From patchwork Wed Apr 23 13:20:12 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 61748 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F1B9FC369D1 for ; Wed, 23 Apr 2025 13:20:36 +0000 (UTC) Received: from mail-pf1-f171.google.com (mail-pf1-f171.google.com [209.85.210.171]) by mx.groups.io with SMTP id smtpd.web10.8316.1745414435905342646 for ; Wed, 23 Apr 2025 06:20:35 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=1AAGEfYG; spf=softfail (domain: sakoman.com, ip: 209.85.210.171, mailfrom: steve@sakoman.com) Received: by mail-pf1-f171.google.com with SMTP id d2e1a72fcca58-736ad42dfd6so5584349b3a.3 for ; Wed, 23 Apr 2025 06:20:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1745414435; x=1746019235; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=cuMKSiS3DEOkKbbPJ9J7M4z51k3ur80XyvwbGqj2lS0=; b=1AAGEfYG+AnZvjBVGPVJId29vXJquRF7DL1QLB4dj400Yv5ZpTSo4sn2v1XAoHV4Au KgcA4mhmPEk8GWYxFuOSStwjTmXxBG0VEwQjabxPrjG38NZEtJcV+QdBQfA0mL+Redt0 ljtTCOFQvx2JdCkFx/iHtQgHpwdnC50RE6hwo2lm5kfXRDnjctDEKAweFVzVbh4RGJmE 8RFf73D+/j3efup5JYPh5SmuZ+3B7R7awsEHD5337wEPlIVt1qyt6GDkggQZBedb2F19 fYzhi1WB6ROfQaUI51zVY8xcTyBiyGhIVzFmaVOYhmAl4e10tmiLrn8apO8+RrgZWwsk ueLw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1745414435; x=1746019235; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=cuMKSiS3DEOkKbbPJ9J7M4z51k3ur80XyvwbGqj2lS0=; b=DpRq/D7A1Aq+dwzv/1Jb4H2Czw/K2PqkMrGfPHfqF+fRTnLcOSx/ny66vhSbdJW8kD 55mvD2xaKFoPHpSAO5j+IPOYi6U+ddFjl4rYqckqH1s6K9/0EwAmxFfUw1b6i1eGu7r9 f4/1eCPdEgDvrXxUrAsn8hvx2eLrbBAP7TPVu3Khj3OpG9PyB82QGYTjEYR2/bhyKzCb MMgR7drccmnp+NaGrlXx9bg7NEJ2jT20p+jHYxvlHh1RpDAm+1aq/ec0kH3cQitPKNyW OQkUB/YbrNLWuYRuWg3WZRpohBGH/BMlT7FSp+++tcs5F03RuWI+kgU2ilWQ6LheUyBc jgOA== X-Gm-Message-State: AOJu0YwroK+EVVLO1UnNj+gh2nfrTpWNJ6d0CYe+c/bC6HA/ruzpaaHu xkVkrXWC4ETHGb7lBnY/KhVhvv7MpKGQDaRGRIaPbvhK1hN92Ghjm12R0Ya9u44nHI3+tMjxckp z X-Gm-Gg: ASbGncvwaxH90m5GStmHdxf4/1KH6eMi2ZPqtohbypYvyu6DXVieKx09jBSvSUT7GsO 5sdJP3Y/7821G4eRL8XdvFIYwuwaOgSGp+cPIuUk22QSw/zRDA8LWB8FimFM+DggFon21KvnQz7 7L+ntUFTg6WtX7o8HjkYk7GEGYrQOHAgD2RwffrLGDwX1R6cI6WOgwq4o6JoQa2Rui4c+JKExJe tpVdTwn2jFcoKCzmA5Aj1yPFvZqJm5aZ5oQFF65DaC+bmAPcDo16ROrK2az6w94qsItdiDi/mgg 8WPwNlpZKNXIddp0h7b62wa7yN7Kow8= X-Google-Smtp-Source: AGHT+IGuXDRWMMZaLaF8ZJzOsvPpHjtEbIUPeJJbXHsNMWSyzbHwRddWsPw2+3xPIolAjFXp3qaLiw== X-Received: by 2002:a05:6a00:2284:b0:739:4a93:a5df with SMTP id d2e1a72fcca58-73dc14e09femr26886739b3a.12.1745414433799; Wed, 23 Apr 2025 06:20:33 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:371e:10cb:f3ce:33f]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-73dbf8e510bsm10898037b3a.66.2025.04.23.06.20.33 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 23 Apr 2025 06:20:33 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 01/14] libsoup: Fix CVE-2025-32910 Date: Wed, 23 Apr 2025 06:20:12 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 23 Apr 2025 13:20:36 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/215294 From: Vijay Anusuri Upstream-Status: Backport from https://gitlab.gnome.org/GNOME/libsoup/-/commit/e40df6d48a1cbab56f5d15016cc861a503423cfe & https://gitlab.gnome.org/GNOME/libsoup/-/commit/405a8a34597a44bd58c4759e7d5e23f02c3b556a & https://gitlab.gnome.org/GNOME/libsoup/-/commit/ea16eeacb052e423eb5c3b0b705e5eab34b13832 Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../libsoup-3.4.4/CVE-2025-32910-1.patch | 98 ++++++++++++ .../libsoup-3.4.4/CVE-2025-32910-2.patch | 149 ++++++++++++++++++ .../libsoup-3.4.4/CVE-2025-32910-3.patch | 27 ++++ meta/recipes-support/libsoup/libsoup_3.4.4.bb | 3 + 4 files changed, 277 insertions(+) create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32910-1.patch create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32910-2.patch create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32910-3.patch diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32910-1.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32910-1.patch new file mode 100644 index 0000000000..27011f587f --- /dev/null +++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32910-1.patch @@ -0,0 +1,98 @@ +From e40df6d48a1cbab56f5d15016cc861a503423cfe Mon Sep 17 00:00:00 2001 +From: Patrick Griffis +Date: Sun, 8 Dec 2024 20:00:35 -0600 +Subject: [PATCH] auth-digest: Handle missing realm in authenticate header + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/e40df6d48a1cbab56f5d15016cc861a503423cfe] +CVE: CVE-2025-32910 +Signed-off-by: Vijay Anusuri +--- + libsoup/auth/soup-auth-digest.c | 3 ++ + tests/auth-test.c | 50 +++++++++++++++++++++++++++++++++ + 2 files changed, 53 insertions(+) + +diff --git a/libsoup/auth/soup-auth-digest.c b/libsoup/auth/soup-auth-digest.c +index 2e81849af..4f12e87a5 100644 +--- a/libsoup/auth/soup-auth-digest.c ++++ b/libsoup/auth/soup-auth-digest.c +@@ -148,6 +148,9 @@ soup_auth_digest_update (SoupAuth *auth, SoupMessage *msg, + guint qop_options; + gboolean ok = TRUE; + ++ if (!soup_auth_get_realm (auth)) ++ return FALSE; ++ + g_free (priv->domain); + g_free (priv->nonce); + g_free (priv->opaque); +diff --git a/tests/auth-test.c b/tests/auth-test.c +index 158fdac10..3066e904a 100644 +--- a/tests/auth-test.c ++++ b/tests/auth-test.c +@@ -1866,6 +1866,55 @@ do_multiple_digest_algorithms (void) + soup_test_server_quit_unref (server); + } + ++static void ++on_request_read_for_missing_realm (SoupServer *server, ++ SoupServerMessage *msg, ++ gpointer user_data) ++{ ++ SoupMessageHeaders *response_headers = soup_server_message_get_response_headers (msg); ++ soup_message_headers_replace (response_headers, "WWW-Authenticate", "Digest qop=\"auth\""); ++} ++ ++static void ++do_missing_realm_test (void) ++{ ++ SoupSession *session; ++ SoupMessage *msg; ++ SoupServer *server; ++ SoupAuthDomain *digest_auth_domain; ++ gint status; ++ GUri *uri; ++ ++ server = soup_test_server_new (SOUP_TEST_SERVER_IN_THREAD); ++ soup_server_add_handler (server, NULL, ++ server_callback, NULL, NULL); ++ uri = soup_test_server_get_uri (server, "http", NULL); ++ ++ digest_auth_domain = soup_auth_domain_digest_new ( ++ "realm", "auth-test", ++ "auth-callback", server_digest_auth_callback, ++ NULL); ++ soup_auth_domain_add_path (digest_auth_domain, "/"); ++ soup_server_add_auth_domain (server, digest_auth_domain); ++ g_object_unref (digest_auth_domain); ++ ++ g_signal_connect (server, "request-read", ++ G_CALLBACK (on_request_read_for_missing_realm), ++ NULL); ++ ++ session = soup_test_session_new (NULL); ++ msg = soup_message_new_from_uri ("GET", uri); ++ g_signal_connect (msg, "authenticate", ++ G_CALLBACK (on_digest_authenticate), ++ NULL); ++ ++ status = soup_test_session_send_message (session, msg); ++ ++ g_assert_cmpint (status, ==, SOUP_STATUS_UNAUTHORIZED); ++ g_uri_unref (uri); ++ soup_test_server_quit_unref (server); ++} ++ + int + main (int argc, char **argv) + { +@@ -1899,6 +1948,7 @@ main (int argc, char **argv) + g_test_add_func ("/auth/auth-uri", do_auth_uri_test); + g_test_add_func ("/auth/cancel-request-on-authenticate", do_cancel_request_on_authenticate); + g_test_add_func ("/auth/multiple-algorithms", do_multiple_digest_algorithms); ++ g_test_add_func ("/auth/missing-realm", do_missing_realm_test); + + ret = g_test_run (); + +-- +GitLab + diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32910-2.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32910-2.patch new file mode 100644 index 0000000000..b62e09cbdb --- /dev/null +++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32910-2.patch @@ -0,0 +1,149 @@ +From 405a8a34597a44bd58c4759e7d5e23f02c3b556a Mon Sep 17 00:00:00 2001 +From: Patrick Griffis +Date: Thu, 26 Dec 2024 18:18:35 -0600 +Subject: [PATCH] auth-digest: Handle missing nonce + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/405a8a34597a44bd58c4759e7d5e23f02c3b556a] +CVE: CVE-2025-32910 +Signed-off-by: Vijay Anusuri +--- + libsoup/auth/soup-auth-digest.c | 45 +++++++++++++++++++++++++-------- + tests/auth-test.c | 19 ++++++++------ + 2 files changed, 46 insertions(+), 18 deletions(-) + +diff --git a/libsoup/auth/soup-auth-digest.c b/libsoup/auth/soup-auth-digest.c +index 4f12e87a..350bfde6 100644 +--- a/libsoup/auth/soup-auth-digest.c ++++ b/libsoup/auth/soup-auth-digest.c +@@ -138,6 +138,19 @@ soup_auth_digest_get_qop (SoupAuthDigestQop qop) + return g_string_free (out, FALSE); + } + ++static gboolean ++validate_params (SoupAuthDigest *auth_digest) ++{ ++ SoupAuthDigestPrivate *priv = soup_auth_digest_get_instance_private (auth_digest); ++ ++ if (priv->qop || priv->algorithm == SOUP_AUTH_DIGEST_ALGORITHM_MD5_SESS) { ++ if (!priv->nonce) ++ return FALSE; ++ } ++ ++ return TRUE; ++} ++ + static gboolean + soup_auth_digest_update (SoupAuth *auth, SoupMessage *msg, + GHashTable *auth_params) +@@ -175,16 +188,21 @@ soup_auth_digest_update (SoupAuth *auth, SoupMessage *msg, + if (priv->algorithm == -1) + ok = FALSE; + +- stale = g_hash_table_lookup (auth_params, "stale"); +- if (stale && !g_ascii_strcasecmp (stale, "TRUE") && *priv->hex_urp) +- recompute_hex_a1 (priv); +- else { +- g_free (priv->user); +- priv->user = NULL; +- g_free (priv->cnonce); +- priv->cnonce = NULL; +- memset (priv->hex_urp, 0, sizeof (priv->hex_urp)); +- memset (priv->hex_a1, 0, sizeof (priv->hex_a1)); ++ if (!validate_params (auth_digest)) ++ ok = FALSE; ++ ++ if (ok) { ++ stale = g_hash_table_lookup (auth_params, "stale"); ++ if (stale && !g_ascii_strcasecmp (stale, "TRUE") && *priv->hex_urp) ++ recompute_hex_a1 (priv); ++ else { ++ g_free (priv->user); ++ priv->user = NULL; ++ g_free (priv->cnonce); ++ priv->cnonce = NULL; ++ memset (priv->hex_urp, 0, sizeof (priv->hex_urp)); ++ memset (priv->hex_a1, 0, sizeof (priv->hex_a1)); ++ } + } + + return ok; +@@ -276,6 +294,8 @@ soup_auth_digest_compute_hex_a1 (const char *hex_urp, + + /* In MD5-sess, A1 is hex_urp:nonce:cnonce */ + ++ g_assert (nonce && cnonce); ++ + checksum = g_checksum_new (G_CHECKSUM_MD5); + g_checksum_update (checksum, (guchar *)hex_urp, strlen (hex_urp)); + g_checksum_update (checksum, (guchar *)":", 1); +@@ -366,6 +386,8 @@ soup_auth_digest_compute_response (const char *method, + if (qop) { + char tmp[9]; + ++ g_assert (cnonce); ++ + g_snprintf (tmp, 9, "%.8x", nc); + g_checksum_update (checksum, (guchar *)tmp, strlen (tmp)); + g_checksum_update (checksum, (guchar *)":", 1); +@@ -429,6 +451,9 @@ soup_auth_digest_get_authorization (SoupAuth *auth, SoupMessage *msg) + g_return_val_if_fail (uri != NULL, NULL); + url = soup_uri_get_path_and_query (uri); + ++ g_assert (priv->nonce); ++ g_assert (!priv->qop || priv->cnonce); ++ + soup_auth_digest_compute_response (soup_message_get_method (msg), url, priv->hex_a1, + priv->qop, priv->nonce, + priv->cnonce, priv->nc, +diff --git a/tests/auth-test.c b/tests/auth-test.c +index 3066e904..c651c7cd 100644 +--- a/tests/auth-test.c ++++ b/tests/auth-test.c +@@ -1867,16 +1867,17 @@ do_multiple_digest_algorithms (void) + } + + static void +-on_request_read_for_missing_realm (SoupServer *server, +- SoupServerMessage *msg, +- gpointer user_data) ++on_request_read_for_missing_params (SoupServer *server, ++ SoupServerMessage *msg, ++ gpointer user_data) + { ++ const char *auth_header = user_data; + SoupMessageHeaders *response_headers = soup_server_message_get_response_headers (msg); +- soup_message_headers_replace (response_headers, "WWW-Authenticate", "Digest qop=\"auth\""); ++ soup_message_headers_replace (response_headers, "WWW-Authenticate", auth_header); + } + + static void +-do_missing_realm_test (void) ++do_missing_params_test (gconstpointer auth_header) + { + SoupSession *session; + SoupMessage *msg; +@@ -1899,8 +1900,8 @@ do_missing_realm_test (void) + g_object_unref (digest_auth_domain); + + g_signal_connect (server, "request-read", +- G_CALLBACK (on_request_read_for_missing_realm), +- NULL); ++ G_CALLBACK (on_request_read_for_missing_params), ++ (gpointer)auth_header); + + session = soup_test_session_new (NULL); + msg = soup_message_new_from_uri ("GET", uri); +@@ -1948,7 +1949,9 @@ main (int argc, char **argv) + g_test_add_func ("/auth/auth-uri", do_auth_uri_test); + g_test_add_func ("/auth/cancel-request-on-authenticate", do_cancel_request_on_authenticate); + g_test_add_func ("/auth/multiple-algorithms", do_multiple_digest_algorithms); +- g_test_add_func ("/auth/missing-realm", do_missing_realm_test); ++ g_test_add_data_func ("/auth/missing-params/realm", "Digest qop=\"auth\"", do_missing_params_test); ++ g_test_add_data_func ("/auth/missing-params/nonce", "Digest realm=\"auth-test\", qop=\"auth,auth-int\", opaque=\"5ccc069c403ebaf9f0171e9517f40e41\"", do_missing_params_test); ++ g_test_add_data_func ("/auth/missing-params/nonce-md5-sess", "Digest realm=\"auth-test\", qop=\"auth,auth-int\", opaque=\"5ccc069c403ebaf9f0171e9517f40e41\" algorithm=\"MD5-sess\"", do_missing_params_test); + + ret = g_test_run (); + +-- +GitLab + diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32910-3.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32910-3.patch new file mode 100644 index 0000000000..32e0c86e62 --- /dev/null +++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32910-3.patch @@ -0,0 +1,27 @@ +From ea16eeacb052e423eb5c3b0b705e5eab34b13832 Mon Sep 17 00:00:00 2001 +From: Patrick Griffis +Date: Fri, 27 Dec 2024 13:52:52 -0600 +Subject: [PATCH] auth-digest: Fix leak + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/ea16eeacb052e423eb5c3b0b705e5eab34b13832] +CVE: CVE-2025-32910 +Signed-off-by: Vijay Anusuri +--- + libsoup/auth/soup-auth-digest.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/libsoup/auth/soup-auth-digest.c b/libsoup/auth/soup-auth-digest.c +index 350bfde6..9eb7fa0e 100644 +--- a/libsoup/auth/soup-auth-digest.c ++++ b/libsoup/auth/soup-auth-digest.c +@@ -72,6 +72,7 @@ soup_auth_digest_finalize (GObject *object) + g_free (priv->nonce); + g_free (priv->domain); + g_free (priv->cnonce); ++ g_free (priv->opaque); + + memset (priv->hex_urp, 0, sizeof (priv->hex_urp)); + memset (priv->hex_a1, 0, sizeof (priv->hex_a1)); +-- +GitLab + diff --git a/meta/recipes-support/libsoup/libsoup_3.4.4.bb b/meta/recipes-support/libsoup/libsoup_3.4.4.bb index b2e32b892a..80cbbdf8ea 100644 --- a/meta/recipes-support/libsoup/libsoup_3.4.4.bb +++ b/meta/recipes-support/libsoup/libsoup_3.4.4.bb @@ -18,6 +18,9 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \ file://CVE-2024-52531-1.patch \ file://CVE-2024-52531-2.patch \ file://CVE-2024-52531-3.patch \ + file://CVE-2025-32910-1.patch \ + file://CVE-2025-32910-2.patch \ + file://CVE-2025-32910-3.patch \ " SRC_URI[sha256sum] = "291c67725f36ed90ea43efff25064b69c5a2d1981488477c05c481a3b4b0c5aa" From patchwork Wed Apr 23 13:20:13 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 61749 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 049F9C369D8 for ; Wed, 23 Apr 2025 13:20:37 +0000 (UTC) Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com [209.85.210.180]) by mx.groups.io with SMTP id smtpd.web11.8564.1745414436295750366 for ; Wed, 23 Apr 2025 06:20:36 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=zd8yXFV0; spf=softfail (domain: sakoman.com, ip: 209.85.210.180, mailfrom: steve@sakoman.com) Received: by mail-pf1-f180.google.com with SMTP id d2e1a72fcca58-73bf5aa95e7so5821732b3a.1 for ; Wed, 23 Apr 2025 06:20:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1745414435; x=1746019235; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=LxR0b1r3uP70I0friMfoXlUPHjauo6TZM7eoJVqDa0E=; b=zd8yXFV0suK7yycqukUg6RF2Pwz2JWF+jg0u1py9r7kxyjk1q9Lgahu59XufmBB7bC yoPg33TD1ePU4l0M+W10h0MkrnXZFnNzoMckIR7tVxhbePTOoaSUWrujAXx4qoRXFdrT JKbd96udQIUl6adJPccZD0jivO0iR6qGb6X5A8nZZdPMEGSJrY+4u+GsZmKgznckBGbf koHWa3ODnUxLlkin2a3sKMYpuTkJMY9crHjBloFCg9eKb7IUF1T++4ZQ8h5wJs/0MA9a F9sywEiP9howJ4H57E5W0uaM7JxZbcl9ym6dhTpkzdvfy+L0g98YkofO1Rmr45IfTAiw InTA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1745414435; x=1746019235; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=LxR0b1r3uP70I0friMfoXlUPHjauo6TZM7eoJVqDa0E=; b=qY+LRqCQgQR3l+g68UYp8Pz3gazzOn2vB/HumE4xfkINojZzyALDcmbBV6PzHmYIlE wVWAOBPp9PDok4e8Ap0doi+KCW8h88wjPkyHEUq/x4VwxWZgYKTARB4+tPtmkZCwlfri +2HacwvhMvXq13bfhkl5d0U4JeSFxITf2Fe7kacg1i1eTP03VEIwoFxYZx1cljyBSw0r eq1rmmpXGX6Mv/HOetdFGoNiQggUU408OLHSdC0vJ3TFlLzdcmEQAmic5BSKpdhIrRiZ i7dQ1S1JuxL9ikj3t1dnm6gpjM8P4qZU3AhUyvBo02gsZ7vNkgnEEULE+9eA9Y9HXCE0 8VKA== X-Gm-Message-State: AOJu0YxjZnOOa37j2jlRBRQbqyx0J7QBZKEvBn5c40GjXEEiH9z2QDiD v2HV9QIv1RfZ1p1/yhA5CE92KkVHxmek4L72NvOkAVuTE5tzosICsVkQ6wJaiPJ8wU1onymyyrY G X-Gm-Gg: ASbGnctTkeRyw/Xxn2b1tSJeEGqDPEEdnmHPktNh93vGBqS1BXCCSkcg8zWSnuf4SpH m0QNiQrhnNpfbOoqdWT2x3dIEN8q6nUzMRwhTnSoQeploo8JBOlkOAXWviMmVkmJAwsRacwaS/u vxgjsytjyhAAu1Uhrmc8vPdTC0+jx9qHIHPvSXFrONx8ZFaQU1ZC3EHixQPEOINGzkyHcyBqK+T wuNsHx7/KXSkmUnUmszBe+YeXy3JhRFUXI8/vyTnstT/lUHZqDskc0Lgy+03TRUtFtreViFI3LL zk19mJi4gsrZyE6ZnzV0zoQOgf55pQ4= X-Google-Smtp-Source: AGHT+IEdGfGa0ZYnrrXDdTH+zZHloOVaqQUuZTQyqFYGQZf1uTtTWKrJJVcVhThCBzQospX/ryLUGg== X-Received: by 2002:a05:6a20:6f96:b0:1f5:7f45:7f95 with SMTP id adf61e73a8af0-203cbd0bd44mr28906878637.27.1745414435510; Wed, 23 Apr 2025 06:20:35 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:371e:10cb:f3ce:33f]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-73dbf8e510bsm10898037b3a.66.2025.04.23.06.20.34 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 23 Apr 2025 06:20:35 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 02/14] libsoup: Fix CVE-2025-32909 Date: Wed, 23 Apr 2025 06:20:13 -0700 Message-ID: <9eba43f18664a20d7f5dc8942eb39cfbd83c066e.1745356684.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 23 Apr 2025 13:20:37 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/215295 From: Vijay Anusuri Upstream-Status: Backport from https://gitlab.gnome.org/GNOME/libsoup/-/comm it/ba4c3a6f988beff59e45801ab36067293d24ce92 Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../libsoup-3.4.4/CVE-2025-32909.patch | 36 +++++++++++++++++++ meta/recipes-support/libsoup/libsoup_3.4.4.bb | 1 + 2 files changed, 37 insertions(+) create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32909.patch diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32909.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32909.patch new file mode 100644 index 0000000000..8982da58f1 --- /dev/null +++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32909.patch @@ -0,0 +1,36 @@ +From ba4c3a6f988beff59e45801ab36067293d24ce92 Mon Sep 17 00:00:00 2001 +From: Patrick Griffis +Date: Wed, 8 Jan 2025 16:30:17 -0600 +Subject: [PATCH] content-sniffer: Handle sniffing resource shorter than 4 + bytes + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/ba4c3a6f988beff59e45801ab36067293d24ce92] +CVE: CVE-2025-32909 +Signed-off-by: Vijay Anusuri +--- + libsoup/content-sniffer/soup-content-sniffer.