From patchwork Fri Sep 8 13:46:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 30206 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 949A4EE7FF8 for ; Fri, 8 Sep 2023 13:47:17 +0000 (UTC) Received: from mail-pf1-f175.google.com (mail-pf1-f175.google.com [209.85.210.175]) by mx.groups.io with SMTP id smtpd.web11.39460.1694180832360629657 for ; Fri, 08 Sep 2023 06:47:12 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=mEcM3Sb4; spf=softfail (domain: sakoman.com, ip: 209.85.210.175, mailfrom: steve@sakoman.com) Received: by mail-pf1-f175.google.com with SMTP id d2e1a72fcca58-68a3f1d8be2so1801811b3a.3 for ; Fri, 08 Sep 2023 06:47:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1694180831; x=1694785631; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=PuySdMYXD3bxekEucAQ9gqAvKWUolmqMEB7eH5A5ejs=; b=mEcM3Sb4M8iQgO1FGYCU76YaRBC+WvUmgUDYvYiZsCbM5Iwe7FLaQWEmjwDL0yRF8N XD47ajir7DH/xTyNlrhLUPGVU24su1PhtUiHzRmvoHgLxew0AyzWBQt5aOHB8EZXEgkz Gc7lb41tVLzCRrdUWCdCq/olf6COawNpBPzXWAqP822O69dDCisDuo4xEBOC90QBo5I/ 6gwVWYKVZWneARE1r50dx1+Axp/7QGNIvuVfJtqIeACcQWereXvU++9vZwuykPBW4REj ASWzb/fbThsIgvI5vYsJXTVOsnuy+wZoCrMrfX9bgKG0upULcNE48roHn7UKFDpbJI7m ZahQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694180831; x=1694785631; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=PuySdMYXD3bxekEucAQ9gqAvKWUolmqMEB7eH5A5ejs=; b=o/ExaynjeZgcrZu/tSmbZe9ilMPOJ1UjSlVjkfxXCSa03aYOEnKWUrTQIbV+8/kEZs gkqTDQtHtvekjd2wUXRGkpnwwCvZJo7tVbC/2ogRx3IKJZtCe1D4S/DApcY4O49VzFSL bHIvkuSalfY9a9giO4rOl1MfZK87r+shqrVvhvI60J40jD8AZHnpf+ukPJctbFhl44DP TjZ3cOylaRe2DiCILHl/Vp/YJWShkbr/75BWgSShnPbrlgevTgHVtYA4SxMvlvdsStiQ hPKZwaWvQSes2y3Pqd9tiu80a/+GDNVnDOCvm5vgJMZdsJ0BWVBNmFKvnahawM5f8PC+ vLqw== X-Gm-Message-State: AOJu0YxeEZS4/jXaDHeItsV6m0h/OsZeHeogK1P25P86BXTSjtVM5HT9 dZ9xGtT36w2VIst9xyFJ/oWgl8qj84mH4cjyLMo= X-Google-Smtp-Source: AGHT+IHWERRW3CJNkaz3q8CbRaKY404sAl1+q9O74lXv931/ZmaETQRKj3VRAn/1084FcuMw2vrxeA== X-Received: by 2002:a05:6a00:24cf:b0:68a:4568:29a with SMTP id d15-20020a056a0024cf00b0068a4568029amr2537444pfv.29.1694180831406; Fri, 08 Sep 2023 06:47:11 -0700 (PDT) Received: from xps13.. ([65.154.164.134]) by smtp.gmail.com with ESMTPSA id x18-20020a056a00271200b00653fe2d527esm1344828pfv.32.2023.09.08.06.47.10 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 08 Sep 2023 06:47:11 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 1/9] libssh2: fix CVE-2020-22218 Date: Fri, 8 Sep 2023 03:46:52 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 08 Sep 2023 13:47:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/187423 From: Chee Yang Lee Signed-off-by: Chee Yang Lee Signed-off-by: Steve Sakoman --- .../libssh2/libssh2/CVE-2020-22218.patch | 34 +++++++++++++++++++ .../recipes-support/libssh2/libssh2_1.10.0.bb | 1 + 2 files changed, 35 insertions(+) create mode 100644 meta/recipes-support/libssh2/libssh2/CVE-2020-22218.patch diff --git a/meta/recipes-support/libssh2/libssh2/CVE-2020-22218.patch b/meta/recipes-support/libssh2/libssh2/CVE-2020-22218.patch new file mode 100644 index 0000000000..066233fcae --- /dev/null +++ b/meta/recipes-support/libssh2/libssh2/CVE-2020-22218.patch @@ -0,0 +1,34 @@ +CVE: CVE-2020-22218 +Upstream-Status: Backport [ https://github.com/libssh2/libssh2/commit/642eec48ff3adfdb7a9e562b6d7fc865d1733f45 ] +Signed-off-by: Lee Chee Yang + + +From 642eec48ff3adfdb7a9e562b6d7fc865d1733f45 Mon Sep 17 00:00:00 2001 +From: lutianxiong +Date: Fri, 29 May 2020 01:25:40 +0800 +Subject: [PATCH] transport.c: fix use-of-uninitialized-value (#476) + +file:transport.c + +notes: +return error if malloc(0) + +credit: +lutianxiong +--- + src/transport.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/transport.c b/src/transport.c +index 96fca6b8cc..adf96c2437 100644 +--- a/src/transport.c ++++ b/src/transport.c +@@ -472,7 +472,7 @@ int _libssh2_transport_read(LIBSSH2_SESSION * session) + /* Get a packet handle put data into. We get one to + hold all data, including padding and MAC. */ + p->payload = LIBSSH2_ALLOC(session, total_num); +- if(!p->payload) { ++ if(total_num == 0 || !p->payload) { + return LIBSSH2_ERROR_ALLOC; + } + p->total_num = total_num; diff --git a/meta/recipes-support/libssh2/libssh2_1.10.0.bb b/meta/recipes-support/libssh2/libssh2_1.10.0.bb index d5513373b0..8483a292c2 100644 --- a/meta/recipes-support/libssh2/libssh2_1.10.0.bb +++ b/meta/recipes-support/libssh2/libssh2_1.10.0.bb @@ -10,6 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=3e089ad0cf27edf1e7f261dfcd06acc7" SRC_URI = "http://www.libssh2.org/download/${BP}.tar.gz \ file://fix-ssh2-test.patch \ file://run-ptest \ + file://CVE-2020-22218.patch \ " SRC_URI[sha256sum] = "2d64e90f3ded394b91d3a2e774ca203a4179f69aebee03003e5a6fa621e41d51" From patchwork Fri Sep 8 13:46:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 30210 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 91000EE7FFC for ; Fri, 8 Sep 2023 13:47:17 +0000 (UTC) Received: from mail-pf1-f176.google.com (mail-pf1-f176.google.com [209.85.210.176]) by mx.groups.io with SMTP id smtpd.web11.39462.1694180834050508598 for ; Fri, 08 Sep 2023 06:47:14 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=1svENcNG; spf=softfail (domain: sakoman.com, ip: 209.85.210.176, mailfrom: steve@sakoman.com) Received: by mail-pf1-f176.google.com with SMTP id d2e1a72fcca58-68a1af910e0so1776766b3a.2 for ; Fri, 08 Sep 2023 06:47:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1694180833; x=1694785633; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=EV3RoJZ+Gqe5TGYaboiYtE4WliYfl33LyDU50Iv7rVI=; b=1svENcNGmEIMngkdOkTJUBS8os4FEHOOl7XFzABqn1SVfNRP/PxehM64HByGc7Vzt1 QBoFPaaQdyBU9Vs7u0BnSOWGO+ZxDinD/07pyD4iTxtdvXEUMtB5bhLvBEuIZOhgpWq4 20F6Puej3kmppu8g7gXVN+GLHrIPwfaXXZ8ICu49HHGWLYnZMNAYasv/wzZuNVn3Pu39 B+be0zY2EedUtxKa1Nmhkel5lOGswFeYkroOf6IMYhNfOf4nQh2F02aPYuX48wKVe+gE J2BB4ucbSSVy1iwlIZz9WEAPV23jAcN8iF25BFbXlnWD9E/4+TgM8+9KA7jywbfMsJIa 2GWA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694180833; x=1694785633; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=EV3RoJZ+Gqe5TGYaboiYtE4WliYfl33LyDU50Iv7rVI=; b=FfmjPOksCRFWkLu4a8plI2Bp6NdNtYXNcuWRXbdHum/RMmG8jHZUGOBG4R6IlAKVA+ D9i6czRLuYWbfZfxVto73j6KWftST1Xfkrjp25LJZlIqUbuD7TQT4GUNfB3g1YYDd3Hr JB6VSdE3ibPn2kt3wD6X/kjT4JIZstpIapJdgBgPeRpRdmDoCg84/LlNkYULZ1gpgNdC 0jqFsYgTrEVa+hQZ5a5BTloQzi3nxUSQWrKDUXKpyctSwqaGlIf5mqreNW+KWMtEPrEI 675j0UE1gSioMF0fR52VhgD3T4w1pk3uhHuAm6eGOnDZOaUjTSb7BqaN4qCt3mDXOnxn EHdw== X-Gm-Message-State: AOJu0YxB0EvYpNOn5x8iC/iAdXepNVbRRHs8/iKMXx52IJK9LDGC+PFP WzTuO2ryp2lpkE8hmTTqRnLJXzogY0HOnBQlOTA= X-Google-Smtp-Source: AGHT+IEaBZC1rSSIm/qTYABc+4rb1ASw1fum0rqeeCR4fLbnUl3C7wyb9dfdAsSzK0TGAurLTBP+1g== X-Received: by 2002:a05:6a20:cea0:b0:135:38b5:7e58 with SMTP id if32-20020a056a20cea000b0013538b57e58mr2609188pzb.37.1694180832906; Fri, 08 Sep 2023 06:47:12 -0700 (PDT) Received: from xps13.. ([65.154.164.134]) by smtp.gmail.com with ESMTPSA id x18-20020a056a00271200b00653fe2d527esm1344828pfv.32.2023.09.08.06.47.12 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 08 Sep 2023 06:47:12 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 2/9] nghttp2: fix CVE-2023-35945 Date: Fri, 8 Sep 2023 03:46:53 -1000 Message-Id: <18277a43f7fd6522a67f194f40595bc378468733.1694179812.