Message ID | 20240105165554.1401517-1-tim.orling@konsulko.com |
---|---|
State | Under Review |
Headers | show |
Series | openssh: upgrade 9.5p1 -> 9.6p1 | expand |
https://autobuilder.yoctoproject.org/typhoon/#/builders/102/builds/5751/steps/13/logs/stdio On 05/01/2024 08:55:55-0800, Tim Orling wrote: > * Relocate Upstream-Status in 0001-regress-banner.sh-log-input-and-output-files-on-erro.patch > so it will not throw an error in AUH > > https://www.openssh.com/txt/release-9.6 > https://github.com/openssh/openssh-portable/compare/V_9_5_P1...V_9_6_P1 > > https://nvd.nist.gov/vuln/detail/CVE-2023-48795 > https://nvd.nist.gov/vuln/detail/CVE-2023-51384 > https://nvd.nist.gov/vuln/detail/CVE-2023-51385 > > CVE: CVE-2023-48795 > CVE: CVE-2023-51384 > CVE: CVE-2023-51385 > > Signed-off-by: Tim Orling <tim.orling@konsulko.com> > --- > All ptests passed on core-image-ptest-openssh on qemux86-64 > > ...regress-banner.sh-log-input-and-output-files-on-erro.patch | 4 ++-- > .../openssh/{openssh_9.5p1.bb => openssh_9.6p1.bb} | 2 +- > 2 files changed, 3 insertions(+), 3 deletions(-) > rename meta/recipes-connectivity/openssh/{openssh_9.5p1.bb => openssh_9.6p1.bb} (98%) > > diff --git a/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch b/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch > index 2c14014fed8..8763f30f4b3 100644 > --- a/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch > +++ b/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch > @@ -34,13 +34,13 @@ return value: 1 > > See: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15178 > > +Upstream-Status: Denied [https://github.com/openssh/openssh-portable/pull/437] > + > Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> > --- > regress/banner.sh | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > -Upstream-Status: Denied [https://github.com/openssh/openssh-portable/pull/437] > - > diff --git a/regress/banner.sh b/regress/banner.sh > index a84feb5a..de84957a 100644 > --- a/regress/banner.sh > diff --git a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb > similarity index 98% > rename from meta/recipes-connectivity/openssh/openssh_9.5p1.bb > rename to meta/recipes-connectivity/openssh/openssh_9.6p1.bb > index bbb8fb091ad..fa44eb0bd4e 100644 > --- a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb > +++ b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb > @@ -28,7 +28,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar > file://0001-regress-banner.sh-log-input-and-output-files-on-erro.patch \ > file://0001-systemd-Add-optional-support-for-systemd-sd_notify.patch \ > " > -SRC_URI[sha256sum] = "f026e7b79ba7fb540f75182af96dc8a8f1db395f922bbc9f6ca603672686086b" > +SRC_URI[sha256sum] = "910211c07255a8c5ad654391b40ee59800710dd8119dd5362de09385aa7a777c" > > CVE_STATUS[CVE-2007-2768] = "not-applicable-config: This CVE is specific to OpenSSH with the pam opie which we don't build/use here." > > -- > 2.34.1 > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#193372): https://lists.openembedded.org/g/openembedded-core/message/193372 > Mute This Topic: https://lists.openembedded.org/mt/103546397/3617179 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [alexandre.belloni@bootlin.com] > -=-=-=-=-=-=-=-=-=-=-=- >
On Fri, Feb 2, 2024 at 3:12 PM Alexandre Belloni < alexandre.belloni@bootlin.com> wrote: > > https://autobuilder.yoctoproject.org/typhoon/#/builders/102/builds/5751/steps/13/logs/stdio > Thank you, Alexandre. I’ll try to find a fix for this mips issue. If anyone else stumbles on it first, I’m happy to take guidance. > > On 05/01/2024 08:55:55-0800, Tim Orling wrote: > > * Relocate Upstream-Status in > 0001-regress-banner.sh-log-input-and-output-files-on-erro.patch > > so it will not throw an error in AUH > > > > https://www.openssh.com/txt/release-9.6 > > https://github.com/openssh/openssh-portable/compare/V_9_5_P1...V_9_6_P1 > > > > https://nvd.nist.gov/vuln/detail/CVE-2023-48795 > > https://nvd.nist.gov/vuln/detail/CVE-2023-51384 > > https://nvd.nist.gov/vuln/detail/CVE-2023-51385 > > > > CVE: CVE-2023-48795 > > CVE: CVE-2023-51384 > > CVE: CVE-2023-51385 > > > > Signed-off-by: Tim Orling <tim.orling@konsulko.com> > > --- > > All ptests passed on core-image-ptest-openssh on qemux86-64 > > > > ...regress-banner.sh-log-input-and-output-files-on-erro.patch | 4 ++-- > > .../openssh/{openssh_9.5p1.bb => openssh_9.6p1.bb} | 2 +- > > 2 files changed, 3 insertions(+), 3 deletions(-) > > rename meta/recipes-connectivity/openssh/{openssh_9.5p1.bb => > openssh_9.6p1.bb} (98%) > > > > diff --git > a/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch > b/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch > > index 2c14014fed8..8763f30f4b3 100644 > > --- > a/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch > > +++ > b/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch > > @@ -34,13 +34,13 @@ return value: 1 > > > > See: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15178 > > > > +Upstream-Status: Denied [ > https://github.com/openssh/openssh-portable/pull/437] > > + > > Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> > > --- > > regress/banner.sh | 4 +++- > > 1 file changed, 3 insertions(+), 1 deletion(-) > > > > -Upstream-Status: Denied [ > https://github.com/openssh/openssh-portable/pull/437] > > - > > diff --git a/regress/banner.sh b/regress/banner.sh > > index a84feb5a..de84957a 100644 > > --- a/regress/banner.sh > > diff --git a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb > b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb > > similarity index 98% > > rename from meta/recipes-connectivity/openssh/openssh_9.5p1.bb > > rename to meta/recipes-connectivity/openssh/openssh_9.6p1.bb > > index bbb8fb091ad..fa44eb0bd4e 100644 > > --- a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb > > +++ b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb > > @@ -28,7 +28,7 @@ SRC_URI = " > http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar > > > file://0001-regress-banner.sh-log-input-and-output-files-on-erro.patch \ > > > file://0001-systemd-Add-optional-support-for-systemd-sd_notify.patch \ > > " > > -SRC_URI[sha256sum] = > "f026e7b79ba7fb540f75182af96dc8a8f1db395f922bbc9f6ca603672686086b" > > +SRC_URI[sha256sum] = > "910211c07255a8c5ad654391b40ee59800710dd8119dd5362de09385aa7a777c" > > > > CVE_STATUS[CVE-2007-2768] = "not-applicable-config: This CVE is > specific to OpenSSH with the pam opie which we don't build/use here." > > > > -- > > 2.34.1 > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- > > Links: You receive all messages sent to this group. > > View/Reply Online (#193372): > https://lists.openembedded.org/g/openembedded-core/message/193372 > > Mute This Topic: https://lists.openembedded.org/mt/103546397/3617179 > > Group Owner: openembedded-core+owner@lists.openembedded.org > > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [ > alexandre.belloni@bootlin.com] > > -=-=-=-=-=-=-=-=-=-=-=- > > > > > -- > Alexandre Belloni, co-owner and COO, Bootlin > Embedded Linux and Kernel engineering > https://bootlin.com >
The errors on mips32 are internal compiler errors (ICE): moduli.c:814:1: internal compiler error: in int_mode_for_mode, at stor-layout.cc:407 progressmeter.c:238:1: internal compiler error: in int_mode_for_mode, at stor-layout.cc:407 clientloop.c:1699:1: internal compiler error: in int_mode_for_mode, at stor-layout.cc:407 (There are also a lot of OpenSSL 3.0 deprecation warnings, but I think the ICE are what is failing the build). Full log.do_compile attached. There are a handful of similar bug reports like: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104820 Any advice to help report this properly is appreciated. Any ideas to fix it are even better. --Tim On Fri, Feb 2, 2024 at 4:11 PM Tim Orling via lists.openembedded.org <ticotimo=gmail.com@lists.openembedded.org> wrote: > > > On Fri, Feb 2, 2024 at 3:12 PM Alexandre Belloni < > alexandre.belloni@bootlin.com> wrote: > >> >> https://autobuilder.yoctoproject.org/typhoon/#/builders/102/builds/5751/steps/13/logs/stdio >> > > Thank you, Alexandre. I’ll try to find a fix for this mips issue. If > anyone else stumbles on it first, I’m happy to take guidance. > >> >> On 05/01/2024 08:55:55-0800, Tim Orling wrote: >> > * Relocate Upstream-Status in >> 0001-regress-banner.sh-log-input-and-output-files-on-erro.patch >> > so it will not throw an error in AUH >> > >> > https://www.openssh.com/txt/release-9.6 >> > https://github.com/openssh/openssh-portable/compare/V_9_5_P1...V_9_6_P1 >> > >> > https://nvd.nist.gov/vuln/detail/CVE-2023-48795 >> > https://nvd.nist.gov/vuln/detail/CVE-2023-51384 >> > https://nvd.nist.gov/vuln/detail/CVE-2023-51385 >> > >> > CVE: CVE-2023-48795 >> > CVE: CVE-2023-51384 >> > CVE: CVE-2023-51385 >> > >> > Signed-off-by: Tim Orling <tim.orling@konsulko.com> >> > --- >> > All ptests passed on core-image-ptest-openssh on qemux86-64 >> > >> > ...regress-banner.sh-log-input-and-output-files-on-erro.patch | 4 ++-- >> > .../openssh/{openssh_9.5p1.bb => openssh_9.6p1.bb} | 2 +- >> > 2 files changed, 3 insertions(+), 3 deletions(-) >> > rename meta/recipes-connectivity/openssh/{openssh_9.5p1.bb => >> openssh_9.6p1.bb} (98%) >> > >> > diff --git >> a/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch >> b/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch >> > index 2c14014fed8..8763f30f4b3 100644 >> > --- >> a/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch >> > +++ >> b/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch >> > @@ -34,13 +34,13 @@ return value: 1 >> > >> > See: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15178 >> > >> > +Upstream-Status: Denied [ >> https://github.com/openssh/openssh-portable/pull/437] >> > + >> > Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> >> > --- >> > regress/banner.sh | 4 +++- >> > 1 file changed, 3 insertions(+), 1 deletion(-) >> > >> > -Upstream-Status: Denied [ >> https://github.com/openssh/openssh-portable/pull/437] >> > - >> > diff --git a/regress/banner.sh b/regress/banner.sh >> > index a84feb5a..de84957a 100644 >> > --- a/regress/banner.sh >> > diff --git a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb >> b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb >> > similarity index 98% >> > rename from meta/recipes-connectivity/openssh/openssh_9.5p1.bb >> > rename to meta/recipes-connectivity/openssh/openssh_9.6p1.bb >> > index bbb8fb091ad..fa44eb0bd4e 100644 >> > --- a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb >> > +++ b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb >> > @@ -28,7 +28,7 @@ SRC_URI = " >> http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar >> > >> file://0001-regress-banner.sh-log-input-and-output-files-on-erro.patch \ >> > >> file://0001-systemd-Add-optional-support-for-systemd-sd_notify.patch \ >> > " >> > -SRC_URI[sha256sum] = >> "f026e7b79ba7fb540f75182af96dc8a8f1db395f922bbc9f6ca603672686086b" >> > +SRC_URI[sha256sum] = >> "910211c07255a8c5ad654391b40ee59800710dd8119dd5362de09385aa7a777c" >> > >> > CVE_STATUS[CVE-2007-2768] = "not-applicable-config: This CVE is >> specific to OpenSSH with the pam opie which we don't build/use here." >> > >> > -- >> > 2.34.1 >> > >> >> > >> > >> > >> >> >> -- >> Alexandre Belloni, co-owner and COO, Bootlin >> Embedded Linux and Kernel engineering >> https://bootlin.com >> > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#194821): > https://lists.openembedded.org/g/openembedded-core/message/194821 > Mute This Topic: https://lists.openembedded.org/mt/103546397/924729 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [ > ticotimo@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- > >
