From patchwork Wed Oct 1 13:52:19 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71438 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C639FCAC5BB for ; Wed, 1 Oct 2025 13:52:47 +0000 (UTC) Received: from mail-ej1-f42.google.com (mail-ej1-f42.google.com [209.85.218.42]) by mx.groups.io with SMTP id smtpd.web11.18607.1759326767068302968 for ; Wed, 01 Oct 2025 06:52:47 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=cFjuOCfu; spf=pass (domain: gmail.com, ip: 209.85.218.42, mailfrom: skandigraun@gmail.com) Received: by mail-ej1-f42.google.com with SMTP id a640c23a62f3a-b456d2dc440so308366166b.0 for ; Wed, 01 Oct 2025 06:52:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326765; x=1759931565; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=n/h96DKGDAOpkYH+0zsB8JX9MVuSTzg6ogKfREBgZzM=; b=cFjuOCfuKAa7MHlMDOq510CRPeU7vMl1NX0d9egRcL0R25IuF2hg0X+vOY/QgNP88D IDrASmOV8jEtLpk9/GhZ6/nmbHiUT+2FGz+ZmkE7uDILrj7FKfnaRGLY/UZKIK4X4f+F aHEXTRigGbzR67GoAsHyBYAYfoiJY888NU+pRKPwuPjd12ffgu3kVrS6BGizu/ztd7/x FGRmWGe2GOYKM5OOMdCSY7CqLrDrC2lOHm+lXmAePm2nAIOhx+IueocUeDcb1tvaSJU3 C74v4Mh7QNqx2AdJ7a5fmBDmaiMQ/D+ntcVCjCwJGNzaHXV3eIIwK7we1UqZaU3ov/St W8Bg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326765; x=1759931565; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=n/h96DKGDAOpkYH+0zsB8JX9MVuSTzg6ogKfREBgZzM=; b=AmlWYA9TLRKMOxXPzUF3IW5/Rz6KGdmirfaLoy7MrdzEPlovLPBWOyGkXGofwuA9FM iLfHcHiIJC65+aYluSxJweRa5LgQ7GyZfcvsYmYYQrdrA4GMqJHpN2E+spF1r4xl0uP5 kEHF/1NAo70vcEX5o5VEYawi9M2GnjT1fk1iCMsBfxcs1nE6SsYrtePu+0/lm2Ry86U5 JBxMHOzuRKhzvN35L59ZDJQYCXpPSbPvIZ7OQyBSevmp0xsWrMnm9xvQ72K3fum1ERqP caXDUcm/o8OsKNUNyYRbp6LXkfG7wkkntpnnuwheX4/e/ZgGJlG4nawaZLvKIjM3MlbT M/iA== X-Gm-Message-State: AOJu0YyS2L+ENj1JKegJ00GOEALz0n26NFA7xoOx2fy+Dwk7EpqPiJye WPAEXgoB3D2RVf0Iq5JAV80aPcKGolUIAAJ6dMBJNPuhfwq+S4vWnErbIHIsBg== X-Gm-Gg: ASbGncvwSh2HWfZoORSQnGixheSBPmMh7ObgA9sq+UFwKnRX+c5hvllSK1ddGHnLw61 9rfe7gVuapHCcRYXq3UtddfHHKaZj3k6FSbfcws+W5QipdNrKPOqaUzNZd9jq/e6Y0GYp89n7QX 0J/hX+KjpKGT/Twk/vwiCfyMU6gzdYBChWVUPSRLUBPPeW2/kW/j4IU6w79brrmR3zAFFvVIK+A UrOkPsvoS56pThZD/Xz71V7Uk9MegZ0jDbJ+qAqQwYfgO4gtWc0AqHke8bP8eMxdoTXYHYVZuFS /Phiuk7wRs/8mFxlEQRn+x+IZyZ29yWhdmJZGHNqULd883Jrmi/ctwzuEDQCgGsqQj4iVEL1TXn WgY0FtIOphA9EDO9wi10fomJCyYssddOhHcr/G6bgBMLL X-Google-Smtp-Source: AGHT+IHHcmifME9EVrrlhb8m8sPXaah81lLa++lfBB4SCEVPoP7OuNYD66cngnhyzJdNhMCPX+MVDQ== X-Received: by 2002:a17:906:c149:b0:b3d:b251:cded with SMTP id a640c23a62f3a-b46e4d79a6fmr475328466b.16.1759326765173; Wed, 01 Oct 2025 06:52:45 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.52.44 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:52:44 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 01/25] paho-mqtt-cpp: Improve the license information Date: Wed, 1 Oct 2025 15:52:19 +0200 Message-ID: <20251001135243.1490753-2-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:52:47 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120116 From: Peter Kjellerstedt Replace the about.html and notice.html files in LIC_FILES_CHKSUM with the license information from one of the source files. Including HTML files in LIC_FILES_CHKSUM complicates things when the license files that OE collects are, e.g., later processed and presented to a user where the expectation is that they are plain text files. Signed-off-by: Peter Kjellerstedt Signed-off-by: Khem Raj (cherry picked from commit 71e75357af45b3c45e09bf8f5ead3c47c0d2d0ff) Signed-off-by: Gyorgy Sarvari --- .../recipes-connectivity/paho-mqtt-cpp/paho-mqtt-cpp_1.2.0.bb | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/meta-oe/recipes-connectivity/paho-mqtt-cpp/paho-mqtt-cpp_1.2.0.bb b/meta-oe/recipes-connectivity/paho-mqtt-cpp/paho-mqtt-cpp_1.2.0.bb index 27c0de4744..bb5aa69077 100644 --- a/meta-oe/recipes-connectivity/paho-mqtt-cpp/paho-mqtt-cpp_1.2.0.bb +++ b/meta-oe/recipes-connectivity/paho-mqtt-cpp/paho-mqtt-cpp_1.2.0.bb @@ -5,10 +5,9 @@ SECTION = "console/network" LICENSE = "EPL-1.0 | EDL-1.0" LIC_FILES_CHKSUM = " \ + file://src/mqtt/message.h;beginline=9;endline=18;md5=5eec304e6066523386c222963ceeb6ff \ file://edl-v10;md5=3adfcc70f5aeb7a44f3f9b495aa1fbf3 \ file://epl-v10;md5=659c8e92a40b6df1d9e3dccf5ae45a08 \ - file://notice.html;md5=a00d6f9ab542be7babc2d8b80d5d2a4c \ - file://about.html;md5=dcde438d73cf42393da9d40fabc0c9bc \ " SRC_URI = "git://github.com/eclipse/paho.mqtt.cpp;protocol=https;branch=master \ From patchwork Wed Oct 1 13:52:20 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71440 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B9E44CCA476 for ; Wed, 1 Oct 2025 13:52:57 +0000 (UTC) Received: from mail-ed1-f54.google.com (mail-ed1-f54.google.com [209.85.208.54]) by mx.groups.io with SMTP id smtpd.web11.18608.1759326767685562310 for ; Wed, 01 Oct 2025 06:52:47 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=gw+dRqmv; spf=pass (domain: gmail.com, ip: 209.85.208.54, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f54.google.com with SMTP id 4fb4d7f45d1cf-62ec5f750f7so10793422a12.3 for ; Wed, 01 Oct 2025 06:52:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326766; x=1759931566; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ykR2nVIIE5hTHkKtL7weAC8CDww3+4AjaNSy9SWho6U=; b=gw+dRqmvoFyp+cUwYX7EWCIhLtard+q341Rc61DsDr0Lp/Y8sSHjvOtRNP1PrQ+3T0 3w6B9nPMU7YCEydOAYvSVEo//Va3zza+h+yb4JzhFg6YOAKMHv+MjkOySZqubP5rU4fA WrEULkgRv6QJe3hXbmTXD3Jl8sW1FsdN/AirngNUyYrxUhaL6dkcf8aJ6tAaw4dN60QC qCdY+wm6BrxMbVVcuc70dh5wCGuoWUjBHL4AP4e0mhV6AADttu4BMvtNivZ9x0jUF2tS 7u74fSfWfd4gdkkix7HoNe7wFeFB6pAzynMYpi58PDFV57sdLzoQKZtph2+fIlzn9nYc AN8A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326766; x=1759931566; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ykR2nVIIE5hTHkKtL7weAC8CDww3+4AjaNSy9SWho6U=; b=uYq2CDHMcVd7kQozf+usij21JdRy6ShscyGDd7qTuCyJBW4ASJ1r47IcYWtC3q75Th Qv7V+wOZn97zUYAgZoQ9R5NMuHIj59VmlDCc77uqcRgM1PSkJgUB5ZOimZYPSSK6swqj ezNqLg+6PjbMpMdlzmVID6R3x0jA/SuD5NbqUT1Yn8NqNaGP7rQB8GlCvC5ESnkuXN2l kJof2H6betGQa6P6W7LX0vyGe66Pc8Q66ihWTT6nGbfGpvlNAgQVlLqPaoa27TVelqcL d3djI5p+PXf696nNKjMIHOGdcSsvRR/4uCo+tooa9BOLJaNvB3CdMDETuH5Y4GyMDddC quDw== X-Gm-Message-State: AOJu0Yz16X+zuhp+N17q3NPpIh4qPAmh+klOMdNlVvSmk4OXPT+PcQWc 5C1zmwOe/uO+5ZxkkwtWzKpluyefd8CdHBx26HursbG7L3Lyb7hy8cJjwjB/WA== X-Gm-Gg: ASbGncs7WB/kqdaFGAHg+JZmEnP4O624ZVgwD/HAFW5VgGu0KktDi4or1ERQASefkSC It0zTfSJrW4NFhthkuHCrA8bTggL6JAxfdfFU6SdT59c6udgUGjrd54XfRybkTwEd4bhMo7uzF6 lX2napUWZJV+hh2SwVPz5A554uSHlnxhjH0+eQQOokp14VTbNAAqNip4m3eTrKL08uKYuq9Qfbh SdNtK/PJrCDwvipmiCdSGAzk4ZoN5OReiyZoloU6HjrXks3Id+RWSUvjyvOlsro0TqqGkMvmsT8 OZUPMQNwdhk8xJlw8H22y8JRdrAs/4vUXN7PCLPMx5z+kvh1XmPak671anJYOIyhWBLuNKoy/gc 7xoKb022v7VAP/DKd2vJqgSJ3rOJiO1KEJFzwPT+WJNv7rYIYtoh6+SU= X-Google-Smtp-Source: AGHT+IFkwd4VNzztBZLFAZKvr9mVfKpUdAzAfA4SmUtkpoS6ChIHRlu8r9UO9aPzsof/qX3znFz1Gg== X-Received: by 2002:a05:6402:5109:b0:632:d131:7df9 with SMTP id 4fb4d7f45d1cf-63678c4d083mr3729767a12.21.1759326765950; Wed, 01 Oct 2025 06:52:45 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.52.45 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:52:45 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 02/25] fsverity-utils: fix SRC_URI Date: Wed, 1 Oct 2025 15:52:20 +0200 Message-ID: <20251001135243.1490753-3-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:52:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120117 From: Etienne Cordonnier This URL does not exist any more, and do_fetch works only because a mirrored file is available at http://downloads.yoctoproject.org/mirror/sources/git2_git.kernel.org.pub.scm.linux.kernel.git.ebiggers.fsverity-utils.git.tar.gz Signed-off-by: Etienne Cordonnier Signed-off-by: Khem Raj (cherry picked from commit d54e2671e62b87532e2dd8f80b73d545fc54aeb4) Signed-off-by: Gyorgy Sarvari --- meta-oe/recipes-crypto/fsverity-utils/fsverity-utils_1.5.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-crypto/fsverity-utils/fsverity-utils_1.5.bb b/meta-oe/recipes-crypto/fsverity-utils/fsverity-utils_1.5.bb index 1c2c6e21e0..49f83a67c3 100644 --- a/meta-oe/recipes-crypto/fsverity-utils/fsverity-utils_1.5.bb +++ b/meta-oe/recipes-crypto/fsverity-utils/fsverity-utils_1.5.bb @@ -10,7 +10,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=bc974d217b525ea216a336adb73e1220" SRCREV = "20e87c13075a8e5660a8d69fd6c93d4f7c5f01a5" -SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git;branch=master" +SRC_URI = "git://git.kernel.org/pub/scm/fs/fsverity/fsverity-utils.git;branch=master" S = "${WORKDIR}/git" From patchwork Wed Oct 1 13:52:21 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71450 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2D4A7CCD189 for ; Wed, 1 Oct 2025 13:52:58 +0000 (UTC) Received: from mail-ed1-f46.google.com (mail-ed1-f46.google.com [209.85.208.46]) by mx.groups.io with SMTP id smtpd.web10.18451.1759326768399768848 for ; Wed, 01 Oct 2025 06:52:48 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=HJGVQ/zj; spf=pass (domain: gmail.com, ip: 209.85.208.46, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f46.google.com with SMTP id 4fb4d7f45d1cf-6366d48d8ccso2099301a12.0 for ; Wed, 01 Oct 2025 06:52:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326767; x=1759931567; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=OKleQCRrbh+dO+KDCOpIDUhK3kREWzlNoh5YQMXj6mc=; b=HJGVQ/zj95Y0O2sa4RcRWvj+n4U0q26jC6T5mbRqZVR7LMibq5a/cYyiGLxsz+kzRq GxHJxirqh5EVCq5C1xCo6+KFEBusChU5QsQh8U0Mirlrbf+RSMNWxev6z8p7TvDHEZhj DIkVnV03OjeDe+Fah6n5BNx3OhNkJbXVqGV5npeV/gZjK9Lv6MGv7yR0ElvVvvJh65SF af4KI22b8DUzYVKlDWHlESSaeXeDIIhNciKwGkynt4FQ94FwGzI9bnc3M5S5tDCLMybm r7X888KO/u5YVQTCt5TRGtrzCz+RHBOqOwyoD97t2ndUqWcowjrDqnTTRRlFaisqvSRb g2Vw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326767; x=1759931567; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=OKleQCRrbh+dO+KDCOpIDUhK3kREWzlNoh5YQMXj6mc=; b=Rh2LWE3aD5dMJNXCA+jrAPcr1ag9OdcfRHKqH7U0s6yqAKIvSsEFsUUtq0KG9NPCCE C4Rrv67ibHEkrVK01aZ8xfq3JgWBKtDAJtXqSvB2QMVeycmWFdvg+9tFkacSapEmksmt yqb5lDA4bYem1FwnqNV5EKNJPZxdekZKkRDiiLDI7H7EfxlsbHyc8ZTPKxbzTjy7O/OH XOKAKNSr0JZa7JpkuOmN1c9KCUE7cyJt1bQ6gyyqHcCM9T8D/Selz9ZGYgySS4KHDZQ+ pmyvh5dKP1Q/ws3ahdyQl2OXCseUdipjj6lnzMcGLTgYL/rm6nJLB5L2rHYdwgHzC1f1 kXLg== X-Gm-Message-State: AOJu0Yw0Z9Zv/LnDP9l69M0I/8iD8F5qatlr/qvfFvkUtiJpQNDyemoz oEoQQQ8T0O6QPB45+QtpaIDYkERSUBCGfUOKSVy2WkU2dR8JvGBvV5B7fLF4XQ== X-Gm-Gg: ASbGncvtc5WhKd57dI6G7tBX9q5bGW74/bR/3xuq8qlOM8gMb5Cyt/RLz//B1UeDIr0 6Xo2oBhIpLMSLRpMaz1k6q4+NR8kWj/ByW6LlXTvlB+RLzqBgdnvzaB/XdoiZ3aLTmuKKYK6VVN 6Y6MdgzAWWjUuM0FImE4m/7WmzdC/B1caMNKqgOndz5gyJb1knXAgbbuXnq1K9duLBvlbacUiUI lSHNxQezH9vhQASRzlkDmQQwjud3eW2i1BOZndCXdyZtJgc4rNvbYkWnt/8MPBgR6ironSeuME/ wYRRrOoXw6sc8iuTZabLe84T5bu+hlSBmRhkMdS1xzXJyNWpLjL2JNQ8y3ZOVtX15XnuEIVuqX7 +kgm84bU0ouErZ1e35q/V07jnOP3gpmy/dRClPQnlbrM9 X-Google-Smtp-Source: AGHT+IFMe+qfQJJ4cbNamncGBLRc1/St6RkVtxdum9S2Nrj5uUGVy9IuUcF4tvUxZ4ysbBaxKvr35Q== X-Received: by 2002:a05:6402:27c7:b0:634:d008:7917 with SMTP id 4fb4d7f45d1cf-63678bb89d8mr4152928a12.9.1759326766684; Wed, 01 Oct 2025 06:52:46 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.52.46 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:52:46 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 03/25] tk: inherit pkgconfig Date: Wed, 1 Oct 2025 15:52:21 +0200 Message-ID: <20251001135243.1490753-4-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:52:58 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120118 From: Justin Bronder I noticed that xft was not getting enabled as expected because the recipe was using pkg-config from the host. Signed-off-by: Justin Bronder Signed-off-by: Khem Raj (cherry picked from commit 95c14a92544e4f0e2dc94ef6a1f26d35beb82d7e) Signed-off-by: Gyorgy Sarvari --- meta-oe/recipes-devtools/tcltk/tk_8.6.10.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-devtools/tcltk/tk_8.6.10.bb b/meta-oe/recipes-devtools/tcltk/tk_8.6.10.bb index efab9618ec..f3cab4e610 100644 --- a/meta-oe/recipes-devtools/tcltk/tk_8.6.10.bb +++ b/meta-oe/recipes-devtools/tcltk/tk_8.6.10.bb @@ -34,7 +34,7 @@ PSEUDO_IGNORE_PATHS .= ",${WORKDIR}/${BPN}${PV}" VER = "${@os.path.splitext(d.getVar('PV'))[0]}" LDFLAGS += "-Wl,-rpath,${libdir}/tcltk/${PV}/lib" -inherit autotools features_check +inherit autotools features_check pkgconfig # depends on virtual/libx11 REQUIRED_DISTRO_FEATURES = "x11" From patchwork Wed Oct 1 13:52:22 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71439 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B889CCAC5BB for ; Wed, 1 Oct 2025 13:52:57 +0000 (UTC) Received: from mail-ed1-f47.google.com (mail-ed1-f47.google.com [209.85.208.47]) by mx.groups.io with SMTP id smtpd.web10.18453.1759326769376760144 for ; Wed, 01 Oct 2025 06:52:49 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=meD7qlte; spf=pass (domain: gmail.com, ip: 209.85.208.47, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f47.google.com with SMTP id 4fb4d7f45d1cf-63163a6556bso2140053a12.1 for ; Wed, 01 Oct 2025 06:52:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326768; x=1759931568; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=uMj+kElbvxv0RBoBuqNHBR/Q/ZTBrlVVUph0GNqNZX0=; b=meD7qltefavjW9y5Cyl0eEauNf/VBeT5CplJ/P41oYnh0vXQoebC6QYoXBqgq5Yqta hCVo9Qs8CP5u4gf4vUf66Ce6ZVw6WJiv/mkmQnETppJxT8TSIZSg8G2RwTfCxueF5WpR oVrSHhxMqC+qsoDiJ0oRy5iMEfmCcnT5CVwJggLrUuUcIL9eWxObNDCAPUB04j27J0P4 h770y4n4WWqj7/OiGDK9IkVhsBRkAJv+JmKgYDg78m1KL3vQT9mA2xjx/vcwRk7sajbz v/PZ0A1H57o3bLMHqVneBlmAcj26wt2ea27cPiRiZomGawxVBRRvEXxmNas+vycDbvEL COCQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326768; x=1759931568; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=uMj+kElbvxv0RBoBuqNHBR/Q/ZTBrlVVUph0GNqNZX0=; b=JSXWWk/xLSVbLajPZONeXQ8h0bgWH9Qh5qkDly1pUnHYpxHvXT61KPUwZ2TTFCmAWe cYRyQPrbWMoc2zPXWM7AREH9DivxpgPfckuI0RKNKBv5eghKtGrbm4qnlBmhHwq8pZ3W +ZEeEmM1vy/ORR/xhOsxZA9dnHpGjM0of7gDmyXGtufihf7Aq0R7+un+NXRZmctzXqhg h+QaF2ZvGpmBUSuu80XouNCjCgZsQLgWxvlxLk0HNdZ9YHg48pdVy/ZveqcLWYxNlwVl MXpn0KxiP7vKuPrQWw0PRWj3TcXkXu1L4YVG+/FRCJrSf2Nf8LM3FR0kR5MGn/P0xuzl ZRog== X-Gm-Message-State: AOJu0YxX55XT7+yJzC3fI2E2nJYESGepSlew55xZcKHV+t8diXmA77Ar J8/J5iHZqQwxy1K2e1WMPRSc4AVXEf6OEcKU7J4q5PJuBkUK10m+9PSWVax0Og== X-Gm-Gg: ASbGncsDKW2sSVDn0p3cEPd7x+KNVe3NEgPceyqbFYFvb4XEJ0rPjpF9k8Ee3fFgv/0 Qa+Wjdn0MSHQ+LzEFebvwhV2rzsFLsmwKBugVnXEgiD+KiZ0t6N8ZhdO9BPcz0GOdK1k0OdQdun eqdghORQrCl8gcX8mh9uqDjYLLeUzfP2qkhvbjE12x2+4oMmQJNbr/R6O19AEYVbmgGnXt65dqj b3Q3q6/H8J/ki750JBZnDXNRVKp3U6chXMTHKmjVhAQwKOsxigKpu4Jp7gz13b7y7DaFMMXU008 DnjgGcAjTHaF2rKG+kbGjvJXhBAqTdX1iG583uYfRgj4vVsuy2AZWCzI28Ddyt5Zj5fJGH254gk 4733EfFfsrPXunWT1ywkpJ5DK4mfiJ9MsnJW7KlRdUQNhasbetuKQN14= X-Google-Smtp-Source: AGHT+IGtiMccgajdGWyEboplmweMDq2IJpoIxzeBOXtGufH7nubhfyIp/FwkBtV7D+RlHqdyolHhzQ== X-Received: by 2002:a05:6402:35ce:b0:634:5791:605f with SMTP id 4fb4d7f45d1cf-63678ba9b6dmr3757917a12.4.1759326767631; Wed, 01 Oct 2025 06:52:47 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.52.46 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:52:47 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 04/25] libconfig: switch source to GitHub repository Date: Wed, 1 Oct 2025 15:52:22 +0200 Message-ID: <20251001135243.1490753-5-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:52:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120119 From: Jiaying Song The original tarball URL no longer provides version 1.7.3 or any other historical releases.To ensure reproducible builds, the source has been switched to the official GitHub repository. Signed-off-by: Jiaying Song Signed-off-by: Khem Raj (cherry picked from commit c5de36f5882f0dbaa63f88bb8f9010910cdbb9cf) Signed-off-by: Gyorgy Sarvari --- meta-oe/recipes-extended/libconfig/libconfig_1.7.3.bb | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/meta-oe/recipes-extended/libconfig/libconfig_1.7.3.bb b/meta-oe/recipes-extended/libconfig/libconfig_1.7.3.bb index 6382569923..4492b406b3 100644 --- a/meta-oe/recipes-extended/libconfig/libconfig_1.7.3.bb +++ b/meta-oe/recipes-extended/libconfig/libconfig_1.7.3.bb @@ -7,15 +7,16 @@ SECTION = "libs" LICENSE = "LGPL-2.1-only" LIC_FILES_CHKSUM = "file://COPYING.LIB;md5=fad9b3332be894bab9bc501572864b29" -SRC_URI = "https://hyperrealm.github.io/libconfig/dist/libconfig-${PV}.tar.gz" +SRC_URI = "git://github.com/hyperrealm/libconfig.git;protocol=https;branch=master" +SRCREV = "525922a6b49ca19235cdf307376e7c9c539d1b93" + +# needed when we modify grammar.y with above patch +DEPENDS += "bison-native" UPSTREAM_CHECK_URI = "https://github.com/hyperrealm/libconfig/releases" UPSTREAM_CHECK_REGEX = "Version (?P\d+(\.\d+)+)" inherit autotools-brokensep pkgconfig -SRC_URI[md5sum] = "15ec701205f91f21b1187f8b61e0d64f" -SRC_URI[sha256sum] = "545166d6cac037744381d1e9cc5a5405094e7bfad16a411699bcff40bbb31ee7" - PACKAGE_BEFORE_PN = "${PN}++" FILES:${PN}++ = "${libdir}/${BPN}++*${SOLIBS}" From patchwork Wed Oct 1 13:52:23 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71445 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F23EFCCD183 for ; Wed, 1 Oct 2025 13:52:57 +0000 (UTC) Received: from mail-ej1-f52.google.com (mail-ej1-f52.google.com [209.85.218.52]) by mx.groups.io with SMTP id smtpd.web11.18610.1759326771143389786 for ; Wed, 01 Oct 2025 06:52:51 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=Cevvo5cM; spf=pass (domain: gmail.com, ip: 209.85.218.52, mailfrom: skandigraun@gmail.com) Received: by mail-ej1-f52.google.com with SMTP id a640c23a62f3a-b3d5088259eso606914366b.1 for ; Wed, 01 Oct 2025 06:52:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326769; x=1759931569; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=VcgC7Mozmmyjb1CBpu3Dv4qapWYC9ZUqlfZf/0G7zzM=; b=Cevvo5cM6QETGloeTXiL6qMWeTeWV7zSp5u968ez89LaNG9isu9Rd/aVX2K2CQ/52f Etlp+HdC1Fkta39wkj/V3xbQckVwolgogtly4J5Dy4dy2Abve7HO8fuG6DOqYhYuXCDR c+QLUO7WQm6/v0TEARFIIWQDwUNLEJlc2nLmKOn4vrs7yklOGrvlpeZNLeG8GnGMbZUl mgosrqK86VdnhgeSo9Oz13MPXBeI3dYfEpVqJte/Rgm63rUDoGLzLtPq1umQRWhc0TeC avFFCMZ7NM+hhdB1p6J1oD7EUU7mPjjRcNUhG9nkf8OW454Ai4RlA72Ya+e8wrwwSkK8 7XYQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326769; x=1759931569; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=VcgC7Mozmmyjb1CBpu3Dv4qapWYC9ZUqlfZf/0G7zzM=; b=oHWAAhA5a27OJwSvCViJVP1r6WzhTPgzXDOq6LqGqHRh90gdM+eqnDf46vuD70MnjF VHc3aJN5zWBlYcGNs/7hl+I+l7sAGGwFGsxvFNM18UeQVO8qJl7GNMemG14LV5OM2OPu vwYJT8WHH+alosR32CCIyjruuClyuBisW/avq6VAIW9KaDq24szPH78KVG0mUJCs6O6X Z46RBjeA4p9w5jqzBPdVqcQ2DBs+Ah8vLRm8+VPyB6+XQUe++6M54izfDGR6Q7fpL0ln A/1gryC0zAHPcD4wBPQsEWVna7gTTmWMmJW/QTG5diKOGn0KkL5bBlizOXQfI31PJIXx foZA== X-Gm-Message-State: AOJu0Yzwsdli3NewedoVb+nsyu1Al/puqXjBOTfG71yudHkpVuuMhYFe INBO2GgRlBu8wWFeVdm4fdJ5qWO1ZRERuV4mgGuJXQvaCeUQyIsmhkbH41Cd9Q== X-Gm-Gg: ASbGncvVCMKw25sy4sx00xJaMnLn/NZhHQ/w0rw7b7UiZaUxaqTXPaoQMVBWBCcS+mA 64yFNufmyiD3mKEFchwq3gCuxF7B75LYDb9YDqN8gfvpAmk1LlHI27vlxsl/7BMxLxOYwv1TBAj Qb4CuwLpaV1MPmC3OaO3msl8B27nawv1DSj9OIy4TdwUykI3zsn0ZNVs6WASUlIgHDnctszXMbJ 7+rp6mNpoH9VAublCC20sM9q0jhOj00mlBSO9OrAeQHs8EkvOEJDKRfl3eHTs1aqEjybQTQzDCs hwPtpEfC6LfFbQz7wO7Rin0Q07hD8sBX3VMvC0b/aOUNsse6mjkTw93dtFtBbe4D2ANvCjJsiyF t0dZz09Xhoc5794MNShUzqgXFH4M0ie81wQdfamWncJ+R X-Google-Smtp-Source: AGHT+IHbeXFWHsEyc3PmnCR4WuQMnZJfdPaAwohPS+goZAPDrdHYj6g9Z5+0zSj7VFVnSSKlu9OyBw== X-Received: by 2002:a17:907:1c12:b0:b29:b4ac:d2a4 with SMTP id a640c23a62f3a-b46e515fc7dmr383294066b.43.1759326768395; Wed, 01 Oct 2025 06:52:48 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.52.47 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:52:48 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 05/25] nicstat: Use SOURCEFORGE_MIRROR in SRC_URI Date: Wed, 1 Oct 2025 15:52:23 +0200 Message-ID: <20251001135243.1490753-6-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:52:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120121 From: Khem Raj Signed-off-by: Khem Raj (cherry picked from commit 256ea730b030ec18871dada8953cf5f40e6fc4e3) Signed-off-by: Gyorgy Sarvari --- meta-oe/recipes-extended/nicstat/nicstat_1.95.