| Message ID | 005bfa0639724248f2a257cae0108ecd16e7314b.1662559557.git.steve@sakoman.com |
|---|---|
| State | Accepted, archived |
| Commit | 005bfa0639724248f2a257cae0108ecd16e7314b |
| Headers | show |
| Series | [kirkstone,01/24] sqlite: add CVE-2022-35737 patch to SRC_URI | expand |
On 2022-09-07 10:20, Steve Sakoman wrote: > From: wangmy <wangmy@fujitsu.com> > > Changelog: > =========== > - Clarify libtasn1.map license. Closes: #38. > - Fix ETYPE_OK out of bounds read. Closes: #32. > - Update gnulib files and various maintenance fixes. > > Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> > Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> > (cherry picked from commit b8f2c6ec61ffcc607a35bd5c11f5020c9b676226) > Signed-off-by: Steve Sakoman <steve@sakoman.com> > --- > .../gnutls/{libtasn1_4.18.0.bb => libtasn1_4.19.0.bb} | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > rename meta/recipes-support/gnutls/{libtasn1_4.18.0.bb => libtasn1_4.19.0.bb} (90%) > > diff --git a/meta/recipes-support/gnutls/libtasn1_4.18.0.bb b/meta/recipes-support/gnutls/libtasn1_4.19.0.bb > similarity index 90% > rename from meta/recipes-support/gnutls/libtasn1_4.18.0.bb > rename to meta/recipes-support/gnutls/libtasn1_4.19.0.bb > index db49adc1c2..5fb8b54c06 100644 > --- a/meta/recipes-support/gnutls/libtasn1_4.18.0.bb > +++ b/meta/recipes-support/gnutls/libtasn1_4.19.0.bb > @@ -16,7 +16,7 @@ SRC_URI = "${GNU_MIRROR}/libtasn1/libtasn1-${PV}.tar.gz \ > > DEPENDS = "bison-native" > > -SRC_URI[sha256sum] = "4365c154953563d64c67a024b607d1ee75c6db76e0d0f65709ea80a334cd1898" > +SRC_URI[sha256sum] = "1613f0ac1cf484d6ec0ce3b8c06d56263cc7242f1c23b30d82d23de345a63f7a" > > inherit autotools texinfo lib_package gtk-doc I was a little concerned about this update for kirkstone but after a little review, it seems fine so I thought I'd reply to show Steve that people do eventually read his updates and to re-assure any late to the party worriers like me. Full git log --oneline below but the source is mainly in 'src and lib': $ git log --oneline v4.18.0..v4.19.0 src 4e74cf2 Bump copyright years. $ git log --oneline v4.18.0..v4.19.0 lib 6acc6d9 Work around unfixed gtk-doc problem. 5ce3238 Some C89 fixes. Closes: !70. 44a700d Fix ETYPE_OK off by one array size check. Closes: #32. 33adcd0 Fix license header. Closes: #38. 4e74cf2 Bump copyright years. so that all seems to be sensible. I may learn to trust Steve (but I'll keep verifying...) ../Randy $ git log --oneline v4.18.0..v4.19.0 2b7ee16 (tag: v4.19.0) version 4.19.0 6acc6d9 Work around unfixed gtk-doc problem. 53fe8c8 Improve CI/CD artifacts, and fail on errors. 06e7433 Put version checks in tests/version.c. 513bb42 Deduplicate. 51e04e5 bootstrap.conf (src_gnulib_modules): Add getopt-gnu. 290a4ad Build check with tcc/lld/pcc. 5ce3238 Some C89 fixes. Closes: !70. b66b8ce Attempt to reproduce !70 build error. 4af0fbc Bump LT_REVISION. 42467ed Add sc_libtool_version_bump syntax-check. 74785e7 Move gnulib's dummy test directory from tests-gl to lib/gl/tests. 45c87b5 Add NEWS entry. 44a700d Fix ETYPE_OK off by one array size check. Closes: #32. 1487507 Make sure syntax-check catches indent mistakes during cicd. 6533485 Add self-check for #32 to see if cicd catches it. 33adcd0 Fix license header. Closes: #38. 