On Sat, Feb 3, 2024 at 5:20 PM Tim Orling <ticotimo@gmail.com> wrote: > > The errors on mips32 are internal compiler errors (ICE): > moduli.c:814:1: internal compiler error: in int_mode_for_mode, at stor-layout.cc:407 > progressmeter.c:238:1: internal compiler error: in int_mode_for_mode, at stor-layout.cc:407 > clientloop.c:1699:1: internal compiler error: in int_mode_for_mode, at stor-layout.cc:407 > > (There are also a lot of OpenSSL 3.0 deprecation warnings, but I think the ICE are what is failing the build). > > Full log.do_compile attached. > > There are a handful of similar bug reports like: > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104820 > > Any advice to help report this properly is appreciated. Any ideas to fix it are even better. Looks like gcc issue but try the patch proposed in this bug https://bugzilla.mindrot.org/show_bug.cgi?id=3645 This patch - https://bugzilla.mindrot.org/attachment.cgi?id=3776&action=diff See if it helps. > > --Tim > > On Fri, Feb 2, 2024 at 4:11 PM Tim Orling via lists.openembedded.org <ticotimo=gmail.com@lists.openembedded.org> wrote: >> >> >> >> On Fri, Feb 2, 2024 at 3:12 PM Alexandre Belloni <alexandre.belloni@bootlin.com> wrote: >>> >>> https://autobuilder.yoctoproject.org/typhoon/#/builders/102/builds/5751/steps/13/logs/stdio >> >> >> Thank you, Alexandre. I’ll try to find a fix for this mips issue. If anyone else stumbles on it first, I’m happy to take guidance. >>> >>> >>> On 05/01/2024 08:55:55-0800, Tim Orling wrote: >>> > * Relocate Upstream-Status in 0001-regress-banner.sh-log-input-and-output-files-on-erro.patch >>> > so it will not throw an error in AUH >>> > >>> > https://www.openssh.com/txt/release-9.6 >>> > https://github.com/openssh/openssh-portable/compare/V_9_5_P1...V_9_6_P1 >>> > >>> > https://nvd.nist.gov/vuln/detail/CVE-2023-48795 >>> > https://nvd.nist.gov/vuln/detail/CVE-2023-51384 >>> > https://nvd.nist.gov/vuln/detail/CVE-2023-51385 >>> > >>> > CVE: CVE-2023-48795 >>> > CVE: CVE-2023-51384 >>> > CVE: CVE-2023-51385 >>> > >>> > Signed-off-by: Tim Orling <tim.orling@konsulko.com> >>> > --- >>> > All ptests passed on core-image-ptest-openssh on qemux86-64 >>> > >>> > ...regress-banner.sh-log-input-and-output-files-on-erro.patch | 4 ++-- >>> > .../openssh/{openssh_9.5p1.bb => openssh_9.6p1.bb} | 2 +- >>> > 2 files changed, 3 insertions(+), 3 deletions(-) >>> > rename meta/recipes-connectivity/openssh/{openssh_9.5p1.bb => openssh_9.6p1.bb} (98%) >>> > >>> > diff --git a/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch b/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch >>> > index 2c14014fed8..8763f30f4b3 100644 >>> > --- a/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch >>> > +++ b/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch >>> > @@ -34,13 +34,13 @@ return value: 1 >>> > >>> > See: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15178 >>> > >>> > +Upstream-Status: Denied [https://github.com/openssh/openssh-portable/pull/437] >>> > + >>> > Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> >>> > --- >>> > regress/banner.sh | 4 +++- >>> > 1 file changed, 3 insertions(+), 1 deletion(-) >>> > >>> > -Upstream-Status: Denied [https://github.com/openssh/openssh-portable/pull/437] >>> > - >>> > diff --git a/regress/banner.sh b/regress/banner.sh >>> > index a84feb5a..de84957a 100644 >>> > --- a/regress/banner.sh >>> > diff --git a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb >>> > similarity index 98% >>> > rename from meta/recipes-connectivity/openssh/openssh_9.5p1.bb >>> > rename to meta/recipes-connectivity/openssh/openssh_9.6p1.bb >>> > index bbb8fb091ad..fa44eb0bd4e 100644 >>> > --- a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb >>> > +++ b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb >>> > @@ -28,7 +28,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar >>> > file://0001-regress-banner.sh-log-input-and-output-files-on-erro.patch \ >>> > file://0001-systemd-Add-optional-support-for-systemd-sd_notify.patch \ >>> > " >>> > -SRC_URI[sha256sum] = "f026e7b79ba7fb540f75182af96dc8a8f1db395f922bbc9f6ca603672686086b" >>> > +SRC_URI[sha256sum] = "910211c07255a8c5ad654391b40ee59800710dd8119dd5362de09385aa7a777c" >>> > >>> > CVE_STATUS[CVE-2007-2768] = "not-applicable-config: This CVE is specific to OpenSSH with the pam opie which we don't build/use here." >>> > >>> > -- >>> > 2.34.1 >>> > >>> >>> > >>> > >>> > >>> >>> >>> -- >>> Alexandre Belloni, co-owner and COO, Bootlin >>> Embedded Linux and Kernel engineering >>> https://bootlin.com >> >> >> -=-=-=-=-=-=-=-=-=-=-=- >> Links: You receive all messages sent to this group. >> View/Reply Online (#194821): https://lists.openembedded.org/g/openembedded-core/message/194821 >> Mute This Topic: https://lists.openembedded.org/mt/103546397/924729 >> Group Owner: openembedded-core+owner@lists.openembedded.org >> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [ticotimo@gmail.com] >> -=-=-=-=-=-=-=-=-=-=-=- >>