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-extended/nicstat/nicstat_1.95.bb b/meta-oe/recipes-extended/nicstat/nicstat_1.95.bb index 3875f0f605..bf742fa062 100644 --- a/meta-oe/recipes-extended/nicstat/nicstat_1.95.bb +++ b/meta-oe/recipes-extended/nicstat/nicstat_1.95.bb @@ -5,7 +5,7 @@ HOMEPAGE = "http://nicstat.sourceforge.net" LICENSE = "Artistic-2.0" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=b4a94da2a1f918b217ef5156634fc9e0" -SRC_URI = "http://softlayer-sng.dl.sourceforge.net/project/${BPN}/${BP}.tar.gz \ +SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BP}.tar.gz \ file://0001-nicstat.c-Do-not-define-uint64_t-and-uint32_t.patch \ " SRC_URI[md5sum] = "9a0b87bbc670c1e738e5b40c7afd184d" From patchwork Wed Oct 1 13:52:24 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71444 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id E0611CCD184 for ; Wed, 1 Oct 2025 13:52:57 +0000 (UTC) Received: from mail-ed1-f51.google.com (mail-ed1-f51.google.com [209.85.208.51]) by mx.groups.io with SMTP id smtpd.web11.18609.1759326770991205415 for ; Wed, 01 Oct 2025 06:52:51 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=VPK2+PJ4; spf=pass (domain: gmail.com, ip: 209.85.208.51, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f51.google.com with SMTP id 4fb4d7f45d1cf-634cdb5ed4bso2013688a12.2 for ; Wed, 01 Oct 2025 06:52:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326769; x=1759931569; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=yVscwQPame66xWfvo1txVNajsFJcofbqGmTmBmpe8oM=; b=VPK2+PJ4oBotD8n8X0FC2rgpiYL9p4gsliIuL1BmM/4f+I/euoIyrR7nMYGH0M5xz6 n/GKayhkt+btiBJbBtpxSqVBODu7KaF8WcAzQdFT+3LU8MCtLxyJDR4ZEjzSaoW+5Xlw CaJAG0tDKwJ9ntf2UVDdq3h4FtUgI82+KPRPP/CFyi93CoB6AjR9PKWBZYDjvrnrw+zr xnYFZRvv4ukIVzdNF7u9/8Rvti3toynKljgWiJhyN/EdsJEfB8CwCyhKqjylLLtViMt8 XI6P6upDeX9USvy8JJZOqiRcbLwEqu0xsZPjhYNG4LtsePPBc52jboE/EE7KdtHAIEaF cTSQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326769; x=1759931569; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=yVscwQPame66xWfvo1txVNajsFJcofbqGmTmBmpe8oM=; b=qgw1+9wEGT5gBblWBOOznhkK5NqMrhmhpQnaF1ycNt5Snx0MOHGrkIHE3ao/sTQfXU luEIn7YrFuz5brNDV/oPDNr++bQVccIDBWK/O9h4qptEigavovb1lrOud0etU1nWZDhe oS68+cEKVJMcm8/Fv7oMPDqdXrc1vwKMqza5aRUDXEjr0JurbYimPrZJZFRC0oDYyYvj Tpi1WvlhuusAShegjwhA3C+6bD5I+o1niXl9F4UWtsKZGdFpwRMoCwuyypRElCjhehRW ssxoTNl4NuXsOWAzFcuFfjtMVWTi6B7+psBZJrRezhCop6B4u9Xm0SxUEFnkHItskJjI Vjgw== X-Gm-Message-State: AOJu0YwDs8oxkcogTMBWBbBW9/F2E83isJgOYxKNkzKPZK54hUwqeFcp SI7SADVrPNtFCKyU4fP7I0MCxGO/do106sD32bIJlIKmHY1hEvsl1xvu9nF9Yg== X-Gm-Gg: ASbGncuCPY0dAyU1y1pSZv6S+bs59pYlB7Za6y70+fpjCYpMz7/J7HAxrgYdX2Ws+iD HzhYtr2jPOmiKzp0TyedjvCz9HzGsnrBAh8VL5yM/4nCTYk7ROv6jkicZsh5artoaR7JwqexTlp lsuDqLt512BEXeTISCIWrif1kKaG0clLmOwCNuns16LrWR1pfGRUmx1pZdBSUJ3y/0oP2PQDW+l KyrV/jcj3BCejZyzcJdbTVcHs20jIZVNOma6x5TQlDIkIXniHmyknydPqpYKP0rDTjnu3j3m/UQ f2bfvUN1Ydu4JoPUbqDf+30HBPweqpUIfY8loLaSJCFSa0v4lCbOkmSg9b1n9ztyASPCTsuc8Z7 fhXhCl4YH9s7Nap6TLUezdu61HyjD7Zc2MNrkMfdTDH1I2nX7z1A/eu4= X-Google-Smtp-Source: AGHT+IF4r+F2iT1x9G+oyBKMo6kPCDBo/QtnOHHIzD8LworJp+IE46xxASAvh7iSbsP5g9I17Q/w9A== X-Received: by 2002:a05:6402:5212:b0:634:cd66:9cdd with SMTP id 4fb4d7f45d1cf-63678bb89c2mr4408705a12.10.1759326769207; Wed, 01 Oct 2025 06:52:49 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.52.48 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:52:48 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 06/25] p8platform: unbreak do_populate_sdk Date: Wed, 1 Oct 2025 15:52:24 +0200 Message-ID: <20251001135243.1490753-7-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:52:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120120 From: Markus Volk Error: Problem: package libcec-dev-6.0.2-r0.corei7_64 requires p8platform-dev, but none of the providers can be installed - conflicting requests - nothing provides p8platform = 2.1.0.1-r0 needed by p8platform-dev-2.1.0.1-r0.corei7_64 (try to add '--skip-broken' to skip uninstallable packages) Signed-off-by: Markus Volk Signed-off-by: Khem Raj (cherry picked from commit 03a1a24618e7366235af76ea58514442669f0a76) Signed-off-by: Gyorgy Sarvari --- meta-oe/recipes-extended/p8platform/p8platform_git.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-oe/recipes-extended/p8platform/p8platform_git.bb b/meta-oe/recipes-extended/p8platform/p8platform_git.bb index 8a06990574..1307f6dc4a 100644 --- a/meta-oe/recipes-extended/p8platform/p8platform_git.bb +++ b/meta-oe/recipes-extended/p8platform/p8platform_git.bb @@ -17,3 +17,5 @@ inherit cmake pkgconfig EXTRA_OECMAKE += "-DCMAKE_INSTALL_LIBDIR=${libdir} -DCMAKE_INSTALL_LIBDIR_NOARCH=${libdir}" FILES:${PN}-dev += "${libdir}/p8-platform" + +RDEPENDS:${PN}-dev = "" From patchwork Wed Oct 1 13:52:25 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71446 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 11947CCD185 for ; Wed, 1 Oct 2025 13:52:58 +0000 (UTC) Received: from mail-ed1-f41.google.com (mail-ed1-f41.google.com [209.85.208.41]) by mx.groups.io with SMTP id smtpd.web10.18456.1759326771735768846 for ; Wed, 01 Oct 2025 06:52:52 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=au0e1+hc; spf=pass (domain: gmail.com, ip: 209.85.208.41, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f41.google.com with SMTP id 4fb4d7f45d1cf-62fb48315ddso13206448a12.2 for ; Wed, 01 Oct 2025 06:52:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326770; x=1759931570; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=FsMHO7VvuKQFwOtXZxksl6AEJGCbyXTo9VFKzhXcnB4=; b=au0e1+hcLW4ycdV9zv/7ekycj32TxJ7hO/3IIgLCpRMghAWmzlvUy7yqvtakhXMLu+ mldnHa5AHVw2KWUNAzu2U1BJ+B+dRPveQQi7tmU84qkIAlPLwo7tVAnNboV6+GeiJAes gHUH6g9lXvkety6Q8xvgRk7+eUpdrCTYlUt1svltiESaod0vSNTFv72EnKxWcWKMRFfP HpErqA7e3o34mkquvTZJFSiaZIDZA5iUptTFlJmOcEKNHjbaczdEI5kLsFEPhNQUuTpy rkNNwfojV4QWjS4t1JF/IzSD93q4llhSDhUVjSodV+HSagKPcwwohIHrLAKkgp1LnSEF AhvA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326770; x=1759931570; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=FsMHO7VvuKQFwOtXZxksl6AEJGCbyXTo9VFKzhXcnB4=; b=vay5cXys5YTAOCGNH69EKmmuK5Z21l4sWOCwEY4ux0Y6r4XxqjUY2Th8DtOl9Hvile E/+FPTPWG/nSm4+THbBDv4h6ZWwQyCpOVI2JFSNXfVLqx9++ky1RbtHyk7Z98P+7PP79 16YizMDY4XaRm3cok+TTqVxuwle+rEy2TnKilXUjmp7eCX5gyb11vetUDk9eaIE7gm9w /8UwFt0NVk4TrSmIqrcIvcZuapGT6EgMOI+IlAI+w1x/nCM8kaEQwmIG71CC5mIbmGSc bQuASVGjb4IBiEkzOPe0u+6W4YA8wmJ2DDWiBrnoR6v+FaX6Xpb33xV9o9WmdnRh2OF3 dVDQ== X-Gm-Message-State: AOJu0YyuqGYJJmuQyUECQQiaTK2enbYWR1e+7kd9bREGn1NT3RFyPVwW miUgleJGm7GxXR7GAYje9HOAV/vHREKThRx94TTM0UgfycHk1EeJJBNJGsBs3g== X-Gm-Gg: ASbGncu5KHEcwLFeKONRWPKCGDg/K8gt4vojcqXlzfXn9e95Or/Md4pnCmrb8jT9KLg AR4N6OCUsdnd+ty1zB7/c9ODPx50DSqpuJt3ufUJ4PCooe+KORdYMs9Nyg1CttzLMl/w+I1t3GU njXNnMlxx4CtABUyb6SFnPESLqnELae+6Su3epPSdkq5Hi3ICO0EYoXvFYFh9KHtwjLys3dMTXb u7AReCj5IPFlG597kccLbRZFJtygHIlylEjyOu3g3TPEbDxqjGdSt9v7OjDEiUaRPdgMsCNfhiT iIegNJfLrrimYfoKUuUdZmG1W6O9C7BcpCtCbRY7YA9HM5uLVHzEXFoDZnTAS0GH3nTvsW6umhF BNxEGjSGSosIBiZ9aWsGNjfzXVQbJjb+bwz7SXbSuCCJS X-Google-Smtp-Source: AGHT+IFRDKAXdw/LGNXNgc+Oo2K0a/Q/YDrNoH5EtAH5g8jHBBv3iPvnQ108jpzLi/UxhGIoDmc1GQ== X-Received: by 2002:a05:6402:12d1:b0:62f:9cfb:7d34 with SMTP id 4fb4d7f45d1cf-63678e34184mr2829456a12.38.1759326770007; Wed, 01 Oct 2025 06:52:50 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.52.49 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:52:49 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 07/25] vlock: fix do_fetch error Date: Wed, 1 Oct 2025 15:52:25 +0200 Message-ID: <20251001135243.1490753-8-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:52:58 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120122 From: Jiaying Song Change the SRC_URI to the correct value due to the following error: WARNING: vlock-2.2.3-r0.vr2401 do_fetch: Failed to fetch URL http://distfiles.gentoo.org/distfiles/vlock-2.2.3.tar.gz, attempting MIRRORS if available Signed-off-by: Jiaying Song Signed-off-by: Khem Raj (cherry picked from commit 784942b68ef0a9533defee6c6f3d695e1c02cd3f) Signed-off-by: Gyorgy Sarvari --- meta-oe/recipes-extended/vlock/vlock_2.2.3.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-extended/vlock/vlock_2.2.3.bb b/meta-oe/recipes-extended/vlock/vlock_2.2.3.bb index a374041934..87f3e1bc49 100644 --- a/meta-oe/recipes-extended/vlock/vlock_2.2.3.bb +++ b/meta-oe/recipes-extended/vlock/vlock_2.2.3.bb @@ -9,7 +9,7 @@ SECTION = "utils" LICENSE = "GPL-2.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=a17cb0a873d252440acfdf9b3d0e7fbf" -SRC_URI = "${GENTOO_MIRROR}/${BP}.tar.gz \ +SRC_URI = "${GENTOO_MIRROR}/37/${BP}.tar.gz \ file://disable_vlockrc.patch \ file://vlock_pam_tally2_reset.patch \ file://vlock-no_tally.patch \ From patchwork Wed Oct 1 13:52:26 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71448 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 18BB3CCD186 for ; Wed, 1 Oct 2025 13:52:58 +0000 (UTC) Received: from mail-ed1-f51.google.com (mail-ed1-f51.google.com [209.85.208.51]) by mx.groups.io with SMTP id smtpd.web10.18457.1759326772527504349 for ; Wed, 01 Oct 2025 06:52:52 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=f58KcDX9; spf=pass (domain: gmail.com, ip: 209.85.208.51, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f51.google.com with SMTP id 4fb4d7f45d1cf-6364eb29e74so6733214a12.0 for ; Wed, 01 Oct 2025 06:52:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326771; x=1759931571; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=3FPs5MKlLZk+Awr50UJ64Lk/F8/chwz7eoAhqOD9c8A=; b=f58KcDX94XwSF6FqSyhEXfCj93lYtpz90YKVouXB95F5IuXQh3w5m0XJSb3evhxDYd DMqX0blykA8jNcAPaHuEQXhJH5M2inMyAuzHB3RaSS6CtjrOHCLT+x3fyttEkzs2ZrQW Ps8r6ezcq/khUisJl98nsNcTkRu3nKyqzgEeLnQedsNZWLuY8JMcAjDmZPyyB2sNniuA zT2FP7hpdM0jrD4bV1ib0PDnPDfNpEYrdJ/NntDmqcC5vBJhO8fD09+QS+1PVNH3DWBq PvhI+eGMq8l60Rhhrnk93nwIwQ6G5ih8/grYKHoq7jiAhj3cgtl+WIe2LkZEoqPeleLl xnow== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326771; x=1759931571; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3FPs5MKlLZk+Awr50UJ64Lk/F8/chwz7eoAhqOD9c8A=; b=f+mwTApuyUJCwUvAtJjeJhMkNHAsq3a/dwaqhOWyVyeZGvHZnYl5LrZvZt5MAZR6G0 nPQLmaaGT8pTJYqvFcFDmTKG6RjY2vtcKrRlo8pFkR/hwi0oWlEZv7oOySbHumj95M8e 6BItveZ1ZviY8YpLQuuogSuAtgez7G+Kukd6+UYo+Ih1hGvyRHWy+LkQhfP0PSkqfv9Q PaNpOjCLe95mEqxEz1s2aZK0bwk0HsrGrzCFdH+zT2wz6Xo10FAK70reDSDoIZpYOuXv o6jTRl/3JNRgrTtGG0UTNldKGhssNtyT/VhDlNDBslpNpMvwzHT8Y40zLTWI9lW8ltcv n/Eg== X-Gm-Message-State: AOJu0YztfL0cjIjsNLrCXLCnzo744YL6uWJMVLTNKlBOurq7ewTyvJSK FmnV0ojoeAvncMYCpF396F/mqDTetz+pSJWFAANyGOdmzMIXVLuRKkj6nIpNow== X-Gm-Gg: ASbGncu+nYQzcPb5uVKCLpYZNXInWPNr7gBxT1Xlh0U9WRgvajr5fk+EpF/eYUQD9QD pc0xuxdONP9CBg/+4t7EZWqPz5HNUMFFXQGZ/ViHkCdsmDcC60ut385rafMUvyqK5GsxD8TdwY5 c8E1fsM4PNaR2K9E966jyFQ8abT24F0ShOo+NvS1VwIt3hPU+yFdya0JwJBJKYn36xoViw5Xjue 2M8ydAr3Y5G/KG39Kdkm3275q2dIEWgxtD2zJ/AVi7RHoB7uTtG78ohB89Z9yjvgMXWjiHGKmN8 2UAakK44bPIyrQ75i3IBE/YOtUh+oNCPAjpaVxupdAfcHAj1C8H5YW5QldYU0DywEBRtNK7e+Nn 6Ny0xPcaOr4OivIgIDbgd0pwbM/38O4cLohZfBdW/Lezs X-Google-Smtp-Source: AGHT+IG+JMj6bZXDgzue+e/NHoLkKZf8GxMD9+AGWrjElQO9rOq8bGHW1r0fRIWFo8CJVeIwCnDM1A== X-Received: by 2002:a05:6402:2106:b0:636:6489:4db3 with SMTP id 4fb4d7f45d1cf-63678c0e08emr4195986a12.1.1759326770758; Wed, 01 Oct 2025 06:52:50 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.52.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:52:50 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 08/25] dialog: Update the SRC_URI Date: Wed, 1 Oct 2025 15:52:26 +0200 Message-ID: <20251001135243.1490753-9-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:52:58 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120123 From: Mingli Yu Update the SRC_URI to fix the do_fetch error. Signed-off-by: Mingli Yu Signed-off-by: Khem Raj (cherry picked from commit 6d1b7df8c0f751777625ecbae3a5505087788b81) Signed-off-by: Gyorgy Sarvari --- meta-oe/recipes-extended/dialog/dialog_1.3-20210509.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-extended/dialog/dialog_1.3-20210509.bb b/meta-oe/recipes-extended/dialog/dialog_1.3-20210509.bb index 0b1e7e6088..d67156e1fd 100644 --- a/meta-oe/recipes-extended/dialog/dialog_1.3-20210509.bb +++ b/meta-oe/recipes-extended/dialog/dialog_1.3-20210509.bb @@ -8,7 +8,7 @@ DEPENDS = "ncurses" LICENSE = "LGPL-2.1-only" LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343" -SRC_URI = "ftp://ftp.invisible-island.net/${BPN}/${BP}.tgz" +SRC_URI = "https://invisible-mirror.net/archives/${BPN}/${BP}.tgz" SRC_URI[sha256sum] = "ae478fe7d5fca82bcf4b51684641e07d2ee68489d319710fe1e81f41a197bd66" # hardcoded here for use in dialog-static recipe From patchwork Wed Oct 1 13:52:27 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71449 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 26C81CCD187 for ; Wed, 1 Oct 2025 13:52:58 +0000 (UTC) Received: from mail-ed1-f52.google.com (mail-ed1-f52.google.com [209.85.208.52]) by mx.groups.io with SMTP id smtpd.web11.18613.1759326773276168576 for ; Wed, 01 Oct 2025 06:52:53 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=eQmxf6e0; spf=pass (domain: gmail.com, ip: 209.85.208.52, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f52.google.com with SMTP id 4fb4d7f45d1cf-63163a6556bso2140224a12.1 for ; Wed, 01 Oct 2025 06:52:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326772; x=1759931572; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=SB2lrQQ7OC/MiB6LPC5b+NHeiqOw0MQaVebQYBnrZ50=; b=eQmxf6e08vTR66MNCxaagQSA8jJK2hNTaI7gqVAESvtNQYBVkypAlogo0jLCN9uYHv KppanQGcVbDjXXqp07z4PoZr5uiw0kB4dlT7b1D/zNZnR2sYQAP0vAMIhEyA1y/Lt1Av bOmc8oWJoP3HOGa0ddSiGyHUmHGbSRrApRHTIi9epY8yUMmg2O8xzuZfVjIi5CtEhukT VzDEeLrLzjoeyXhrqDocBinQXDJnbI/VL9zqZ2M5t9/GU8fInB1Bf/TPC7k66LY0xVeq o8AV8LBcm851zgT9CTxm6O/xXnv+z0hj8zEcjGMnYSbiEygB2yXrAw/zxfd6Zrpm/HEz 36Jg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326772; x=1759931572; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=SB2lrQQ7OC/MiB6LPC5b+NHeiqOw0MQaVebQYBnrZ50=; b=TOMeeu1CRAky4V0mM19zTIpTloiJ1kIfbPl47MGhYyPsR4Suq9uW3hh/picvSsdzSc fyYmdFqMvXamdkDCiZHylAkbpsZUxtswuHD60jTVcHSzYOqNIX+/7wAibtAQ+x311Dp9 ANwhuweNVDYm1qZnSs8RPYe7hQQdbA1XZTiNJ9NgClCjq9SklPEMG6aUOQt0xJauup9I gEB9AcALseHHb1HTD2SiAoaksqQEJdXjIQHWP/pguPk+udq1mdfNC8Q73+qqM2VfWkbM nq0lmUM/Z6H0aM2Srwakku9Rm+casKLzUozD9Z03yDbMxa4AIMEtJVU10P61sntKfwti 2b2A== X-Gm-Message-State: AOJu0Yw0PbKd4+1uC/Hi/+97YFczMN2Hl2Q18AS79a85wyMmFVkZnoa8 0sQS47zdl7Yps8w88zjmTouKS8W5ggNT5AGh9JW/EsYkkbq/Ok3RvI2o6P8ayA== X-Gm-Gg: ASbGnctdsg2tw2fxV4hwJFFNBpYEOxes0HwUFRUsO+Lh9kSbMJ8FDVOvQEyqyiigORL VCEVSaGWdYXPJYSIrYeXfj2SvnQ/AaYLlOZsIF7xfr097yRVLUIgFlEHBr1W2cxZPD5noiUh80f E/CWHvkr54V8xzsAjMwkQ2saD0nnGBjYAsXjwvD6qqmKZLW4uIhxxRjQTi8E7Zuy+JLUkAMZyrv d033UJ4TVJPdz2nJeP0N1+pEQjs4cexazeByS80PbsFJX8fp6qEWQC6SNXLAEvDhHfWlLVrOi/q m3iDueM5j4qHESKdRw52Qs46LQ5Q1wfyo4Lg3usU6h3eq1RRqntdVlVCgidi9orJBclpXyzp9fT 52C2qq36ihHqC5G5h5x86HlqmFTyzr+v24/MJ3ltBG4R8 X-Google-Smtp-Source: AGHT+IF4ZiWaaAaRIeioHT0w3LkAgqzOsARq633ZbvuM7HY8/eBnDQnCisfl6YLH2hpE3bqLRDeY0w== X-Received: by 2002:a05:6402:4404:b0:633:4726:a077 with SMTP id 4fb4d7f45d1cf-63678bb906bmr4254419a12.15.1759326771536; Wed, 01 Oct 2025 06:52:51 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.52.