From patchwork Tue Oct  4 06:24:35 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Mathieu Dubois-Briand
 <mathieu.dubois-briand@hyprua.org>
X-Patchwork-Id: 13480
Return-Path: <mathieu.dubois-briand@hyprua.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id C9043C433F5
	for <webhook@archiver.kernel.org>; Tue,  4 Oct 2022 06:25:15 +0000 (UTC)
Received: from mail-wr1-f46.google.com (mail-wr1-f46.google.com
 [209.85.221.46])
 by mx.groups.io with SMTP id smtpd.web10.7554.1664864710448916419
 for <openembedded-devel@lists.openembedded.org>;
 Mon, 03 Oct 2022 23:25:11 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@hyprua-org.20210112.gappssmtp.com header.s=20210112
 header.b=qFTCZPeb;
 spf=none, err=SPF record not found (domain: hyprua.org, ip: 209.85.221.46,
 mailfrom: mathieu.dubois-briand@hyprua.org)
Received: by mail-wr1-f46.google.com with SMTP id n12so135501wrp.10
        for <openembedded-devel@lists.openembedded.org>;
 Mon, 03 Oct 2022 23:25:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=hyprua-org.20210112.gappssmtp.com; s=20210112;
        h=content-transfer-encoding:mime-version:message-id:date:subject:cc
         :to:from:from:to:cc:subject:date;
        bh=3viro0cS0AJJ6KIgDh+jkM/qkroqKGYg+GnDqwnfcnk=;
        b=qFTCZPebAQqf+AwpvxII+iJwBL+tbx2cQbEOOTg6i9lkpWDUW4Rh2R6OOww7CBCa3Z
         dVHOx5qoDEzDf/ORI2iQmx93HlaYvOvHSvj4aI8ifDWx8NyurU97ng4isKLLKdSuCiI1
         /NwHeggIDlRHkn1DcKC2qGXSRdidmAZDzL8n1OPGT8nxdu5087c3LNc6+On9MhpdOhC4
         Jz5f/I5q3yxRLJlU/ZEDWxDG0JzdaxMN50lACQUsA9D1PbCDcJa/p/ppuNpP6heRsDpz
         4oRC7SC0wqr6HZtqicmckBg1Yf7PKUXwVh5Qt4wjcYtnHpyIh1SmdB0fMe/mQ//cJcxO
         zJCw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=content-transfer-encoding:mime-version:message-id:date:subject:cc
         :to:from:x-gm-message-state:from:to:cc:subject:date;
        bh=3viro0cS0AJJ6KIgDh+jkM/qkroqKGYg+GnDqwnfcnk=;
        b=yoY+pmav6Uek0QVwhqhxh4E2564TcnQ4bWKAc/dzEmD8jvoJnuXhGrj/RAXi6W2YXQ
         GSRfm4drZj+E6KD5CyU9U1tCUhoeoUe3gpK28CQy/el771b8aZ2E9EkyaIw8B8WIUKI5
         QrAqBiSB1y49DObramTJMpvYmglpuEax6DFTurmZIxy2hYPsqEkIU3o1eKeDuNfdLXxK
         qf8y5Ta8AY+lo4YKk53/V5x/erv3+rV5Fl0V6N8SmoltgCSbs5YOOaOS2PqEP2JNBoWt
         dR2M+eMmBGq8IbcmxljwpMADNUXu1+1PHmGL9CiT8j+tOdQqhdYDtmY03xps1SmCpwde
         vqGA==
X-Gm-Message-State: ACrzQf2FArvsxNih+Q/2IGuLfQtTWnLVaws5Ba6bS7e2Xv7wxDFxAxwL
	BuzHGYe8C/IoGE25/vYQsJMRt2gXlIXNLLU/OUE=
X-Google-Smtp-Source: 
 AMsMyM7RSfvcSqB3uiyLRDy4cmlKEFE9IZRmi8Ul/QpRA6YzWehaUi8XLeF1WkSMJgHiOEU6j8mj5w==
X-Received: by 2002:a5d:434c:0:b0:22b:262f:ee66 with SMTP id
 u12-20020a5d434c000000b0022b262fee66mr14575853wrr.143.1664864707621;
        Mon, 03 Oct 2022 23:25:07 -0700 (PDT)
Received: from WIPC21110265.. ([2a01:e0a:9a8:8b40:238e:3570:9587:5b36])
        by smtp.gmail.com with ESMTPSA id
 n31-20020a05600c501f00b003a844885f88sm13802771wmr.22.2022.10.03.23.25.07
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 03 Oct 2022 23:25:07 -0700 (PDT)
From: Mathieu Dubois-Briand <mathieu.dubois-briand@hyprua.org>
X-Google-Original-From: Mathieu Dubois-Briand <mbriand@witekio.com>
To: openembedded-devel@lists.openembedded.org
Cc: raj.khem@gmail.com,
	joe@deserted.net,
	Mathieu Dubois-Briand <mbriand@witekio.com>
Subject: [meta-networking][PATCH 1/3] mbedtls: Fix CVE product name
Date: Tue,  4 Oct 2022 08:24:35 +0200
Message-Id: <20221004062437.2541052-1-mbriand@witekio.com>
X-Mailer: git-send-email 2.34.1
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Tue, 04 Oct 2022 06:25:15 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/99048