On Sat, Feb 3, 2024 at 7:39 PM Khem Raj <raj.khem@gmail.com> wrote: > > On Sat, Feb 3, 2024 at 5:20 PM Tim Orling <ticotimo@gmail.com> wrote: > > > > The errors on mips32 are internal compiler errors (ICE): > > moduli.c:814:1: internal compiler error: in int_mode_for_mode, at stor-layout.cc:407 > > progressmeter.c:238:1: internal compiler error: in int_mode_for_mode, at stor-layout.cc:407 > > clientloop.c:1699:1: internal compiler error: in int_mode_for_mode, at stor-layout.cc:407 > > > > (There are also a lot of OpenSSL 3.0 deprecation warnings, but I think the ICE are what is failing the build). > > > > Full log.do_compile attached. > > > > There are a handful of similar bug reports like: > > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104820 > > > > Any advice to help report this properly is appreciated. Any ideas to fix it are even better. > > Looks like gcc issue but try the patch proposed in this bug > https://bugzilla.mindrot.org/show_bug.cgi?id=3645 > > This patch - https://bugzilla.mindrot.org/attachment.cgi?id=3776&action=diff > > See if it helps. Its also applied upstream see https://github.com/openssh/openssh-portable/commit/1036d77b34a5fa15e56f516b81b9928006848cbd > > > > > --Tim > > > > On Fri, Feb 2, 2024 at 4:11 PM Tim Orling via lists.openembedded.org <ticotimo=gmail.com@lists.openembedded.org> wrote: > >> > >> > >> > >> On Fri, Feb 2, 2024 at 3:12 PM Alexandre Belloni <alexandre.belloni@bootlin.com> wrote: > >>> > >>> https://autobuilder.yoctoproject.org/typhoon/#/builders/102/builds/5751/steps/13/logs/stdio > >> > >> > >> Thank you, Alexandre. I’ll try to find a fix for this mips issue. If anyone else stumbles on it first, I’m happy to take guidance. > >>> > >>> > >>> On 05/01/2024 08:55:55-0800, Tim Orling wrote: > >>> > * Relocate Upstream-Status in 0001-regress-banner.sh-log-input-and-output-files-on-erro.patch > >>> > so it will not throw an error in AUH > >>> > > >>> > https://www.openssh.com/txt/release-9.6 > >>> > https://github.com/openssh/openssh-portable/compare/V_9_5_P1...V_9_6_P1 > >>> > > >>> > https://nvd.nist.gov/vuln/detail/CVE-2023-48795 > >>> > https://nvd.nist.gov/vuln/detail/CVE-2023-51384 > >>> > https://nvd.nist.gov/vuln/detail/CVE-2023-51385 > >>> > > >>> > CVE: CVE-2023-48795 > >>> > CVE: CVE-2023-51384 > >>> > CVE: CVE-2023-51385 > >>> > > >>> > Signed-off-by: Tim Orling <tim.orling@konsulko.com> > >>> > --- > >>> > All ptests passed on core-image-ptest-openssh on qemux86-64 > >>> > > >>> > ...regress-banner.sh-log-input-and-output-files-on-erro.patch | 4 ++-- > >>> > .../openssh/{openssh_9.5p1.bb => openssh_9.6p1.bb} | 2 +- > >>> > 2 files changed, 3 insertions(+), 3 deletions(-) > >>> > rename meta/recipes-connectivity/openssh/{openssh_9.5p1.bb => openssh_9.6p1.bb} (98%) > >>> > > >>> > diff --git a/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch b/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch > >>> > index 2c14014fed8..8763f30f4b3 100644 > >>> > --- a/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch > >>> > +++ b/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch > >>> > @@ -34,13 +34,13 @@ return value: 1 > >>> > > >>> > See: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15178 > >>> > > >>> > +Upstream-Status: Denied [https://github.com/openssh/openssh-portable/pull/437] > >>> > + > >>> > Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> > >>> > --- > >>> > regress/banner.sh | 4 +++- > >>> > 1 file changed, 3 insertions(+), 1 deletion(-) > >>> > > >>> > -Upstream-Status: Denied [https://github.com/openssh/openssh-portable/pull/437] > >>> > - > >>> > diff --git a/regress/banner.sh b/regress/banner.sh > >>> > index a84feb5a..de84957a 100644 > >>> > --- a/regress/banner.sh > >>> > diff --git a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb > >>> > similarity index 98% > >>> > rename from meta/recipes-connectivity/openssh/openssh_9.5p1.bb > >>> > rename to meta/recipes-connectivity/openssh/openssh_9.6p1.bb > >>> > index bbb8fb091ad..fa44eb0bd4e 100644 > >>> > --- a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb > >>> > +++ b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb > >>> > @@ -28,7 +28,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar > >>> > file://0001-regress-banner.sh-log-input-and-output-files-on-erro.patch \ > >>> > file://0001-systemd-Add-optional-support-for-systemd-sd_notify.patch \ > >>> > " > >>> > -SRC_URI[sha256sum] = "f026e7b79ba7fb540f75182af96dc8a8f1db395f922bbc9f6ca603672686086b" > >>> > +SRC_URI[sha256sum] = "910211c07255a8c5ad654391b40ee59800710dd8119dd5362de09385aa7a777c" > >>> > > >>> > CVE_STATUS[CVE-2007-2768] = "not-applicable-config: This CVE is specific to OpenSSH with the pam opie which we don't build/use here." > >>> > > >>> > -- > >>> > 2.34.1 > >>> > > >>> > >>> > > >>> > > >>> > > >>> > >>> > >>> -- > >>> Alexandre Belloni, co-owner and COO, Bootlin > >>> Embedded Linux and Kernel engineering > >>> https://bootlin.com > >> > >> > >> -=-=-=-=-=-=-=-=-=-=-=- > >> Links: You receive all messages sent to this group. > >> View/Reply Online (#194821): https://lists.openembedded.org/g/openembedded-core/message/194821 > >> Mute This Topic: https://lists.openembedded.org/mt/103546397/924729 > >> Group Owner: openembedded-core+owner@lists.openembedded.org > >> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [ticotimo@gmail.com] > >> -=-=-=-=-=-=-=-=-=-=-=- > >>
