From patchwork Mon Mar 10 13:36:19 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58568 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 970C4C28B2E for ; Mon, 10 Mar 2025 13:36:37 +0000 (UTC) Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) by mx.groups.io with SMTP id smtpd.web10.37883.1741613793569312780 for ; Mon, 10 Mar 2025 06:36:33 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=pjN+BFHH; spf=softfail (domain: sakoman.com, ip: 209.85.214.178, mailfrom: steve@sakoman.com) Received: by mail-pl1-f178.google.com with SMTP id d9443c01a7336-223378e2b0dso59568985ad.0 for ; Mon, 10 Mar 2025 06:36:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741613793; x=1742218593; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Awc7dfy8s4Sb7BYiLaR37u6wO7XQlrmdmXKzoqyDnGM=; b=pjN+BFHHrXVaRmhK3l8SZ1JVtBwVTPKhkPUAwpL3nYEoT4g9EKi4vQb/cMSzkmEVKl 2H1hUt/xtzdewOBKlvGKQLX5Fq2s4s02H6oRTQUKQ46k7TvNvRJByXdxlxSjuKhH5/jZ rK7/dMvMGvfBsdv3LDStawt99NhDZCIGGNn/PXutZxpQub/eMsGC9xunTMBQifL9kJ47 KlkY4ss0UQ6eg6yBWsCA9x8NJQd68oCy3+WkMdGjL6pgg0EftEpJCCb27FXVs0w1jT/L G2in6EAL3qfw2e0zjU8MnIAuohG3M5aqxnykJYKDBep01JrtYlxDgxRZxk5gWgp9CEiZ R2SQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741613793; x=1742218593; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Awc7dfy8s4Sb7BYiLaR37u6wO7XQlrmdmXKzoqyDnGM=; b=U4/BE43iCSLNIDILLwNRbaWyl689+ri/4vboQJ+lYMQA90GT12MmDFM0wHJk7sCZb5 yXnkqQNLg4tITD+U6lZlSbMEsbQ3tCR6RwfI9USkNcFMRV2ziifAy/WIJgeyFjT7zoVB Oprz67NPXfPkzRme8e+HLGrZTWr8kucbZGQSxcU3qKhEz0CeAWWcVkUdX+VFbwdqnNEi 9FS8kTbOnt01emyBikFyOMip0N5c5T8Pr2nZWYfJnJ0g43SFQyGOTmsriToLNE+6vScJ mDT8+0qdbPz5M55zAfcdQ9qRqge0ZPRbxhMI3G7GDFrzRibDkl/QwqSOYXSt83DVR/54 7VJw== X-Gm-Message-State: AOJu0Yw3Bm4wsXx86+Gtn9oZpdqI1Mx61x38NNNXnlwYbPPs1yvZc3gf YgHJomn/ftX3buzQqrX9Ndo7N5IYtaRsQEJYvWmBfc7rfaskQ5l7gBtqd+8NWMR/7chudf/i7tH M X-Gm-Gg: ASbGnctMLxo87zghvi8ys0coHpJtTB+OYhBPsIh1B3y5bls3SUs34g9go5wFhL6tcyf bXoBFGPThgSQC1cJ5uN51GJH3VUdJM87cbRX5SojjoT1BzfvUa9c2rEljFK6AWYNDCwBeNoFwXU IeOYZ8LXDJSpG08LCD4WL48/TIwHKoRHzLbHlZmX78TM6h3KhiUF/kNLNu+UGlvWiSkbDMIsrEc FYxkaGBkK1jkh2up/wYgbGnpxgL2kh6Hvs3D3rDkSiVj/v+NruDvfslErTATvvPmxJEm52wf5gf qjP8fN+j7ZBKyiw5fYeLsgcqSca9bSUa8ytG X-Google-Smtp-Source: AGHT+IHDiBi1XV7UBz8KRVykPWHRI1tIL67BnlTVZaMwRchiUxAdC1B4TqStZmJNr8f/NBhW7ZArsQ== X-Received: by 2002:a17:902:ce87:b0:21f:5cd8:c67 with SMTP id d9443c01a7336-22428ab58d8mr245273825ad.31.1741613792700; Mon, 10 Mar 2025 06:36:32 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:2ea8:96c2:9f70:5c1e]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-224109ddfbcsm77820095ad.21.2025.03.10.06.36.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 10 Mar 2025 06:36:32 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 1/6] openssh: Fix CVE-2025-26465 Date: Mon, 10 Mar 2025 06:36:19 -0700 Message-ID: <934c212859e12235599835e8cfd8857e4be44ff8.1741613667.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 10 Mar 2025 13:36:37 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212521 From: Vijay Anusuri Upstream-Status: Backport from https://github.com/openssh/openssh-portable/commit/0832aac79517611dd4de93ad0a83577994d9c907 Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../openssh/openssh/CVE-2025-26465.patch | 140 ++++++++++++++++++ .../openssh/openssh_8.9p1.bb | 1 + 2 files changed, 141 insertions(+) create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2025-26465.patch diff --git a/meta/recipes-connectivity/openssh/openssh/CVE-2025-26465.patch b/meta/recipes-connectivity/openssh/openssh/CVE-2025-26465.patch new file mode 100644 index 0000000000..ffc798a158 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh/CVE-2025-26465.patch @@ -0,0 +1,140 @@ +From 0832aac79517611dd4de93ad0a83577994d9c907 Mon Sep 17 00:00:00 2001 +From: "djm@openbsd.org" +Date: Tue, 18 Feb 2025 08:02:48 +0000 +Subject: [PATCH] upstream: Fix cases where error codes were not correctly set + +Reported by the Qualys Security Advisory team. ok markus@ + +OpenBSD-Commit-ID: 7bcd4ffe0fa1e27ff98d451fb9c22f5fae6e610d + +Upstream-Status: Backport [https://github.com/openssh/openssh-portable/commit/0832aac79517611dd4de93ad0a83577994d9c907] +CVE: CVE-2025-26465 +Signed-off-by: Vijay Anusuri +--- + krl.c | 2 ++ + ssh-agent.c | 3 +++ + ssh-sk-client.c | 2 ++ + sshconnect2.c | 5 ++++- + sshsig.c | 1 + + 5 files changed, 12 insertions(+), 1 deletion(-) + +diff --git a/krl.c b/krl.c +index 17b88ed..aef2001 100644 +--- a/krl.c ++++ b/krl.c +@@ -674,6 +674,7 @@ revoked_certs_generate(struct revoked_certs *rc, struct sshbuf *buf) + break; + case KRL_SECTION_CERT_SERIAL_BITMAP: + if (rs->lo - bitmap_start > INT_MAX) { ++ r = SSH_ERR_INVALID_FORMAT; + error_f("insane bitmap gap"); + goto out; + } +@@ -1008,6 +1009,7 @@ ssh_krl_from_blob(struct sshbuf *buf, struct ssh_krl **krlp, + goto out; + + if ((krl = ssh_krl_init()) == NULL) { ++ r = SSH_ERR_ALLOC_FAIL; + error_f("alloc failed"); + goto out; + } +diff --git a/ssh-agent.c b/ssh-agent.c +index 4dbb4f3..6382ef4 100644 +--- a/ssh-agent.c ++++ b/ssh-agent.c +@@ -1198,6 +1198,7 @@ parse_key_constraint_extension(struct sshbuf *m, char **sk_providerp, + "restrict-destination-v00@openssh.com") == 0) { + if (*dcsp != NULL) { + error_f("%s already set", ext_name); ++ r = SSH_ERR_INVALID_FORMAT; + goto out; + } + if ((r = sshbuf_froms(m, &b)) != 0) { +@@ -1207,6 +1208,7 @@ parse_key_constraint_extension(struct sshbuf *m, char **sk_providerp, + while (sshbuf_len(b) != 0) { + if (*ndcsp >= AGENT_MAX_DEST_CONSTRAINTS) { + error_f("too many %s constraints", ext_name); ++ r = SSH_ERR_INVALID_FORMAT; + goto out; + } + *dcsp = xrecallocarray(*dcsp, *ndcsp, *ndcsp + 1, +@@ -1663,6 +1665,7 @@ process_ext_session_bind(SocketEntry *e) + /* record new key/sid */ + if (e->nsession_ids >= AGENT_MAX_SESSION_IDS) { + error_f("too many session IDs recorded"); ++ r = -1; + goto out; + } + e->session_ids = xrecallocarray(e->session_ids, e->nsession_ids, +diff --git a/ssh-sk-client.c b/ssh-sk-client.c +index 321fe53..750accb 100644 +--- a/ssh-sk-client.c ++++ b/ssh-sk-client.c +@@ -439,6 +439,7 @@ sshsk_load_resident(const char *provider_path, const char *device, + } + if ((srk = calloc(1, sizeof(*srk))) == NULL) { + error_f("calloc failed"); ++ r = SSH_ERR_ALLOC_FAIL; + goto out; + } + srk->key = key; +@@ -450,6 +451,7 @@ sshsk_load_resident(const char *provider_path, const char *device, + if ((tmp = recallocarray(srks, nsrks, nsrks + 1, + sizeof(*srks))) == NULL) { + error_f("recallocarray keys failed"); ++ r = SSH_ERR_ALLOC_FAIL; + goto out; + } + debug_f("srks[%zu]: %s %s uidlen %zu", nsrks, +diff --git a/sshconnect2.c b/sshconnect2.c +index 83ae4a4..6cfae2a 100644 +--- a/sshconnect2.c ++++ b/sshconnect2.c +@@ -97,7 +97,7 @@ static int + verify_host_key_callback(struct sshkey *hostkey, struct ssh *ssh) + { + if (verify_host_key(xxx_host, xxx_hostaddr, hostkey, +- xxx_conn_info) == -1) ++ xxx_conn_info) != 0) + fatal("Host key verification failed."); + return 0; + } +@@ -713,6 +713,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) + + if ((pktype = sshkey_type_from_name(pkalg)) == KEY_UNSPEC) { + debug_f("server sent unknown pkalg %s", pkalg); ++ r = SSH_ERR_INVALID_FORMAT; + goto done; + } + if ((r = sshkey_from_blob(pkblob, blen, &key)) != 0) { +@@ -723,6 +724,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) + error("input_userauth_pk_ok: type mismatch " + "for decoded key (received %d, expected %d)", + key->type, pktype); ++ r = SSH_ERR_INVALID_FORMAT; + goto done; + } + +@@ -742,6 +744,7 @@ input_userauth_pk_ok(int type, u_int32_t seq, struct ssh *ssh) + SSH_FP_DEFAULT); + error_f("server replied with unknown key: %s %s", + sshkey_type(key), fp == NULL ? "" : fp); ++ r = SSH_ERR_INVALID_FORMAT; + goto done; + } + ident = format_identity(id); +diff --git a/sshsig.c b/sshsig.c +index 7736134..76d7c21 100644 +--- a/sshsig.c ++++ b/sshsig.c +@@ -857,6 +857,7 @@ cert_filter_principals(const char *path, u_long linenum, + } + if ((principals = sshbuf_dup_string(nprincipals)) == NULL) { + error_f("buffer error"); ++ r = SSH_ERR_ALLOC_FAIL; + goto out; + } + /* success */ +-- +2.25.1 + diff --git a/meta/recipes-connectivity/openssh/openssh_8.9p1.bb b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb index d2c477a062..54b4d238eb 100644 --- a/meta/recipes-connectivity/openssh/openssh_8.9p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_8.9p1.bb @@ -37,6 +37,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar file://CVE-2023-51384.patch \ file://CVE-2023-51385.patch \ file://CVE-2024-6387.patch \ + file://CVE-2025-26465.patch \ " SRC_URI[sha256sum] = "fd497654b7ab1686dac672fb83dfb4ba4096e8b5ffcdaccd262380ae58bec5e7" From patchwork Mon Mar 10 13:36:20 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58565 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 89F5CC3DA4A for ; Mon, 10 Mar 2025 13:36:37 +0000 (UTC) Received: from mail-pl1-f177.google.com (mail-pl1-f177.google.com [209.85.214.177]) by mx.groups.io with SMTP id smtpd.web10.37884.1741613795271186646 for ; Mon, 10 Mar 2025 06:36:35 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=lzM5rI6K; spf=softfail (domain: sakoman.com, ip: 209.85.214.177, mailfrom: steve@sakoman.com) Received: by mail-pl1-f177.google.com with SMTP id d9443c01a7336-22355618fd9so75411885ad.3 for ; Mon, 10 Mar 2025 06:36:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741613794; x=1742218594; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=C+V1zJKKFt2OfuzNtZ5l+9Vkg47wJcnAgRElGI37ADs=; b=lzM5rI6KXnS+mTYOO0EE3AStu8cg00k+WYftASMljwFt3l++wewGdYFFE/k6aztHfu Zq0aLZAnEKMx0+9fkNw+PEhhSeyDeEDO3mOS/SIN89G0lHLZ1+loXmi5MloueCxgXOOG kSJrUfRad2rBuhtIiLmOtbH2Xs4jWWOvGc+F6JIxuk/7eGSst7cpllfQqtaGNUbAuaSv 1EAKYrD5LdmjXiPsiieBOfX0yffVQhDskyS/gzaN8dIxQn3WwDN06zLuALMyKZwrtLDR s/UxN/Pb5OS9S9q5bp/ygVoqkd6rI981h2eCby6KQsJgR8CU9uLtbgAxTOse99vlfttG PftA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741613794; x=1742218594; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=C+V1zJKKFt2OfuzNtZ5l+9Vkg47wJcnAgRElGI37ADs=; b=e9RI6U9763w1hvSXP+d5ruaJ0Q/GWO6v9uuDrBaLhc82nxL8HiTtcVxlSmIjtWt9Wc 5f5S/ZrSmlEQu+owMhHJeSRXJBMgf7h/Vd78o5HXX5q0XKwP6OGQAdAQ2Y2nqnRKZ8SA xvoBZb8iY6qOtNywbylCIC0oycIMfO7ZKw4z0D7TWorw1HfVIq+PVIN9MQ5vrrfM8Cph HULAj1quKTQrqqJIJH3It9doBony+DgO3sNI3RIzEEM+bD+D5W8ly74MSNL2dYQijxVR o7TvoGeaKxxm4mfVwP6SaL0V4Rd7C795qxaPtUUpGIdf1q2uTPYltpwTxKPjZk7w0Bfd qLYA== X-Gm-Message-State: AOJu0Yy4/ROigQ6yhS+1P/q2oBGqLMgd/ZWMO7lTDq8iCTRci+Xh230q J7sh8lnVtgnG4edGv4Yn/O4SpxW2haMVcPXBu6igo1fNRmwnV+xJ3WujSF6bWrF7nR1tqpyROkn J X-Gm-Gg: ASbGncv2GIRwP6VzOFlS782QYbfdbvk5QcAFtxXssbPE5wWE/z3R7n9tR456UfFIWXb zUUhB1bczR94J41eLGTnoOGEG1mizRO9W6n44SI3W2J2PMSH5H6j79MSK2pM237VHP+lc56n71r juyNQMn0imJtsGDnW6wlWFwoOvJKm1jY8Fzc+QLJb2SoMYx5/GIvYZeJA9up/GXStKVVavPjfAB JZmkEzwwubPCB0OEvq9oSlZy3NG+uWLdoi2NZxWVRzZBa+J+qIE43M+kArBfsbdrBRXWXBcSj57 ECesRcBOAGPRBlz8lnf9Xa7J6g+SO/0PECoFWPYESkhI+Fo= X-Google-Smtp-Source: AGHT+IE30DGhEO8TpRjwfZaxruBbY0L8Lz5jSEQhHYHXsVeBUOdCIJTC36HJS+JAfcSZd3q2XtWFWA== X-Received: by 2002:a17:902:e74e:b0:224:b60:3cd3 with SMTP id d9443c01a7336-22428a89074mr215017675ad.19.1741613794482; Mon, 10 Mar 2025 06:36:34 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:2ea8:96c2:9f70:5c1e]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-224109ddfbcsm77820095ad.21.2025.03.10.06.36.33 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 10 Mar 2025 06:36:34 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 2/6] binutils: Fix CVE-2025-0840 Date: Mon, 10 Mar 2025 06:36:20 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 10 Mar 2025 13:36:37 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212522 From: Deepesh Varatharajan PR32560 stack-buffer-overflow at objdump disassemble_bytes Backport a patch from upstream to fix CVE-2025-0840 Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=baac6c221e9d69335bf41366a1c7d87d8ab2f893] Signed-off-by: Deepesh Varatharajan Signed-off-by: Steve Sakoman --- .../binutils/binutils-2.38.inc | 1 + .../binutils/0038-CVE-2025-0840.patch | 53 +++++++++++++++++++ 2 files changed, 54 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/0038-CVE-2025-0840.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc index e577a10cb8..26d0b570f3 100644 --- a/meta/recipes-devtools/binutils/binutils-2.38.inc +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc @@ -72,5 +72,6 @@ SRC_URI = "\ file://0035-CVE-2023-39129.patch \ file://0036-CVE-2023-39130.patch \ file://0037-CVE-2024-53589.patch \ + file://0038-CVE-2025-0840.