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/libsoup/content-sniffer/soup-content-sniffer.c b/libsoup/content-sniffer/soup-content-sniffer.c +index 5a181ff1..aeee2e25 100644 +--- a/libsoup/content-sniffer/soup-content-sniffer.c ++++ b/libsoup/content-sniffer/soup-content-sniffer.c +@@ -243,9 +243,14 @@ sniff_mp4 (SoupContentSniffer *sniffer, GBytes *buffer) + gsize resource_length; + const char *resource = g_bytes_get_data (buffer, &resource_length); + resource_length = MIN (512, resource_length); +- guint32 box_size = *((guint32*)resource); ++ guint32 box_size; + guint i; + ++ if (resource_length < sizeof (guint32)) ++ return FALSE; ++ ++ box_size = *((guint32*)resource); ++ + #if __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ + box_size = ((box_size >> 24) | + ((box_size << 8) & 0x00FF0000) | +-- +GitLab + diff --git a/meta/recipes-support/libsoup/libsoup_3.4.4.bb b/meta/recipes-support/libsoup/libsoup_3.4.4.bb index 80cbbdf8ea..afba5ac12d 100644 --- a/meta/recipes-support/libsoup/libsoup_3.4.4.bb +++ b/meta/recipes-support/libsoup/libsoup_3.4.4.bb @@ -21,6 +21,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \ file://CVE-2025-32910-1.patch \ file://CVE-2025-32910-2.patch \ file://CVE-2025-32910-3.patch \ + file://CVE-2025-32909.patch \ " SRC_URI[sha256sum] = "291c67725f36ed90ea43efff25064b69c5a2d1981488477c05c481a3b4b0c5aa" From patchwork Wed Apr 23 13:20:14 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 61751 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F16F2C369CB for ; Wed, 23 Apr 2025 13:20:46 +0000 (UTC) Received: from mail-pf1-f178.google.com (mail-pf1-f178.google.com [209.85.210.178]) by mx.groups.io with SMTP id smtpd.web10.8317.1745414438455997011 for ; Wed, 23 Apr 2025 06:20:38 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=FuRVywD9; spf=softfail (domain: sakoman.com, ip: 209.85.210.178, mailfrom: steve@sakoman.com) Received: by mail-pf1-f178.google.com with SMTP id d2e1a72fcca58-73bb647eb23so4920499b3a.0 for ; Wed, 23 Apr 2025 06:20:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1745414438; x=1746019238; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=DLkMbREjkoL7KlFcHQW1VnJQ5arFF6/bfBX9WJSGG7g=; b=FuRVywD9SgMAdhEXnar1QubLusizrMVvA1pbch2oluOWvFoNcWkWopxw+97oqUkIYE HUz/vMjY4twbNbRwcivQxop8hXgtfIAmgYlIqUKUDpxlymsRaOtDpqNaG+daRrU020e2 NbKG747lVKjxw8gGkq/bepfO3WPtD6tE7ylGT8n5STkizF9JxBkn7/IwGkzH7gR1JtSa oUltgaMNVcZdC18vDj/QFWMlspvA/HgO7h8gENO3bCkiEA+ZrQO4f1WJqpaKNvmmskqr yd8j7GneJ0Sn1eKd1kdnekdKdsT1sNQAfLPVCAkvBo+nJVK9tb0oC2T/jch91NEUwUDE r3MA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1745414438; x=1746019238; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=DLkMbREjkoL7KlFcHQW1VnJQ5arFF6/bfBX9WJSGG7g=; b=CjCyw50OBlzSnWDpj9AZo7fO8NYOcteeQpJirc7E8BWmChsYWVSSMI3Z5tZWoGE7XE fuszoD/Cc1RzFDHK6GSNRq+lXsxFV+GKmFCRt3e3lEtaudppxNxQYxs4MgYgEeHxbQkW VuzD6KMnH9kwUeJ3yGh0i0F+bDfEvtd5fWSvEGZOjpwcPtcGcMCvGvGdemfmm47nwdi/ I6pOalgyzSQ8/RxXZqVcpuKM/whURlBPYJKCqsc3Vel68h5Ys/V2+w9c9sJur6wGMDIS Lbl+J4PtdWvgbjAaDNx1KKiOOkwSOk7cjtdM726wGivH185kkYRcbnfn81z0XuMrjEqC +MMw== X-Gm-Message-State: AOJu0Yz9OUv609rAGrJ1ABmGgv8RYG+hUxOmf61pjytU9iNSZDVu18X4 QA7fzzjS8RLtFrIWGAf8mBB4KW3DX78F2kK5YjpnLGONpmnv2z/P5n7CllXKmKAzCoEv6eiXF5s C X-Gm-Gg: ASbGncvFYpsuQKMmVl0/DLZHPE+1VwJbQurfUKKpx+XTJP+0CZ2bvPhr6GZfR4bA9t4 Xyio31GXBTW6YwY4VQRXC8iYOQyvsJIHlfN1g0H1I2XmLmBXgcXCspTKnWeAnHZQbtWxYKwP/Wo PA22pv0J7bkO+0Mxlpx5gmnS9bNjToCO1BNhmXqxCSxX5bC+fX4BvTnu0UNQG/Yi7amD4JCRyri cCEsQuZajAH0apDUVeXDYLuTx8zpss8oo1b9tGxSXB7cbtW6Apv64RXudiD+se+FHDL1H2FRxjf i4W4gHO8PPPIqmgscY3pO23Y4ggWMY4= X-Google-Smtp-Source: AGHT+IE8vFmDhbaHD6lmbb6gLzisEsTGadODWNYJSA0C2HfuRsvPRqeu5RGxqiMAXX88P+AfnAxuJg== X-Received: by 2002:a05:6a21:6d93:b0:1f5:8714:8147 with SMTP id adf61e73a8af0-203cbc7489dmr26257593637.23.1745414437687; Wed, 23 Apr 2025 06:20:37 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:371e:10cb:f3ce:33f]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-73dbf8e510bsm10898037b3a.66.2025.04.23.06.20.36 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 23 Apr 2025 06:20:37 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 03/14] libsoup: Fix CVE-2025-32911 & CVE-2025-32913 Date: Wed, 23 Apr 2025 06:20:14 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 23 Apr 2025 13:20:46 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/215296 From: Vijay Anusuri Upstream-Status: Backport from https://gitlab.gnome.org/GNOME/libsoup/-/commit/7b4ef0e004ece3a308ccfaa714c284f4c96ade34 & https://gitlab.gnome.org/GNOME/libsoup/-/commit/f4a761fb66512fff59798765e8ac5b9e57dceef0 Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../CVE-2025-32911_CVE-2025-32913-1.patch | 72 +++++++++++++++++++ .../CVE-2025-32911_CVE-2025-32913-2.patch | 44 ++++++++++++ meta/recipes-support/libsoup/libsoup_3.4.4.bb | 2 + 3 files changed, 118 insertions(+) create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32911_CVE-2025-32913-1.patch create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32911_CVE-2025-32913-2.patch diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32911_CVE-2025-32913-1.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32911_CVE-2025-32913-1.patch new file mode 100644 index 0000000000..4e1d8212f5 --- /dev/null +++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32911_CVE-2025-32913-1.patch @@ -0,0 +1,72 @@ +From 7b4ef0e004ece3a308ccfaa714c284f4c96ade34 Mon Sep 17 00:00:00 2001 +From: Patrick Griffis +Date: Fri, 27 Dec 2024 17:53:50 -0600 +Subject: [PATCH] soup_message_headers_get_content_disposition: Fix NULL deref + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/7b4ef0e004ece3a308ccfaa714c284f4c96ade34] +CVE: CVE-2025-32911 CVE-2025-32913 #Dependency Patch +Signed-off-by: Vijay Anusuri +--- + libsoup/soup-message-headers.c | 13 +++++++++---- + tests/header-parsing-test.c | 14 ++++++++++++++ + 2 files changed, 23 insertions(+), 4 deletions(-) + +diff --git a/libsoup/soup-message-headers.c b/libsoup/soup-message-headers.c +index 56cc1e9d..04f4c302 100644 +--- a/libsoup/soup-message-headers.c ++++ b/libsoup/soup-message-headers.c +@@ -1660,10 +1660,15 @@ soup_message_headers_get_content_disposition (SoupMessageHeaders *hdrs, + */ + if (params && g_hash_table_lookup_extended (*params, "filename", + &orig_key, &orig_value)) { +- char *filename = strrchr (orig_value, '/'); +- +- if (filename) +- g_hash_table_insert (*params, g_strdup (orig_key), filename + 1); ++ if (orig_value) { ++ char *filename = strrchr (orig_value, '/'); ++ ++ if (filename) ++ g_hash_table_insert (*params, g_strdup (orig_key), filename + 1); ++ } else { ++ /* filename with no value isn't valid. */ ++ g_hash_table_remove (*params, "filename"); ++ } + } + return TRUE; + } +diff --git a/tests/header-parsing-test.c b/tests/header-parsing-test.c +index 5e423d2b..d0b360c8 100644 +--- a/tests/header-parsing-test.c ++++ b/tests/header-parsing-test.c +@@ -1039,6 +1039,7 @@ do_param_list_tests (void) + #define RFC5987_TEST_HEADER_FALLBACK "attachment; filename*=Unknown''t%FF%FF%FFst.txt; filename=\"test.txt\"" + #define RFC5987_TEST_HEADER_NO_TYPE "filename=\"test.txt\"" + #define RFC5987_TEST_HEADER_NO_TYPE_2 "filename=\"test.txt\"; foo=bar" ++#define RFC5987_TEST_HEADER_EMPTY_FILENAME ";filename" + + static void + do_content_disposition_tests (void) +@@ -1139,6 +1140,19 @@ do_content_disposition_tests (void) + g_assert_cmpstr (parameter2, ==, "bar"); + g_hash_table_destroy (params); + ++ /* Empty filename */ ++ soup_message_headers_clear (hdrs); ++ soup_message_headers_append (hdrs, "Content-Disposition", ++ RFC5987_TEST_HEADER_EMPTY_FILENAME); ++ if (!soup_message_headers_get_content_disposition (hdrs, ++ &disposition, ++ ¶ms)) { ++ soup_test_assert (FALSE, "empty filename decoding FAILED"); ++ return; ++ } ++ g_assert_false (g_hash_table_contains (params, "filename")); ++ g_hash_table_destroy (params); ++ + soup_message_headers_unref (hdrs); + + /* Ensure that soup-multipart always quotes filename */ +-- +GitLab + diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32911_CVE-2025-32913-2.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32911_CVE-2025-32913-2.patch new file mode 100644 index 0000000000..5d9f33c736 --- /dev/null +++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32911_CVE-2025-32913-2.patch @@ -0,0 +1,44 @@ +From f4a761fb66512fff59798765e8ac5b9e57dceef0 Mon Sep 17 00:00:00 2001 +From: Patrick Griffis +Date: Fri, 27 Dec 2024 18:00:39 -0600 +Subject: [PATCH] soup_message_headers_get_content_disposition: strdup + truncated filenames + +This table frees the strings it contains. + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/f4a761fb66512fff59798765e8ac5b9e57dceef0] +CVE: CVE-2025-32911 CVE-2025-32913 +Signed-off-by: Vijay Anusuri +--- + libsoup/soup-message-headers.c | 2 +- + tests/header-parsing-test.c | 1 + + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/libsoup/soup-message-headers.c b/libsoup/soup-message-headers.c +index 04f4c302..ee7a3cb1 100644 +--- a/libsoup/soup-message-headers.c ++++ b/libsoup/soup-message-headers.c +@@ -1664,7 +1664,7 @@ soup_message_headers_get_content_disposition (SoupMessageHeaders *hdrs, + char *filename = strrchr (orig_value, '/'); + + if (filename) +- g_hash_table_insert (*params, g_strdup (orig_key), filename + 1); ++ g_hash_table_insert (*params, g_strdup (orig_key), g_strdup (filename + 1)); + } else { + /* filename with no value isn't valid. */ + g_hash_table_remove (*params, "filename"); +diff --git a/tests/header-parsing-test.c b/tests/header-parsing-test.c +index d0b360c8..07ea2866 100644 +--- a/tests/header-parsing-test.c ++++ b/tests/header-parsing-test.c +@@ -1150,6 +1150,7 @@ do_content_disposition_tests (void) + soup_test_assert (FALSE, "empty filename decoding FAILED"); + return; + } ++ g_free (disposition); + g_assert_false (g_hash_table_contains (params, "filename")); + g_hash_table_destroy (params); + +-- +GitLab + diff --git a/meta/recipes-support/libsoup/libsoup_3.4.4.bb b/meta/recipes-support/libsoup/libsoup_3.4.4.bb index afba5ac12d..167163b91f 100644 --- a/meta/recipes-support/libsoup/libsoup_3.4.4.bb +++ b/meta/recipes-support/libsoup/libsoup_3.4.4.bb @@ -22,6 +22,8 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \ file://CVE-2025-32910-2.patch \ file://CVE-2025-32910-3.patch \ file://CVE-2025-32909.patch \ + file://CVE-2025-32911_CVE-2025-32913-1.patch \ + file://CVE-2025-32911_CVE-2025-32913-2.patch \ " SRC_URI[sha256sum] = "291c67725f36ed90ea43efff25064b69c5a2d1981488477c05c481a3b4b0c5aa" From patchwork Wed Apr 23 13:20:15 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 61754 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 03A6CC369D8 for ; Wed, 23 Apr 2025 13:20:47 +0000 (UTC) Received: from mail-pf1-f172.google.com (mail-pf1-f172.google.com [209.85.210.172]) by mx.groups.io with SMTP id smtpd.web11.8565.1745414440230191941 for ; Wed, 23 Apr 2025 06:20:40 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=g4PEEwXD; spf=softfail (domain: sakoman.com, ip: 209.85.210.172, mailfrom: steve@sakoman.com) Received: by mail-pf1-f172.google.com with SMTP id d2e1a72fcca58-73bf1cef6ceso5781069b3a.0 for ; Wed, 23 Apr 2025 06:20:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1745414439; x=1746019239; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=x4b9jAmriJnk7HskC2wO2AHiMvrB8pd/V/xIpmUcDY4=; b=g4PEEwXD0Ng5cIDZZGCY9ktODSjwiA4cR9iCg6ebG6MPXX4LBYvRopXCs6yEPp9CXL cKVSjDHNDhWXxNY00O4QG9qmh83X5X9OWfTytJPrAfi+bhEtNu1Sv/UWMaYG0h5maZCT tv92US/okNiX6hdnV3AEyYIpygaYy/inkLF0LJkXns8NPphzZFyCSaK2lKT34bTP5VmU ObOvmFZUTl489ZAMAQWYQF0uCgcW3IfstWQLA87Pa7qMgICB7W0FY2MGUyvv5+fbqZoJ fhAQ+QDxtEN8/xhjNatuTEbqr1By+QE7xRK/dtCKvpAZYrauTRD92JzqFuLnx9D8YTpx zEmg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1745414439; x=1746019239; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=x4b9jAmriJnk7HskC2wO2AHiMvrB8pd/V/xIpmUcDY4=; b=NVsiSB/41jzXMr4Zx1C03UmmfhJvG9eal+K4ei7YLu3qnUUGwOWMsHcSO8D0SI8VpO d3nQxk1ijGFZKD+rdMSBcnRVG8mFli93ib3eA6UD25n6lPQ8F/mB1IYmjqlR+6/qUaWc KfbbhM7bire7O/cCZgSRN1Vm3Hhn77sUiOehtpqd4wq9Ec5iHWe0Cv8vnWc6f6c4T+VN Z0XrQcMTyqiNPpr9T+LkbvFskfogF/+IJeRvZzbqaxBEobm30lxVwOyKSb380EFa44hb O/CJpITlQJLQPaU0Pw5Vm5D/cE68D39t4HQt6ZjfZAbVOZCzrI+3HipbALAajZqlr+iu 98jQ== X-Gm-Message-State: AOJu0Yx2wmp8XKUBwxCdiqCNvl1aDsn3wbL8VbGcn+bxp26GsNDxn91Q 8bxvdCPnfYcDrR1lnuYj0mCOSqm4rTUNOeUo0tFT3iJZxqhXVIUo5Ky5+SbptJp4++1WStJlPCl R X-Gm-Gg: ASbGncsW9KWgUMgJwzDg+Ym0fPEBqvFyUGPPrYuKi2nkbMyIbSkx9rmFGVhrZK1itqW IPXjb1uU5UdxCyFnyei2I7VQb/Ces2GLEjCIMEadwKqzkUCZPAnFPw/w8XVKiRHzUgenlygK57w SyK38toVjmXhLp9BH8ja3vCGApxho2l8ulbUqLXu1Awz0Kjt2K/atecjXfGJUxs2v+FJW4CDxPl BznmvsF7r0ICzTGWY8jO7V9pFfUafeqqSOz0dNsu/UBliHycIfmDoh+vR2O1NR95VYpIrDdRuSj 5PAdJ8naXmE5kR6fKO5CpexE6/4kfUUeT722yoOEtw== X-Google-Smtp-Source: AGHT+IFRcDse5ITZEqvQHTIanFemiw4gGrKrFdVjVByp/1Jlhq7YhrP4/Rbj+PW5/horHbYnspZA8A== X-Received: by 2002:a05:6a21:b8b:b0:201:2834:6c62 with SMTP id adf61e73a8af0-203cbc72f79mr28315148637.25.1745414439412; Wed, 23 Apr 2025 06:20:39 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:371e:10cb:f3ce:33f]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-73dbf8e510bsm10898037b3a.66.2025.04.23.06.20.38 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 23 Apr 2025 06:20:39 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 04/14] libsoup: Fix CVE-2025-32912 Date: Wed, 23 Apr 2025 06:20:15 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 23 Apr 2025 13:20:47 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/215297 From: Vijay Anusuri Upstream-Status: Backport from https://gitlab.gnome.org/GNOME/libsoup/-/commit/cd077513f267e43ce4b659eb18a1734d8a369992 & https://gitlab.gnome.org/GNOME/libsoup/-/commit/910ebdcd3dd82386717a201c13c834f3a63eed7f Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../libsoup-3.4.4/CVE-2025-32912-1.patch | 41 +++++++++++++++++++ .../libsoup-3.4.4/CVE-2025-32912-2.patch | 30 ++++++++++++++ meta/recipes-support/libsoup/libsoup_3.4.4.bb | 2 + 3 files changed, 73 insertions(+) create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32912-1.patch create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32912-2.patch diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32912-1.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32912-1.patch new file mode 100644 index 0000000000..c35c599502 --- /dev/null +++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32912-1.patch @@ -0,0 +1,41 @@ +From cd077513f267e43ce4b659eb18a1734d8a369992 Mon Sep 17 00:00:00 2001 +From: Patrick Griffis +Date: Wed, 5 Feb 2025 14:03:05 -0600 +Subject: [PATCH] auth-digest: Handle missing nonce + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/cd077513f267e43ce4b659eb18a1734d8a369992] +CVE: CVE-2025-32912 +Signed-off-by: Vijay Anusuri +--- + libsoup/auth/soup-auth-digest.c | 2 +- + tests/auth-test.c | 1 + + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/libsoup/auth/soup-auth-digest.c b/libsoup/auth/soup-auth-digest.c +index 9eb7fa0e..d69a4013 100644 +--- a/libsoup/auth/soup-auth-digest.c ++++ b/libsoup/auth/soup-auth-digest.c +@@ -162,7 +162,7 @@ soup_auth_digest_update (SoupAuth *auth, SoupMessage *msg, + guint qop_options; + gboolean ok = TRUE; + +- if (!soup_auth_get_realm (auth)) ++ if (!soup_auth_get_realm (auth) || !g_hash_table_contains (auth_params, "nonce")) + return FALSE; + + g_free (priv->domain); +diff --git a/tests/auth-test.c b/tests/auth-test.c +index c651c7cd..484097f1 100644 +--- a/tests/auth-test.c ++++ b/tests/auth-test.c +@@ -1952,6 +1952,7 @@ main (int argc, char **argv) + g_test_add_data_func ("/auth/missing-params/realm", "Digest qop=\"auth\"", do_missing_params_test); + g_test_add_data_func ("/auth/missing-params/nonce", "Digest realm=\"auth-test\", qop=\"auth,auth-int\", opaque=\"5ccc069c403ebaf9f0171e9517f40e41\"", do_missing_params_test); + g_test_add_data_func ("/auth/missing-params/nonce-md5-sess", "Digest realm=\"auth-test\", qop=\"auth,auth-int\", opaque=\"5ccc069c403ebaf9f0171e9517f40e41\" algorithm=\"MD5-sess\"", do_missing_params_test); ++ g_test_add_data_func ("/auth/missing-params/nonce-and-qop", "Digest realm=\"auth-test\"", do_missing_params_test); + + ret = g_test_run (); + +-- +GitLab + diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32912-2.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32912-2.patch new file mode 100644 index 0000000000..ad6f3a8028 --- /dev/null +++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32912-2.patch @@ -0,0 +1,30 @@ +From 910ebdcd3dd82386717a201c13c834f3a63eed7f Mon Sep 17 00:00:00 2001 +From: Patrick Griffis +Date: Sat, 8 Feb 2025 12:30:13 -0600 +Subject: [PATCH] digest-auth: Handle NULL nonce + +`contains` only handles a missing nonce, `lookup` handles both missing and empty. + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/910ebdcd3dd82386717a201c13c834f3a63eed7f] +CVE: CVE-2025-32912 +Signed-off-by: Vijay Anusuri +--- + libsoup/auth/soup-auth-digest.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libsoup/auth/soup-auth-digest.c b/libsoup/auth/soup-auth-digest.c +index d69a4013..dc4dbfc5 100644 +--- a/libsoup/auth/soup-auth-digest.c ++++ b/libsoup/auth/soup-auth-digest.c +@@ -162,7 +162,7 @@ soup_auth_digest_update (SoupAuth *auth, SoupMessage *msg, + guint qop_options; + gboolean ok = TRUE; + +- if (!soup_auth_get_realm (auth) || !g_hash_table_contains (auth_params, "nonce")) ++ if (!soup_auth_get_realm (auth) || !g_hash_table_lookup (auth_params, "nonce")) + return FALSE; + + g_free (priv->domain); +-- +GitLab + diff --git a/meta/recipes-support/libsoup/libsoup_3.4.4.bb b/meta/recipes-support/libsoup/libsoup_3.4.4.bb index 167163b91f..f62c657213 100644 --- a/meta/recipes-support/libsoup/libsoup_3.4.4.bb +++ b/meta/recipes-support/libsoup/libsoup_3.4.4.bb @@ -24,6 +24,8 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \ file://CVE-2025-32909.patch \ file://CVE-2025-32911_CVE-2025-32913-1.patch \ file://CVE-2025-32911_CVE-2025-32913-2.patch \ + file://CVE-2025-32912-1.patch \ + file://CVE-2025-32912-2.patch \ " SRC_URI[sha256sum] = "291c67725f36ed90ea43efff25064b69c5a2d1981488477c05c481a3b4b0c5aa" From patchwork Wed Apr 23 13:20:16 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 61752 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0AACEC369D7 for ; Wed, 23 Apr 2025 13:20:47 +0000 (UTC) Received: from mail-pf1-f172.google.com (mail-pf1-f172.google.com [209.85.210.172]) by mx.groups.io with SMTP id smtpd.web11.8566.1745414442337560431 for ; Wed, 23 Apr 2025 06:20:42 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=UFFt8599; spf=softfail (domain: sakoman.com, ip: 209.85.210.172, mailfrom: steve@sakoman.com) Received: by mail-pf1-f172.google.com with SMTP id d2e1a72fcca58-7390d21bb1cso5981242b3a.2 for ; Wed, 23 Apr 2025 06:20:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1745414441; x=1746019241; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=MgnLODuCV96u5FYBUdl2fEc5sImudlG0fV0dKwoGrY8=; b=UFFt85995oKmgkQQw2v1kaI2MHiw3Ta07rOxYcCd99a5ImFnorwAo7FxcOzzX4yX6R /dcFDyL3UlMxYDlE6uUtS6T5SnZOVtHjl2VYK9pYKpwZAYW8Z64Gvh5zAK4NKyDp7qN7 YaNIPqcKottHW1GE4QPQ6kw0O/q6rMeUF4Vrd6udCwp0TnvT+9ummf/vQYMZjaJl2HtB Yr+UumhlrBz/A9M7HQreA4vOPjA48ispDBhXrod2f0gqnhmtzSiejPrjfNFCqi3fm8T+ feYcQXu0JxT0AG5iL1NRT7tiBes4WRWrEcF+TboEOYG1Q9VqKWFHeifiOKBlzpz933GQ 3a4Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1745414441; x=1746019241; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MgnLODuCV96u5FYBUdl2fEc5sImudlG0fV0dKwoGrY8=; b=kt4t2AOUfHXrG2mfg+G4t4YWVmZ9ElZI2aCH1ICHCGXdfk8/DAZYbCS0IBkXko32kg wQs6Y/YLRi/tF85AHPBtcCsuRQ4WhfJw82lviVkyj8s1NI4P+HXA7KTUNTTmcVY3FkgH wvf+OmXwzrZjh5x7ulaAM12TeyKKtyczglPTgkoSEL0ijDuL8i9FUoinKwPgVAvDyxQs SS2qgy5u12hdau4AL1oLwQyDzA7EfG6HEbbA2RT/r6W2K5oI/zmsG5KajCQLdKOK/vV7 k5zNb5mve8gL3WspRoQl7RZ4x8+0VjMKuNvOC/g69FMkqNkYTtqkiMkpBJkVKHtktjb4 C5gw== X-Gm-Message-State: AOJu0YwaFUE5T++M/eBbH/AuleggCTwYZLF1ix1s0Kvp435a8nM22O5Q egdjyTAs5QHmVGwaiq4xdti6yr8ESa4ephgZXZrZ4QDIpIXVqNU8iyyolrT97wDOXf78ErVIMAz s X-Gm-Gg: ASbGnctyAZInM5Kp3jbLmiBVxSFegSwK5Bhyao5WvuVJP8izhsBkT6zO7VaDQdUTd/f Wdw4ZQhiTrj1r0aLMAGa9rJkFWKjLLdqhjrD8KbJ/d2MqtjpUhBh0TzDp6nnXr/PCE8+0WQyOjo wapuI3g19RKxaSC5vSwsiFo3E79yla9qh96dRpNJuJsI/3m9wuRvLkLFwHr3o1pB009EYfLh08p JtToL2rlWEJQ5wndFbIpoVdhjpCC4eecjR/sWRD30ys5twYGhp5MTV4mDUsl0u0VvqbiGrOHYOE LSHCDzj8pOfOORQSR2CHG4Zcrz0ZRbE= X-Google-Smtp-Source: AGHT+IGMlC2BIuiUmShzqqd45AMX/tenClcIjx5341IOGN+E33G18ntJQ9cmujaOHAV9YO9PXcJpAA== X-Received: by 2002:a05:6a00:1145:b0:736:53bc:f1ab with SMTP id d2e1a72fcca58-73dc14d3225mr26598536b3a.12.1745414441582; Wed, 23 Apr 2025 06:20:41 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:371e:10cb:f3ce:33f]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-73dbf8e510bsm10898037b3a.66.2025.04.23.06.20.40 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 23 Apr 2025 06:20:41 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 05/14] libsoup: Fix CVE-2025-32906 Date: Wed, 23 Apr 2025 06:20:16 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 23 Apr 2025 13:20:47 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/215298 From: Vijay Anusuri Upstream-Status: Backport from https://gitlab.gnome.org/GNOME/libsoup/-/commit/1f509f31b6f8420a3661c3f990424ab7b9164931 & https://gitlab.gnome.org/GNOME/libsoup/-/commit/af5b9a4a3945c52b940d5ac181ef51bb12011f1f Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../libsoup-3.4.4/CVE-2025-32906-1.patch | 61 ++++++++++++++ .../libsoup-3.4.4/CVE-2025-32906-2.patch | 83 +++++++++++++++++++ meta/recipes-support/libsoup/libsoup_3.4.4.bb | 2 + 3 files changed, 146 insertions(+) create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32906-1.patch create mode 100644 meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32906-2.patch diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32906-1.