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 08 Sep 2023 13:47:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/187424 From: Yogita Urade Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy’s HTTP/2 codec may leak a header map and bookkeeping structures upon receiving `RST_STREAM` immediately followed by the `GOAWAY` frames from an upstream server. In nghttp2, cleanup of pending requests due to receipt of the `GOAWAY` frame skips de-allocation of the bookkeeping structure and pending compressed header. The error return [code path] is taken if connection is already marked for not sending more requests due to `GOAWAY` frame. The clean-up code is right after the return statement, causing memory leak. Denial of service through memory exhaustion. This vulnerability was patched in versions(s) 1.26.3, 1.25.8, 1.24.9, 1.23.11. References: https://nvd.nist.gov/vuln/detail/CVE-2023-35945 https://github.com/envoyproxy/envoy/security/advisories/GHSA-jfxv-29pc-x22r Signed-off-by: Yogita Urade Signed-off-by: Steve Sakoman --- .../nghttp2/nghttp2/CVE-2023-35945.patch | 151 ++++++++++++++++++ .../recipes-support/nghttp2/nghttp2_1.52.0.bb | 1 + 2 files changed, 152 insertions(+) create mode 100644 meta/recipes-support/nghttp2/nghttp2/CVE-2023-35945.patch diff --git a/meta/recipes-support/nghttp2/nghttp2/CVE-2023-35945.patch b/meta/recipes-support/nghttp2/nghttp2/CVE-2023-35945.patch new file mode 100644 index 0000000000..04d2086e1c --- /dev/null +++ b/meta/recipes-support/nghttp2/nghttp2/CVE-2023-35945.patch @@ -0,0 +1,151 @@ +From ce385d3f55a4b76da976b3bdf71fe2deddf315ba Mon Sep 17 00:00:00 2001 +From: Tatsuhiro Tsujikawa +Date: Mon, 4 Sep 2023 06:48:30 +0000 +Subject: [PATCH] Fix memory leak + +This commit fixes memory leak that happens when PUSH_PROMISE or +HEADERS frame cannot be sent, and nghttp2_on_stream_close_callback +fails with a fatal error. For example, if GOAWAY frame has been +received, a HEADERS frame that opens new stream cannot be sent. + +This issue has already been made public via CVE-2023-35945 [1] issued +by envoyproxy/envoy project. During embargo period, the patch to fix +this bug was accidentally submitted to nghttp2/nghttp2 repository [2]. +And they decided to disclose CVE early. I was notified just 1.5 hours +before disclosure. I had no time to respond. + +PoC described in [1] is quite simple, but I think it is not enough to +trigger this bug. While it is true that receiving GOAWAY prevents a +client from opening new stream, and nghttp2 enters error handling +branch, in order to cause the memory leak, +nghttp2_session_close_stream function must return a fatal error. +nghttp2 defines 2 fatal error codes: + +- NGHTTP2_ERR_NOMEM +- NGHTTP2_ERR_CALLBACK_FAILURE + +NGHTTP2_ERR_NOMEM, as its name suggests, indicates out of memory. It +is unlikely that a process gets short of memory with this simple PoC +scenario unless application does something memory heavy processing. + +NGHTTP2_ERR_CALLBACK_FAILURE is returned from application defined +callback function (nghttp2_on_stream_close_callback, in this case), +which indicates something fatal happened inside a callback, and a +connection must be closed immediately without any further action. As +nghttp2_on_stream_close_error_callback documentation says, any error +code other than 0 or NGHTTP2_ERR_CALLBACK_FAILURE is treated as fatal +error code. More specifically, it is treated as if +NGHTTP2_ERR_CALLBACK_FAILURE is returned. I guess that envoy returns +NGHTTP2_ERR_CALLBACK_FAILURE or other error code which is translated +into NGHTTP2_ERR_CALLBACK_FAILURE. + +[1] https://github.com/envoyproxy/envoy/security/advisories/GHSA-jfxv-29pc-x22r +[2] https://github.com/nghttp2/nghttp2/pull/1929 + +CVE: CVE-2023-35945 + +Upstream-Status: Backport [https://github.com/nghttp2/nghttp2/commit/ce385d3f55a4b76da976b3bdf71fe2deddf315ba] + +Signed-off-by: Yogita Urade +--- + lib/nghttp2_session.c | 10 +++++----- + tests/nghttp2_session_test.c | 34 ++++++++++++++++++++++++++++++++++ + 2 files changed, 39 insertions(+), 5 deletions(-) + +diff --git a/lib/nghttp2_session.c b/lib/nghttp2_session.c +index 93f3f07..9bb32b2 100644 +--- a/lib/nghttp2_session.c ++++ b/lib/nghttp2_session.c +@@ -3300,6 +3300,7 @@ static ssize_t nghttp2_session_mem_send_internal(nghttp2_session *session, + if (rv < 0) { + int32_t opened_stream_id = 0; + uint32_t error_code = NGHTTP2_INTERNAL_ERROR; ++ int rv2 = 0; + + DEBUGF("send: frame preparation failed with %s\n", + nghttp2_strerror(rv)); +@@ -3342,19 +3343,18 @@ static ssize_t nghttp2_session_mem_send_internal(nghttp2_session *session, + } + if (opened_stream_id) { + /* careful not to override rv */ +- int rv2; + rv2 = nghttp2_session_close_stream(session, opened_stream_id, + error_code); +- +- if (nghttp2_is_fatal(rv2)) { +- return rv2; +- } + } + + nghttp2_outbound_item_free(item, mem); + nghttp2_mem_free(mem, item); + active_outbound_item_reset(aob, mem); + ++ if (nghttp2_is_fatal(rv2)) { ++ return rv2; ++ } ++ + if (rv == NGHTTP2_ERR_HEADER_COMP) { + /* If header compression error occurred, should terminiate + connection. */ +diff --git a/tests/nghttp2_session_test.c b/tests/nghttp2_session_test.c +index 08152d4..14ab132 100644 +--- a/tests/nghttp2_session_test.c ++++ b/tests/nghttp2_session_test.c +@@ -585,6 +585,15 @@ static int on_stream_close_callback(nghttp2_session *session, int32_t stream_id, + return 0; + } + ++static int fatal_error_on_stream_close_callback(nghttp2_session *session, ++ int32_t stream_id, ++ uint32_t error_code, ++ void *user_data) { ++ on_stream_close_callback(session, stream_id, error_code, user_data); ++ ++ return NGHTTP2_ERR_CALLBACK_FAILURE; ++} ++ + static ssize_t pack_extension_callback(nghttp2_session *session, uint8_t *buf, + size_t len, const nghttp2_frame *frame, + void *user_data) { +@@ -4297,6 +4306,8 @@ void test_nghttp2_session_on_goaway_received(void) { + nghttp2_frame frame; + int i; + nghttp2_mem *mem; ++ const uint8_t *data; ++ ssize_t datalen; + + mem = nghttp2_mem_default(); + user_data.frame_recv_cb_called = 0; +@@ -4338,6 +4349,29 @@ void test_nghttp2_session_on_goaway_received(void) { + + nghttp2_frame_goaway_free(&frame.goaway, mem); + nghttp2_session_del(session); ++ ++ /* Make sure that no memory leak when stream_close callback fails ++ with a fatal error */ ++ memset(&callbacks, 0, sizeof(nghttp2_session_callbacks)); ++ callbacks.on_stream_close_callback = fatal_error_on_stream_close_callback; ++ ++ memset(&user_data, 0, sizeof(user_data)); ++ ++ nghttp2_session_client_new(&session, &callbacks, &user_data); ++ ++ nghttp2_frame_goaway_init(&frame.goaway, 0, NGHTTP2_NO_ERROR, NULL, 0); ++ ++ CU_ASSERT(0 == nghttp2_session_on_goaway_received(session, &frame)); ++ ++ nghttp2_submit_request(session, NULL, reqnv, ARRLEN(reqnv), NULL, NULL); ++ ++ datalen = nghttp2_session_mem_send(session, &data); ++ ++ CU_ASSERT(NGHTTP2_ERR_CALLBACK_FAILURE == datalen); ++ CU_ASSERT(1 == user_data.stream_close_cb_called); ++ ++ nghttp2_frame_goaway_free(&frame.goaway, mem); ++ nghttp2_session_del(session); + } + + void test_nghttp2_session_on_window_update_received(void) { +-- +2.35.5 diff --git a/meta/recipes-support/nghttp2/nghttp2_1.52.0.bb b/meta/recipes-support/nghttp2/nghttp2_1.52.0.bb index f57a15954d..0fba554919 100644 --- a/meta/recipes-support/nghttp2/nghttp2_1.52.0.bb +++ b/meta/recipes-support/nghttp2/nghttp2_1.52.0.bb @@ -7,6 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=764abdf30b2eadd37ce47dcbce0ea1ec" SRC_URI = "\ ${GITHUB_BASE_URI}/download/v${PV}/nghttp2-${PV}.tar.xz \ file://0001-fetch-ocsp-response-use-python3.patch \ + file://CVE-2023-35945.patch \ " SRC_URI[sha256sum] = "3ea9f0439e60469ad4d39cb349938684ffb929dd7e8e06a7bffe9f9d21f8ba7d" From patchwork Fri Sep 8 13:46:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 30209 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A621EEE8000 for ; Fri, 8 Sep 2023 13:47:17 +0000 (UTC) Received: from mail-pf1-f173.google.com (mail-pf1-f173.google.com [209.85.210.173]) by mx.groups.io with SMTP id smtpd.web11.39463.1694180835524982944 for ; Fri, 08 Sep 2023 06:47:15 