From patchwork Sat Nov 4 03:12:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: auh@yoctoproject.org X-Patchwork-Id: 33765 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id EDD53C001DB for ; Sat, 4 Nov 2023 03:13:04 +0000 (UTC) Received: from a27-30.smtp-out.us-west-2.amazonses.com (a27-30.smtp-out.us-west-2.amazonses.com [54.240.27.30]) by mx.groups.io with SMTP id smtpd.web11.3434.1699067575486869768 for ; Fri, 03 Nov 2023 20:12:55 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@yoctoproject.org header.s=lvjh2tk576v2ro5mi6k4dt3mc6wpqbky header.b=hk5iYIJs; dkim=pass header.i=@amazonses.com header.s=hsbnp7p3ensaochzwyq5wwmceodymuwv header.b=Dxfv8PR/; spf=pass (domain: us-west-2.amazonses.com, ip: 54.240.27.30, mailfrom: 0101018b9851b9e9-92709dc5-5b99-464b-a606-9c3804b8e864-000000@us-west-2.amazonses.com) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=lvjh2tk576v2ro5mi6k4dt3mc6wpqbky; d=yoctoproject.org; t=1699067574; h=Content-Type:MIME-Version:From:To:Cc:Subject:Message-Id:Date; bh=tX1vqz0H9J/SExomfZrh9ItQzuP+YimsHZ5d7uNNwFg=; b=hk5iYIJsd5LWk/FAfFXCxOvcq32+Dl9sQJ4ZJIfL6GXgLBYswkeR8/0ZAxcGPoE8 TdhcGJ4c+RkGJek/ZVMpGkucXpAbeihPwEnteJo/SeLti9nIn80gbr8tJreg8sZZBJ+ MSZfjGl6f0prooVrFKNnYr63ITLcgEUbLnXeUUUk= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple; s=hsbnp7p3ensaochzwyq5wwmceodymuwv; d=amazonses.com; t=1699067574; h=Content-Type:MIME-Version:From:To:Cc:Subject:Message-Id:Date:Feedback-ID; bh=tX1vqz0H9J/SExomfZrh9ItQzuP+YimsHZ5d7uNNwFg=; b=Dxfv8PR/5yqmEoT1mW989kyPH4x6hGCmq8Qxva6d+d4AEdGR/yCHxZqu5n0cwvuP whqgbPc1UjuBfVyJ4sSpp3hUs2FbmTJm3gwaMvSECSDbPhwDG10PEei5Pydw1wzNFs+ jYp5XN7gZB2HI0l04GaZry8glKTNKK3ukbVACV5A= MIME-Version: 1.0 From: auh@yoctoproject.org To: Forced@yoctoproject.org, maintainer@yoctoproject.org, for@yoctoproject.org, AUH@yoctoproject.org Cc: openembedded-devel@lists.openembedded.org Subject: [AUH] openvpn: upgrading to 2.6.6 SUCCEEDED Message-ID: <0101018b9851b9e9-92709dc5-5b99-464b-a606-9c3804b8e864-000000@us-west-2.amazonses.com> Date: Sat, 4 Nov 2023 03:12:54 +0000 Feedback-ID: 1.us-west-2.9np3MYPs3fEaOBysGKSlUD4KtcmPijcmS9Az2Hwf7iQ=:AmazonSES X-SES-Outgoing: 2023.11.04-54.240.27.30 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 04 Nov 2023 03:13:04 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/106225 Hello, this email is a notification from the Auto Upgrade Helper that the automatic attempt to upgrade the recipe *openvpn* to *2.6.6* has Succeeded. Next steps: - apply the patch: git am 0001-openvpn-upgrade-2.6.3-2.6.6.patch - check the changes to upstream patches and summarize them in the commit message, - compile an image that contains the package - perform some basic sanity tests - amend the patch and sign it off: git commit -s --reset-author --amend - send it to the appropriate mailing list Alternatively, if you believe the recipe should not be upgraded at this time, you can fill RECIPE_NO_UPDATE_REASON in respective recipe file so that automatic upgrades would no longer be attempted. Please review the attached files for further information and build/update failures. Any problem please file a bug at https://bugzilla.yoctoproject.org/enter_bug.cgi?product=Automated%20Update%20Handler Regards, The Upgrade Helper -- >8 -- From c108569fe2e9d2c7e341273cc6ca7a9e51944056 Mon Sep 17 00:00:00 2001 From: Upgrade Helper Date: Sat, 4 Nov 2023 02:46:06 +0000 Subject: [PATCH] openvpn: upgrade 2.6.3 -> 2.6.6 --- .../{openvpn_2.6.3.bb => openvpn_2.6.6.bb} | 71 ++++++++++++++++++- 1 file changed, 69 insertions(+), 2 deletions(-) rename meta-networking/recipes-support/openvpn/{openvpn_2.6.3.bb => openvpn_2.6.6.bb} (47%) diff --git a/meta-networking/recipes-support/openvpn/openvpn_2.6.3.bb b/meta-networking/recipes-support/openvpn/openvpn_2.6.6.bb similarity index 47% rename from meta-networking/recipes-support/openvpn/openvpn_2.6.3.bb rename to meta-networking/recipes-support/openvpn/openvpn_2.6.6.bb index a5fc15874..bfa419235 100644 --- a/meta-networking/recipes-support/openvpn/openvpn_2.6.3.bb +++ b/meta-networking/recipes-support/openvpn/openvpn_2.6.6.bb @@ -1,8 +1,75 @@ +# FIXME: the LIC_FILES_CHKSUM