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:52:51 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 09/25] gtk+: Fix CVE-2024-6655 Date: Wed, 1 Oct 2025 15:52:27 +0200 Message-ID: <20251001135243.1490753-10-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:52:58 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120124 From: Soumya Sambu A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current working directory. References: https://nvd.nist.gov/vuln/detail/CVE-2024-6655 Upstream-patch: https://gitlab.gnome.org/GNOME/gtk/-/commit/3bbf0b6176d42836d23c36a6ac410e807ec0a7a7 Signed-off-by: Soumya Sambu Signed-off-by: Khem Raj (cherry picked from commit 4bd9d757c10265dbf75034b50504ad7340ae3012) Signed-off-by: Gyorgy Sarvari --- .../gtk+/gtk+/CVE-2024-6655.patch | 40 +++++++++++++++++++ meta-oe/recipes-gnome/gtk+/gtk+_2.24.33.bb | 1 + 2 files changed, 41 insertions(+) create mode 100644 meta-oe/recipes-gnome/gtk+/gtk+/CVE-2024-6655.patch diff --git a/meta-oe/recipes-gnome/gtk+/gtk+/CVE-2024-6655.patch b/meta-oe/recipes-gnome/gtk+/gtk+/CVE-2024-6655.patch new file mode 100644 index 0000000000..dfa54f2f31 --- /dev/null +++ b/meta-oe/recipes-gnome/gtk+/gtk+/CVE-2024-6655.patch @@ -0,0 +1,40 @@ +From 3bbf0b6176d42836d23c36a6ac410e807ec0a7a7 Mon Sep 17 00:00:00 2001 +From: Matthias Clasen +Date: Sat, 15 Jun 2024 14:18:01 -0400 +Subject: [PATCH] Stop looking for modules in cwd + +This is just not a good idea. It is surprising, and can be misused. + +Fixes: #6786 + +CVE: CVE-2024-6655 + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/gtk/-/commit/3bbf0b6176d42836d23c36a6ac410e807ec0a7a7] + +Signed-off-by: Soumya Sambu +--- + gtk/gtkmodules.c | 9 ++------- + 1 file changed, 2 insertions(+), 7 deletions(-) + +diff --git a/gtk/gtkmodules.c b/gtk/gtkmodules.c +index e09b583..e75810c 100644 +--- a/gtk/gtkmodules.c ++++ b/gtk/gtkmodules.c +@@ -225,13 +225,8 @@ find_module (const gchar *name) + gchar *module_name; + + module_name = _gtk_find_module (name, "modules"); +- if (!module_name) +- { +- /* As last resort, try loading without an absolute path (using system +- * library path) +- */ +- module_name = g_module_build_path (NULL, name); +- } ++ if (module_name == NULL) ++ return NULL; + + module = g_module_open (module_name, G_MODULE_BIND_LOCAL | G_MODULE_BIND_LAZY); + +-- +2.40.0 diff --git a/meta-oe/recipes-gnome/gtk+/gtk+_2.24.33.bb b/meta-oe/recipes-gnome/gtk+/gtk+_2.24.33.bb index 082967e04c..3e610724fd 100644 --- a/meta-oe/recipes-gnome/gtk+/gtk+_2.24.33.bb +++ b/meta-oe/recipes-gnome/gtk+/gtk+_2.24.33.bb @@ -10,6 +10,7 @@ SRC_URI = "http://ftp.gnome.org/pub/gnome/sources/gtk+/2.24/gtk+-${PV}.tar.xz \ file://doc-fixes.patch \ file://strict-prototypes.patch \ file://0001-Do-not-look-into-HOME-when-looking-for-gtk-modules.patch \ + file://CVE-2024-6655.patch \ " SRC_URI[sha256sum] = "ac2ac757f5942d318a311a54b0c80b5ef295f299c2a73c632f6bfb1ff49cc6da" From patchwork Wed Oct 1 13:52:28 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71447 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3816DCCD188 for ; Wed, 1 Oct 2025 13:52:58 +0000 (UTC) Received: from mail-ed1-f52.google.com (mail-ed1-f52.google.com [209.85.208.52]) by mx.groups.io with SMTP id smtpd.web10.18459.1759326773954237558 for ; Wed, 01 Oct 2025 06:52:54 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=L9CW+JTa; spf=pass (domain: gmail.com, ip: 209.85.208.52, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f52.google.com with SMTP id 4fb4d7f45d1cf-631787faf35so14479868a12.3 for ; Wed, 01 Oct 2025 06:52:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326772; x=1759931572; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=QsiebbfBy4XlHwxnx2ZwI1Yc//y/5N9cyzLPeV+jd/M=; b=L9CW+JTa6UD2OyIAm1VB7jBOwpxzZ8XXJA/BpUm6ENHwvvVxoCb+y8HvUiI4dh+mAH uFsXx+NGn/NFCBR7nWgTTEcYk2T074jU13z+zW/YcrgZhs+M+qdOVj/f91+t977Lodeb I+7zaDEQJvHYsW+dSGoQF9fTVgkZGJ51u/RSAWyLZ5uoVdhwX3Dsc3H15rMjt5DuohiA tBKmbxY8JIFqN6BzyOqh+rWC28acnhbrVPCWEn2lQO/0GQA3XtpbEAn0rItcRIXW1bAD Oa1JqSsmsBmVjhwN/DPL4sKhbx1/g/ylDB2j2B0MxJ++pGhVDsmOYD5xSHY07jW+CIl5 Z6JA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326772; x=1759931572; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=QsiebbfBy4XlHwxnx2ZwI1Yc//y/5N9cyzLPeV+jd/M=; b=W4Jp5FwMgRKwDJ3rtNLtH/WFA3x9c4T5WXTXAUK6592VMjTc14uDT9xCb5cvmqJkTt 5JdfuIY/RB2QEHwkYQ2IxbIEi+qUExUr0BS1NGZ/ZD1hLgCT7Zh+bYEIbzY46CRZPbpe P1MbRSPTxQlPQ3M1aUojAoiJEJs/LCl1KQp5MFN0zBeE152/BjvVquzLHs204pp/XPSu pC/yORnD71W2U+BRlCeH5e7d9JRQ5D2YWHMgzLNNKKkPy8ib1PLtJ8rnXtw/3CBABVOL 3znNbqgt04hUFcSUssFMJOCDR5Lrt72P5y5C7CnzaMkkZoHhQD4KiK04JuheW1i4UHKE cgiQ== X-Gm-Message-State: AOJu0YzDR/UtWiYreNOs1i7ty2wiMKy2Ls9q5CzFjB4QgJ1G2mr8uUHx YHaMIPPuIK9W4lwavuBVo/5xnLjb5TNaPRZug4b75zhUq9v/PgohHpIjN0RPmA== X-Gm-Gg: ASbGnctL4krwd/Wff8svznomXuQ7mSuD8bEnsoLiTlMq0UhPBkV1qNpx0AJI94VuQQ2 WKKnasjH/PJnzuj6GNL4rylh9HKmJI1DyQlH7xAZsjWJKQr2F7JwV/fXs08kkzKLwy/4zziUHp9 dCmqMjY1N3Vjwgg9EvS66nmQcNCLj8fXslaXq2L5NLReOKae1RvDZDD32z0JX6rhvcLW37y9Nwo k2BC4EskZaRGUrYpdwWgxPeKRXFb4RPJrfsnpd6zOi+q1rEtr5hcN/9yAby85QJl4LiTWqTLBVE EjEm6IuFnLlKG67a8h3K+Q5REl57zswU1N2OoYhanejqN2Sh13FFsqJqNovc9QPKaGcyDhJDw2X rHnCFg3kwO9OqdjYnElHyA5IsDwxz65G610OVGSqqamhSMWp6PTmkpB0= X-Google-Smtp-Source: AGHT+IEiXMofSSwQZPosNrrdJYAD/zxfMcm7hlP2I13ClSAHJYydfMsvWpcVKaZis7nrc4ceD2IowQ== X-Received: by 2002:a05:6402:13d2:b0:61c:1b27:56d4 with SMTP id 4fb4d7f45d1cf-63678cfe8demr4061075a12.35.1759326772227; Wed, 01 Oct 2025 06:52:52 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.52.51 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:52:51 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 10/25] libsdl: fix CVE-2022-34568 Date: Wed, 1 Oct 2025 15:52:28 +0200 Message-ID: <20251001135243.1490753-11-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:52:58 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120125 From: Lee Chee Yang CVE-2022-34568 affected From (including) 1.2.1 Up to (including) 1.2.15 Signed-off-by: Lee Chee Yang Signed-off-by: Khem Raj (cherry picked from commit 49c97b4eefa6efc87f023c07ce6fbb7a93c79a0f) Signed-off-by: Gyorgy Sarvari --- .../libsdl/libsdl-1.2.15/CVE-2022-34568.patch | 28 +++++++++++++++++++ .../recipes-graphics/libsdl/libsdl_1.2.15.bb | 1 + 2 files changed, 29 insertions(+) create mode 100644 meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2022-34568.patch diff --git a/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2022-34568.patch b/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2022-34568.patch new file mode 100644 index 0000000000..7561300cb3 --- /dev/null +++ b/meta-oe/recipes-graphics/libsdl/libsdl-1.2.15/CVE-2022-34568.patch @@ -0,0 +1,28 @@ +CVE: CVE-2022-34568 +Upstream-Status: Backport [https://github.com/libsdl-org/SDL-1.2/commit/d7e00208738a0bc6af302723fe64908ac35b777b ] +Signed-off-by: Lee Chee Yang + +From d7e00208738a0bc6af302723fe64908ac35b777b Mon Sep 17 00:00:00 2001 +From: Ozkan Sezer +Date: Sat, 18 Jun 2022 14:55:00 +0300 +Subject: [PATCH] SDL_x11yuv.c: fix possible use-after-free + +Fixes: https://github.com/libsdl-org/SDL-1.2/issues/863 +--- + src/video/x11/SDL_x11yuv.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/video/x11/SDL_x11yuv.c b/src/video/x11/SDL_x11yuv.c +index 62698dfd9..0d5754e3e 100644 +--- a/src/video/x11/SDL_x11yuv.c ++++ b/src/video/x11/SDL_x11yuv.c +@@ -374,8 +374,8 @@ SDL_Overlay *X11_CreateYUVOverlay(_THIS, int width, int height, Uint32 format, S + #ifdef PITCH_WORKAROUND + if ( hwdata->image != NULL && hwdata->image->pitches[0] != (width*bpp) ) { + /* Ajust overlay width according to pitch */ +- XFree(hwdata->image); + width = hwdata->image->pitches[0] / bpp; ++ XFree(hwdata->image); + hwdata->image = SDL_NAME(XvCreateImage)(GFX_Display, xv_port, format, + 0, width, height); + } diff --git a/meta-oe/recipes-graphics/libsdl/libsdl_1.2.15.bb b/meta-oe/recipes-graphics/libsdl/libsdl_1.2.15.bb index 4ec0dc6ca3..b7438bb423 100644 --- a/meta-oe/recipes-graphics/libsdl/libsdl_1.2.15.bb +++ b/meta-oe/recipes-graphics/libsdl/libsdl_1.2.15.bb @@ -28,6 +28,7 @@ SRC_URI = "http://www.libsdl.org/release/SDL-${PV}.tar.gz \ file://CVE-2019-7638.patch \ file://CVE-2019-7576.patch \ file://CVE-2019-13616.patch \ + file://CVE-2022-34568.patch \ " UPSTREAM_CHECK_REGEX = "SDL-(?P\d+(\.\d+)+)\.tar" From patchwork Wed Oct 1 13:52:29 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71442 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id CCFCCCCD180 for ; Wed, 1 Oct 2025 13:52:57 +0000 (UTC) Received: from mail-ed1-f45.google.com (mail-ed1-f45.google.com [209.85.208.45]) by mx.groups.io with SMTP id smtpd.web10.18460.1759326774614842701 for ; Wed, 01 Oct 2025 06:52:54 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=BL/rbDf1; spf=pass (domain: gmail.com, ip: 209.85.208.45, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f45.google.com with SMTP id 4fb4d7f45d1cf-634cdb5ed4bso2013858a12.2 for ; Wed, 01 Oct 2025 06:52:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326773; x=1759931573; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=1Y7k+kGQCYucw6IVUvK8DXLZqcnHUCB99yOY7upVQDA=; b=BL/rbDf1VKmVYVT1IoBCacEv/+oWi8hIT1kE2aCiC/nbY06o4To4yLH+E7KV2AoauL EQX5xUw8nZurxCugk51PfS16TJpxvyDfhCo6rkzL97/deCWZVR5pP9KFBD2edmlSRIia u9B1RbhGT+bfPUzTBY2+R1sT9LDyiRMF6j8l7B0zeL8xHyjWTAg53oRPy4kr1GHbFvBJ x8q66m50RLmgivCk4wwzJ4yyBn7DRQHr8VMavnT1R+MospotTHmKfAX+ZfVS6U/koG6z 4jJkONCmqahX025FLar0U9G8s+yYXuBMRVaTI5fkViNybulkMniSCr2Cf7l7aj1lwfZh BRaw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326773; x=1759931573; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=1Y7k+kGQCYucw6IVUvK8DXLZqcnHUCB99yOY7upVQDA=; b=jPatCJpiYgABPe4EOuaceKZ1OLyErsDIhWBi5fJDwdswNaBP/cETBQrQ1Vs4esT32g Umh5ZPEivF7O04m+7b3buohczzUYdv63tCZfLR1pu5LVbdl0eWFLXFWFcPcIZPgzf5VZ sn1J5e2ReMpoJQqU5ybVBnqLfEZXL+P84g2uu5EqqHV0Fjkv5/BMM8wpoTl2re6NH4kx YOH2ogYmVE4R2AIYY2fQ5D/QCuKhpcHsJqhfP4mwDU9iXIYjUfkPLK+G1646db8u2ZUN ivW16V/eczyVacmB/0/CxLi2n4j5MxLvuiMeX+ztM6opdzCAZF9z4N+j1ObFPM4r5ov/ 7teg== X-Gm-Message-State: AOJu0Yx7Cl9zO9wVMKcX288ph53M4G27UHoSuTjMChXD2OA4vfWXIDHp xHg6B/dJtoAfWEMWDPlc2drf0MYsjlSd5t+6uOs68IjQgp++GgtIrF3vhC9ukA== X-Gm-Gg: ASbGnctLyqPTriGvbBNgD9sx2vMlVIeHUmz1Ho3OZVB/l+oJYc9bcV5Tg0pqdHpFPa8 3QY08/8RiK3rf8kbp1dvo22wWGQBCj4ujvsMdFORpt966dwYm5qJxtYznwjwkv4VNYVxozqPpeT IlG79+dgJ6iqTRKxxQJNlSXJPqk1v9M1mVrEWirZ/ps8k5q8439vxo7OK3Yw8aQ8exfGnWFUZFl e6QblxSlDp9Sp3OAg4f9/zcUdYp7aFOL4bXEwgt712lym8djaW03OopCIlV6boFsTv5oLXgWdAM Pjw6Ya8X+lHW9cXdsykgK/esiDov/62ryRPy5SMEYDmH6lllzUp1gD7Xab5QfEtP0lvuyb2CEPr KlC9/WKJ0qNR3/Jt2/AiW5kurAXh/ToFof8LQcPlu50u5 X-Google-Smtp-Source: AGHT+IHoatFxWHnfBkVHLV08TIeiBglVVrEbU9DcPLKndEF3VV8XOADXOkSDfGLbA/JVIsBJt4pY+w== X-Received: by 2002:a05:6402:274c:b0:634:544b:a740 with SMTP id 4fb4d7f45d1cf-63678c56e05mr4503887a12.22.1759326772909; Wed, 01 Oct 2025 06:52:52 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.52.52 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:52:52 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 11/25] openbox: fix crash on alt+tab with fullscreen app Date: Wed, 1 Oct 2025 15:52:29 +0200 Message-ID: <20251001135243.1490753-12-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:52:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120126 From: Alexandre Videgrain Apply an openbox patch to openbox recipe to fix crashes on alt+tab with fullscreen app. Github issue: https://github.com/openembedded/meta-openembedded/issues/837 Signed-off-by: Alexandre Videgrain Suggested-by: Ludovic Jozeau Signed-off-by: Yoann Congal Signed-off-by: Khem Raj (cherry picked from commit 85132c16210d1bdf83e8be5b3da4f430ce7b4b91) Signed-off-by: Gyorgy Sarvari --- ...traversal-issue-in-client_calc_layer.patch | 56 +++++++++++++++++++ .../recipes-graphics/openbox/openbox_3.6.1.bb | 1 + 2 files changed, 57 insertions(+) create mode 100644 meta-oe/recipes-graphics/openbox/files/0001-Fix-list-traversal-issue-in-client_calc_layer.patch diff --git a/meta-oe/recipes-graphics/openbox/files/0001-Fix-list-traversal-issue-in-client_calc_layer.patch b/meta-oe/recipes-graphics/openbox/files/0001-Fix-list-traversal-issue-in-client_calc_layer.patch new file mode 100644 index 0000000000..8bc2b80f68 --- /dev/null +++ b/meta-oe/recipes-graphics/openbox/files/0001-Fix-list-traversal-issue-in-client_calc_layer.patch @@ -0,0 +1,56 @@ +From d41128e5a1002af41c976c8860f8299cfcd3cd72 Mon Sep 17 00:00:00 2001 +From: pldubouilh +Date: Fri, 17 Mar 2023 18:23:47 +0100 +Subject: [PATCH] Fix list traversal issue in client_calc_layer + +The calls to client_calc_layer_internal can modify stacking_list, which +can cause us to follow dangling ->next pointers (either by the pointer +itself already being freed, or it pointing to a freed area). Avoid this +by copying the list first, the goal is to visit every client in the list +once so this should be fine. + +Upstream-Status: Backport [http://git.openbox.org/?p=mikachu/openbox.git;a=commit;h=d41128e5a1002af41c976c8860f8299cfcd3cd72] +Signed-off-by: Alexandre Videgrain +--- + openbox/client.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +diff --git a/openbox/client.c b/openbox/client.c +index 7168b240..b8264587 100644 +--- a/openbox/client.c ++++ b/openbox/client.c +@@ -2742,9 +2742,12 @@ static void client_calc_layer_internal(ObClient *self) + void client_calc_layer(ObClient *self) + { + GList *it; ++ /* the client_calc_layer_internal calls below modify stacking_list, ++ so we have to make a copy to iterate over */ ++ GList *list = g_list_copy(stacking_list); + + /* skip over stuff above fullscreen layer */ +- for (it = stacking_list; it; it = g_list_next(it)) ++ for (it = list; it; it = g_list_next(it)) + if (window_layer(it->data) <= OB_STACKING_LAYER_FULLSCREEN) break; + + /* find the windows in the fullscreen layer, and mark them not-visited */ +@@ -2757,7 +2760,7 @@ void client_calc_layer(ObClient *self) + client_calc_layer_internal(self); + + /* skip over stuff above fullscreen layer */ +- for (it = stacking_list; it; it = g_list_next(it)) ++ for (it = list; it; it = g_list_next(it)) + if (window_layer(it->data) <= OB_STACKING_LAYER_FULLSCREEN) break; + + /* now recalc any windows in the fullscreen layer which have not +@@ -2768,6 +2771,8 @@ void client_calc_layer(ObClient *self) + !WINDOW_AS_CLIENT(it->data)->visited) + client_calc_layer_internal(it->data); + } ++ ++ g_list_free(it); + } + + gboolean client_should_show(ObClient *self) +-- +2.34.1 + diff --git a/meta-oe/recipes-graphics/openbox/openbox_3.6.1.bb b/meta-oe/recipes-graphics/openbox/openbox_3.6.1.bb index 4c97c03978..26fc7c3650 100644 --- a/meta-oe/recipes-graphics/openbox/openbox_3.6.1.bb +++ b/meta-oe/recipes-graphics/openbox/openbox_3.6.1.bb @@ -8,6 +8,7 @@ SRC_URI = " \ http://icculus.org/openbox/releases/openbox-${PV}.tar.gz \ file://0001-Makefile.am-avoid-race-when-creating-autostart-direc.patch \ file://0001-openbox-xdg-autostart-convert-to-python3.patch \ + file://0001-Fix-list-traversal-issue-in-client_calc_layer.patch \ " SRC_URI[md5sum] = "b72794996c6a3ad94634727b95f9d204" From patchwork Wed Oct 1 13:52:30 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71441 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id BC1CDCCA472 for ; Wed, 1 Oct 2025 13:52:57 +0000 (UTC) Received: from mail-ed1-f51.google.com (mail-ed1-f51.google.com [209.85.208.51]) by mx.groups.io with SMTP id smtpd.web11.18615.1759326775364093473 for ; Wed, 01 Oct 2025 06:52:55 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=kEKvv40F; spf=pass (domain: gmail.com, ip: 209.85.208.51, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f51.google.com with SMTP id 4fb4d7f45d1cf-6366d48d8ccso2099618a12.0 for ; Wed, 01 Oct 2025 06:52:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326774; x=1759931574; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=keARwMpNniqUg0/15ks8TA1e6Y2jbPpngOoLZ4km4Lc=; b=kEKvv40Fk78k2pEXCz2s/7oH+hVZOh+CGQUPG1k8ynLPRcU1Ap0jtK4TaRYeUj16Va 0OUnTiWy6nTImc/qm1LVBhJiqe6F8tX7vzjaEN3SO2B+m+rsdwJKbq6LVHCnef4FbZrQ enTKmLiombdfr0K3E0+lH7WoAPSv1K3CKXsWxUc9WeTj//mvPwjEg6+WzyWHeSTkA1Tb isnz3S013aD3Tb7lRsbuNN4aAknsBf6LjL//9m1lr28vlMBvzH8DDZa9ufR4VENn9WJ6 /Ec81pTjRG2S5w0KSq1h/fQRZBAvWdgW91e1OMvPLYss7igx99nTibanskIWvi/e9cQE SzAA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326774; x=1759931574; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=keARwMpNniqUg0/15ks8TA1e6Y2jbPpngOoLZ4km4Lc=; b=TZkLJCXXeDvDciSXT6C/fHyhVIWVz+TczeUXSqO/1o7Ueq866PVht9T7B5+kArWWKN fWEueCx2rGjlv7Iy0dGpjRzL8cWQ6XFaKZvagcx3VjclmDYltQJf8lSYymaEyqIeGox4 o1GCCQx8O9k/XPZK2u3Dtl48/8Z7CO4xreW3ofppMVUYCoUu3F2y4akUvXOL5cvq3Qr1 rryAxXuFEAS9Py3zABfKzEVpSiSIslVppXl1PbanJgupgxYqOTyvsdrvVqzyVresi2jK BQ7Jk27KrwU2POiiVllxoMQx0aR/bGjDiF+aPEskcdFeEEb7V9Y3KwoeeJyknALKlWCt 85nQ== X-Gm-Message-State: AOJu0YxuHE5VfhJIjPrF7gFPQylPPskeDE7/P3e7ls+Utm74bUf89kiZ Dg6fQ3QqsK27DEo+nZiKhm8pSce/xJn9KONbnjKojwNM7LNqNsfR3aAZkkRwSw== X-Gm-Gg: ASbGncvUzgwATDaqpZCJY7sVcA5u9DqsN9x2A2akIJySHxWpi4eVVvEJ9YtLZ8/4+xG WLoc9MGbe7tTnjAPJQyD7H6rLPUwr1kyA4vFjyIA3IGOMYLNASz+Gt9XteG1dvuTqq9x3zRgG5C fLW2okybtQxgG3WGx3eihWQYx7vi92pH+0oy1jqOFTHfCRl28TxcHvu5g4Px2yev9uq8Tg4Ebvo 7r0SN7PtbMiWzK2B/L6c0evmJFrlnDcJUBbP6kKmanuG8Bu1RaaSK6XifAn9XK78AqJ4nZn35nm s8RkRLhUnSSEIEXEEkUPUWs1UKQuR/ZU5+P7/O6pAJtwn8W88HdHSRRk23D2U2/nJPM+SmqiO01 A0vvUPvyA1TJLMyF2md8Ge3cyuRhmchfXdAgwC11ulR++ X-Google-Smtp-Source: AGHT+IHHdAMM36A0Fp6mIUY79aBTGRGxc4GUibeWHagW3gRVaKHgajvFp6ZPXA1LC0bAOEiNTcwGKQ== X-Received: by 2002:a05:6402:1e95:b0:631:b058:bef0 with SMTP id 4fb4d7f45d1cf-63678c7df79mr3837132a12.32.1759326773580; Wed, 01 Oct 2025 06:52:53 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.52.52 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:52:53 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 12/25] x11vnc: Fix CVE-2020-29074 Date: Wed, 1 Oct 2025 15:52:30 +0200 Message-ID: <20251001135243.1490753-13-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:52:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120127 From: Lee Chee Yang Signed-off-by: Lee Chee Yang Signed-off-by: Khem Raj (cherry picked from commit dbdea59838054f9c908533d486cf3c0c2897c791) Signed-off-by: Gyorgy Sarvari --- .../x11vnc/files/CVE-2020-29074.patch | 27 +++++++++++++++++++ .../recipes-graphics/x11vnc/x11vnc_0.9.16.bb | 1 + 2 files changed, 28 insertions(+) create mode 100644 meta-oe/recipes-graphics/x11vnc/files/CVE-2020-29074.patch diff --git a/meta-oe/recipes-graphics/x11vnc/files/CVE-2020-29074.patch b/meta-oe/recipes-graphics/x11vnc/files/CVE-2020-29074.patch new file mode 100644 index 0000000000..fbdb9123cc --- /dev/null +++ b/meta-oe/recipes-graphics/x11vnc/files/CVE-2020-29074.patch @@ -0,0 +1,27 @@ +CVE: CVE-2020-29074 +Upstream-Status: Backport [https://github.com/LibVNC/x11vnc/commit/69eeb9f7baa14ca03b16c9de821f9876def7a36a ] +Signed-off-by: Lee Chee Yang + + +From 69eeb9f7baa14ca03b16c9de821f9876def7a36a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Gu=C3=A9nal=20DAVALAN?= +Date: Wed, 18 Nov 2020 08:40:45 +0100 +Subject: [PATCH] scan: limit access to shared memory segments to current user + +--- + src/scan.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/scan.c b/src/scan.c +index 43e00d20..12994d52 100644 +--- a/src/scan.c ++++ b/src/scan.c +@@ -320,7 +320,7 @@ static int shm_create(XShmSegmentInfo *shm, XImage **ximg_ptr, int w, int h, + + #if HAVE_XSHM + shm->shmid = shmget(IPC_PRIVATE, +- xim->bytes_per_line * xim->height, IPC_CREAT | 0777); ++ xim->bytes_per_line * xim->height, IPC_CREAT | 0600); + + if (shm->shmid == -1) { + rfbErr("shmget(%s) failed.\n", name); diff --git a/meta-oe/recipes-graphics/x11vnc/x11vnc_0.9.16.bb b/meta-oe/recipes-graphics/x11vnc/x11vnc_0.9.16.bb index 5f7c0beb66..be9ef3cbaa 100644 --- a/meta-oe/recipes-graphics/x11vnc/x11vnc_0.9.16.bb +++ b/meta-oe/recipes-graphics/x11vnc/x11vnc_0.9.16.bb @@ -12,6 +12,7 @@ PV .