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=XHIspHPC; spf=softfail (domain: sakoman.com, ip: 209.85.210.173, mailfrom: steve@sakoman.com) Received: by mail-pf1-f173.google.com with SMTP id d2e1a72fcca58-68a56401c12so1768739b3a.2 for ; Fri, 08 Sep 2023 06:47:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1694180834; x=1694785634; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=mMb+uanfpYA0pU8fwv19LdbmBCHEDcx5dlsKQL3wwsw=; b=XHIspHPCmUOwYZscmZvDpB9NVlO/6U4opdZVoibdpScoQ+0qVYLcyAYasTfUHV5Vrq j0GE4wLZesp4wvhO3rdF+suXeI3g6m2qeEz0miL/8u+qIx7ZSXdWJcHqKw5HZyzlmLNd bYAAwN5aCPG/uuyI8+UvUkF0HdOehW3dDimWLzxG9LCULLTCDih9XY+X95UmfKSsNm8j VFdG8bKO41OO0Jv2qtzkaBBQ+wNhpntovcykkdGrlHdusfd3jCYFrPZMHWF71nID7FYb uTBHslW0iGadFUuBSiLUCwSC4Tzpg0HZtVSwY+cPXSIVObMcXdQhCoEjIJpb8bqaL3pe ziCQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694180834; x=1694785634; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=mMb+uanfpYA0pU8fwv19LdbmBCHEDcx5dlsKQL3wwsw=; b=BDcXCJCXAOoFd4ToiwL9Uyfaougw5GikLFdUuDH2boSbKLapmcrqr0CKozXPVMgLnX PMhxjE71B7ZdrrfT92233Jw1gODAa2xJbPjbX1jhVTSGb1bSBLYh3d7lvR+knKe8UOFQ PPNdQTddg9GQ4plZklpIbnYYst+n4sAHG4STs99h0B63zYiAmfiPHOPzotaPk+CtkD2g a1+fNOtRFtcSIEc6XEHUrm1wc5wr5OAzg3R45/FZyNmwFlMoe7HdtL1mIk1pGEvBfBLs n6GxjXNIyahGbNiX3S/c2tND976v7pyzy6mrdETnahaT1hV1oYP4nieH6xJk56/Vm/eB wMqw== X-Gm-Message-State: AOJu0Yy2YLH6Fb2AobDELHLPUeNXylagVk9FefTGxBIVXeK90ch3eqFy 2brhooLuqFo4QzydZD/GJsF651m9RMooh3Tclag= X-Google-Smtp-Source: AGHT+IHJsPTm0Oo+f4j/sSX00h4TeUz9VE2JjpA5KMvVBgsi2Y8PRVlSkQqy4reb3iJ+72+oeC23TA== X-Received: by 2002:a05:6a20:8422:b0:135:1af6:9a01 with SMTP id c34-20020a056a20842200b001351af69a01mr3595087pzd.8.1694180834498; Fri, 08 Sep 2023 06:47:14 -0700 (PDT) Received: from xps13.. ([65.154.164.134]) by smtp.gmail.com with ESMTPSA id x18-20020a056a00271200b00653fe2d527esm1344828pfv.32.2023.09.08.06.47.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 08 Sep 2023 06:47:14 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 3/9] webkitgtk: fix CVE-2023-32439 Date: Fri, 8 Sep 2023 03:46:54 -1000 Message-Id: <71edb4ec115208950ae5da5305b5fd75823121ec.1694179812.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 08 Sep 2023 13:47:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/187425 From: Kai Kang Backport patch to fix CVE-2023-32439 for webkitgtk. CVE: CVE-2023-32439 Signed-off-by: Kai Kang Signed-off-by: Steve Sakoman --- .../webkit/webkitgtk/CVE-2023-32439.patch | 128 ++++++++++++++++++ meta/recipes-sato/webkit/webkitgtk_2.38.6.bb | 1 + 2 files changed, 129 insertions(+) create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2023-32439.patch diff --git a/meta/recipes-sato/webkit/webkitgtk/CVE-2023-32439.patch b/meta/recipes-sato/webkit/webkitgtk/CVE-2023-32439.patch new file mode 100644 index 0000000000..5c240011e0 --- /dev/null +++ b/meta/recipes-sato/webkit/webkitgtk/CVE-2023-32439.patch @@ -0,0 +1,128 @@ +CVE: CVE-2023-32439 + +Upstream-Status: Backport [https://github.com/WebKit/WebKit/commit/ebefb9e] + +Signed-off-by: Kai Kang + +From ebefb9e6b7e7440ab6bb29452f4ac6350bd8b975 Mon Sep 17 00:00:00 2001 +From: Yijia Huang +Date: Wed, 10 May 2023 09:41:48 -0700 +Subject: [PATCH] Cherry-pick 263909@main (52fe95e5805c). + https://bugs.webkit.org/show_bug.cgi?id=256567 + + EnumeratorNextUpdateIndexAndMode and HasIndexedProperty should have different heap location kinds + https://bugs.webkit.org/show_bug.cgi?id=256567 + rdar://109089013 + + Reviewed by Yusuke Suzuki. + + EnumeratorNextUpdateIndexAndMode and HasIndexedProperty are different DFG nodes. However, + they might introduce the same heap location kind in DFGClobberize.h which might lead to + hash collision. We should introduce a new locationn kind for EnumeratorNextUpdateIndexAndMode. + + * JSTests/stress/heap-location-collision-dfg-clobberize.js: Added. + (foo): + * Source/JavaScriptCore/dfg/DFGClobberize.h: + (JSC::DFG::clobberize): + * Source/JavaScriptCore/dfg/DFGHeapLocation.cpp: + (WTF::printInternal): + * Source/JavaScriptCore/dfg/DFGHeapLocation.h: + + Canonical link: https://commits.webkit.org/263909@main + +Canonical link: https://commits.webkit.org/260527.376@webkitglib/2.40 +--- + .../stress/heap-location-collision-dfg-clobberize.js | 12 ++++++++++++ + Source/JavaScriptCore/dfg/DFGClobberize.h | 7 ++++--- + Source/JavaScriptCore/dfg/DFGHeapLocation.cpp | 4 ++++ + Source/JavaScriptCore/dfg/DFGHeapLocation.h | 1 + + 4 files changed, 21 insertions(+), 3 deletions(-) + create mode 100644 JSTests/stress/heap-location-collision-dfg-clobberize.js + +diff --git a/JSTests/stress/heap-location-collision-dfg-clobberize.js b/JSTests/stress/heap-location-collision-dfg-clobberize.js +new file mode 100644 +index 000000000000..ed40601ea37f +--- /dev/null ++++ b/JSTests/stress/heap-location-collision-dfg-clobberize.js +@@ -0,0 +1,12 @@ ++//@ runDefault("--watchdog=300", "--watchdog-exception-ok") ++const arr = [0]; ++ ++function foo() { ++ for (let _ in arr) { ++ 0 in arr; ++ while(1); ++ } ++} ++ ++ ++foo(); +diff --git a/Source/JavaScriptCore/dfg/DFGClobberize.h b/Source/JavaScriptCore/dfg/DFGClobberize.h +index e4db64155316..5ec334787c0c 100644 +--- a/Source/JavaScriptCore/dfg/DFGClobberize.h ++++ b/Source/JavaScriptCore/dfg/DFGClobberize.h +@@ -383,6 +383,7 @@ void clobberize(Graph& graph, Node* node, const ReadFunctor& read, const WriteFu + + read(JSObject_butterfly); + ArrayMode mode = node->arrayMode(); ++ LocationKind locationKind = node->op() == EnumeratorNextUpdateIndexAndMode ? EnumeratorNextUpdateIndexAndModeLoc : HasIndexedPropertyLoc; + switch (mode.type()) { + case Array::ForceExit: { + write(SideState); +@@ -392,7 +393,7 @@ void clobberize(Graph& graph, Node* node, const ReadFunctor& read, const WriteFu + if (mode.isInBounds()) { + read(Butterfly_publicLength); + read(IndexedInt32Properties); +- def(HeapLocation(HasIndexedPropertyLoc, IndexedInt32Properties, graph.varArgChild(node, 0), graph.varArgChild(node, 1)), LazyNode(node)); ++ def(HeapLocation(locationKind, IndexedInt32Properties, graph.varArgChild(node, 0), graph.varArgChild(node, 1)), LazyNode(node)); + return; + } + break; +@@ -402,7 +403,7 @@ void clobberize(Graph& graph, Node* node, const ReadFunctor& read, const WriteFu + if (mode.isInBounds()) { + read(Butterfly_publicLength); + read(IndexedDoubleProperties); +- def(HeapLocation(HasIndexedPropertyLoc, IndexedDoubleProperties, graph.varArgChild(node, 0), graph.varArgChild(node, 1)), LazyNode(node)); ++ def(HeapLocation(locationKind, IndexedDoubleProperties, graph.varArgChild(node, 0), graph.varArgChild(node, 1)), LazyNode(node)); + return; + } + break; +@@ -412,7 +413,7 @@ void clobberize(Graph& graph, Node* node, const ReadFunctor& read, const WriteFu + if (mode.isInBounds()) { + read(Butterfly_publicLength); + read(IndexedContiguousProperties); +- def(HeapLocation(HasIndexedPropertyLoc, IndexedContiguousProperties, graph.varArgChild(node, 0), graph.varArgChild(node, 1)), LazyNode(node)); ++ def(HeapLocation(locationKind, IndexedContiguousProperties, graph.varArgChild(node, 0), graph.varArgChild(node, 1)), LazyNode(node)); + return; + } + break; +diff --git a/Source/JavaScriptCore/dfg/DFGHeapLocation.cpp b/Source/JavaScriptCore/dfg/DFGHeapLocation.cpp +index 0661e5b826b7..698a6d4b6062 100644 +--- a/Source/JavaScriptCore/dfg/DFGHeapLocation.cpp ++++ b/Source/JavaScriptCore/dfg/DFGHeapLocation.cpp +@@ -134,6 +134,10 @@ void printInternal(PrintStream& out, LocationKind kind) + out.print("HasIndexedPorpertyLoc"); + return; + ++ case EnumeratorNextUpdateIndexAndModeLoc: ++ out.print("EnumeratorNextUpdateIndexAndModeLoc"); ++ return; ++ + case IndexedPropertyDoubleLoc: + out.print("IndexedPropertyDoubleLoc"); + return; +diff --git