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32906-1.patch new file mode 100644 index 0000000000..916a41a71f --- /dev/null +++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32906-1.patch @@ -0,0 +1,61 @@ +From 1f509f31b6f8420a3661c3f990424ab7b9164931 Mon Sep 17 00:00:00 2001 +From: Patrick Griffis +Date: Tue, 11 Feb 2025 14:36:26 -0600 +Subject: [PATCH] headers: Handle parsing edge case + +This version number is specifically crafted to pass sanity checks allowing it to go one byte out of bounds. + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/1f509f31b6f8420a3661c3f990424ab7b9164931] +CVE: CVE-2025-32906 #Dependency Patch +Signed-off-by: Vijay Anusuri +--- + libsoup/soup-headers.c | 2 +- + tests/header-parsing-test.c | 12 ++++++++++++ + 2 files changed, 13 insertions(+), 1 deletion(-) + +diff --git a/libsoup/soup-headers.c b/libsoup/soup-headers.c +index 85385cea..9d6d00a3 100644 +--- a/libsoup/soup-headers.c ++++ b/libsoup/soup-headers.c +@@ -225,7 +225,7 @@ soup_headers_parse_request (const char *str, + !g_ascii_isdigit (version[5])) + return SOUP_STATUS_BAD_REQUEST; + major_version = strtoul (version + 5, &p, 10); +- if (*p != '.' || !g_ascii_isdigit (p[1])) ++ if (p + 1 >= str + len || *p != '.' || !g_ascii_isdigit (p[1])) + return SOUP_STATUS_BAD_REQUEST; + minor_version = strtoul (p + 1, &p, 10); + version_end = p; +diff --git a/tests/header-parsing-test.c b/tests/header-parsing-test.c +index 07ea2866..10ddb684 100644 +--- a/tests/header-parsing-test.c ++++ b/tests/header-parsing-test.c +@@ -6,6 +6,10 @@ typedef struct { + const char *name, *value; + } Header; + ++static char unterminated_http_version[] = { ++ 'G','E','T',' ','/',' ','H','T','T','P','/','1', '0', '0', '.' ++}; ++ + static struct RequestTest { + const char *description; + const char *bugref; +@@ -383,6 +387,14 @@ static struct RequestTest { + { { NULL } } + }, + ++ /* This couldn't be a C string as going one byte over would have been safe. */ ++ { "Long HTTP version terminating at missing minor version", "https://gitlab.gnome.org/GNOME/libsoup/-/issues/404", ++ unterminated_http_version, sizeof (unterminated_http_version), ++ SOUP_STATUS_BAD_REQUEST, ++ NULL, NULL, -1, ++ { { NULL } } ++ }, ++ + { "Non-HTTP request", NULL, + "GET / SOUP/1.1\r\nHost: example.com\r\n", -1, + SOUP_STATUS_BAD_REQUEST, +-- +GitLab + diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32906-2.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32906-2.patch new file mode 100644 index 0000000000..5baad15648 --- /dev/null +++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32906-2.patch @@ -0,0 +1,83 @@ +From af5b9a4a3945c52b940d5ac181ef51bb12011f1f Mon Sep 17 00:00:00 2001 +From: Patrick Griffis +Date: Wed, 12 Feb 2025 11:30:02 -0600 +Subject: [PATCH] headers: Handle parsing only newlines + +Closes #404 +Closes #407 + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/af5b9a4a3945c52b940d5ac181ef51bb12011f1f] +CVE: CVE-2025-32906 +Signed-off-by: Vijay Anusuri +--- + libsoup/soup-headers.c | 4 ++-- + tests/header-parsing-test.c | 13 ++++++++++++- + 2 files changed, 14 insertions(+), 3 deletions(-) + +diff --git a/libsoup/soup-headers.c b/libsoup/soup-headers.c +index 9d6d00a3..52ef2ece 100644 +--- a/libsoup/soup-headers.c ++++ b/libsoup/soup-headers.c +@@ -186,7 +186,7 @@ soup_headers_parse_request (const char *str, + /* RFC 2616 4.1 "servers SHOULD ignore any empty line(s) + * received where a Request-Line is expected." + */ +- while ((*str == '\r' || *str == '\n') && len > 0) { ++ while (len > 0 && (*str == '\r' || *str == '\n')) { + str++; + len--; + } +@@ -371,7 +371,7 @@ soup_headers_parse_response (const char *str, + * after a response, which we then see prepended to the next + * response on that connection. + */ +- while ((*str == '\r' || *str == '\n') && len > 0) { ++ while (len > 0 && (*str == '\r' || *str == '\n')) { + str++; + len--; + } +diff --git a/tests/header-parsing-test.c b/tests/header-parsing-test.c +index 10ddb684..4faafbd6 100644 +--- a/tests/header-parsing-test.c ++++ b/tests/header-parsing-test.c +@@ -6,10 +6,15 @@ typedef struct { + const char *name, *value; + } Header; + ++/* These are not C strings to ensure going one byte over is not safe. */ + static char unterminated_http_version[] = { + 'G','E','T',' ','/',' ','H','T','T','P','/','1', '0', '0', '.' + }; + ++static char only_newlines[] = { ++ '\n', '\n', '\n', '\n' ++}; ++ + static struct RequestTest { + const char *description; + const char *bugref; +@@ -387,7 +392,6 @@ static struct RequestTest { + { { NULL } } + }, + +- /* This couldn't be a C string as going one byte over would have been safe. */ + { "Long HTTP version terminating at missing minor version", "https://gitlab.gnome.org/GNOME/libsoup/-/issues/404", + unterminated_http_version, sizeof (unterminated_http_version), + SOUP_STATUS_BAD_REQUEST, +@@ -457,6 +461,13 @@ static struct RequestTest { + SOUP_STATUS_BAD_REQUEST, + NULL, NULL, -1, + { { NULL } } ++ }, ++ ++ { "Only newlines", NULL, ++ only_newlines, sizeof (only_newlines), ++ SOUP_STATUS_BAD_REQUEST, ++ NULL, NULL, -1, ++ { { NULL } } + } + }; + static const int num_reqtests = G_N_ELEMENTS (reqtests); +-- +GitLab + diff --git a/meta/recipes-support/libsoup/libsoup_3.4.4.bb b/meta/recipes-support/libsoup/libsoup_3.4.4.bb index f62c657213..cbb098908d 100644 --- a/meta/recipes-support/libsoup/libsoup_3.4.4.bb +++ b/meta/recipes-support/libsoup/libsoup_3.4.4.bb @@ -26,6 +26,8 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \ file://CVE-2025-32911_CVE-2025-32913-2.patch \ file://CVE-2025-32912-1.patch \ file://CVE-2025-32912-2.patch \ + file://CVE-2025-32906-1.patch \ + file://CVE-2025-32906-2.patch \ " SRC_URI[sha256sum] = "291c67725f36ed90ea43efff25064b69c5a2d1981488477c05c481a3b4b0c5aa" From patchwork Wed Apr 23 13:20:17 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 61753 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0AB96C369DC for ; Wed, 23 Apr 2025 13:20:47 +0000 (UTC) Received: from mail-pf1-f170.google.com (mail-pf1-f170.google.com [209.85.210.170]) by mx.groups.io with SMTP id smtpd.web10.8320.1745414444187383769 for ; Wed, 23 Apr 2025 06:20:44 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=FCAUWwBl; spf=softfail (domain: sakoman.com, ip: 209.85.210.170, mailfrom: steve@sakoman.com) Received: by mail-pf1-f170.google.com with SMTP id d2e1a72fcca58-736b0c68092so5463269b3a.0 for ; Wed, 23 Apr 2025 06:20:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1745414443; x=1746019243; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=lpguYIQdFUttBaspyDl8KHq1/6UYYTIh0mhRF2wXAIs=; b=FCAUWwBlMhAdl15G6tRpiHcHCoDZ2ioSLnJ0oqD3BDJWi71dJfkTTEMwDm3E+Lk+kD +Z9HYpnCdxpYNQg6/eMFDG8vkiw1WvK/866UpdDwKi0gsmP4JuLS5fenLAgsKykn8tUi d9cwwjearmSq+r0/TkJNuOWmrjx30pLy12yrdmPgUsmf6/kfYor0kt8VyYs0cRLWUO+u PRLiJO4MxoM+TL469o6Kv6PLQMx7+w6kl1xWL64sbyID//XNuQF3PlgH6oEP1B8edDWy eIoY8OzN5b8f2sc0h2CkRLFWcQaSdk1A+IKzX10DZz74vhVYSSGqyYxOlHJIz3g7oCVS xxPA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1745414443; x=1746019243; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=lpguYIQdFUttBaspyDl8KHq1/6UYYTIh0mhRF2wXAIs=; b=WK5wUmJdPtZikI/GWaAz0cwpP1JJuu5pZT285w7vcfJiriHiiWf5cwPK710B902tGJ nHWcvSOzMiZBWSLaSUUB4OoCyQQnJLbGVO+TvHdZUUqFN+Kkd/lgcWjoWPFVrYn6RzMQ Q4LhpxBrC96HtzAKq3IbwbqtUj2Akm80mYTUFe0Ekf6pZOc34ly9tT/+cEaRFZJP7NqC 4EFmxd8Gad/5SPV2A3p/Zv13fsLpCP9QMUe7DdtWYUhhjSZs2zAXObhSR/tEUJOt62fr fow1E8AqZJrYEATPpHTrvVTscMQZsSS/yIXsTm1cnSgTrN/nrVuk6Q9ohsaDsh/SglaG V/gw== X-Gm-Message-State: AOJu0YzCXzAOVGcCoAyj7pc8DmDa8K4uEKltEmR4vo4TFuUWpElAbsLP V5HqkDbKBY2z3iTfb47ADNiMUIlIvZiZZTsRa0Mo4SSX5rp+ZNZa+vhb0BTqLYJ8cdzIl1Jj1DR Y X-Gm-Gg: ASbGnct9kcm176g4/BPdXmW6bB0ThhfmtGpx4LGqIGj4oek7JVyAR5VXHhXA6HcuPXz ZUwdwobnuD/JkTug+lyVIVDS+1JIq1jEUsPnBL/QY4SKbx+aCR0XT+6JIKjKgZRMQkyo670ltRo BXb9udflSmYAkmVuwn+W6phFndOc0wbQkt66q4DylLrqccDeaTn3IdoXaw6uAIf9/uPrNsWHbmJ V0uRY8JMYnhNo3VxFJwB7/PoRjT/MxrEOYcE2WE6WLBAqysWhuohQoOOEdRUsUB+8Bey91nNicd cQMldbvYcps6iEu1gf1IrrKrwXyOWxxBiBPyMzrKqQ== X-Google-Smtp-Source: AGHT+IFdwpo+A0i56gmgRdIbIsXw3RCF3XBre94Y76IeEdkpdplQFACuTzxQrxXaVd9WRaFQnmyqxA== X-Received: by 2002:a05:6a00:3a06:b0:736:5725:59b9 with SMTP id d2e1a72fcca58-73dc14573e9mr25656245b3a.2.1745414443411; Wed, 23 Apr 2025 06:20:43 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:371e:10cb:f3ce:33f]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-73dbf8e510bsm10898037b3a.66.2025.04.23.06.20.42 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 23 Apr 2025 06:20:43 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 06/14] binutils: patch CVE-2025-1182 Date: Wed, 23 Apr 2025 06:20:17 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 23 Apr 2025 13:20:47 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/215299 From: Ashish Sharma Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=b425859021d17adf62f06fb904797cf8642986ad] Signed-off-by: Ashish Sharma Signed-off-by: Steve Sakoman --- .../binutils/binutils-2.42.inc | 1 + .../binutils/binutils/CVE-2025-1182.patch | 33 +++++++++++++++++++ 2 files changed, 34 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2025-1182.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.42.inc b/meta/recipes-devtools/binutils/binutils-2.42.inc index 758bd8dcce..9fc29301f0 100644 --- a/meta/recipes-devtools/binutils/binutils-2.42.inc +++ b/meta/recipes-devtools/binutils/binutils-2.42.inc @@ -44,5 +44,6 @@ SRC_URI = "\ file://CVE-2024-57360.patch \ file://CVE-2025-1181-pre.patch \ file://CVE-2025-1181.patch \ + file://CVE-2025-1182.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2025-1182.patch b/meta/recipes-devtools/binutils/binutils/CVE-2025-1182.patch new file mode 100644 index 0000000000..15b40fddb6 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2025-1182.patch @@ -0,0 +1,33 @@ +From b425859021d17adf62f06fb904797cf8642986ad Mon Sep 17 00:00:00 2001 +From: Nick Clifton +Date: Wed, 5 Feb 2025 16:27:38 +0000 +Subject: [PATCH] Fix another illegal memory access triggered by corrupt ELF + input files. + +PR 32644 + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=b425859021d17adf62f06fb904797cf8642986ad] +CVE: CVE-2025-1182 +Signed-off-by: Ashish Sharma + + bfd/elflink.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/bfd/elflink.c b/bfd/elflink.c +index bf940942ec3..df6eb250961 100644 +--- a/bfd/elflink.c ++++ b/bfd/elflink.c +@@ -15116,6 +15116,10 @@ bfd_elf_reloc_symbol_deleted_p (bfd_vma offset, void *cookie) + } + else + { ++ if (r_symndx >= rcookie->locsymcount) ++ /* This can happen with corrupt input. */ ++ return false; ++ + /* It's not a relocation against a global symbol, + but it could be a relocation against a local + symbol for a discarded section. */ +-- +2.43.5 + From patchwork Wed Apr 23 13:20:18 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 61750 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F1A19C369D1 for ; Wed, 23 Apr 2025 13:20:46 +0000 (UTC) Received: from mail-pf1-f177.google.com (mail-pf1-f177.google.com [209.85.210.177]) by mx.groups.io with SMTP id smtpd.web11.8570.1745414446321966403 for ; Wed, 23 Apr 2025 06:20:46 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=jf6c3D5f; spf=softfail (domain: sakoman.com, ip: 209.85.210.177, mailfrom: steve@sakoman.com) Received: by mail-pf1-f177.google.com with SMTP id d2e1a72fcca58-736dd9c4b40so827332b3a.0 for ; Wed, 23 Apr 2025 06:20:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1745414445; x=1746019245; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=y/ZSMv14eU0FWk1PXg2XdkPrzLYcKOsdZGFPmHXwtw0=; b=jf6c3D5f/pHteyxBNUbgikBnzLbaYPI1vdfaEsLi4jMqEh3Icy0zP6i6Ox/8fHQr4J +X1dMlQVAzXOqh5m1Q65J/T9pOAqwBGXWcAC8sfKmrIGBsfC/fZRoZe5aj5kZoyOMrFo E7L0VvYXMB+jtWLcon6Bp9qCGrIVnXdgscOUF0en+TS2LKw54G5iettLpIhMEOJ7Stlj uhyibDC8buufJJGXHyS6dOb9l8+6LXHYY0OnQm0N/IY47fO3hb5kMtud2WIxQf/EWZDu YgHcPnhovLrdLHRa695IxDvpDpELw2pF4MJlnQhp4tMmJInmW9yKXIAhXvqKPH97x/Lp ri9w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1745414445; x=1746019245; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=y/ZSMv14eU0FWk1PXg2XdkPrzLYcKOsdZGFPmHXwtw0=; b=JFiHO0ZVdvV/gmxxnWicYEuGTduSIW9Rle0dGs6KbohjrUrFSEr3bxMpoQXnAUFh47 T83IGZ+gVWs/68oY8/3d6gq8gATsTH3efFcjF1m3Grbop12y6GXTq2yCJxXcDNpgjM/U x98oR8I8gd9o+kpQ0Tdpmr/FATYsIFLNBGr23PK2orJlOHprSk8a+zPL/5lYyHj0z2Wl Ck6MxrB31tsXk5XBiQE53GvlFfa9dYFkLFqzFS3Txvm3b2WYP7+F12Z27kTtA3XptUd5 3Qqd4iLHgKVHVq5vigO+WxWbKwMaHbMbTPxIzQnYKGrYyCCjhWAiR7JBkGIeYjTlik0J NKrw== X-Gm-Message-State: AOJu0Yw7M2eN9xMw2mnPpEFG4/O53tzV41Pcio1S73jAcbm1q+tds/fN qeZTx1+gdQdDc+76WabJ1gCgrYwXRYq9+ccUU58+fxz3qm9z10kDPOCyvLZwt64S9Lnr89txrl3 e X-Gm-Gg: ASbGnct49sEcJPmUHTwlCNt7wRZMbnDucMWI31u5iKyzYmO+2SY8hUESr3bZm7e0h58 1zEMb0fVuGRVFP7f9mlev6a9nfjKV0Ooj+JUJxcxTgi9Y5NV22LpcA5oLnJsy81xhuTz0DwS+hY 6g+upfa9FvvVrfExFAJEuLriHUM3dX4nWkVWjfPePz7MFOfbaO3TyWDZ5p3JBZKXLdP5Bhn7kyi +RozNK7x1+BCNVMv3a7yevn1maghOnDZMPiVB1Qnblr8G6IZdAvGQLr31hepcFEhsxPd8pwD5kh qrvtpKPizUe1kMw9kO/+uLXJyb7MAOk= X-Google-Smtp-Source: AGHT+IHDiJtXyGYaqx1jW+c+nEYyjARk4b00/M6x+Wn419sKvQNlpzZiYQegayTyS+0646cH0SVNzg== X-Received: by 2002:a05:6a00:a88b:b0:730:9637:b2ff with SMTP id d2e1a72fcca58-73e135c5945mr4049884b3a.7.1745414445538; Wed, 23 Apr 2025 06:20:45 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:371e:10cb:f3ce:33f]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-73dbf8e510bsm10898037b3a.66.2025.04.23.06.20.44 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 23 Apr 2025 06:20:45 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 07/14] sqlite3: patch CVE-2025-3277 Date: Wed, 23 Apr 2025 06:20:18 -0700 Message-ID: <2f800295919ac337f038e1678f4c0abb2a6e7f95.1745356684.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 23 Apr 2025 13:20:46 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/215300 From: Peter Marko Pick commit [1] mentioned in [2]. [1] https://sqlite.org/src/info/498e3f1cf57f164f [2] https://nvd.nist.gov/vuln/detail/CVE-2025-3277 Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../sqlite/sqlite3/CVE-2025-3277.patch | 28 +++++++++++++++++++ meta/recipes-support/sqlite/sqlite3_3.45.3.bb | 4 ++- 2 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch new file mode 100644 index 0000000000..4e2ed5f1e0 --- /dev/null +++ b/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch @@ -0,0 +1,28 @@ +From d7f45414935e4ef6e3361f02a22876f1ee7a04aa Mon Sep 17 00:00:00 2001 +From: drh <> +Date: Sun, 16 Feb 2025 10:57:25 +0000 +Subject: [PATCH] Add a typecast to avoid 32-bit integer overflow in the + concat_ws() function with an enormous separator values and many arguments. + +FossilOrigin-Name: 498e3f1cf57f164fbd8380e92bf91b9f26d6aa05d092fcd135d754abf1e5b1b5 + +CVE: CVE-2025-3277 +Upstream-Status: Backport [https://sqlite.org/src/info/498e3f1cf57f164f] +Signed-off-by: Peter Marko +--- + sqlite3.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sqlite3.c b/sqlite3.c +index 08c593e55c..24d0d954d9 100644 +--- a/sqlite3.c ++++ b/sqlite3.c +@@ -129594,7 +129594,7 @@ static void concatFuncCore( + for(i=0; i X-Patchwork-Id: 61755 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 12B97C369CB for ; Wed, 23 Apr 2025 13:20:57 +0000 (UTC) Received: from mail-pf1-f176.google.com (mail-pf1-f176.google.com [209.85.210.176]) by mx.groups.io with SMTP id smtpd.web11.8573.1745414448915145656 for ; Wed, 23 Apr 2025 06:20:48 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=yiMbN0Sx; spf=softfail (domain: sakoman.com, ip: 209.85.210.176, mailfrom: steve@sakoman.com) Received: by mail-pf1-f176.google.com with SMTP id d2e1a72fcca58-7376e311086so9042974b3a.3 for ; Wed, 23 Apr 2025 06:20:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1745414448; x=1746019248; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ytu6lXd+tt1/5HyHmKdEDtFnDISRtXpCrrd2lAjj+A8=; b=yiMbN0Sxi1oxYCZRg8PHa//ILoLGyxkPXeS3alDX5G4rxxa57kAGOxb4J9FAwD7tN/ S+iPmfmdjlc/gCiisHfDOf4ikNgJceHWn9Y5IMx1q5ovd5SqnfzGl6KwLxzc/3xlapbL WnpvrznI5Aw8IYimFfrNfSPktb+Sr6f6VH48sIlGPOccIKxnDwjaePvBkmJWwZfPFQYi gU35U6Adq7NwbD+RdFw9lXYefadCKLNcURPM4RjghH0vkHWzGdRJ+KVe2o4oQ6u6sg8a 59Gp3vN7Kd3gcqiD449J6gv9jPAIviBXNQjSSeABvXBDm/TCkmBawp6q05yjY+8bHfRL MaPw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1745414448; x=1746019248; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ytu6lXd+tt1/5HyHmKdEDtFnDISRtXpCrrd2lAjj+A8=; b=bOY0GSvRGo+iqZ17F4GIiKMlqBMb0SWbHvoHDW0dfWeZ7uwWt/b5ExBvmZShYcxBkE Y2uyuH2kbfC/uwOWYcle8JWH8s6VeDCm+145doiMxwtu4k7A32C6wS6Gtw6rHRlHMQEi OcFDgu8JA3+53FzXtgrgwT4UBTBhpk5QpvOYJ0x3dXO4mTgbowsDYGsOArfnCTpwv4PF Rm3ZBLflofNQuiKM+5lju1ms2x6l+QDWjP533lA8NAor4V9BsBZzXat4e6VIayLEpE8g 161T6CgBWC7Gezxkw9WyKt5JTKY7yqAf0GunyagdoIVwL0ryZOBHduLbxFV/QrxTp9M+ qvRA== X-Gm-Message-State: AOJu0YwYIWLITj4dGC/ofEH5qpt4BCyNFR4dFJU71A2yLYN2EEeMu2ha Fvxl39Civ9tLBF4i/KI4Hh+xn/iv3/tE+zy3sQXiMHd6bF5OCU5LBDriDVGfcjRiXEVYpRDhku1 g X-Gm-Gg: ASbGnctVfjmUZ6goSXFpIkDoWGHnUi3xVLBr2OliSjdm1EyKEGubQXBtwGPl2XYxyXn 7edC2/j797aMK838siIeNPopDQWC8Vo3JB/IOiAQnCuJHw8jCpxI1jBQwoC3RcTj7dPsujsf1YR WEhCpaWNMLbqMHbv2wYHkYjLUEpEGz4Yo6w3t+2zt9XIwBwlUYmzG+oowbRKoza2bic/soRgqrg tIZwI31zdeCqC3YDJt8ppormu3tMAtNjAptJXsAyHfhMGIy9j9gg86eh/QAJtgrxFXF1fP3YkmA vy9pbAe1LiX/fHM3RW3Vf55b8POyCrgwlrFt2mzZbQ== X-Google-Smtp-Source: AGHT+IEzT7SABJdo5nmOpb88mPXxCautxNtLorDN6zgNOXPwSZXOLHwpeEo+a7Dj8nceVs8ahYMetQ== X-Received: by 2002:a05:6a00:9281:b0:736:520a:58f9 with SMTP id d2e1a72fcca58-73dc1563777mr25170231b3a.17.1745414447436; Wed, 23 Apr 2025 06:20:47 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:371e:10cb:f3ce:33f]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-73dbf8e510bsm10898037b3a.66.2025.04.23.06.20.46 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 23 Apr 2025 06:20:47 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 08/14] sqlite3: patch CVE-2025-29088 Date: Wed, 23 Apr 2025 06:20:19 -0700 Message-ID: <6a65833a53487571b1ed0831dcc0b1fb04946557.1745356684.