= "+git${SRCPV}" SRC_URI = "git://github.com/LibVNC/x11vnc;branch=master;protocol=https \ file://starting-fix.patch \ + file://CVE-2020-29074.patch \ " S = "${WORKDIR}/git" From patchwork Wed Oct 1 13:52:31 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71443 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id E05BCCCD182 for ; Wed, 1 Oct 2025 13:52:57 +0000 (UTC) Received: from mail-ed1-f41.google.com (mail-ed1-f41.google.com [209.85.208.41]) by mx.groups.io with SMTP id smtpd.web11.18617.1759326777176658925 for ; Wed, 01 Oct 2025 06:52:57 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=RWcQsj76; spf=pass (domain: gmail.com, ip: 209.85.208.41, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f41.google.com with SMTP id 4fb4d7f45d1cf-61a8c134533so13685185a12.3 for ; Wed, 01 Oct 2025 06:52:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326775; x=1759931575; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=6DtCwZwplBaKk/D7NyC5MBQKKj8Hih06T5C75Egpyuw=; b=RWcQsj760CmAp5ioaDdVKNYGD7HkRS1rld6p8yxqB0T0KDEH6HvbKKu11fRnH7kkO4 cpIkR25tTLiQvVaSlQegqlTc81MqVLsJxnPCAvNwog+mhOJ5TxbomEj+DzshAzbEJilH tFzE5GcsUA8TZzqHhyudC0BVCyx/DzHW/1Ugd3UB/lAnIz8kgP12WyID4RJzmUyJnk+J cPkNRaK0FGVLrEVuwA0ERSGzF+TeJI8jJH3BZXxE1o9LiyL/CnqPUHNeql20gGz6J4qb e9D4D9TmxqX9KpyA8BW9eBQvu1MnkhXK85As3S+ZZM3hUMyEaB6dFEFq37uCRQftGQUC zZSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326775; x=1759931575; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=6DtCwZwplBaKk/D7NyC5MBQKKj8Hih06T5C75Egpyuw=; b=fcuo8AG5gN+lC9dwKDMCMQEKuLmV6XE2hOmlVverUIfJXoWS0YI0QepLnaPLT7m4/7 XfiU6chDrRDKq6VIgLuuyu8nR8PpYh4FNdk5TFtwWvpkMBCvokLJJudJxpKfV1gBdtxB lxvwDqgWYDv4PWzEyhOE1L2qSdSO2wXgQh1QLdyg9b+LVt2TWOSQ4CdWNKvezQHG6hCa mQNj0sPuO/qo57pPQRCqaLtfJtfQ6l3ZQHvjWGCAn4eV0NPf3wfo2QEC6fZlr3MLysmB myaBUimbmXrOCFJi67ciWGvzjvVVOHxdLs5/N5Z/k2IkM6MAdJgvL5VrDguVHz8zKv7b Xshw== X-Gm-Message-State: AOJu0YzFwxPlR4Ft4TFiR6GmIzcZaZmRj9SQgHdO9GaXAO4TchOef088 EO4V9xy24PDKe9u7PPMZ21M5+EZJNqa4tg6oSdpcWkFDYFaBQoPXCdVXH7ssLQ== X-Gm-Gg: ASbGncv97nGRfpvMVZSUCvmfpDQ268mhiOkfpUgujxjr1+Pd/Kwnwu/dzGkdpFcf7V3 oqIsUPUDhvWwB+Hzk3qxPK3CpPpWaG0whFZqZnYhWwh85Bv3QCu7ITB6frywy3epTafxIZpE64b V7zQlzA8fpwKdF80ckrN1FUwQXz5sALyRuqfF4bX2tfTo8DNMUe81PfTIut2IC+M4sn/Ot1Owos jpXYqhexUIkDcsDj+LhK4HYrDnhL+1E7rCKNxrVuxNxyt0P55VM5BlEW3mUY0qkg9EuBYKvCPCS 9hF6xm08tnWyVNNLVxPCvRMX34n19Q9d0U/xgUD244pXRK9rHpN5c93YleC6vaeJW8+bU9w0sEu bAsG3fhgmyr8z5QIVgrmBuwLwMCVZwI9Cvpcg1XCbEwp2 X-Google-Smtp-Source: AGHT+IFWD5gaIqB3WOOP47gEMKs+5YX8Am4lPjLMxS6l5by/zXTmIzz+FS6ozYCPVsnhrsmwB2jd6w== X-Received: by 2002:a05:6402:40d4:b0:62f:19e6:401d with SMTP id 4fb4d7f45d1cf-63678c0d4d5mr4178296a12.7.1759326775481; Wed, 01 Oct 2025 06:52:55 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.52.53 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:52:53 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 13/25] minicoredumper: correct the sysvinit service file attribute Date: Wed, 1 Oct 2025 15:52:31 +0200 Message-ID: <20251001135243.1490753-14-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:52:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120128 From: Mingli Yu Add the execute attribute for sysvinit service file to fix the below error: $ service minicoredumper status minicoredumper: unrecognized service Signed-off-by: Mingli Yu Signed-off-by: Khem Raj (cherry picked from commit d477cbb5267f39846d129f27d0f6a7f2b001db7b) Signed-off-by: Gyorgy Sarvari --- meta-oe/recipes-kernel/minicoredumper/minicoredumper_2.0.1.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-kernel/minicoredumper/minicoredumper_2.0.1.bb b/meta-oe/recipes-kernel/minicoredumper/minicoredumper_2.0.1.bb index 0b934ee2d8..76b1d73fe6 100644 --- a/meta-oe/recipes-kernel/minicoredumper/minicoredumper_2.0.1.bb +++ b/meta-oe/recipes-kernel/minicoredumper/minicoredumper_2.0.1.bb @@ -37,7 +37,7 @@ do_install:append() { install -d ${D}${systemd_system_unitdir} install -m 0644 ${WORKDIR}/minicoredumper.service ${D}${systemd_system_unitdir} install -d ${D}${sysconfdir}/init.d - install -m 0644 ${WORKDIR}/minicoredumper.init ${D}${sysconfdir}/init.d/minicoredumper + install -m 0755 ${WORKDIR}/minicoredumper.init ${D}${sysconfdir}/init.d/minicoredumper # correct path of minicoredumper sed -i -e s:/usr/bin/minicoredumper:${sbindir}/minicoredumper:g ${D}${sysconfdir}/init.d/minicoredumper From patchwork Wed Oct 1 13:52:32 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71451 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 285CFCCA472 for ; Wed, 1 Oct 2025 13:53:08 +0000 (UTC) Received: from mail-ed1-f41.google.com (mail-ed1-f41.google.com [209.85.208.41]) by mx.groups.io with SMTP id smtpd.web11.18619.1759326777968066004 for ; Wed, 01 Oct 2025 06:52:58 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=bBl+aUGo; spf=pass (domain: gmail.com, ip: 209.85.208.41, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f41.google.com with SMTP id 4fb4d7f45d1cf-636688550c0so4067289a12.2 for ; Wed, 01 Oct 2025 06:52:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326776; x=1759931576; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=23YU7E/p13gODIg6+adcxe9duB0AoiRH6nGC6I/ff2s=; b=bBl+aUGo0z8rK0awm5asUw74WVYM/xo2uxxB3R8jsTEMgg5dZAdDs4n7a+rzAGCWvL nnCFegMnVB+mDwvJcL7Ndv6nIvOSQCHryOTHAD3wCRxYkR2vLVvT0xE4solw/u9L0E5n KRDve437oJ10A74ggWNk9SJNuOJoZi1u26+j82CK943oQXk2NCx+S5yszC+1IRBRNph2 PZ6xgOgsRewXuQS0MW2A7Z8OKZFEzgD7oyZUUTj9pdLmsdWEVAhTV4e2zSTvJ6z+fd8B b+IBAKVuHYBDVytBH1i19FJADCiF4e/FzQHg9Xa5JP29tfVBpQVzip/dlJ6n3deUA/PW 96Ug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326776; x=1759931576; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=23YU7E/p13gODIg6+adcxe9duB0AoiRH6nGC6I/ff2s=; b=TcUQKumxh0BzJSksZcyEVmjGWTiC9XfWyMMNgnqnVWHd3XZQLcKKF8hfeZIGaSmXze fhVO26peJ5o15y2qWIV5UmyriSkiCBGXi5hxlqrVNJkXQ7k7kF+zqpjYNmqHh+XHYzfA JPqlidSZHngL9812DcWUjZ1d9ayVvtjUmVESkHiZpgK/YWn4zRZfmxBUmAuctel41RkT CFsVzgmUJikpc3z7Qzbb6j/+/9R7OzMT8xD+jzhXq1ydBOaO/9nnN2IvYJDXEqRbToVo Gf57mDKgpxZUWaF6yudLUSWJP4aZhGM/yIXL3eHuXkSCyIhIXOEYD8Xyj5FF7Fcy0L4m LPzg== X-Gm-Message-State: AOJu0Yxyx3C+txlnjnu3GYzkG3E7n8nJpYvZbtElEfcHrfXlmfoflhg2 gK/KCLhmfj4kx5XWXLwNMxcZHQeiYkIac0U/hvUGPKH8wj6wbhThBLdbqS9TcQ== X-Gm-Gg: ASbGncuNVDDA3FTLQ3FPZlax1VTlckKRBNVtooEFcUHJZhO8XheZgx44S7hyoCFMId2 4Q4tZrC87ECcixk4zRjb4sUAzdxuhjuYyiv9D8kPJqx1jlNcLexubHaVmzytnOBTJzFcKIgR4v1 Zhu8Rm/q7Uv8Ewjik2UI6SZ8dUFawFmikSSJPlGbRNli1B9quOYzrDc4b9pW5xeqSuduXn6PzpK XGV3hzZu2/ATr42Uq8EVOqYGJkDLInT+8JGLpY4lw6KOoupLA5+P5V9avu7qUpehknPlUl8hV4M GVKGducg8qfc8PnpSE9WOseZYk5c+mdyXNo1qpPjB8WYZ3WC3HzKa2fya9Eyk7eFlgKqdIDEGU3 /ZTIHUL42tIJUJ9L0THIcEzjI+5PzPyTtwJ46s8gEG3h9 X-Google-Smtp-Source: AGHT+IFT4Bp2fR7/BE4Av6bry+lcv/xbk2XboCPip1z2O6VlJz0/e5uAXJUMV2EpX1b0JvJr/S0jrA== X-Received: by 2002:a05:6402:1ece:b0:634:5381:530b with SMTP id 4fb4d7f45d1cf-63678bb7adfmr4309225a12.13.1759326776164; Wed, 01 Oct 2025 06:52:56 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.52.55 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:52:55 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 14/25] audiofile: fix multiple CVEs Date: Wed, 1 Oct 2025 15:52:32 +0200 Message-ID: <20251001135243.1490753-15-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:53:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120129 From: Peter Marko CVE-2017-6827 / CVE-2017-6828 / CVE-2017-6832 / CVE-2017-6833 / CVE-2017-6835 / CVE-2017-6837 Use patch from buildroot: https://github.com/buildroot/buildroot/commit/cc00bde57fc20d11f8fa4e8ec5f193c091714c55 Signed-off-by: Peter Marko Signed-off-by: Khem Raj (cherry picked from commit 634cbcb91c3ab7154e0cda707663a1e4aa500f4a) Signed-off-by: Gyorgy Sarvari --- .../audiofile/audiofile_0.3.6.bb | 1 + ...ays-check-the-number-of-coefficients.patch | 45 +++++++++++++++++++ 2 files changed, 46 insertions(+) create mode 100644 meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch diff --git a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb index e91c81d703..89604f71a0 100644 --- a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb +++ b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb @@ -13,6 +13,7 @@ SRC_URI = " \ file://0001-fix-negative-shift-constants.patch \ file://0002-fix-build-on-gcc6.patch \ file://0003-fix-CVE-2015-7747.patch \ + file://0004-Always-check-the-number-of-coefficients.patch \ " SRC_URI[md5sum] = "235dde14742317328f0109e9866a8008" SRC_URI[sha256sum] = "ea2449ad3f201ec590d811db9da6d02ffc5e87a677d06b92ab15363d8cb59782" diff --git a/meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch b/meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch new file mode 100644 index 0000000000..282f4c01b9 --- /dev/null +++ b/meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch @@ -0,0 +1,45 @@ +From c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0 Mon Sep 17 00:00:00 2001 +From: Antonio Larrosa +Date: Mon, 6 Mar 2017 12:51:22 +0100 +Subject: [PATCH] Always check the number of coefficients + +When building the library with NDEBUG, asserts are eliminated +so it's better to always check that the number of coefficients +is inside the array range. + +This fixes the 00191-audiofile-indexoob issue in #41 + +Signed-off-by: Peter Korsgaard + +CVE: CVE-2017-6827 +CVE: CVE-2017-6828 +CVE: CVE-2017-6832 +CVE: CVE-2017-6833 +CVE: CVE-2017-6835 +CVE: CVE-2017-6837 +Upstream-Status: Inactive-Upstream [lastrelease: 2013] +Signed-off-by: Peter Marko +--- + libaudiofile/WAVE.cpp | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/libaudiofile/WAVE.cpp b/libaudiofile/WAVE.cpp +index 0e81cf7..61f9541 100644 +--- a/libaudiofile/WAVE.cpp ++++ b/libaudiofile/WAVE.cpp +@@ -281,6 +281,12 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size) + + /* numCoefficients should be at least 7. */ + assert(numCoefficients >= 7 && numCoefficients <= 255); ++ if (numCoefficients < 7 || numCoefficients > 255) ++ { ++ _af_error(AF_BAD_HEADER, ++ "Bad number of coefficients"); ++ return AF_FAIL; ++ } + + m_msadpcmNumCoefficients = numCoefficients; + +-- +2.11.0 + From patchwork Wed Oct 1 13:52:33 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71460 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 87442CCD185 for ; Wed, 1 Oct 2025 13:53:08 +0000 (UTC) Received: from mail-ed1-f51.google.com (mail-ed1-f51.google.com [209.85.208.51]) by mx.groups.io with SMTP id smtpd.web11.18620.1759326778852223145 for ; Wed, 01 Oct 2025 06:52:59 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=m+PP8g5Y; spf=pass (domain: gmail.com, ip: 209.85.208.51, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f51.google.com with SMTP id 4fb4d7f45d1cf-62ec5f750f7so10793760a12.3 for ; Wed, 01 Oct 2025 06:52:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326777; x=1759931577; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=qc5SNt9LTSp0SweB5u91IARqXHqFBBuijhc9lvnv7DU=; b=m+PP8g5YAr8dk/2oxNOiz39B51WNqCZ+ZXoOsRh7YWCWrW5cpCZN3dv0Sgfl6I+3M9 ivVlofiLBa/5ISq7nu+hQ6q4+4Etu0K2Ogh/C6XiuWue509VCRuqPY+Lq1ikmx6ggF8m MHtuMOh1p6zpHi5Y5iKDoVGHvsDTDl6/EG2eKddSrnkKG43HmOmCud3yZUvL+Ys7qSFz bbYzuMGgs6kb3A33kEhJAdxp05kBxlhhb2vc4hH+nLgKmfq+BSliLI3RQ1DF6Pl6mU1X Q8tP53s4zT+RaaeVRIVZM0oi5t6RGu/BCgqfIPO100Ie4I1XXfh+llNcPC1DylC1BC7X L6FQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326777; x=1759931577; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=qc5SNt9LTSp0SweB5u91IARqXHqFBBuijhc9lvnv7DU=; b=LruJ9QIVskbhUb1kIcmVGM6FFHMk+tsqgysGYZA4QJJsvQWzVWpxH3PdQXl+RuoKJe L90Gc+8+c3w9P9AYKT+iZd9c2JPPihs4OjELLdjbpntzOuqoT1XL/Q9GykBKKTqgqFY4 3wEV6KE56HK5ZboGqd9pOD4xUrFI1N448TgpCN0hOpWFvRzJbsoHZ5jibCgXPJvzFR+w NIu3q4ZJYN2otQf/ceSHNa9PazI2KOGnEVSoCIhFA2NNz8S4lV0YWCtZPNe+fK9A0sVb TM5XNEeanc0s+iZ/tKrFxz8a9tVpN9b7mOo+baTc0Lz0UUUXfRhK9Pu8HGmn/ij3fbY7 ZHXA== X-Gm-Message-State: AOJu0YzGu94o/0hYOA6540aqpKgPYBCGlmvFH6paG2ZL63LK2D05QIoL BVmh2uiKkjDqQlJI5Ea8IgfUVVl4FETWr506ZRY1l85/R0oC/grR/hIxfFecZQ== X-Gm-Gg: ASbGncvMBIsogN9xLPlvnKtaYFK6gI564zv6zBkxuHkcMfEVUpjD2PPUu/XAojWwG18 Qpy42zlZ95/BXO7l+q4n5UODwbevkGo6QWosiSf7vTgj3sw61e48r22G1o1xb/9hoKDlzRPjSZI GOxleHfFonAKQ+NZoaayqte70EhTEy8di0LqxZrEzPsPiPo3pcWMJlybVQ9DelIKYPqiJyTD5mg wy2K5AS5cKzk1xPsKu2kfM4HUqXgx1bW3JPKFPawoA0JvkoxhOi/4xJyAf3lRl8I9rH0nr3szv5 KlRSCf7B9f0Wwa8kfUmwgoN7VZ6mc1PTDNdxvHq9RhNTLA8hJ4kCIGcVJs79hPFk+IhO3GuJdBB kfQQ56GRpzCln0Dc86wX7APMZkyx9A7ioIrjCzZejGNs5 X-Google-Smtp-Source: AGHT+IEko+JOF1n2q0Fy8z5h9eN3u1KNxVO3rzqb2usPO9Gnf0Nd8yMcjDGN1dUs8KEEXeZqtLcFfQ== X-Received: by 2002:a05:6402:1ec9:b0:636:740:e4f8 with SMTP id 4fb4d7f45d1cf-63678c4d390mr4152580a12.18.1759326777069; Wed, 01 Oct 2025 06:52:57 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.52.56 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:52:56 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 15/25] audiofile: patch CVE-2017-6829 Date: Wed, 1 Oct 2025 15:52:33 +0200 Message-ID: <20251001135243.1490753-16-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:53:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120130 From: Peter Marko Use patch from buildroot: https://github.com/buildroot/buildroot/commit/434890df2a7c131b40fec1c49e6239972ab299d2 Signed-off-by: Peter Marko Signed-off-by: Khem Raj (cherry picked from commit f29fbaa4650201a059c65572947ed8faa991fcd8) Signed-off-by: Gyorgy Sarvari --- .../audiofile/audiofile_0.3.6.bb | 1 + ...ues-to-fix-index-overflow-in-IMA.cpp.patch | 43 +++++++++++++++++++ 2 files changed, 44 insertions(+) create mode 100644 meta-oe/recipes-multimedia/audiofile/files/0005-clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch diff --git a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb index 89604f71a0..ec162154b6 100644 --- a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb +++ b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb @@ -14,6 +14,7 @@ SRC_URI = " \ file://0002-fix-build-on-gcc6.patch \ file://0003-fix-CVE-2015-7747.patch \ file://0004-Always-check-the-number-of-coefficients.patch \ + file://0005-clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch \ " SRC_URI[md5sum] = "235dde14742317328f0109e9866a8008" SRC_URI[sha256sum] = "ea2449ad3f201ec590d811db9da6d02ffc5e87a677d06b92ab15363d8cb59782" diff --git a/meta-oe/recipes-multimedia/audiofile/files/0005-clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch b/meta-oe/recipes-multimedia/audiofile/files/0005-clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch new file mode 100644 index 0000000000..00bb7e597e --- /dev/null +++ b/meta-oe/recipes-multimedia/audiofile/files/0005-clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch @@ -0,0 +1,43 @@ +From 25eb00ce913452c2e614548d7df93070bf0d066f Mon Sep 17 00:00:00 2001 +From: Antonio Larrosa +Date: Mon, 6 Mar 2017 18:02:31 +0100 +Subject: [PATCH] clamp index values to fix index overflow in IMA.cpp + +This fixes #33 +(also reported at https://bugzilla.opensuse.org/show_bug.cgi?id=1026981 +and https://blogs.gentoo.org/ago/2017/02/20/audiofile-global-buffer-overflow-in-decodesample-ima-cpp/) + +Signed-off-by: Peter Korsgaard + +CVE: CVE-2017-6829 +Upstream-Status: Inactive-Upstream [lastrelease: 2013] +Signed-off-by: Peter Marko +--- + libaudiofile/modules/IMA.cpp | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/libaudiofile/modules/IMA.cpp b/libaudiofile/modules/IMA.cpp +index 7476d44..df4aad6 100644 +--- a/libaudiofile/modules/IMA.cpp ++++ b/libaudiofile/modules/IMA.cpp +@@ -169,7 +169,7 @@ int IMA::decodeBlockWAVE(const uint8_t *encoded, int16_t *decoded) + if (encoded[1] & 0x80) + m_adpcmState[c].previousValue -= 0x10000; + +- m_adpcmState[c].index = encoded[2]; ++ m_adpcmState[c].index = clamp(encoded[2], 0, 88); + + *decoded++ = m_adpcmState[c].previousValue; + +@@ -210,7 +210,7 @@ int IMA::decodeBlockQT(const uint8_t *encoded, int16_t *decoded) + predictor -= 0x10000; + + state.previousValue = clamp(predictor, MIN_INT16, MAX_INT16); +- state.index = encoded[1] & 0x7f; ++ state.index = clamp(encoded[1] & 0x7f, 0, 88); + encoded += 2; + + for (int n=0; n X-Patchwork-Id: 71452 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 28595CCA470 for ; Wed, 1 Oct 2025 13:53:08 +0000 (UTC) Received: from mail-ed1-f51.google.com (mail-ed1-f51.google.com [209.85.208.51]) by mx.groups.io with SMTP id smtpd.web10.18464.1759326779592845383 for ; Wed, 01 Oct 2025 06:52:59 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=FjEEHUa0; spf=pass (domain: gmail.com, ip: 209.85.208.51, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f51.google.com with SMTP id 4fb4d7f45d1cf-6364eb32535so5749512a12.1 for ; Wed, 01 Oct 2025 06:52:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326778; x=1759931578; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=utPQeCHpSqKcUaVB3LTX5z7111i+tmUGFopqi221CoY=; b=FjEEHUa00yQzUuiO72JS1OkvIjJIhnIskT0mXDLNqXcFsesQo5n8Q6elY/ctbUn5ib BfhIkbK6ER9irXE0Yn/m/Fgv84qO2r7JcYjWcED0lmqsgSNeDE/AtNK1If8Xn+VqXq3m bCz0zESipTWh2fIL0mQnZY8Pf3Km+i/dhoD3HHCxDjESL98YBYIqX9H8FBMZi4WxiNnJ 7AuEgOySJ0JNYZxPwv9VEeMYQfVZw4zB7E94TWMXYsQNE7GK97gGD024F2oCXBAd8rwC DCQdnrGLe1/QSNGiInRxFQxLnPCq5O46v/msz6XDUpxIZvR8LpJj8F3UpS5nt6AomMnH LnkA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326778; x=1759931578; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=utPQeCHpSqKcUaVB3LTX5z7111i+tmUGFopqi221CoY=; b=T3yKp/QMSrVB8fZ6++L8Arivg7VUWVL4G2w3+JsUP17ZkrwivwLxyvVRIzq2xdOIMz 4QlnXVEeVxdeYlygQ61l8vpCSsKREUoT8DdxmCdzy43hGYpP4Oc9ZtQZRT5ehM2+Befl 5WeYeLDc/Yc6omCY1WLb4KIrCU5voWGCaXblQ0te+N31L39sRsDqxREYVPvP15+a+2TV mtEMjP06RToZCgZ9WEhjNzEnKSju3hbBLueSuP1YFj6vp3J5qGpubd7Gee5D04cXg207 WLG2g4tdeXAmbbL61C/yPi72fRz6SZBEw16ejpI6gY2aBCQh1LFG++Z0Z628pbOWNnIH +tFw== X-Gm-Message-State: AOJu0Yy43epVEsj9l+UqO7ZTNp1wMx8VM4XBFs2vZPKE75OVRgMKOo9+ fi7UfaBcZHZVQg9orieyVsCry8Py2TtzlsQ85VIRIUxVklAL+WoQ6q7dGQoSAw== X-Gm-Gg: ASbGncuR6FZf83KcSsuycVGu14jZCDqakgUl0x8i91xxjIrqTx0qwHB4G9gpTiLBp3c wczRXsfli2EUMTe/7UGixO5t6QRkfhy2lc4ya6JRik+iS7z1u6xP/oKcbOCsdnJdC8F3jbi3ytR vqoABA+jZj+/KFUZZ8iSz0CtYman2p0xtyQPvR9bXc3C+sOL8yUXpTYktMbYrJirjHVZicOV1b3 g4pjlwxa1zCL7nQb015ayT5n2tJt8qcds7gAMl+mW+LPzO1kELDkNUcTP13qko1FWNbwf7SfpP/ cnwAwaZVsrvqVsRrUhCAVqe9+1uecUk/i6PgY79O0GrFFYRay2PVMWSlOEOejECeU6oQMo8zZYN gnx13A5Uj+xDpvB9zlbfAEgyMqM4dLcL+6DGygeHfvlZf X-Google-Smtp-Source: AGHT+IEdoEEFfNr9hfIc+t3qshGTng04ZfLKvFCrHNcbfemjoVno/sluS+XJWRkoO4HvjLqaT2U4dw== X-Received: by 2002:a05:6402:348b:b0:62e:de67:6543 with SMTP id 4fb4d7f45d1cf-63678bcb5d7mr3663293a12.4.1759326777889; Wed, 01 Oct 2025 06:52:57 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.52.57 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:52:57 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 16/25] audiofile: fix multiple CVEs Date: Wed, 1 Oct 2025 15:52:34 +0200 Message-ID: <20251001135243.1490753-17-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:53:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120131 From: Peter Marko CVE-2017-6830 / CVE-2017-6834 / CVE-2017-6836 / CVE-2017-6838 Use patch from buildroot: https://github.com/buildroot/buildroot/commit/4a1a8277bba490d227f413e218138e39f1fe1203 Signed-off-by: Peter Marko Signed-off-by: Khem Raj (cherry picked from commit 75f2bd2b3b145d8282db9926d8212c6d81bde99e) Signed-off-by: Gyorgy Sarvari --- .../audiofile/audiofile_0.3.6.bb | 1 + ...multiplication-overflow-in-sfconvert.patch | 79 +++++++++++++++++++ 2 files changed, 80 insertions(+) create mode 100644 meta-oe/recipes-multimedia/audiofile/files/0006-Check-for-multiplication-overflow-in-sfconvert.patch diff --git a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb index ec162154b6..0ed3853553 100644 --- a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb +++ b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb @@ -15,6 +15,7 @@ SRC_URI = " \ file://0003-fix-CVE-2015-7747.patch \ file://0004-Always-check-the-number-of-coefficients.patch \ file://0005-clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch \ + file://0006-Check-for-multiplication-overflow-in-sfconvert.patch \ " SRC_URI[md5sum] = "235dde14742317328f0109e9866a8008" SRC_URI[sha256sum] = "ea2449ad3f201ec590d811db9da6d02ffc5e87a677d06b92ab15363d8cb59782" diff --git a/meta-oe/recipes-multimedia/audiofile/files/0006-Check-for-multiplication-overflow-in-sfconvert.patch b/meta-oe/recipes-multimedia/audiofile/files/0006-Check-for-multiplication-overflow-in-sfconvert.patch new file mode 100644 index 0000000000..ec21b09f30 --- /dev/null +++ b/meta-oe/recipes-multimedia/audiofile/files/0006-Check-for-multiplication-overflow-in-sfconvert.patch @@ -0,0 +1,79 @@ +From 7d65f89defb092b63bcbc5d98349fb222ca73b3c Mon Sep 17 00:00:00 2001 +From: Antonio Larrosa +Date: Mon, 6 Mar 2017 13:54:52 +0100 +Subject: [PATCH] Check for multiplication overflow in sfconvert + +Checks that a multiplication doesn't overflow when +calculating the buffer size, and if it overflows, +reduce the buffer size instead of failing. + +This fixes the 00192-audiofile-signintoverflow-sfconvert case +in #41 + +Signed-off-by: Peter Korsgaard + +CVE: CVE-2017-6830 +CVE: CVE-2017-6834 +CVE: CVE-2017-6836 +CVE: CVE-2017-6838 +Upstream-Status: Inactive-Upstream [lastrelease: 2013] +Signed-off-by: Peter Marko +--- + sfcommands/sfconvert.c | 34 ++++++++++++++++++++++++++++++++-- + 1 file changed, 32 insertions(+), 2 deletions(-) + +diff --git a/sfcommands/sfconvert.c b/sfcommands/sfconvert.c +index 80a1bc4..970a3e4 100644 +--- a/sfcommands/sfconvert.c ++++ b/sfcommands/sfconvert.c +@@ -45,6 +45,33 @@ void printusage (void); + void usageerror (void); + bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid); + ++int firstBitSet(int x) ++{ ++ int position=0; ++ while (x!