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/0038-CVE-2025-0840.patch b/meta/recipes-devtools/binutils/binutils/0038-CVE-2025-0840.patch new file mode 100644 index 0000000000..b04e750690 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0038-CVE-2025-0840.patch @@ -0,0 +1,53 @@ +Author: Alan Modra +Date: Wed, 15 Jan 2025 19:13:43 +1030 + +PR32560 stack-buffer-overflow at objdump disassemble_bytes + +There's always someone pushing the boundaries. + + PR 32560 + * objdump.c (MAX_INSN_WIDTH): Define. + (insn_width): Make it an unsigned long. + (disassemble_bytes): Use MAX_INSN_WIDTH to size buffer. + (main ): Restrict size of insn_width. + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=baac6c221e9d69335bf41366a1c7d87d8ab2f893] +CVE: CVE-2025-0840 + +Signed-off-by: Deepesh Varatharajan + +diff --git a/binutils/objdump.c b/binutils/objdump.c +index 59f454b0..bd6180be 100644 +--- a/binutils/objdump.c ++++ b/binutils/objdump.c +@@ -110,7 +110,8 @@ static bool disassemble_all; /* -D */ + static int disassemble_zeroes; /* --disassemble-zeroes */ + static bool formats_info; /* -i */ + static int wide_output; /* -w */ +-static int insn_width; /* --insn-width */ ++#define MAX_INSN_WIDTH 49 ++static unsigned long insn_width; /* --insn-width */ + static bfd_vma start_address = (bfd_vma) -1; /* --start-address */ + static bfd_vma stop_address = (bfd_vma) -1; /* --stop-address */ + static int dump_debugging; /* --debugging */ +@@ -2897,7 +2898,7 @@ disassemble_bytes (struct disassemble_info *inf, + } + else + { +- char buf[50]; ++ char buf[MAX_INSN_WIDTH + 1]; + unsigned int bpc = 0; + unsigned int pb = 0; + +@@ -5457,8 +5458,9 @@ main (int argc, char **argv) + break; + case OPTION_INSN_WIDTH: + insn_width = strtoul (optarg, NULL, 0); +- if (insn_width <= 0) +- fatal (_("error: instruction width must be positive")); ++ if (insn_width - 1 >= MAX_INSN_WIDTH) ++ fatal (_("error: instruction width must be in the range 1 to " ++ XSTRING (MAX_INSN_WIDTH))); + break; + case OPTION_INLINES: + unwind_inlines = true; From patchwork Mon Mar 10 13:36:21 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58567 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 86D59C282DE for ; Mon, 10 Mar 2025 13:36:37 +0000 (UTC) Received: from mail-pl1-f179.google.com (mail-pl1-f179.google.com [209.85.214.179]) by mx.groups.io with SMTP id smtpd.web10.37885.1741613796725478466 for ; Mon, 10 Mar 2025 06:36:36 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=DR0wObr4; spf=softfail (domain: sakoman.com, ip: 209.85.214.179, mailfrom: steve@sakoman.com) Received: by mail-pl1-f179.google.com with SMTP id d9443c01a7336-2234e4b079cso73232605ad.1 for ; Mon, 10 Mar 2025 06:36:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741613796; x=1742218596; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=j3IJ8JoHiZ/xiGzhAY6rMSjFkecEhCFM3KrW1daa2IY=; b=DR0wObr4n6x6MRd8wGHAAoR/QXNpEu98flajvGFrMI+9N+bCg4tOUM0EvejofEWH3c 0ojT6dhgb3H27ODWXFaqk7rQ/EEijL0TdCr0WcOXPDLGmQGrJqi3e1GsP4BpldcrEitv rQTaDHLX0VzcS2Nx+ceYfmDSOxY9jtv4qrqTqGvZQKwJxyBj22CrEG4R1t4/1IP68agL zUyngJijSUdVvXmkrXZhHsBk8WbXFFJ1hpkA+GzlSyY8wDqG85QR+tgxAlbRIIJvwiv+ y7OFbb6/VKRFihHDwUUQNAPU/51ym+U10Q/+gEnDxKG+hUIinU7QosZdePLZ2bm8gLpp AnBw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741613796; x=1742218596; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=j3IJ8JoHiZ/xiGzhAY6rMSjFkecEhCFM3KrW1daa2IY=; b=F73o8Y9h0YaUyoMyX+/s+sUY3kg9kHSo7rR6a17eW+g2sa8v6AOnABy26xzltXRTCb WSiSnASQNXq0ODQT81N96y2U9ozBmmr4SDkmGyQeMRiVtOH8HE7DM5apgIFJeHDtDP0m meFBI7WuHp+3Bw5kLODtcjawa7wV+94Lhqct04F92sBUrfOQmY2NSnorwEmN/qrMQL7a qZaT+8XRptfTs64F1pwKVGHfyEKKJV8mT+STNh9IEdpo8EzVq2Q9iLvL5r9LSASR6vco MiKaGervGRYrbyf3J3/GSFsGhCNMAw0s87ctoRUhF/a2KxO/vYTgy4SQ3z6eem09qeda JMOg== X-Gm-Message-State: AOJu0YxXdyhCAg1ond8daDVAjEVE/SNHafF+LFpwHdSF6qOPrpXVwJgB TBilX0op/kLF6GBu5b5liYfQRB+aQ35U+vvknK3U4VwJa0x/ranDXzAYLhtVMqqF0lg0ss+gUxD 4 X-Gm-Gg: ASbGncsx8Gc8MXpZLczbdUUJYlq29UY8HTP1H7zqITmlFn8tO4gbp1agi01Ne6qgfSU FoSk2jY3LaPl8rCUSKERxOJsoOenqBFGF0wnALH6Z6pTpmJlcr3Q+g49FJRUJO29gugftBFbYF8 FCjRq6EQE6KLYHfh6Z+KZnOTFqCxrTeoQXddloirbd5G2nDjh+0mq3cj/+d4HTY7EXImgeSiWmB fzVc7MCoPn/S9fu4Pk72A/w3Vqso5tx/qIOpfFf1VxNnpR6pOj+2nHRdXHhj+7SW66jIajw+FUj PjgOwJVwuYFo+EmfPZLYpkgZN6A4cNH4e5ZQ X-Google-Smtp-Source: AGHT+IEYSR22HXQ2hkr6AroWExkYjFSVKWVMBTsPtOCCbgyfgr1ouHcCOvLyka9lxO3vuh8pQwYZEw== X-Received: by 2002:a17:902:d549:b0:224:c46:d14b with SMTP id d9443c01a7336-22428c0d5b4mr186249885ad.52.1741613795952; Mon, 10 Mar 2025 06:36:35 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:2ea8:96c2:9f70:5c1e]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-224109ddfbcsm77820095ad.21.2025.03.10.06.36.35 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 10 Mar 2025 06:36:35 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 3/6] ruby: Fix CVE-2025-27220 Date: Mon, 10 Mar 2025 06:36:21 -0700 Message-ID: <44665939783cb2b32f5ade1772e0ceef47f9a853.1741613667.