[kirkstone,09/28] bluez5: update 5.64 -> 5.65

Message ID	4fdb3d4e031e22c03d03c6cc7713ec45d7498555.1661293746.git.steve@sakoman.com
State	Accepted, archived
Commit	4fdb3d4e031e22c03d03c6cc7713ec45d7498555
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.214.178, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 09/28] bluez5: update 5.64 -> 5.65 Date: Tue, 23 Aug 2022 12:35:21 -1000 Message-Id: <4fdb3d4e031e22c03d03c6cc7713ec45d7498555.1661293746.git.steve@sakoman.com> In-Reply-To: <cover.1661293745.git.steve@sakoman.com> References: <cover.1661293745.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[kirkstone,01/28] libtiff: CVE-2022-34526 A stack overflow was discovered \| expand [kirkstone,01/28] libtiff: CVE-2022-34526 A stack overflow was discovered [kirkstone,02/28] libxml2: Ignore CVE-2016-3709 [kirkstone,03/28] connman: Backports for security fixes [kirkstone,04/28] u-boot: fix CVE-2022-30552 [kirkstone,05/28] u-boot: fix CVE-2022-33967 [kirkstone,06/28] grub2: fix several CVEs [kirkstone,07/28] cve-check: Don't use f-strings [kirkstone,08/28] go: update v1.17.12 -> v1.17.13 [kirkstone,09/28] bluez5: update 5.64 -> 5.65 [kirkstone,10/28] libwpe: upgrade 1.12.0 -> 1.12.2 [kirkstone,11/28] ell: upgrade 0.49 -> 0.50 [kirkstone,12/28] iso-codes: upgrade 4.10.0 -> 4.11.0 [kirkstone,13/28] libcap: upgrade 2.63 -> 2.64 [kirkstone,14/28] libcap: upgrade 2.64 -> 2.65 [kirkstone,15/28] libwebp: upgrade 1.2.2 -> 1.2.3 [kirkstone,16/28] mobile-broadband-provider-info: upgrade 20220511 -> 20220725 [kirkstone,17/28] webkitgtk: upgrade 2.36.4 -> 2.36.5 [kirkstone,18/28] weston: upgrade 10.0.1 -> 10.0.2 [kirkstone,19/28] python3-pip: Fix RDEPENDS after the update [kirkstone,20/28] cracklib: Drop using register keyword [kirkstone,21/28] tcp-wrappers: Fix implicit-function-declaration warnings [kirkstone,22/28] libpam: use /run instead of /var/run in systemd tmpfiles [kirkstone,23/28] perf: Fix reproducibility issues with 5.19 onwards [kirkstone,24/28] archiver.bbclass: some recipes that uses the kernelsrc bbclass uses the shared so… [kirkstone,25/28] apt: fix nativesdk-apt build failure during the second time build [kirkstone,26/28] linux-yocto: prepend the the value with a space when append to KERNEL_EXTRA_ARGS [kirkstone,27/28] create-spdx: handle links to inaccessible locations [kirkstone,28/28] packagegroup-self-hosted: update for strace

Message ID

4fdb3d4e031e22c03d03c6cc7713ec45d7498555.1661293746.git.steve@sakoman.com

State

Accepted, archived

Commit

4fdb3d4e031e22c03d03c6cc7713ec45d7498555

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 09/28] bluez5: update 5.64 -> 5.65
Date: Tue, 23 Aug 2022 12:35:21 -1000
Message-Id: 
 <4fdb3d4e031e22c03d03c6cc7713ec45d7498555.1661293746.git.steve@sakoman.com>
In-Reply-To: <cover.1661293745.git.steve@sakoman.com>
References: <cover.1661293745.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[kirkstone,01/28] libtiff: CVE-2022-34526 A stack overflow was discovered | expand

Commit Message

Steve Sakoman Aug. 23, 2022, 10:35 p.m. UTC

From: Alexander Kanavin <alex.kanavin@gmail.com>

ver 5.65 changes:
	Fix issue with A2DP cache invalidation handling.
	Fix issue with A2DP and not initialized SEP codec.
	Fix issue with A2DP and multiple SetConfiguration to same SEP
	Fix issue with AVRCP and not properly initialized volume.
	Fix issue with SDP records when operating in LE only mode.
	Fix issue with HoG and not reading report map of instances.
	Fix issue with GATT server crashing while disconnecting.
	Fix issue with not removing connected devices.
	Fix issue with enabling wake support without RPA Resolution.
	Fix issue with pairing failed due to the error of Already Paired.
	Add support for CONFIGURATION_DIRECTORY environment variable.
	Add support for STATE_DIRECTORY environment variable.
	Add support for "Bonded" property with Device API.
	Add experimental support for ISO socket.