On Sun, Feb 4, 2024 at 12:14 AM Khem Raj <raj.khem@gmail.com> wrote: > On Sat, Feb 3, 2024 at 7:39 PM Khem Raj <raj.khem@gmail.com> wrote: > > > > On Sat, Feb 3, 2024 at 5:20 PM Tim Orling <ticotimo@gmail.com> wrote: > > > > > > The errors on mips32 are internal compiler errors (ICE): > > > moduli.c:814:1: internal compiler error: in int_mode_for_mode, at > stor-layout.cc:407 > > > progressmeter.c:238:1: internal compiler error: in int_mode_for_mode, > at stor-layout.cc:407 > > > clientloop.c:1699:1: internal compiler error: in int_mode_for_mode, at > stor-layout.cc:407 > > > > > > (There are also a lot of OpenSSL 3.0 deprecation warnings, but I think > the ICE are what is failing the build). > > > > > > Full log.do_compile attached. > > > > > > There are a handful of similar bug reports like: > > > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104820 > > > > > > Any advice to help report this properly is appreciated. Any ideas to > fix it are even better. > > > > Looks like gcc issue but try the patch proposed in this bug > > https://bugzilla.mindrot.org/show_bug.cgi?id=3645 > > > > This patch - > https://bugzilla.mindrot.org/attachment.cgi?id=3776&action=diff > > > > See if it helps. > > Its also applied upstream see > > https://github.com/openssh/openssh-portable/commit/1036d77b34a5fa15e56f516b81b9928006848cbd And that was merged after 9.6p1 https://github.com/openssh/openssh-portable/compare/V_9_6_P1...master <https://github.com/openssh/openssh-portable/commit/1036d77b34a5fa15e56f516b81b9928006848cbd> > > > > > > > > > --Tim > > > > > > On Fri, Feb 2, 2024 at 4:11 PM Tim Orling via lists.openembedded.org > <ticotimo=gmail.com@lists.openembedded.org> wrote: > > >> > > >> > > >> > > >> On Fri, Feb 2, 2024 at 3:12 PM Alexandre Belloni < > alexandre.belloni@bootlin.com> wrote: > > >>> > > >>> > https://autobuilder.yoctoproject.org/typhoon/#/builders/102/builds/5751/steps/13/logs/stdio > > >> > > >> > > >> Thank you, Alexandre. I’ll try to find a fix for this mips issue. If > anyone else stumbles on it first, I’m happy to take guidance. > > >>> > > >>> > > >>> On 05/01/2024 08:55:55-0800, Tim Orling wrote: > > >>> > * Relocate Upstream-Status in > 0001-regress-banner.sh-log-input-and-output-files-on-erro.patch > > >>> > so it will not throw an error in AUH > > >>> > > > >>> > https://www.openssh.com/txt/release-9.6 > > >>> > > https://github.com/openssh/openssh-portable/compare/V_9_5_P1...V_9_6_P1 > > >>> > > > >>> > https://nvd.nist.gov/vuln/detail/CVE-2023-48795 > > >>> > https://nvd.nist.gov/vuln/detail/CVE-2023-51384 > > >>> > https://nvd.nist.gov/vuln/detail/CVE-2023-51385 > > >>> > > > >>> > CVE: CVE-2023-48795 > > >>> > CVE: CVE-2023-51384 > > >>> > CVE: CVE-2023-51385 > > >>> > > > >>> > Signed-off-by: Tim Orling <tim.orling@konsulko.com> > > >>> > --- > > >>> > All ptests passed on core-image-ptest-openssh on qemux86-64 > > >>> > > > >>> > ...regress-banner.sh-log-input-and-output-files-on-erro.patch | 4 > ++-- > > >>> > .../openssh/{openssh_9.5p1.bb => openssh_9.6p1.bb} | > 2 +- > > >>> > 2 files changed, 3 insertions(+), 3 deletions(-) > > >>> > rename meta/recipes-connectivity/openssh/{openssh_9.5p1.bb => > openssh_9.6p1.bb} (98%) > > >>> > > > >>> > diff --git > a/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch > b/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch > > >>> > index 2c14014fed8..8763f30f4b3 100644 > > >>> > --- > a/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch > > >>> > +++ > b/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch > > >>> > @@ -34,13 +34,13 @@ return value: 1 > > >>> > > > >>> > See: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15178 > > >>> > > > >>> > +Upstream-Status: Denied [ > https://github.com/openssh/openssh-portable/pull/437] > > >>> > + > > >>> > Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> > > >>> > --- > > >>> > regress/banner.sh | 4 +++- > > >>> > 1 file changed, 3 insertions(+), 1 deletion(-) > > >>> > > > >>> > -Upstream-Status: Denied [ > https://github.com/openssh/openssh-portable/pull/437] > > >>> > - > > >>> > diff --git a/regress/banner.sh b/regress/banner.sh > > >>> > index a84feb5a..de84957a 100644 > > >>> > --- a/regress/banner.sh > > >>> > diff --git a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb > b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb > > >>> > similarity index 98% > > >>> > rename from meta/recipes-connectivity/openssh/openssh_9.5p1.bb > > >>> > rename to meta/recipes-connectivity/openssh/openssh_9.6p1.bb > > >>> > index bbb8fb091ad..fa44eb0bd4e 100644 > > >>> > --- a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb > > >>> > +++ b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb > > >>> > @@ -28,7 +28,7 @@ SRC_URI = " > http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar > > >>> > > file://0001-regress-banner.sh-log-input-and-output-files-on-erro.patch \ > > >>> > > file://0001-systemd-Add-optional-support-for-systemd-sd_notify.patch \ > > >>> > " > > >>> > -SRC_URI[sha256sum] = > "f026e7b79ba7fb540f75182af96dc8a8f1db395f922bbc9f6ca603672686086b" > > >>> > +SRC_URI[sha256sum] = > "910211c07255a8c5ad654391b40ee59800710dd8119dd5362de09385aa7a777c" > > >>> > > > >>> > CVE_STATUS[CVE-2007-2768] = "not-applicable-config: This CVE is > specific to OpenSSH with the pam opie which we don't build/use here." > > >>> > > > >>> > -- > > >>> > 2.34.1 > > >>> > > > >>> > > >>> > > > >>> > > > >>> > > > >>> > > >>> > > >>> -- > > >>> Alexandre Belloni, co-owner and COO, Bootlin > > >>> Embedded Linux and Kernel engineering > > >>> https://bootlin.com > > >> > > >> > > >> -=-=-=-=-=-=-=-=-=-=-=- > > >> Links: You receive all messages sent to this group. > > >> View/Reply Online (#194821): > https://lists.openembedded.org/g/openembedded-core/message/194821 > > >> Mute This Topic: https://lists.openembedded.org/mt/103546397/924729 > > >> Group Owner: openembedded-core+owner@lists.openembedded.org > > >> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub > [ticotimo@gmail.com] > > >> -=-=-=-=-=-=-=-=-=-=-=- > > >> >
