From patchwork Fri Aug 30 12:52:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 48520 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C6C70CA0FEC for ; Fri, 30 Aug 2024 12:52:58 +0000 (UTC) Received: from mail-pl1-f181.google.com (mail-pl1-f181.google.com [209.85.214.181]) by mx.groups.io with SMTP id smtpd.web11.13591.1725022373736436033 for ; Fri, 30 Aug 2024 05:52:53 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=TvIcWb3J; spf=softfail (domain: sakoman.com, ip: 209.85.214.181, mailfrom: steve@sakoman.com) Received: by mail-pl1-f181.google.com with SMTP id d9443c01a7336-20202df1c2fso19492185ad.1 for ; Fri, 30 Aug 2024 05:52:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1725022373; x=1725627173; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=tIOduqnwN0W1/0YnBLo7Vyd49+G8D/XFjE5izHwu9SE=; b=TvIcWb3JZXVha28Ejjuvy0eM8TNEmU+DVogdkp+XYcl4KLXbZ+0O+QKnY26cgWlPF/ lH0bFzEIxVViFIHNtPCKrZnFGxXeogbE35Bzi2PnhY37zxu7GGe0jYm9rx0+2YhhsSpI 4/DwRJSr6JRHKOpWYmW5q5wt15btByKteF4HPeCYWNHscl8W3v3eB7DBXO7D9U+7MVeI /pia3biGO0ld7CKIcQd9WlZcMMMnaLW9jkPDgvVZNr5pub9f8j1zpXk8PHk26sUktAo4 WujKtNH4PhdUbL/rsh9yWVNEgvICN/ryuzrjFuHK1BB4ZI9G8s2YkZA0MR4qQdqMHS3Q WTxA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725022373; x=1725627173; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=tIOduqnwN0W1/0YnBLo7Vyd49+G8D/XFjE5izHwu9SE=; b=vWsVu2BzHyy65KtIkJ8dLAeXjEd7POSTJ3h1Jiphdwc7xQFpBdkb4PqtiDQXyIQcsI Gl7bQlkErNge41fbj8XH3dkOPSoRIRYoSRmHzk0eh/dFPdyl/FrFWmVSH0KUG+U5JXb3 wFOMLE5px/5efgx7zFqEQLyae7ywjeMofpW0oueLWoeBrbO/VFKkldHgaVeRbxb2XEJy wOUbRQ/YsRpMU75qWlD7Q0adkccA76Oz64FJdR5uM7ZYtaic7PpUc5dtx8KoBU+GBuzG Y7cEX6LC5NgSyIF1Et2EfkE4ODoB9SB+Qq4CzColonOL+i8wPqDynI5mubx29eObkVl2 5wRw== X-Gm-Message-State: AOJu0YxQOyawNa7nVUlkZxChaagsJA05FusAadcQydTzYWVhxmKo1g9I +rM2y5zaUwTR+EX6ycnK2J1N9dG51WvOHprG4ia1/vNBvHxrSwCsC1v/D8Fo7K+JH+UjoUQRxZq Bh1M= X-Google-Smtp-Source: AGHT+IEOZxxDc8qI0/X+cyzqCqGBETZac5L4ootyC5hZLtPcQrkD2OicARRzE7gIuY5HKqsXNjPx+Q== X-Received: by 2002:a17:902:e847:b0:1fb:a38b:c5b7 with SMTP id d9443c01a7336-205276c71aamr40359945ad.1.1725022372947; Fri, 30 Aug 2024 05:52:52 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2051554235bsm26295975ad.214.2024.08.30.05.52.52 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 30 Aug 2024 05:52:52 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 1/7] libyaml: Ignore CVE-2024-35325 Date: Fri, 30 Aug 2024 05:52:41 -0700 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 30 Aug 2024 12:52:58 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/203960 From: Peter Marko This is similar CVE as the previous ones from the same author. https://github.com/yaml/libyaml/issues/303 explain why this is misuse (or wrong use) of libyaml. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- meta/recipes-support/libyaml/libyaml_0.2.5.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/recipes-support/libyaml/libyaml_0.2.5.bb b/meta/recipes-support/libyaml/libyaml_0.2.5.bb index e30dc5a43f..514c60779c 100644 --- a/meta/recipes-support/libyaml/libyaml_0.2.5.bb +++ b/meta/recipes-support/libyaml/libyaml_0.2.5.bb @@ -20,5 +20,7 @@ DISABLE_STATIC:class-native = "" # upstream-wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302 CVE_CHECK_IGNORE += "CVE-2024-35326 CVE-2024-35328" +# upstream-wontfix: Upstream thinks this is a misuse (or wrong use) of the libyaml API - https://github.com/yaml/libyaml/issues/303 +CVE_CHECK_IGNORE += "CVE-2024-35325" BBCLASSEXTEND = "native nativesdk" From patchwork Fri Aug 30 12:52:42 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 48519 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C5CADCA0FEB for ; Fri, 30 Aug 2024 12:52:58 +0000 (UTC) Received: from mail-pl1-f175.google.com (mail-pl1-f175.google.com [209.85.214.175]) by mx.groups.io with SMTP id smtpd.web11.13592.1725022375490668406 for ; Fri, 30 Aug 2024 05:52:55 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=E//i+6kX; spf=softfail (domain: sakoman.com, ip: 209.85.214.175, mailfrom: steve@sakoman.com) Received: by mail-pl1-f175.google.com with SMTP id d9443c01a7336-2020e83eca1so18839595ad.2 