Signed-off-by: Mathieu Dubois-Briand <mbriand@witekio.com>
---
 meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.0.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.0.bb b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.0.bb
index d4a9c7bf8d53..a3859fbebaed 100644
--- a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.0.bb
+++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.0.bb
@@ -42,3 +42,5 @@ PACKAGES =+ "${PN}-programs"
 FILES:${PN}-programs = "${bindir}/"
 
 BBCLASSEXTEND = "native nativesdk"
+
+CVE_PRODUCT = "mbed_tls"

From patchwork Tue Oct  4 06:24:36 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Mathieu Dubois-Briand
 <mathieu.dubois-briand@hyprua.org>
X-Patchwork-Id: 13482
Return-Path: <mathieu.dubois-briand@hyprua.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id CB548C433FE
	for <webhook@archiver.kernel.org>; Tue,  4 Oct 2022 06:25:15 +0000 (UTC)
Received: from mail-wr1-f53.google.com (mail-wr1-f53.google.com
 [209.85.221.53])
 by mx.groups.io with SMTP id smtpd.web10.7553.1664864710398273922
 for <openembedded-devel@lists.openembedded.org>;
 Mon, 03 Oct 2022 23:25:10 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@hyprua-org.20210112.gappssmtp.com header.s=20210112
 header.b=E5EUcPh/;
 spf=none, err=SPF record not found (domain: hyprua.org, ip: 209.85.221.53,
 mailfrom: mathieu.dubois-briand@hyprua.org)
Received: by mail-wr1-f53.google.com with SMTP id w18so10992757wro.7
        for <openembedded-devel@lists.openembedded.org>;
 Mon, 03 Oct 2022 23:25:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=hyprua-org.20210112.gappssmtp.com; s=20210112;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date;
        bh=1m/RQ+n+EfSHbn/TQaoUjTXzUnt5XXPNIypVXGZOqd4=;
        b=E5EUcPh/H6w5j4dlFgJITcwajaQOadpvE1mjYKD4lk3fWCVVhx+5tH4PpvQ8gAiwMR
         cJd1+vzDryvNBsiQwfFOlILvqkBPWrAH+PObjz/q97Q1kt6s7Gxwihk3Wb2ddyTmZpRP
         WvRcwvy8mHJxs55/QwdYTlMVO9P3xmPtjuF5PMEgjTzNwba52riU89xuPLBD80HWHcJZ
         hiZJpSO2gkolGbVnpxtv7JmWlrTysKAov2zDZkdeFlWKjodhALfy3B3dzHFkHaZ3gsGx
         lcZehtHZ/TqYiXKrJDg0QwDpp4cKfWMOHm+8NuP8HDzf2BqbxzCcuYzjj9Y6IQzuvlvb
         5xLw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date;
        bh=1m/RQ+n+EfSHbn/TQaoUjTXzUnt5XXPNIypVXGZOqd4=;
        b=jzd/xo1b+eB7hqBqxRJhsGv8hYORZw5pFoGRsWOLQi1dkMRrA3O7TrB2dJmCpnlgQb
         8S2TurHAjLM2iJCgBJ9IHJKRjpSzs3V/xu7+4rK3deeS9XRkqj4e7FprfFkU3lCEE3RP
         m2jjsyFvN1Gu1mmok7mIOBzj8nKC4prYNNJMelL8H4danvpWYhL2j8OrGmTYGRVqNNoq
         GXLy3AHM0uQQxs5Kk6bGEVoHc9mIneysq3phD2CTxk87r/px6I566nvfBsd4yYitlllC
         y4yWWgao7KOPiKr+36phSTVWmLqg7fjpvbIc82c4OZPMenRX76E8Gp6ztcaW2zVPpB3c
         4sYQ==
X-Gm-Message-State: ACrzQf0awmSRUHjyKdRjuiNtz4McjMBxAvA1tLlwvTEMJkWuN4X6x2oy
	3QWFDiogWtXdnGj8IaRuFSjASHnVGPKG4xhk0gI=
X-Google-Smtp-Source: 
 AMsMyM5NoLKBUt3Rph0tUmW0+bBPRpCGfBW0SP1e2qfvKdL4XTdYVAwwE//epVzOnjGVQQEgnaEGdg==
X-Received: by 2002:a5d:56c8:0:b0:22e:32c5:d397 with SMTP id
 m8-20020a5d56c8000000b0022e32c5d397mr7396229wrw.462.1664864708166;
        Mon, 03 Oct 2022 23:25:08 -0700 (PDT)
Received: from WIPC21110265.. ([2a01:e0a:9a8:8b40:238e:3570:9587:5b36])
        by smtp.gmail.com with ESMTPSA id
 n31-20020a05600c501f00b003a844885f88sm13802771wmr.22.2022.10.03.23.25.07
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 03 Oct 2022 23:25:07 -0700 (PDT)
From: Mathieu Dubois-Briand <mathieu.dubois-briand@hyprua.org>
X-Google-Original-From: Mathieu Dubois-Briand <mbriand@witekio.com>
To: openembedded-devel@lists.openembedded.org
Cc: raj.khem@gmail.com,
	joe@deserted.net,
	Mathieu Dubois-Briand <mbriand@witekio.com>
Subject: [meta-networking][PATCH 2/3] mbedtls: Update to 2.28.1 version
Date: Tue,  4 Oct 2022 08:24:36 +0200
Message-Id: <20221004062437.2541052-2-mbriand@witekio.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20221004062437.2541052-1-mbriand@witekio.com>
References: <20221004062437.2541052-1-mbriand@witekio.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Tue, 04 Oct 2022 06:25:15 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/99047