=0) ++ { ++ x>>=1; ++ ++position; ++ } ++ return position; ++} ++ ++#ifndef __has_builtin ++#define __has_builtin(x) 0 ++#endif ++ ++int multiplyCheckOverflow(int a, int b, int *result) ++{ ++#if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow)) ++ return __builtin_mul_overflow(a, b, result); ++#else ++ if (firstBitSet(a)+firstBitSet(b)>31) // int is signed, so we can't use 32 bits ++ return true; ++ *result = a * b; ++ return false; ++#endif ++} ++ + int main (int argc, char **argv) + { + if (argc == 2) +@@ -323,8 +350,11 @@ bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid) + { + int frameSize = afGetVirtualFrameSize(infile, trackid, 1); + +- const int kBufferFrameCount = 65536; +- void *buffer = malloc(kBufferFrameCount * frameSize); ++ int kBufferFrameCount = 65536; ++ int bufferSize; ++ while (multiplyCheckOverflow(kBufferFrameCount, frameSize, &bufferSize)) ++ kBufferFrameCount /= 2; ++ void *buffer = malloc(bufferSize); + + AFframecount totalFrames = afGetFrameCount(infile, AF_DEFAULT_TRACK); + AFframecount totalFramesWritten = 0; +-- +2.11.0 + From patchwork Wed Oct 1 13:52:35 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71457 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4C2D0CAC5BB for ; Wed, 1 Oct 2025 13:53:08 +0000 (UTC) Received: from mail-ed1-f42.google.com (mail-ed1-f42.google.com [209.85.208.42]) by mx.groups.io with SMTP id smtpd.web11.18623.1759326780368873387 for ; Wed, 01 Oct 2025 06:53:00 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=BzJ1EliG; spf=pass (domain: gmail.com, ip: 209.85.208.42, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f42.google.com with SMTP id 4fb4d7f45d1cf-631df7b2dffso2348619a12.1 for ; Wed, 01 Oct 2025 06:53:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326779; x=1759931579; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=nm4wl737p5wXRIo9qntG3zInJweH/t06/6SObAflwro=; b=BzJ1EliG5jExJ8Zt9aD2KTC2XXw+zKF7CMZsbcp10iHfAT+sUigFT7if+DO0QmWDkI gS9PHGvKHMG53NHKa+xI/Bs1hYXgauxEP38Z2+OUbHhN219Dz98uiW0ayTIV2nwgXHSd jry/MclNpLAjwhTo12GICnmDwNVvAT+4lAV+90h4d91BrgjBvw8iohm/Dav15WGBJ8kC gXkPeQKosGhNKajH1IYAuwiYC+grg0cr+dGyd4NIEQgI6UsB9q9WKH9LqfuNoJUQX2bq 5eAY7010DyJaZZ3544ZO9mrJIUlAPdYyxCtDDKkLD0PQ0hnk6lXVi/KjCB97dtGcgxta PzzQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326779; x=1759931579; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=nm4wl737p5wXRIo9qntG3zInJweH/t06/6SObAflwro=; b=G7GRaiUoPKZxtfsomMgtFJHWKyZb2MFRSImHyILV0fE1j9Yo6hUAmSHkRV+0scUAJc FOTwg19e9Yw76TA29aNFByzCvi2Vui/l5BiR60b5455PNJJKMydRY++VYHv8Xa4YxOcm hpYkl2KX1Y6Q/786ZCD32UM+yefL6eWr/n9SXFm50mNUlGXo/r1MSkmICUw9rXkE+qXQ hZZY+13vJN6H9PLyzy/qxRkOLkbP+2EQeiyNtszr/we4291+OvMxQ54nSye8sarttmcz 8Sj30VVYQzrk0rzBIkAOUd0BQau66u6LWin0mW4TfJ2EJFgZjjxtjLPgriucjDda+C5v m7uw== X-Gm-Message-State: AOJu0YwBqfyMe7/DwpAHpSoWSqA5hUnHCMqLkVvgz7YfUX+BtwAuRDjV uJNqbTwHDmdpA+F63U1F9tPhItKlsDiD+I5dXl4u8O+HTLKe+wLnqDsGIl7+xQ== X-Gm-Gg: ASbGnct4EuZ1mubztugqnVwxspUZqLSb/Z2RTIorlG3Y1pGbOgZOv4fUlxmAkqyBY7u RccWr7H+wyG3JfLyOexOKi4fsk+CHirXtqjbsu8bw6QYzlSkwZAqz40ld/MjYJaTQk0Tib4fDQv 4UqtDMl/5Fce+gtSsOBoZzr1NoVtuD+e+wbaytXog68C1N8fLSg4wGo623O/0shT6xBe1W95R0G LwJ0m1/TNXmnhIvQpgA67kq5d476ycBZloZmLq/5MGJqB84l6pRlVciXWNRf/EhgQxFMfGOCZvs QahPKvEDL9LybQefsBYdwXSTM4Iv89HhgEqjxajxjXbxMA4l0LbMUwX+/8A7XyhiVaEk9/OY7i2 oShQZcHLdPkIrxyNs63cF4e8dCaizRE/G51u87lkP8BctciK5OejPPgA= X-Google-Smtp-Source: AGHT+IFfeU6Rt/ZylEon3NCq0bxSyUhFoE6LA9/jDJwCfwCoT0Hnd4YHy9cjGdiklEiDrxLS2c5A6g== X-Received: by 2002:a50:9ee9:0:b0:62f:9091:ff30 with SMTP id 4fb4d7f45d1cf-6365aae4d2cmr6767430a12.3.1759326778595; Wed, 01 Oct 2025 06:52:58 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.52.57 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:52:58 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 17/25] audiofile: patch CVE-2017-6831 Date: Wed, 1 Oct 2025 15:52:35 +0200 Message-ID: <20251001135243.1490753-18-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:53:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120132 From: Peter Marko Use patch from buildroot: https://github.com/buildroot/buildroot/commit/bd5f84d301c4e74ca200a9336eca88468ec0e1f3 Signed-off-by: Peter Marko Signed-off-by: Khem Raj (cherry picked from commit 9d668989b1447fb19aff55c1a47acdf8d4e8c5e2) Signed-off-by: Gyorgy Sarvari --- .../audiofile/audiofile_0.3.6.bb | 1 + ...ail-when-error-occurs-in-parseFormat.patch | 46 +++++++++++++++++++ 2 files changed, 47 insertions(+) create mode 100644 meta-oe/recipes-multimedia/audiofile/files/0007-Actually-fail-when-error-occurs-in-parseFormat.patch diff --git a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb index 0ed3853553..4fe6657a97 100644 --- a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb +++ b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb @@ -16,6 +16,7 @@ SRC_URI = " \ file://0004-Always-check-the-number-of-coefficients.patch \ file://0005-clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch \ file://0006-Check-for-multiplication-overflow-in-sfconvert.patch \ + file://0007-Actually-fail-when-error-occurs-in-parseFormat.patch \ " SRC_URI[md5sum] = "235dde14742317328f0109e9866a8008" SRC_URI[sha256sum] = "ea2449ad3f201ec590d811db9da6d02ffc5e87a677d06b92ab15363d8cb59782" diff --git a/meta-oe/recipes-multimedia/audiofile/files/0007-Actually-fail-when-error-occurs-in-parseFormat.patch b/meta-oe/recipes-multimedia/audiofile/files/0007-Actually-fail-when-error-occurs-in-parseFormat.patch new file mode 100644 index 0000000000..38294ca200 --- /dev/null +++ b/meta-oe/recipes-multimedia/audiofile/files/0007-Actually-fail-when-error-occurs-in-parseFormat.patch @@ -0,0 +1,46 @@ +From a2e9eab8ea87c4ffc494d839ebb4ea145eb9f2e6 Mon Sep 17 00:00:00 2001 +From: Antonio Larrosa +Date: Mon, 6 Mar 2017 18:59:26 +0100 +Subject: [PATCH] Actually fail when error occurs in parseFormat + +When there's an unsupported number of bits per sample or an invalid +number of samples per block, don't only print an error message using +the error handler, but actually stop parsing the file. + +This fixes #35 (also reported at +https://bugzilla.opensuse.org/show_bug.cgi?id=1026983 and +https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-imadecodeblockwave-ima-cpp/ +) + +Signed-off-by: Peter Korsgaard + +CVE: CVE-2017-6831 +Upstream-Status: Inactive-Upstream [lastrelease: 2013] +Signed-off-by: Peter Marko +--- + libaudiofile/WAVE.cpp | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/libaudiofile/WAVE.cpp b/libaudiofile/WAVE.cpp +index 0e81cf7..d762249 100644 +--- a/libaudiofile/WAVE.cpp ++++ b/libaudiofile/WAVE.cpp +@@ -326,6 +326,7 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size) + { + _af_error(AF_BAD_NOT_IMPLEMENTED, + "IMA ADPCM compression supports only 4 bits per sample"); ++ return AF_FAIL; + } + + int bytesPerBlock = (samplesPerBlock + 14) / 8 * 4 * channelCount; +@@ -333,6 +334,7 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size) + { + _af_error(AF_BAD_CODEC_CONFIG, + "Invalid samples per block for IMA ADPCM compression"); ++ return AF_FAIL; + } + + track->f.sampleWidth = 16; +-- +2.11.0 + From patchwork Wed Oct 1 13:52:36 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71456 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5EE8BCCD182 for ; Wed, 1 Oct 2025 13:53:08 +0000 (UTC) Received: from mail-ed1-f44.google.com (mail-ed1-f44.google.com [209.85.208.44]) by mx.groups.io with SMTP id smtpd.web10.18465.1759326781026562037 for ; Wed, 01 Oct 2025 06:53:01 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=dfu5QcuJ; spf=pass (domain: gmail.com, ip: 209.85.208.44, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f44.google.com with SMTP id 4fb4d7f45d1cf-61cc281171cso14583761a12.0 for ; Wed, 01 Oct 2025 06:53:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326779; x=1759931579; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=oGMnyDlExOQUIMBDAErbX5azexesU6t7fqOSDN98wWg=; b=dfu5QcuJ3RqnTMsfiNswNMHQj1/FBdU9+TsBZv6ym4+Ozp4bA2dPDOZ72ajxX2WsGP kAuL2LuNh7Ouk0kynq34jZcAqNeIhw18UE1E/ZbTxme5WOrm/uspBWJeoHwgVlEGfb8k w4PxGYTm4aBRVDP5XPQnDrT8YDqVoJHAa+Oc25FFUNbpQ0fIc9QqVMGcLSUqX8NQdi5o HnkNMyxBw7fCtiFpQcvIulAMVFHmuWBUvJ/0XxZUQSr1lOW6LKhu5J+vNGX35J+d3peE O3qdI9gTB3FhnL7M/kVqtdA1KcH5rrsQZEbyX/diy1e+7NQZQRY8WArU+c0Bc0OKdzVO HEHQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326779; x=1759931579; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=oGMnyDlExOQUIMBDAErbX5azexesU6t7fqOSDN98wWg=; b=Qf9LyMHMK/D9QgoNBPpzvV+/ckF/Se+oUjGpjHLV3zHUysHf3ZCentmjfwWOZJxIyJ c2G78+CFuy005UcVx3c9CyhW6S7Fi4uujD3musPjrTTFpfPDlAkqyAbr7/gT9CgbnA8z QJ8Q/x9bN2lxm9tafKnOvg5I5vDJjeXtuoY8LVUrYrxAR4ohn/+64+4ZmvfCOyRJyI3Q XWU8UCXwHDC8cmOigHUra80LU1wrlS5IBIcNMew7cDgp8Q2TlBBpmfcHsIzfe0erWAog 8YDNJcPAPSBVIdLnxgVCIoElYL2qXCgH43BHs2TMQ/yZMP9PGxr32/N2B4nHt8gALIYZ DVmQ== X-Gm-Message-State: AOJu0YxnR/Pp7GAD2cLyswajnPOPKRFiOwXuhG9yqzizgACEapZU6V1S 4PQwYtXDoE26HQPsq2/s6qqvTXXnKjdHVwiuTkNjbX6zofhkihzkj4PeuQWTiw== X-Gm-Gg: ASbGnct0yLYSAp6e/xwAu13LILyZ8lKY5PB5pKceXo6HNhabqRpr7hcyM58ZLw/zqfg 03qH+L95yDaAukXL2D/WfVIzDQTb68vuQBu839gaekuAnKD3baC7v0bip7joCGWaxTzExHQfWnD zONdv0xVAQ/LLDWpOWA9vOxemZBh4wD9o30iYG6vlO2ViDjgybef/MxUb7aZAGrVblqwE4zjb1U i12BYc4x4Wy1NSm7Z4eAYNk700bsPRKrgn0Ks6Llvu2hVPfKIHlmhHHNUtQd/jG86jP2jNOSSRq zQKhKZE9lRP5qvc5oLP37KPP1F8V3ePFQ6o/Mm7Ql4RpbzgtR5xb68iTjnLk7HmWOj/FsDXVNpn gBogIJOOm3ssgfanrfPi7HjDkCmweU3uRonxc1BZtogBF X-Google-Smtp-Source: AGHT+IGeipOSGH5l/t2w5UJ+kvqmkWyYKouuRavuz85pAZuS3x5/O11V3tFLnNFkCjb4q7XPjgl8QA== X-Received: by 2002:a05:6402:26d1:b0:62f:32c7:6c2b with SMTP id 4fb4d7f45d1cf-63678bcf1e9mr3939631a12.11.1759326779240; Wed, 01 Oct 2025 06:52:59 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.52.58 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:52:58 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 18/25] audiofile: patch CVE-2017-6839 Date: Wed, 1 Oct 2025 15:52:36 +0200 Message-ID: <20251001135243.1490753-19-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:53:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120133 From: Peter Marko Use patch from buildroot: https://github.com/buildroot/buildroot/commit/844a7c6281eb442881330a5d36d5a0719f2870bf Signed-off-by: Peter Marko Signed-off-by: Khem Raj (cherry picked from commit 88faae83b2b0e68827c457f4f348f7d7868f5258) Signed-off-by: Gyorgy Sarvari --- .../audiofile/audiofile_0.3.6.bb | 1 + ...lication-overflow-in-MSADPCM-decodeS.patch | 126 ++++++++++++++++++ 2 files changed, 127 insertions(+) create mode 100644 meta-oe/recipes-multimedia/audiofile/files/0008-Check-for-multiplication-overflow-in-MSADPCM-decodeS.patch diff --git a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb index 4fe6657a97..dd8784ae8e 100644 --- a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb +++ b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb @@ -17,6 +17,7 @@ SRC_URI = " \ file://0005-clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch \ file://0006-Check-for-multiplication-overflow-in-sfconvert.patch \ file://0007-Actually-fail-when-error-occurs-in-parseFormat.patch \ + file://0008-Check-for-multiplication-overflow-in-MSADPCM-decodeS.patch \ " SRC_URI[md5sum] = "235dde14742317328f0109e9866a8008" SRC_URI[sha256sum] = "ea2449ad3f201ec590d811db9da6d02ffc5e87a677d06b92ab15363d8cb59782" diff --git a/meta-oe/recipes-multimedia/audiofile/files/0008-Check-for-multiplication-overflow-in-MSADPCM-decodeS.patch b/meta-oe/recipes-multimedia/audiofile/files/0008-Check-for-multiplication-overflow-in-MSADPCM-decodeS.patch new file mode 100644 index 0000000000..857ed78c59 --- /dev/null +++ b/meta-oe/recipes-multimedia/audiofile/files/0008-Check-for-multiplication-overflow-in-MSADPCM-decodeS.patch @@ -0,0 +1,126 @@ +From beacc44eb8cdf6d58717ec1a5103c5141f1b37f9 Mon Sep 17 00:00:00 2001 +From: Antonio Larrosa +Date: Mon, 6 Mar 2017 13:43:53 +0100 +Subject: [PATCH] Check for multiplication overflow in MSADPCM decodeSample + +Check for multiplication overflow (using __builtin_mul_overflow +if available) in MSADPCM.cpp decodeSample and return an empty +decoded block if an error occurs. + +This fixes the 00193-audiofile-signintoverflow-MSADPCM case of #41 + +Signed-off-by: Peter Korsgaard + +CVE: CVE-2017-6839 +Upstream-Status: Inactive-Upstream [lastrelease: 2013] +Signed-off-by: Peter Marko +--- + libaudiofile/modules/BlockCodec.cpp | 5 ++-- + libaudiofile/modules/MSADPCM.cpp | 47 +++++++++++++++++++++++++++++++++---- + 2 files changed, 46 insertions(+), 6 deletions(-) + +diff --git a/libaudiofile/modules/BlockCodec.cpp b/libaudiofile/modules/BlockCodec.cpp +index 45925e8..4731be1 100644 +--- a/libaudiofile/modules/BlockCodec.cpp ++++ b/libaudiofile/modules/BlockCodec.cpp +@@ -52,8 +52,9 @@ void BlockCodec::runPull() + // Decompress into m_outChunk. + for (int i=0; i(m_inChunk->buffer) + i * m_bytesPerPacket, +- static_cast(m_outChunk->buffer) + i * m_framesPerPacket * m_track->f.channelCount); ++ if (decodeBlock(static_cast(m_inChunk->buffer) + i * m_bytesPerPacket, ++ static_cast(m_outChunk->buffer) + i * m_framesPerPacket * m_track->f.channelCount)==0) ++ break; + + framesRead += m_framesPerPacket; + } +diff --git a/libaudiofile/modules/MSADPCM.cpp b/libaudiofile/modules/MSADPCM.cpp +index 8ea3c85..ef9c38c 100644 +--- a/libaudiofile/modules/MSADPCM.cpp ++++ b/libaudiofile/modules/MSADPCM.cpp +@@ -101,24 +101,60 @@ static const int16_t adaptationTable[] = + 768, 614, 512, 409, 307, 230, 230, 230 + }; + ++int firstBitSet(int x) ++{ ++ int position=0; ++ while (x!=0) ++ { ++ x>>=1; ++ ++position; ++ } ++ return position; ++} ++ ++#ifndef __has_builtin ++#define __has_builtin(x) 0 ++#endif ++ ++int multiplyCheckOverflow(int a, int b, int *result) ++{ ++#if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow)) ++ return __builtin_mul_overflow(a, b, result); ++#else ++ if (firstBitSet(a)+firstBitSet(b)>31) // int is signed, so we can't use 32 bits ++ return true; ++ *result = a * b; ++ return false; ++#endif ++} ++ ++ + // Compute a linear PCM value from the given differential coded value. + static int16_t decodeSample(ms_adpcm_state &state, +- uint8_t code, const int16_t *coefficient) ++ uint8_t code, const int16_t *coefficient, bool *ok=NULL) + { + int linearSample = (state.sample1 * coefficient[0] + + state.sample2 * coefficient[1]) >> 8; ++ int delta; + + linearSample += ((code & 0x08) ? (code - 0x10) : code) * state.delta; + + linearSample = clamp(linearSample, MIN_INT16, MAX_INT16); + +- int delta = (state.delta * adaptationTable[code]) >> 8; ++ if (multiplyCheckOverflow(state.delta, adaptationTable[code], &delta)) ++ { ++ if (ok) *ok=false; ++ _af_error(AF_BAD_COMPRESSION, "Error decoding sample"); ++ return 0; ++ } ++ delta >>= 8; + if (delta < 16) + delta = 16; + + state.delta = delta; + state.sample2 = state.sample1; + state.sample1 = linearSample; ++ if (ok) *ok=true; + + return static_cast(linearSample); + } +@@ -212,13 +248,16 @@ int MSADPCM::decodeBlock(const uint8_t *encoded, int16_t *decoded) + { + uint8_t code; + int16_t newSample; ++ bool ok; + + code = *encoded >> 4; +- newSample = decodeSample(*state[0], code, coefficient[0]); ++ newSample = decodeSample(*state[0], code, coefficient[0], &ok); ++ if (!ok) return 0; + *decoded++ = newSample; + + code = *encoded & 0x0f; +- newSample = decodeSample(*state[1], code, coefficient[1]); ++ newSample = decodeSample(*state[1], code, coefficient[1], &ok); ++ if (!ok) return 0; + *decoded++ = newSample; + + encoded++; +-- +2.11.0 + From patchwork Wed Oct 1 13:52:37 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71455 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 60B5BCCD184 for ; Wed, 1 Oct 2025 13:53:08 +0000 (UTC) Received: from mail-ed1-f43.google.com (mail-ed1-f43.google.com [209.85.208.43]) by mx.groups.io with SMTP id smtpd.web10.18468.1759326781850868912 for ; Wed, 01 Oct 2025 06:53:02 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=JWpKSj60; spf=pass (domain: gmail.com, ip: 209.85.208.43, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f43.google.com with SMTP id 4fb4d7f45d1cf-634c01ca9dcso9153420a12.3 for ; Wed, 01 Oct 2025 06:53:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326780; x=1759931580; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=upOBRWRG0r1LvaPtQvBiMy9Th5x3fZcnBmXsj0iuj18=; b=JWpKSj60MHmoYaEPam4TfZDZg4m/wg1cqVqwAmT4TlP1MvfpEoSRK/2s+L1ydt9uYP QtUQDvns/vu+Guy+RMABFSwoj9hCvX3MELL/c/RMrhchRpiaAF++JZltemfUcUJifElW 2TpBUY14rlChz5mEHy1DtBb7tRYt/1v0nXzPidHb1eMN2tlK47+I+yP6iEZPPCNC5W58 B+cEoLZAOZix9jDTFxOwlnNpsZvm2aZL2h16PlEV4jNlbQRnZnWyDjQ23RGs7PAlUDlP bFVoTism8nM3ff7/SGTIFVUSk1zQGYUKE31sPc9g5abVYUw+O51+OQgmTY33fKiGC6zZ bpfQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326780; x=1759931580; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=upOBRWRG0r1LvaPtQvBiMy9Th5x3fZcnBmXsj0iuj18=; b=g7boEUCJK0iFpb8WcQv0pTb7HY+lycPWE8B7sISwcdzkeHSucLREYu6yCwBGXsBaLQ yC4HHAlKGq3i6TypRJoX5H5JHMJdk3toBim/ND1mT/3rkh9G53LRt0tpx+47tcLSGPSG KDOxLD0V8Nq9MpSoMvpkv/4+Kqd+56jdxpql17fqO1nDnf1ptDKKnTisPiezwP8moM6R awk8h7Y9LfCt1IZhxMkMF88GXMn22v0dcI20YBrJYHf7bZMEHSA9C7CbCf3FC2Jyiqaz