for ; Fri, 30 Aug 2024 05:52:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1725022375; x=1725627175; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=g+Gf8PY6/D0Jddr7kL6vAiXbO4lJfXh8K4Ew4sY/Ipw=; b=E//i+6kXeKJ49ZT/xk5EPQwJZiYv6mjF4qMWhK8LFINi4baD4GMGh7BWo/FfZbwzfU uGy5PH9eRsmJI5LzLs+w3N4HGgaV1AN1VENiyjQECoEaRnROR3fbev31WvRQIo6aMh27 Ut/M8Vb4lf6xWrjV7NJFvGBd/iR9ZCXmX2d97mkDjv0eGtEYOnxphhcAhBOZmd+pXlmw dzY02sYS6XazW6MXBbaTn9a1AFznrLcPbipWuKzXZDVySZWHklsLTjMVhF7kbjCmdMaP 7+5vnQo/mbqRQ+zKyLgCVEEs3OglWAOQkCt1NIPnoICEnFEM8C9rLU5xZP0SUEnkFwfh 6GJw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725022375; x=1725627175; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=g+Gf8PY6/D0Jddr7kL6vAiXbO4lJfXh8K4Ew4sY/Ipw=; b=ZWpFSm25Or9XKeUM8xxUP3Q776K3LTH/0/vF6Flje3+UE+i11q9DSvPRz5dvXgAsEG +8Htkw2XD0hisDtwuWaiqTilB3JTUj20+Xcqywykh1IeENLcyugtjbg2FzJd4j0SY9jY O2/THx2yRrAtcMlaukiL2Q1Ma86jl++2meYFgwWp7QIV8mfl+MWWyuWwJQ+U3pugNhb8 s6nlACdS8Qp3EpGnbmeE6tzUbtbMCk8xRtfmLu2r16eS1Ng3UpH6qJxRjq/3D3H+lGmT 8f6A6UCot5VVhtig6btaE/82UgK2haw0LlDdzRkj85ymKiFQfoJCn/ZVXLnIblvvPkYc H6Lw== X-Gm-Message-State: AOJu0YyuFcswb+QXVWxC73UWriWl61iNOTSR7biLLRMdYI7v8+YUcuAR thJWLKL4+P8ldAtRGTnaSngjv/eKgzZpR/GIHe6c8AtgxWN5FJQEOTgm8kqUgP1485TtjvkuuXY mEZM= X-Google-Smtp-Source: AGHT+IFugrYGkWrsBY9ruHKaUFPkbFF5e5ta0Da+vbJPgsxae6v/xLzBh+YiGKgJChSffPSyYgbSjQ== X-Received: by 2002:a17:903:28f:b0:205:3e6d:9949 with SMTP id d9443c01a7336-2053e6da7f2mr2685755ad.52.1725022374739; Fri, 30 Aug 2024 05:52:54 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2051554235bsm26295975ad.214.2024.08.30.05.52.54 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 30 Aug 2024 05:52:54 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 2/7] curl: Ignore CVE-2024-32928 Date: Fri, 30 Aug 2024 05:52:42 -0700 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 30 Aug 2024 12:52:58 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/203961 From: Peter Marko This CVE affects google cloud services that utilize libcurl wrongly. (From OE-Core rev: 27ac7879711e7119b4ec8b190b0a9da5b3ede269) Changed CVE ignore syntax Signed-off-by: Simone Weiß Signed-off-by: Richard Purdie Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- meta/recipes-support/curl/curl_7.82.0.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/recipes-support/curl/curl_7.82.0.bb b/meta/recipes-support/curl/curl_7.82.0.bb index 81a653b583..308b508072 100644 --- a/meta/recipes-support/curl/curl_7.82.0.bb +++ b/meta/recipes-support/curl/curl_7.82.0.bb @@ -68,6 +68,8 @@ CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl dan # This CVE reports that apple had to upgrade curl because of other already reported CVEs CVE_CHECK_IGNORE += "CVE-2023-42915" +# ignored: CURLOPT_SSL_VERIFYPEER was disabled on google cloud services causing a potential man in the middle attack +CVE_CHECK_IGNORE += "CVE-2024-32928" inherit autotools pkgconfig binconfig multilib_header From patchwork Fri Aug 30 12:52:43 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 48521 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id D70C8CA0FF0 for ; Fri, 30 Aug 2024 12:52:58 +0000 (UTC) Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169]) by mx.groups.io with SMTP id smtpd.web11.13594.1725022376980166130 for ; Fri, 30 Aug 2024 05:52:57 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=I5Col88J; spf=softfail (domain: sakoman.com, ip: 209.85.214.169, mailfrom: steve@sakoman.com) Received: by mail-pl1-f169.google.com with SMTP id d9443c01a7336-204eebfaebdso15334055ad.1 for ; Fri, 30 Aug 2024 05:52:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1725022376; x=1725627176; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=DNVtFSQeUbWG7PLVdaabIT7ODLNbbkSPTIuWn2jHpio=; b=I5Col88JYKVilOVJjyWOGDPr2M+xrUpAf/77D6r9VjCHNP5boeIup+ZcumUcDyhBS8 WUhY8PwUK4H/S/fYycULE+6jAZGGdmV/0pW7HhQVmkQucPrEd8Q2BQOUcRjvI7cWY2oK ad4lZ/Pc59BNVb217VkvD4acLrgSsEpzp6q10GXsabfqdt7uo6T4CPCAhnd1oV7haNPz U6jDLpflV3gVamW4esUZODwJZncKuC+aN0gKtcIOPrG5z5M8hcZMviWG/AvmZdKt3tRM UOSOxcCE3KsGnS6ZgcGrYYqz95q0XV9szeO3BPCn6TbSOt2cLNa/X4se8JtrhdPcMtBx