Drop fix_service.patch as it is merged upstream.

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 10374b5ed4b5550eadacbcd71ae20b751ce5c038)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-connectivity/bluez5/bluez5.inc   |  1 -
 .../bluez5/bluez5/fix_service.patch           | 30 -------------------
 .../bluez5/{bluez5_5.64.bb => bluez5_5.65.bb} |  2 +-
 3 files changed, 1 insertion(+), 32 deletions(-)
 delete mode 100644 meta/recipes-connectivity/bluez5/bluez5/fix_service.patch
 rename meta/recipes-connectivity/bluez5/{bluez5_5.64.bb => bluez5_5.65.bb} (95%)

diff --git a/meta/recipes-connectivity/bluez5/bluez5.inc b/meta/recipes-connectivity/bluez5/bluez5.inc
index 22dd07b348..79d4645ca8 100644
--- a/meta/recipes-connectivity/bluez5/bluez5.inc
+++ b/meta/recipes-connectivity/bluez5/bluez5.inc
@@ -53,7 +53,6 @@  SRC_URI = "${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \
            ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \
            file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \
            file://0001-test-gatt-Fix-hung-issue.patch \
-           file://fix_service.patch \
            "
 S = "${WORKDIR}/bluez-${PV}"
 
diff --git a/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch b/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch
deleted file mode 100644
index 96fdf6b299..0000000000
--- a/meta/recipes-connectivity/bluez5/bluez5/fix_service.patch
+++ /dev/null
@@ -1,30 +0,0 @@ 
-The systemd bluetooth service failed to start because the /var/lib/bluetooth
-path of ReadWritePaths= is created by the bluetooth daemon itself.
-
-The commit systemd: Add more filesystem lockdown (442d211) add ReadWritePaths=/etc/bluetooth
-and ReadOnlyPaths=/var/lib/bluetooth options to the bluetooth systemd service.
-The existing ProtectSystem=full option mounts the /usr, the boot loader
-directories and /etc read-only. This means the two option are useless and could be removed.
-
-Upstream-Status: Submitted [https://github.com/bluez/bluez/issues/329]
-
-Index: bluez-5.64/src/bluetooth.service.in
-===================================================================
---- bluez-5.64.orig/src/bluetooth.service.in
-+++ bluez-5.64/src/bluetooth.service.in
-@@ -15,12 +15,12 @@ LimitNPROC=1
- 
- # Filesystem lockdown
- ProtectHome=true
--ProtectSystem=full
-+ProtectSystem=strict
- PrivateTmp=true
- ProtectKernelTunables=true
- ProtectControlGroups=true
--ReadWritePaths=@statedir@
--ReadOnlyPaths=@confdir@
-+ConfigurationDirectory=bluetooth
-+StateDirectory=bluetooth
- 
- # Execute Mappings
- MemoryDenyWriteExecute=true
diff --git a/meta/recipes-connectivity/bluez5/bluez5_5.64.bb b/meta/recipes-connectivity/bluez5/bluez5_5.65.bb
similarity index 95%
rename from meta/recipes-connectivity/bluez5/bluez5_5.64.bb
rename to meta/recipes-connectivity/bluez5/bluez5_5.65.bb
index 4319f9aae8..4c15aeb46d 100644
--- a/meta/recipes-connectivity/bluez5/bluez5_5.64.bb
+++ b/meta/recipes-connectivity/bluez5/bluez5_5.65.bb
@@ -1,6 +1,6 @@ 
 require bluez5.inc
 
-SRC_URI[sha256sum] = "ae437e65b6b3070c198bc5b0109fe9cdeb9eaa387380e2072f9de65fe8a1de34"
+SRC_URI[sha256sum] = "2565a4d48354b576e6ad92e25b54ed66808296581c8abb80587051f9993d96d4"
 
 # These issues have kernel fixes rather than bluez fixes so exclude here
 CVE_CHECK_IGNORE += "CVE-2020-12352 CVE-2020-24490"

[kirkstone,09/28] bluez5: update 5.64 -> 5.65

Commit Message

Patch