++++++++++++++ + 2 files changed, 75 insertions(+), 6 deletions(-) + +diff --git a/editors/awk.c b/editors/awk.c +index 728ee8685..2af823808 100644 +--- a/editors/awk.c ++++ b/editors/awk.c +@@ -555,7 +555,7 @@ struct globals { + const char *g_progname; + int g_lineno; + int nfields; +- int maxfields; /* used in fsrealloc() only */ ++ unsigned maxfields; + var *Fields; + char *g_pos; + char g_saved_ch; +@@ -1917,9 +1917,9 @@ static void fsrealloc(int size) + { + int i, newsize; + +- if (size >= maxfields) { +- /* Sanity cap, easier than catering for overflows */ +- if (size > 0xffffff) ++ if ((unsigned)size >= maxfields) { ++ /* Sanity cap, easier than catering for over/underflows */ ++ if ((unsigned)size > 0xffffff) + bb_die_memory_exhausted(); + + i = maxfields; +@@ -2877,6 +2877,7 @@ static var *evaluate(node *op, var *res) + uint32_t opinfo; + int opn; + node *op1; ++ var *old_Fields_ptr; + + opinfo = op->info; + opn = (opinfo & OPNMASK); +@@ -2885,10 +2886,16 @@ static var *evaluate(node *op, var *res) + debug_printf_eval("opinfo:%08x opn:%08x\n", opinfo, opn); + + /* execute inevitable things */ ++ old_Fields_ptr = NULL; + if (opinfo & OF_RES1) { + if ((opinfo & OF_REQUIRED) && !op1) + syntax_error(EMSG_TOO_FEW_ARGS); + L.v = evaluate(op1, TMPVAR0); ++ /* Does L.v point to $n variable? */ ++ if ((size_t)(L.v - Fields) < maxfields) { ++ /* yes, remember where Fields[] is */ ++ old_Fields_ptr = Fields; ++ } + if (opinfo & OF_STR1) { + L.s = getvar_s(L.v); + debug_printf_eval("L.s:'%s'\n", L.s); +@@ -2907,8 +2914,15 @@ static var *evaluate(node *op, var *res) + */ + if (opinfo & OF_RES2) { + R.v = evaluate(op->r.n, TMPVAR1); +- //TODO: L.v may be invalid now, set L.v to NULL to catch bugs? +- //L.v = NULL; ++ /* Seen in $5=$$5=$0: ++ * Evaluation of R.v ($$5=$0 expression) ++ * made L.v ($5) invalid. It's detected here. ++ */ ++ if (old_Fields_ptr) { ++ //if (old_Fields_ptr != Fields) ++ // debug_printf_eval("L.v moved\n"); ++ L.v += Fields - old_Fields_ptr; ++ } + if (opinfo & OF_STR2) { + R.s = getvar_s(R.v); + debug_printf_eval("R.s:'%s'\n", R.s); +diff --git a/testsuite/awk.tests b/testsuite/awk.tests +index bcaafe8..08afdb2 100755 +--- a/testsuite/awk.tests ++++ b/testsuite/awk.tests +@@ -469,4 +469,59 @@ testing 'awk printf %% prints one %' \ + "%\n" \ + '' '' + ++# User-supplied bug (SEGV) example, was causing use-after-realloc ++testing 'awk assign while assign' \ ++ "awk '\$5=\$\$5=\$0'; echo \$?" \ ++ "\ ++─ process timing ────────────────────────────────────┬─ ─ process timing ────────────────────────────────────┬─ overall results ────┐ results ────┐ ++│ run time : │ run time : 0 days, 0 hrs, 0 min, 56 sec │ cycles done : 0 │ days, 0 hrs, 0 min, 56 sec │ cycles done : 0 │ ++│ last new find │ last new find : 0 days, 0 hrs, 0 min, 1 sec │ corpus count : 208 │ 0 days, 0 hrs, 0 min, 1 sec │ corpus count : 208 │ ++│last saved crash : │last saved crash : none seen yet │saved crashes : 0 │ seen yet │saved crashes : 0 │ ++│ last saved hang │ last saved hang : none