AeRpsyLZicjq8eD5Y5p6aTwCM+ODbZ/mmgU++xX89ugyJCERynRcHgD7iXQxyZDUKWXh p12Q== X-Gm-Message-State: AOJu0YxtaOHHW5IntYwr37WxDEpYuoHws4tta/fhkkT+PS2Kr+tCN1bx bB0/tnatDm+HjZZfuVmmq0371IEOjYW4saN2bm7i+M8ylgOD8czYI5cl7UhFOQ== X-Gm-Gg: ASbGnctmLmzFaWec7ADfAynarioD1bMMVGoFDRajfNRLb/pAKMRfJfu0Jh99sW2AcZb sCGL/yqQEDGorEzRSm2uhXrk6L1PuHqxZHlZ5SLZELZNHZ2tWwVwkBcelztZX34CndoWm6xdh0g vvsZgISkCyLB44740IFiSQDVGlPpAeFyHjyCq5RK+rp9T3rnlRnVuEmqr6p2XyJwxnxgWmJJhlo /OXu/ltJCBtps6ahYmfTMwKuQ+UnABszG18JacPKb87RQZ8sMbinSDytoQhcJ1tQrU5U/Ju6CgV EnNfDbR79DVXKZ3V7zWJNvNNSGjn5+3rGNRPSVHzZaGb2az1ozBQMsJcoOBxohSun+BlB6GYJec ZOtsJy5lR/A/1cTlZUqztUwYMyOgkQSyStCyyMcizwFiq X-Google-Smtp-Source: AGHT+IG86oZM3QfB44WB1+pOUCJqrN8XcSq1dTF2nT2aygRwhT2bqhNAHngXK1yIMpC/ZXExSpOAOg== X-Received: by 2002:a05:6402:2812:b0:634:ab34:ed40 with SMTP id 4fb4d7f45d1cf-63678a99e53mr4051660a12.0.1759326780086; Wed, 01 Oct 2025 06:53:00 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.52.59 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:52:59 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 19/25] libmad: switch links/SRC_URI to https sites Date: Wed, 1 Oct 2025 15:52:37 +0200 Message-ID: <20251001135243.1490753-20-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:53:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120134 From: Randy MacLeod Switch to the sourceforge SRC_URI since the mars.org site only supports ftp. Also switch the HOMEPAGE and BUGTRACKER links over to https. and drop the obsolete SRC_URI[md5sum]. Signed-off-by: Randy MacLeod Signed-off-by: Khem Raj (cherry picked from commit f61cc5260954e840494194805f6f957f60cd4833) Signed-off-by: Gyorgy Sarvari --- meta-oe/recipes-multimedia/libmad/libmad_0.15.1b.bb | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/meta-oe/recipes-multimedia/libmad/libmad_0.15.1b.bb b/meta-oe/recipes-multimedia/libmad/libmad_0.15.1b.bb index d3ac85ee0b..f197a4238d 100644 --- a/meta-oe/recipes-multimedia/libmad/libmad_0.15.1b.bb +++ b/meta-oe/recipes-multimedia/libmad/libmad_0.15.1b.bb @@ -1,6 +1,6 @@ SUMMARY = "MPEG Audio Decoder library" -HOMEPAGE = "http://sourceforge.net/projects/mad/" -BUGTRACKER = "http://sourceforge.net/tracker/?group_id=12349&atid=112349" +HOMEPAGE = "https://sourceforge.net/projects/mad/" +BUGTRACKER = "https://sourceforge.net/tracker/?group_id=12349&atid=112349" LICENSE = "GPL-2.0-or-later" LICENSE_FLAGS = "commercial" LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \ @@ -10,7 +10,7 @@ SECTION = "libs" DEPENDS = "libid3tag" PR = "r3" -SRC_URI = "ftp://ftp.mars.org/pub/mpeg/libmad-${PV}.tar.gz \ +SRC_URI = "https://downloads.sourceforge.net/mad/libmad-${PV}.tar.gz \ file://no-force-mem.patch \ file://add-pkgconfig.patch \ file://fix_for_mips_with_gcc-4.5.0.patch \ @@ -19,7 +19,6 @@ SRC_URI = "ftp://ftp.mars.org/pub/mpeg/libmad-${PV}.tar.gz \ " SRC_URI:append:toolchain-clang = " file://0004-Remove-clang-unsupported-compiler-flags.patch " -SRC_URI[md5sum] = "1be543bc30c56fb6bea1d7bf6a64e66c" SRC_URI[sha256sum] = "bbfac3ed6bfbc2823d3775ebb931087371e142bb0e9bb1bee51a76a6e0078690" S = "${WORKDIR}/libmad-${PV}" From patchwork Wed Oct 1 13:52:38 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71458 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 71E89CCD183 for ; Wed, 1 Oct 2025 13:53:08 +0000 (UTC) Received: from mail-ed1-f52.google.com (mail-ed1-f52.google.com [209.85.208.52]) by mx.groups.io with SMTP id smtpd.web11.18625.1759326782744968694 for ; Wed, 01 Oct 2025 06:53:03 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=eA80YG3V; spf=pass (domain: gmail.com, ip: 209.85.208.52, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f52.google.com with SMTP id 4fb4d7f45d1cf-634bc2d6137so10945692a12.0 for ; Wed, 01 Oct 2025 06:53:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326781; x=1759931581; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=NUWCf2azVpmr4SifD5nmKBo8K3IxFrXdmMZPbu+r2AU=; b=eA80YG3VPA7BdHbuXR66hmCbhksR6A8ti8jkXIn53UtnGFtr/yEXEUWOQ96FVU7XNW bfYXKbkiyz7546YQiEdd+NMANtGJniHS0hmYjLrx2CRqS83CDo6AKps861MAA517W1ag DWnXCrcvLeoZm72hGAPOs2NYquOJmT9mSeE4TD7nZQ6txZZiwsPBj7nPd5XKRPz4R/4B +jJaTzDEnYfquoi9x0I4LihMfGk6KlEyMC9ZWJkrDvTFyTB9QJlVTpl9HQQhBu7BO2vB zOmTL2e/LMAg6LXbAmVLPJ6llRiM6uX+TyWelnC2Vk6a+3rINIXxXrWRT3BQuC2adQqR ZUhA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326781; x=1759931581; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=NUWCf2azVpmr4SifD5nmKBo8K3IxFrXdmMZPbu+r2AU=; b=sdORjXy7ogfL0PPWoHgMH6/niGAj/GVU2d+uaKl0z8LcW6uouVlpWtZldVJrdK3si2 nynQtz3dhv1k1HmFZgAfByCtmbqDOPdqsn9ELjjnB7R7AqWEZ72TpjrFARn5Xwk2jMmP p8fsYJxKyauyPbhrOfKoXXqQ//iFLJTINCtYboZg8MX5OPIXip8xSumSVWm6ZppVUGiN wWge2pwDMTBgVw75FD3LoTvPiiK7zSRLQXn+5I6Of5NqyfmwJNjMAMXC1vL51sj6h0vH RMjz3WN6mx6TouLEI3cOr/y3K4dgV68VNEftXklKoTUe0H/x3e1uHAJiWr1uS8cF4mIa TtPQ== X-Gm-Message-State: AOJu0YzvwN40iTMBAlXDJ9Q37iV8VHDwMTQWHy5eugfZ9Gz2HEjZY94I JbZrD37Ct9C1hG+9/B/ep1ku7j7aU0PrMAgB7PxytGj0KL6ND5ly6VLbc1+M1A== X-Gm-Gg: ASbGncs3yeu8iq+OdCkvzzssP7AYHzbTrbC1bytazIGDl6V6Q46+5oKtpTMYeDY190A FimpsiLSfqdt5d/LwC9HF9KsnL0HMf0vzIibb+Wv0hXoXxroaI9qGCLWJLgG2ett0GvXggI/fwD 5R+7Xkue4dzmyDEwdbVqCom3+hvn9iqwQB42hgzg+KARA4dpijQzCuSut+zyCFLTAOZf+sEGIlK jtwBMBrQ4HmXGaKRNh1AEC+XzSXfRTqyUE7X2Gn4Js4flnpFU8iDPHVrDjV6K/Fe41Csvun1n/m HJUKmtfzda6qfyiyBoLscXuC9EY64FfX9dC99IwXUrkM13G/ILsJ/nAWIVn30iTsKfpivkC1ePi ME1HZhfL4JiY5jyr8RGoizaDYwB7bGKspT2zmuTg/xXSz X-Google-Smtp-Source: AGHT+IFiD2/tuUrhGb518ldXwbnxX8gJJlGSWbi9mmCX58YjjTGmqXTbKrpGNAh27BVQ8S9S/SwtdQ== X-Received: by 2002:a05:6402:510b:b0:634:b7a2:3eaf with SMTP id 4fb4d7f45d1cf-63678c4ce67mr4591563a12.18.1759326780913; Wed, 01 Oct 2025 06:53:00 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.53.00 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:53:00 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 20/25] libmad: ignore CVE-2017-11552 and CVE-2018-7263 Date: Wed, 1 Oct 2025 15:52:38 +0200 Message-ID: <20251001135243.1490753-21-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:53:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120135 From: Peter Marko These CVEs are for mpg321, not libmad. See Debian assessment: * https://security-tracker.debian.org/tracker/CVE-2017-11552 * https://security-tracker.debian.org/tracker/CVE-2018-7263 Signed-off-by: Peter Marko Signed-off-by: Khem Raj (cherry picked from commit fee86a312fbcaef7aaad66fe2f6756bd7e57d585) Adapted to Kirkstone. Signed-off-by: Gyorgy Sarvari --- meta-oe/recipes-multimedia/libmad/libmad_0.15.1b.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-oe/recipes-multimedia/libmad/libmad_0.15.1b.bb b/meta-oe/recipes-multimedia/libmad/libmad_0.15.1b.bb index f197a4238d..869ac93da9 100644 --- a/meta-oe/recipes-multimedia/libmad/libmad_0.15.1b.bb +++ b/meta-oe/recipes-multimedia/libmad/libmad_0.15.1b.bb @@ -34,3 +34,6 @@ do_configure:prepend () { } ARM_INSTRUCTION_SET = "arm" + +# cpe-incorrect: this CVE is for mpg321, not libmad +CVE_CHECK_IGNORE += "CVE-2017-11552 CVE-2018-7263" From patchwork Wed Oct 1 13:52:39 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71459 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 788B9CCD186 for ; Wed, 1 Oct 2025 13:53:08 +0000 (UTC) Received: from mail-ed1-f52.google.com (mail-ed1-f52.google.com [209.85.208.52]) by mx.groups.io with SMTP id smtpd.web11.18627.1759326783681388218 for ; Wed, 01 Oct 2025 06:53:03 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=F1TYI4Dn; spf=pass (domain: gmail.com, ip: 209.85.208.52, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f52.google.com with SMTP id 4fb4d7f45d1cf-6366b7fd337so3319754a12.0 for ; Wed, 01 Oct 2025 06:53:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326782; x=1759931582; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=5OLAuhdQ7hsN9OiDH78z6Tfxp99yqel6NKpBKK0GQwg=; b=F1TYI4DnfH/SvD70Tjd1rPZxM+8jvK9+bAIcTiNlykT+N0RgTHlJ1X1pzwWB2wdgt5 ORBQJWWHVH9NfXZY9LHiKblqGO4kYhisFtqrcuu/Y7LxueqOfkrGyhBBiAc1UksBb19n D01uMNN9Na7nS/LArK8pQ9gArBdOq//1r/d3Joj2A+XhXcVLcDeT9Zck5xnLLW5jaLSJ z3NBjBvzjHyAUcjWrYQxDHP9JlE7slI8QtJJCqbvJmyRJS8d4nRRGqi0UpxMlPrPXeG+ aqegRE2y/gorG8eFTVf7u5mCnZtwdqwualbZ8NqMsoC1cpXufS+7gf776qm56ij/pjmb 9m0Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326782; x=1759931582; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=5OLAuhdQ7hsN9OiDH78z6Tfxp99yqel6NKpBKK0GQwg=; b=E8MbDmHKrcIkemizW8EMp0L7WhpjEm3t/FOFYjGlN4FxmOHm4hrYV7wY5SdcdL5efv NUT8quO1N8qyLXd7ArY1zEh1aRFvJ09l/W4qPgNTgfuTdcQOVyzeyX//lSt0z/9BvMwm E8qaP/bo1nWl2ipl3dxFYX9ngb98j0obQEZsLN+FwMpJXju2yaWazlPfRVvNYY4bFK0J m2Agqg+D1/wxdi9KVixUaZOlJa8fnSvd79bwJtv4eooxqBY5AYLy3zRk+2U05tpZBkLX XgeWApNdt/PW1iWuUvJZ2ZR2SuqP5JpMiYLGLK7dRaPhBgUUjPWZ1ZVuL6Y3H6EkfpQ7 25zQ== X-Gm-Message-State: AOJu0YyR3186sRhpNift4/KMDX4Sdc5CDzL+ycBewMx1giTqeBW2PlnS eVFTt55JlEaDmVJeGAmmOEOrR6q3c0X8UlOBQPo7s5Kwt6EtzGhG4rETKWathA== X-Gm-Gg: ASbGncss5nuc5i7mEPaZbyMJ2vEgCMpxthqvWTMsmbf2XGhOQl9zpKn2OIscCRW6rzl nOPBx/F+h8puzbmOiDIXz+Maaf/k36qSona/xE8onp7xFTXzIvVzr7cqnmFew3GgDWNYc3dB627 fkrI/+KFTrU/JwQ+WFl9sPWBhnSxZZc4XD+57pyz5q7ByvEymzbJxIhKo0/nsPsT6POATL/sIFg 8rEBJ+MjR1YuWtZe+yHHlr8X94fnE8OOj/85Dp7ZL0d4e2J5qUuFISeyONc9009PWOuzXrasgXi rsL8FNjCo6BZRq1FhqcGc062cSsrfJ110MBCB2QKIv7Msu7UrNP9Ja1UFg4+RV7fV6emHzpy2QV /pw/vTVbOPVgPc4h3cnRDo3139ExgsWfF4JMFWAKUJPj8v8LCqRQ6K9k= X-Google-Smtp-Source: AGHT+IFW+8INVkajKqEi8Gvq6Azbpnc4gQcdfGs+yt/Eqk0fTXmGyTiD3Qe9nbvVcFhHYfUpmuxfpw== X-Received: by 2002:a05:6402:4409:b0:632:bc36:db59 with SMTP id 4fb4d7f45d1cf-63678bced0amr3916610a12.1.1759326781694; Wed, 01 Oct 2025 06:53:01 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.53.01 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:53:01 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 21/25] libmad: patch CVE-2017-8372 and CVE-2017-8373 Date: Wed, 1 Oct 2025 15:52:39 +0200 Message-ID: <20251001135243.1490753-22-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:53:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120136 From: Peter Marko Pick patch [1] from Debian based on [2] and [3]. [1] https://salsa.debian.org/multimedia-team/libmad/-/blob/debian/0.15.1b-11/debian/patches/md_size.diff?ref_type=tags [2] https://security-tracker.debian.org/tracker/CVE-2017-8372 [3] https://security-tracker.debian.org/tracker/CVE-2017-8373 Signed-off-by: Peter Marko Signed-off-by: Khem Raj (cherry picked from commit 437635f608f2d9b69fefcde9ebfcff2bab64d35e) Signed-off-by: Gyorgy Sarvari --- .../libmad/CVE-2017-8372_CVE-2017-8373.patch | 69 +++++++++++++++++++ .../libmad/libmad_0.15.1b.bb | 1 + 2 files changed, 70 insertions(+) create mode 100644 meta-oe/recipes-multimedia/libmad/libmad/CVE-2017-8372_CVE-2017-8373.patch diff --git a/meta-oe/recipes-multimedia/libmad/libmad/CVE-2017-8372_CVE-2017-8373.patch b/meta-oe/recipes-multimedia/libmad/libmad/CVE-2017-8372_CVE-2017-8373.patch new file mode 100644 index 0000000000..a57df492d0 --- /dev/null +++ b/meta-oe/recipes-multimedia/libmad/libmad/CVE-2017-8372_CVE-2017-8373.patch @@ -0,0 +1,69 @@ +From 7e8f6e5118e31455924940141a761a1589e8d85d Mon Sep 17 00:00:00 2001 +From: Kurt Roeckx +Date: Sun, 28 Jan 2018 15:44:08 +0100 +Subject: [PATCH] Check the size of the main data + +The main data to decode a frame can come from the current frame and part of the +previous frame, the so called bit reservoir. si.main_data_begin is the part of +the previous frame we need for this frame. frame_space is the amount of main +data that can be in this frame, and next_md_begin is the part of this frame that +is going to be used for the next frame. + +The maximum amount of data from a previous frame that the format allows is 511 +bytes. The maximum frame size for the defined bitrates is at MPEG 2.5 layer 2 +at 320 kbit/s and 8 kHz sample rate which gives 72 * (320000 / 8000) + 1 = 2881. +So those defines are not large enough: + # define MAD_BUFFER_GUARD 8 + # define MAD_BUFFER_MDLEN (511 + 2048 + MAD_BUFFER_GUARD) + +There is also support for a "free" bitrate which allows you to create any frame +size, which can be larger than the buffer. + +Changing the defines is not an option since it's part of the ABI, so we check +that the main data fits in the bufer. + +The previous frame data is stored in *stream->main_data and contains +stream->md_len bytes. If stream->md_len is larger than the data we +need from the previous frame (si.main_data_begin) it still wouldn't fit +in the buffer, so just keep the data that we need. + +Source: https://salsa.debian.org/multimedia-team/libmad/-/blob/debian/0.15.1b-11/debian/patches/md_size.diff?ref_type=tags + +CVE: CVE-2017-8372 +CVE: CVE-2017-8373 +Upstream-Status: Inactive-Upstream [lastrelease: 2018] +Signed-off-by: Peter Marko +--- + layer3.c | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +diff --git a/layer3.c b/layer3.c +index 4e5d3fa..7dc4ca6 100644 +--- a/layer3.c ++++ b/layer3.c +@@ -2608,6 +2608,11 @@ int mad_layer_III(struct mad_stream *stream, struct mad_frame *frame) + next_md_begin = 0; + + md_len = si.main_data_begin + frame_space - next_md_begin; ++ if (md_len + MAD_BUFFER_GUARD > MAD_BUFFER_MDLEN) { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + + frame_used = 0; + +@@ -2625,8 +2630,11 @@ int mad_layer_III(struct mad_stream *stream, struct mad_frame *frame) + } + } + else { +- mad_bit_init(&ptr, +- *stream->main_data + stream->md_len - si.main_data_begin); ++ memmove(stream->main_data, ++ *stream->main_data + stream->md_len - si.main_data_begin, ++ si.main_data_begin); ++ stream->md_len = si.main_data_begin; ++ mad_bit_init(&ptr, *stream->main_data); + + if (md_len > si.main_data_begin) { + assert(stream->md_len + md_len - diff --git a/meta-oe/recipes-multimedia/libmad/libmad_0.15.1b.bb b/meta-oe/recipes-multimedia/libmad/libmad_0.15.1b.bb index 869ac93da9..a710af1acc 100644 --- a/meta-oe/recipes-multimedia/libmad/libmad_0.15.1b.bb +++ b/meta-oe/recipes-multimedia/libmad/libmad_0.15.1b.bb @@ -16,6 +16,7 @@ SRC_URI = "https://downloads.sourceforge.net/mad/libmad-${PV}.tar.gz \ file://fix_for_mips_with_gcc-4.5.0.patch \ file://obsolete_automake_macros.patch \ file://automake-foreign.patch \ + file://CVE-2017-8372_CVE-2017-8373.patch \ " SRC_URI:append:toolchain-clang = " file://0004-Remove-clang-unsupported-compiler-flags.patch " From patchwork Wed Oct 1 13:52:40 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71461 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 90FCECCD187 for ; Wed, 1 Oct 2025 13:53:08 +0000 (UTC) Received: from mail-ed1-f47.google.com (mail-ed1-f47.google.com [209.85.208.47]) by mx.groups.io with SMTP id smtpd.web10.18471.1759326784487222444 for ; Wed, 01 Oct 2025 06:53:04 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=Y8W6JzTn; spf=pass (domain: gmail.com, ip: 209.85.208.47, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f47.google.com with SMTP id 4fb4d7f45d1cf-62fc28843ecso9991973a12.1 for ; Wed, 01 Oct 2025 06:53:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326783; x=1759931583; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=F1fvKm4ZF74kddNblvPqfnZQCNSBkewBC7A0tNU7DJM=; b=Y8W6JzTnNDUYmGkJ3tvidf63hzlQ9uukzgLz6uDOuKLi3IyWar2gcgE63L5aT690dt V1BR1dFvBf4Mw6t8F/3bdx9kWi7jS/Wz5vSeqAbEa1eRXCca4RX2tbbUAnDgFP3ew2K7 jb/c4JisgkpGBzgAGdxRwHB85FgPOaV7kiFs/NbONvJ0azBFWbdfoYjxJLKJ0D1Z6H+0 L8Rxwgzqc/sSi1kBfiGFRoungs3Po4ZkXzKO1o+hq9L8tkUgRnytumtDLi3jUxOyVR3p /WGzX5hlUaZlbM7rCLH0BBGrDFyY9a8JamJwa58eCRNgR45vybYZoW5bvCy+Ss5jyFtA hkrQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326783; x=1759931583; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=F1fvKm4ZF74kddNblvPqfnZQCNSBkewBC7A0tNU7DJM=; b=K9llJz1xb5Tb+OKcsu66NCTG76PTOIji33Is6sTYM+vaFDxi6vPRYl/cTjX5G2mJWJ F/ciruZ1oiMQHvrJ/RProTFoiM+SZ0D22XAv53Pqj45pXoaVqQ9aWCylZC14s/rtd8oi /cb8/4Cl+z1PMH1MFVq0pn7vFZItyxs1tQI/ZTkhZnNtFv72EvzcbOcQx7ALnHA+sKBd e8ZDB3vvrw2PnqBUzyjmdHvFfFd8sQHoEt8ho2HHkMtUfi95THgdq4LXS0shBOH3QX5b hvk8hUL+Xuq1CUoxdX2ZbTXF7AzCDsHlnxurSbFjSYXzsHkmf6AQ1jCkKzW4cUVedMOI brXg== X-Gm-Message-State: AOJu0YzuEeqB1Gs8ry4LvUIdNRZKZBMe25diQHlX9w1TNk7EVx9ycOfP 1DJihCDdBAS6SMo6nJEwjGQm2Cny/EPdAWPpZBo9wl60f8N4sffIOghe3tvFAg== X-Gm-Gg: ASbGnctUvXWcVsjTIFKF2t6AZvTGJj4jH4wpw0Mbye5nxTPzsvuHofgQocp4+Z8d2ps GvG2H6pPindVzSs3EXbggEDdxuHF86sysmkstyIipZgB8Sl0gdnF7igJ3A7/Yh+A4qVKaJ/ivRW ye7n4MUELP9EQMTJiH6cTv5jdpgKF4PHwgDucyG7KkDdxNzo8SU5tApDTU0HTwWLgl9Gx/A2WGZ FqzZLKSaqxnaPX8wMTKIAghTSVU93puSVyC2zhFlQVz7vsGJo/HAvz+5vMC2Mmjo26tvlIeSwlX efC7EAsOJgCn5IyI9bYx8UsFPJI2GeLvKEmGVIoJtGqiMavklp5NsG/DRcCoWhuZcttrT6OlsI2 TPmu7IBZtHjS28rEGjYcqcZ+ikcUqLD1PgkYS6Z/efA6X X-Google-Smtp-Source: AGHT+IGzspw7IUpcuIIn8Xfwa/c7OEh0hwQELBKxCOEaHaAh6RQbDAR7Hi2PelUx2nTdCSsrz2CPYQ== X-Received: by 2002:a05:6402:1149:b0:636:24da:490b with SMTP id 4fb4d7f45d1cf-63678cff0f6mr3202900a12.33.1759326782565; Wed, 01 Oct 2025 06:53:02 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.53.01 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:53:02 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 22/25] libmad: patch CVE-2017-8372 and CVE-2017-8373 Date: Wed, 1 Oct 2025 15:52:40 +0200 Message-ID: <20251001135243.1490753-23-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:53:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120137 From: Peter Marko Pick patch [1] from Debian based on [2]. [1] https://salsa.debian.org/multimedia-team/libmad/-/raw/debian/0.15.1b-11/debian/patches/length-check.patch?ref_type=tags [2] https://security-tracker.debian.org/tracker/CVE-2017-8374 Signed-off-by: Peter Marko Signed-off-by: Khem Raj (cherry picked from commit 60eb0214e71c5f761d450bcc484b57df6955bd09) Signed-off-by: Gyorgy Sarvari --- .../libmad/libmad/CVE-2017-8374.patch | 830 ++++++++++++++++++ .../libmad/libmad_0.15.1b.bb | 1 + 2 files changed, 831 insertions(+) create mode 100644 meta-oe/recipes-multimedia/libmad/libmad/CVE-2017-8374.patch diff --git a/meta-oe/recipes-multimedia/libmad/libmad/CVE-2017-8374.patch b/meta-oe/recipes-multimedia/libmad/libmad/CVE-2017-8374.patch new file mode 100644 index 0000000000..69a7153f07 --- /dev/null +++ b/meta-oe/recipes-multimedia/libmad/libmad/CVE-2017-8374.patch @@ -0,0 +1,830 @@ +From 05de6e0ddc2c911b725955d2af331ffd76aa8186 Mon Sep 17 00:00:00 2001 +From: Kurt Roeckx +Date: Sun, 28 Jan 2018 19:26:36 +0100 +Subject: [PATCH] Check the size before reading with mad_bit_read + +There are various cases where it attemps to read past the end of the buffer +using mad_bit_read(). Most functions didn't even know the size of the buffer +they were reading from. + +Source: https://salsa.debian.org/multimedia-team/libmad/-/raw/debian/0.15.1b-11/debian/patches/length-check.patch?ref_type=tags + +CVE: CVE-2017-8374 +Upstream-Status: Inactive-Upstream [lastrelease: 2018] +Signed-off-by: Peter Marko +--- + bit.c | 3 + + frame.c | 20 +++++- + layer12.c | 112 +++++++++++++++++++++++++++--- + layer3.c | 198 ++++++++++++++++++++++++++++++++++++++---------------- + 4 files changed, 262 insertions(+), 71 deletions(-) + +diff --git a/bit.c b/bit.c +index c2bfb24..39ef50b 100644 +--- a/bit.c ++++ b/bit.c +@@ -138,6 +138,9 @@ unsigned long mad_bit_read(struct mad_bitptr *bitptr, unsigned int len) + { + register unsigned long value; + ++ if (len == 0) ++ return 0; ++ + if (bitptr->left == CHAR_BIT) + bitptr->cache = *bitptr->byte; + +diff --git a/frame.c b/frame.c +index 0cb3d0f..4b3aea8 100644 +--- a/frame.c ++++ b/frame.c +@@ -120,11 +120,18 @@ static + int decode_header(struct mad_header *header, struct mad_stream *stream) + { + unsigned int index; ++ struct mad_bitptr bufend_ptr; + + header->flags = 0; + header->private_bits = 0; + ++ mad_bit_init(&bufend_ptr, stream->bufend); ++ + /* header() */ ++ if (mad_bit_length(&stream->ptr, &bufend_ptr) < 32) { ++ stream->error = MAD_ERROR_BUFLEN; ++ return -1; ++ } + + /* syncword */ + mad_bit_skip(&stream->ptr, 11); +@@ -225,8 +232,13 @@ int decode_header(struct mad_header *header, struct mad_stream *stream) + /* error_check() */ + + /* crc_check */ +- if (header->flags & MAD_FLAG_PROTECTION) ++ if (header->flags & MAD_FLAG_PROTECTION) { ++ if (mad_bit_length(&stream->ptr, &bufend_ptr) < 16) { ++ stream->error = MAD_ERROR_BUFLEN; ++ return -1; ++ } + header->crc_target = mad_bit_read(&stream->ptr, 16); ++ } + + return 0; + } +@@ -338,7 +350,7 @@ int mad_header_decode(struct mad_header *header, struct mad_stream *stream) + stream->error = MAD_ERROR_BUFLEN; + goto fail; + } +- else if (!