Signed-off-by: Mathieu Dubois-Briand <mbriand@witekio.com>
---
 .../mbedtls/{mbedtls_2.28.0.bb => mbedtls_2.28.1.bb}            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta-networking/recipes-connectivity/mbedtls/{mbedtls_2.28.0.bb => mbedtls_2.28.1.bb} (97%)

diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.0.bb b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.1.bb
similarity index 97%
rename from meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.0.bb
rename to meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.1.bb
index a3859fbebaed..44b2a5e3c8e1 100644
--- a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.0.bb
+++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.1.bb
@@ -23,7 +23,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
 SECTION = "libs"
 
 S = "${WORKDIR}/git"
-SRCREV = "8b3f26a5ac38d4fdccbc5c5366229f3e01dafcc0"
+SRCREV = "dd79db10014d85b26d11fe57218431f2e5ede6f2"
 SRC_URI = "git://github.com/ARMmbed/mbedtls.git;protocol=https;branch=mbedtls-2.28"
 
 inherit cmake

From patchwork Tue Oct  4 06:24:37 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Mathieu Dubois-Briand
 <mathieu.dubois-briand@hyprua.org>
X-Patchwork-Id: 13481
Return-Path: <mathieu.dubois-briand@hyprua.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id C9D09C4332F
	for <webhook@archiver.kernel.org>; Tue,  4 Oct 2022 06:25:15 +0000 (UTC)
Received: from mail-wr1-f45.google.com (mail-wr1-f45.google.com
 [209.85.221.45])
 by mx.groups.io with SMTP id smtpd.web11.7679.1664864711184237444
 for <openembedded-devel@lists.openembedded.org>;
 Mon, 03 Oct 2022 23:25:11 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@hyprua-org.20210112.gappssmtp.com header.s=20210112
 header.b=biIrwJSi;
 spf=none, err=SPF record not found (domain: hyprua.org, ip: 209.85.221.45,
 mailfrom: mathieu.dubois-briand@hyprua.org)
Received: by mail-wr1-f45.google.com with SMTP id r6so19724431wru.8
        for <openembedded-devel@lists.openembedded.org>;
 Mon, 03 Oct 2022 23:25:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=hyprua-org.20210112.gappssmtp.com; s=20210112;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date;
        bh=1i0lg0vRFof+HC61F1K9QRomwqrWSJg8h2U1W6MgsNQ=;
        b=biIrwJSiqqmZsLXXTFCAJUAlurbJ8Jt8bodk9tjf8I8CwfgAbTIXEIjP4YomdtPhqT
         T+Rl9DKv/fZ8hYhnaNHh2vYx5rLrPdDx97hG6BrGq4Cd5gM6Tinb3DdK7EI0UhU6psvH
         S2Kf1CikPFyV6UMcyTbDmAHEuQa1SDJz8R2hTIkt7mzW71pxmmx1zsJiuWpNlM0tUhjj
         EYFbhP69oXEHn5cWVwQ107ICx1bQkBNaLcJEx4BOfAvlad+stKjTdG84tQ+/q4qPR2VR
         eJlCDrCDt7GpUbTI6g+2DWFaU0x1Mhpb21tFKd1pJ4T6peEwOqhkMLU9gSx5yJpNhSTs
         tERg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