qrXw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725022376; x=1725627176; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=DNVtFSQeUbWG7PLVdaabIT7ODLNbbkSPTIuWn2jHpio=; b=cnknuQmzfsKsxIrxu9TLKWy7fhbJCEA6DuxdV4MZzcjSuFeNeyKbkdcVXTVpNbd2ku xHrigqom6FaUAQGgy3pyvsQi1AEZ2hXXrbVbfjf3Gq1YAjn/vAnV22Blm8JEU2SzG/yk oFy90N49K5mRhhEC05cfiyQIMFgVefLyQ0+Rj+2946cPKFcqHwvdRJMbyJMbbmM2MB9A kA38qmAssU6Z+u2ubNKex5Ce4AmCeIYYBze1xmtjdoswSrLm2Ok+r92bj7EEbOfQkhYg Zy9zsu1vo25rRnGVkl0qngSPhzmedvxI5tPjG9qzP6TbvhZrCnhYaDilhqydTlbzgdft Y3BQ== X-Gm-Message-State: AOJu0YwrngAPXRfvVXJ0xx8MUjfOXuYZZs5GxLJsl6DgB1SIvC6y9JL0 2SXzfmG4cBhysVXsjCzGfvICEi3W7o4CwLOAN6WkHvrahPQ2VoHOjyGi9LYgjiK2G0Omf/F6yP6 j6wU= X-Google-Smtp-Source: AGHT+IFKO6h6COP/gvcHJdejnJCJN+OpM5yAh7CnuFhnFECUyOjKAj27HVQ+ioG28WfjawcMJPfEpQ== X-Received: by 2002:a17:902:e849:b0:1fb:93e6:94a3 with SMTP id d9443c01a7336-2050c23dd69mr68206835ad.18.1725022376186; Fri, 30 Aug 2024 05:52:56 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2051554235bsm26295975ad.214.2024.08.30.05.52.55 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 30 Aug 2024 05:52:55 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 3/7] vim: upgrade from 9.0.2190 -> 9.1.0114 Date: Fri, 30 Aug 2024 05:52:43 -0700 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 30 Aug 2024 12:52:58 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/203962 From: Hitendra Prajapati https://www.vim.org/vim-9.1-released.php Vim 9.1 is available The Vim project is happy to announce that Vim 9.1 has finally been released. This release is dedicated to Bram Moolenaar, Vim's lead developer for more than 30 years, who passed away half a year ago. The Vim project wouldn't exist without his work! Vim 9.1 is mainly a bug fix release, it contains hundreds of bug fixes, a few new features and there are many minor improvements. Changes: https://github.com/vim/vim/compare/v9.0.2190...v9.1.0114 CVE: CVE-2024-22667 (includes commit https://github.com/vim/vim/commit/b39b240c386a5a29241415541f1c99e2e6b8ce47) Signed-off-by: Hitendra Prajapati Signed-off-by: Steve Sakoman --- meta/recipes-support/vim/{vim-tiny_9.0.bb => vim-tiny_9.1.bb} | 0 meta/recipes-support/vim/vim.inc | 4 ++-- meta/recipes-support/vim/{vim_9.0.bb => vim_9.1.bb} | 0 3 files changed, 2 insertions(+), 2 deletions(-) rename meta/recipes-support/vim/{vim-tiny_9.0.bb => vim-tiny_9.1.bb} (100%) rename meta/recipes-support/vim/{vim_9.0.bb => vim_9.1.bb} (100%) diff --git a/meta/recipes-support/vim/vim-tiny_9.0.bb b/meta/recipes-support/vim/vim-tiny_9.1.bb similarity index 100% rename from meta/recipes-support/vim/vim-tiny_9.0.bb rename to meta/recipes-support/vim/vim-tiny_9.1.bb diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc index 906aa53a16..071deed338 100644 --- a/meta/recipes-support/vim/vim.inc +++ b/meta/recipes-support/vim/vim.inc @@ -19,8 +19,8 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \ file://no-path-adjust.patch \ " -PV .= ".2190" -SRCREV = "6a950da86d7a6eb09d5ebeab17657986420d07ac" +PV .= ".0114" +SRCREV = "fcaed6a70faf73bff3e5405ada556d726024f866" # Do not consider .z in x.y.z, as that is updated with every commit UPSTREAM_CHECK_GITTAGREGEX = "(?P\d+\.\d+)\.0" diff --git a/meta/recipes-support/vim/vim_9.0.bb b/meta/recipes-support/vim/vim_9.1.bb similarity index 100% rename from meta/recipes-support/vim/vim_9.0.bb rename to meta/recipes-support/vim/vim_9.1.bb From patchwork Fri Aug 30 12:52:44 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 48522 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id D7073CA0FEF for ; Fri, 30 Aug 2024 12:52:58 +0000 (UTC) Received: from mail-pl1-f174.google.com (mail-pl1-f174.google.com [209.85.214.174]) by mx.groups.io with SMTP id smtpd.web10.13717.1725022378531558107 for ; Fri, 30 Aug 2024 05:52:58 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=k6AJd2xp; spf=softfail (domain: sakoman.com, ip: 209.85.214.174, mailfrom: steve@sakoman.com) Received: by mail-pl1-f174.google.com with SMTP id d9443c01a7336-201ed196debso15262195ad.1 for ; Fri, 30 Aug 2024 