seen yet │ saved hangs : 0 │ none seen yet │ saved hangs : 0 │ ++├─ cycle progress ─────────────────────┬─ ├─ cycle progress ─────────────────────┬─ map coverage┴──────────────────────┤ coverage┴──────────────────────┤ ++│ now processing : │ now processing : 184.1 (88.5%) │ map density : 0.30% / 0.52% │ (88.5%) │ map density : 0.30% / 0.52% │ │ now processing : 184.1 (88.5%) │ map density : 0.30% / 0.52% │ ++│ runs timed out │ runs timed out : 0 (0.00%) │ count coverage : 2.18 bits/tuple │ 0 (0.00%) │ count coverage : 2.18 bits/tuple │ ++├─ stage progress ─────────────────────┼─ ├─ stage progress ─────────────────────┼─ findings in depth ─────────────────┤ in depth ─────────────────┤ ++│ now trying : │ now trying : havoc │ favored items : 43 (20.67%) │ │ favored items : 43 (20.67%) │ ++│ stage execs : │ stage execs : 11.2k/131k (8.51%) │ new edges on : 52 (25.00%) │ (8.51%) │ new edges on │ stage execs : 11.2k/131k (8.51%) │ new edges on : 52 (25.00%) │ 52 (25.00%) │ ++│ total execs : │ total execs : 179k │ total crashes : 0 (0 saved) │ │ total crashes : 0 (0 saved) │ │ total execs : 179k │ total crashes : 0 (0 saved) │ ++│ exec speed : │ exec speed : 3143/sec │ total tmouts : 0 (0 saved) │ │ total tmouts : 0 (0 saved) │ │ exec speed : 3143/sec │ total tmouts : 0 (0 saved) │ ++├─ fuzzing strategy yields ├─ fuzzing strategy yields ────────────┴─────────────┬─ item geometry ───────┤ item geometry ───────┤ ++│ bit flips : │ bit flips : 11/648, 4/638, 5/618 │ levels : 4 │ 4/638, 5/618 │ levels : │ bit flips : 11/648, 4/638, 5/618 │ levels : 4 │ │ ++│ byte flips : │ byte flips : 0/81, 0/71, 0/52 │ pending : 199 │ 0/71, 0/52 │ pending : 199 │ ++│ arithmetics : 11/4494, │ arithmetics : 11/4494, 0/1153, 0/0 │ pend fav : 35 │ 0/0 │ pend fav : 35 │ ++│ known ints : 1/448, 0/1986, 0/2288 │ own finds : 207 │ known ints : │ known ints : 1/448, 0/1986, 0/2288 │ own finds : 207 │ 0/1986, 0/2288 │ own finds : 207 │ ++│ dictionary : 0/0, │ dictionary : 0/0, 0/0, 0/0, 0/0 │ imported : 0 │ 0/0, 0/0 │ imported : 0 │ ++│havoc/splice : 142/146k, 23/7616 │havoc/splice : 142/146k, 23/7616 │ stability : 100.00% │ stability : 100.00% │ ++│py/custom/rq : unused, unused, │py/custom/rq : unused, unused, unused, unused ├───────────────────────┘ unused ├───────────────────────┘ ++│ trim/eff : 57.02%/26, │ trim/eff : 57.02%/26, 0.00% │ [cpu000:100%] │ [cpu000:100%] ++└────────────────────────────────────────────────────┘^C └────────────────────────────────────────────────────┘^C ++0 ++" \ ++ "" \ ++ "\ ++─ process timing ────────────────────────────────────┬─ overall results ────┐ ++│ run time : 0 days, 0 hrs, 0 min, 56 sec │ cycles done : 0 │ ++│ last new find : 0 days, 0 hrs, 0 min, 1 sec │ corpus count : 208 │ ++│last saved crash : none seen yet │saved crashes : 0 │ ++│ last saved hang : none seen yet │ saved hangs : 0 │ ++├─ cycle progress ─────────────────────┬─ map coverage┴──────────────────────┤ ++│ now processing : 184.1 (88.5%) │ map density : 0.30% / 0.52% │ ++│ runs timed out : 0 (0.00%) │ count coverage : 2.18 bits/tuple │ ++├─ stage progress ─────────────────────┼─ findings in depth ─────────────────┤ ++│ now trying : havoc │ favored items : 43 (20.67%) │ ++│ stage execs : 11.2k/131k (8.51%) │ new edges on : 52 (25.00%) │ ++│ total execs : 179k │ total crashes : 0 (0 saved) │ ++│ exec speed : 3143/sec │ total tmouts : 0 (0 saved) │ ++├─ fuzzing strategy yields ────────────┴─────────────┬─ item geometry ───────┤ ++│ bit flips : 11/648, 4/638, 5/618 │ levels : 4 │ ++│ byte flips : 0/81, 0/71, 0/52 │ pending : 199 │ ++│ arithmetics : 11/4494, 0/1153, 0/0 │ pend fav : 35 │ ++│ known ints : 1/448, 0/1986, 0/2288 │ own finds : 207 │ ++│ dictionary : 0/0, 0/0, 0/0, 0/0 │ imported : 0 │ ++│havoc/splice : 142/146k, 23/7616 │ stability : 100.00% │ ++│py/custom/rq : unused, unused, unused, unused ├───────────────────────┘ ++│ trim/eff : 57.02%/26, 0.00% │ [cpu000:100%] ++└────────────────────────────────────────────────────┘^C" ++ + exit $FAILCOUNT +-- +2.30.2 + diff --git a/meta/recipes-core/busybox/busybox/CVE-2023-42363.patch b/meta/recipes-core/busybox/busybox/CVE-2023-42363.patch index b401a6e3e5..08e41415df 100644 --- a/meta/recipes-core/busybox/busybox/CVE-2023-42363.patch +++ b/meta/recipes-core/busybox/busybox/CVE-2023-42363.patch @@ -14,6 +14,7 @@ Signed-off-by: Denys Vlasenko Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=fb08d43d44d1fea1f741fafb9aa7e1958a5f69aa] CVE: CVE-2023-42363 Signed-off-by: Hitendra Prajapati +Signed-off-by: Peter Marko --- editors/awk.c | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) @@ -22,10 +23,10 @@ diff --git a/editors/awk.c b/editors/awk.c index 654cbac..4fbc11d 100644 --- a/editors/awk.c +++ b/editors/awk.c -@@ -2889,19 +2889,14 @@ static var *evaluate(node *op, var *res) - if ((opinfo & OF_REQUIRED) && !op1) - syntax_error(EMSG_TOO_FEW_ARGS); - L.v = evaluate(op1, TMPVAR0); +@@ -2896,19 +2896,14 @@ static var *evaluate(node *op, var *res) + /* yes, remember where Fields[] is */ + old_Fields_ptr = Fields; + } - if (opinfo & OF_STR1) { - L.s = getvar_s(L.v); - debug_printf_eval("L.s:'%s'\n", L.s); @@ -45,7 +46,7 @@ index 654cbac..4fbc11d 100644 * R.v points to Fields[NNN2] but L.v now points to freed mem! * (Seen trying to evaluate "$444 $44444") */ -@@ -2914,6 +2909,16 @@ static var *evaluate(node *op, var *res) +@@ -2928,6 +2923,16 @@ static var *evaluate(node *op, var *res) debug_printf_eval("R.s:'%s'\n", R.s); } } diff --git a/meta/recipes-core/busybox/busybox_1.35.0.bb b/meta/recipes-core/busybox/busybox_1.35.0.bb index 842562c4c4..1c7fe2f43e 100644 --- a/meta/recipes-core/busybox/busybox_1.35.0.bb +++ b/meta/recipes-core/busybox/busybox_1.35.0.bb @@ -52,6 +52,7 @@ SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \ file://CVE-2022-30065.patch \ file://0001-devmem-add-128-bit-width.patch \ file://CVE-2022-48174.patch \ + file://CVE-2021-42380.patch \ file://CVE-2023-42363.patch \ " SRC_URI:append:libc-musl = " file://musl.cfg " From patchwork Sat Jul 20 12:42:45 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46681 