         :subject:date;
        bh=1i0lg0vRFof+HC61F1K9QRomwqrWSJg8h2U1W6MgsNQ=;
        b=rHnabIWg0Iy3aL91SawHo8Dw2OkJL6geyc7v9WB8AZuYdpULJhxhfeEGGP9g1ND0kk
         R7EycAZwPHKwzFsPWrsChmLBxaLWH5SIeDHtZhl7Ny5AaWSrRTTGLVVqCwU4AHvsAB0x
         4YRDHVnl5fC7dmFDXQqq5JnSkbugz42kCUnRKrxFa0XcsX3JAtfapX9SkFg40fFAazYY
         RPCkuKKY6b1zYJO+DCL4g3AEp5Q24fdmMJhUwVTEEzQh3ul53A+HvUIXNKkCLzafzdki
         4gIS91CCwkcbvchva3Nm9KyXNvqtoJVo6lt0aHEiaDZOR4AX5OFkbW3OhqiVT0uEabI2
         KsyA==
X-Gm-Message-State: ACrzQf01y7fJJK3uG3kO1MuZgI0AT8MgI4xOgRDLPgsUdRNixf1mEC93
	X9Gt+6NCCHyyvMXp1W/tNkvuJtWpmu4wkZu/hPQ=
X-Google-Smtp-Source: 
 AMsMyM7ynl4pYDQdBMyipCZQfmhp6MtaWj09QbmGw7sSv9qtdmDG5WZMxcOLSfPJ/9JJZBZzXGFgvg==
X-Received: by 2002:a5d:6d4e:0:b0:22c:9dfd:4159 with SMTP id
 k14-20020a5d6d4e000000b0022c9dfd4159mr14527237wri.307.1664864709173;
        Mon, 03 Oct 2022 23:25:09 -0700 (PDT)
Received: from WIPC21110265.. ([2a01:e0a:9a8:8b40:238e:3570:9587:5b36])
        by smtp.gmail.com with ESMTPSA id
 n31-20020a05600c501f00b003a844885f88sm13802771wmr.22.2022.10.03.23.25.08
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 03 Oct 2022 23:25:08 -0700 (PDT)
From: Mathieu Dubois-Briand <mathieu.dubois-briand@hyprua.org>
X-Google-Original-From: Mathieu Dubois-Briand <mbriand@witekio.com>
To: openembedded-devel@lists.openembedded.org
Cc: raj.khem@gmail.com,
	joe@deserted.net,
	Mathieu Dubois-Briand <mbriand@witekio.com>
Subject: [meta-networking][PATCH 3/3] mbedtls: Whitelist CVE-2021-43666,
 CVE-2021-45451
Date: Tue,  4 Oct 2022 08:24:37 +0200
Message-Id: <20221004062437.2541052-3-mbriand@witekio.com>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20221004062437.2541052-1-mbriand@witekio.com>
References: <20221004062437.2541052-1-mbriand@witekio.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Tue, 04 Oct 2022 06:25:15 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/99049

Signed-off-by: Mathieu Dubois-Briand <mbriand@witekio.com>
---
 .../recipes-connectivity/mbedtls/mbedtls_2.28.1.bb           | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.1.bb b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.1.bb
index 44b2a5e3c8e1..742414dd8aed 100644
--- a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.1.bb
+++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.1.bb
@@ -44,3 +44,8 @@ FILES:${PN}-programs = "${bindir}/"
 BBCLASSEXTEND = "native nativesdk"
 
 CVE_PRODUCT = "mbed_tls"
+
+# Fix merged upstream https://github.com/Mbed-TLS/mbedtls/pull/5310
+CVE_CHECK_IGNORE += "CVE-2021-43666"
+# Fix merged upstream https://github.com/Mbed-TLS/mbedtls/commit/9a4a9c66a48edfe9ece03c7e4a53310adf73a86c
+CVE_CHECK_IGNORE += "CVE-2021-45451"