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 23 Apr 2025 13:20:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/215301 From: Peter Marko Pick commit [1] mentioned in [2]. [1] https://github.com/sqlite/sqlite/commit/56d2fd008b108109f489339f5fd55212bb50afd4 [2] https://nvd.nist.gov/vuln/detail/CVE-2025-29088 Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../sqlite/sqlite3/CVE-2025-29088.patch | 179 ++++++++++++++++++ meta/recipes-support/sqlite/sqlite3_3.45.3.bb | 1 + 2 files changed, 180 insertions(+) create mode 100644 meta/recipes-support/sqlite/sqlite3/CVE-2025-29088.patch diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2025-29088.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2025-29088.patch new file mode 100644 index 0000000000..7a5769ed07 --- /dev/null +++ b/meta/recipes-support/sqlite/sqlite3/CVE-2025-29088.patch @@ -0,0 +1,179 @@ +From 57d1e61dda969659f59a0b7841c7d0287d724bc6 Mon Sep 17 00:00:00 2001 +From: drh <> +Date: Mon, 17 Feb 2025 14:16:49 +0000 +Subject: [PATCH] Harden the SQLITE_DBCONFIG_LOOKASIDE interface against + misuse, such as described in [forum:/forumpost/48f365daec|forum post + 48f365daec]. Enhancements to the SQLITE_DBCONFIG_LOOKASIDE documentation. + Test cases in TH3. + +FossilOrigin-Name: 1ec4c308c76c69fba031184254fc3340f07607cfbf8342b13713ab445563d377 + +CVE: CVE-2025-29088 +Upstream-Status: Backport [https://github.com/sqlite/sqlite/commit/56d2fd008b108109f489339f5fd55212bb50afd4] +Signed-off-by: Peter Marko +--- + sqlite3.c | 42 +++++++++++++++++++++++--------------- + sqlite3.h | 60 +++++++++++++++++++++++++++++++++++++------------------ + 2 files changed, 67 insertions(+), 35 deletions(-) + +diff --git a/sqlite3.c b/sqlite3.c +index 24d0d954d9..2574a43f3e 100644 +--- a/sqlite3.c ++++ b/sqlite3.c +@@ -179112,17 +179112,22 @@ SQLITE_API int sqlite3_config(int op, ...){ + ** If lookaside is already active, return SQLITE_BUSY. + ** + ** The sz parameter is the number of bytes in each lookaside slot. +-** The cnt parameter is the number of slots. If pStart is NULL the +-** space for the lookaside memory is obtained from sqlite3_malloc(). +-** If pStart is not NULL then it is sz*cnt bytes of memory to use for +-** the lookaside memory. ++** The cnt parameter is the number of slots. If pBuf is NULL the ++** space for the lookaside memory is obtained from sqlite3_malloc() ++** or similar. If pBuf is not NULL then it is sz*cnt bytes of memory ++** to use for the lookaside memory. + */ +-static int setupLookaside(sqlite3 *db, void *pBuf, int sz, int cnt){ ++static int setupLookaside( ++ sqlite3 *db, /* Database connection being configured */ ++ void *pBuf, /* Memory to use for lookaside. May be NULL */ ++ int sz, /* Desired size of each lookaside memory slot */ ++ int cnt /* Number of slots to allocate */ ++){ + #ifndef SQLITE_OMIT_LOOKASIDE +- void *pStart; +- sqlite3_int64 szAlloc = sz*(sqlite3_int64)cnt; +- int nBig; /* Number of full-size slots */ +- int nSm; /* Number smaller LOOKASIDE_SMALL-byte slots */ ++ void *pStart; /* Start of the lookaside buffer */ ++ sqlite3_int64 szAlloc; /* Total space set aside for lookaside memory */ ++ int nBig; /* Number of full-size slots */ ++ int nSm; /* Number smaller LOOKASIDE_SMALL-byte slots */ + + if( sqlite3LookasideUsed(db,0)>0 ){ + return SQLITE_BUSY; +@@ -179135,17 +179140,22 @@ static int setupLookaside(sqlite3 *db, void *pBuf, int sz, int cnt){ + sqlite3_free(db->lookaside.pStart); + } + /* The size of a lookaside slot after ROUNDDOWN8 needs to be larger +- ** than a pointer to be useful. ++ ** than a pointer and small enough to fit in a u16. + */ +- sz = ROUNDDOWN8(sz); /* IMP: R-33038-09382 */ ++ sz = ROUNDDOWN8(sz); + if( sz<=(int)sizeof(LookasideSlot*) ) sz = 0; +- if( cnt<0 ) cnt = 0; +- if( sz==0 || cnt==0 ){ ++ if( sz>65528 ) sz = 65528; ++ /* Count must be at least 1 to be useful, but not so large as to use ++ ** more than 0x7fff0000 total bytes for lookaside. */ ++ if( cnt<1 ) cnt = 0; ++ if( sz>0 && cnt>(0x7fff0000/sz) ) cnt = 0x7fff0000/sz; ++ szAlloc = (i64)sz*(i64)cnt; ++ if( szAlloc==0 ){ + sz = 0; + pStart = 0; + }else if( pBuf==0 ){ + sqlite3BeginBenignMalloc(); +- pStart = sqlite3Malloc( szAlloc ); /* IMP: R-61949-35727 */ ++ pStart = sqlite3Malloc( szAlloc ); + sqlite3EndBenignMalloc(); + if( pStart ) szAlloc = sqlite3MallocSize(pStart); + }else{ +@@ -179154,10 +179164,10 @@ static int setupLookaside(sqlite3 *db, void *pBuf, int sz, int cnt){ + #ifndef SQLITE_OMIT_TWOSIZE_LOOKASIDE + if( sz>=LOOKASIDE_SMALL*3 ){ + nBig = szAlloc/(3*LOOKASIDE_SMALL+sz); +- nSm = (szAlloc - sz*nBig)/LOOKASIDE_SMALL; ++ nSm = (szAlloc - (i64)sz*(i64)nBig)/LOOKASIDE_SMALL; + }else if( sz>=LOOKASIDE_SMALL*2 ){ + nBig = szAlloc/(LOOKASIDE_SMALL+sz); +- nSm = (szAlloc - sz*nBig)/LOOKASIDE_SMALL; ++ nSm = (szAlloc - (i64)sz*(i64)nBig)/LOOKASIDE_SMALL; + }else + #endif /* SQLITE_OMIT_TWOSIZE_LOOKASIDE */ + if( sz>0 ){ +diff --git a/sqlite3.h b/sqlite3.h +index 2618b37a7b..056511f577 100644 +--- a/sqlite3.h ++++ b/sqlite3.h +@@ -1974,13 +1974,16 @@ struct sqlite3_mem_methods { + ** + ** [[SQLITE_CONFIG_LOOKASIDE]]
SQLITE_CONFIG_LOOKASIDE
+ **
^(The SQLITE_CONFIG_LOOKASIDE option takes two arguments that determine +-** the default size of lookaside memory on each [database connection]. ++** the default size of [lookaside memory] on each [database connection]. + ** The first argument is the +-** size of each lookaside buffer slot and the second is the number of +-** slots allocated to each database connection.)^ ^(SQLITE_CONFIG_LOOKASIDE +-** sets the default lookaside size. The [SQLITE_DBCONFIG_LOOKASIDE] +-** option to [sqlite3_db_config()] can be used to change the lookaside +-** configuration on individual connections.)^
++** size of each lookaside buffer slot ("sz") and the second is the number of ++** slots allocated to each database connection ("cnt").)^ ++** ^(SQLITE_CONFIG_LOOKASIDE sets the default lookaside size. ++** The [SQLITE_DBCONFIG_LOOKASIDE] option to [sqlite3_db_config()] can ++** be used to change the lookaside configuration on individual connections.)^ ++** The [-DSQLITE_DEFAULT_LOOKASIDE] option can be used to change the ++** default lookaside configuration at compile-time. ++** + ** + ** [[SQLITE_CONFIG_PCACHE2]]
SQLITE_CONFIG_PCACHE2
+ **
^(The SQLITE_CONFIG_PCACHE2 option takes a single argument which is +@@ -2210,24 +2213,43 @@ struct sqlite3_mem_methods { + **
SQLITE_DBCONFIG_LOOKASIDE
+ **
^This option takes three additional arguments that determine the + ** [lookaside memory allocator] configuration for the [database connection]. +-** ^The first argument (the third parameter to [sqlite3_db_config()] is a ++**
    ++**

  1. The first argument ("buf") is a + ** pointer to a memory buffer to use for lookaside memory. +-** ^The first argument after the SQLITE_DBCONFIG_LOOKASIDE verb +-** may be NULL in which case SQLite will allocate the +-** lookaside buffer itself using [sqlite3_malloc()]. ^The second argument is the +-** size of each lookaside buffer slot. ^The third argument is the number of +-** slots. The size of the buffer in the first argument must be greater than +-** or equal to the product of the second and third arguments. The buffer +-** must be aligned to an 8-byte boundary. ^If the second argument to +-** SQLITE_DBCONFIG_LOOKASIDE is not a multiple of 8, it is internally +-** rounded down to the next smaller multiple of 8. ^(The lookaside memory ++** The first argument may be NULL in which case SQLite will allocate the ++** lookaside buffer itself using [sqlite3_malloc()]. ++**

  2. The second argument ("sz") is the ++** size of each lookaside buffer slot. Lookaside is disabled if "sz" ++** is less than 8. The "sz" argument should be a multiple of 8 less than ++** 65536. If "sz" does not meet this constraint, it is reduced in size until ++** it does. ++**

  3. The third argument ("cnt") is the number of slots. Lookaside is disabled ++** if "cnt"is less than 1. The "cnt" value will be reduced, if necessary, so ++** that the product of "sz" and "cnt" does not exceed 2,147,418,112. The "cnt" ++** parameter is usually chosen so that the product of "sz" and "cnt" is less ++** than 1,000,000. ++**

++**

If the "buf" argument is not NULL, then it must ++** point to a memory buffer with a size that is greater than ++** or equal to the product of "sz" and "cnt". ++** The buffer must be aligned to an 8-byte boundary. ++** The lookaside memory + ** configuration for a database connection can only be changed when that + ** connection is not currently using lookaside memory, or in other words +-** when the "current value" returned by +-** [sqlite3_db_status](D,[SQLITE_DBSTATUS_LOOKASIDE_USED],...) is zero. ++** when the value returned by [SQLITE_DBSTATUS_LOOKASIDE_USED] is zero. + ** Any attempt to change the lookaside memory configuration when lookaside + ** memory is in use leaves the configuration unchanged and returns +-** [SQLITE_BUSY].)^

++** [SQLITE_BUSY]. ++** If the "buf" argument is NULL and an attempt ++** to allocate memory based on "sz" and "cnt" fails, then ++** lookaside is silently disabled. ++**

++** The [SQLITE_CONFIG_LOOKASIDE] configuration option can be used to set the ++** default lookaside configuration at initialization. The ++** [-DSQLITE_DEFAULT_LOOKASIDE] option can be used to set the default lookaside ++** configuration at compile-time. Typical values for lookaside are 1200 for ++** "sz" and 40 to 100 for "cnt". ++** + ** + ** [[SQLITE_DBCONFIG_ENABLE_FKEY]] + **

SQLITE_DBCONFIG_ENABLE_FKEY
diff --git a/meta/recipes-support/sqlite/sqlite3_3.45.3.bb b/meta/recipes-support/sqlite/sqlite3_3.45.3.bb index 0e91167eef..d39cb3805b 100644 --- a/meta/recipes-support/sqlite/sqlite3_3.45.3.bb +++ b/meta/recipes-support/sqlite/sqlite3_3.45.3.bb @@ -5,6 +5,7 @@ LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed0 SRC_URI = "http://www.sqlite.org/2024/sqlite-autoconf-${SQLITE_PV}.tar.gz \ file://CVE-2025-3277.patch \ + file://CVE-2025-29088.patch \ " SRC_URI[sha256sum] = "b2809ca53124c19c60f42bf627736eae011afdcc205bb48270a5ee9a38191531" From patchwork Wed Apr 23 13:20:20 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 61756 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1B8F4C369D7 for ; Wed, 23 Apr 2025 13:20:57 +0000 (UTC) Received: from mail-pf1-f181.google.com (mail-pf1-f181.google.com [209.85.210.181]) by mx.groups.io with SMTP id smtpd.web11.8575.1745414450710165504 for ; Wed, 23 Apr 2025 06:20:50 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=jkbyAu6T; spf=softfail (domain: sakoman.com, ip: 209.85.210.181, mailfrom: steve@sakoman.com) Received: by mail-pf1-f181.google.com with SMTP id d2e1a72fcca58-736c277331eso929693b3a.1 for ; Wed, 23 Apr 2025 06:20:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1745414450; x=1746019250; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=MvSyocsBSyIxrYr9W9I7SSmDC781OcO5M/oi1+wS7jE=; b=jkbyAu6ThafV53ZfdS3n+joo1zQ2TMxkI76RaLLVuGDYieqkZ5fObP3jzFEF5f+g3P 9UX2yi9Qp/G9j84nxAKNDJkS7uBxNXywpcwLt+NpLxa7ddqpBPDdcWjuSYAZoo5pPAWd pChAPoEmv4tQ89tc0qEyRNyvW/aktnJkYfs7AxpFMV/HS9FdW/+4MnNgRxaqtuTlKiHA Suw1A4VgcQbYL/pkZ0ChxxuDRsU68u+PTYXRX6cj2lOfljw8qyFjhi7f5dmR3g3MN1Ch tvWsVSJEUDA0qsGOB7sJm4tu9eJ5cpiIFOOvJ4sok2NMoqlAnJbJj1JaO5L/AEvoUHNw 9STw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1745414450; x=1746019250; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MvSyocsBSyIxrYr9W9I7SSmDC781OcO5M/oi1+wS7jE=; b=oLBP55jwVd2DzRv47W8AbddZLvIwo2DOeqcLpS4tcbJ7DyVAvlGVY0i6djyLtwG4Cw AdrrgpA83utj8nt9qAm3dMtgc45zJibVq5anO062RCOmQ5ExSNUUp5KPfLFWQ8SyP004 XIcCz1/bEQKtCibNYO+dSe6En/YiRcv5h+ihkEvHT0PCEUAGW3zFat8xn9dUEZy8qZu2 0EVG67EWwAmRhsM/FM4Dx66UnEensSXKG6u/4trxx/Jvsoh+P+2l1li3iPMSWeOtCaXE Ly/mQIjmCQWG2Em1LMsjMQbQkVAvt/PxN+Ugv36oTI0xNaSOdkQiffAVRySQuQB8Irw0 X0jw== X-Gm-Message-State: AOJu0YyAabEQixny4plMr2cR6jIVG7neODe2cbcCmDkLtEzRrpUjXB9/ 0YaHVWyYIj6vQYdwA7u0eAwDg4iA4CILlrN9uo6KMX6p1/umOdIYhkqneKLYMUtGItcBxq+x98S t X-Gm-Gg: ASbGnctrb2TTslZ3iMmsb3tR7bKrQClkK430A5OpDpMdFLae9yIK5Cl1Sgm0zAJxmUF bRrII7fgZ59w+eRH7DadR7xgHOTrviQXi+5S9GG7OqDyz5mL17DA6mZFq12kZzlE0tDz+SONjm7 /TQCF+7NZf9Zi7NxpM32FyOK5kyGcoa/TYnts/ilBfYWWopYAmD1oDns95IkeYasVFCv/VM5Xfg 7Gpg91BkZ9CI6YTQsoNjuHRFdAfmCzAAWeAabzGWXvxUH7yGlRZvL3HvmGJkH3tAG43i8HPx5MA 0yzVcHu+wo5vrCXHfaHNtXigVOShqWo= X-Google-Smtp-Source: AGHT+IGIGurFbEoe+EVGkHSR+U1FLIW5MdZwJdEYVFuEFBBZ7OJ6CgqiRwUw3DXeSocwah67FT7LeA== X-Received: by 2002:a05:6a21:8cc9:b0:201:8a06:6e3b with SMTP id adf61e73a8af0-2042e5de1ecmr4194913637.9.1745414449692; Wed, 23 Apr 2025 06:20:49 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:371e:10cb:f3ce:33f]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-73dbf8e510bsm10898037b3a.66.2025.04.23.06.20.48 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 23 Apr 2025 06:20:49 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 09/14] curl: fix CVE-2024-11053 Date: Wed, 23 Apr 2025 06:20:20 -0700 Message-ID: <084d8ca3b47b47333edba87f6aa427a12ee574f2.1745356684.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 23 Apr 2025 13:20:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/215302 From: Yogita Urade When asked to both use a `.netrc` file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password. CVE-2024-11053-0001 is the dependent commit, CVE-2024-11053-0002 is actual CVE fix and the actual fix caused a regression that was fixed by CVE-2024-11053-0003. Reference: https://curl.se/docs/CVE-2024-11053.html https://git.launchpad.net/ubuntu/+source/curl/commit/?h=applied/ubuntu/noble-devel&id=9ea469c352a313104f750dea93e78df8d868c435 Upstream patches: https://github.com/curl/curl/commit/9bee39bfed2c413b4cc4eb306a57ac92a1854907 https://github.com/curl/curl/commit/e9b9bbac22c26cf67316fa8e6c6b9e831af3194 https://github.com/curl/curl/commit/9fce2c55d4b0273ac99b59bd8cb982a6d96b88cf Signed-off-by: Yogita Urade Signed-off-by: Steve Sakoman --- .../curl/curl/CVE-2024-11053-0001.patch | 353 +++++++++ .../curl/curl/CVE-2024-11053-0002.patch | 728 ++++++++++++++++++ .../curl/curl/CVE-2024-11053-0003.patch | 130 ++++ meta/recipes-support/curl/curl_8.7.1.bb | 3 + 4 files changed, 1214 insertions(+) create mode 100644 meta/recipes-support/curl/curl/CVE-2024-11053-0001.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2024-11053-0002.patch create mode 100644 meta/recipes-support/curl/curl/CVE-2024-11053-0003.patch diff --git a/meta/recipes-support/curl/curl/CVE-2024-11053-0001.patch b/meta/recipes-support/curl/curl/CVE-2024-11053-0001.patch new file mode 100644 index 0000000000..52ba390cde --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2024-11053-0001.patch @@ -0,0 +1,353 @@ +From 9bee39bfed2c413b4cc4eb306a57ac92a1854907 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg +Date: Sat, 12 Oct 2024 23:54:39 +0200 +Subject: [PATCH] url: use same credentials on redirect + +Previously it could lose the username and only use the password. + +Added test 998 and 999 to verify. + +Reported-by: Tobias Bora +Fixes #15262 +Closes #15282 + +Changes: +- Test files are added in Makefile.inc. + +CVE: CVE-2024-11053 +Upstream-Status: Backport [https://github.com/curl/curl/commit/9bee39bfed2c413b4cc4eb306a57ac92a1854907] + +Signed-off-by: Yogita Urade +--- + lib/transfer.c | 3 ++ + lib/url.c | 19 +++++---- + lib/urldata.h | 9 +++- + tests/data/Makefile.inc | 2 +- + tests/data/test998 | 92 +++++++++++++++++++++++++++++++++++++++++ + tests/data/test999 | 81 ++++++++++++++++++++++++++++++++++++ + 6 files changed, 195 insertions(+), 11 deletions(-) + create mode 100644 tests/data/test998 + create mode 100644 tests/data/test999 + +diff --git a/lib/transfer.c b/lib/transfer.c +index e31d1d6..ccd042b 100644 +--- a/lib/transfer.c ++++ b/lib/transfer.c +@@ -700,6 +700,9 @@ CURLcode Curl_pretransfer(struct Curl_easy *data) + return CURLE_OUT_OF_MEMORY; + } + ++ if(data->set.str[STRING_USERNAME] || ++ data->set.str[STRING_PASSWORD]) ++ data->state.creds_from = CREDS_OPTION; + if(!result) + result = Curl_setstropt(&data->state.aptr.user, + data->set.str[STRING_USERNAME]); +diff --git a/lib/url.c b/lib/url.c +index 224b9f3..05431b9 100644 +--- a/lib/url.c ++++ b/lib/url.c +@@ -1899,10 +1899,10 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data, + return result; + + /* +- * User name and password set with their own options override the +- * credentials possibly set in the URL. ++ * username and password set with their own options override the credentials ++ * possibly set in the URL, but netrc does not. + */ +- if(!data->set.str[STRING_PASSWORD]) { ++ if(!data->state.aptr.passwd || (data->state.creds_from != CREDS_OPTION)) { + uc = curl_url_get(uh, CURLUPART_PASSWORD, &data->state.up.password, 0); + if(!uc) { + char *decoded; +@@ -1915,12 +1915,13 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data, + result = Curl_setstropt(&data->state.aptr.passwd, decoded); + if(result) + return result; ++ data->state.creds_from = CREDS_URL; + } + else if(uc != CURLUE_NO_PASSWORD) + return Curl_uc_to_curlcode(uc); + } + +- if(!data->set.str[STRING_USERNAME]) { ++ if(!data->state.aptr.user || (data->state.creds_from != CREDS_OPTION)) { + /* we don't use the URL API's URL decoder option here since it rejects + control codes and we want to allow them for some schemes in the user + and password fields */ +@@ -1934,13 +1935,10 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data, + return result; + conn->user = decoded; + result = Curl_setstropt(&data->state.aptr.user, decoded); ++ data->state.creds_from = CREDS_URL; + } + else if(uc != CURLUE_NO_USER) + return Curl_uc_to_curlcode(uc); +- else if(data->state.aptr.passwd) { +- /* no user was set but a password, set a blank user */ +- result = Curl_setstropt(&data->state.aptr.user, ""); +- } + if(result) + return result; + } +@@ -2730,7 +2728,8 @@ static CURLcode override_login(struct Curl_easy *data, + int ret; + bool url_provided = FALSE; + +- if(data->state.aptr.user) { ++ if(data->state.aptr.user && ++ (data->state.creds_from != CREDS_NETRC)) { + /* there was a user name in the URL. Use the URL decoded version */ + userp = &data->state.aptr.user; + url_provided = TRUE; +@@ -2778,6 +2777,7 @@ static CURLcode override_login(struct Curl_easy *data, + result = Curl_setstropt(&data->state.aptr.user, *userp); + if(result) + return result; ++ data->state.creds_from = CREDS_NETRC; + } + } + if(data->state.aptr.user) { +@@ -2795,6 +2795,7 @@ static CURLcode override_login(struct Curl_easy *data, + CURLcode result = Curl_setstropt(&data->state.aptr.passwd, *passwdp); + if(result) + return result; ++ data->state.creds_from = CREDS_NETRC; + } + if(data->state.aptr.passwd) { + uc = curl_url_set(data->state.uh, CURLUPART_PASSWORD, +diff --git a/lib/urldata.h b/lib/urldata.h +index ce28f25..b68d023 100644 +--- a/lib/urldata.h ++++ b/lib/urldata.h +@@ -1207,6 +1207,11 @@ struct urlpieces { + char *query; + }; + ++#define CREDS_NONE 0 ++#define CREDS_URL 1 /* from URL */ ++#define CREDS_OPTION 2 /* set with a CURLOPT_ */ ++#define CREDS_NETRC 3 /* found in netrc */ ++ + struct UrlState { + /* Points to the connection cache */ + struct conncache *conn_cache; +@@ -1344,7 +1349,6 @@ struct UrlState { + char *proxyuser; + char *proxypasswd; + } aptr; +- + unsigned char httpwant; /* when non-zero, a specific HTTP version requested + to be used in the library's request(s) */ + unsigned char httpversion; /* the lowest HTTP version*10 reported by any +@@ -1354,6 +1358,9 @@ struct UrlState { + unsigned char select_bits; /* != 0 -> bitmask of socket events for this + transfer overriding anything the socket may + report */ ++ unsigned int creds_from:2; /* where is the server credentials originating ++ from, see the CREDS_* defines above */ ++ + #ifdef CURLDEBUG + BIT(conncache_lock); + #endif +diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc +index d89e565..03cb6a0 100644 +--- a/tests/data/Makefile.inc ++++ b/tests/data/Makefile.inc +@@ -126,7 +126,7 @@ test952 test953 test954 test955 test956 test957 test958 test959 test960 \ + test961 test962 test963 test964 test965 test966 test967 test968 test969 \ + test970 test971 test972 test973 test974 test975 test976 test977 test978 \ + test979 test980 test981 test982 test983 test984 test985 test986 test987 \ +-test988 test989 test990 test991 test992 \ ++test988 test989 test990 test991 test992 test998 test999 \ + \ + test1000 test1001 test1002 test1003 test1004 test1005 test1006 test1007 \ + test1008 test1009 test1010 test1011 test1012 test1013 test1014 test1015 \ +diff --git a/tests/data/test998 b/tests/data/test998 +new file mode 100644 +index 0000000..596b18e +--- /dev/null ++++ b/tests/data/test998 +@@ -0,0 +1,92 @@ ++ ++ ++ ++ HTTP ++ --location-trusted ++ ++ ++ ++ # ++ # Server-side ++ ++ ++ HTTP/1.1 301 redirect ++ Date: Tue, 09 Nov 2010 14:49:00 GMT ++ Server: test-server/fake ++ Content-Length: 0 ++ Connection: close ++ Content-Type: text/html ++ Location: http://somewhere.else.example/a/path/%TESTNUMBER0002 ++ ++ ++ ++ HTTP/1.1 200 OK ++ Date: Tue, 09 Nov 2010 14:49:00 GMT ++ Content-Length: 6 ++ Content-Type: text/html ++ Funny-head: yesyes ++ ++ -foo- ++ ++ ++ ++ HTTP/1.1 301 redirect ++ Date: Tue, 09 Nov 2010 14:49:00 GMT ++ Server: test-server/fake ++ Content-Length: 0 ++ Connection: close ++ Content-Type: text/html ++ Location: http://somewhere.else.example/a/path/%TESTNUMBER0002 ++ ++ HTTP/1.1 200 OK ++ Date: Tue, 09 Nov 2010 14:49:00 GMT ++ Content-Length: 6 ++ Content-Type: text/html ++ Funny-head: yesyes ++ ++ -foo- ++ ++ ++ ++ ++ # ++ # Client-side ++ ++ ++ proxy ++ ++ ++ http ++ ++ ++ HTTP with auth in URL redirected to another host ++ ++ ++ -x %HOSTIP:%HTTPPORT http://alberto:einstein@somwhere.example/%TESTNUMBER --location-trusted ++ ++ ++ ++ # ++ # Verify data after the test has been "shot" ++ ++ ++ QUIT ++ ++ ++ GET http://somwhere.example/998 HTTP/1.1 ++ Host: somwhere.example ++ Authorization: Basic YWxiZXJ0bzplaW5zdGVpbg== ++ User-Agent: curl/%VERSION ++ Accept: */* ++ Proxy-Connection: Keep-Alive ++ ++ GET http://somewhere.else.example/a/path/9980002 HTTP/1.1 ++ Host: somewhere.else.example ++ Authorization: Basic YWxiZXJ0bzplaW5zdGVpbg== ++ User-Agent: curl/%VERSION ++ Accept: */* ++ Proxy-Connection: Keep-Alive ++ ++ ++ ++ +diff --git a/tests/data/test999 b/tests/data/test999 +new file mode 100644 +index 0000000..184821d +--- /dev/null ++++ b/tests/data/test999 +@@ -0,0 +1,81 @@ ++ ++ ++ ++ HTTP ++ --location-trusted ++ ++ ++ ++ # ++ # Server-side ++ ++ ++ HTTP/1.1 200 OK ++ Date: Tue, 09 Nov 2010 14:49:00 GMT ++ Content-Length: 6 ++ Content-Type: text/html ++ Funny-head: yesyes ++ ++ -foo- ++ ++ ++ ++ HTTP/1.1 301 redirect ++ Date: Tue, 09 Nov 2010 14:49:00 GMT ++ Server: test-server/fake ++ Content-Length: 0 ++ Connection: close ++ Content-Type: text/html ++ Location: http://somewhere.else.example/a/path/%TESTNUMBER0002 ++ ++ HTTP/1.1 200 OK ++ Date: Tue, 09 Nov 2010 14:49:00 GMT ++ Content-Length: 6 ++ Content-Type: text/html ++ Funny-head: yesyes ++ ++ -foo- ++ ++ ++ ++ ++ # ++ # Client-side ++ ++ ++ proxy ++ ++ ++ http ++ ++ ++ HTTP with auth in first URL but not second ++ ++ ++ -x %HOSTIP:%HTTPPORT http://alberto:einstein@somwhere.example/%TESTNUMBER http://somewhere.else.example/%TESTNUMBER ++ ++ ++ ++ # ++ # Verify data after the test has been "shot" ++ ++ ++ QUIT ++ ++ ++ GET http://somwhere.example/%TESTNUMBER HTTP/1.1 ++ Host: somwhere.example ++ Authorization: Basic YWxiZXJ0bzplaW5zdGVpbg== ++ User-Agent: curl/%VERSION ++ Accept: */* ++ Proxy-Connection: Keep-Alive ++ ++ GET http://somewhere.else.example/%TESTNUMBER HTTP/1.1 ++ Host: somewhere.else.example ++ User-Agent: curl/%VERSION ++ Accept: */* ++ Proxy-Connection: Keep-Alive ++ ++ ++ ++ +-- +2.40.0 diff --git a/meta/recipes-support/curl/curl/CVE-2024-11053-0002.patch b/meta/recipes-support/curl/curl/CVE-2024-11053-0002.patch new file mode 100644 index 0000000000..7f45f79cf2 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2024-11053-0002.patch @@ -0,0 +1,728 @@ +From e9b9bbac22c26cf67316fa8e6c6b9e831af31949 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg +Date: Fri, 15 Nov 2024 11:06:36 +0100 +Subject: [PATCH] netrc: address several netrc parser flaws + +- make sure that a match that returns a username also returns a + password, that should be blank if no password is found + +- fix handling of multiple logins for same host where the password/login + order might be reversed. + +- reject credentials provided in the .netrc if they contain ASCII control + codes - if the used protocol does not support such (like HTTP and WS do) + +Reported-by: Harry Sintonen + +Add test 478, 479 and 480 to verify. Updated unit 1304. + +Closes #15586 + +Changes: +- Refresh patch context. +- Adjust `%LOGDIR/` to 'log/' due to its absence in code. +- Backported only required enum found_state defination from: + https://github.com/curl/curl/commit/3b43a05e000aa8f65bda513f733a73fefe35d5ca +- Replaces the previous usage of the state_login, state_password, and + state_our_login variables with the found_state enum, which includes the + values NONE, LOGIN, and PASSWORD. As a result, all conditionals and memory + management logic associated with these variables were updated. + +CVE: CVE-2024-11053 +Upstream-Status: Backport [https://github.com/curl/curl/commit/e9b9bbac22c26cf67316fa8e6c6b9e831af3194] + +Signed-off-by: Yogita Urade +--- + lib/netrc.c | 122 ++++++++++++++++++++++------------------ + lib/url.c | 59 ++++++++++++------- + tests/data/Makefile.inc | 2 +- + tests/data/test478 | 73 ++++++++++++++++++++++++ + tests/data/test479 | 107 +++++++++++++++++++++++++++++++++++ + tests/data/test480 | 38 +++++++++++++ + tests/unit/unit1304.c | 75 +++++++----------------- + 7 files changed, 347 insertions(+), 129 deletions(-) + create mode 100644 tests/data/test478 + create mode 100644 tests/data/test479 + create mode 100644 tests/data/test480 + +diff --git a/lib/netrc.c b/lib/netrc.c +index cd2a284..64efdc0 100644 +--- a/lib/netrc.c ++++ b/lib/netrc.c +@@ -49,6 +49,15 @@ enum host_lookup_state { + MACDEF + }; + ++enum found_state { ++ NONE, ++ LOGIN, ++ PASSWORD ++}; ++ ++#define FOUND_LOGIN 1 ++#define FOUND_PASSWORD 2 ++ + #define NETRC_FILE_MISSING 1 + #define NETRC_FAILED -1 + #define NETRC_SUCCESS 0 +@@ -59,23 +68,20 @@ enum host_lookup_state { + * Returns zero on success. + */ + static int parsenetrc(const char *host, +- char **loginp, ++ char **loginp, /* might point to a username */ + char **passwordp, + char *netrcfile) + { + FILE *file; + int retcode = NETRC_FILE_MISSING; + char *login = *loginp; +- char *password = *passwordp; +- bool specific_login = (login && *login != 0); +- bool login_alloc = FALSE; +- bool password_alloc = FALSE; ++ char *password = NULL; ++ bool specific_login = login; /* points to something */ + enum host_lookup_state state = NOTHING; +- +- char state_login = 0; /* Found a login keyword */ +- char state_password = 0; /* Found a password keyword */ +- int state_our_login = TRUE; /* With specific_login, found *our* login +- name (or login-less line) */ ++ enum found_state keyword = NONE; ++ unsigned char found = 0; /* login + password found bits, as they can come in ++ any order */ ++ bool our_login = FALSE; /* found our login name */ + + DEBUGASSERT(netrcfile); + +@@ -97,7 +103,7 @@ static int parsenetrc(const char *host, + continue; + } + tok = netrcbuffer; +- while(tok) { ++ while(tok && !done) { + while(ISBLANK(*tok)) + tok++; + /* tok is first non-space letter */ +@@ -156,11 +162,6 @@ static int parsenetrc(const char *host, + } + } + +- if((login && *login) && (password && *password)) { +- done = TRUE; +- break; +- } +- + switch(state) { + case NOTHING: + if(strcasecompare("macdef", tok)) { +@@ -175,6 +176,12 @@ static int parsenetrc(const char *host, + after this we need to search for 'login' and + 'password'. */ + state = HOSTFOUND; ++ keyword = NONE; ++ found = 0; ++ our_login = FALSE; ++ Curl_safefree(password); ++ if(!specific_login) ++ Curl_safefree(login); + } + else if(strcasecompare("default", tok)) { + state = HOSTVALID; +@@ -198,48 +205,55 @@ static int parsenetrc(const char *host, + break; + case HOSTVALID: + /* we are now parsing sub-keywords concerning "our" host */ +- if(state_login) { ++ if(keyword == LOGIN) { + if(specific_login) { +- state_our_login = !Curl_timestrcmp(login, tok); ++ our_login = !Curl_timestrcmp(login, tok); + } +- else if(!login || Curl_timestrcmp(login, tok)) { +- if(login_alloc) { +- free(login); +- login_alloc = FALSE; +- } ++ else { ++ our_login = TRUE; ++ free(login); + login = strdup(tok); + if(!login) { + retcode = NETRC_FAILED; /* allocation failed */ + goto out; + } +- login_alloc = TRUE; + } +- state_login = 0; ++ found |= FOUND_LOGIN; ++ keyword = NONE; + } +- else if(state_password) { +- if((state_our_login || !specific_login) +- && (!password || Curl_timestrcmp(password, tok))) { +- if(password_alloc) { +- free(password); +- password_alloc = FALSE; +- } +- password = strdup(tok); +- if(!password) { +- retcode = NETRC_FAILED; /* allocation failed */ +- goto out; +- } +- password_alloc = TRUE; ++ else if(keyword == PASSWORD) { ++ free(password); ++ password = strdup(tok); ++ if(!password) { ++ retcode = NETRC_FAILED; /* allocation failed */ ++ goto out; + } +- state_password = 0; ++ found |= FOUND_PASSWORD; ++ keyword = NONE; + } + else if(strcasecompare("login", tok)) +- state_login = 1; ++ keyword = LOGIN; + else if(strcasecompare("password", tok)) +- state_password = 1; ++ keyword = PASSWORD; + else if(strcasecompare("machine", tok)) { +- /* ok, there's machine here go => */ ++ /* a new machine here */ + state = HOSTFOUND; +- state_our_login = FALSE; ++ keyword = NONE; ++ found = 0; ++ Curl_safefree(password); ++ if(!specific_login) ++ Curl_safefree(login); ++ } ++ else if(strcasecompare("default", tok)) { ++ state = HOSTVALID; ++ retcode = NETRC_SUCCESS; /* we did find our host */ ++ Curl_safefree(password); ++ if(!specific_login) ++ Curl_safefree(login); ++ } ++ if((found == (FOUND_PASSWORD|FOUND_LOGIN)) && our_login) { ++ done = TRUE; ++ break; + } + break; + } /* switch (state) */ +@@ -249,24 +263,22 @@ static int parsenetrc(const char *host, + + out: + Curl_dyn_free(&buf); ++ if(!retcode && !password && our_login) { ++ /* success without a password, set a blank one */ ++ password = strdup(""); ++ if(!password) ++ retcode = 1; /* out of memory */ ++ } + if(!retcode) { + /* success */ +- if(login_alloc) { +- if(*loginp) +- free(*loginp); ++ if(!specific_login) + *loginp = login; +- } +- if(password_alloc) { +- if(*passwordp) +- free(*passwordp); +- *passwordp = password; +- } ++ *passwordp = password; + } + else { +- if(login_alloc) ++ if(!specific_login) + free(login); +- if(password_alloc) +- free(password); ++ free(password); + } + fclose(file); + } +diff --git a/lib/url.c b/lib/url.c +index 05431b9..1439c9e 100644 +--- a/lib/url.c ++++ b/lib/url.c +@@ -2699,6 +2699,17 @@ static CURLcode parse_remote_port(struct Curl_easy *data, + return CURLE_OK; + } + ++static bool str_has_ctrl(const char *input) ++{ ++ const unsigned char *str = (const unsigned char *)input; ++ while(*str) { ++ if(*str < 0x20) ++ return TRUE; ++ str++; ++ } ++ return FALSE; ++} ++ + /* + * Override the login details from the URL with that in the CURLOPT_USERPWD + * option or a .netrc file, if applicable. +@@ -2730,29 +2741,39 @@ static CURLcode override_login(struct Curl_easy *data, + + if(data->state.aptr.user && + (data->state.creds_from != CREDS_NETRC)) { +- /* there was a user name in the URL. Use the URL decoded version */ ++ /* there was a username with a length in the URL. Use the URL decoded ++ version */ + userp = &data->state.aptr.user; + url_provided = TRUE; + } + +- ret = Curl_parsenetrc(conn->host.name, +- userp, passwdp, +- data->set.str[STRING_NETRC_FILE]); +- if(ret > 0) { +- infof(data, "Couldn't find host %s in the %s file; using defaults", +- conn->host.name, +- (data->set.str[STRING_NETRC_FILE] ? +- data->set.str[STRING_NETRC_FILE] : ".netrc")); +- } +- else if(ret < 0) { +- failf(data, ".netrc parser error"); +- return CURLE_READ_ERROR; +- } +- else { +- /* set bits.netrc TRUE to remember that we got the name from a .netrc +- file, so that it is safe to use even if we followed a Location: to a +- different host or similar. */ +- conn->bits.netrc = TRUE; ++ if(!*passwdp) { ++ ret = Curl_parsenetrc(conn->host.name, userp, passwdp, ++ data->set.str[STRING_NETRC_FILE]); ++ if(ret > 0) { ++ infof(data, "Couldn't find host %s in the %s file; using defaults", ++ conn->host.name, ++ (data->set.str[STRING_NETRC_FILE] ? ++ data->set.str[STRING_NETRC_FILE] : ".netrc")); ++ } ++ else if(ret < 0) { ++ failf(data, ".netrc parser error"); ++ return CURLE_READ_ERROR; ++ } ++ else { ++ if(!(conn->handler->flags&PROTOPT_USERPWDCTRL)) { ++ /* if the protocol can't handle control codes in credentials, make ++ sure there are none */ ++ if(str_has_ctrl(*userp) || str_has_ctrl(*passwdp)) { ++ failf(data, "control code detected in .netrc credentials"); ++ return CURLE_READ_ERROR; ++ } ++ } ++ /* set bits.netrc TRUE to remember that we got the name from a .netrc ++ file, so that it is safe to use even if we followed a Location: to a ++ different host or similar. */ ++ conn->bits.netrc = TRUE; ++ } + } + if(url_provided) { + Curl_safefree(conn->user); +diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc +index 03cb6a0..e3508cb 100644 +--- a/tests/data/Makefile.inc ++++ b/tests/data/Makefile.inc +@@ -73,7 +73,7 @@ test426 test427 test428 test429 test430 test431 test432 test433 test434 \ + test435 test436 test437 test438 test439 test440 test441 test442 test443 \ + test444 test445 test446 test447 test448 test449 test450 test451 test452 \ + test453 test454 test455 test456 test457 test458 test459 test460 test461 \ +-test462 test463 test467 test468 \ ++test462 test463 test467 test468 test478 test479 test480 \ + \ + test490 test491 test492 test493 test494 test495 test496 test497 test498 \ + test499 test500 test501 test502 test503 test504 test505 test506 test507 \ +diff --git a/tests/data/test478 b/tests/data/test478 +new file mode 100644 +index 0000000..4acc72e +--- /dev/null ++++ b/tests/data/test478 +@@ -0,0 +1,73 @@ ++ ++ ++ ++ netrc ++ HTTP ++ ++ ++ # ++ # Server-side ++ ++ ++ HTTP/1.1 200 OK ++ Date: Tue, 09 Nov 2010 14:49:00 GMT ++ Server: test-server/fake ++ Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT ++ ETag: "21025-dc7-39462498" ++ Accept-Ranges: bytes ++ Content-Length: 6 ++ Connection: close ++ Content-Type: text/html ++ Funny-head: yesyes ++ ++ -foo- ++ ++ ++ ++ # ++ # Client-side ++ ++ ++ http ++ ++ ++ proxy ++ ++ ++ .netrc with multiple accounts for same host ++ ++ ++ --netrc --netrc-file log/netrc%TESTNUMBER -x http://%HOSTIP:%HTTPPORT/ http://debbie@github.com/ ++ ++ ++ ++ machine github.com ++ password weird ++ password firstone ++ login daniel ++ ++ machine github.com ++ ++ machine github.com ++ login debbie ++ ++ machine github.com ++ password weird ++ password "second\r" ++ login debbie ++ ++ ++ ++ ++ ++ ++ GET http://github.com/ HTTP/1.1 ++ Host: github.com ++ Authorization: Basic %b64[debbie:second%0D]b64% ++ User-Agent: curl/%VERSION ++ Accept: */* ++ Proxy-Connection: Keep-Alive ++ ++ ++ ++ +diff --git a/tests/data/test479 b/tests/data/test479 +new file mode 100644 +index 0000000..62a2057 +--- /dev/null ++++ b/tests/data/test479 +@@ -0,0 +1,107 @@ ++ ++ ++ ++ netrc ++ HTTP ++ ++ ++ # ++ # Server-side ++ ++ ++ HTTP/1.1 301 Follow this you fool ++ Date: Tue, 09 Nov 2010 14:49:00 GMT ++ Server: test-server/fake ++ Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT ++ ETag: "21025-dc7-39462498" ++ Accept-Ranges: bytes ++ Content-Length: 6 ++ Connection: close ++ Location: http://b.com/%TESTNUMBER0002 ++ ++ -foo- ++ ++ ++ ++ HTTP/1.1 200 OK ++ Date: Tue, 09 Nov 2010 14:49:00 GMT ++ Server: test-server/fake ++ Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT ++ ETag: "21025-dc7-39462498" ++ Accept-Ranges: bytes ++ Content-Length: 7 ++ Connection: close ++ ++ target ++ ++ ++ ++ HTTP/1.1 301 Follow this you fool ++ Date: Tue, 09 Nov 2010 14:49:00 GMT ++ Server: test-server/fake ++ Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT ++ ETag: "21025-dc7-39462498" ++ Accept-Ranges: bytes ++ Content-Length: 6 ++ Connection: close ++ Location: http://b.com/%TESTNUMBER0002 ++ ++ HTTP/1.1 200 OK ++ Date: Tue, 09 Nov 2010 14:49:00 GMT ++ Server: test-server/fake ++ Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT ++ ETag: "21025-dc7-39462498" ++ Accept-Ranges: bytes ++ Content-Length: 7 ++ Connection: close ++ ++ target ++ ++ ++ ++ # ++ # Client-side ++ ++ ++ http ++ ++ ++ proxy ++ ++ ++ .netrc with redirect and default without password ++ ++ ++ --netrc --netrc-file log/netrc%TESTNUMBER -L -x http://%HOSTIP:%HTTPPORT/ http://a.com/ ++ ++ ++ ++ machine a.com ++ login alice ++ password alicespassword ++ ++ default ++ login bob ++ ++ ++ ++ ++ ++ ++ GET http://a.com/ HTTP/1.1 ++ Host: a.com ++ Authorization: Basic %b64[alice:alicespassword]b64% ++ User-Agent: curl/%VERSION ++ Accept: */* ++ Proxy-Connection: Keep-Alive ++ ++ GET http://b.com/%TESTNUMBER0002 HTTP/1.1 ++ Host: b.com ++ Authorization: Basic %b64[bob:]b64% ++ User-Agent: curl/%VERSION ++ Accept: */* ++ Proxy-Connection: Keep-Alive ++ ++ ++ ++ +diff --git a/tests/data/test480 b/tests/data/test480 +new file mode 100644 +index 0000000..47db7ab +--- /dev/null ++++ b/tests/data/test480 +@@ -0,0 +1,38 @@ ++ ++ ++ ++ netrc ++ pop3 ++ ++ ++ # ++ # Server-side ++ ++ ++ ++ ++ # ++ # Client-side ++ ++ ++ pop3 ++ ++ ++ Reject .netrc with credentials using CRLF for POP3 ++ ++ ++ --netrc --netrc-file log/netrc%TESTNUMBER pop3://%HOSTIP:%POP3PORT/%TESTNUMBER ++ ++ ++ machine %HOSTIP ++ login alice ++ password "password\r\ncommand" ++ ++ ++ ++ ++ ++ 26 ++ ++ ++ +diff --git a/tests/unit/unit1304.c b/tests/unit/unit1304.c +index 0288562..b2b4366 100644 +--- a/tests/unit/unit1304.c ++++ b/tests/unit/unit1304.c +@@ -32,13 +32,8 @@ static char *password; + + static