05:52:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1725022378; x=1725627178; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=jMKwOohO6ASflnu7jpAfzBqn6uUEJaH5jjxVRkBjIA4=; b=k6AJd2xplknvXRI7HdqZ1jPsDaiJxwnSiy7nPAeEU+W7xVKDcFjimEEobnQY4JQqIl 7Qcb6WtFuBSZIPOAJJxPJjlzsViI6hRLrtO4aDLhvw63Gd4owsqafDIhe5CNkiEll4pG TDaef3O6zDHsuMAJxvaBbFfLeiJuVGLmVOxcUNeDM2iVMBmcu8+lkun5xhBqg6JmfduA EX4zLVRTecjR0+RYSBDOdwrRXIIKlhpr4gn9UzHcU1LwZEsCqWJyNv/Zt9EgBq9yo3WU SaTeeiYWFwcCSuffPEaNeOZ8GHRNp9AW69ucwgGPopzYK6XM8FKpbM6Yz63k7Ij4PIAJ xc/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725022378; x=1725627178; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=jMKwOohO6ASflnu7jpAfzBqn6uUEJaH5jjxVRkBjIA4=; b=k8BzTkezur+Ev/j0Oz70KQnOr8SJTA6dJ4kGMa//EYEnqem6Dn/HVjg+6wTZqPdQwM Rt5+Enpe8RoGXFDIC0EmlytvpD5cQS6V2dsIRWmuudHm9ojSnTq/BY2cmQQNSmUQ1Cft DnKpK4P8+49KRxdWYrgd/yEFBEnk0utjYaWQZcRkvsGsANpQnHWSL9NCjsaIMnWiX3Jd tOPQgQ4dqclFMNTy770MmdMzn87x+EHdwmN8SMhwBepfZOtqx08rYrC2D3rddCQ9nQWX mBZpw+M9rUOwNUBm10hGpGOA7I3HbF5iIfCG6Aklj2wqwC1d7eW3bMyU7ZIfEjlnG3Ip 4Jdg== X-Gm-Message-State: AOJu0YzDgkKttGYvmomkpA2+UKfZDU8fhQogql8B7iFjW27hXdQv3hp4 Mj6w8m8ojenwbXAOtCuAmIVBI+JAWAX1VgxIbWIMLo0N6iDoecwt2rJIaUA5bGhPo1Su1JY1xSU eq0k= X-Google-Smtp-Source: AGHT+IGAjl9rwnUIEJ6u5VK5ndRgSOPzy6UZMA9ooQ7O6B3bWTYMJZherPyKUI5LLknuDSPHuo91+A== X-Received: by 2002:a17:902:ec86:b0:205:3450:cdb4 with SMTP id d9443c01a7336-2053450d102mr8198375ad.4.1725022377647; Fri, 30 Aug 2024 05:52:57 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2051554235bsm26295975ad.214.2024.08.30.05.52.57 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 30 Aug 2024 05:52:57 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 4/7] vim: Upgrade 9.1.0114 -> 9.1.0682 Date: Fri, 30 Aug 2024 05:52:44 -0700 Message-Id: <3312a57ce631ea6235055b3d4b4ac31d06c8a2ae.1725022186.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 30 Aug 2024 12:52:58 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/203963 From: Siddharth Doshi This includes CVE-fix for CVE-2024-41957, CVE-2024-41965 and CVE-2024-43374 Changes between 9.1.0114 -> 9.1.0682 ==================================== https://github.com/vim/vim/compare/v9.1.0114...v9.1.0682 Note: ==== Removed patch "vim-add-knob-whether-elf.h-are-checked.patch" as libelf checks are removed from configure.ac as per commit https://github.com/vim/vim/commit/1acc67ac4412aa9a75d1c58ebf93f2b29585a960 Signed-off-by: Siddharth Doshi Signed-off-by: Richard Purdie (cherry picked from commit 6d2938e53cad5d9bf2e78a5403e9f9fab1db77b4) Signed-off-by: Steve Sakoman --- ...m-add-knob-whether-elf.h-are-checked.patch | 39 ------------------- meta/recipes-support/vim/vim.inc | 5 +-- 2 files changed, 2 insertions(+), 42 deletions(-) delete mode 100644 meta/recipes-support/vim/files/vim-add-knob-whether-elf.h-are-checked.patch diff --git a/meta/recipes-support/vim/files/vim-add-knob-whether-elf.h-are-checked.patch b/meta/recipes-support/vim/files/vim-add-knob-whether-elf.h-are-checked.patch deleted file mode 100644 index 5284ba45b6..0000000000 --- a/meta/recipes-support/vim/files/vim-add-knob-whether-elf.h-are-checked.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 38de4bccdb8a861ffdd447f12fdab19d6d852c02 Mon Sep 17 00:00:00 2001 -From: Chong Lu -Date: Tue, 26 Jun 2018 17:34:15 +0800 -Subject: [PATCH] vim: add knob whether elf.h are checked - -Previously, it still was checked when there was no elf library in sysroots directory. -Add knob to decide whether elf.h are checked or not. - -Upstream-Status: Pending - -Signed-off-by: Chong Lu -Signed-off-by: Changqing Li ---- - src/configure.ac | 7 +++++++ - 1 file changed, 7 insertions(+) - -Index: git/src/configure.ac -=================================================================== ---- git.orig/src/configure.ac -+++ git/src/configure.ac -@@ -3264,11 +3264,18 @@ AC_TRY_COMPILE([#include ], [in - AC_MSG_RESULT(no)) - - dnl Checks for header files. -+AC_MSG_CHECKING(whether or not to look for elf.h) -+AC_ARG_ENABLE(elf-check, -+ [ --enable-elf-check If elfutils, check for elf.h [default=no]], -+ , enable_elf_check="no") -+AC_MSG_RESULT($enable_elf_check) -+if test "x$enable_elf_check" != "xno"; then - AC_CHECK_HEADER(elf.h, HAS_ELF=1) - dnl AC_CHECK_HEADER(dwarf.h, SVR4=1) - if test "$HAS_ELF" = 1; then - AC_CHECK_LIB(elf, main) - fi -+fi - - AC_HEADER_DIRENT - diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc index 071deed338..f8ba37156a 100644 --- a/meta/recipes-support/vim/vim.inc +++ b/meta/recipes-support/vim/vim.inc @@ -14,13 +14,12 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=d1a651ab770b45d41c0f8cb5a8ca930e" SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \ file://disable_acl_header_check.patch \ - file://vim-add-knob-whether-elf.h-are-checked.patch \ file://0001-src-Makefile-improve-reproducibility.patch \ file://no-path-adjust.patch \ " -PV .= ".0114" -SRCREV = "fcaed6a70faf73bff3e5405ada556d726024f866" +PV .= ".0682" +SRCREV = "cb90ea9cba6f033fe141db0e466fb4117f28402b" # Do not consider .z in x.y.z, as that is updated with every commit UPSTREAM_CHECK_GITTAGREGEX = "(?P\d+\.\d+)\.0" From patchwork Fri Aug 30 12:52:45 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 48523 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id DABF1CA0FEB for ; Fri, 30 Aug 2024 12:53:08 +0000 (UTC) Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com [209.85.214.170]) by mx.groups.io with SMTP id smtpd.web11.13595.1725022379725805438 for ; Fri, 30 Aug 2024 05:52:59 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=On1LKeUy; spf=softfail (domain: sakoman.com, ip: 209.85.214.170, mailfrom: steve@sakoman.com) Received: by mail-pl1-f170.google.com with SMTP id d9443c01a7336-201f2b7fe0dso15163035ad.1 for ; Fri, 30 Aug 2024 05:52:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1725022379; x=1725627179; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ne/Yf2oofs1SePTeshBCHmp7Un+3gaTFX5nx51f+/6o=; b=On1LKeUy/mi458V2k33sNu4bwq/y8miQ0+AQEkobPZukzGtJQuHPmYjWvVtNYwAF5q R87ikUtkqT3Z5rZCW43mk/2NEsyHe5a6CjGw5e+RtzabQKlJp6X+Z6rbUOU5+YmSfqu+ qIOpFVtPXZV5XYTFfGXMIe07M6WBaKmF2PP4GHH87n1dPzXFRwQn9bJbMz70NE18QdGn Jy+JC/Ti06wAef8XfIneaS6/FykPWYiO0+YvStGXcM1AtsUjvH8jzMAQQtiuGaGmv5rt qhDe0Z3uh64TI+si+TpIB6VKEEjdRE/FcJ0K+f5dd3eN4XnlOoAM5HnPqg7enQCyWtV+ nfyA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725022379; x=1725627179; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ne/Yf2oofs1SePTeshBCHmp7Un+3gaTFX5nx51f+/6o=; b=p9KmoOuLcSLzXQqkVyhMLCGRa38oGOj74J5i61JanfCgrY3OY/XIzA6/WtYI3gE5JP 6bvE2i455eMgwCKWSRy8jlvVltj3GY4Llvf1t3lsULbSGLjQwBFQY75dB/kotFC4CTaU MJyzthz64mo/Z1a8hbIeguEHjTcg96spDdO9rEO4jMIoLjqXBaRFJvSugJKfeXResJfY +QGW6QYeXhi7Tu1EgJqNIJAQ0NAM67nL3RrB1/JPo/cDUZON4OgvUBrE1LmRF+7CR3Cr 75bsDnPo8yCKhi6qEr2Qhy4uMhMzL1zjhGrUhNXU+CI6+bye7/M3NFbTn9Xwp/xbd8iZ v58g== X-Gm-Message-State: AOJu0Yw4I00BxY/wU5DJynwg5CoL3v5/5zpc3HVj64ASRDNesuFo4Ze6 H9psbecE3i9ijwbcv41CSNt+D16c6y78M1oRelncIM1NimbnDTMPUm9qKmr8h7+6axlJuhV4qwh V1y4= X-Google-Smtp-Source: AGHT+IHxuqija9TmDup5T2oKi/kQQ7D3eJ2vG1oo31f/n1c/BlRmtMB+p6ugGqIMfhSVWoRUcsdy1A== X-Received: by 2002:a17:902:dac5:b0:203:95eb:380 with SMTP id d9443c01a7336-2050c5255d5mr68188395ad.64.1725022378984; Fri, 30 Aug 2024 05:52:58 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2051554235bsm26295975ad.214.2024.08.30.05.52.58 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 30 Aug 2024 05:52:58 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 5/7] bind: Upgrade 9.18.24 -> 9.18.28 Date: Fri, 30 Aug 2024 05:52:45 -0700 Message-Id: <1f065d8358ab0fb6c08b2aad2145786c31294721.1725022186.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 30 Aug 2024 12:53:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/203964 From: Divya Chellam Includes security fixes for CVE-2024-4076, CVE-2024-1737, CVE-2024-0760, CVE-2024-1975 and other bug fixes Release Notes: https://downloads.isc.org/isc/bind9/9.18.28/doc/arm/html/notes.html#notes-for-bind-9-18-28 https://downloads.isc.org/isc/bind9/9.18.28/doc/arm/html/notes.html#notes-for-bind-9-18-27 https://downloads.isc.org/isc/bind9/9.18.28/doc/arm/html/notes.html#notes-for-bind-9-18-26 https://downloads.isc.org/isc/bind9/9.18.28/doc/arm/html/notes.html#notes-for-bind-9-18-25 Signed-off-by: Divya Chellam Signed-off-by: Steve Sakoman --- .../bind/{bind_9.18.24.bb => bind_9.18.28.