72e30be Add NEWS entry. 7b58af4 Silence syntax-check. f1436e1 Silence sc_makefile_DISTCHECK_CONFIGURE_FLAGS until we clean up coverage code. 7c54eb1 Put gtkdocize in bootstrap_post_import_hook. 2a2686c Update bootstrap. 81b1cb0 Update gnulib. 4e74cf2 Bump copyright years. 02bf9cb Don't use -static when linking in fuzz/. Closes: !61. 56d2301 Use portable way to remove carriage returns. 3af8286 (origin/jas/tmp-cicd) Don't use non-portable diff --strip-trailing-cr. 607e6b1 cicd: Add targets, reduce texlive. 581e2a3 maint: Fix builddir!=srcdir abi-check failure. c9c8de3 maint: Attempt to minimize texlive dependencies. 6182cf4 maint: Fix (and CICD-test) builddir!=srcdir bootstrap builds. 4332821 maint: Remove really old release announcement template. 5b766ad maint: Really remove texinfo.css. f3c679d maint: post-release administrivia > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#170402): https://lists.openembedded.org/g/openembedded-core/message/170402 > Mute This Topic: https://lists.openembedded.org/mt/93525901/3616765 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [randy.macleod@windriver.com] > -=-=-=-=-=-=-=-=-=-=-=- >
On Tue, Sep 13, 2022 at 2:37 PM Randy MacLeod <randy.macleod@windriver.com> wrote: > > On 2022-09-07 10:20, Steve Sakoman wrote: > > From: wangmy <wangmy@fujitsu.com> > > > > Changelog: > > =========== > > - Clarify libtasn1.map license. Closes: #38. > > - Fix ETYPE_OK out of bounds read. Closes: #32. > > - Update gnulib files and various maintenance fixes. > > > > Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> > > Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> > > (cherry picked from commit b8f2c6ec61ffcc607a35bd5c11f5020c9b676226) > > Signed-off-by: Steve Sakoman <steve@sakoman.com> > > --- > > .../gnutls/{libtasn1_4.18.0.bb => libtasn1_4.19.0.bb} | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > rename meta/recipes-support/gnutls/{libtasn1_4.18.0.bb => libtasn1_4.19.0.bb} (90%) > > > > diff --git a/meta/recipes-support/gnutls/libtasn1_4.18.0.bb b/meta/recipes-support/gnutls/libtasn1_4.19.0.bb > > similarity index 90% > > rename from meta/recipes-support/gnutls/libtasn1_4.18.0.bb > > rename to meta/recipes-support/gnutls/libtasn1_4.19.0.bb > > index db49adc1c2..5fb8b54c06 100644 > > --- a/meta/recipes-support/gnutls/libtasn1_4.18.0.bb > > +++ b/meta/recipes-support/gnutls/libtasn1_4.19.0.bb > > @@ -16,7 +16,7 @@ SRC_URI = "${GNU_MIRROR}/libtasn1/libtasn1-${PV}.tar.gz \ > > > > DEPENDS = "bison-native" > > > > -SRC_URI[sha256sum] = "4365c154953563d64c67a024b607d1ee75c6db76e0d0f65709ea80a334cd1898" > > +SRC_URI[sha256sum] = "1613f0ac1cf484d6ec0ce3b8c06d56263cc7242f1c23b30d82d23de345a63f7a" > > > > inherit autotools texinfo lib_package gtk-doc > > I was a little concerned about this update for kirkstone but > after a little review, it seems fine so I thought I'd reply to show > Steve that people do eventually read his updates and to re-assure > any late to the party worriers like me. > > > Full git log --oneline below but the source is mainly in 'src and lib': > > $ git log --oneline v4.18.0..v4.19.0 src > 4e74cf2 Bump copyright years. > > $ git log --oneline v4.18.0..v4.19.0 lib > 6acc6d9 Work around unfixed gtk-doc problem. > 5ce3238 Some C89 