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 10 Mar 2025 13:36:37 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212523 From: Hitendra Prajapati Upstream-Status: Backport from https://github.com/ruby/cgi/commit/cd1eb08076c8b8e310d4d553d427763f2577a1b6 Signed-off-by: Hitendra Prajapati Signed-off-by: Steve Sakoman --- .../ruby/ruby/CVE-2025-27220.patch | 76 +++++++++++++++++++ meta/recipes-devtools/ruby/ruby_3.1.3.bb | 1 + 2 files changed, 77 insertions(+) create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2025-27220.patch diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2025-27220.patch b/meta/recipes-devtools/ruby/ruby/CVE-2025-27220.patch new file mode 100644 index 0000000000..4fc71f7ff9 --- /dev/null +++ b/meta/recipes-devtools/ruby/ruby/CVE-2025-27220.patch @@ -0,0 +1,76 @@ +From cd1eb08076c8b8e310d4d553d427763f2577a1b6 Mon Sep 17 00:00:00 2001 +From: Hiroshi SHIBATA +Date: Fri, 21 Feb 2025 15:53:31 +0900 +Subject: [PATCH] Escape/unescape unclosed tags as well + +Co-authored-by: Nobuyoshi Nakada + +Upstream-Status: Backport [https://github.com/ruby/cgi/commit/cd1eb08076c8b8e310d4d553d427763f2577a1b6] +CVE: CVE-2025-27220 +Signed-off-by: Hitendra Prajapati +--- + lib/cgi/util.rb | 4 ++-- + test/cgi/test_cgi_util.rb | 18 ++++++++++++++++++ + 2 files changed, 20 insertions(+), 2 deletions(-) + +diff --git a/lib/cgi/util.rb b/lib/cgi/util.rb +index 5a5c77a..ce77a0c 100644 +--- a/lib/cgi/util.rb ++++ b/lib/cgi/util.rb +@@ -178,7 +178,7 @@ module CGI::Util + def escapeElement(string, *elements) + elements = elements[0] if elements[0].kind_of?(Array) + unless elements.empty? +- string.gsub(/<\/?(?:#{elements.join("|")})(?!\w)(?:.|\n)*?>/i) do ++ string.gsub(/<\/?(?:#{elements.join("|")})\b[^<>]*+>?/im) do + CGI.escapeHTML($&) + end + else +@@ -198,7 +198,7 @@ module CGI::Util + def unescapeElement(string, *elements) + elements = elements[0] if elements[0].kind_of?(Array) + unless elements.empty? +- string.gsub(/<\/?(?:#{elements.join("|")})(?!\w)(?:.|\n)*?>/i) do ++ string.gsub(/<\/?(?:#{elements.join("|")})\b(?>[^&]+|&(?![gl]t;)\w+;)*(?:>)?/im) do + unescapeHTML($&) + end + else +diff --git a/test/cgi/test_cgi_util.rb b/test/cgi/test_cgi_util.rb +index a3be193..d058ccc 100644 +--- a/test/cgi/test_cgi_util.rb ++++ b/test/cgi/test_cgi_util.rb +@@ -244,6 +244,14 @@ class CGIUtilTest < Test::Unit::TestCase + assert_equal("
<A HREF="url"></A>", escapeElement('
', ["A", "IMG"])) + assert_equal("
<A HREF="url"></A>", escape_element('
', "A", "IMG")) + assert_equal("
<A HREF="url"></A>", escape_element('
', ["A", "IMG"])) ++ ++ assert_equal("<A <A HREF="url"></A>", escapeElement('', "A", "IMG")) ++ assert_equal("<A <A HREF="url"></A>", escapeElement('', ["A", "IMG"])) ++ assert_equal("<A <A HREF="url"></A>", escape_element('', "A", "IMG")) ++ assert_equal("<A <A HREF="url"></A>", escape_element('', ["A", "IMG"])) ++ ++ assert_equal("<A <A ", escapeElement('', unescapeElement(escapeHTML('
'), ["A", "IMG"])) + assert_equal('<BR>', unescape_element(escapeHTML('
'), "A", "IMG")) + assert_equal('<BR>', unescape_element(escapeHTML('
'), ["A", "IMG"])) ++ ++ assert_equal('', unescapeElement(escapeHTML(''), "A", "IMG")) ++ assert_equal('', unescapeElement(escapeHTML(''), ["A", "IMG"])) ++ assert_equal('', unescape_element(escapeHTML(''), "A", "IMG")) ++ assert_equal('', unescape_element(escapeHTML(''), ["A", "IMG"])) ++ ++ assert_equal(' X-Patchwork-Id: 58570 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 70806C282DE for ; Mon, 10 Mar 2025 13:36:47 +0000 (UTC) Received: from mail-pj1-f52.google.com (mail-pj1-f52.google.com [209.85.216.52]) by mx.groups.io with SMTP id smtpd.web11.37438.1741613798220859733 for ; Mon, 10 Mar 2025 06:36:38 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=XoAAxJR/; spf=softfail (domain: sakoman.com, ip: 209.85.216.52, mailfrom: steve@sakoman.com) Received: by mail-pj1-f52.google.com with SMTP id 98e67ed59e1d1-2ff187f027fso6955576a91.1 for ; Mon, 