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-connectivity/bind/{bind_9.18.24.bb => bind_9.18.28.bb} (97%) diff --git a/meta/recipes-connectivity/bind/bind_9.18.24.bb b/meta/recipes-connectivity/bind/bind_9.18.28.bb similarity index 97% rename from meta/recipes-connectivity/bind/bind_9.18.24.bb rename to meta/recipes-connectivity/bind/bind_9.18.28.bb index fbbebe89ad..67628a8650 100644 --- a/meta/recipes-connectivity/bind/bind_9.18.24.bb +++ b/meta/recipes-connectivity/bind/bind_9.18.28.bb @@ -20,7 +20,7 @@ SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \ file://0001-avoid-start-failure-with-bind-user.patch \ " -SRC_URI[sha256sum] = "709d73023c9115ddad3bab65b6c8c79a590196d0d114f5d0ca2533dbd52ddf66" +SRC_URI[sha256sum] = "e7cce9a165f7b619eefc4832f0a8dc16b005d29e3890aed6008c506ea286a5e7" UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/" # follow the ESV versions divisible by 2 From patchwork Fri Aug 30 12:52:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 48524 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id DAC3DCA0FEF for ; Fri, 30 Aug 2024 12:53:08 +0000 (UTC) Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com [209.85.214.170]) by mx.groups.io with SMTP id smtpd.web10.13718.1725022381169792945 for ; Fri, 30 Aug 2024 05:53:01 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=ai28MVf7; spf=softfail (domain: sakoman.com, ip: 209.85.214.170, mailfrom: steve@sakoman.com) Received: by mail-pl1-f170.google.com with SMTP id d9443c01a7336-2053525bd90so2550785ad.0 for ; Fri, 30 Aug 2024 05:53:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1725022380; x=1725627180; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=PHSdxx6oJhkWKhfY645+SRz0uqxSVvekkYqdP1fDNOw=; b=ai28MVf7nJgQUUvqH6OmfOozz//InzrpFQ3zKsdTGEAyIlnpv9JpjOx/+1A1Q8QBgZ d9Ubx+Ad5X8ICHwmMYX3VyFy6cqwmiqJVWmsQaEAEETv1gIXTHC391k7idGFtamR1qYm swVL34LErC9fRe9OkFHwjAmfqi+hhAcpXij0iE+rbxV4XPyuXii7dtnlXD//ZTuKvSmY 0a2hOpec3SKvt5uyhEYkdQLdjMQ4GSnOlMNUs7qyNuVCaLscxu61q/B+Xa0OE2dBVnFI j/P9Gu1wIBZNArLXSazLqM4x3pDV5LE/L/H95uve6khWa9q+/rZgJAJ/vKmmxZueSxzI gPLg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725022380; x=1725627180; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=PHSdxx6oJhkWKhfY645+SRz0uqxSVvekkYqdP1fDNOw=; b=SDkFXF8u9ThFwHrLZ70jtp4mVDokclN+CMkJt29CySx+9qHggohgjdIPPsZZiIHzpS MfEgFa6Tq37sfmxuT43RUQTjew7xpNvYyQtKrvC02QmjmC40px6M3pDRQTNWaMC4e5se WbpK4bnmY3lS36d44admpWXfXEE53SQViN4j9NWFO7J594FoCLqCVcOGHvkC5ociModi DlcBq0RYwA5OhE/oxMs/i+fjGazc5hYNWzrWb+ucVRzUrkijYpwV6GaOYti39+yDFpn7 1dZxAXOCraHXs7wyxAYZnuSPuR9DIHqrgVfs9spwfNZWf6di+62ksy6ursEmHlcFeFL9 edHQ== X-Gm-Message-State: AOJu0YyjtnAr2wtBJXfp5QVR8TYvtcqT7Rtslr6Hf63OUOcs0CJWBhkO WGxRJiB30o6mt/7b9i3aCBMQVPJyy2FrXbN7yjOq5gnVF+vqyirRyUlslCUDANsctvH11y2cqpj G3aA= X-Google-Smtp-Source: AGHT+IGTYm+AkutdSHggE6wutHIuXjFVypN4RS3R798qZ/1Y65GyOXveIFN2w/nHhl/+GXMviSDtSA== X-Received: by 2002:a17:902:ea0d:b0:202:3432:233d with SMTP id d9443c01a7336-2050c3b79b9mr70150065ad.14.1725022380352; Fri, 30 Aug 2024 05:53:00 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2051554235bsm26295975ad.214.2024.08.30.05.52.59 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 30 Aug 2024 05:53:00 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 6/7] cryptodev-module: Fix build for linux 5.10.220 Date: Fri, 30 Aug 2024 05:52:46 -0700 Message-Id: <047ee2fe7bc9920038213d014a920518a264ef17.1725022186.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 30 Aug 2024 12:53:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/203965 From: Hugo SIMELIERE Upstream-Status: Backport [https://github.com/cryptodev-linux/cryptodev-linux/commit/157a624d7a892ea5fb2df4bbd4e71c008adbecb7] Signed-off-by: Hugo SIMELIERE Signed-off-by: Steve Sakoman --- .../cryptodev/cryptodev-module_1.12.bb | 1 + .../0001-Fix-build-for-linux-5.10.220.patch | 32 +++++++++++++++++++ 2 files changed, 33 insertions(+) create mode 100644 meta/recipes-kernel/cryptodev/files/0001-Fix-build-for-linux-5.10.220.patch diff --git a/meta/recipes-kernel/cryptodev/cryptodev-module_1.12.bb