a/Source/JavaScriptCore/dfg/DFGHeapLocation.h b/Source/JavaScriptCore/dfg/DFGHeapLocation.h +index 40fb71673284..7238491b02c9 100644 +--- a/Source/JavaScriptCore/dfg/DFGHeapLocation.h ++++ b/Source/JavaScriptCore/dfg/DFGHeapLocation.h +@@ -46,6 +46,7 @@ enum LocationKind { + DirectArgumentsLoc, + GetterLoc, + GlobalVariableLoc, ++ EnumeratorNextUpdateIndexAndModeLoc, + HasIndexedPropertyLoc, + IndexedPropertyDoubleLoc, + IndexedPropertyDoubleSaneChainLoc, +-- +2.34.1 + diff --git a/meta/recipes-sato/webkit/webkitgtk_2.38.6.bb b/meta/recipes-sato/webkit/webkitgtk_2.38.6.bb index 5e8adf50fc..4cef133c19 100644 --- a/meta/recipes-sato/webkit/webkitgtk_2.38.6.bb +++ b/meta/recipes-sato/webkit/webkitgtk_2.38.6.bb @@ -14,6 +14,7 @@ SRC_URI = "https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \ file://reproducibility.patch \ file://0d3344e17d258106617b0e6d783d073b188a2548.patch \ file://d318bb461f040b90453bc4e100dcf967243ecd98.patch \ + file://CVE-2023-32439.patch \ " SRC_URI[sha256sum] = "1c614c9589389db1a79ea9ba4293bbe8ac3ab0a2234cac700935fae0724ad48b" From patchwork Fri Sep 8 13:46:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 30208 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id AE924EE8002 for ; Fri, 8 Sep 2023 13:47:17 +0000 (UTC) Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com [209.85.210.180]) by mx.groups.io with SMTP id smtpd.web10.39139.1694180837318906551 for ; Fri, 08 Sep 2023 06:47:17 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=bhVVFzXH; spf=softfail (domain: sakoman.com, ip: 209.85.210.180, mailfrom: steve@sakoman.com) Received: by mail-pf1-f180.google.com with SMTP id d2e1a72fcca58-68a41031768so1761841b3a.3 for ; Fri, 08 Sep 2023 06:47:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1694180836; x=1694785636; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=LviH2Hhpbr7lCMFluPkg/Nv/SbyBYdasewETKWsxuT4=; b=bhVVFzXHdHx51Jbal/gN3iCW3XTBuI3M0IexgXeG6U3UWYbjb3uXytJAN58hAQZmhQ 1PproBEZvymrv8cV1wpepFKTCMALe9yV3sCf2Atyyqn+XoiWNC+4RfFle1sJiwms1ImM NrtJ6UosHk9IOAOFIyBTvNazdC7tqkQVB9CUp7OOGYL664EMrgpbhfvVP1VSvA/rJxZI 1Nm+anF3YbEngg5zjawFAPGzuZD4owYYucuH87kkfPDXS3jdfJGVXUOO/vWQy/RS5EQZ SQ54TS3jQeHjs5Xa+0Xt7quCWb9Gnpe4hiyqEsrczMCAtJIHKMzT/+wo5B2sEbGRNeW9 3ZlQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694180836; x=1694785636; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=LviH2Hhpbr7lCMFluPkg/Nv/SbyBYdasewETKWsxuT4=; b=H+xcd0QXNWd/50Mv7RGW1o/n1mjY2srvBfGgHRvqJc5+9GcEoKLnXRcPbbJxJ0zHv6 xaiwRNdjO2fB05obUmeOagKO/RMVPGtCPEJ0T/IDxZ0cPZDH2cm+JKEe0eXR10O2TDpq pX2UQxA0zUE4mbaJIUQdKEMTVhWDEL6EA/lciC29A2pPqNgdAuBYBIKUN+fC87tJpSFY yUYdjLclNaGVzwzJY8iZCvv47xLgXBSaREHmMKCU20W/kStmRJ1nWHeRgn2lLfaZfPbB 8xIHzsXXpO5efs2kr0uMohY2yKmPUjCj5bGtnjm6V6yh5gLvBPPaex9ozV9vjDlnqRzh 3hJg== X-Gm-Message-State: AOJu0YwYtgX5ZlPId+XEuE047HqXZfCIl5mXt717RugqNcob3gtCJt57 4f3Aj7/RUeRm3Xj0VjMee9jqYXepQ3A3Pq+owuw= X-Google-Smtp-Source: AGHT+IEfhqYeqwSAvTtPp0YVs/JCZaMNIUigF1kMqpY5PSbddXOhpgpYkVHvdq3aKYEh4o1ozjqojw== X-Received: by 2002:a05:6a20:e110:b0:153:6a8b:8f5d with SMTP id kr16-20020a056a20e11000b001536a8b8f5dmr3447120pzb.23.1694180836329; Fri, 08 Sep 2023 06:47:16 -0700 (PDT) Received: from xps13.. ([65.154.164.134]) by smtp.gmail.com with ESMTPSA id x18-20020a056a00271200b00653fe2d527esm1344828pfv.32.2023.09.08.06.47.15 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 08 Sep 2023 06:47:15 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 4/9] webkitgtk: fix CVE-2023-32435 Date: Fri, 8 Sep 2023 03:46:55 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 08 Sep 2023 13:47:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/187426 From: Kai Kang Backport and rebase patch to fix CVE-2023-32435 for webkitgtk 2.38.6: * drop the patches for the files WasmAirIRGenerator64.cpp and WasmAirIRGeneratorBase.h which are involved in 2.40.0 * drop test cases as well CVE: CVE-2023-32435 Signed-off-by: Kai Kang Signed-off-by: Steve Sakoman --- .../webkit/webkitgtk/CVE-2023-32435.patch | 59 +++++++++++++++++++ meta/recipes-sato/webkit/webkitgtk_2.38.6.bb | 1 + 2 files changed, 60 insertions(+) create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2023-32435.patch diff --git a/meta/recipes-sato/webkit/webkitgtk/CVE-2023-32435.patch b/meta/recipes-sato/webkit/webkitgtk/CVE-2023-32435.patch new file mode 100644 index 0000000000..c6ac6b4a1c --- /dev/null +++ b/meta/recipes-sato/webkit/webkitgtk/CVE-2023-32435.patch @@ -0,0 +1,59 @@ +CVE: CVE-2023-32435 + +Upstream-Status: Backport [https://github.com/WebKit/WebKit/commit/50c7aae] + +Backport and rebase patch to fix CVE-2023-32435 for webkitgtk 2.38.6: + +* drop the patches for the files WasmAirIRGenerator64.cpp and + WasmAirIRGeneratorBase.h which are involved in 2.40.0 +* drop test cases as well + +Signed-off-by: Kai Kang + +From 50c7aaec2f53ab3b960f1b299aad5009df6f1967 Mon Sep 17 00:00:00 2001 +From: Justin Michaud +Date: Wed, 8 Feb 2023 14:41:34 -0800 +Subject: [PATCH] Fixup air pointer args if they are not valid in BBQ + https://bugs.webkit.org/show_bug.cgi?id=251890 rdar://105079565 + +Reviewed by Mark Lam and Yusuke Suzuki. + +We are not fixing up air args if their offsets don't fit into the instruction +in a few cases. + +Here are some examples: + +MoveDouble 28480(%sp), %q16 ; too big +MoveVector 248(%sp), %q16 ; not 16-byte aligned + +Let's fix up these arguments. We also fix a missing validation check +when parsing exception tags exposed by this test. + +* Source/JavaScriptCore/wasm/WasmAirIRGenerator64.cpp: +(JSC::Wasm::AirIRGenerator64::addReturn): +* Source/JavaScriptCore/wasm/WasmAirIRGeneratorBase.h: +(JSC::Wasm::AirIRGeneratorBase::emitPatchpoint): + +oops + +Canonical link: https://commits.webkit.org/260038@main +--- + Source/JavaScriptCore/wasm/WasmSectionParser.cpp | 2 + + 1 files changed, 2 insertions(+), 0 deletions(-) + +diff --git a/Source/JavaScriptCore/wasm/WasmSectionParser.cpp b/Source/JavaScriptCore/wasm/WasmSectionParser.cpp +index 6b8f9016..a5f3a88b 100644 +--- a/Source/JavaScriptCore/wasm/WasmSectionParser.cpp ++++ b/Source/JavaScriptCore/wasm/WasmSectionParser.cpp +@@ -917,6 +917,8 @@ auto SectionParser::parseException() -> PartialResult + WASM_PARSER_FAIL_IF(!parseVarUInt32(typeNumber), "can't get ", exceptionNumber, "th Exception's type number"); + WASM_PARSER_FAIL_IF(typeNumber >= m_info->typeCount(), exceptionNumber, "th Exception type number is invalid ", typeNumber); + TypeIndex typeIndex = TypeInformation::get(m_info->typeSignatures[typeNumber]); ++ auto signature = TypeInformation::getFunctionSignature(typeIndex); ++ WASM_PARSER_FAIL_IF(!signature.returnsVoid(), exceptionNumber, "th Exception type cannot have a non-void return type ", typeNumber); + m_info->internalExceptionTypeIndices.uncheckedAppend(typeIndex); + } + +-- +2.34.1 + diff --git a/meta/recipes-sato/webkit/webkitgtk_2.38.6.bb b/meta/recipes-sato/webkit/webkitgtk_2.38.6.bb index 4cef133c19..813198df5f 100644 --- a/meta/recipes-sato/webkit/webkitgtk_2.38.6.bb +++ b/meta/recipes-sato/webkit/webkitgtk_2.38.6.bb @@ -14,6 +14,7 @@ SRC_URI = "https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \ file://reproducibility.patch \ file://0d3344e17d258106617b0e6d783d073b188a2548.patch \ file://d318bb461f040b90453bc4e100dcf967243ecd98.patch \ + file://CVE-2023-32435.patch \ file://CVE-2023-32439.patch \ " SRC_URI[sha256sum] = "1c614c9589389db1a79ea9ba4293bbe8ac3ab0a2234cac700935fae0724ad48b" From patchwork Fri Sep 8 13:46:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 30212 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A900FEE8000 for ; Fri, 8 Sep 2023 13:47:27 +0000 (UTC) Received: from mail-pf1-f178.google.com (mail-pf1-f178.google.com [209.85.210.178]) by mx.groups.io