On Sun, Feb 4, 2024 at 6:48 AM Tim Orling via lists.openembedded.org <ticotimo=gmail.com@lists.openembedded.org> wrote: > > > On Sun, Feb 4, 2024 at 12:14 AM Khem Raj <raj.khem@gmail.com> wrote: > >> On Sat, Feb 3, 2024 at 7:39 PM Khem Raj <raj.khem@gmail.com> wrote: >> > >> > On Sat, Feb 3, 2024 at 5:20 PM Tim Orling <ticotimo@gmail.com> wrote: >> > > >> > > The errors on mips32 are internal compiler errors (ICE): >> > > moduli.c:814:1: internal compiler error: in int_mode_for_mode, at >> stor-layout.cc:407 >> > > progressmeter.c:238:1: internal compiler error: in int_mode_for_mode, >> at stor-layout.cc:407 >> > > clientloop.c:1699:1: internal compiler error: in int_mode_for_mode, >> at stor-layout.cc:407 >> > > >> > > (There are also a lot of OpenSSL 3.0 deprecation warnings, but I >> think the ICE are what is failing the build). >> > > >> > > Full log.do_compile attached. >> > > >> > > There are a handful of similar bug reports like: >> > > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104820 >> > > >> > > Any advice to help report this properly is appreciated. Any ideas to >> fix it are even better. >> > >> > Looks like gcc issue but try the patch proposed in this bug >> > https://bugzilla.mindrot.org/show_bug.cgi?id=3645 >> > >> > This patch - >> https://bugzilla.mindrot.org/attachment.cgi?id=3776&action=diff >> > >> > See if it helps. >> >> Its also applied upstream see >> >> https://github.com/openssh/openssh-portable/commit/1036d77b34a5fa15e56f516b81b9928006848cbd > > > And that was merged after 9.6p1 > https://github.com/openssh/openssh-portable/compare/V_9_6_P1...master > > That didn't change the ICE behavior, but for some mysterious reason (added just per instructions to file a bug with gcc): CFLAGS:append:mips = " -freport-bug --save-temps" made the build successful? https://git.yoctoproject.org/poky-contrib/log/?h=timo/openssh-9.6p1-mips (I also tried without the patch above to prove it is the CFLAGS that made it compilable). Voodoo. > >> <https://github.com/openssh/openssh-portable/commit/1036d77b34a5fa15e56f516b81b9928006848cbd> >> >> > >> > > >> > > --Tim >> > > >> > > On Fri, Feb 2, 2024 at 4:11 PM Tim Orling via lists.openembedded.org >> <ticotimo=gmail.com@lists.openembedded.org> wrote: >> > >> >> > >> >> > >> >> > >> On Fri, Feb 2, 2024 at 3:12 PM Alexandre Belloni < >> alexandre.belloni@bootlin.com> wrote: >> > >>> >> > >>> >> https://autobuilder.yoctoproject.org/typhoon/#/builders/102/builds/5751/steps/13/logs/stdio >> > >> >> > >> >> > >> Thank you, Alexandre. I’ll try to find a fix for this mips issue. If >> anyone else stumbles on it first, I’m happy to take guidance. >> > >>> >> > >>> >> > >>> On 05/01/2024 08:55:55-0800, Tim Orling wrote: >> > >>> > * Relocate Upstream-Status in >> 0001-regress-banner.sh-log-input-and-output-files-on-erro.patch >> > >>> > so it will not throw an error in AUH >> > >>> > >> > >>> > https://www.openssh.com/txt/release-9.6 >> > >>> > >> https://github.com/openssh/openssh-portable/compare/V_9_5_P1...V_9_6_P1 >> > >>> > >> > >>> > https://nvd.nist.gov/vuln/detail/CVE-2023-48795 >> > >>> > https://nvd.nist.gov/vuln/detail/CVE-2023-51384 >> > >>> > https://nvd.nist.gov/vuln/detail/CVE-2023-51385 >> > >>> > >> > >>> > CVE: CVE-2023-48795 >> > >>> > CVE: CVE-2023-51384 >> > >>> > CVE: CVE-2023-51385 >> > >>> > >> > >>> > Signed-off-by: Tim Orling <tim.orling@konsulko.com> >> > >>> > --- >> > >>> > All ptests passed on core-image-ptest-openssh on qemux86-64 >> > >>> > >> > >>> > ...regress-banner.sh-log-input-and-output-files-on-erro.patch | >> 4 ++-- >> > >>> > .../openssh/{openssh_9.5p1.bb => openssh_9.6p1.bb} | >> 2 +- >> > >>> > 2 files changed, 3 insertions(+), 3 deletions(-) >> > >>> > rename meta/recipes-connectivity/openssh/{openssh_9.5p1.bb => >> openssh_9.6p1.bb} (98%) >> > >>> > >> > >>> > diff --git >> a/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch >> b/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch >> > >>> > index 2c14014fed8..8763f30f4b3 100644 >> > >>> > --- >> a/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch >> > >>> > +++ >> b/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch >> > >>> > @@ -34,13 +34,13 @@ return value: 1 >> > >>> > >> > >>> > See: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15178 >> > >>> > >> > >>> > +Upstream-Status: Denied [ >> https://github.com/openssh/openssh-portable/pull/437] >> > >>> > + >> > >>> > Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> >> > >>> > --- >> > >>> > regress/banner.sh | 4 +++- >> > >>> > 1 file changed, 3 insertions(+), 1 deletion(-) >> > >>> > >> > >>> > -Upstream-Status: Denied [ >> https://github.com/openssh/openssh-portable/pull/437] >> > >>> > - >> > >>> > diff --git a/regress/banner.sh b/regress/banner.sh >> > >>> > index a84feb5a..de84957a 100644 >> > >>> > --- a/regress/banner.sh >> > >>> > diff --git a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb >> b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb >> > >>> > similarity index 98% >> > >>> > rename from meta/recipes-connectivity/openssh/openssh_9.5p1.bb >> > >>> > rename to meta/recipes-connectivity/openssh/openssh_9.6p1.bb >> > >>> > index bbb8fb091ad..fa44eb0bd4e 100644 >> > >>> > --- a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb >> > >>> > +++ b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb >> > >>> > @@ -28,7 +28,7 @@ SRC_URI = " >> http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar >> > >>> > >> file://0001-regress-banner.sh-log-input-and-output-files-on-erro.patch \ >> > >>> > >> file://0001-systemd-Add-optional-support-for-systemd-sd_notify.patch \ >> > >>> > " >> > >>> > -SRC_URI[sha256sum] = >> "f026e7b79ba7fb540f75182af96dc8a8f1db395f922bbc9f6ca603672686086b" >> > >>> > +SRC_URI[sha256sum] = >> "910211c07255a8c5ad654391b40ee59800710dd8119dd5362de09385aa7a777c" >> > >>> > >> > >>> > CVE_STATUS[CVE-2007-2768] = "not-applicable-config: This CVE is >> specific to OpenSSH with the pam opie which we don't build/use here." >> > >>> > >> > >>> > -- >> > >>> > 2.34.1 >> > >>> > >> > >>> >> > >>> > >> > >>> > >> > >>> > >> > >>> >> > >>> >> > >>> -- >> > >>> Alexandre Belloni, co-owner and COO, Bootlin >> > >>> Embedded Linux and Kernel engineering >> > >>> https://bootlin.com >> > >> >> > >> >> > >> >> > >> >> > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#194892): > https://lists.openembedded.org/g/openembedded-core/message/194892 > Mute This Topic: https://lists.openembedded.org/mt/103546397/924729 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [ > ticotimo@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- > >
On Sun, Feb 4, 2024 at 8:32 AM Tim Orling <ticotimo@gmail.com> wrote: > > > > On Sun, Feb 4, 2024 at 6:48 AM Tim Orling via lists.openembedded.org <ticotimo=gmail.com@lists.openembedded.org> wrote: >> >> >> >> On Sun, Feb 4, 2024 at 12:14 AM Khem Raj <raj.khem@gmail.com> wrote: >>> >>> On Sat, Feb 3, 2024 at 7:39 PM Khem Raj <raj.khem@gmail.com> wrote: >>> > >>> > On Sat, Feb 3, 2024 at 5:20 PM Tim Orling <ticotimo@gmail.com> wrote: >>> > > >>> > > The errors on mips32 are internal compiler errors (ICE): >>> > > moduli.c:814:1: internal compiler error: in int_mode_for_mode, at stor-layout.cc:407 >>> > > progressmeter.c:238:1: internal compiler error: in int_mode_for_mode, at stor-layout.cc:407 >>> > > clientloop.c:1699:1: internal compiler error: in int_mode_for_mode, at stor-layout.cc:407 >>> > > >>> > > (There are also a lot of OpenSSL 3.0 deprecation warnings, but I think the ICE are what is failing the build). >>> > > >>> > > Full log.do_compile attached. >>> > > >>> > > There are a handful of similar bug reports like: >>> > > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104820 >>> > > >>> > > Any advice to help report this properly is appreciated. Any ideas to fix it are even better. >>> > >>> > Looks like gcc issue but try the patch proposed in this bug >>> > https://bugzilla.mindrot.org/show_bug.cgi?id=3645 >>> > >>> > This patch - https://bugzilla.mindrot.org/attachment.cgi?id=3776&action=diff >>> > >>> > See if it helps. >>> >>> Its also applied upstream see >>> https://github.com/openssh/openssh-portable/commit/1036d77b34a5fa15e56f516b81b9928006848cbd >> >> >> And that was merged after 9.6p1 >> https://github.com/openssh/openssh-portable/compare/V_9_6_P1...master >> > That didn't change the ICE behavior, but for some mysterious reason (added just per instructions to file a bug with gcc): > CFLAGS:append:mips = " -freport-bug --save-temps" > made the build successful? Can you compare the configure logs before and after adding this option ? its likely that some config option changed > https://git.yoctoproject.org/poky-contrib/log/?h=timo/openssh-9.6p1-mips > (I also tried without the patch above to prove it is the CFLAGS that made it compilable). > Voodoo. > >>> >>> >>> >>> > >>> > > >>> > > --Tim >>> > > >>> > > On Fri, Feb 2, 2024 at 4:11 PM Tim Orling via lists.openembedded.org <ticotimo=gmail.com@lists.openembedded.org> wrote: >>> > >> >>> > >> >>> > >> >>> > >> On Fri, Feb 2, 2024 at 3:12 PM Alexandre Belloni <alexandre.belloni@bootlin.com> wrote: >>> > >>> >>> > >>> https://autobuilder.yoctoproject.org/typhoon/#/builders/102/builds/5751/steps/13/logs/stdio >>> > >> >>> > >> >>> > >> Thank you, Alexandre. I’ll try to find a fix for this mips issue. If anyone else stumbles on it first, I’m happy to take guidance. >>> > >>> >>> > >>> >>> > >>> On 05/01/2024 08:55:55-0800, Tim Orling wrote: >>> > >>> > * Relocate Upstream-Status in 0001-regress-banner.sh-log-input-and-output-files-on-erro.patch >>> > >>> > so it will not throw an error in AUH >>> > >>> > >>> > >>> > https://www.openssh.com/txt/release-9.6 >>> > >>> > https://github.com/openssh/openssh-portable/compare/V_9_5_P1...V_9_6_P1 >>> > >>> > >>> > >>> > https://nvd.nist.gov/vuln/detail/CVE-2023-48795 >>> > >>> > https://nvd.nist.gov/vuln/detail/CVE-2023-51384 >>> > >>> > https://nvd.nist.gov/vuln/detail/CVE-2023-51385 >>> > >>> > >>> > >>> > CVE: CVE-2023-48795 >>> > >>> > CVE: CVE-2023-51384 >>> > >>> > CVE: CVE-2023-51385 >>> > >>> > >>> > >>> > Signed-off-by: Tim Orling <tim.orling@konsulko.com> >>> > >>> > --- >>> > >>> > All ptests passed on core-image-ptest-openssh on qemux86-64 >>> > >>> > >>> > >>> > ...regress-banner.sh-log-input-and-output-files-on-erro.patch | 4 ++-- >>> > >>> > .../openssh/{openssh_9.5p1.bb => openssh_9.6p1.bb} | 2 +- >>> > >>> > 2 files changed, 3 