b/meta/recipes-kernel/cryptodev/cryptodev-module_1.12.bb index 5192cf03ed..71d7b0ede3 100644 --- a/meta/recipes-kernel/cryptodev/cryptodev-module_1.12.bb +++ b/meta/recipes-kernel/cryptodev/cryptodev-module_1.12.bb @@ -8,6 +8,7 @@ inherit module DEPENDS += "cryptodev-linux" SRC_URI += "file://0001-Disable-installing-header-file-provided-by-another-p.patch \ + file://0001-Fix-build-for-linux-5.10.220.patch \ " EXTRA_OEMAKE='KERNEL_DIR="${STAGING_KERNEL_DIR}" PREFIX="${D}"' diff --git a/meta/recipes-kernel/cryptodev/files/0001-Fix-build-for-linux-5.10.220.patch b/meta/recipes-kernel/cryptodev/files/0001-Fix-build-for-linux-5.10.220.patch new file mode 100644 index 0000000000..ebc4058814 --- /dev/null +++ b/meta/recipes-kernel/cryptodev/files/0001-Fix-build-for-linux-5.10.220.patch @@ -0,0 +1,32 @@ +From 47f9d88ca5107d1814ecfc7faf6d02d1140978a8 Mon Sep 17 00:00:00 2001 +From: Alexandre Bard +Date: Wed, 3 Jul 2024 15:01:22 +0200 +Subject: [PATCH] Fix build for linux 5.10.220 + +The commit previously integrated is 5.11 has now been backported to +5.10.y branch. + +https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.10.y&id=1aecdaa7e2c6619a7d2c0a81c8f5c06e52f870f3 + +Upstream-Status: Backport [https://github.com/cryptodev-linux/cryptodev-linux/commit/157a624d7a892ea5fb2df4bbd4e71c008adbecb7] +Signed-off-by: Hugo SIMELIERE +--- + ioctl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ioctl.c b/ioctl.c +index 95481d4..11fa27a 100644 +--- a/ioctl.c ++++ b/ioctl.c +@@ -871,7 +871,7 @@ cryptodev_ioctl(struct file *filp, unsigned int cmd, unsigned long arg_) + if (unlikely(ret)) { + #if (LINUX_VERSION_CODE < KERNEL_VERSION(4, 17, 0)) + sys_close(fd); +-#elif (LINUX_VERSION_CODE < KERNEL_VERSION(5, 11, 0)) ++#elif (LINUX_VERSION_CODE < KERNEL_VERSION(5, 10, 220)) + ksys_close(fd); + #else + close_fd(fd); +-- +2.46.0 + From patchwork Fri Aug 30 12:52:47 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 48525 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id E9D8DCA0FED for ; Fri, 30 Aug 2024 12:53:08 +0000 (UTC) Received: from mail-pl1-f181.google.com (mail-pl1-f181.google.com [209.85.214.181]) by mx.groups.io with SMTP id smtpd.web11.13601.1725022383048998836 for ; Fri, 30 Aug 2024 05:53:03 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=aMT7Dm2u; spf=softfail (domain: sakoman.com, ip: 209.85.214.181, mailfrom: steve@sakoman.com) Received: by mail-pl1-f181.google.com with SMTP id d9443c01a7336-2020e83eca1so18841045ad.2 for ; Fri, 30 Aug 2024 05:53:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1725022382; x=1725627182; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=soCcW28YUiE/QVJO7BDuT9LU6LUrdrCGiJn7LKru3rA=; b=aMT7Dm2u3b/Ka+9WZV372zIPxnqJZHljMquYAOWeCQxZjVgCkgniyDxd6aw5McTB7q O3eCpR1z+d2EIuKZg+IMH0MlqP2D81ozy3RcbbTzzh0K1K+4rSitWGsjE1iFRR8xmqMb TDLqx6/L5Bk7vbNBgsIxUL4MkRgQczaY3Zphek0ghCHxUStnK6PIwz6Yb7eyPu+kJxuv iGoMnYVI6dZf7t3vzJznTwFMIYun0Y05dEGEiCg2KVZsxBj5Iw5jQjhEYJCwwo0kbMgC VLrzSYS60+NbzBN/zrAIfzg9uISMPKVeLHM8lEyBwj8KE4ezlHRCsBtgzmeXPIBKacEw TGnQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725022382; x=1725627182; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=soCcW28YUiE/QVJO7BDuT9LU6LUrdrCGiJn7LKru3rA=; b=Ebk/jeHmUjmfXGGYtWcPF3RB/rb9MIj21M1N5f2kwysR/o8u8uCEullansmoanamqj LI8eRH27gtJOi4VEAEACbQkNLzgbpDtv+aODL2TgK5Lg+SXm5WDIfuiA3lmrNAF632Mg u0VIrAifx4FyCENMw6TseN7ysjTPpdhAZ8Ce24myed5vgFaeaLPBv1YLDUuVv3n/eseR jwrs7MKf9qcJ3arhKQFLpM6Jq5ovgqp6y9l/LL3w+uiEt6HjH3e9M+OQjvnrMje6B5Gy /pSt5LuZwOsAOcWOsqFd4UmzmlAtyaSbql4bCz6RxCwaI2uJt6nHxB8EBLE8oQv16b1w 9a9w== X-Gm-Message-State: AOJu0YzLddoFgj44uZFGkcpJ/kn2DnaD9urXEOUMaKAAS6t+zDtFch1W YtMHpOy91FW/gKoEakXV7X5BkbRFzDczaOcweA+g9uuq02rlC0YOAHbp6vxnitanIjYow5gb4ju e+JA= X-Google-Smtp-Source: AGHT+IGT8ae95LZkUVOmst3w/S37H9k/LYm1mwkbX5neQs3nmBifnmSH6p5fBf3Nt1PR0s+yb46XaA== X-Received: by 2002:a17:903:35ce:b0:203:a196:3bf5 with SMTP id d9443c01a7336-2050c215850mr67749555ad.4.1725022382186; Fri, 30 Aug 2024 05:53:02 -0700 (PDT) Received: from hexa.. ([98.142.47.