with SMTP id smtpd.web11.39465.1694180838855598516 for ; Fri, 08 Sep 2023 06:47:18 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=xV6f1wiM; spf=softfail (domain: sakoman.com, ip: 209.85.210.178, mailfrom: steve@sakoman.com) Received: by mail-pf1-f178.google.com with SMTP id d2e1a72fcca58-68bec3a9bdbso1671982b3a.3 for ; Fri, 08 Sep 2023 06:47:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1694180838; x=1694785638; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=klu+xor2MceVsLlecY4Mxu3+mXCqzSJf3Z6Xa4N8H8w=; b=xV6f1wiMCGqvETBDoutvulNzDgLF2wxtfqUEgqgJmS7JJ3ynYUUfVWa/onndt0srFb 0ZG/bEuTT7NT4RcUuOsyIL4CEeVd98PVo1JliXNXDNWRSzCkCd9dWd+OulxwhNCl9Pne FKaUzgjU4+yq/SkfaYBvoAVdasmZhwe3D91bhnQG2yvxkai1WLmhKLhwlurPGirsLtI6 cEcnBe/yeu0EPKA9+MVyhWD9/Nc4Rbq0iTrfOj3GJhivq+DtnzdDwxDXmDr9PqV94ZD+ bpzub5dtKiTZJGh1Prs/uC25VgTPPvBvA2b4z7/Jtr44XWzqqzLLV+lWp9bJOhTcZ5zS AJqA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694180838; x=1694785638; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=klu+xor2MceVsLlecY4Mxu3+mXCqzSJf3Z6Xa4N8H8w=; b=FjHM161QjYq/EgPCBzwIrD9Jv3ggo2ONYAO9JxJh4llZf5cFeOgGIBO3TUHr8oI4OV o0mmHoVQQ9sarW1/ze8fxq0bADe7K73iQ4ZmdwK8gEfarSVXL94PV2IPQzsazzeQXLIO sDC+SP92NGYrjH5wjddPwKJahNxFD/5CUbLEUY2EuYMJtAU+qgFinE5qsWgBYf0Se1a+ T8/gT/ZI1L8IVlzGoWvUfd0DMxJdSqPXbtxSxwBE9mAG1GELNrJ44W1Yhiw6Hw5LK3Qp zeRuTrX4pP3M+NhIwVNUlK3wVmqOSJOCqFdSGLJ36jxQa4J8IWQ8PWMc2olHDFHXIQtB rPTw== X-Gm-Message-State: AOJu0YydH77qmASKgWXxxO9lw2r/4s34UQFlAYj3EgEMt1DyrqZ9VbEW RACmdQEka0aSAeWHsCU5fSGwKhZEauS4YTNvaQc= X-Google-Smtp-Source: AGHT+IHnvhsm/KTvW0yV1CL3E2xoClXsh0ncLBwDAJI7wll15JjGhr48v10vVrxfvj+9kUqlPyZPRQ== X-Received: by 2002:a05:6a20:3d1d:b0:149:802f:28be with SMTP id y29-20020a056a203d1d00b00149802f28bemr2991726pzi.52.1694180837888; Fri, 08 Sep 2023 06:47:17 -0700 (PDT) Received: from xps13.. ([65.154.164.134]) by smtp.gmail.com with ESMTPSA id x18-20020a056a00271200b00653fe2d527esm1344828pfv.32.2023.09.08.06.47.17 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 08 Sep 2023 06:47:17 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 5/9] python3: upgrade 3.11.2 -> 3.11.3 Date: Fri, 8 Sep 2023 03:46:56 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 08 Sep 2023 13:47:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/187427 From: Alexander Kanavin (cherry picked from commit 7d5bb3a4690ef61a1fee21773b4717e829789e32) Signed-off-by: Alexander Kanavin Signed-off-by: Richard Purdie Signed-off-by: Chee Yang Lee Signed-off-by: Steve Sakoman --- .../0001-Don-t-search-system-for-headers-libraries.patch | 2 +- ...1-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch | 2 +- .../python3/12-distutils-prefix-is-inside-staging-area.patch | 2 +- .../python/{python3_3.11.2.bb => python3_3.11.3.bb} | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) rename meta/recipes-devtools/python/{python3_3.11.2.bb => python3_3.11.3.bb} (99%) diff --git a/meta/recipes-devtools/python/python3/0001-Don-t-search-system-for-headers-libraries.patch b/meta/recipes-devtools/python/python3/0001-Don-t-search-system-for-headers-libraries.patch index 96e5e81342..c9253832cf 100644 --- a/meta/recipes-devtools/python/python3/0001-Don-t-search-system-for-headers-libraries.patch +++ b/meta/recipes-devtools/python/python3/0001-Don-t-search-system-for-headers-libraries.patch @@ -1,4 +1,4 @@ -From 7d296dc635ad3ac2792955ce37e140a4104b098f Mon Sep 17 00:00:00 2001 +From 6cb667f37beacd832cb409e5244b3c90dfad32f7 Mon Sep 17 00:00:00 2001 From: Jeremy Puhlman Date: Wed, 4 Mar 2020 00:06:42 +0000 Subject: [PATCH] Don't search system for headers/libraries diff --git a/meta/recipes-devtools/python/python3/0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch b/meta/recipes-devtools/python/python3/0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch index 86971f4048..d5b7ce2b95 100644 --- a/meta/recipes-devtools/python/python3/0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch +++ b/meta/recipes-devtools/python/python3/0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch @@ -1,4 +1,4 @@ -From cab8b8b1390165a93dfb27c48c1cc4c3e4280dfd Mon Sep 17 00:00:00 2001 +From 4ed481f4928c361970e78f27c4d9be8700af176b Mon Sep 17 00:00:00 2001 From: Alexander Kanavin Date: Fri, 10 Sep 2021 12:28:31 +0200 Subject: [PATCH] Lib/sysconfig.py: use prefix value from build configuration diff --git a/meta/recipes-devtools/python/python3/12-distutils-prefix-is-inside-staging-area.patch b/meta/recipes-devtools/python/python3/12-distutils-prefix-is-inside-staging-area.patch index e080b5c562..5ee4e4f126 100644 --- a/meta/recipes-devtools/python/python3/12-distutils-prefix-is-inside-staging-area.patch +++ b/meta/recipes-devtools/python/python3/12-distutils-prefix-is-inside-staging-area.patch @@ -1,4 +1,4 @@ -From 79e7ed59750612e57647847957ab85709307ea38 Mon Sep 17 00:00:00 2001 +From 4c39252c71d8bca81fdc43753c83a59f8668c619 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Tue, 14 May 2013 15:00:26 -0700 Subject: [PATCH] python3: Add target and native recipes diff --git a/meta/recipes-devtools/python/python3_3.11.2.bb b/meta/recipes-devtools/python/python3_3.11.3.bb similarity index 99% rename from meta/recipes-devtools/python/python3_3.11.2.bb rename to meta/recipes-devtools/python/python3_3.11.3.bb index f3be9768bf..0563a0ab9b 100644 --- a/meta/recipes-devtools/python/python3_3.11.2.bb +++ b/meta/recipes-devtools/python/python3_3.11.3.bb @@ -39,7 +39,7 @@ SRC_URI:append:class-native = " \ file://12-distutils-prefix-is-inside-staging-area.patch \ file://0001-Don-t-search-system-for-headers-libraries.patch \ " -SRC_URI[sha256sum] = "29e4b8f5f1658542a8c13e2dd277358c9c48f2b2f7318652ef1675e402b9d2af" +SRC_URI[sha256sum] = "8a5db99c961a7ecf27c75956189c9602c968751f11dbeae2b900dbff1c085b5e" # exclude pre-releases for both python 2.x and 3.x UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P\d+(\.\d+)+).tar" From patchwork Fri Sep 8 13:46:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 30211 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A9040EE8001 for ; Fri, 8 Sep 2023 13:47:27 +0000 (UTC) Received: from mail-pf1-f173.google.com (mail-pf1-f173.google.com [209.85.210.173]) by mx.groups.io with SMTP id smtpd.web11.39468.1694180840706839379 for ; Fri, 08 Sep 2023 06:47:20 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=1/gyCMJy; spf=softfail (domain: sakoman.com, ip: 209.85.210.173, mailfrom: steve@sakoman.com) Received: by mail-pf1-f173.google.com with SMTP id d2e1a72fcca58-68bedc0c268so1973389b3a.0 for ; Fri, 08 Sep 2023 06:47:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1694180840; x=1694785640; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=bnDWgI7Xikb1OjFoW4gwzOdYBMcl7K3u4Am80DUL5/M=; b=1/gyCMJy4FHhtBMt4VIrvIQq65i3u89nZwXmNDg9RLdFsbXMw7ylv0ajFYK6YBhC28 OnswQBaGk/6NT3C696qVxKtNwMx3949Jfr/84+BQF5NW/bqjo43dGA3cUQJnnYa8j+MA oe3D5W8dLGulkd6A41kCMZJHSOG7yRkRyzTmB/2qym4x5hcnnxOFPdv9yhQuJ0+xQrdu ytQPNmKWdb9rh/eKa1/vxBEuwWR5FcYR4d1krJMVj5WnJfS1rtwN1pfOz42YmakwzPc7 F1iO/0Ae5atKqYfZZXvrncl3n3Kdsfqv8zxna/bTWifXesvR+Hk2j/vPcO5Xuw/CMqbL BCYQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694180840; x=1694785640; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=bnDWgI7Xikb1OjFoW4gwzOdYBMcl7K3u4Am80DUL5/M=; b=MG5hoiet1mObuWIy4qQBBw8CVKgXaMICIZm4/vOm2fRBBySGC3Iv1fcN38T1VIZ46P ReSjNfwcWAvZTd38od5wX0YGR9ZQ6ybjW8qW/Y72rrJpBz2TqGLSP3IKCJhFQ9D9BLj6 HKjZdeKuUwBuSig1vk6yN+Ee7SU6IUpjsJJxUNUEiF6NWFP3J/J8yVnZgv6GMrSpcwcs DJYBDQ/QHckrAdyz2VUSXz8Eb1OmvW4DfMChP9t1+m5vicMoggVuk5VOTW2HlBhhNNWb /HILeSkEMjjpc0e1pwG3gU75Jq2MKY64oWBlcgOw7ddtBK/7qLprq9JZX5+i3xHxpLmL eiRA== X-Gm-Message-State: AOJu0YzaG2oQU95wg1Re8smOc3PUk0EhfgWeLnB8UL09jDJ4Wm/C76Yj fXuK+AInyF6/dygmhVmjgVZqkTbRJKrukOfDdbY= X-Google-Smtp-Source: AGHT+IGzJRt/iXeXgZ+T/MGIiuIgznakKUB0D5sJ5dKUi1x50HA9zeMnug9UXa+DLZ8+MfiYx8vcEQ== X-Received: by 2002:a05:6a21:798a:b0:14c:d105:2d16 with SMTP id bh10-20020a056a21798a00b0014cd1052d16mr2585432pzc.32.1694180839712; Fri, 08 Sep 2023 06:47:19 -0700 (PDT) Received: from xps13.. ([65.154.164.134]) by smtp.gmail.com with ESMTPSA id x18-20020a056a00271200b00653fe2d527esm1344828pfv.32.2023.09.08.06.47.18 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 08 Sep 2023 06:47:19 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 6/9] python3: update 3.11.3 -> 3.11.4 Date: Fri, 8 Sep 2023 03:46:57 -1000 Message-Id: <8687de9f20bde7aba118a50342848031adfb7641.1694179812.