fixes. Closes: !70. > 44a700d Fix ETYPE_OK off by one array size check. Closes: #32. > 33adcd0 Fix license header. Closes: #38. > 4e74cf2 Bump copyright years. > > so that all seems to be sensible. > > I may learn to trust Steve (but I'll keep verifying...) Please do! I'm not sure I would trust me ;-) Steve > $ git log --oneline v4.18.0..v4.19.0 > 2b7ee16 (tag: v4.19.0) version 4.19.0 > 6acc6d9 Work around unfixed gtk-doc problem. > 53fe8c8 Improve CI/CD artifacts, and fail on errors. > 06e7433 Put version checks in tests/version.c. > 513bb42 Deduplicate. > 51e04e5 bootstrap.conf (src_gnulib_modules): Add getopt-gnu. > 290a4ad Build check with tcc/lld/pcc. > 5ce3238 Some C89 fixes. Closes: !70. > b66b8ce Attempt to reproduce !70 build error. > 4af0fbc Bump LT_REVISION. > 42467ed Add sc_libtool_version_bump syntax-check. > 74785e7 Move gnulib's dummy test directory from tests-gl to lib/gl/tests. > 45c87b5 Add NEWS entry. > 44a700d Fix ETYPE_OK off by one array size check. Closes: #32. > 1487507 Make sure syntax-check catches indent mistakes during cicd. > 6533485 Add self-check for #32 to see if cicd catches it. > 33adcd0 Fix license header. Closes: #38. > 72e30be Add NEWS entry. > 7b58af4 Silence syntax-check. > f1436e1 Silence sc_makefile_DISTCHECK_CONFIGURE_FLAGS until we clean up > coverage code. > 7c54eb1 Put gtkdocize in bootstrap_post_import_hook. > 2a2686c Update bootstrap. > 81b1cb0 Update gnulib. > 4e74cf2 Bump copyright years. > 02bf9cb Don't use -static when linking in fuzz/. Closes: !61. > 56d2301 Use portable way to remove carriage returns. > 3af8286 (origin/jas/tmp-cicd) Don't use non-portable diff > --strip-trailing-cr. > 607e6b1 cicd: Add targets, reduce texlive. > 581e2a3 maint: Fix builddir!=srcdir abi-check failure. > c9c8de3 maint: Attempt to minimize texlive dependencies. > 6182cf4 maint: Fix (and CICD-test) builddir!=srcdir bootstrap builds. > 4332821 maint: Remove really old release announcement template. > 5b766ad maint: Really remove texinfo.css. > f3c679d maint: post-release administrivia > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- > > Links: You receive all messages sent to this group. > > View/Reply Online (#170402): https://lists.openembedded.org/g/openembedded-core/message/170402 > > Mute This Topic: https://lists.openembedded.org/mt/93525901/3616765 > > Group Owner: openembedded-core+owner@lists.openembedded.org > > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [randy.macleod@windriver.com] > > -=-=-=-=-=-=-=-=-=-=-=- > > > > -- > # Randy MacLeod > # Wind River Linux >
diff --git a/meta/recipes-support/gnutls/libtasn1_4.18.0.bb b/meta/recipes-support/gnutls/libtasn1_4.19.0.bb similarity index 90% rename from meta/recipes-support/gnutls/libtasn1_4.18.0.bb rename to meta/recipes-support/gnutls/libtasn1_4.19.0.bb index db49adc1c2..5fb8b54c06 100644 --- a/meta/recipes-support/gnutls/libtasn1_4.18.0.bb +++ b/meta/recipes-support/gnutls/libtasn1_4.19.0.bb @@ -16,7 +16,7 @@ SRC_URI = "${GNU_MIRROR}/libtasn1/libtasn1-${PV}.tar.gz \ DEPENDS = "bison-native" -SRC_URI[sha256sum] = "4365c154953563d64c67a024b607d1ee75c6db76e0d0f65709ea80a334cd1898" +SRC_URI[sha256sum] = "1613f0ac1cf484d6ec0ce3b8c06d56263cc7242f1c23b30d82d23de345a63f7a" inherit autotools texinfo lib_package gtk-doc