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6C494C49EA1 for ; Sat, 20 Jul 2024 12:43:04 +0000 (UTC) Received: from mail-ot1-f42.google.com (mail-ot1-f42.google.com [209.85.210.42]) by mx.groups.io with SMTP id smtpd.web10.5376.1721479377917414659 for ; Sat, 20 Jul 2024 05:42:58 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=KcPCGc4K; spf=softfail (domain: sakoman.com, ip: 209.85.210.42, mailfrom: steve@sakoman.com) Received: by mail-ot1-f42.google.com with SMTP id 46e09a7af769-70211abf4cbso1563792a34.3 for ; Sat, 20 Jul 2024 05:42:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1721479377; x=1722084177; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=O4OgKWFiAtnjDQdfdsWFcWBQY/cAUlhibB2nugLtBGY=; b=KcPCGc4K44frifnf2uoPXNlaQwDNnb/uvmORaAh6gwBdWO/Stxj09+k5f2iQJymLiJ riA+Os7AQdf8Jy/tK3bD6e/UZAYn9uKBjNKD9g38UgpECKvun59qXemUl6d2p7uC4fQy vrAJ5EZWGFPnTO+INqKb0gdcpX7tdm6quEPIBFcuMwpSlD7hB37MfAT4i99jK9W9HmeW 4QEjvCL0GLIegOr8x/L7CE+trtJHIPsmUEM6c9INZV5Z7EiGGd8pKcewU4NIPXzTqbd3 piGQtZhXthADZFN0fOft7+Um4D/vqmIVmR5hIffyEmiP/K8YCtk/UwG49o4BQvnQbMaH Lmvw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721479377; x=1722084177; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=O4OgKWFiAtnjDQdfdsWFcWBQY/cAUlhibB2nugLtBGY=; b=GCOumadNmvy0PTdDqk0dFVbWkTdDSQg6YmuQjyUH4JqQA1R9krtoQcGkWwOuoXidWp gu0kr064W8Dra5r5357cdyKvdHce873i25N7k1JEyjGGjPSmKDCKGkoEo+8iXaHhAed9 zJr6TfQT9Vvp1Mqqk3y5oksJVOSl6CzIwKGsWbwUaZw+UdR/juZL26bG0Wy3GlzbeDFa s7SpsgQXPCIutY/1XXh9069MKIu1Pc/SyWubg0qQQS1u7F5sDHEirT+vY/uuMteOkpAr LGKsheQG70Dke20w2oV5cxxFQF7a2Vln/NuK9iNhJHHADGDOUzhrFVg4gTDUw2/UcV5H cYLA== X-Gm-Message-State: AOJu0YxJmQ+ziwyJ6UlvRydGqC3SBVEZQRCI14vr11hJOTIWOft090D9 eqmsq/kF+N6UrhopNuatmSNkvZrZnFn/96ahefH+XNOkv1gXLgM2ig27R4A6gykPgaXyZdKT3Kp ht0o= X-Google-Smtp-Source: AGHT+IGkEZBjTXTlPdIYvoOfgaFuQMydPnzji76NPzDID7cmfddzp60ceLg5p5peLotJ3D4GSIxY7g== X-Received: by 2002:a05:6830:3c8c:b0:708:455a:8f03 with SMTP id 46e09a7af769-708fdb9ccfcmr3260465a34.34.1721479376967; Sat, 20 Jul 2024 05:42:56 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-70d0fe2e2b4sm796604b3a.10.2024.07.20.05.42.56 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 20 Jul 2024 05:42:56 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 4/6] libarchive: ignore CVE-2024-37407 Date: Sat, 20 Jul 2024 05:42:45 -0700 Message-Id: <2b407f34df5a768c271fc7049e7272d1a79c04a0.1721479252.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 20 Jul 2024 12:43:04 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/202281 From: Peter Marko History of code changes: * introduced: https://github.com/ilibarchive/libarchive/commit/390d83012fdba8c8db7fc9915338805882b0597a (v3.7.2-52-g390d8301) * reverted: 6https://github.com/libarchive/libarchive/commit/2c8caf6611a7d0662d80176c4fdb40f85794699 (v3.7.2-53-g62c8caf6) * re-introduced: 9https://github.com/libarchive/libarchive/commit/1f27004a5c88589658e38d68e46d223da6b75ca (v3.7.3-14-g91f27004) * fixed: bhttps://github.com/libarchive/libarchive/commit/6a979481b7d77c12fa17bbed94576b63bbcb0c0 (v3.7.3-24-gb6a97948) Since there is no release where this CVE was present, we can safely ignore it. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- meta/recipes-extended/libarchive/libarchive_3.6.2.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/recipes-extended/libarchive/libarchive_3.6.2.bb b/meta/recipes-extended/libarchive/libarchive_3.6.2.bb index c83eec9b1a..a7a3e47412 100644 --- a/meta/recipes-extended/libarchive/libarchive_3.6.2.bb +++ b/meta/recipes-extended/libarchive/libarchive_3.6.2.bb @@ -38,6 +38,8 @@ SRC_URI[sha256sum] = "ba6d02f15ba04aba9c23fd5f236bb234eab9d5209e95d1c4df85c44d5f # upstream-wontfix: upstream has documented that reported function is not thread-safe CVE_CHECK_IGNORE += "CVE-2023-30571" +# cpe-incorrect: this vulnerability was not in any release; introduced in v3.7.3-14-g91f27004; fixed in b6a97948 +CVE_CHECK_IGNORE += "CVE-2024-37407" inherit autotools update-alternatives pkgconfig From patchwork Sat Jul 20 12:42:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46682 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6C1BFC3DA59 for ; Sat, 20 Jul 2024 12:43:04 +0000 (UTC) Received: from mail-il1-f169.google.com (mail-il1-f169.google.com [209.85.166.169]) by mx.groups.io with SMTP id smtpd.web11.5280.1721479379290356246 for ; Sat, 20 Jul 2024 05:42:59 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=AB2Glkcc; spf=softfail (domain: sakoman.com, ip: 209.85.166.169, mailfrom: steve@sakoman.com) Received: by mail-il1-f169.google.com with SMTP id e9e14a558f8ab-39834949f27so6007685ab.2 for ; Sat, 20 Jul 2024 05:42:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1721479378; x=1722084178; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=KJJzmphV8ULcxfZyHx1mr95cOraoi5Y9JZ2AZi15z30=; b=AB2GlkccU66S1hrjycn3BHK226qRwNiGJbXzhjE23nktl65ehhNPmiJxglml+T+Hb3 SkBKARADyQF6szOQhwOuIBM2sMdGZDl3USS3eUA9syL4e3dxrwudo8U5tlPsCg2qK1BJ ErFayyGlgKa7+jESSzHrZBULg1pZ99gp3LxMP+txtVLtM6WN3gtUN48Ccnbt9t1AqN7c PkBZpxlCgfhWEb+T4mqPpA1l8bq2zURQpTl8ZdSz9T0bsDISr9h67mrPPga8w7qw2KhF 2SrcqggukYPRMHwCklOwxv3wAa5Gx82i0jWpnTdXCqTpzJ0ETIea6DoHjtofIcPq7B6e 9qaQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721479378; x=1722084178; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=KJJzmphV8ULcxfZyHx1mr95cOraoi5Y9JZ2AZi15z30=; b=v9a6RdTSKjcb0GRlR6m2E9Ss0tXFkTdpa1T684LhoIR1NUSIRh3v+bws6uTIhe63TZ SsqoDfspOwspbQ5zYrMRly/q21+sFZa6jwEWe6W/5xK/RQu2brTWsQYDd3+uNmaYQMrx lbE8sCxJpPH4xP75btEhbD1eSeyhyKtKEODJ7go2Ex9Wxda2M8iPPL74ks0KGQgCjoAW v3ZftVEo8tCrAHHz8mEus1HBnxT+m7yVjSzRA15vBVKIe7wKvcxqYiwj+xMNTbguHYNh h4sgvtB9wjeqM/EZ0kg3u7OgRpQKTo3CVc2DXSLqwGPnb73ul7997ASMJlFdPQ3sVn4z 26vw== X-Gm-Message-State: AOJu0Yz8sVKBgILL+wFbOBpV8oh5QOLRiN8hcx60OMBDU23S4m1CMD/7 aANCy3sIDbjizKM+zCs2LoJyXHcGBK3HItKNbGmJzHaUiqrvniers4V5dD3n7NzEVORzmOIC8wC K0gc= X-Google-Smtp-Source: AGHT+IEYcg8uWF0IrGqYyLsBSl/IUgZGGLFuTA9hrgrwP0Fw77Xux7PBC+xYez/xms4E+vrxkAWt2Q== X-Received: by 2002:a05:6e02:1a6c:b0:397:b45d:d009 with SMTP id e9e14a558f8ab-399403a8cd1mr12212675ab.16.1721479378373; Sat, 20 Jul 2024 05:42:58 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-70d0fe2e2b4sm796604b3a.10.2024.07.20.05.42.57 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 20 Jul 2024 05:42:58 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 5/6] python3-jinja2: Upgrade 3.1.3 -> 3.1.4 Date: Sat, 20 Jul 2024 05:42:46 -0700 Message-Id: <58ee84c274b0c93902aad5d4f434daec5da55134.1721479252.