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 08 Sep 2023 13:47:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/187428 From: Alexander Kanavin upgrade include fix for CVE-2023-24329 (cherry picked from commit f7f163ebe8c53de4314d04595c1fbcc7af2deccc ) Signed-off-by: Alexander Kanavin Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie Signed-off-by: Chee Yang Lee Signed-off-by: Steve Sakoman --- ...1-Don-t-search-system-for-headers-libraries.patch | 2 +- ...y-handle-stdin-I-O-errors-same-way-as-maste.patch | 12 ++++++------ ...nfig.py-use-prefix-value-from-build-configu.patch | 2 +- .../12-distutils-prefix-is-inside-staging-area.patch | 2 +- meta/recipes-devtools/python/python3/makerace.patch | 8 ++++---- .../python/{python3_3.11.3.bb => python3_3.11.4.bb} | 2 +- 6 files changed, 14 insertions(+), 14 deletions(-) rename meta/recipes-devtools/python/{python3_3.11.3.bb => python3_3.11.4.bb} (99%) diff --git a/meta/recipes-devtools/python/python3/0001-Don-t-search-system-for-headers-libraries.patch b/meta/recipes-devtools/python/python3/0001-Don-t-search-system-for-headers-libraries.patch index c9253832cf..222a567dd5 100644 --- a/meta/recipes-devtools/python/python3/0001-Don-t-search-system-for-headers-libraries.patch +++ b/meta/recipes-devtools/python/python3/0001-Don-t-search-system-for-headers-libraries.patch @@ -1,4 +1,4 @@ -From 6cb667f37beacd832cb409e5244b3c90dfad32f7 Mon Sep 17 00:00:00 2001 +From aa8f1709c54557d2b51a9a37d15ccc3de62e90cb Mon Sep 17 00:00:00 2001 From: Jeremy Puhlman Date: Wed, 4 Mar 2020 00:06:42 +0000 Subject: [PATCH] Don't search system for headers/libraries diff --git a/meta/recipes-devtools/python/python3/0001-Lib-pty.py-handle-stdin-I-O-errors-same-way-as-maste.patch b/meta/recipes-devtools/python/python3/0001-Lib-pty.py-handle-stdin-I-O-errors-same-way-as-maste.patch index df5179e877..07c6aef9b9 100644 --- a/meta/recipes-devtools/python/python3/0001-Lib-pty.py-handle-stdin-I-O-errors-same-way-as-maste.patch +++ b/meta/recipes-devtools/python/python3/0001-Lib-pty.py-handle-stdin-I-O-errors-same-way-as-maste.patch @@ -1,4 +1,4 @@ -From 86061629f4a179e740a17e53dd2c98ab47af2fe2 Mon Sep 17 00:00:00 2001 +From 7b0a14e7320078ac891d415cab9b7568e3f52ad8 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin Date: Thu, 16 Sep 2021 16:35:37 +0200 Subject: [PATCH] Lib/pty.py: handle stdin I/O errors same way as master I/O @@ -30,18 +30,18 @@ Signed-off-by: Alexander Kanavin 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Lib/pty.py b/Lib/pty.py -index 8d8ce40..35439c6 100644 +index fefb63a..4cef056 100644 --- a/Lib/pty.py +++ b/Lib/pty.py -@@ -154,7 +154,10 @@ def _copy(master_fd, master_read=_read, stdin_read=_read): - os.write(STDOUT_FILENO, data) +@@ -184,7 +184,10 @@ def _copy(master_fd, master_read=_read, stdin_read=_read): + i_buf = i_buf[n:] - if STDIN_FILENO in rfds: + if stdin_avail and STDIN_FILENO in rfds: - data = stdin_read(STDIN_FILENO) + try: + data = stdin_read(STDIN_FILENO) + except OSError: + data = b"" if not data: - fds.remove(STDIN_FILENO) + stdin_avail = False else: diff --git a/meta/recipes-devtools/python/python3/0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch b/meta/recipes-devtools/python/python3/0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch index d5b7ce2b95..a0f3d72992 100644 --- a/meta/recipes-devtools/python/python3/0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch +++ b/meta/recipes-devtools/python/python3/0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch @@ -1,4 +1,4 @@ -From 4ed481f4928c361970e78f27c4d9be8700af176b Mon Sep 17 00:00:00 2001 +From 512c617bd00b74b30a80dd56a12391de46e2b6cf Mon Sep 17 00:00:00 2001 From: Alexander Kanavin Date: Fri, 10 Sep 2021 12:28:31 +0200 Subject: [PATCH] Lib/sysconfig.py: use prefix value from build configuration diff --git a/meta/recipes-devtools/python/python3/12-distutils-prefix-is-inside-staging-area.patch b/meta/recipes-devtools/python/python3/12-distutils-prefix-is-inside-staging-area.patch index 5ee4e4f126..bbdd8b586e 100644 --- a/meta/recipes-devtools/python/python3/12-distutils-prefix-is-inside-staging-area.patch +++ b/meta/recipes-devtools/python/python3/12-distutils-prefix-is-inside-staging-area.patch @@ -1,4 +1,4 @@ -From 4c39252c71d8bca81fdc43753c83a59f8668c619 Mon Sep 17 00:00:00 2001 +From 843574d5a5b0818e83e20f8c0389d567bd4733fb Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Tue, 14 May 2013 15:00:26 -0700 Subject: [PATCH] python3: Add target and native recipes diff --git a/meta/recipes-devtools/python/python3/makerace.patch b/meta/recipes-devtools/python/python3/makerace.patch index 979fc9dc36..c71c1e15de 100644 --- a/meta/recipes-devtools/python/python3/makerace.patch +++ b/meta/recipes-devtools/python/python3/makerace.patch @@ -1,4 +1,4 @@ -From 4f52aaf2a548b3356c6f1369c62b11335dc27464 Mon Sep 17 00:00:00 2001 +From dde5cb74f55b6dd39d25cff639d16940d9dad505 Mon Sep 17 00:00:00 2001 From: Richard Purdie Date: Tue, 13 Jul 2021 23:19:29 +0100 Subject: [PATCH] python3: Fix make race @@ -18,11 +18,11 @@ Signed-off-by: Richard Purdie 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile.pre.in b/Makefile.pre.in -index 7558f0c..8cec819 100644 +index c6d7e85..205af6c 100644 --- a/Makefile.pre.in +++ b/Makefile.pre.in -@@ -2005,7 +2005,7 @@ TESTSUBDIRS= ctypes/test \ - unittest/test unittest/test/testmock +@@ -2045,7 +2045,7 @@ TESTSUBDIRS= ctypes/test \ + unittest/test/testmock TEST_MODULES=@TEST_MODULES@ -libinstall: all $(srcdir)/Modules/xxmodule.c diff --git a/meta/recipes-devtools/python/python3_3.11.3.bb b/meta/recipes-devtools/python/python3_3.11.4.bb similarity index 99% rename from meta/recipes-devtools/python/python3_3.11.3.bb rename to meta/recipes-devtools/python/python3_3.11.4.bb index 0563a0ab9b..41b27094c7 100644 --- a/meta/recipes-devtools/python/python3_3.11.3.bb +++ b/meta/recipes-devtools/python/python3_3.11.4.bb @@ -39,7 +39,7 @@ SRC_URI:append:class-native = " \ file://12-distutils-prefix-is-inside-staging-area.patch \ file://0001-Don-t-search-system-for-headers-libraries.patch \ " -SRC_URI[sha256sum] = "8a5db99c961a7ecf27c75956189c9602c968751f11dbeae2b900dbff1c085b5e" +SRC_URI[sha256sum] = "2f0e409df2ab57aa9fc4cbddfb976af44e4e55bf6f619eee6bc5c2297264a7f6" # exclude pre-releases for both python 2.x and 3.x UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P\d+(\.