CURLcode unit_setup(void) + { +- password = strdup(""); +- login = strdup(""); +- if(!password || !login) { +- Curl_safefree(password); +- Curl_safefree(login); +- return CURLE_OUT_OF_MEMORY; +- } ++ password = NULL; ++ login = NULL; + return CURLE_OK; + } + +@@ -56,76 +51,48 @@ UNITTEST_START + */ + result = Curl_parsenetrc("test.example.com", &login, &password, arg); + fail_unless(result == 1, "Host not found should return 1"); +- abort_unless(password != NULL, "returned NULL!"); +- fail_unless(password[0] == 0, "password should not have been changed"); +- abort_unless(login != NULL, "returned NULL!"); +- fail_unless(login[0] == 0, "login should not have been changed"); ++ abort_unless(password == NULL, "password did not return NULL!"); ++ abort_unless(login == NULL, "user did not return NULL!"); + + /* + * Test a non existent login in our netrc file. + */ +- free(login); +- login = strdup("me"); +- abort_unless(login != NULL, "returned NULL!"); ++ login = (char *)"me"; + result = Curl_parsenetrc("example.com", &login, &password, arg); + fail_unless(result == 0, "Host should have been found"); +- abort_unless(password != NULL, "returned NULL!"); +- fail_unless(password[0] == 0, "password should not have been changed"); +- abort_unless(login != NULL, "returned NULL!"); +- fail_unless(strncmp(login, "me", 2) == 0, +- "login should not have been changed"); ++ abort_unless(password == NULL, "password is not NULL!"); + + /* + * Test a non existent login and host in our netrc file. + */ +- free(login); +- login = strdup("me"); +- abort_unless(login != NULL, "returned NULL!"); ++ login = (char *)"me"; + result = Curl_parsenetrc("test.example.com", &login, &password, arg); + fail_unless(result == 1, "Host not found should return 1"); +- abort_unless(password != NULL, "returned NULL!"); +- fail_unless(password[0] == 0, "password should not have been changed"); +- abort_unless(login != NULL, "returned NULL!"); +- fail_unless(strncmp(login, "me", 2) == 0, +- "login should not have been changed"); ++ abort_unless(password == NULL, "password is not NULL!"); + + /* + * Test a non existent login (substring of an existing one) in our + * netrc file. + */ +- free(login); +- login = strdup("admi"); +- abort_unless(login != NULL, "returned NULL!"); ++ login = (char *)"admi"; + result = Curl_parsenetrc("example.com", &login, &password, arg); + fail_unless(result == 0, "Host should have been found"); +- abort_unless(password != NULL, "returned NULL!"); +- fail_unless(password[0] == 0, "password should not have been changed"); +- abort_unless(login != NULL, "returned NULL!"); +- fail_unless(strncmp(login, "admi", 4) == 0, +- "login should not have been changed"); ++ abort_unless(password == NULL, "password is not NULL!"); + + /* + * Test a non existent login (superstring of an existing one) + * in our netrc file. + */ +- free(login); +- login = strdup("adminn"); +- abort_unless(login != NULL, "returned NULL!"); ++ login = (char *)"adminn"; + result = Curl_parsenetrc("example.com", &login, &password, arg); + fail_unless(result == 0, "Host should have been found"); +- abort_unless(password != NULL, "returned NULL!"); +- fail_unless(password[0] == 0, "password should not have been changed"); +- abort_unless(login != NULL, "returned NULL!"); +- fail_unless(strncmp(login, "adminn", 6) == 0, +- "login should not have been changed"); ++ abort_unless(password == NULL, "password is not NULL!"); + + /* + * Test for the first existing host in our netrc file + * with login[0] = 0. + */ +- free(login); +- login = strdup(""); +- abort_unless(login != NULL, "returned NULL!"); ++ login = NULL; + result = Curl_parsenetrc("example.com", &login, &password, arg); + fail_unless(result == 0, "Host should have been found"); + abort_unless(password != NULL, "returned NULL!"); +@@ -139,8 +106,9 @@ UNITTEST_START + * with login[0] != 0. + */ + free(password); +- password = strdup(""); +- abort_unless(password != NULL, "returned NULL!"); ++ free(login); ++ password = NULL; ++ login = NULL; + result = Curl_parsenetrc("example.com", &login, &password, arg); + fail_unless(result == 0, "Host should have been found"); + abort_unless(password != NULL, "returned NULL!"); +@@ -154,11 +122,9 @@ UNITTEST_START + * with login[0] = 0. + */ + free(password); +- password = strdup(""); +- abort_unless(password != NULL, "returned NULL!"); ++ password = NULL; + free(login); +- login = strdup(""); +- abort_unless(login != NULL, "returned NULL!"); ++ login = NULL; + result = Curl_parsenetrc("curl.example.com", &login, &password, arg); + fail_unless(result == 0, "Host should have been found"); + abort_unless(password != NULL, "returned NULL!"); +@@ -172,8 +138,9 @@ UNITTEST_START + * with login[0] != 0. + */ + free(password); +- password = strdup(""); +- abort_unless(password != NULL, "returned NULL!"); ++ free(login); ++ password = NULL; ++ login = NULL; + result = Curl_parsenetrc("curl.example.com", &login, &password, arg); + fail_unless(result == 0, "Host should have been found"); + abort_unless(password != NULL, "returned NULL!"); +-- +2.40.0 diff --git a/meta/recipes-support/curl/curl/CVE-2024-11053-0003.patch b/meta/recipes-support/curl/curl/CVE-2024-11053-0003.patch new file mode 100644 index 0000000000..32fb1812d6 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2024-11053-0003.patch @@ -0,0 +1,130 @@ +From 9fce2c55d4b0273ac99b59bd8cb982a6d96b88cf Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg +Date: Tue, 17 Dec 2024 23:56:42 +0100 +Subject: [PATCH] netrc: fix password-only entries + +When a specific hostname matched, and only a password is set before +another machine is specified in the netrc file, the parser would not be +happy and stop there and return the password-only state. It instead +continued and did not return a match. + +Add test 2005 to verify this case + +Regression from e9b9bba, shipped in 8.11.1. + +Reported-by: Ben Zanin +Fixes #15767 +Closes #15768 + +CVE: CVE-2024-11053 +Upstream-Status: Backport [https://github.com/curl/curl/commit/9fce2c55d4b0273ac99b59bd8cb982a6d96b88cf] + +Signed-off-by: Yogita Urade +--- + lib/netrc.c | 7 +++++- + tests/data/Makefile.inc | 2 +- + tests/data/test2005 | 55 +++++++++++++++++++++++++++++++++++++++++ + 3 files changed, 62 insertions(+), 2 deletions(-) + create mode 100644 tests/data/test2005 + +diff --git a/lib/netrc.c b/lib/netrc.c +index 64efdc0..695e89a 100644 +--- a/lib/netrc.c ++++ b/lib/netrc.c +@@ -228,7 +228,8 @@ static int parsenetrc(const char *host, + retcode = NETRC_FAILED; /* allocation failed */ + goto out; + } +- found |= FOUND_PASSWORD; ++ if(!specific_login || our_login) ++ found |= FOUND_PASSWORD; + keyword = NONE; + } + else if(strcasecompare("login", tok)) +@@ -237,6 +238,10 @@ static int parsenetrc(const char *host, + keyword = PASSWORD; + else if(strcasecompare("machine", tok)) { + /* a new machine here */ ++ if(found & FOUND_PASSWORD) { ++ done = TRUE; ++ break; ++ } + state = HOSTFOUND; + keyword = NONE; + found = 0; +diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc +index e3508cb..dc2af79 100644 +--- a/tests/data/Makefile.inc ++++ b/tests/data/Makefile.inc +@@ -230,7 +230,7 @@ test1941 test1942 test1943 test1944 test1945 test1946 test1947 test1948 \ + test1955 test1956 test1957 test1958 test1959 test1960 test1964 \ + test1970 test1971 test1972 test1973 test1974 test1975 \ + \ +-test2000 test2001 test2002 test2003 test2004 \ ++test2000 test2001 test2002 test2003 test2004 test2005 \ + \ + test2023 \ + test2024 test2025 test2026 test2027 test2028 test2029 test2030 test2031 \ +diff --git a/tests/data/test2005 b/tests/data/test2005 +new file mode 100644 +index 0000000..66afe84 +--- /dev/null ++++ b/tests/data/test2005 +@@ -0,0 +1,55 @@ ++ ++ ++ ++ HTTP ++ netrc ++ ++ ++ # ++ # Server-side ++ ++ ++ HTTP/1.1 200 OK ++ Date: Fri, 05 Aug 2022 10:09:00 GMT ++ Server: test-server/fake ++ Content-Type: text/plain ++ Content-Length: 6 ++ Connection: close ++ ++ -foo- ++ ++ ++ ++ # ++ # Client-side ++ ++ ++ http ++ ++ ++ netrc match with password only in file, no username. machine follows ++ ++ ++ --netrc-optional --netrc-file log/netrc%TESTNUMBER http://%HOSTIP:%HTTPPORT/ ++ ++ ++ machine %HOSTIP ++ password 5up3r53cr37 ++ ++ machine example.com ++ ++ ++ ++ # ++ # Verify data after the test has been "shot" ++ ++ ++ GET / HTTP/1.1 ++ Host: %HOSTIP:%HTTPPORT ++ Authorization: Basic %b64[:5up3r53cr37]b64% ++ User-Agent: curl/%VERSION ++ Accept: */* ++ ++ ++ ++ +-- +2.40.0 diff --git a/meta/recipes-support/curl/curl_8.7.1.bb b/meta/recipes-support/curl/curl_8.7.1.bb index ddd591dd96..6d6563591c 100644 --- a/meta/recipes-support/curl/curl_8.7.1.bb +++ b/meta/recipes-support/curl/curl_8.7.1.bb @@ -20,6 +20,9 @@ SRC_URI = " \ file://CVE-2024-7264-2.patch \ file://CVE-2024-8096.patch \ file://CVE-2024-9681.patch \ + file://CVE-2024-11053-0001.patch \ + file://CVE-2024-11053-0002.patch \ + file://CVE-2024-11053-0003.patch \ " SRC_URI[sha256sum] = "6fea2aac6a4610fbd0400afb0bcddbe7258a64c63f1f68e5855ebc0c659710cd" From patchwork Wed Apr 23 13:20:21 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 61758 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 212CFC369D1 for ; Wed, 23 Apr 2025 13:20:57 +0000 (UTC) Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com [209.85.210.180]) by mx.groups.io with SMTP id smtpd.web11.8576.1745414452510763680 for ; Wed, 23 Apr 2025 06:20:52 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=mwgELpjP; spf=softfail (domain: sakoman.com, ip: 209.85.210.180, mailfrom: steve@sakoman.com) Received: by mail-pf1-f180.google.com with SMTP id d2e1a72fcca58-736bfa487c3so5914706b3a.1 for ; Wed, 23 Apr 2025 06:20:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1745414452; x=1746019252; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=jD4UzGrNdbRviDkWORKeyeVvfJZaSxepEHhC8DDkDjk=; b=mwgELpjPn3Qdpoh2p3fi3uXtIJrRgQinrd9jMcaKu2fcQh2tVhEL6exxY2FrV6IGhL oqJT7UgxwI2eJTPVvW2XpWNqO3XXKQtZqxydcE3cqu1SpIxGRNY6NME3CtkFzVTtH6QV MMaa6tiQE6zJzbeNd0upeX8gb2Gzi+edCun3Dn2d4SHz7BNgDdG7v03m/ZkYtS7WV9nJ 4zKwx2SbeLaxI+1SDNOFJrsvgfBpCf1gJi8/a7nvpnQ5dEpR49f6YCPwiO40kzFJRI+i jGSnxb+6EIClyG2RHjiI5RoH+XRMVX5hZEdwpS4xP0Yr9ldyaUPNdmnVpBba5Hr3Cxym wlrQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1745414452; x=1746019252; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=jD4UzGrNdbRviDkWORKeyeVvfJZaSxepEHhC8DDkDjk=; b=mus5Uy0Rc5wd9OQh1+03kqAFCL8aO8gEI46UDV0wkjSMn9N+fn7ArF2p40fB13zEZb ygV+JtbR1qhP0lHeDGIX7cU0HhB7sMFyMyCB59fWw9/LY2mvDxB6Mynq67UwX0BXAOj0 MhCH/+E2oxDXY2VLVpIdYGGGRi3T9mFX6Eotmk8ckPd6cWBDlLp89UoBfwZZVltBOngf CxHyXdh1dYPavJ5lh6UoDD+Pw7xiyDWMAd/yK9dGTTBmMHt+ASRdXXXFC2kC3fXkPYXO LDE15FbPvTxO2/X3CqVZM2Mc0nLV20tijRY13AGo2eik2mDN/QhSsy2uhyWLV9u6+lAK MLHQ== X-Gm-Message-State: AOJu0YxKI0/9nfnznkyV/B6L7zLk/koKJBX8MKiPNFJq5xt4d9+oazym eTeXxaVtlHEq0mG+0rvqglxkVZHA0yK2BcWQ5kc7C6ExieVJpqC4spMPMbMTENxYksia738XHXh K X-Gm-Gg: ASbGncvq9QIUl5Wr6v6wwAhb9y46Qqeh5r2yhQSdo2G0flHy/bL28JEgC6v0NFqpghq Fd05rwrcTmvwgThCuyCbMMVvoseKXuD7dDLVTUFoBZGsy2kXSmvlPHl36WXvPdVxhG8bYlcIiW0 nj7U6qsdVcy8zEOXybx48VBfmcqvUbrY/ZU04xxucyetoqTY3j70q1pGT0Jyp8LI3BHJErn/Coj UOzDdJXI9ldgTpzuEmJWJCWUWdspqtJAE+sZ2WDbXGz4lvAt7PWkIXyd9odcaXZbdZbXIHyjK7H 5pltODpMBtIcpkkozGFTYoOMBH53Slw= X-Google-Smtp-Source: AGHT+IGOCI5eeC+86BDeQyuYD9plWOc6xTUViJCQxJ/U3IbaNiT8qfnB2fO5DvPIkwxMt2HUVe0/AA== X-Received: by 2002:a05:6a00:928e:b0:736:51ab:7aed with SMTP id d2e1a72fcca58-73dc1582877mr25288014b3a.16.1745414451482; Wed, 23 Apr 2025 06:20:51 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:371e:10cb:f3ce:33f]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-73dbf8e510bsm10898037b3a.66.2025.04.23.06.20.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 23 Apr 2025 06:20:51 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 10/14] curl: fix CVE-2025-0167 Date: Wed, 23 Apr 2025 06:20:21 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 23 Apr 2025 13:20:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/215303 From: Yogita Urade When asked to use a `.netrc` file for credentials *and* to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has a `default` entry that omits both login and password. A rare circumstance. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-0167 Upstream patch: https://github.com/curl/curl/commit/0e120c5b925e8ca75d5319e Signed-off-by: Yogita Urade Signed-off-by: Steve Sakoman --- .../curl/curl/CVE-2025-0167.patch | 178 ++++++++++++++++++ meta/recipes-support/curl/curl_8.7.1.bb | 1 + 2 files changed, 179 insertions(+) create mode 100644 meta/recipes-support/curl/curl/CVE-2025-0167.patch diff --git a/meta/recipes-support/curl/curl/CVE-2025-0167.patch b/meta/recipes-support/curl/curl/CVE-2025-0167.patch new file mode 100644 index 0000000000..6dad98ef7a --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2025-0167.patch @@ -0,0 +1,178 @@ +From 0e120c5b925e8ca75d5319e319e5ce4b8080d8eb Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg +Date: Fri, 3 Jan 2025 16:22:27 +0100 +Subject: [PATCH] netrc: 'default' with no credentials is not a match + +Test 486 verifies. + +Reported-by: Yihang Zhou + +Closes #15908 + +Changes: +- Test files are added in Makefile.inc. +- Adjust `%LOGDIR/` to 'log/' due to its absence in code. + +CVE: CVE-2025-0167 +Upstream-Status: Backport [https://github.com/curl/curl/commit/0e120c5b925e8ca75d5319e] + +Signed-off-by: Yogita Urade +--- + lib/netrc.c | 15 ++++-- + tests/data/Makefile.inc | 2 +- + tests/data/test486 | 105 ++++++++++++++++++++++++++++++++++++++++ + 3 files changed, 116 insertions(+), 6 deletions(-) + create mode 100644 tests/data/test486 + +diff --git a/lib/netrc.c b/lib/netrc.c +index 64efdc0..5533ecc 100644 +--- a/lib/netrc.c ++++ b/lib/netrc.c +@@ -263,11 +263,16 @@ static int parsenetrc(const char *host, + + out: + Curl_dyn_free(&buf); +- if(!retcode && !password && our_login) { +- /* success without a password, set a blank one */ +- password = strdup(""); +- if(!password) +- retcode = 1; /* out of memory */ ++ if(!retcode) { ++ if(!password && our_login) { ++ /* success without a password, set a blank one */ ++ password = strdup(""); ++ if(!password) ++ retcode = 1; /* out of memory */ ++ } ++ else if(!login && !password) ++ /* a default with no credentials */ ++ retcode = NETRC_FILE_MISSING; + } + if(!retcode) { + /* success */ +diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc +index e3508cb..7a8074f 100644 +--- a/tests/data/Makefile.inc ++++ b/tests/data/Makefile.inc +@@ -73,7 +73,7 @@ test426 test427 test428 test429 test430 test431 test432 test433 test434 \ + test435 test436 test437 test438 test439 test440 test441 test442 test443 \ + test444 test445 test446 test447 test448 test449 test450 test451 test452 \ + test453 test454 test455 test456 test457 test458 test459 test460 test461 \ +-test462 test463 test467 test468 test478 test479 test480 \ ++test462 test463 test467 test468 test478 test479 test480 test486 \ + \ + test490 test491 test492 test493 test494 test495 test496 test497 test498 \ + test499 test500 test501 test502 test503 test504 test505 test506 test507 \ +diff --git a/tests/data/test486 b/tests/data/test486 +new file mode 100644 +index 0000000..093899e +--- /dev/null ++++ b/tests/data/test486 +@@ -0,0 +1,105 @@ ++ ++ ++ ++ netrc ++ HTTP ++ ++ ++ # ++ # Server-side ++ ++ ++ HTTP/1.1 301 Follow this you fool ++ Date: Tue, 09 Nov 2010 14:49:00 GMT ++ Server: test-server/fake ++ Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT ++ ETag: "21025-dc7-39462498" ++ Accept-Ranges: bytes ++ Content-Length: 6 ++ Connection: close ++ Location: http://b.com/%TESTNUMBER0002 ++ ++ -foo- ++ ++ ++ ++ HTTP/1.1 200 OK ++ Date: Tue, 09 Nov 2010 14:49:00 GMT ++ Server: test-server/fake ++ Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT ++ ETag: "21025-dc7-39462498" ++ Accept-Ranges: bytes ++ Content-Length: 7 ++ Connection: close ++ ++ target ++ ++ ++ ++ HTTP/1.1 301 Follow this you fool ++ Date: Tue, 09 Nov 2010 14:49:00 GMT ++ Server: test-server/fake ++ Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT ++ ETag: "21025-dc7-39462498" ++ Accept-Ranges: bytes ++ Content-Length: 6 ++ Connection: close ++ Location: http://b.com/%TESTNUMBER0002 ++ ++ HTTP/1.1 200 OK ++ Date: Tue, 09 Nov 2010 14:49:00 GMT ++ Server: test-server/fake ++ Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT ++ ETag: "21025-dc7-39462498" ++ Accept-Ranges: bytes ++ Content-Length: 7 ++ Connection: close ++ ++ target ++ ++ ++ ++ # ++ # Client-side ++ ++ ++ http ++ ++ ++ proxy ++ ++ ++ .netrc with redirect and "default" with no password or login ++ ++ ++ --netrc --netrc-file log/netrc%TESTNUMBER -L -x http://%HOSTIP:%HTTPPORT/ http://a.com/ ++ ++ ++ ++ machine a.com ++ login alice ++ password alicespassword ++ ++ default ++ ++ ++ ++ ++ ++ ++ GET http://a.com/ HTTP/1.1 ++ Host: a.com ++ Authorization: Basic %b64[alice:alicespassword]b64% ++ User-Agent: curl/%VERSION ++ Accept: */* ++ Proxy-Connection: Keep-Alive ++ ++ GET http://b.com/%TESTNUMBER0002 HTTP/1.1 ++ Host: b.com ++ User-Agent: curl/%VERSION ++ Accept: */* ++ Proxy-Connection: Keep-Alive ++ ++ ++ ++ +-- +2.40.0 diff --git a/meta/recipes-support/curl/curl_8.7.1.bb b/meta/recipes-support/curl/curl_8.7.1.bb index 6d6563591c..8ce8caadf0 100644 --- a/meta/recipes-support/curl/curl_8.7.1.bb +++ b/meta/recipes-support/curl/curl_8.7.1.bb @@ -23,6 +23,7 @@ SRC_URI = " \ file://CVE-2024-11053-0001.patch \ file://CVE-2024-11053-0002.patch \ file://CVE-2024-11053-0003.patch \ + file://CVE-2025-0167.patch \ " SRC_URI[sha256sum] = "6fea2aac6a4610fbd0400afb0bcddbe7258a64c63f1f68e5855ebc0c659710cd" From patchwork Wed Apr 23 13:20:22 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 61757 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2149CC369D9 for ; Wed, 23 Apr 2025 13:20:57 +0000 (UTC) Received: from mail-pf1-f171.google.com (mail-pf1-f171.google.com [209.85.210.171]) by mx.groups.io with SMTP id smtpd.web11.8577.1745414454333674678 for ; Wed, 23 Apr 2025 06:20:54 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=rWSI/j47; spf=softfail (domain: sakoman.com, ip: 209.85.210.171, mailfrom: steve@sakoman.com) Received: by mail-pf1-f171.google.com with SMTP id d2e1a72fcca58-73972a54919so6632014b3a.3 for ; Wed, 23 Apr 2025 06:20:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1745414453; x=1746019253; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=GiA92nc+ySyldF4Tbwgck/eo6KBBXaKp5fEUhqmAYJQ=; b=rWSI/j47dcpL0QWK/xK++m7eouHCEuDQtn9bIjOTw1UWlmfx7gzoGbXdfTUWL6G8d9 5a4cmDtdsud/XP2mrY1XS4sQd1KLeZiVp0MaXIe6wdXkcNTCMK758W/wCMaZ+Kz6MC8O IzY9HxMYbM38/bHuZ+bndkWNNeX22ouOpudlH18LTD0oMvK+a00B+6qUOUl7SJhK6bek LxWYyXlwUuKdfMw/n2fU6Vfj/dPyCY8EOTZ6F1uGzv+n3bRI51m3Gqj+mToswVKnRSQL 8Llsa3AiWLSPaOzWYdNp7vKCy80eCHeaPMWRR0ya6ICnrijoyZ3/jqmI0HXsjX32Z7/T oLrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1745414453; x=1746019253; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GiA92nc+ySyldF4Tbwgck/eo6KBBXaKp5fEUhqmAYJQ=; b=QimqzxVHc0qzGHPOp98kHgkzfKHgb2N1NpYFChU4ePHVWR3TATunJcYZ8/7cme7uss mCaPkb3CX06nRu8nXNFz848PW3V8F5bhW4FdSr6w5zhZo9ptnd+8My9Nx7N4cZNuEnVx WTrVHWkkKlnVw7xmPXxkhK7rNlpuaoV58jnw31fPKMhM+E0jdoulg8O2Bps/kIQLaX9k efH07zScd3S/ySrZc6JxLezUtnLRoadIVWPbrYFE3GybSZ+lj7DUiv3FyBlgcaNyyVxI WWHTxk1bz1dViOBA+e25ZjwI+BJKH/SrsvwsVlCAcUgVnnGWx7+exmQYJr5wilrl7HDy ZxXw== X-Gm-Message-State: AOJu0YwhMf1N0sfV8kh9fzLCfViQSwpUDHqep91U/6zzW18PE2sfolUT TiSwzMy+vU0ge307hH6ctSvce0TEHx2rgtJxGQbSpO+tj9MvhLKWZkcohMlaZv4r1wmUjbYm/N0 G X-Gm-Gg: ASbGncvCs34KiyXwsWVYomLFaEScEPItXydkBoUW+BvB/C0w2sO13JV/S9ID0XrpgAc p5CDZdODdxsrobMbrMmUsevNuXNg0MR1IKgNuvMjIDsMB1DoMy1vBII96Jo+mBdHRCsFG4ahota 7iGQf0CUSTipn+6hlMBeqKI6cE73L/zOSu1D+I7qO4Is2E9Qc9oIpXJKYYxRamPIJM+0fe0BvJZ uXU+tp5A9FhYfrzJVWhVeb1MoHJBvTQR3o8jybOD8yAE7CWyWPJktWwJLJWIW254VwbHHKRlhfu 60ib54s05IcQ8OLgp29T4euXL6ATDcM= X-Google-Smtp-Source: AGHT+IFUChmqObetUtPQXJha5nkPx1C9UeURmWIxSXibJyNZSXqzFgSIkyAeN50r6EGQbNcf6msIgQ== X-Received: by 2002:a05:6a20:3d81:b0:1f5:70af:a32a with SMTP id adf61e73a8af0-203cbd2122emr37320382637.32.1745414453636; Wed, 23 Apr 2025 06:20:53 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:371e:10cb:f3ce:33f]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-73dbf8e510bsm10898037b3a.66.2025.04.23.06.20.53 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 23 Apr 2025 06:20:53 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 11/14] wic: bootimg-efi: Support + symbol in filenames Date: Wed, 23 Apr 2025 06:20:22 -0700 Message-ID: <081fa0ebb33dbbfd0f6e8239690261c0a9dcdb2c.1745356684.