values have been updated by 'devtool upgrade'. +# The following is the difference between the old and the new license text. +# Please update the LICENSE value if needed, and summarize the changes in +# the commit message via 'License-Update:' tag. +# (example: 'License-Update: copyright years updated.') +# +# The changes: +# +# --- COPYING +# +++ COPYING +# @@ -30,6 +30,53 @@ +# this file, you may extend this exception to your version of the +# file, but you are not obligated to do so. If you do not wish to +# do so, delete this exception statement from your version. +# + +# +Apache2 linking exception: +# +--------------------------- +# +OpenVPN is currently undergoing a license change to add an exception for +# +Apache 2 linking. The following exception is only valid for new contributions +# +after 2023-05-03 and past contribution where the authors have already agreed +# +to the exception. +# + +# + In addition, as a special exception, OpenVPN Inc and the +# + contributors give permission to link the code of this program to +# + libraries (the "Libraries") licensed under the Apache License +# + version 2.0 (this work and any linked library the "Combined Work") +# + and copy and distribute the Combined Work without an obligation to +# + license the Libraries under the GNU General Public License v2 +# + (GPL-2.0) as required by Section 2 of the GPL-2.0, and without an +# + obligation to refrain from imposing any additional restrictions in +# + the Apache License version 2 that are not in the GPL-2.0, as +# + required by Section 6 of the GPL-2.0. You must comply with the +# + GPL-2.0 in all other respects for the Combined Work, including +# + the obligation to provide source code. If you modify this file, you +# + may extend this exception to your version of the file, but you are +# + not obligated to do so. If you do not wish to do so, delete this +# + exception statement from your version. +# + +# +For better understanding, in plain non-legalese English this basically says: +# + +# + * The intention for this license exception is to allow OpenVPN to be +# + linked against APL-2 licensed libraries, even where the GPL-2.0 and +# + APL-2 licenses conflict from a legal perspective. +# + +# + * OpenVPN itself will stay GPL-2.0 and the code belonging to the +# + OpenVPN project must comply to the GPL-2.0 license. This is NOT +# + dual-licensing of the OpenVPN code base. +# + +# + * This license exception DOES NOT require NOR expect a license change +# + of the APL-2 based library. This exception allows using the APL-2 +# + library as-is. However, when distributing a compiled OpenVPN binary +# + linking against APL-2 libraries ("Combined Work"), the REQUIREMENT is +# + that the APL-2 library MUST also be available on similar terms as in +# + GPL-2.0, like providing the source code of the library upon request, +# + except in the two specific ways mentioned. +# + +# + * If the APL-2 based library forbids such linking and distribution, +# + this license exception DOES NOT overrule the restriction of the APL-2 +# + based library. If the APL-2 library cannot satisfy the requirements +# + in this license exception, you CANNOT distribute an OpenVPN binary +# + linked with this library. +# +# LZO license: +# ------------ +# +# + SUMMARY = "A full-featured SSL VPN solution via tun device." HOMEPAGE = "https://openvpn.net/" SECTION = "net" LICENSE = "GPL-2.0-only" -LIC_FILES_CHKSUM = "file://COPYING;md5=3170e982baae61dbb8de963317d1ac94" +LIC_FILES_CHKSUM = "file://COPYING;md5=d8d34ce6390552676e4ce8279f13c48a" DEPENDS = "lzo lz4 openssl iproute2 libcap-ng ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" inherit autotools systemd update-rc.d pkgconfig @@ -14,7 +81,7 @@ SRC_URI = "http://swupdate.openvpn.org/community/releases/${BP}.tar.gz \ UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads" -SRC_URI[sha256sum] = "13b207a376d8880507c74ff78aabc3778a9da47c89f1e247dcee3c7237138ff6" +SRC_URI[sha256sum] = "3b074f392818b31aa529b84f76e8b5e4ad03fca764924f46d906bceaaf421034" CVE_STATUS[CVE-2020-27569] = "not-applicable-config: Applies only Aviatrix OpenVPN client, not openvpn"