[kirkstone,06/22] logrotate: upgrade 3.19.0 -> 3.20.1

Message ID	190457be2ee24a99da3a6383233ccc4b76dd2b0c.1654698895.git.steve@sakoman.com
State	Accepted, archived
Commit	190457be2ee24a99da3a6383233ccc4b76dd2b0c
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.214.175, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 06/22] logrotate: upgrade 3.19.0 -> 3.20.1 Date: Wed, 8 Jun 2022 04:39:19 -1000 Message-Id: <190457be2ee24a99da3a6383233ccc4b76dd2b0c.1654698895.git.steve@sakoman.com> In-Reply-To: <cover.1654698895.git.steve@sakoman.com> References: <cover.1654698895.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[kirkstone,01/22] cve-check: move update_symlinks to a library \| expand [kirkstone,01/22] cve-check: move update_symlinks to a library [kirkstone,02/22] cve-check: write empty fragment files in the text mode [kirkstone,03/22] cve-check: fix return type in check_cves [kirkstone,04/22] cve-update-db-native: make it possible to disable database updates [kirkstone,05/22] cups: upgrade 2.4.1 -> 2.4.2 [kirkstone,06/22] logrotate: upgrade 3.19.0 -> 3.20.1 [kirkstone,07/22] glib-2.0: upgrade 2.72.1 -> 2.72.2 [kirkstone,08/22] libxkbcommon: upgrade 1.4.0 -> 1.4.1 [kirkstone,09/22] gtk+3: upgrade 3.24.33 -> 3.24.34 [kirkstone,10/22] webkitgtk: upgrade 2.36.1 -> 2.36.3 [kirkstone,11/22] linux-firmware: package new Qualcomm firmware [kirkstone,12/22] linux-firmware: split ath3k firmware [kirkstone,13/22] patch.py: make sure that patches/series file exists before quilt pop [kirkstone,14/22] openssl: Backport fix for ptest cert expiry [kirkstone,15/22] gcc: depend on zstd-native [kirkstone,16/22] gcc-cross-canadian: Add nativesdk-zstd dependency [kirkstone,17/22] perl: Fix build with gcc-12 [kirkstone,18/22] kernel-yocto.bbclass: Reset to exiting on non-zero return code at end of task [kirkstone,19/22] alsa-plugins: fix libavtp vs. avtp packageconfig [kirkstone,20/22] libseccomp: Correct LIC_FILES_CHKSUM [kirkstone,21/22] license.bbclass: Bound beginline and endline in copy_license_files() [kirkstone,22/22] rootfs.py: find .ko.zst kernel modules

Message ID

190457be2ee24a99da3a6383233ccc4b76dd2b0c.1654698895.git.steve@sakoman.com

State

Accepted, archived

Commit

190457be2ee24a99da3a6383233ccc4b76dd2b0c

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 06/22] logrotate: upgrade 3.19.0 -> 3.20.1
Date: Wed,  8 Jun 2022 04:39:19 -1000
Message-Id: 
 <190457be2ee24a99da3a6383233ccc4b76dd2b0c.1654698895.git.steve@sakoman.com>
In-Reply-To: <cover.1654698895.git.steve@sakoman.com>
References: <cover.1654698895.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[kirkstone,01/22] cve-check: move update_symlinks to a library | expand

Commit Message

Steve Sakoman June 8, 2022, 2:39 p.m. UTC

From: wangmy <wangmy@fujitsu.com>

Changelog:
=========
drop world-readable permission on state file even when ACLs are enabled (#446)
fix potential DoS from unprivileged users via the state file (CVE-2022-1348)
fix a misleading debug message with copytruncate and rotate 0 (#443)
add support for unsigned time_t (#438)
do not lock state file /dev/null (#433)

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 391fdcf742c4669c1c4654f9b022b3d277aa0038)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../logrotate/{logrotate_3.19.0.bb => logrotate_3.20.1.bb}      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-extended/logrotate/{logrotate_3.19.0.bb => logrotate_3.20.1.bb} (97%)

diff --git a/meta/recipes-extended/logrotate/logrotate_3.19.0.bb b/meta/recipes-extended/logrotate/logrotate_3.20.1.bb
similarity index 97%
rename from meta/recipes-extended/logrotate/logrotate_3.19.0.bb
rename to meta/recipes-extended/logrotate/logrotate_3.20.1.bb
index 2a60d9b31f..35977535aa 100644
--- a/meta/recipes-extended/logrotate/logrotate_3.19.0.bb
+++ b/meta/recipes-extended/logrotate/logrotate_3.20.1.bb
@@ -15,7 +15,7 @@  UPSTREAM_CHECK_REGEX = "logrotate-(?P<pver>\d+(\.\d+)+).tar"
 
 SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BP}.tar.xz"
 
-SRC_URI[sha256sum] = "ddd5274d684c5c99ca724e8069329f343ebe376e07493d537d9effdc501214ba"
+SRC_URI[sha256sum] = "742f6d6e18eceffa49a4bacd933686d3e42931cfccfb694d7f6369b704e5d094"
 
 # These CVEs are debian, gentoo or SUSE specific on the way logrotate was installed/used
 CVE_CHECK_IGNORE += "CVE-2011-1548 CVE-2011-1549 CVE-2011-1550"

[kirkstone,06/22] logrotate: upgrade 3.19.0 -> 3.20.1

Commit Message

Patch