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 23 Apr 2025 13:20:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/215304 From: Igor Opaniuk Allow the '+' symbol as a valid character in filenames listed in the IMAGE_EFI_BOOT_FILES variable. The '+' symbol might be used to support boot counting for boot entries, as described in the UAPI Boot Loader Specification [1]: The boot counting data is stored in the name of the boot loader entry. A boot loader entry file name may contain a plus (+) followed by a number. This may optionally be followed by a minus (-) followed by a second number. The dot (.) and file name suffix (conf or efi) must immediately follow. Boot counting is enabled for entries which match this pattern. Example: IMAGE_EFI_BOOT_FILES:append = " entry.conf;loader/entries/entry+3.conf" [1] https://uapi-group.org/specifications/specs/boot_loader_specification/#boot-counting Signed-off-by: Igor Opaniuk Signed-off-by: Richard Purdie (cherry picked from commit 3f25822281eb9423ff86105eaebb0bed48663648) Signed-off-by: Jose Quaresma Signed-off-by: Steve Sakoman --- scripts/lib/wic/plugins/source/bootimg-efi.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/lib/wic/plugins/source/bootimg-efi.py b/scripts/lib/wic/plugins/source/bootimg-efi.py index 7cc5131541..37d07093f5 100644 --- a/scripts/lib/wic/plugins/source/bootimg-efi.py +++ b/scripts/lib/wic/plugins/source/bootimg-efi.py @@ -245,7 +245,7 @@ class BootimgEFIPlugin(SourcePlugin): # list of tuples (src_name, dst_name) deploy_files = [] - for src_entry in re.findall(r'[\w;\-\./\*]+', boot_files): + for src_entry in re.findall(r'[\w;\-\.\+/\*]+', boot_files): if ';' in src_entry: dst_entry = tuple(src_entry.split(';')) if not dst_entry[0] or not dst_entry[1]: From patchwork Wed Apr 23 13:20:23 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 61760 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 20550C369D8 for ; Wed, 23 Apr 2025 13:21:07 +0000 (UTC) Received: from mail-pf1-f181.google.com (mail-pf1-f181.google.com [209.85.210.181]) by mx.groups.io with SMTP id smtpd.web11.8578.1745414457146295987 for ; Wed, 23 Apr 2025 06:20:57 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=fRARilkj; spf=softfail (domain: sakoman.com, ip: 209.85.210.181, mailfrom: steve@sakoman.com) Received: by mail-pf1-f181.google.com with SMTP id d2e1a72fcca58-736c1cf75e4so5657899b3a.2 for ; Wed, 23 Apr 2025 06:20:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1745414456; x=1746019256; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=o/hcdFcJyWaR1FWWMUcKcg92Q7A+HKs85PvLp6/QSeg=; b=fRARilkj0oZYQY9JJI9If23yo0oZkcEtPtSMS9GHZLN+ZhsiR743fPlLrFuF/UyZzA idcLUdbxbigY+2bHdLWqwhBFZtBWbVIh0Jph9Cr8Ug+bA56l1uN2FKPCpxMrEqcwkyxK eLh860m9BeDrKcQl3w85+fv/qBrzpKLzmD3Ii/QrwWvpIg9AmaJ82BHZs6L7NujQcSFJ XEhyKxwZeNjY1+PUqb9MdFqlGPIRhzCUkt3JGnBQleF82gTViswxI6IHdBSD4+ZR7L5w b/YpD9hQKfBJ25E6fadQfQmJBtGCkVm64uVHSLnw48sPypMD5fiOYpq63mHbcTYBzjJE 1kIw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1745414456; x=1746019256; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=o/hcdFcJyWaR1FWWMUcKcg92Q7A+HKs85PvLp6/QSeg=; b=AXGRvpbZHxEL6awkP3pFTZrqeBwn0snnDQMO8lqXX0FbCjsHrx9cF4pWdBFf0Pob7o YqIfMZBtuSgAu7D4pciWICNwEZ/m77gQR/W1lTkckge2Ua21R7Z/gSa+FuzSLb7lkS+S YZJRHKppcA7eHRDwvTwP4PqRnPixs7TMna/nijIMMZUcIrcggnvub3fijU0JTc9oC1lV gIsAPb3cqoTckk1bnJ5XYqaVyUZPTPjHmL3ogVbqFS28vA+e72wK+gSJt7/PdpMjmnV2 DoA2PAM6eaIn8JhWv6zw7x3ig3PqvIPy9vCGK2FcqbreoeWsxdtFPnakQ4gqygziD1HV j3dw== X-Gm-Message-State: AOJu0YxqHl0mBkIpEl7j7OqQeurSNbUgy31j0kdJjSK+y6MTOW+kSX0/ BwjjIejaAgmnC46tm6cT5pN9xKa9PKrSA5jAB3En4/05ILQle9rL3xVCUpjkatSf1DdFuE3dq0E n X-Gm-Gg: ASbGncsjuRgnzkNZGScJMqzBN1GnjNm0+vkKPMhmlu5YBvXIuz+y6BFeEmB3avVcSSs cLOzXDkuTEVEmaxD2FYyHq3pDjEJSwmZBF7XFSBq5YQ3h5FjkEXqKysKj3ImOew1Q4idDpzLxik 7WkuXduQ6rwjnceW+YW7X7q2IkzPnUVCRNPxY1w5vJTlrZ0G06YsmNt+EPjkIXo7KnVhuwRnOKv LNHDNJoALSZJwUaz9c2UKJ29a1XccQAr/Nb/ByNAXUs4ktxIqgsIPJ3BRwZdsva1fj3RCcl3fkb 96feG0jj/hsYndT9UqAbwF5GNYfgPag= X-Google-Smtp-Source: AGHT+IGACcprdXNYW9ciUgOMkQJHpF6/vpne0OORHHWINMfKiEXR64Sg13L1DUoXigK3vueMkQB7RQ== X-Received: by 2002:a05:6a00:2182:b0:732:5611:cbb5 with SMTP id d2e1a72fcca58-73dc14cca88mr25674443b3a.11.1745414456117; Wed, 23 Apr 2025 06:20:56 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:371e:10cb:f3ce:33f]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-73dbf8e510bsm10898037b3a.66.2025.04.23.06.20.55 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 23 Apr 2025 06:20:55 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 12/14] systemd: upgrade 255.17 -> 255.18 Date: Wed, 23 Apr 2025 06:20:23 -0700 Message-ID: <121e1fb42c4c909115bc550585b2ebcb3a13e0a5.1745356684.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 23 Apr 2025 13:21:07 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/215305 From: Guðni Már Gilbert The update includes 82 commits. Full list of changes can be found on Github [1] All patches were refreshed with devtool. [1] systemd/systemd-stable@v255.17...v255.18 Signed-off-by: Guðni Már Gilbert Signed-off-by: Steve Sakoman --- ...oot-native_255.17.bb => systemd-boot-native_255.18.bb} | 0 .../{systemd-boot_255.17.bb => systemd-boot_255.18.bb} | 0 meta/recipes-core/systemd/systemd.inc | 2 +- .../systemd/0001-missing_type.h-add-comparison_fn_t.patch | 2 +- ...-add-fallback-parse_printf_format-implementation.patch | 4 ++-- ...mt-Don-t-install-dependency-links-at-install-tim.patch | 2 +- ...3-src-basic-missing.h-check-for-missing-strndupa.patch | 6 +++--- ...t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch | 4 ++-- .../systemd/0005-add-missing-FTW_-macros-for-musl.patch | 2 +- .../systemd/0006-Use-uintmax_t-for-handling-rlim_t.patch | 2 +- ...don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch | 2 +- ...ne-glibc-compatible-basename-for-non-glibc-syste.patch | 2 +- .../0008-implment-systemd-sysv-install-for-OE.patch | 2 +- ...ot-disable-buffering-when-writing-to-oom_score_a.patch | 4 ++-- ...inguish-XSI-compliant-strerror_r-from-GNU-specif.patch | 2 +- ...011-avoid-redefinition-of-prctl_mm_map-structure.patch | 2 +- .../0012-do-not-disable-buffer-in-writing-files.patch | 2 +- .../systemd/systemd/0013-Handle-__cpu_mask-usage.patch | 2 +- .../systemd/systemd/0014-Handle-missing-gshadow.patch | 8 ++++---- ...ssing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch | 2 +- .../0016-pass-correct-parameters-to-getdents64.patch | 4 ++-- .../systemd/systemd/0017-Adjust-for-musl-headers.patch | 2 +- ...-bus-error-strerror-is-assumed-to-be-GNU-specifi.patch | 2 +- .../0019-errno-util-Make-STRERROR-portable-for-musl.patch | 2 +- ...0-sd-event-Make-malloc_trim-conditional-on-glibc.patch | 2 +- .../0021-shared-Do-not-use-malloc_info-on-musl.patch | 2 +- .../systemd/0022-avoid-missing-LOCK_EX-declaration.patch | 2 +- .../systemd/{systemd_255.17.bb => systemd_255.18.bb} | 0 28 files changed, 34 insertions(+), 34 deletions(-) rename meta/recipes-core/systemd/{systemd-boot-native_255.17.bb => systemd-boot-native_255.18.bb} (100%) rename meta/recipes-core/systemd/{systemd-boot_255.17.bb => systemd-boot_255.18.bb} (100%) rename meta/recipes-core/systemd/{systemd_255.17.bb => systemd_255.18.bb} (100%) diff --git a/meta/recipes-core/systemd/systemd-boot-native_255.17.bb b/meta/recipes-core/systemd/systemd-boot-native_255.18.bb similarity index 100% rename from meta/recipes-core/systemd/systemd-boot-native_255.17.bb rename to meta/recipes-core/systemd/systemd-boot-native_255.18.bb diff --git a/meta/recipes-core/systemd/systemd-boot_255.17.bb b/meta/recipes-core/systemd/systemd-boot_255.18.bb similarity index 100% rename from meta/recipes-core/systemd/systemd-boot_255.17.bb rename to meta/recipes-core/systemd/systemd-boot_255.18.bb diff --git a/meta/recipes-core/systemd/systemd.inc b/meta/recipes-core/systemd/systemd.inc index c359d77e9d..8e134d8c86 100644 --- a/meta/recipes-core/systemd/systemd.inc +++ b/meta/recipes-core/systemd/systemd.inc @@ -15,7 +15,7 @@ LICENSE:libsystemd = "LGPL-2.1-or-later" LIC_FILES_CHKSUM = "file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \ file://LICENSE.LGPL2.1;md5=4fbd65380cdd255951079008b364516c" -SRCREV = "fb92304041cd203d2ca84cc28721dea5e1355c4e" +SRCREV = "20415d357fb0e253df7444019a47674fac4ed1d6" SRCBRANCH = "v255-stable" SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=https;branch=${SRCBRANCH}" diff --git a/meta/recipes-core/systemd/systemd/0001-missing_type.h-add-comparison_fn_t.patch b/meta/recipes-core/systemd/systemd/0001-missing_type.h-add-comparison_fn_t.patch index 9e9ccf51c8..d2ffdd8de4 100644 --- a/meta/recipes-core/systemd/systemd/0001-missing_type.h-add-comparison_fn_t.patch +++ b/meta/recipes-core/systemd/systemd/0001-missing_type.h-add-comparison_fn_t.patch @@ -1,4 +1,4 @@ -From abbda6d89c0b850c0adeebc3e210d9b255072a40 Mon Sep 17 00:00:00 2001 +From 7bbb54406dd77c358eab9df08b100ee85e176052 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Mon, 25 Feb 2019 13:55:12 +0800 Subject: [PATCH] missing_type.h: add comparison_fn_t diff --git a/meta/recipes-core/systemd/systemd/0002-add-fallback-parse_printf_format-implementation.patch b/meta/recipes-core/systemd/systemd/0002-add-fallback-parse_printf_format-implementation.patch index c91f24b026..df9e978e55 100644 --- a/meta/recipes-core/systemd/systemd/0002-add-fallback-parse_printf_format-implementation.patch +++ b/meta/recipes-core/systemd/systemd/0002-add-fallback-parse_printf_format-implementation.patch @@ -1,4 +1,4 @@ -From adaa70c17daedd8d81525d080fda8a1e22efe3a4 Mon Sep 17 00:00:00 2001 +From d0b08484a6c3113b6209d8f8e1dc1186a6427b99 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin Date: Sat, 22 May 2021 20:26:24 +0200 Subject: [PATCH] add fallback parse_printf_format implementation @@ -22,7 +22,7 @@ Signed-off-by: Scott Murray create mode 100644 src/basic/parse-printf-format.h diff --git a/meson.build b/meson.build -index d5109b0d00..ccde927cf3 100644 +index 8c16c1c5c0..408d2ab80a 100644 --- a/meson.build +++ b/meson.build @@ -732,6 +732,7 @@ endif diff --git a/meta/recipes-core/systemd/systemd/0002-binfmt-Don-t-install-dependency-links-at-install-tim.patch b/meta/recipes-core/systemd/systemd/0002-binfmt-Don-t-install-dependency-links-at-install-tim.patch index 11e9be6059..784f0898c0 100644 --- a/meta/recipes-core/systemd/systemd/0002-binfmt-Don-t-install-dependency-links-at-install-tim.patch +++ b/meta/recipes-core/systemd/systemd/0002-binfmt-Don-t-install-dependency-links-at-install-tim.patch @@ -1,4 +1,4 @@ -From 95bf78fe7d7b7d41ff43e761bb78adfb4fdb9303 Mon Sep 17 00:00:00 2001 +From 7e4fae68909ce4932e073dd060e22581edc39ad2 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Thu, 21 Feb 2019 16:23:24 +0800 Subject: [PATCH] binfmt: Don't install dependency links at install time for diff --git a/meta/recipes-core/systemd/systemd/0003-src-basic-missing.h-check-for-missing-strndupa.patch b/meta/recipes-core/systemd/systemd/0003-src-basic-missing.h-check-for-missing-strndupa.patch index 0b75896b00..e46b4386aa 100644 --- a/meta/recipes-core/systemd/systemd/0003-src-basic-missing.h-check-for-missing-strndupa.patch +++ b/meta/recipes-core/systemd/systemd/0003-src-basic-missing.h-check-for-missing-strndupa.patch @@ -1,4 +1,4 @@ -From 76f4749e3a583ad3c924bdff4a6bde967c674ed7 Mon Sep 17 00:00:00 2001 +From ca0b48676132744b78d99ee3ec2d33f11bb73c28 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Mon, 25 Feb 2019 14:18:21 +0800 Subject: [PATCH] src/basic/missing.h: check for missing strndupa @@ -80,7 +80,7 @@ Signed-off-by: Guðni Már Gilbert 51 files changed, 62 insertions(+) diff --git a/meson.build b/meson.build -index 216a8cbc91..d5109b0d00 100644 +index 408d2ab80a..2c00b7047f 100644 --- a/meson.build +++ b/meson.build @@ -572,6 +572,7 @@ foreach ident : ['secure_getenv', '__secure_getenv'] @@ -328,7 +328,7 @@ index b8e3f7aadd..8ce8ca68d8 100644 #if HAVE_KMOD #include "module-util.h" diff --git a/src/core/service.c b/src/core/service.c -index d3ea8a9c3c..c3441f785c 100644 +index d0353ae461..7f98f5ee45 100644 --- a/src/core/service.c +++ b/src/core/service.c @@ -45,6 +45,7 @@ diff --git a/meta/recipes-core/systemd/systemd/0004-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch b/meta/recipes-core/systemd/systemd/0004-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch index 96872ac150..43ba526792 100644 --- a/meta/recipes-core/systemd/systemd/0004-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch +++ b/meta/recipes-core/systemd/systemd/0004-don-t-fail-if-GLOB_BRACE-and-GLOB_ALTDIRFUNC-is-not-.patch @@ -1,4 +1,4 @@ -From e9110b095a5728762b3bd3abdec2a99b4ce01b5e Mon Sep 17 00:00:00 2001 +From 3ea9cc03431c93c86cf0ca63ad04219af221a2d0 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Mon, 25 Feb 2019 14:56:21 +0800 Subject: [PATCH] don't fail if GLOB_BRACE and GLOB_ALTDIRFUNC is not defined @@ -114,7 +114,7 @@ index 9b3e73cce0..3790ba3be5 100644 (void) rm_rf(template, REMOVE_ROOT|REMOVE_PHYSICAL); diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c -index f4c8ebc27f..e07ad66c65 100644 +index d22fa3b3c7..3471f98add 100644 --- a/src/tmpfiles/tmpfiles.c +++ b/src/tmpfiles/tmpfiles.c @@ -73,6 +73,12 @@ diff --git a/meta/recipes-core/systemd/systemd/0005-add-missing-FTW_-macros-for-musl.patch b/meta/recipes-core/systemd/systemd/0005-add-missing-FTW_-macros-for-musl.patch index 936183f238..c25ccde9e2 100644 --- a/meta/recipes-core/systemd/systemd/0005-add-missing-FTW_-macros-for-musl.patch +++ b/meta/recipes-core/systemd/systemd/0005-add-missing-FTW_-macros-for-musl.patch @@ -1,4 +1,4 @@ -From 1eeac3e8ce96ad5da381555e93a57330cb8a5d48 Mon Sep 17 00:00:00 2001 +From 885a6880ad1b687e3fbf1b9f35e218bee1fcc835 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Mon, 25 Feb 2019 15:00:06 +0800 Subject: [PATCH] add missing FTW_ macros for musl diff --git a/meta/recipes-core/systemd/systemd/0006-Use-uintmax_t-for-handling-rlim_t.patch b/meta/recipes-core/systemd/systemd/0006-Use-uintmax_t-for-handling-rlim_t.patch index 34d62c9e32..13c155745a 100644 --- a/meta/recipes-core/systemd/systemd/0006-Use-uintmax_t-for-handling-rlim_t.patch +++ b/meta/recipes-core/systemd/systemd/0006-Use-uintmax_t-for-handling-rlim_t.patch @@ -1,4 +1,4 @@ -From fd2bb25921040fc5faed3a4aae0bd9e03f8f4742 Mon Sep 17 00:00:00 2001 +From 646c3ced29922065eed64ac9b23af8276e989608 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Mon, 25 Feb 2019 15:12:41 +0800 Subject: [PATCH] Use uintmax_t for handling rlim_t diff --git a/meta/recipes-core/systemd/systemd/0007-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch b/meta/recipes-core/systemd/systemd/0007-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch index 7cc8002a90..55405c5d0b 100644 --- a/meta/recipes-core/systemd/systemd/0007-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch +++ b/meta/recipes-core/systemd/systemd/0007-don-t-pass-AT_SYMLINK_NOFOLLOW-flag-to-faccessat.patch @@ -1,4 +1,4 @@ -From fde97394bf1a2faffa420afb098af61676033640 Mon Sep 17 00:00:00 2001 +From f772369a2519b378c09bb89bd48c3743a62404e3 Mon Sep 17 00:00:00 2001 From: Andre McCurdy Date: Tue, 10 Oct 2017 14:33:30 -0700 Subject: [PATCH] don't pass AT_SYMLINK_NOFOLLOW flag to faccessat() diff --git a/meta/recipes-core/systemd/systemd/0008-Define-glibc-compatible-basename-for-non-glibc-syste.patch b/meta/recipes-core/systemd/systemd/0008-Define-glibc-compatible-basename-for-non-glibc-syste.patch index 5579dc3dcc..6005b621ee 100644 --- a/meta/recipes-core/systemd/systemd/0008-Define-glibc-compatible-basename-for-non-glibc-syste.patch +++ b/meta/recipes-core/systemd/systemd/0008-Define-glibc-compatible-basename-for-non-glibc-syste.patch @@ -1,4 +1,4 @@ -From e2e1fee9fd5635420408777524dd418ce10dddc8 Mon Sep 17 00:00:00 2001 +From 45b1226ddbd981798e0448da41ddc4901e246b45 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sun, 27 May 2018 08:36:44 -0700 Subject: [PATCH] Define glibc compatible basename() for non-glibc systems diff --git a/meta/recipes-core/systemd/systemd/0008-implment-systemd-sysv-install-for-OE.patch b/meta/recipes-core/systemd/systemd/0008-implment-systemd-sysv-install-for-OE.patch index 2151d51af2..d43eaeff7a 100644 --- a/meta/recipes-core/systemd/systemd/0008-implment-systemd-sysv-install-for-OE.patch +++ b/meta/recipes-core/systemd/systemd/0008-implment-systemd-sysv-install-for-OE.patch @@ -1,4 +1,4 @@ -From 2b40558d201b73962077d0cedef820dfe95395c7 Mon Sep 17 00:00:00 2001 +From abca5814cb0b5b98a1e7af829cc166e76c524f1a Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sat, 5 Sep 2015 06:31:47 +0000 Subject: [PATCH] implment systemd-sysv-install for OE diff --git a/meta/recipes-core/systemd/systemd/0009-Do-not-disable-buffering-when-writing-to-oom_score_a.patch b/meta/recipes-core/systemd/systemd/0009-Do-not-disable-buffering-when-writing-to-oom_score_a.patch index 6586cbb72c..3e557b764f 100644 --- a/meta/recipes-core/systemd/systemd/0009-Do-not-disable-buffering-when-writing-to-oom_score_a.patch +++ b/meta/recipes-core/systemd/systemd/0009-Do-not-disable-buffering-when-writing-to-oom_score_a.patch @@ -1,4 +1,4 @@ -From b783adf25c5619931189b4474d389a808e7845d6 Mon Sep 17 00:00:00 2001 +From 8d61cecff3ba0687ad2c10aacb7d2aee7cb3fa79 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Wed, 4 Jul 2018 15:00:44 +0800 Subject: [PATCH] Do not disable buffering when writing to oom_score_adj @@ -24,7 +24,7 @@ Signed-off-by: Scott Murray 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/basic/process-util.c b/src/basic/process-util.c -index 1447f65399..dcbc7ac973 100644 +index bbce0ea985..d2f7c27cea 100644 --- a/src/basic/process-util.c +++ b/src/basic/process-util.c @@ -1716,7 +1716,7 @@ int set_oom_score_adjust(int value) { diff --git a/meta/recipes-core/systemd/systemd/0010-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch b/meta/recipes-core/systemd/systemd/0010-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch index 79db096b34..d4b67d15f4 100644 --- a/meta/recipes-core/systemd/systemd/0010-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch +++ b/meta/recipes-core/systemd/systemd/0010-distinguish-XSI-compliant-strerror_r-from-GNU-specif.patch @@ -1,4 +1,4 @@ -From ac820a745c905e0045ce5cc41da7eaa802078b1b Mon Sep 17 00:00:00 2001 +From 2180b639665bd314905ef058dee9a5e4a534333e Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Tue, 10 Jul 2018 15:40:17 +0800 Subject: [PATCH] distinguish XSI-compliant strerror_r from GNU-specifi diff --git a/meta/recipes-core/systemd/systemd/0011-avoid-redefinition-of-prctl_mm_map-structure.patch b/meta/recipes-core/systemd/systemd/0011-avoid-redefinition-of-prctl_mm_map-structure.patch index 67fd4921ba..ad8888895f 100644 --- a/meta/recipes-core/systemd/systemd/0011-avoid-redefinition-of-prctl_mm_map-structure.patch +++ b/meta/recipes-core/systemd/systemd/0011-avoid-redefinition-of-prctl_mm_map-structure.patch @@ -1,4 +1,4 @@ -From 4a2472cae75720b3129260c8789a87af26ca443a Mon Sep 17 00:00:00 2001 +From 3b1639c7052d9d574dd05d268364e7919b6f2580 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Mon, 25 Feb 2019 15:44:54 +0800 Subject: [PATCH] avoid redefinition of prctl_mm_map structure diff --git a/meta/recipes-core/systemd/systemd/0012-do-not-disable-buffer-in-writing-files.patch b/meta/recipes-core/systemd/systemd/0012-do-not-disable-buffer-in-writing-files.patch index e735a00bb9..f0eafd6fea 100644 --- a/meta/recipes-core/systemd/systemd/0012-do-not-disable-buffer-in-writing-files.patch +++ b/meta/recipes-core/systemd/systemd/0012-do-not-disable-buffer-in-writing-files.patch @@ -1,4 +1,4 @@ -From 8072fee9fcb0e9a8c73de56f38468e7287ac4961 Mon Sep 17 00:00:00 2001 +From c1a375d93edbfaf3f64bec88c75cfcf436d4ba05 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Fri, 1 Mar 2019 15:22:15 +0800 Subject: [PATCH] do not disable buffer in writing files diff --git a/meta/recipes-core/systemd/systemd/0013-Handle-__cpu_mask-usage.patch b/meta/recipes-core/systemd/systemd/0013-Handle-__cpu_mask-usage.patch index e995da81ff..5427671553 100644 --- a/meta/recipes-core/systemd/systemd/0013-Handle-__cpu_mask-usage.patch +++ b/meta/recipes-core/systemd/systemd/0013-Handle-__cpu_mask-usage.patch @@ -1,4 +1,4 @@ -From 4b46cf08f269b69d5336bf3d8f617a288bd65ea8 Mon Sep 17 00:00:00 2001 +From b10a273f5e26536068a90f961c2a7a6c6528083b Mon Sep 17 00:00:00 2001 From: Scott Murray Date: Fri, 13 Sep 2019 19:26:27 -0400 Subject: [PATCH] Handle __cpu_mask usage diff --git a/meta/recipes-core/systemd/systemd/0014-Handle-missing-gshadow.patch b/meta/recipes-core/systemd/systemd/0014-Handle-missing-gshadow.patch index 8cc9c1ba0c..679b42ff95 100644 --- a/meta/recipes-core/systemd/systemd/0014-Handle-missing-gshadow.patch +++ b/meta/recipes-core/systemd/systemd/0014-Handle-missing-gshadow.patch @@ -1,4 +1,4 @@ -From 76a0eea205c943a0e1fd0db7336cabb98d5c6c8c Mon Sep 17 00:00:00 2001 +From c55dd0f9e1ea05749d0a54082daa69729ee946af Mon Sep 17 00:00:00 2001 From: Alex Kiernan Date: Tue, 10 Mar 2020 11:05:20 +0000 Subject: [PATCH] Handle missing gshadow @@ -138,10 +138,10 @@ index 22ab04d6ee..4e52e7a911 100644 #include diff --git a/src/shared/userdb.c b/src/shared/userdb.c -index 98066bb81d..47dc4dd420 100644 +index 7469768233..556e6b84e6 100644 --- a/src/shared/userdb.c +++ b/src/shared/userdb.c -@@ -1038,13 +1038,15 @@ int groupdb_iterator_get(UserDBIterator *iterator, GroupRecord **ret) { +@@ -1039,13 +1039,15 @@ int groupdb_iterator_get(UserDBIterator *iterator, GroupRecord **ret) { if (gr) { _cleanup_free_ char *buffer = NULL; bool incomplete = false; @@ -158,7 +158,7 @@ index 98066bb81d..47dc4dd420 100644 if (!FLAGS_SET(iterator->flags, USERDB_SUPPRESS_SHADOW)) { r = nss_sgrp_for_group(gr, &sgrp, &buffer); if (r < 0) { -@@ -1057,6 +1059,9 @@ int groupdb_iterator_get(UserDBIterator *iterator, GroupRecord **ret) { +@@ -1058,6 +1060,9 @@ int groupdb_iterator_get(UserDBIterator *iterator, GroupRecord **ret) { } r = nss_group_to_group_record(gr, r >= 0 ? &sgrp : NULL, ret); diff --git a/meta/recipes-core/systemd/systemd/0015-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch b/meta/recipes-core/systemd/systemd/0015-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch index 915a7bb0be..2bd683785d 100644 --- a/meta/recipes-core/systemd/systemd/0015-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch +++ b/meta/recipes-core/systemd/systemd/0015-missing_syscall.h-Define-MIPS-ABI-defines-for-musl.patch @@ -1,4 +1,4 @@ -From bd309e23e3e5b7bff8cd4b6778396d921438295e Mon Sep 17 00:00:00 2001 +From 4733cb758285ec7f63e834894aa8f09d9bc77ad5 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Mon, 12 Apr 2021 23:44:53 -0700 Subject: [PATCH] missing_syscall.h: Define MIPS ABI defines for musl diff --git a/meta/recipes-core/systemd/systemd/0016-pass-correct-parameters-to-getdents64.patch b/meta/recipes-core/systemd/systemd/0016-pass-correct-parameters-to-getdents64.patch index a9961b515d..3e359d976a 100644 --- a/meta/recipes-core/systemd/systemd/0016-pass-correct-parameters-to-getdents64.patch +++ b/meta/recipes-core/systemd/systemd/0016-pass-correct-parameters-to-getdents64.patch @@ -1,4 +1,4 @@ -From 81eb93545808124b3c1abbef2e5d71ad28a1a870 Mon Sep 17 00:00:00 2001 +From 1118d270cf2cd7c6cb99eb40ab42c3d07b20476c Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Fri, 21 Jan 2022 15:15:11 -0800 Subject: [PATCH] pass correct parameters to getdents64 @@ -20,7 +20,7 @@ Signed-off-by: Jiaqing Zhao 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/basic/recurse-dir.c b/src/basic/recurse-dir.c -index 5e98b7a5d8..aef065047b 100644 +index d648862dbc..a1fea243e8 100644 --- a/src/basic/recurse-dir.c +++ b/src/basic/recurse-dir.c @@ -55,7 +55,7 @@ int readdir_all(int dir_fd, diff --git a/meta/recipes-core/systemd/systemd/0017-Adjust-for-musl-headers.patch b/meta/recipes-core/systemd/systemd/0017-Adjust-for-musl-headers.patch index d8557bd3f3..6ae6cdfe54 100644 --- a/meta/recipes-core/systemd/systemd/0017-Adjust-for-musl-headers.patch +++ b/meta/recipes-core/systemd/systemd/0017-Adjust-for-musl-headers.patch @@ -1,4 +1,4 @@ -From d09615e61bc779228c996f024ec48c7e21eb64c9 Mon Sep 17 00:00:00 2001 +From ab78d7938e732125012f8276e357e8f6d4a51476 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Fri, 21 Jan 2022 22:19:37 -0800 Subject: [PATCH] Adjust for musl headers diff --git a/meta/recipes-core/systemd/systemd/0018-test-bus-error-strerror-is-assumed-to-be-GNU-specifi.patch b/meta/recipes-core/systemd/systemd/0018-test-bus-error-strerror-is-assumed-to-be-GNU-specifi.patch index 0fd55eb0ea..5d74d08201 100644 --- a/meta/recipes-core/systemd/systemd/0018-test-bus-error-strerror-is-assumed-to-be-GNU-specifi.patch +++ b/meta/recipes-core/systemd/systemd/0018-test-bus-error-strerror-is-assumed-to-be-GNU-specifi.patch @@ -1,4 +1,4 @@ -From c0c90f4e2381091830203e1286115b0a30e059d3 Mon Sep 17 00:00:00 2001 +From 20cf3569dff21f5c4e46855c3956606fa0141710 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Tue, 8 Nov 2022 13:31:34 -0800 Subject: [PATCH] test-bus-error: strerror() is assumed to be GNU specific diff --git a/meta/recipes-core/systemd/systemd/0019-errno-util-Make-STRERROR-portable-for-musl.patch b/meta/recipes-core/systemd/systemd/0019-errno-util-Make-STRERROR-portable-for-musl.patch index e0228d6ad8..a20e21ee08 100644 --- a/meta/recipes-core/systemd/systemd/0019-errno-util-Make-STRERROR-portable-for-musl.patch +++ b/meta/recipes-core/systemd/systemd/0019-errno-util-Make-STRERROR-portable-for-musl.patch @@ -1,4 +1,4 @@ -From 6ad0fb9dcd6940a9a24e515b61d4b6245c3b1e98 Mon Sep 17 00:00:00 2001 +From 5e3e71f93adf5bdbfd470bcd93320dab314dc3ef Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Mon, 23 Jan 2023 23:39:46 -0800 Subject: [PATCH] errno-util: Make STRERROR portable for musl diff --git a/meta/recipes-core/systemd/systemd/0020-sd-event-Make-malloc_trim-conditional-on-glibc.patch b/meta/recipes-core/systemd/systemd/0020-sd-event-Make-malloc_trim-conditional-on-glibc.patch index 45284e89e1..bdcff34f2c 100644 --- a/meta/recipes-core/systemd/systemd/0020-sd-event-Make-malloc_trim-conditional-on-glibc.patch +++ b/meta/recipes-core/systemd/systemd/0020-sd-event-Make-malloc_trim-conditional-on-glibc.patch @@ -1,4 +1,4 @@ -From 70abcbd93b8854c4dd0ae88b82f394d325b2a365 Mon Sep 17 00:00:00 2001 +From 18201d3350b443c79cc85274f3944bf64de33da0 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Wed, 2 Aug 2023 12:06:27 -0700 Subject: [PATCH] sd-event: Make malloc_trim() conditional on glibc diff --git a/meta/recipes-core/systemd/systemd/0021-shared-Do-not-use-malloc_info-on-musl.patch b/meta/recipes-core/systemd/systemd/0021-shared-Do-not-use-malloc_info-on-musl.patch index 691bf89afd..451511be16 100644 --- a/meta/recipes-core/systemd/systemd/0021-shared-Do-not-use-malloc_info-on-musl.patch +++ b/meta/recipes-core/systemd/systemd/0021-shared-Do-not-use-malloc_info-on-musl.patch @@ -1,4 +1,4 @@ -From c85009340b3a58686390ee70671334593e348a10 Mon Sep 17 00:00:00 2001 +From 96c3d0d3a2359dd248685c2ede876d66c3faa3f9 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Wed, 2 Aug 2023 12:20:40 -0700 Subject: [PATCH] shared: Do not use malloc_info on musl diff --git a/meta/recipes-core/systemd/systemd/0022-avoid-missing-LOCK_EX-declaration.patch b/meta/recipes-core/systemd/systemd/0022-avoid-missing-LOCK_EX-declaration.patch index 6b3aa607b4..cd22adf0e5 100644 --- a/meta/recipes-core/systemd/systemd/0022-avoid-missing-LOCK_EX-declaration.patch +++ b/meta/recipes-core/systemd/systemd/0022-avoid-missing-LOCK_EX-declaration.patch @@ -1,4 +1,4 @@ -From 45478696b3a3eb1fbcd6c5cd4899bb426230c2e1 Mon Sep 17 00:00:00 2001 +From f3bc7816d9cca9963a2737857763ee76e300a232 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Tue, 2 Jan 2024 11:03:27 +0800 Subject: [PATCH] avoid missing LOCK_EX declaration diff --git a/meta/recipes-core/systemd/systemd_255.17.bb b/meta/recipes-core/systemd/systemd_255.18.bb similarity index 100% rename from meta/recipes-core/systemd/systemd_255.17.bb rename to meta/recipes-core/systemd/systemd_255.18.bb From patchwork Wed Apr 23 13:20:24 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 61759 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 197C0C369CB for ; Wed, 23 Apr 2025 13:21:07 +0000 (UTC) Received: from mail-pf1-f171.google.com (mail-pf1-f171.google.com [209.85.210.171]) by mx.groups.io with SMTP id smtpd.web10.8330.1745414459795873477 for ; Wed, 23 Apr 2025 06:20:59 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=w2WkCaZw; spf=softfail (domain: sakoman.com, ip: 209.85.210.171, mailfrom: steve@sakoman.com) Received: by mail-pf1-f171.google.com with SMTP id d2e1a72fcca58-7399838db7fso1081146b3a.0 for ; Wed, 23 Apr 2025 06:20:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1745414459; x=1746019259; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=xpHDf6nJAcNeh2PLlKgUsirqP48uzjydH/mFMK8ykxE=; b=w2WkCaZw2D6bTUV27L6VVoSE0+qg15Yk/mtanC+yDXDmoYWOxB6EQftL9/5Ss9TGdY uuyoOHO2OzuB0U0f+jXGTu7e9VsEYU0w/bcXJNCeklbIGFDWgqErNbGQ/MmAqq4Bk8qF tkE0MkkEBwgSDnVOTbGCmuvEdbqf6fES3rPVxgB/nK/bqCWykzes0eynrjynU95DJg2T nPATZPvZYxEo7MQPWOQa8tseL0Kb4kMmYm/1a5sUwVJbGPV5zy7rBxa0OQuFZvFAFRWV MfC5UwTx053P2bGZL8WYfVBrQEz5w0UiRSp2p/VTGTmVPkyfX+Fde3F9mpWryID8lvpy DKww== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1745414459; x=1746019259; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=xpHDf6nJAcNeh2PLlKgUsirqP48uzjydH/mFMK8ykxE=; b=DOm2GIVybRZaxBdsYlYB6+mOFWGuGZreuiSJblMMC0Dc5pfdLJP+gJG22LYpmaMjSE eGQnIE5zcarruaUrDSPUFSBSDmj+B94nGmJNxlmA0f57Fe2M4E4Kw4H5IgXfgD1gy0no k/YCHFEcjBiiJJdbY33/bi2ji3Uy1GQxhUIaVnTog0ZjZk/bWdDzsGH09q+UcEjCYIbS 3fKMnn4z/pZ67oNmU76enqjDP/BC7K/txtGj/G87dZzj9zu+CDp4ipibw0ubbK/7lW+H UXzXkdGgsknk5iv9ztpZZVniDg2Lh2EKyAmsMcN6ih9nFAHugyLcUsrBqIwinYc7dbtY 8rZQ== X-Gm-Message-State: AOJu0Yy0L5/th8QXUpay22ACz4WjcmdCA2GFy06AD+Lu36E44ysP5u7A J3zZJeY7KGZJP66XOPCXIlNxlHARrf9paXIFb8RX4oL5IsVb66ErrTmmkvNHzfCdLDSXZDzHCOe s X-Gm-Gg: ASbGncuMhN1QWrOaxcHKkGuBhffB6SibwmIZWoMdHApir6DXsidpGmIrEjmu2WVa0Ee V1ZREWidmX2xLeq621fe/E0o0oE7mOg5gpwkaNGZoD8kjMYU/MdUGnq6PoZ/dgOz2RZckKL/wUY 21VNkAJS+InVeyO6b/y66ouXu84trHyqMV7E1UxFqpk0JKXMx3Orsvl/qLru9owwTUvlKshMQFi db5VNkmzFGBQVISvYvncfVyTI7yPGCxRZzOmTwnS3i9l9bpYA5dU3S/2p7THdeYwR6wAORjUt89 eJbV0rWml7+0bt/IYUvgvSDvNLL2IsGcQ5EZGnGgCA== X-Google-Smtp-Source: AGHT+IF17Get/RX+xU5yfQeu5e19h8vJpvFYtp8z9kDdBdQZEIsMkOBfxLQuCearzfffh1xebDCIUw== X-Received: by 2002:a05:6a00:3394:b0:73b:ac3d:9d6b with SMTP id d2e1a72fcca58-73e1359a73cmr4552043b3a.4.1745414459085; Wed, 23 Apr 2025 06:20:59 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:371e:10cb:f3ce:33f]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-73dbf8e510bsm10898037b3a.66.2025.04.23.06.20.58 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 23 Apr 2025 06:20:58 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 13/14] python3-jinja2: upgrade 3.1.4 -> 3.1.6 Date: Wed, 23 Apr 2025 06:20:24 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 23 Apr 2025 13:21:07 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/215306 From: Soumya Sambu Includes fix for - CVE-2024-56326, CVE-2025-27516, CVE-2024-56201 Changelog: https://github.com/pallets/jinja/blob/3.1.6/CHANGES.rst https://github.com/pallets/jinja/blob/3.1.5/CHANGES.rst Signed-off-by: Soumya Sambu Signed-off-by: Steve Sakoman --- .../{python3-jinja2_3.1.4.bb => python3-jinja2_3.1.6.bb} | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) rename meta/recipes-devtools/python/{python3-jinja2_3.1.4.bb => python3-jinja2_3.1.6.bb} (81%) diff --git a/meta/recipes-devtools/python/python3-jinja2_3.1.4.bb b/meta/recipes-devtools/python/python3-jinja2_3.1.6.bb similarity index 81% rename from meta/recipes-devtools/python/python3-jinja2_3.1.4.bb rename to meta/recipes-devtools/python/python3-jinja2_3.1.6.bb index 2c02037011..de2b251049 100644 --- a/meta/recipes-devtools/python/python3-jinja2_3.1.4.bb +++ b/meta/recipes-devtools/python/python3-jinja2_3.1.6.bb @@ -4,7 +4,7 @@ HOMEPAGE = "https://pypi.org/project/Jinja2/" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=5dc88300786f1c214c1e9827a5229462" -SRC_URI[sha256sum] = "4a3aee7acbbe7303aede8e9648d13b8bf88a429282aa6122a993f0ac800cb369" +SRC_URI[sha256sum] = "0137fb05990d35f1275a587e9aee6d56da821fc83491a0fb838183be43f66d6d" PYPI_PACKAGE = "jinja2" @@ -21,6 +21,9 @@ SRC_URI += " \ do_install_ptest() { install -d ${D}${PTEST_PATH}/tests cp -rf ${S}/tests/* ${D}${PTEST_PATH}/tests/ + + # test_async items require trio module + rm -f ${D}${PTEST_PATH}/tests/test_async.py ${D}${PTEST_PATH}/tests/test_async_filters.py } RDEPENDS:${PN}-ptest += " \ From patchwork Wed Apr 23 13:20:25 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 61761 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 204F6C369D7 for ; Wed, 23 Apr 2025 13:21:07 +0000 (UTC) Received: from mail-pf1-f174.google.com (mail-pf1-f174.google.com [209.85.210.174]) by mx.groups.io with SMTP id smtpd.web11.8583.1745414462642259813 for ; Wed, 23 Apr 2025 06:21:02 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=zWyCvCRi; spf=softfail (domain: sakoman.com, ip: 209.85.210.174, mailfrom: steve@sakoman.com) Received: by mail-pf1-f174.google.com with SMTP id d2e1a72fcca58-7390d21bb1cso5981757b3a.2 for ; Wed, 23 Apr 2025 06:21:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1745414462; x=1746019262; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=IIppv16m+L3aEcW2mqJyM23Ac7vhAbb80HVHp80vzdM=; b=zWyCvCRiaPl98jqqisn5gvRX7Qc6kStzHOVZfvcRUURCLWrlW9WBounKMYMz7eUo/E qxNEoi7jHOqiU+DzUfhAKwR+v7H9IYqNWMl+7YLLuQHURQfgMNl6JqzxBlN/FoPbTVY6 LrtgqjEJaEeFkA78RMFZeT6pjFU+RhxvkFVd7fSQBe0Pnvd9nQQBGrZHfqc1Q2GnLdBA hqVCDcJ4nti8ZKlDuDEljSsuct7SKYm+EfC6RoIbleOPdK7M+qtpu3h/1IYP204+foly CvOJBKR8eTnOJCxn5y65UKJyrx8FVNbqdZGoCpvgWn+pAo9XBeGE7OkBgNG+rq4UV0/0 djcQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1745414462; x=1746019262; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=IIppv16m+L3aEcW2mqJyM23Ac7vhAbb80HVHp80vzdM=; b=Mv2NSveQUb6QDbUsZCsR8E8+lAZkAry7QcJY7ywrmuHzqGyd6KcbyDrdVExcF98ERO dK6t2uCapE3MJo+lJt2lzG33gKo4mcrc0aJZnrqKFmtefIcsCicAVf+QuT16FKKeX+3i R2U1CRjgpQN0b50umnTYligb0lszgVzuiiLPMvNK0pMAX7V0iEiD0MJNOYjdAtaITW0g oWDtRgAsfZKXqLWA14x2ex8Bt4mXVP85JHSXDk4En1iAIAGPv/8p4il6btCORg6F8qJM HwgZglB6QKywYLFfdlvEtRgpRq+WKkFkVWDXRZ/977RJtpKlG/+wgT1XrzGOoZfhbPvk X07g== X-Gm-Message-State: AOJu0Yyd5lgSA0gODpW8KhdzxXnO8iMWyawbGNCERPR2Gq7g3HWX0DBA Wj39/TDrkARxqWKLAEL/XfUWuukCjM/+9DTRUXw3KmPGEjwUZo/2nycuzOMGK4XVYRn+j8oECUg L X-Gm-Gg: ASbGncvacRb6jFnjQRj51/zKOrslAxgqPLSi7Vcr3R7toZEx6/59is71WfdgFIrr0t4 Fk7KEcCWSBG8rOVAObabXN6yOBH7pthf8k7Ba10e4zlw0iyxaCeaWkIjcGMNo+VaVAzwdAylYWX l56xnACP8C2AsONAUdqTGtlw1BNsz8V1JsFi7wYYCclqYFhXKOV+PSKf3ofDwcTbNSN4+d02sUt jjgM+EaAVpyaFsrX4L7FYIVDj8hkvSqXfKIE4xi0wa35X7AW/z8M80+/Kk+pYL/sPSGzaLMpe1Y OaU+KkQc462briKaQulNVOoc43CoXUI= X-Google-Smtp-Source: AGHT+IHkP6m+rYWQmVsQRhuUqN5LKH3pd2YPy78UHniygGz6Yb5kRycqyUi38gZkRiGodEYbVsztUQ== X-Received: by 2002:a05:6a00:1d81:b0:736:39d4:ccf6 with SMTP id d2e1a72fcca58-73dc14a934cmr27693293b3a.8.1745414461909; Wed, 23 Apr 2025 06:21:01 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:371e:10cb:f3ce:33f]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-73dbf8e510bsm10898037b3a.66.2025.04.23.06.21.01 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 23 Apr 2025 06:21:01 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 14/14] bluez5: add missing tools to noinst-tools package Date: Wed, 23 Apr 2025 06:20:25 -0700 Message-ID: <87cadf62ba0d6b0fc3dc0151a5d320919b7eb1ab.1745356684.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 23 Apr 2025 13:21:07 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/215307 From: Guðni Már Gilbert This change will prevent these tools from being installed if the image doesn't install bluez5-noinst-tools package. BlueZ 5.66: tools/mesh-tester BlueZ 5.66: tools/ioctl-tester BlueZ 5.65: tools/iso-tester BlueZ 5.56: tools/btpclientctl BlueZ 5.51: tools/bcmfw BlueZ 5.49: tools/rtlfw BlueZ 5.47: tools/btconfig (not a new tool, but it was moved from bin_PROGRAMS to noinst_PROGRAMS) Signed-off-by: Guðni Már Gilbert Signed-off-by: Richard Purdie Signed-off-by: Steve Sakoman --- meta/recipes-connectivity/bluez5/bluez5_5.72.bb | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/meta/recipes-connectivity/bluez5/bluez5_5.72.bb b/meta/recipes-connectivity/bluez5/bluez5_5.72.bb index 9fda960ea7..d64286ef6e 100644 --- a/meta/recipes-connectivity/bluez5/bluez5_5.72.bb +++ b/meta/recipes-connectivity/bluez5/bluez5_5.72.bb @@ -32,6 +32,9 @@ NOINST_TOOLS_TESTING ?= " \ tools/rfcomm-tester \ tools/bnep-tester \ tools/userchan-tester \ + tools/iso-tester \ + tools/mesh-tester \ + tools/ioctl-tester \ " # noinst programs in Makefile.tools that are conditional on TOOLS @@ -46,6 +49,7 @@ NOINST_TOOLS_BT ?= " \ tools/hcieventmask \ tools/hcisecfilter \ tools/btinfo \ + tools/btconfig \ tools/btsnoop \ tools/btproxy \ tools/btiotest \ @@ -56,6 +60,8 @@ NOINST_TOOLS_BT ?= " \ tools/advtest \ tools/seq2bseq \ tools/nokfw \ + tools/rtlfw \ + tools/bcmfw \ tools/create-image \ tools/eddystone \ tools/ibeacon \ @@ -65,5 +71,5 @@ NOINST_TOOLS_BT ?= " \ tools/check-selftest \ tools/gatt-service \ profiles/iap/iapd \ - ${@bb.utils.contains('PACKAGECONFIG', 'btpclient', 'tools/btpclient', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'btpclient', 'tools/btpclient tools/btpclientctl', '', d)} \ "