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 20 Jul 2024 12:43:04 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/202282 From: Vijay Anusuri Switch to use flit core since upstream changed. They also changed the capitalisation under pypi. The license didn't change but the file was renamed, probably as it wasn't rst. Signed-off-by: Richard Purdie (cherry picked from commit e352680528b18c3cdae26233bef7cddc2771d42d) Upgrade fixes CVE-2024-34064 Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../{python3-jinja2_3.1.3.bb => python3-jinja2_3.1.4.bb} | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) rename meta/recipes-devtools/python/{python3-jinja2_3.1.3.bb => python3-jinja2_3.1.4.bb} (82%) diff --git a/meta/recipes-devtools/python/python3-jinja2_3.1.3.bb b/meta/recipes-devtools/python/python3-jinja2_3.1.4.bb similarity index 82% rename from meta/recipes-devtools/python/python3-jinja2_3.1.3.bb rename to meta/recipes-devtools/python/python3-jinja2_3.1.4.bb index 068e21bf5f..3fe82d5e4e 100644 --- a/meta/recipes-devtools/python/python3-jinja2_3.1.3.bb +++ b/meta/recipes-devtools/python/python3-jinja2_3.1.4.bb @@ -2,17 +2,17 @@ DESCRIPTION = "Python Jinja2: A small but fast and easy to use stand-alone templ HOMEPAGE = "https://pypi.org/project/Jinja2/" LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://LICENSE.rst;md5=5dc88300786f1c214c1e9827a5229462" +LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=5dc88300786f1c214c1e9827a5229462" -SRC_URI[sha256sum] = "ac8bd6544d4bb2c9792bf3a159e80bba8fda7f07e81bc3aed565432d5925ba90" +SRC_URI[sha256sum] = "4a3aee7acbbe7303aede8e9648d13b8bf88a429282aa6122a993f0ac800cb369" -PYPI_PACKAGE = "Jinja2" +PYPI_PACKAGE = "jinja2" CVE_PRODUCT = "jinja2 jinja" CLEANBROKEN = "1" -inherit pypi setuptools3 +inherit pypi python_flit_core inherit ${@bb.utils.filter('DISTRO_FEATURES', 'ptest', d)} SRC_URI += " \ From patchwork Sat Jul 20 12:42:47 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 46679 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 48401C3DA70 for ; Sat, 20 Jul 2024 12:43:04 +0000 (UTC) Received: from mail-pf1-f179.google.com (mail-pf1-f179.google.com [209.85.210.179]) by mx.groups.io with SMTP id smtpd.web11.5281.1721479380550665312 for ; Sat, 20 Jul 2024 05:43:00 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=adAwsrEB; spf=softfail (domain: sakoman.com, ip: 209.85.210.179, mailfrom: steve@sakoman.com) Received: by mail-pf1-f179.google.com with SMTP id d2e1a72fcca58-70b1207bc22so1380908b3a.3 for ; Sat, 20 Jul 2024 