(ptr[0] == 0xff && (ptr[1] & 0xe0) == 0xe0)) { ++ else if ((end - ptr >= 2) && !(ptr[0] == 0xff && (ptr[1] & 0xe0) == 0xe0)) { + /* mark point where frame sync word was expected */ + stream->this_frame = ptr; + stream->next_frame = ptr + 1; +@@ -361,6 +373,8 @@ int mad_header_decode(struct mad_header *header, struct mad_stream *stream) + ptr = mad_bit_nextbyte(&stream->ptr); + } + ++ stream->error = MAD_ERROR_NONE; ++ + /* begin processing */ + stream->this_frame = ptr; + stream->next_frame = ptr + 1; /* possibly bogus sync word */ +@@ -413,7 +427,7 @@ int mad_header_decode(struct mad_header *header, struct mad_stream *stream) + /* check that a valid frame header follows this frame */ + + ptr = stream->next_frame; +- if (!(ptr[0] == 0xff && (ptr[1] & 0xe0) == 0xe0)) { ++ if ((end - ptr >= 2) && !(ptr[0] == 0xff && (ptr[1] & 0xe0) == 0xe0)) { + ptr = stream->next_frame = stream->this_frame + 1; + goto sync; + } +diff --git a/layer12.c b/layer12.c +index 6981f9c..b6f4a2f 100644 +--- a/layer12.c ++++ b/layer12.c +@@ -72,10 +72,18 @@ mad_fixed_t const linear_table[14] = { + * DESCRIPTION: decode one requantized Layer I sample from a bitstream + */ + static +-mad_fixed_t I_sample(struct mad_bitptr *ptr, unsigned int nb) ++mad_fixed_t I_sample(struct mad_bitptr *ptr, unsigned int nb, struct mad_stream *stream) + { + mad_fixed_t sample; ++ struct mad_bitptr frameend_ptr; + ++ mad_bit_init(&frameend_ptr, stream->next_frame); ++ ++ if (mad_bit_length(ptr, &frameend_ptr) < nb) { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return 0; ++ } + sample = mad_bit_read(ptr, nb); + + /* invert most significant bit, extend sign, then scale to fixed format */ +@@ -106,6 +114,10 @@ int mad_layer_I(struct mad_stream *stream, struct mad_frame *frame) + struct mad_header *header = &frame->header; + unsigned int nch, bound, ch, s, sb, nb; + unsigned char allocation[2][32], scalefactor[2][32]; ++ struct mad_bitptr bufend_ptr, frameend_ptr; ++ ++ mad_bit_init(&bufend_ptr, stream->bufend); ++ mad_bit_init(&frameend_ptr, stream->next_frame); + + nch = MAD_NCHANNELS(header); + +@@ -118,6 +130,11 @@ int mad_layer_I(struct mad_stream *stream, struct mad_frame *frame) + /* check CRC word */ + + if (header->flags & MAD_FLAG_PROTECTION) { ++ if (mad_bit_length(&stream->ptr, &bufend_ptr) ++ < 4 * (bound * nch + (32 - bound))) { ++ stream->error = MAD_ERROR_BADCRC; ++ return -1; ++ } + header->crc_check = + mad_bit_crc(stream->ptr, 4 * (bound * nch + (32 - bound)), + header->crc_check); +@@ -133,6 +150,11 @@ int mad_layer_I(struct mad_stream *stream, struct mad_frame *frame) + + for (sb = 0; sb < bound; ++sb) { + for (ch = 0; ch < nch; ++ch) { ++ if (mad_bit_length(&stream->ptr, &frameend_ptr) < 4) { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + nb = mad_bit_read(&stream->ptr, 4); + + if (nb == 15) { +@@ -145,6 +167,11 @@ int mad_layer_I(struct mad_stream *stream, struct mad_frame *frame) + } + + for (sb = bound; sb < 32; ++sb) { ++ if (mad_bit_length(&stream->ptr, &frameend_ptr) < 4) { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + nb = mad_bit_read(&stream->ptr, 4); + + if (nb == 15) { +@@ -161,6 +188,11 @@ int mad_layer_I(struct mad_stream *stream, struct mad_frame *frame) + for (sb = 0; sb < 32; ++sb) { + for (ch = 0; ch < nch; ++ch) { + if (allocation[ch][sb]) { ++ if (mad_bit_length(&stream->ptr, &frameend_ptr) < 6) { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + scalefactor[ch][sb] = mad_bit_read(&stream->ptr, 6); + + # if defined(OPT_STRICT) +@@ -185,8 +217,10 @@ int mad_layer_I(struct mad_stream *stream, struct mad_frame *frame) + for (ch = 0; ch < nch; ++ch) { + nb = allocation[ch][sb]; + frame->sbsample[ch][s][sb] = nb ? +- mad_f_mul(I_sample(&stream->ptr, nb), ++ mad_f_mul(I_sample(&stream->ptr, nb, stream), + sf_table[scalefactor[ch][sb]]) : 0; ++ if (stream->error != 0) ++ return -1; + } + } + +@@ -194,7 +228,14 @@ int mad_layer_I(struct mad_stream *stream, struct mad_frame *frame) + if ((nb = allocation[0][sb])) { + mad_fixed_t sample; + +- sample = I_sample(&stream->ptr, nb); ++ if (mad_bit_length(&stream->ptr, &frameend_ptr) < nb) { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } ++ sample = I_sample(&stream->ptr, nb, stream); ++ if (stream->error != 0) ++ return -1; + + for (ch = 0; ch < nch; ++ch) { + frame->sbsample[ch][s][sb] = +@@ -280,13 +321,21 @@ struct quantclass { + static + void II_samples(struct mad_bitptr *ptr, + struct quantclass const *quantclass, +- mad_fixed_t output[3]) ++ mad_fixed_t output[3], struct mad_stream *stream) + { + unsigned int nb, s, sample[3]; ++ struct mad_bitptr frameend_ptr; ++ ++ mad_bit_init(&frameend_ptr, stream->next_frame); + + if ((nb = quantclass->group)) { + unsigned int c, nlevels; + ++ if (mad_bit_length(ptr, &frameend_ptr) < quantclass->bits) { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return; ++ } + /* degrouping */ + c = mad_bit_read(ptr, quantclass->bits); + nlevels = quantclass->nlevels; +@@ -299,8 +348,14 @@ void II_samples(struct mad_bitptr *ptr, + else { + nb = quantclass->bits; + +- for (s = 0; s < 3; ++s) ++ for (s = 0; s < 3; ++s) { ++ if (mad_bit_length(ptr, &frameend_ptr) < nb) { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return; ++ } + sample[s] = mad_bit_read(ptr, nb); ++ } + } + + for (s = 0; s < 3; ++s) { +@@ -336,6 +391,9 @@ int mad_layer_II(struct mad_stream *stream, struct mad_frame *frame) + unsigned char const *offsets; + unsigned char allocation[2][32], scfsi[2][32], scalefactor[2][32][3]; + mad_fixed_t samples[3]; ++ struct mad_bitptr frameend_ptr; ++ ++ mad_bit_init(&frameend_ptr, stream->next_frame); + + nch = MAD_NCHANNELS(header); + +@@ -402,13 +460,24 @@ int mad_layer_II(struct mad_stream *stream, struct mad_frame *frame) + for (sb = 0; sb < bound; ++sb) { + nbal = bitalloc_table[offsets[sb]].nbal; + +- for (ch = 0; ch < nch; ++ch) ++ for (ch = 0; ch < nch; ++ch) { ++ if (mad_bit_length(&stream->ptr, &frameend_ptr) < nbal) { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + allocation[ch][sb] = mad_bit_read(&stream->ptr, nbal); ++ } + } + + for (sb = bound; sb < sblimit; ++sb) { + nbal = bitalloc_table[offsets[sb]].nbal; + ++ if (mad_bit_length(&stream->ptr, &frameend_ptr) < nbal) { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + allocation[0][sb] = + allocation[1][sb] = mad_bit_read(&stream->ptr, nbal); + } +@@ -417,8 +486,14 @@ int mad_layer_II(struct mad_stream *stream, struct mad_frame *frame) + + for (sb = 0; sb < sblimit; ++sb) { + for (ch = 0; ch < nch; ++ch) { +- if (allocation[ch][sb]) ++ if (allocation[ch][sb]) { ++ if (mad_bit_length(&stream->ptr, &frameend_ptr) < 2) { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + scfsi[ch][sb] = mad_bit_read(&stream->ptr, 2); ++ } + } + } + +@@ -441,6 +516,11 @@ int mad_layer_II(struct mad_stream *stream, struct mad_frame *frame) + for (sb = 0; sb < sblimit; ++sb) { + for (ch = 0; ch < nch; ++ch) { + if (allocation[ch][sb]) { ++ if (mad_bit_length(&stream->ptr, &frameend_ptr) < 6) { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + scalefactor[ch][sb][0] = mad_bit_read(&stream->ptr, 6); + + switch (scfsi[ch][sb]) { +@@ -451,11 +531,21 @@ int mad_layer_II(struct mad_stream *stream, struct mad_frame *frame) + break; + + case 0: ++ if (mad_bit_length(&stream->ptr, &frameend_ptr) < 6) { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + scalefactor[ch][sb][1] = mad_bit_read(&stream->ptr, 6); + /* fall through */ + + case 1: + case 3: ++ if (mad_bit_length(&stream->ptr, &frameend_ptr) < 6) { ++ stream->error = MAD_ERROR_LOSTSYNC; ++ stream->sync = 0; ++ return -1; ++ } + scalefactor[ch][sb][2] = mad_bit_read(&stream->ptr, 6); + } + +@@ -487,7 +577,9 @@ int mad_layer_II(struct mad_stream *stream, struct mad_frame *frame) + if ((index = allocation[ch][sb])) { + index = offset_table[bitalloc_table[offsets[sb]].offset][index - 1]; + +- II_samples(&stream->ptr, &qc_table[index], samples); ++ II_samples(&stream->ptr, &qc_table[index], samples, stream); ++ if (stream->error != 0) ++ return -1; + + for (s = 0; s < 3; ++s) { + frame->sbsample[ch][3 * gr + s][sb] = +@@ -505,7 +597,9 @@ int mad_layer_II(struct mad_stream *stream, struct mad_frame *frame) + if ((index = allocation[0][sb])) { + index = offset_table[bitalloc_table[offsets[sb]].offset][index - 1]; + +- II_samples(&stream->ptr, &qc_table[index], samples); ++ II_samples(&stream->ptr, &qc_table[index], samples, stream); ++ if (stream->error != 0) ++ return -1; + + for (ch = 0; ch < nch; ++ch) { + for (s = 0; s < 3; ++s) { +diff --git a/layer3.c b/layer3.c +index 7dc4ca6..59a81ed 100644 +--- a/layer3.c ++++ b/layer3.c +@@ -598,7 +598,8 @@ enum mad_error III_sideinfo(struct mad_bitptr *ptr, unsigned int nch, + static + unsigned int III_scalefactors_lsf(struct mad_bitptr *ptr, + struct channel *channel, +- struct channel *gr1ch, int mode_extension) ++ struct channel *gr1ch, int mode_extension, ++ unsigned int bits_left, unsigned int *part2_length) + { + struct mad_bitptr start; + unsigned int scalefac_compress, index, slen[4], part, n, i; +@@ -644,8 +645,12 @@ unsigned int III_scalefactors_lsf(struct mad_bitptr *ptr, + + n = 0; + for (part = 0; part < 4; ++part) { +- for (i = 0; i < nsfb[part]; ++i) ++ for (i = 0; i < nsfb[part]; ++i) { ++ if (bits_left < slen[part]) ++ return MAD_ERROR_BADSCFSI; + channel->scalefac[n++] = mad_bit_read(ptr, slen[part]); ++ bits_left -= slen[part]; ++ } + } + + while (n < 39) +@@ -690,7 +695,10 @@ unsigned int III_scalefactors_lsf(struct mad_bitptr *ptr, + max = (1 << slen[part]) - 1; + + for (i = 0; i < nsfb[part]; ++i) { ++ if (bits_left < slen[part]) ++ return MAD_ERROR_BADSCFSI; + is_pos = mad_bit_read(ptr, slen[part]); ++ bits_left -= slen[part]; + + channel->scalefac[n] = is_pos; + gr1ch->scalefac[n++] = (is_pos == max); +@@ -703,7 +711,8 @@ unsigned int III_scalefactors_lsf(struct mad_bitptr *ptr, + } + } + +- return mad_bit_length(&start, ptr); ++ *part2_length = mad_bit_length(&start, ptr); ++ return MAD_ERROR_NONE; + } + + /* +@@ -712,7 +721,8 @@ unsigned int III_scalefactors_lsf(struct mad_bitptr *ptr, + */ + static + unsigned int III_scalefactors(struct mad_bitptr *ptr, struct channel *channel, +- struct channel const *gr0ch, unsigned int scfsi) ++ struct channel const *gr0ch, unsigned int scfsi, ++ unsigned int bits_left, unsigned int *part2_length) + { + struct mad_bitptr start; + unsigned int slen1, slen2, sfbi; +@@ -728,12 +738,20 @@ unsigned int III_scalefactors(struct mad_bitptr *ptr, struct channel *channel, + sfbi = 0; + + nsfb = (channel->flags & mixed_block_flag) ? 8 + 3 * 3 : 6 * 3; +- while (nsfb--) ++ while (nsfb--) { ++ if (bits_left < slen1) ++ return MAD_ERROR_BADSCFSI; + channel->scalefac[sfbi++] = mad_bit_read(ptr, slen1); ++ bits_left -= slen1; ++ } + + nsfb = 6 * 3; +- while (nsfb--) ++ while (nsfb--) { ++ if (bits_left < slen2) ++ return MAD_ERROR_BADSCFSI; + channel->scalefac[sfbi++] = mad_bit_read(ptr, slen2); ++ bits_left -= slen2; ++ } + + nsfb = 1 * 3; + while (nsfb--) +@@ -745,8 +763,12 @@ unsigned int III_scalefactors(struct mad_bitptr *ptr, struct channel *channel, + channel->scalefac[sfbi] = gr0ch->scalefac[sfbi]; + } + else { +- for (sfbi = 0; sfbi < 6; ++sfbi) ++ for (sfbi = 0; sfbi < 6; ++sfbi) { ++ if (bits_left < slen1) ++ return MAD_ERROR_BADSCFSI; + channel->scalefac[sfbi] = mad_bit_read(ptr, slen1); ++ bits_left -= slen1; ++ } + } + + if (scfsi & 0x4) { +@@ -754,8 +776,12 @@ unsigned int III_scalefactors(struct mad_bitptr *ptr, struct channel *channel, + channel->scalefac[sfbi] = gr0ch->scalefac[sfbi]; + } + else { +- for (sfbi = 6; sfbi < 11; ++sfbi) ++ for (sfbi = 6; sfbi < 11; ++sfbi) { ++ if (bits_left < slen1) ++ return MAD_ERROR_BADSCFSI; + channel->scalefac[sfbi] = mad_bit_read(ptr, slen1); ++ bits_left -= slen1; ++ } + } + + if (scfsi & 0x2) { +@@ -763,8 +789,12 @@ unsigned int III_scalefactors(struct mad_bitptr *ptr, struct channel *channel, + channel->scalefac[sfbi] = gr0ch->scalefac[sfbi]; + } + else { +- for (sfbi = 11; sfbi < 16; ++sfbi) ++ for (sfbi = 11; sfbi < 16; ++sfbi) { ++ if (bits_left < slen2) ++ return MAD_ERROR_BADSCFSI; + channel->scalefac[sfbi] = mad_bit_read(ptr, slen2); ++ bits_left -= slen2; ++ } + } + + if (scfsi & 0x1) { +@@ -772,14 +802,19 @@ unsigned int III_scalefactors(struct mad_bitptr *ptr, struct channel *channel, + channel->scalefac[sfbi] = gr0ch->scalefac[sfbi]; + } + else { +- for (sfbi = 16; sfbi < 21; ++sfbi) ++ for (sfbi = 16; sfbi < 21; ++sfbi) { ++ if (bits_left < slen2) ++ return MAD_ERROR_BADSCFSI; + channel->scalefac[sfbi] = mad_bit_read(ptr, slen2); ++ bits_left -= slen2; ++ } + } + + channel->scalefac[21] = 0; + } + +- return mad_bit_length(&start, ptr); ++ *part2_length = mad_bit_length(&start, ptr); ++ return MAD_ERROR_NONE; + } + + /* +@@ -933,19 +968,17 @@ static + enum mad_error III_huffdecode(struct mad_bitptr *ptr, mad_fixed_t xr[576], + struct channel *channel, + unsigned char const *sfbwidth, +- unsigned int part2_length) ++ signed int part3_length) + { + signed int exponents[39], exp; + signed int const *expptr; + struct mad_bitptr peek; +- signed int bits_left, cachesz; ++ signed int bits_left, cachesz, fakebits; + register mad_fixed_t *xrptr; + mad_fixed_t const *sfbound; + register unsigned long bitcache; + +- bits_left = (signed) channel->part2_3_length - (signed) part2_length; +- if (bits_left < 0) +- return MAD_ERROR_BADPART3LEN; ++ bits_left = part3_length; + + III_exponents(channel, sfbwidth, exponents); + +@@ -956,8 +989,12 @@ enum mad_error III_huffdecode(struct mad_bitptr *ptr, mad_fixed_t xr[576], + cachesz = mad_bit_bitsleft(&peek); + cachesz += ((32 - 1 - 24) + (24 - cachesz)) & ~7; + ++ if (bits_left < cachesz) { ++ cachesz = bits_left; ++ } + bitcache = mad_bit_read(&peek, cachesz); + bits_left -= cachesz; ++ fakebits = 0; + + xrptr = &xr[0]; + +@@ -986,7 +1023,7 @@ enum mad_error III_huffdecode(struct mad_bitptr *ptr, mad_fixed_t xr[576], + + big_values = channel->big_values; + +- while (big_values-- && cachesz + bits_left > 0) { ++ while (big_values-- && cachesz + bits_left - fakebits > 0) { + union huffpair const *pair; + unsigned int clumpsz, value; + register mad_fixed_t requantized; +@@ -1023,10 +1060,19 @@ enum mad_error III_huffdecode(struct mad_bitptr *ptr, mad_fixed_t xr[576], + unsigned int bits; + + bits = ((32 - 1 - 21) + (21 - cachesz)) & ~7; ++ if (bits_left < bits) { ++ bits = bits_left; ++ } + bitcache = (bitcache << bits) | mad_bit_read(&peek, bits); + cachesz += bits; + bits_left -= bits; + } ++ if (cachesz < 21) { ++ unsigned int bits = 21 - cachesz; ++ bitcache <<= bits; ++ cachesz += bits; ++ fakebits += bits; ++ } + + /* hcod (0..19) */ + +@@ -1041,6 +1087,8 @@ enum mad_error III_huffdecode(struct mad_bitptr *ptr, mad_fixed_t xr[576], + } + + cachesz -= pair->value.hlen; ++ if (cachesz < fakebits) ++ return MAD_ERROR_BADHUFFDATA; + + if (linbits) { + /* x (0..14) */ +@@ -1054,10 +1102,15 @@ enum mad_error III_huffdecode(struct mad_bitptr *ptr, mad_fixed_t xr[576], + + case 15: + if (cachesz < linbits + 2) { +- bitcache = (bitcache << 16) | mad_bit_read(&peek, 16); +- cachesz += 16; +- bits_left -= 16; ++ unsigned int bits = 16; ++ if (bits_left < 16) ++ bits = bits_left; ++ bitcache = (bitcache << bits) | mad_bit_read(&peek, bits); ++ cachesz += bits; ++ bits_left -= bits; + } ++ if (cachesz - fakebits < linbits) ++ return MAD_ERROR_BADHUFFDATA; + + value += MASK(bitcache, cachesz, linbits); + cachesz -= linbits; +@@ -1074,6 +1127,8 @@ enum mad_error III_huffdecode(struct mad_bitptr *ptr, mad_fixed_t xr[576], + } + + x_final: ++ if (cachesz - fakebits < 1) ++ return MAD_ERROR_BADHUFFDATA; + xrptr[0] = MASK1BIT(bitcache, cachesz--) ? + -requantized : requantized; + } +@@ -1089,10 +1144,15 @@ enum mad_error III_huffdecode(struct mad_bitptr *ptr, mad_fixed_t xr[576], + + case 15: + if (cachesz < linbits + 1) { +- bitcache = (bitcache << 16) | mad_bit_read(&peek, 16); +- cachesz += 16; +- bits_left -= 16; ++ unsigned int bits = 16; ++ if (bits_left < 16) ++ bits = bits_left; ++ bitcache = (bitcache << bits) | mad_bit_read(&peek, bits); ++ cachesz += bits; ++ bits_left -= bits; + } ++ if (cachesz - fakebits < linbits) ++ return MAD_ERROR_BADHUFFDATA; + + value += MASK(bitcache, cachesz, linbits); + cachesz -= linbits; +@@ -1109,6 +1169,8 @@ enum mad_error III_huffdecode(struct mad_bitptr *ptr, mad_fixed_t xr[576], + } + + y_final: ++ if (cachesz - fakebits < 1) ++ return MAD_ERROR_BADHUFFDATA; + xrptr[1] = MASK1BIT(bitcache, cachesz--) ? + -requantized : requantized; + } +@@ -1128,6 +1190,8 @@ enum mad_error III_huffdecode(struct mad_bitptr *ptr, mad_fixed_t xr[576], + requantized = reqcache[value] = III_requantize(value, exp); + } + ++ if (cachesz - fakebits < 1) ++ return MAD_ERROR_BADHUFFDATA; + xrptr[0] = MASK1BIT(bitcache, cachesz--) ? + -requantized : requantized; + } +@@ -1146,6 +1210,8 @@ enum mad_error III_huffdecode(struct mad_bitptr *ptr, mad_fixed_t xr[576], + requantized = reqcache[value] = III_requantize(value, exp); + } + ++ if (cachesz - fakebits < 1) ++ return