\d+)+).tar" From patchwork Fri Sep 8 13:46:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 30214 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B8058EE8005 for ; Fri, 8 Sep 2023 13:47:27 +0000 (UTC) Received: from mail-pf1-f172.google.com (mail-pf1-f172.google.com [209.85.210.172]) by mx.groups.io with SMTP id smtpd.web11.39469.1694180842416303027 for ; Fri, 08 Sep 2023 06:47:22 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=JKACI9U9; spf=softfail (domain: sakoman.com, ip: 209.85.210.172, mailfrom: steve@sakoman.com) Received: by mail-pf1-f172.google.com with SMTP id d2e1a72fcca58-68c576d35feso1950620b3a.2 for ; Fri, 08 Sep 2023 06:47:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1694180841; x=1694785641; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=M4sQ9pGC2uTx9IJNrwWYpbcdjT/9zqJBQ3Nf+R9w0D4=; b=JKACI9U9ircz6psGeLK5hFSc1wn7AAiR9Y5qZunFEIdL3bmWkzydvGmcG2ciSlo10d mPV3DnuffP/3LgOeyLqMaquIuvmqc0hU5PSTM8qToFgBGY1ahdzlf0HXSOXXDO/vSpsB OzwHy4hNunFInm31WvDAjbbC9qRmWj479B8ZZIvXtrOLZOiECNGD1sgjDLVWNIHESZ4B q5WZ3VUGjhx2jol2irFc5NoET5w+rMMCpCOxLbahQW9PfbICCzpEEeKwWQzUZ/KtXFY1 eANa4mVtmdP9o5khGIhNxdU2+r9s/NyD14YBi91120ypi8DLc0fUJFIY+BcauYdCmof8 7E5g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694180841; x=1694785641; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=M4sQ9pGC2uTx9IJNrwWYpbcdjT/9zqJBQ3Nf+R9w0D4=; b=RpflrVdv1J4xxoM6RppIsvVN9Mx46rN8rWvV/WbAkreKyBpwqLWV+o/jwWiW/0M9ir xoUiMz11EZY32qCRove+ax9NeOV0I2lN8eVNz1Bo3d4LcdyJYTJ7awa7PYFpO4bPOZWC NzTGsES6ZV598jywxFj5wAy+txnPQhxZ93LOlfAPS/in3v/wxXAb+OKaEVGk6MKndD3B +8sf9loQkvfO243T1qWwj/3v9ZUKvWh5c+JPEOlP74ovFZ2G9rbHBqvxRtZ1JNtRW0s7 CZH1Jeh6tFH72+S+1rjFDYdySakfZ/NSio2i9EVfsBdut5aLwQC6UF/gudtVweOiOSxh zgtQ== X-Gm-Message-State: AOJu0YzaQv7C9FeionquUqkSBD1ngL4XbrZFbsyk5uRwgOLL85FH6RUr fbpHYHeQU55ocL6YTjRjNrP3XVcqnZhAXr9uxpc= X-Google-Smtp-Source: AGHT+IFgcNXBaV+R2vOOIiig2+0MPZTwiNJloavgJTBhZYub3+b4lTMAUlw6+GTPS7gHZLG9Oq0ZyA== X-Received: by 2002:a05:6a20:7fa2:b0:154:6480:8588 with SMTP id d34-20020a056a207fa200b0015464808588mr1983033pzj.0.1694180841582; Fri, 08 Sep 2023 06:47:21 -0700 (PDT) Received: from xps13.. ([65.154.164.134]) by smtp.gmail.com with ESMTPSA id x18-20020a056a00271200b00653fe2d527esm1344828pfv.32.2023.09.08.06.47.20 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 08 Sep 2023 06:47:21 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 7/9] python3: update to 3.11.5 Date: Fri, 8 Sep 2023 03:46:58 -1000 Message-Id: <4a3e3042a0cef3a215d286b0f32be293c3948d1e.1694179812.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 08 Sep 2023 13:47:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/187429 From: Chee Yang Lee upgrade include fix for CVE-2023-40217 Release notes: https://docs.python.org/3/whatsnew/changelog.html#python-3-11-5-final Signed-off-by: Chee Yang Lee Signed-off-by: Steve Sakoman --- .../python/{python3_3.11.4.bb => python3_3.11.5.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-devtools/python/{python3_3.11.4.bb => python3_3.11.5.bb} (99%) diff --git a/meta/recipes-devtools/python/python3_3.11.4.bb b/meta/recipes-devtools/python/python3_3.11.5.bb similarity index 99% rename from meta/recipes-devtools/python/python3_3.11.4.bb rename to meta/recipes-devtools/python/python3_3.11.5.bb index 41b27094c7..b1ab307804 100644 --- a/meta/recipes-devtools/python/python3_3.11.4.bb +++ b/meta/recipes-devtools/python/python3_3.11.5.bb @@ -39,7 +39,7 @@ SRC_URI:append:class-native = " \ file://12-distutils-prefix-is-inside-staging-area.patch \ file://0001-Don-t-search-system-for-headers-libraries.patch \ " -SRC_URI[sha256sum] = "2f0e409df2ab57aa9fc4cbddfb976af44e4e55bf6f619eee6bc5c2297264a7f6" +SRC_URI[sha256sum] = "85cd12e9cf1d6d5a45f17f7afe1cebe7ee628d3282281c492e86adf636defa3f" # exclude pre-releases for both python 2.x and 3.x UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P\d+(\.\d+)+).tar" From patchwork Fri Sep 8 13:46:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 30215 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B709FEE8004 for ; Fri, 8 Sep 2023 13:47:27 +0000 (UTC) Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com [209.85.210.180]) by mx.groups.io with SMTP id smtpd.web10.39146.1694180844209815704 for ; Fri, 08 Sep 2023 06:47:24 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=EXKIm4mz; spf=softfail (domain: sakoman.com, ip: 209.85.210.180, mailfrom: steve@sakoman.com) Received: by mail-pf1-f180.google.com with SMTP id d2e1a72fcca58-68a41035828so1783662b3a.1 for ; Fri, 08 Sep 2023 06:47:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1694180843; x=1694785643; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=c50OZQHuzoVEWxigOk8WH5TAmj4ZkSGGATeWlF3nkU0=; b=EXKIm4mzN/9dCXaeU/s31/RieWVtgnlWg5fejCe3oqK6w+LU024oV1kVZNnysN52/G 2Z1ohHBViGUOA+XVbf3IUJuIBbU0N9KkVpzxo06hlYaVTYHurAi0RAjxIvAtJpP0v5G1 0Cafc0TExFq0b8xKy6Z8NzaMP89IyzJgpPkh2ZTwAeNt0qyet05s9ReRXKJaZWaSEL5Y SL5D5viidnDStbMROqyCkYyKpkazHx886E0lomAMaL+SG4hRChYO4D3MmiZ5RBjdNEnu ciHbs1X7cyA3KVjjZCtcFiI/XMYjEaSXT7drGsPqAsu25B8yfidiZSGVi54q9Ek1VRsl 7m4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694180843; x=1694785643; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=c50OZQHuzoVEWxigOk8WH5TAmj4ZkSGGATeWlF3nkU0=; b=jEU7ns92DBNxevpMIBBnzGeVsY2UJR6T1tay+F8/obL7LyeiDWaAJz/1Bh8ySfqCDe Yb0/3QvH6dwgyoBpRen1G3XHiIxcBTsj39jXSaFVlmo07mDAJhhk4tbU55nagE0x5z40 DxOwE1qDoTw4am51Tg5E/dgthdAUeFl3lZTHICNqFoX0XY2Xw5uXRH6ocNIk1dLVFKD+ pSG7rSqZXVeOjjIkRKqp+MSZVHw4+BJFIpQPkUsCaXoC0RSOSnvH0nCr5OpORmftqlLk 7rDrrlpwBpex/SCkuKH4f8EthJdh/rp81mwGByWOQVb7eEzpqMatURQJm8PD6bbuRRMi xfxQ== X-Gm-Message-State: AOJu0YzzyPRj3WhRn9iVwkM4WRzoEtdDgMMgrg4dg4Wxk0tDsOJMErF1 bj0hxrMovgHj7U+c3NAL476XoEyw+nk3KDHoaA0= X-Google-Smtp-Source: AGHT+IEdL2QHsD8lemy2ymotFLXOktIvX6RSp3CjaY3pkl68fW28fxbKDM0E6NNO2SXFbrGs8W8xuQ== X-Received: by 2002:a05:6a20:8e16:b0:14e:429e:b0e3 with SMTP id y22-20020a056a208e1600b0014e429eb0e3mr3078991pzj.52.1694180843191; Fri, 08 Sep 2023 06:47:23 -0700 (PDT) Received: from xps13.. ([65.154.164.134]) by smtp.gmail.com with ESMTPSA id x18-20020a056a00271200b00653fe2d527esm1344828pfv.32.2023.09.08.06.47.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 08 Sep 2023 06:47:22 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 8/9] go: upgrade 1.20.6 -> 1.20.7 Date: Fri, 8 Sep 2023 03:46:59 -1000 Message-Id: <8397964d5a8d995a06c5c2a34883047546edc077.1694179812.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 08 Sep 2023 13:47:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/187430 From: Sakib Sajal Upgrade to latest 1.20.x release [1]: $ git log --oneline go1.20.6..go1.20.7 origin/release-branch.go1.20 adb775e309 (tag: go1.20.7, origin/release-branch.go1.20) [release-branch.go1.20] go1.20.7 659f2a2207 [release-branch.go1.20] crypto/tls: restrict RSA keys in certificates to <= 8192 bits 10d85fa0f6 [release-branch.go1.20] cmd/asm, cmd/internal/obj: generate proper atomic ops for riscv64 bd3a1f24e7 [release-branch.go1.20] net: tolerate permission errors in interface tests 6211a024b4 [release-branch.go1.20] cmd/compile: on PPC64, fix sign/zero extension when masking [1] https://github.com/golang/go/compare/go1.20.6...go1.20.7 Upgrade include fix for CVE-2023-29409 CVE-2023-39533 (cherry picked from commit 039324d917ed124228a14ac1effdd66b27d9e82b) Signed-off-by: Sakib Sajal Signed-off-by: Alexandre Belloni Signed-off-by: Chee Yang Lee Signed-off-by: Steve Sakoman --- meta/recipes-devtools/go/{go-1.20.6.inc => go-1.20.7.inc} | 2 +- ...o-binary-native_1.20.6.bb => go-binary-native_1.20.7.bb} | 6 +++--- ...cross-canadian_1.20.6.bb => go-cross-canadian_1.20.7.bb} | 0 .../go/{go-cross_1.20.6.bb => go-cross_1.20.7.bb} | 0 .../go/{go-crosssdk_1.20.6.bb => go-crosssdk_1.20.7.bb} | 0 .../go/{go-native_1.20.6.bb => go-native_1.20.7.bb} | 0 .../go/{go-runtime_1.20.6.bb => go-runtime_1.20.7.bb} | 0 meta/recipes-devtools/go/{go_1.20.6.bb => go_1.20.7.bb} | 0 8 files changed, 4 insertions(+), 4 deletions(-) rename meta/recipes-devtools/go/{go-1.20.6.inc => go-1.20.7.inc} (90%) rename meta/recipes-devtools/go/{go-binary-native_1.20.6.bb => go-binary-native_1.20.7.bb} (78%) rename meta/recipes-devtools/go/{go-cross-canadian_1.20.6.bb => go-cross-canadian_1.20.7.bb} (100%) rename meta/recipes-devtools/go/{go-cross_1.20.6.bb => go-cross_1.20.7.bb} (100%) rename