10 Mar 2025 06:36:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741613797; x=1742218597; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=PNKMiFy+wTVMOgENyzMMH3nxZX+QbCgmQY4+zAZPVTM=; b=XoAAxJR/jiH2oVhyNtEXPn7pL0jtT4kEHokowhdLYVyZVYZdfSola89xqPGaaWT1IG 764QH5t1os2GbWfJPnBb8ez94ONkV1IfZz0HZFsOEmVqjzXIXyGwwZ2+852Q2UWWFQTS tMGoXa9xunjvgBaL78SizqbCl0kMb85GDmouGpyTwrFRo59DR9QcW3yt4iuLXrWK6Hak ziiu9bcs45xrD1OUlHG+KAh+DF5erB/jhmwHHdiW1HBWv5dJ/y1q7uA/3QhbxG8EGW2D xRzAvYvyTtJkNCw+KWTX19zdNn00kCsulOiCMlHUCdDVP+TBDEZAfj9Z1cSDBjwntDcC HAQA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741613797; x=1742218597; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=PNKMiFy+wTVMOgENyzMMH3nxZX+QbCgmQY4+zAZPVTM=; b=VM5p8wzc7vH0qlLqSMadhFMWH5YBEb8Dl/R10QNHVXIJFO8X81Lx+WLWpH29pYnqUr bDQISbw0OZeP/2dMzK+Z3BWHnZ5Se7vDzD0C5tNuWxbHwgPy1jANb8A2Gmh/jHBrEtJb bQtPzOxnT8GHDQ2XshAH4GWION9hnbQlh2RZVX/8oGWZ37hm8WEYJ++NWetqhVpREesd kkbcY9x/hwnP5JZ12Sv73qFZZtBa7dhDr13zKPKR/WkAPC9wvCaGlJscEqZ7ZqzlPJ15 75PrkJ1jM/9GlnSodWRzQ0qj/V7e/z1viSH1TYyW5ISgf0VoG/XWj/8LUAyYsp0Kb28S oDKA== X-Gm-Message-State: AOJu0Yw6cvfhARf1fK00CAs3jbe7n3f3VfYVBUGt/6qsXSNpmzqgYkP9 trGt5V9VkWuKN1erwuTBRq05GnRIDcOBtf6fJgHXwai4JWZE4/LycDxB/1uARqBe/UifEvh10WY q X-Gm-Gg: ASbGncsYxcHzdLVzTFJz7yHHd4d/CeLVGluEwgrV3Vy4QLLQHpLkIaJRNDawirReslZ mgUbs5tDib5q3XwUAAdkuP0mQbmMkrdACooUgXcGskM6hzawka+W5xl290451newL+zWIYs5BVR 0Wz8k/euqE/OKFYfCPoD0uDElr2yQeN+Mt1Im5T0Hhgdyq4KF925Tu39dkIf608nLoj64fLqoEW CK/1M8wCDUXFsF0BX5QgKGXNMrArk/mGLmrXsZQv4EjvXU7gpeKTCB6JcEBo5PMByY1poKZMnyb Uw5cdPzG2aBXKviKxHKy8XEGaW7vOBmatVoFKUktFM8QxeE= X-Google-Smtp-Source: AGHT+IF8qjcoAhMDXebBng57NkeddfKXzn+pY+sbGZvHSL6vztVajWDQ0EumYtaUXfg7TjsTHl127Q== X-Received: by 2002:a17:90b:4a45:b0:2ff:6e58:89f5 with SMTP id 98e67ed59e1d1-2ffbc15acd9mr14855522a91.6.1741613797407; Mon, 10 Mar 2025 06:36:37 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:2ea8:96c2:9f70:5c1e]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-224109ddfbcsm77820095ad.21.2025.03.10.06.36.36 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 10 Mar 2025 06:36:37 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 4/6] libtasn1: upgrade 4.19.0 -> 4.20.0 Date: Mon, 10 Mar 2025 06:36:22 -0700 Message-ID: <0ff5d08053d92eeae5b2a23f8e0d7a280488723c.1741613667.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 10 Mar 2025 13:36:47 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212524 From: Vijay Anusuri * Noteworthy changes in release 4.20.0 (2025-02-01) [stable] - The release tarball is now reproducible. - We publish a minimal source-only tarball generated by 'git archive'. - Update gnulib files and various build/maintenance fixes. - Fix CVE-2024-12133: Potential DoS in handling of numerous SEQUENCE OF or SET OF elements License-Update: file COPYING.LESSER renamed to COPYING.LESSERv2 & Copyright year updated to 2025 Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../gnutls/{libtasn1_4.19.0.bb => libtasn1_4.20.0.bb} | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) rename meta/recipes-support/gnutls/{libtasn1_4.19.0.bb => libtasn1_4.20.0.bb} (63%) diff --git a/meta/recipes-support/gnutls/libtasn1_4.19.0.bb b/meta/recipes-support/gnutls/libtasn1_4.20.0.bb similarity index 63% rename from meta/recipes-support/gnutls/libtasn1_4.19.0.bb rename to meta/recipes-support/gnutls/libtasn1_4.20.0.bb index 5fb8b54c06..8127ba5b1d 100644 --- a/meta/recipes-support/gnutls/libtasn1_4.19.0.bb +++ b/meta/recipes-support/gnutls/libtasn1_4.20.0.bb @@ -6,9 +6,8 @@ HOMEPAGE = "http://www.gnu.org/software/libtasn1/" LICENSE = "GPL-3.0-or-later & LGPL-2.1-or-later" LICENSE:${PN}-bin = "GPL-3.0-or-later" LICENSE:${PN} = "LGPL-2.1-or-later" -LIC_FILES_CHKSUM = "file://doc/COPYING;md5=d32239bcb673463ab874e80d47fae504 \ - file://doc/COPYING.LESSER;md5=4fbd65380cdd255951079008b364516c \ - file://COPYING;md5=75ac100ec923f959898182307970c360" +LIC_FILES_CHKSUM = "file://COPYING;md5=1ebbd3e34237af26da5dc08a4e440464 \ + file://COPYING.LESSERv2;md5=4bf661c1e3793e55c8d1051bc5e0ae21" SRC_URI = "${GNU_MIRROR}/libtasn1/libtasn1-${PV}.tar.gz \ file://dont-depend-on-help2man.patch \ @@ -16,7 +15,7 @@ SRC_URI = "${GNU_MIRROR}/libtasn1/libtasn1-${PV}.tar.gz \ DEPENDS = "bison-native" -SRC_URI[sha256sum] = "1613f0ac1cf484d6ec0ce3b8c06d56263cc7242f1c23b30d82d23de345a63f7a" +SRC_URI[sha256sum] = "92e0e3bd4c02d4aeee76036b2ddd83f0c732ba4cda5cb71d583272b23587a76c" inherit autotools texinfo lib_package gtk-doc From patchwork Mon Mar 10 13:36:23 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58569 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 764A1C35FF1 for ; Mon, 10 Mar 2025 13:36:47 +0000 (UTC) Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176]) by mx.groups.io with SMTP id smtpd.web10.37889.1741613799732544959 for ; Mon, 10 Mar 2025 06:36:39 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=T70Ezo+S; spf=softfail (domain: sakoman.com, ip: 209.85.214.176, mailfrom: steve@sakoman.com) Received: by mail-pl1-f176.google.com with SMTP id d9443c01a7336-22409077c06so6728335ad.1 for ; Mon, 10 Mar 2025 06:36:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741613799; x=1742218599; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=lz9rVcWajbdtrjZzpBqvZ7xBxzyMxa5elfPIbN312kg=; b=T70Ezo+SoDgSKQpQInir72pi7KD+Qt+MJGuyGu60Cn0nhdpQ+9yogLy5gi03TlM9pm 7MY7Znp6Y1lhXuYSnLrB217Jpr//m9DjOSu9ScMhSM2UNbyKjYz0P4vWFHNhqeMOOaXC zanjSDTtPFiV35jJk/zSKA+6MFXjmFmLpyOYgVL1PVQroeL1IbE3ScfZPhoadpC1FAby VZWuijokkFnXx5ecbGhWNsH45MNVjDdIXEkR9rN1l94+MmvgZYsiTz76VXED6oe5V6lQ ULEtJWvP+yoXxL32jHh/qyW9loioC9cPSr4YAWF8EtBYLXHgJwcgN1sxeEGetSxW2d4Z Kb6w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741613799; x=1742218599; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=lz9rVcWajbdtrjZzpBqvZ7xBxzyMxa5elfPIbN312kg=; b=Z3vqjaNnckTx533GuPKDNJKthtq1+LiZsfYgfFt7TwuhYC1lyOQmtwpyF5ZHzWJVaG 1N8fM9BT8wR7zoD+ddQ2yhq9nF6dY+5xxM5QrnkfVeLIlirCo3J7K4CpvtDNz83PmkRe e1y/xlcs5q6xdwPzWHlKeOekkcgyka9ASDCCnn6+pfhhCeaYhoB0kQ/jg4L1COBRP/5j 3qtb50V4pZpxcHLG/O20vyxbhOIX8pNHGbRwfuqqE+y/LAg0x9sgsM4OkD8VbW0OzPMd l0A0CNSpV+fENWYsAXEIgnnO6kCo3ycu9HnGqheWXmoK07EhVmsNkNL7pcAA4HYaMIHU qmoA== X-Gm-Message-State: AOJu0YzJSDzKXuEGsN8BoQCZTXtOB0LU8wOhryCU3NAJcDT2WzYOJEOl brZO8C62A4a0vwlQugcSjwiNOLoniSLKEsLHU/a1qIpD/IAkfAEFUcYX7EyoTxbsu2KjvgZTYKK O X-Gm-Gg: ASbGnct+bN9acoR1b5Kl8snbTZeszsmR/qrNrlUqNcb1LOHKwDLxaYVvfGijN+H8fpl Ifw9WGNupl+RYLcDV8my0JcL1JjKWAVMzr6oxHzJP+ipsnDKUXT0l86VwH1wI2wKzMVp5uhFk0h mr4O5r/6i1pcDqCKRgNVaeSXE7gt94bRv2stI7cDr/iLupLLjTKU4LXNd9J2ciu/nZdRQLhXOfo 8eekQmMn6sNvmUHedcxMWPdIxtn909D9tHj4c+cROisQ5wmT6Cjnu8qAPI5EAeleCXOePKIQffc ZXMw36oXYN14d/NgRNyAjImMkNT2ejAKZgUGKoN3FtaZXEc= X-Google-Smtp-Source: AGHT+IEZ4IdrXBSLEUSfKkmyTiZHfdEWgGijUIi4caM06zMHmRrghMCKxik+EBtDJJCh5wcqoOsEPA== X-Received: by 2002:a17:902:da8c:b0:223:8256:533d with SMTP id d9443c01a7336-22428bf7ad4mr218822175ad.46.1741613799031; Mon, 10 Mar 2025 06:36:39 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:2ea8:96c2:9f70:5c1e]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-224109ddfbcsm77820095ad.21.2025.03.10.06.36.38 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 10 Mar 2025 06:36:38 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 5/6] tzdata/tzcode-native: upgrade 2024b -> 2025a Date: Mon, 10 Mar 2025 06:36:23 -0700 Message-ID: <4dc7731d350eab8952330f01beb5acdba7d88bb9.1741613667.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 10 Mar 2025 13:36:47 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212525 From: Priyal Doshi Signed-off-by: Priyal Doshi Signed-off-by: Mathieu Dubois-Briand Signed-off-by: Richard Purdie (cherry picked from commit a15c4e6793c55c8084a61298ef3695e1db2f60cd) Signed-off-by: Steve Sakoman --- meta/recipes-extended/timezone/timezone.inc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/meta/recipes-extended/timezone/timezone.inc b/meta/recipes-extended/timezone/timezone.inc index 8935d1cd8c..3fe6c3142b 100644 --- a/meta/recipes-extended/timezone/timezone.inc +++ b/meta/recipes-extended/timezone/timezone.inc @@ -6,7 +6,7 @@ SECTION = "base" LICENSE = "PD & BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=c679c9d6b02bc2757b3eaf8f53c43fba" -PV = "2024b" +PV = "2025a" SRC_URI =" https://www.iana.org/time-zones/repository/releases/tzcode${PV}.tar.gz;name=tzcode;subdir=tz \ https://www.iana.org/time-zones/repository/releases/tzdata${PV}.tar.gz;name=tzdata;subdir=tz \ @@ -16,5 +16,5 @@ S = "${WORKDIR}/tz" UPSTREAM_CHECK_URI = "https://www.iana.org/time-zones" -SRC_URI[tzcode.sha256sum] = "5e438fc449624906af16a18ff4573739f0cda9862e5ec28d3bcb19cbaed0f672" -SRC_URI[tzdata.sha256sum] = "70e754db126a8d0db3d16d6b4cb5f7ec1e04d5f261255e4558a67fe92d39e550" +SRC_URI[tzcode.sha256sum] = "119679d59f76481eb5e03d3d2a47d7870d592f3999549af189dbd31f2ebf5061" +SRC_URI[tzdata.sha256sum] = "4d5fcbc72c7c450ebfe0b659bd0f1c02fbf52fd7f517a9ea13fe71c21eb5f0d0" From patchwork Mon Mar 10 13:36:24 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 58571 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7206FC282EC for ; Mon, 10 Mar 2025 13:36:47 +0000 (UTC) Received: from mail-pl1-f180.google.com (mail-pl1-f180.google.com [209.85.214.180]) by mx.groups.io with SMTP id smtpd.web10.37890.1741613801056812747 for ; Mon, 10 Mar 2025 06:36:41 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=G9YpUR2q; spf=softfail (domain: sakoman.com, ip: 209.85.214.180, mailfrom: steve@sakoman.com) Received: by mail-pl1-f180.google.com with SMTP id d9443c01a7336-224191d92e4so70094315ad.3 for ; Mon, 10 Mar 2025 06:36:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1741613800; x=1742218600; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=vU11L5Bon5V6WxJh0GHOIQjjRzFi0b0t+TzGR1sEcGs=; b=G9YpUR2qgtx93pm+xGt7TkCMLPHzs7pdIVJXuPDdYsMYb4mhcwMbyEpX+QeK96m9al d+trrCQhFcbngvYj0Mi6DrEgMsR6D/u5NQseBpR0nJgdlTwN3ve43sGV2BkDHgAoc0mr fnpmlY9DcOig+rLsuE9Wg2LyH+hbf1lKW3+e2qVWWBBoPvQRQNDCFNRy5pZ+aDM54/JA wz9D/ylhMwVpfDjZFZce0kQgGdeAxZbyYFdTZ2DpHV6f8A5xHegPhacrGMpL5gO+KYJm 291U6qOXvvyMgESk48MDDKrv122rW6+0inQTBILhl5XPC5+aqBtM8pk8H2chGFQ1Ifmn kICQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741613800; x=1742218600; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=vU11L5Bon5V6WxJh0GHOIQjjRzFi0b0t+TzGR1sEcGs=; b=EA7+hDlIq/czlGGskSyJfp3BymChlU3n6t5iEvc6eRVx0LKPi13ptWTQp8DJM7BY21 R0FMQXX1IAHXCpE7RsPdKtU+9nrFESNlaWeeObLuPxZabWlunbOe0TnqqIjSE/E7FTaC eO4NqFs82BPWVWmSVQCbcUJxvld9r1gWZaf8fINZ3+miGBU9CT/i7b5isxEQY6NenUXo iUkUD1auxHPzkI6t8RpPXzUO+zIHrvSWVMj5+crmkZJqq4a5i3PGU3hvujTZExsFiF8L unF3XcYywLUFGSH4rOsD6+OW2HX5lh5pq2CobVtTVy0Od9wdEqwNLDIkYYZwQAc2fxcl Rfaw== X-Gm-Message-State: AOJu0YwUuUyC7FTsxkpiy+NF/2thDAJ0OjI2V4xZISBZ/HesQbNxGzSw WNNSfwXNC4aivv5R3bcqNTy2U76vyGYWv/D/KB5XK2RvReVLs+40FVXXm3VWKu9gdB7XDLdjhFz D X-Gm-Gg: ASbGncuJyh7IK1yRuyTb6Rgo4yghF09mM8os2c6AzWXZWp5OAGb0qfInSeJ/UrbY1Y9 cMPBiCm5ZLZ8LlIpL4ugN3xgT8brFk+9mdVMmfIhROba1o1At0qPOrV8MDKApzwvRratlNHH9N6 rRLoaUbOyJbMmGRNvDppdETpBn+T/cm3Cex4ytpvHuiyk5l6Ny+scZNqauLDD74LHawBJ3f+Tkp y1cdNCVzz1WY4u+1HGerZ6YeTjBXxzXZFl87w/NMofMYqrPkv1OhCqzFhWJ1QBYyb1gh6Sos/u8 AIvNcQXT0OzfDbPi05dhCqk/cfMh3yxMB2VR X-Google-Smtp-Source: AGHT+IHzBSzw4ed3tKJeF+T5aDqsHnWqT3iLQPDagvp+3/pwhVVeRiBQqoXW39qMEOf41xgOb1RmXA== X-Received: by 2002:a17:903:40cb:b0:224:c47:cb7 with SMTP id d9443c01a7336-22428505f24mr234539715ad.0.1741613800380; Mon, 10 Mar 2025 06:36:40 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:2ea8:96c2:9f70:5c1e]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-224109ddfbcsm77820095ad.21.2025.03.10.06.36.39 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 10 Mar 2025 06:36:40 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 6/6] tzcode-native: Fix compiler setting from 2023d version Date: Mon, 10 Mar 2025 06:36:24 -0700 Message-ID: <0216c229d5c60d0023b0a7d6e8ee41bdfa16f8ef.1741613667.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 10 Mar 2025 13:36:47 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/212526 From: Alessio Cascone Starting from 2023d version, tzcode makefile does not use anymore "cc" variable for C compiler, due to Makefile refactoring. Replacing "cc" with "CC" fixes the issue. Signed-off-by: Alessio Cascone Signed-off-by: Mathieu Dubois-Briand Signed-off-by: Richard Purdie (cherry picked from commit b3cdfca5ef84ed2054faef9abddef3aeed930e17) Signed-off-by: Steve Sakoman --- meta/recipes-extended/timezone/tzcode-native.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-extended/timezone/tzcode-native.bb b/meta/recipes-extended/timezone/tzcode-native.bb index d0b23a9d80..dc9f076377 100644 --- a/meta/recipes-extended/timezone/tzcode-native.bb +++ b/meta/recipes-extended/timezone/tzcode-native.bb @@ -4,7 +4,7 @@ SUMMARY = "tzcode, timezone zoneinfo utils -- zic, zdump, tzselect" inherit native -EXTRA_OEMAKE += "cc='${CC}'" +EXTRA_OEMAKE += "CC='${CC}'" do_install () { install -d ${D}${bindir}/