MAD_ERROR_BADHUFFDATA; + xrptr[1] = MASK1BIT(bitcache, cachesz--) ? + -requantized : requantized; + } +@@ -1155,9 +1221,6 @@ enum mad_error III_huffdecode(struct mad_bitptr *ptr, mad_fixed_t xr[576], + } + } + +- if (cachesz + bits_left < 0) +- return MAD_ERROR_BADHUFFDATA; /* big_values overrun */ +- + /* count1 */ + { + union huffquad const *table; +@@ -1167,15 +1230,24 @@ enum mad_error III_huffdecode(struct mad_bitptr *ptr, mad_fixed_t xr[576], + + requantized = III_requantize(1, exp); + +- while (cachesz + bits_left > 0 && xrptr <= &xr[572]) { ++ while (cachesz + bits_left - fakebits > 0 && xrptr <= &xr[572]) { + union huffquad const *quad; + + /* hcod (1..6) */ + + if (cachesz < 10) { +- bitcache = (bitcache << 16) | mad_bit_read(&peek, 16); +- cachesz += 16; +- bits_left -= 16; ++ unsigned int bits = 16; ++ if (bits_left < 16) ++ bits = bits_left; ++ bitcache = (bitcache << bits) | mad_bit_read(&peek, bits); ++ cachesz += bits; ++ bits_left -= bits; ++ } ++ if (cachesz < 10) { ++ unsigned int bits = 10 - cachesz; ++ bitcache <<= bits; ++ cachesz += bits; ++ fakebits += bits; + } + + quad = &table[MASK(bitcache, cachesz, 4)]; +@@ -1188,6 +1260,11 @@ enum mad_error III_huffdecode(struct mad_bitptr *ptr, mad_fixed_t xr[576], + MASK(bitcache, cachesz, quad->ptr.bits)]; + } + ++ if (cachesz - fakebits < quad->value.hlen + quad->value.v ++ + quad->value.w + quad->value.x + quad->value.y) ++ /* We don't have enough bits to read one more entry, consider them ++ * stuffing bits. */ ++ break; + cachesz -= quad->value.hlen; + + if (xrptr == sfbound) { +@@ -1236,22 +1313,8 @@ enum mad_error III_huffdecode(struct mad_bitptr *ptr, mad_fixed_t xr[576], + + xrptr += 2; + } +- +- if (cachesz + bits_left < 0) { +-# if 0 && defined(DEBUG) +- fprintf(stderr, "huffman count1 overrun (%d bits)\n", +- -(cachesz + bits_left)); +-# endif +- +- /* technically the bitstream is misformatted, but apparently +- some encoders are just a bit sloppy with stuffing bits */ +- +- xrptr -= 4; +- } + } + +- assert(-bits_left <= MAD_BUFFER_GUARD * CHAR_BIT); +- + # if 0 && defined(DEBUG) + if (bits_left < 0) + fprintf(stderr, "read %d bits too many\n", -bits_left); +@@ -2348,10 +2411,11 @@ void III_freqinver(mad_fixed_t sample[18][32], unsigned int sb) + */ + static + enum mad_error III_decode(struct mad_bitptr *ptr, struct mad_frame *frame, +- struct sideinfo *si, unsigned int nch) ++ struct sideinfo *si, unsigned int nch, unsigned int md_len) + { + struct mad_header *header = &frame->header; + unsigned int sfreqi, ngr, gr; ++ int bits_left = md_len * CHAR_BIT; + + { + unsigned int sfreq; +@@ -2383,6 +2447,7 @@ enum mad_error III_decode(struct mad_bitptr *ptr, struct mad_frame *frame, + for (ch = 0; ch < nch; ++ch) { + struct channel *channel = &granule->ch[ch]; + unsigned int part2_length; ++ unsigned int part3_length; + + sfbwidth[ch] = sfbwidth_table[sfreqi].l; + if (channel->block_type == 2) { +@@ -2391,18 +2456,30 @@ enum mad_error III_decode(struct mad_bitptr *ptr, struct mad_frame *frame, + } + + if (header->flags & MAD_FLAG_LSF_EXT) { +- part2_length = III_scalefactors_lsf(ptr, channel, ++ error = III_scalefactors_lsf(ptr, channel, + ch == 0 ? 0 : &si->gr[1].ch[1], +- header->mode_extension); ++ header->mode_extension, bits_left, &part2_length); + } + else { +- part2_length = III_scalefactors(ptr, channel, &si->gr[0].ch[ch], +- gr == 0 ? 0 : si->scfsi[ch]); ++ error = III_scalefactors(ptr, channel, &si->gr[0].ch[ch], ++ gr == 0 ? 0 : si->scfsi[ch], bits_left, &part2_length); + } ++ if (error) ++ return error; + +- error = III_huffdecode(ptr, xr[ch], channel, sfbwidth[ch], part2_length); ++ bits_left -= part2_length; ++ ++ if (part2_length > channel->part2_3_length) ++ return MAD_ERROR_BADPART3LEN; ++ ++ part3_length = channel->part2_3_length - part2_length; ++ if (part3_length > bits_left) ++ return MAD_ERROR_BADPART3LEN; ++ ++ error = III_huffdecode(ptr, xr[ch], channel, sfbwidth[ch], part3_length); + if (error) + return error; ++ bits_left -= part3_length; + } + + /* joint stereo processing */ +@@ -2519,11 +2596,13 @@ int mad_layer_III(struct mad_stream *stream, struct mad_frame *frame) + unsigned int nch, priv_bitlen, next_md_begin = 0; + unsigned int si_len, data_bitlen, md_len; + unsigned int frame_space, frame_used, frame_free; +- struct mad_bitptr ptr; ++ struct mad_bitptr ptr, bufend_ptr; + struct sideinfo si; + enum mad_error error; + int result = 0; + ++ mad_bit_init(&bufend_ptr, stream->bufend); ++ + /* allocate Layer III dynamic structures */ + + if (stream->main_data == 0) { +@@ -2587,14 +2666,15 @@ int mad_layer_III(struct mad_stream *stream, struct mad_frame *frame) + unsigned long header; + + mad_bit_init(&peek, stream->next_frame); ++ if (mad_bit_length(&peek, &bufend_ptr) >= 57) { ++ header = mad_bit_read(&peek, 32); ++ if ((header & 0xffe60000L) /* syncword | layer */ == 0xffe20000L) { ++ if (!(header & 0x00010000L)) /* protection_bit */ ++ mad_bit_skip(&peek, 16); /* crc_check */ + +- header = mad_bit_read(&peek, 32); +- if ((header & 0xffe60000L) /* syncword | layer */ == 0xffe20000L) { +- if (!(header & 0x00010000L)) /* protection_bit */ +- mad_bit_skip(&peek, 16); /* crc_check */ +- +- next_md_begin = +- mad_bit_read(&peek, (header & 0x00080000L) /* ID */ ? 9 : 8); ++ next_md_begin = ++ mad_bit_read(&peek, (header & 0x00080000L) /* ID */ ? 9 : 8); ++ } + } + + mad_bit_finish(&peek); +@@ -2653,7 +2733,7 @@ int mad_layer_III(struct mad_stream *stream, struct mad_frame *frame) + /* decode main_data */ + + if (result == 0) { +- error = III_decode(&ptr, frame, &si, nch); ++ error = III_decode(&ptr, frame, &si, nch, md_len); + if (error) { + stream->error = error; + result = -1; diff --git a/meta-oe/recipes-multimedia/libmad/libmad_0.15.1b.bb b/meta-oe/recipes-multimedia/libmad/libmad_0.15.1b.bb index a710af1acc..33fb26cd8c 100644 --- a/meta-oe/recipes-multimedia/libmad/libmad_0.15.1b.bb +++ b/meta-oe/recipes-multimedia/libmad/libmad_0.15.1b.bb @@ -17,6 +17,7 @@ SRC_URI = "https://downloads.sourceforge.net/mad/libmad-${PV}.tar.gz \ file://obsolete_automake_macros.patch \ file://automake-foreign.patch \ file://CVE-2017-8372_CVE-2017-8373.patch \ + file://CVE-2017-8374.patch \ " SRC_URI:append:toolchain-clang = " file://0004-Remove-clang-unsupported-compiler-flags.patch " From patchwork Wed Oct 1 13:52:41 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71453 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3981ECCA476 for ; Wed, 1 Oct 2025 13:53:08 +0000 (UTC) Received: from mail-ed1-f49.google.com (mail-ed1-f49.google.com [209.85.208.49]) by mx.groups.io with SMTP id smtpd.web11.18628.1759326786183153971 for ; Wed, 01 Oct 2025 06:53:06 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=JAGRha3w; spf=pass (domain: gmail.com, ip: 209.85.208.49, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f49.google.com with SMTP id 4fb4d7f45d1cf-61a8c134533so13685431a12.3 for ; Wed, 01 Oct 2025 06:53:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326784; x=1759931584; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=naeHL1Pl+emxrSf0gOO+08qA/y21uqlSMJB29cKn2E8=; b=JAGRha3woFcIbvtnnZhDts+nmwt3IZ2elzzN3bUAII5ADNl7IntGl+8qlU7YHZWzHH DVXoD8/IYkZIugMhwA88klErQ4XSugTirh90F0nXjvdCzF70p8yMmW8PgYRXlM9WW/pb lnVBERNr3s79mHW+PA2e6O1t1RxsQibELiaL0rVxgT/9frCUM4ctj1XtfaN5xlYb3Zdc SYvQNRxY3uVFmKu8HME+FhZLH2MIozJDmUM9ZuwXNGYt5p4IinjOtEeDhjctA3pfaYXH fLF+6lSJhCa37We1CYBW9XHEB65nvqKFrOwUhd4JyGuu50bq2FJRLim4xMOqf2QQlcI5 +vwA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326784; x=1759931584; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=naeHL1Pl+emxrSf0gOO+08qA/y21uqlSMJB29cKn2E8=; b=ldoX0uu0gKBtrR5E6ovE9GZymI13vBct6hXVZXQy2/MuO9k67TgMBTocsM4N5q53Rk HU/mZ3mzetKwuiqtjFc54iZmi0FXhvIsfjTBypSFCLDuw67eNYfyIqq3lm16NOFgoQGv dxqeXTwAdMsvDNrouOibFdhFUbLesBNw1Q9tHNe7d34xOJgkqXiK6Y25VGdZRRnmf3HM tvXKqRw1Tl3byVOrGo73dVDU2EOzIYuAuUKk+xp/Rvgh2oQ1oJLRa1YquXf8KR6jj4wd xbto3RRIp64nwbyBa0xG6d7fhmTbqTc3YyLEY7JwRu+5It0yKcABvd9NkBmk863+Mzjm vlAw== X-Gm-Message-State: AOJu0Yzt0MxGYV6McIPBqRCuYUmvNk9LtT88Yo1w4PdKurvtck/sFzQc SC0/mEg1JiUfpHZsk2IFUXm9sRrquKdkXvo9TRuE9CB4vwGxeVkbRMjAFvNMgg== X-Gm-Gg: ASbGncuTitZHquaLKt4xRZ8cIygGT5mJoYSNkmqAc6M+IWPzIFSEzpZrbCpJnb9g+KE M3wVKzhfstB1Y9w820Ug1hjAKe08khOQjoIHP/KRNDz3dDVp/r+rmAo1DYRltzj7spPHbcJuNBg D9qOvQ+tuc5KlxLepguN2N77VxeDUH9URAaCaAfFwUvrP86V5cuDhTRJYjonjMTwDnHhODKsMBy +kp1pY/w1/+zq9bHxFGmYu1H7pxcwxh0pSjLTuqBvXWVZq8yqnUhKK0Vt8gCe3yb+Yq5j1GfW/2 ocPxVqotX8aCAyVcmZoHUyLg0rQ82UR/hKIDSAjxM342PlBPEBVdbUYWiArVU2katDJtOnkIkJu fMF5aAAKg14pZE1oCUHaTtIr4Sx20kAHrTZdGLBYQQL8q X-Google-Smtp-Source: AGHT+IFoDapFpceVv7bV1bKpDsF2jGAQOw+zXylUIvLhGcqancZ4bg4EVRZHdguxF8Dbq95td+CKWQ== X-Received: by 2002:a05:6402:348a:b0:632:ad83:aa3d with SMTP id 4fb4d7f45d1cf-63678ce68a1mr4318103a12.23.1759326784443; Wed, 01 Oct 2025 06:53:04 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.53.02 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:53:02 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 23/25] python3-nmap: add missing run-time dependencies Date: Wed, 1 Oct 2025 15:52:41 +0200 Message-ID: <20251001135243.1490753-24-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:53:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120138 From: Bartosz Golaszewski Add missing RDEPENDS for this package. Signed-off-by: Bartosz Golaszewski Signed-off-by: Khem Raj (cherry picked from commit e20ebe6ce4f8b991cd4f153352274850d416f090) Signed-off-by: Gyorgy Sarvari --- meta-oe/recipes-security/nmap/nmap_7.80.bb | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/meta-oe/recipes-security/nmap/nmap_7.80.bb b/meta-oe/recipes-security/nmap/nmap_7.80.bb index 030f033485..52c62cde30 100644 --- a/meta-oe/recipes-security/nmap/nmap_7.80.bb +++ b/meta-oe/recipes-security/nmap/nmap_7.80.bb @@ -59,4 +59,8 @@ do_install:append() { FILES:${PN} += "${PYTHON_SITEPACKAGES_DIR} ${datadir}/ncat" -RDEPENDS:${PN} += "python3-core" +RDEPENDS:${PN} += " \ + python3-difflib \ + python3-asyncio \ + python3-xml \ +" From patchwork Wed Oct 1 13:52:42 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71454 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 39D08CCD180 for ; Wed, 1 Oct 2025 13:53:08 +0000 (UTC) Received: from mail-ed1-f50.google.com (mail-ed1-f50.google.com [209.85.208.50]) by mx.groups.io with SMTP id smtpd.web11.18629.1759326787358446548 for ; Wed, 01 Oct 2025 06:53:07 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=UzCAy9nL; spf=pass (domain: gmail.com, ip: 209.85.208.50, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f50.google.com with SMTP id 4fb4d7f45d1cf-6366b7fd337so3319895a12.0 for ; Wed, 01 Oct 2025 06:53:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326786; x=1759931586; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=qi0BdUuThumtVJGKRq+m3Cr7oQQonE1b45uO4nNKy/g=; b=UzCAy9nLTvpuB/q3BjMuLo3uUNcht09zhm4y7q2Rn8VQiNweHxKKf3WZDc4hg0qT27 ZVOVypy6rcet4MAnzABsu4kWqomjOZ1G/jsQYi+PxAi+go3HseVULMiZC/bW691c0H6t xVlYhwro/gD00x9FOvqDq8IL9JE5BRr3cGoZTKdAsnAV+rel01FzFV6IagCy7tyiUElk 2uFlNkm+ueRsj7k4qalaqsf2vwFDF6XkBZ1u4NtA1PeWFPmyIoZz71ovJY/fu8kUEcEg XXBtpKj9Tdey63aiC7bLbCnVoZqmwUJdjPvTJ7aDo6SheXqYQO58KTtamMCCTtElCQFh xwCg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326786; x=1759931586; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=qi0BdUuThumtVJGKRq+m3Cr7oQQonE1b45uO4nNKy/g=; b=i5kDWWWPLdUsjPq5UY3ExhrpPbyBm/GIt26/8/8RqASeX9unmSgI+yda6pqX+2L/of Jt4roc2l2MHjmaRpVs0uUc0vepSW9ZGLir2nUpJDDgZ0+5pqJLPwpzy5q91lxyBpNlPD QYI5au7GLpK/fskC1gC+Gv7WAo+h2G8YTpG0UdL0FsxLVy1QxgIoSoO33Qk9u6QI7TfD QymWPCixVF3/4kA3QF5RWxiSlrkq4mrSU+jzFC72uKh++kiCuxL2Az8JNQx593MrIqLW RHLEyw2RV5XN/GOcacQnHSuY0+0l1QQxLSLhHDWVDOED3MVyeYXZ5bdI0hTttgOow3SM yAYA== X-Gm-Message-State: AOJu0YxE3lLNN+jVy/9pQ1ipZbQt14xQ7JTRtGX+tD8Dlzl9UHHKwvTM F4rqOZTCOPYexOfPpdPjo1P7sa+JmHwSqeY8IU1682daEzmMqkxgnONhLNq70w== X-Gm-Gg: ASbGncvo2nzDnlVOi57ugHuvGNXaEDBuLCxR9pYgV9BA0NH0KuqdEhTNJ4IB3Rbvfyf buNeaAnRNhTFY4Im6FjPZN1dNu+hU6GDmqsY+vA+RcCzkTZ/H2D/JVenOdSnJHcQU+trZpjJNZ5 +ciN44qBrkaxyqCgcvOjrscjSJg74XQcAxVpxhwVTcQiKQNffOaIs8Jl/vyI/A0v9ZysBeHoVS5 reYH9TXlSuY0FxvrCOXtZfSfURfA5KHUGWh6de7hZeRAe6T0bvf1OSH+VlnCn8Y399lr345wE+7 oj+PNfIEJX4UT2a2ozgg5Fet8SbwXnMlbWCZ4+wYb3jBEuF7hEaGMUxsPfnJmsoAxh1Uq3FsK0A eIRov2oderK2ZJnOsqZeTGkBQaqaB3gKdrPBu92w04wbT2O14OfndgmY= X-Google-Smtp-Source: AGHT+IHUbc1DbrAruRVR1ubqUZwHOQ75rQzrgI3p3uDU7YIBtbQc9xxhada/0+dheNaVXHL0MMSYLg== X-Received: by 2002:a17:907:60d1:b0:b3e:d492:d7b8 with SMTP id a640c23a62f3a-b46e6dff602mr444203966b.64.1759326785575; Wed, 01 Oct 2025 06:53:05 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.53.04 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:53:04 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 24/25] nmap: add missing dependency Date: Wed, 1 Oct 2025 15:52:42 +0200 Message-ID: <20251001135243.1490753-25-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:53:08 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120139 Building with ndiff PACKAGECONFIG failed with the following error: | File "/yocto/sandbox/build/tmp/work/cortexa53-poky-linux/nmap/7.95/nmap-7.95/ndiff/setup.py", line 11, in | import setuptools.command.install | ModuleNotFoundError: No module named 'setuptools' Fix it by adding the missing dependency. Signed-off-by: Gyorgy Sarvari Signed-off-by: Khem Raj (cherry picked from commit 3564ec12de4b5ed470e75a9e045adc6bec83c74d) Signed-off-by: Gyorgy Sarvari --- meta-oe/recipes-security/nmap/nmap_7.80.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-security/nmap/nmap_7.80.bb b/meta-oe/recipes-security/nmap/nmap_7.80.bb index 52c62cde30..072d729849 100644 --- a/meta-oe/recipes-security/nmap/nmap_7.80.bb +++ b/meta-oe/recipes-security/nmap/nmap_7.80.bb @@ -30,7 +30,7 @@ PACKAGECONFIG[libz] = "--with-libz=${STAGING_LIBDIR}/.., --without-libz, zlib, z #disable/enable packages PACKAGECONFIG[nping] = ",--without-nping," PACKAGECONFIG[ncat] = ",--without-ncat," -PACKAGECONFIG[ndiff] = "--with-ndiff=yes,--without-ndiff,python3" +PACKAGECONFIG[ndiff] = "--with-ndiff=yes,--without-ndiff,python3 python3-setuptools-native" PACKAGECONFIG[update] = ",--without-nmap-update," EXTRA_OECONF = "--with-libdnet=included --with-liblinear=included --without-subversion --with-liblua=included" From patchwork Wed Oct 1 13:52:43 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gyorgy Sarvari X-Patchwork-Id: 71462 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 79ED2CAC5BB for ; Wed, 1 Oct 2025 13:53:18 +0000 (UTC) Received: from mail-ed1-f52.google.com (mail-ed1-f52.google.com [209.85.208.52]) by mx.groups.io with SMTP id smtpd.web10.18472.1759326788483734481 for ; Wed, 01 Oct 2025 06:53:08 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=XPjFO7g/; spf=pass (domain: gmail.com, ip: 209.85.208.52, mailfrom: skandigraun@gmail.com) Received: by mail-ed1-f52.google.com with SMTP id 4fb4d7f45d1cf-62fc89cd68bso13373730a12.0 for ; Wed, 01 Oct 2025 06:53:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1759326787; x=1759931587; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=blrahaA9+/eDz1a3rNKo/jrpNv/7Kvu1e4ROdR20yXI=; b=XPjFO7g/ibwc1Wl3A4CVN27/1cWfpGMeTYtyfmvhstonK5bTC1PQJ4TtEfJfcgmEUD 9dKluMkRS7OH5rQSHb+mmCSXhdtAlOOBm7caA7JJbnSWtNFKGeHCGHvbPUMFiWzINeAf 3TRFYna8eOzuGbGV7JbHfNSlSiIxpIGG9T67zg8b0uVKe6agwuGs4JTXkDsjZSGh+Mkh PqVcE/6Mc4KMkihFPLDKxwPmBnRbxoicM6cUfRGaD7Dkg9SzuwJR96P5NqnYIEoQydYZ 3IvNso2gk0vkS+tZEYZC0LIKVcbGrIxXnJNombnachiHHpQZfaGV1cjNQk1IdivjShG8 TMGg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1759326787; x=1759931587; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=blrahaA9+/eDz1a3rNKo/jrpNv/7Kvu1e4ROdR20yXI=; b=NgZxykKv5aVDvhkzz4Xelag4bK072GoSzu+9yG1lHIUg0+VyqjopEAUSPiNxLyA15x R/Of2zrXkCh2g1hbTwk0zcMuWaBsT8DHmsPdlc0/LUXCpNCslViwg3E9xYbZmZA7R0aC iA3VopxqcQ0eozbp5FsgWd9WhbKGJG4w///Mp+c7HInjMSXaLyV1zgiPL+R+X8MTf2Ea QxFYHMr3F9NkcVKdPLRX7rLbF8FEnysvEL6k2xIogs4nQ7bcuElqJUtaqK6/jvavnJ7c 2IUyPIJlaSSoNO6ucyf4DQSw++ZvcUaWB6LpS/GURCOhbhqZRpFw/Zu4014SwsC6LP/y NMqQ== X-Gm-Message-State: AOJu0Yw89B0tWF1YvCx7dNvILg7C47aaS3TeX8V5UbUHBRMgiyRTa4fu krbXDHSBojRPQEMeFnAk3YdjArTD0cE2+jJfwNjBpGpTzo1WcLefJVjOD2l0tQ== X-Gm-Gg: ASbGnctZ8sim9UCu6WIzgJCHEP/+u+zjPh4v359MGgNSdBYCh267HPhpW1xsL7X94oB nEM4dACegNRQ2DlyAyRobbeyVpxS+wfOHWSs9GKzmmOXPhzBepM+gTnmj2VOchJp01Y05+8Q1og ddP0gWQHCqjxtCUPoYWsqO89FqRpSyRsRu1coB+RkUgdKS/jm2mejKbEzWqluNB8FpgVNX/GYrk 2T6IFm6rkX0+YUnTuTOZKP7r/nRkR1MeDQqdPLz1eMaTvtwfVGLvKjRNgXfqydeF+6DauZCr8k1 y9RIP4V11H8+hwHQ7BL1nVWZGH3FUZpni3F1ECtx7trcQZpsgmz8jE+RILv4297Liy/tmtL7p68 pKjCxUOFrIfZnCcq63bCbCjiXTMjtqzeOvFRWIO6Me8Wg X-Google-Smtp-Source: AGHT+IESOVND6dTM85/bI/WepPwE9d9ualIktMLG3WNIjNot+IW6AqTXUKN41y5PAKZ/0UK2IRWWmg== X-Received: by 2002:a05:6402:51c8:b0:633:afb7:2e6a with SMTP id 4fb4d7f45d1cf-63678cb3f52mr3994099a12.18.1759326786732; Wed, 01 Oct 2025 06:53:06 -0700 (PDT) Received: from desktop ([51.154.145.205]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-634a3629badsm11507823a12.9.2025.10.01.06.53.05 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Oct 2025 06:53:06 -0700 (PDT) From: Gyorgy Sarvari To: openembedded-devel@lists.openembedded.org Subject: [meta-oe][kirkstone][PATCH 25/25] softhsm: switch source to GitHub repository Date: Wed, 1 Oct 2025 15:52:43 +0200 Message-ID: <20251001135243.1490753-26-skandigraun@gmail.com> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20251001135243.1490753-1-skandigraun@gmail.com> References: <20251001135243.1490753-1-skandigraun@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 01 Oct 2025 13:53:18 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/120140 From: Jiaying Song The original source URL is unavailable, so it has been replaced with the official GitHub repository. Signed-off-by: Jiaying Song Signed-off-by: Khem Raj (cherry picked from commit f88db75ffa29e0d654f73cc174e01d9edaec6df2) Signed-off-by: Gyorgy Sarvari --- meta-oe/recipes-security/softhsm/softhsm_2.6.1.bb | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/meta-oe/recipes-security/softhsm/softhsm_2.6.1.bb b/meta-oe/recipes-security/softhsm/softhsm_2.6.1.bb index d7bcd4f03b..b601a7444d 100644 --- a/meta-oe/recipes-security/softhsm/softhsm_2.6.1.bb +++ b/meta-oe/recipes-security/softhsm/softhsm_2.6.1.bb @@ -5,8 +5,9 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=ef3f77a3507c3d91e75b9f2bdaee4210" DEPENDS = "sqlite3" -SRC_URI = "https://dist.opendnssec.org/source/softhsm-2.6.1.tar.gz" -SRC_URI[sha256sum] = "61249473054bcd1811519ef9a989a880a7bdcc36d317c9c25457fc614df475f2" +SRC_URI = "git://github.com/softhsm/SoftHSMv2.git;protocol=https;branch=develop" +SRCREV = "7f99bedae002f0dd04ceeb8d86d59fc4a68a69a0" +S = "${WORKDIR}/git" inherit autotools pkgconfig siteinfo