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2051554235bsm26295975ad.214.2024.08.30.05.53.01 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 30 Aug 2024 05:53:01 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 7/7] grub: fs/fat: Don't error when mtime is 0 Date: Fri, 30 Aug 2024 05:52:47 -0700 Message-Id: <6992437d725f9cc88da4261814b69aaadc5ef0f2.1725022186.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 30 Aug 2024 12:53:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/203966 From: Ming Liu A issue was found when I run "runqemu genericx86-64 ovmf", grub failed to boot, it's a known issue has been fixed in grub upstream, backport the fix. Signed-off-by: Ming Liu Signed-off-by: Richard Purdie (cherry picked from commit 51eab4bb0cae46c9c32d28986eb97badf47594b7) Signed-off-by: Chaitanya Vadrevu Signed-off-by: Steve Sakoman --- ...1-fs-fat-Don-t-error-when-mtime-is-0.patch | 70 +++++++++++++++++++ meta/recipes-bsp/grub/grub2.inc | 1 + 2 files changed, 71 insertions(+) create mode 100644 meta/recipes-bsp/grub/files/0001-fs-fat-Don-t-error-when-mtime-is-0.patch diff --git a/meta/recipes-bsp/grub/files/0001-fs-fat-Don-t-error-when-mtime-is-0.patch b/meta/recipes-bsp/grub/files/0001-fs-fat-Don-t-error-when-mtime-is-0.patch new file mode 100644 index 0000000000..a5fbd58f46 --- /dev/null +++ b/meta/recipes-bsp/grub/files/0001-fs-fat-Don-t-error-when-mtime-is-0.patch @@ -0,0 +1,70 @@ +From e43f3d93b28cce852c110c7a8e40d8311bcd8bb1 Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Fri, 15 Jul 2022 16:13:02 -0400 +Subject: [PATCH] fs/fat: Don't error when mtime is 0 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +In the wild, we occasionally see valid ESPs where some file modification +times are 0. For instance: + + ├── [Dec 31 1979] EFI + │ ├── [Dec 31 1979] BOOT + │ │ ├── [Dec 31 1979] BOOTX64.EFI + │ │ └── [Dec 31 1979] fbx64.efi + │ └── [Jun 27 02:41] fedora + │ ├── [Dec 31 1979] BOOTX64.CSV + │ ├── [Dec 31 1979] fonts + │ ├── [Mar 14 03:35] fw + │ │ ├── [Mar 14 03:35] fwupd-359c1169-abd6-4a0d-8bce-e4d4713335c1.cap + │ │ ├── [Mar 14 03:34] fwupd-9d255c4b-2d88-4861-860d-7ee52ade9463.cap + │ │ └── [Mar 14 03:34] fwupd-b36438d8-9128-49d2-b280-487be02d948b.cap + │ ├── [Dec 31 1979] fwupdx64.efi + │ ├── [May 10 10:47] grub.cfg + │ ├── [Jun 3 12:38] grub.cfg.new.new + │ ├── [May 10 10:41] grub.cfg.old + │ ├── [Jun 27 02:41] grubenv + │ ├── [Dec 31 1979] grubx64.efi + │ ├── [Dec 31 1979] mmx64.efi + │ ├── [Dec 31 1979] shim.efi + │ ├── [Dec 31 1979] shimx64.efi + │ └── [Dec 31 1979] shimx64-fedora.efi + └── [Dec 31 1979] FSCK0000.REC + + 5 directories, 17 files + +This causes grub-probe failure, which in turn causes grub-mkconfig +failure. They are valid filesystems that appear intact, and the Linux +FAT stack is able to mount and manipulate them without complaint. + +The check for mtime of 0 has been present since +20def1a3c3952982395cd7c3ea7e78638527962b (fat: support file +modification times). + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=e43f3d93b28cce852c110c7a8e40d8311bcd8bb1] + +Signed-off-by: Robbie Harwood +Reviewed-by: Daniel Kiper +Signed-off-by: Ming Liu +--- + grub-core/fs/fat.c | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/grub-core/fs/fat.c b/grub-core/fs/fat.c +index 0951b2e63..c5efed724 100644 +--- a/grub-core/fs/fat.c ++++ b/grub-core/fs/fat.c +@@ -1027,9 +1027,6 @@ grub_fat_dir (grub_device_t device, const char *path, grub_fs_dir_hook_t hook, + grub_le_to_cpu16 (ctxt.dir.w_date), + &info.mtime); + #endif +- if (info.mtimeset == 0) +- grub_error (GRUB_ERR_OUT_OF_RANGE, +- "invalid modification timestamp for %s", path); + + if (hook (ctxt.filename, &info, hook_data)) + break; +-- +2.34.1 + diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index e6c6cd98b4..2718379474 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc @@ -40,6 +40,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://CVE-2022-28736-loader-efi-chainloader-Use-grub_loader_set_ex.patch \ file://CVE-2023-4692.patch \ file://CVE-2023-4693.patch \ + file://0001-fs-fat-Don-t-error-when-mtime-is-0.patch \ " SRC_URI[sha256sum] = "23b64b4c741569f9426ed2e3d0e6780796fca081bee4c99f62aa3f53ae803f5f"