meta/recipes-devtools/go/{go-crosssdk_1.20.6.bb => go-crosssdk_1.20.7.bb} (100%) rename meta/recipes-devtools/go/{go-native_1.20.6.bb => go-native_1.20.7.bb} (100%) rename meta/recipes-devtools/go/{go-runtime_1.20.6.bb => go-runtime_1.20.7.bb} (100%) rename meta/recipes-devtools/go/{go_1.20.6.bb => go_1.20.7.bb} (100%) diff --git a/meta/recipes-devtools/go/go-1.20.6.inc b/meta/recipes-devtools/go/go-1.20.7.inc similarity index 90% rename from meta/recipes-devtools/go/go-1.20.6.inc rename to meta/recipes-devtools/go/go-1.20.7.inc index 6277020fec..009a67e89e 100644 --- a/meta/recipes-devtools/go/go-1.20.6.inc +++ b/meta/recipes-devtools/go/go-1.20.7.inc @@ -17,4 +17,4 @@ SRC_URI += "\ file://CVE-2023-24531_1.patch \ file://CVE-2023-24531_2.patch \ " -SRC_URI[main.sha256sum] = "62ee5bc6fb55b8bae8f705e0cb8df86d6453626b4ecf93279e2867092e0b7f70" +SRC_URI[main.sha256sum] = "2c5ee9c9ec1e733b0dbbc2bdfed3f62306e51d8172bf38f4f4e542b27520f597" diff --git a/meta/recipes-devtools/go/go-binary-native_1.20.6.bb b/meta/recipes-devtools/go/go-binary-native_1.20.7.bb similarity index 78% rename from meta/recipes-devtools/go/go-binary-native_1.20.6.bb rename to meta/recipes-devtools/go/go-binary-native_1.20.7.bb index 5b2f8f4352..3decde1954 100644 --- a/meta/recipes-devtools/go/go-binary-native_1.20.6.bb +++ b/meta/recipes-devtools/go/go-binary-native_1.20.7.bb @@ -9,9 +9,9 @@ PROVIDES = "go-native" # Checksums available at https://go.dev/dl/ SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}" -SRC_URI[go_linux_amd64.sha256sum] = "b945ae2bb5db01a0fb4786afde64e6fbab50b67f6fa0eb6cfa4924f16a7ff1eb" -SRC_URI[go_linux_arm64.sha256sum] = "4e15ab37556e979181a1a1cc60f6d796932223a0f5351d7c83768b356f84429b" -SRC_URI[go_linux_ppc64le.sha256sum] = "a1b91a42a40bba54bfd5c96c23d72250e0c424038d0d2b5c7950b828b4905822" +SRC_URI[go_linux_amd64.sha256sum] = "f0a87f1bcae91c4b69f8dc2bc6d7e6bfcd7524fceec130af525058c0c17b1b44" +SRC_URI[go_linux_arm64.sha256sum] = "44781ae3b153c3b07651d93b6bc554e835a36e2d72a696281c1e4dad9efffe43" +SRC_URI[go_linux_ppc64le.sha256sum] = "6318a1db307c12b8afe68808bd6fae4fba1e558a85b958216096869ed506dcb3" UPSTREAM_CHECK_URI = "https://golang.org/dl/" UPSTREAM_CHECK_REGEX = "go(?P\d+(\.\d+)+)\.linux" diff --git a/meta/recipes-devtools/go/go-cross-canadian_1.20.6.bb b/meta/recipes-devtools/go/go-cross-canadian_1.20.7.bb similarity index 100% rename from meta/recipes-devtools/go/go-cross-canadian_1.20.6.bb rename to meta/recipes-devtools/go/go-cross-canadian_1.20.7.bb diff --git a/meta/recipes-devtools/go/go-cross_1.20.6.bb b/meta/recipes-devtools/go/go-cross_1.20.7.bb similarity index 100% rename from meta/recipes-devtools/go/go-cross_1.20.6.bb rename to meta/recipes-devtools/go/go-cross_1.20.7.bb diff --git a/meta/recipes-devtools/go/go-crosssdk_1.20.6.bb b/meta/recipes-devtools/go/go-crosssdk_1.20.7.bb similarity index 100% rename from meta/recipes-devtools/go/go-crosssdk_1.20.6.bb rename to meta/recipes-devtools/go/go-crosssdk_1.20.7.bb diff --git a/meta/recipes-devtools/go/go-native_1.20.6.bb b/meta/recipes-devtools/go/go-native_1.20.7.bb similarity index 100% rename from meta/recipes-devtools/go/go-native_1.20.6.bb rename to meta/recipes-devtools/go/go-native_1.20.7.bb diff --git a/meta/recipes-devtools/go/go-runtime_1.20.6.bb b/meta/recipes-devtools/go/go-runtime_1.20.7.bb similarity index 100% rename from meta/recipes-devtools/go/go-runtime_1.20.6.bb rename to meta/recipes-devtools/go/go-runtime_1.20.7.bb diff --git a/meta/recipes-devtools/go/go_1.20.6.bb b/meta/recipes-devtools/go/go_1.20.7.bb similarity index 100% rename from meta/recipes-devtools/go/go_1.20.6.bb rename to meta/recipes-devtools/go/go_1.20.7.bb From patchwork Fri Sep 8 13:47:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 30213 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C839DEE8007 for ; Fri, 8 Sep 2023 13:47:27 +0000 (UTC) Received: from mail-pf1-f169.google.com (mail-pf1-f169.google.com [209.85.210.169]) by mx.groups.io with SMTP id smtpd.web10.39147.1694180846125108406 for ; Fri, 08 Sep 2023 06:47:26 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=EFa+v4VF; spf=softfail (domain: sakoman.com, ip: 209.85.210.169, mailfrom: steve@sakoman.com) Received: by mail-pf1-f169.google.com with SMTP id d2e1a72fcca58-68e3083aa1dso1961849b3a.1 for ; Fri, 08 Sep 2023 06:47:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1694180845; x=1694785645; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=f/N/udGn6sNecScK3cObMOu0ZKZhmOhVngaykRJTIcY=; b=EFa+v4VFNtGljLflwbJ+0tTsj39hQoQUB4HgOtUullXjF+FAJgapZObQbGFVZ84r90 IL0LHDNrOkbc0eH1wQcz1L93Ah3jMEjZIeiVWW6jXgJvVwBr/INqgZtZtOL2gwFUi+ro bQDXu2YDUDYRyLtAGTcwHnOuHg669lYomfO2VjMycwNhF37UQiQu0QiJQZ+hUnqjZojZ +1LMLosu6GnZ5ycvEIsOA9ntqkxtk4tfuEr9e0gl+OIq2zbIJwnmcfHPt9zThZQtqN6b 2r6YJoEDfSvfhjkHsVOpAvwY4ySLkeRI8QLzcehi2ti3cDrjfbnoTDEF4bVdZD09djqe LSsQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1694180845; x=1694785645; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=f/N/udGn6sNecScK3cObMOu0ZKZhmOhVngaykRJTIcY=; b=BS00oSXlz7jV5K/Xr35DdmafX/8PIA+8kkUvO1o7JYWHrmnK7HoMAojqYfyUKvLSz1 Z4QDyQ1u/lfffhM5maWUHwUH8XMTHR6v440snBtFOSmYgfE027Eyo3LaTDz6O4W1qe7Q Lx2SinlTH6Fg0MHfECiczrQbUrqGWsaQF7Ov40FU9h2/VaNZMbv+Ghnoma0wf1kXQ/Bu NP/3GxPA+xF8i+W6FQEcCzwn6JDjxuwPCDTHo37NzdHyKqA3SlmIH36XdtDK5qtUoWzv WOWzah34NYHCCxvmyPX82Y3KTkJ4tHjkYTiheCDBzR4wx0mEpDPUE3fxAGraCIN5+xwu D9Ow== X-Gm-Message-State: AOJu0YywoDlAHpl7sF2p/lRkER/BKlpTnf2lGZDHm3vEkieTCW/msL35 BHTbO8xzB9fwLUqJsz4WLdkP8p0P/xH4MvL/d28= X-Google-Smtp-Source: AGHT+IFobXSNLuZL16W0XGrrLnZPf+BdG698fHSSlBFI0NBIBQqGAsyfmohCLtd5VBGsuCgJwf76Gg== X-Received: by 2002:a05:6a00:15c9:b0:68e:3eab:9e17 with SMTP id o9-20020a056a0015c900b0068e3eab9e17mr2558025pfu.34.1694180845185; Fri, 08 Sep 2023 06:47:25 -0700 (PDT) Received: from xps13.. ([65.154.164.134]) by smtp.gmail.com with ESMTPSA id x18-20020a056a00271200b00653fe2d527esm1344828pfv.32.2023.09.08.06.47.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 08 Sep 2023 06:47:24 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][mickledore 9/9] yocto-uninative: Update to 4.3 Date: Fri, 8 Sep 2023 03:47:00 -1000 Message-Id: <055b7acd73a591cb529629a780558cc0f5b19456.1694179812.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 08 Sep 2023 13:47:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/187431 From: Michael Halstead Add in stable updates to glibc 2.38 to fix malloc bugs Signed-off-by: Michael Halstead Signed-off-by: Richard Purdie (cherry picked from commit 39f987fcb20ad7c0e45425b9f508d463c50ce0c1) Signed-off-by: Steve Sakoman --- meta/conf/distro/include/yocto-uninative.inc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/meta/conf/distro/include/yocto-uninative.inc b/meta/conf/distro/include/yocto-uninative.inc index 6596c0f4a2..eaa3e9b31c 100644 --- a/meta/conf/distro/include/yocto-uninative.inc +++ b/meta/conf/distro/include/yocto-uninative.inc @@ -7,9 +7,9 @@ # UNINATIVE_MAXGLIBCVERSION = "2.38" -UNINATIVE_VERSION = "4.2" +UNINATIVE_VERSION = "4.3" UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/${UNINATIVE_VERSION}/" -UNINATIVE_CHECKSUM[aarch64] ?= "cff40e7bdde50aeda06707af8c001796a71b4cf33c5ae1616e5c47943ff6b94e" -UNINATIVE_CHECKSUM[i686] ?= "a70516447e9a9f1465ffaf1c7f89e79d1692d2356d86fd2a5a63acd908db1ff2" -UNINATIVE_CHECKSUM[x86_64] ?= "6a86d71eeafba4fefec600c9bf8cf4a01324d1eb52788b6e398d3f23c10d19fb" +UNINATIVE_CHECKSUM[aarch64] ?= "8df05f4a41455018b4303b2e0ea4eac5c960b5a13713f6dbb33dfdb3e32753ec" +UNINATIVE_CHECKSUM[i686] ?= "bea76b4a97c9ba0077c0dd1295f519cd599dbf71f0ca1c964471c4cdb043addd" +UNINATIVE_CHECKSUM[x86_64] ?= "1c35f09a75c4096749bbe1e009df4e3968cde151424062cf4aa3ed89db22b030"