05:43:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1721479380; x=1722084180; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=PLYd7z0p/HriHWy5VlmjoYu8eOV6WBKTRlB4Gumk6nc=; b=adAwsrEB0dDAXFiYM20UMrQfwfL4F2+cnwWVTSrRzDPqr7rM7lFrRV9mzLNIZtvuXw 2ya/UFal4Zsq1x9tHMtmwMODXSNzfFAJ4zhcpB2JfdJ4ypYlAGZFPs5GXNo2mSqPhY8q jD7Oj+w4db2n6LRqsc366pYgB8QiyimeHy7sTjiBhfPt93ynsolzx5HIwyG2qlAixfRH RoCplwwcEw0x61o2eSi+ouLFYcGHldrMR9w9m9cJc7SRtAK8mZK2Bc3TMTHpiHpzdCE5 3eKNnl3ZN1AxmZXKMAbnmS/z/SB7ZdlIMVkCLZN38gvoWHet2Ss77Ep7ykJnxz+XPKYN bLDQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721479380; x=1722084180; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=PLYd7z0p/HriHWy5VlmjoYu8eOV6WBKTRlB4Gumk6nc=; b=Ffd8vNWaUr0P1E82lW8fA0zxQTRcx7gnUC2ZW9nlL3y/xO8sSMk2PVuz+MWu/MbwIJ 2G8xMZlEzE5kdTxSH4U07yDscEwd3w92643casSez5HoB3dvvlCVnwhUMwjWK6NBQIDn V7uFpdwIuhcbk/PmFaQD4EUGMOPo0tzEJlangyRq6wGUTC202/5BA4UUtwXyU9X2us/I F2jWUJ3hD41BgbyUph+fyn8yuSsSZtvrvjRzYzNtSbnN1OqvydGH2o0CtczV3VPBEKMK +RxW4kaQpPi+4p+4A0nbTdRZVU8DFvA3AGYB0g3DK3Yx3fP2mci3rvTZsnzSOJvrHQ7Z RxTw== X-Gm-Message-State: AOJu0Yw82GMQ/7+GnApYtYjyCsfPBUKMquZnZDcfics2hHJKPhs6t8hX SoNA19m+iMmMKAaYiCEcuyCfRfPyRlvoPFlqAoZNRYu005zs3wFkFXyMFIAnImG6alGzaw3Bo/z MXjo= X-Google-Smtp-Source: AGHT+IHR9FG6hN0hMDE/NYt0OVykzlYlTlbSWfJ4b6c2pDP08tdb5t6prAZnvRiFp1HIi5kOhoeQOA== X-Received: by 2002:a05:6a00:1826:b0:702:24b3:d036 with SMTP id d2e1a72fcca58-70d086247ccmr3841790b3a.22.1721479379733; Sat, 20 Jul 2024 05:42:59 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-70d0fe2e2b4sm796604b3a.10.2024.07.20.05.42.59 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 20 Jul 2024 05:42:59 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 6/6] uboot-sign: Fix index error in concat_dtb_helper() with multiple configs Date: Sat, 20 Jul 2024 05:42:47 -0700 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 20 Jul 2024 12:43:04 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/202283 From: Florian Amstutz Commit 60774248a5570899a66f9f88e597cc4f723d6278 solves issues when i or j have been set in other shell functions. Since j is not unset after the inner loop, the image will only be copied for the first configuration. Unsetting i and j after the loops also prevents index issues in other functions. Signed-off-by: Florian Amstutz Signed-off-by: Steve Sakoman --- meta/classes/uboot-sign.bbclass | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/meta/classes/uboot-sign.bbclass b/meta/classes/uboot-sign.bbclass index 6bb4ddc600..f3bbd8980e 100644 --- a/meta/classes/uboot-sign.bbclass +++ b/meta/classes/uboot-sign.bbclass @@ -137,8 +137,7 @@ concat_dtb_helper() { if [ -n "${UBOOT_CONFIG}" ] then - i=0 - j=0 + unset i j for config in ${UBOOT_MACHINE}; do i=$(expr $i + 1); for type in ${UBOOT_CONFIG}; do @@ -146,9 +145,12 @@ concat_dtb_helper() { if [ $j -eq $i ] then cp ${UBOOT_IMAGE} ${B}/${CONFIG_B_PATH}/u-boot-$type.${UBOOT_SUFFIX} + break fi done + unset j done + unset i fi else bbwarn "Failure while adding public key to u-boot binary. Verified boot won't be available."