insertions(+), 3 deletions(-) >>> > >>> > rename meta/recipes-connectivity/openssh/{openssh_9.5p1.bb => openssh_9.6p1.bb} (98%) >>> > >>> > >>> > >>> > diff --git a/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch b/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch >>> > >>> > index 2c14014fed8..8763f30f4b3 100644 >>> > >>> > --- a/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch >>> > >>> > +++ b/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch >>> > >>> > @@ -34,13 +34,13 @@ return value: 1 >>> > >>> > >>> > >>> > See: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15178 >>> > >>> > >>> > >>> > +Upstream-Status: Denied [https://github.com/openssh/openssh-portable/pull/437] >>> > >>> > + >>> > >>> > Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> >>> > >>> > --- >>> > >>> > regress/banner.sh | 4 +++- >>> > >>> > 1 file changed, 3 insertions(+), 1 deletion(-) >>> > >>> > >>> > >>> > -Upstream-Status: Denied [https://github.com/openssh/openssh-portable/pull/437] >>> > >>> > - >>> > >>> > diff --git a/regress/banner.sh b/regress/banner.sh >>> > >>> > index a84feb5a..de84957a 100644 >>> > >>> > --- a/regress/banner.sh >>> > >>> > diff --git a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb >>> > >>> > similarity index 98% >>> > >>> > rename from meta/recipes-connectivity/openssh/openssh_9.5p1.bb >>> > >>> > rename to meta/recipes-connectivity/openssh/openssh_9.6p1.bb >>> > >>> > index bbb8fb091ad..fa44eb0bd4e 100644 >>> > >>> > --- a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb >>> > >>> > +++ b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb >>> > >>> > @@ -28,7 +28,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar >>> > >>> > file://0001-regress-banner.sh-log-input-and-output-files-on-erro.patch \ >>> > >>> > file://0001-systemd-Add-optional-support-for-systemd-sd_notify.patch \ >>> > >>> > " >>> > >>> > -SRC_URI[sha256sum] = "f026e7b79ba7fb540f75182af96dc8a8f1db395f922bbc9f6ca603672686086b" >>> > >>> > +SRC_URI[sha256sum] = "910211c07255a8c5ad654391b40ee59800710dd8119dd5362de09385aa7a777c" >>> > >>> > >>> > >>> > CVE_STATUS[CVE-2007-2768] = "not-applicable-config: This CVE is specific to OpenSSH with the pam opie which we don't build/use here." >>> > >>> > >>> > >>> > -- >>> > >>> > 2.34.1 >>> > >>> > >>> > >>> >>> > >>> > >>> > >>> > >>> > >>> > >>> > >>> >>> > >>> >>> > >>> -- >>> > >>> Alexandre Belloni, co-owner and COO, Bootlin >>> > >>> Embedded Linux and Kernel engineering >>> > >>> https://bootlin.com >>> > >> >>> > >> >>> > >> >>> > >> >> >> >> -=-=-=-=-=-=-=-=-=-=-=- >> Links: You receive all messages sent to this group. >> View/Reply Online (#194892): https://lists.openembedded.org/g/openembedded-core/message/194892 >> Mute This Topic: https://lists.openembedded.org/mt/103546397/924729 >> Group Owner: openembedded-core+owner@lists.openembedded.org >> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [ticotimo@gmail.com] >> -=-=-=-=-=-=-=-=-=-=-=- >>
diff --git a/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch b/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch index 2c14014fed8..8763f30f4b3 100644 --- a/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch +++ b/meta/recipes-connectivity/openssh/openssh/0001-regress-banner.sh-log-input-and-output-files-on-erro.patch @@ -34,13 +34,13 @@ return value: 1 See: https://bugzilla.yoctoproject.org/show_bug.cgi?id=15178 +Upstream-Status: Denied [https://github.com/openssh/openssh-portable/pull/437] + Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> --- regress/banner.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) -Upstream-Status: Denied [https://github.com/openssh/openssh-portable/pull/437] - diff --git a/regress/banner.sh b/regress/banner.sh index a84feb5a..de84957a 100644 --- a/regress/banner.sh diff --git a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb similarity index 98% rename from meta/recipes-connectivity/openssh/openssh_9.5p1.bb rename to meta/recipes-connectivity/openssh/openssh_9.6p1.bb index bbb8fb091ad..fa44eb0bd4e 100644 --- a/meta/recipes-connectivity/openssh/openssh_9.5p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb @@ -28,7 +28,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar file://0001-regress-banner.sh-log-input-and-output-files-on-erro.patch \ file://0001-systemd-Add-optional-support-for-systemd-sd_notify.patch \ " -SRC_URI[sha256sum] = "f026e7b79ba7fb540f75182af96dc8a8f1db395f922bbc9f6ca603672686086b" +SRC_URI[sha256sum] = "910211c07255a8c5ad654391b40ee59800710dd8119dd5362de09385aa7a777c" CVE_STATUS[CVE-2007-2768] = "not-applicable-config: This CVE is specific to OpenSSH with the pam opie which we don't build/use here."
* Relocate Upstream-Status in 0001-regress-banner.sh-log-input-and-output-files-on-erro.patch so it will not throw an error in AUH https://www.openssh.com/txt/release-9.6 https://github.com/openssh/openssh-portable/compare/V_9_5_P1...V_9_6_P1 https://nvd.nist.gov/vuln/detail/CVE-2023-48795 https://nvd.nist.gov/vuln/detail/CVE-2023-51384 https://nvd.nist.gov/vuln/detail/CVE-2023-51385 CVE: CVE-2023-48795 CVE: CVE-2023-51384 CVE: CVE-2023-51385 Signed-off-by: Tim Orling <tim.orling@konsulko.com> --- All ptests passed on core-image-ptest-openssh on qemux86-64 ...regress-banner.sh-log-input-and-output-files-on-erro.patch | 4 ++-- .../openssh/{openssh_9.5p1.bb => openssh_9.6p1.bb} | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) rename meta/recipes-connectivity/openssh/{openssh_9.5p1.bb => openssh_9.6p1.bb} (98%)