[dunfell,18/23] apr-util: update 1.6.1 -> 1.6.3

Message ID	9eb027bebb19bfb0fb136169e865ca269890fa6f.1678228988.git.steve@sakoman.com
State	Accepted, archived
Commit	9eb027bebb19bfb0fb136169e865ca269890fa6f
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.210.179, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 18/23] apr-util: update 1.6.1 -> 1.6.3 Date: Tue, 7 Mar 2023 12:47:52 -1000 Message-Id: <9eb027bebb19bfb0fb136169e865ca269890fa6f.1678228988.git.steve@sakoman.com> In-Reply-To: <cover.1678228988.git.steve@sakoman.com> References: <cover.1678228988.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[dunfell,01/23] curl: fix CVE-2022-43552 Use-after-free triggered by an HTTP proxy deny response \| expand [dunfell,01/23] curl: fix CVE-2022-43552 Use-after-free triggered by an HTTP proxy deny response [dunfell,02/23] tiff: fix multiple CVEs [dunfell,03/23] git: Security fix for CVE-2022-41903 [dunfell,04/23] bluez5: Exclude CVE-2022-39177 from cve-check [dunfell,05/23] glibc: Security fix for CVE-2023-0687 [dunfell,06/23] tar: CVE-2022-48303 [dunfell,07/23] vim: update 9.0.1211 -> 9.0.1293 to resolve open CVEs [dunfell,08/23] linux-firmware: upgrade 20221214 -> 20230117 [dunfell,09/23] linux-firmware: properly set license for all Qualcomm firmware [dunfell,10/23] linux-firmware: add yamato fw files to qcom-adreno-a2xx package [dunfell,11/23] linux-firmware: upgrade 20230117 -> 20230210 [dunfell,12/23] wireless-regdb: upgrade 2022.08.12 -> 2023.02.13 [dunfell,13/23] apr: Fix to work with autoconf 2.70 [dunfell,14/23] apr: Use correct strerror_r implementation based on libc type [dunfell,15/23] apr: Cache configure tests which use AC_TRY_RUN [dunfell,16/23] apr: update 1.7.0 -> 1.7.2 [dunfell,17/23] apr-util: Fix CFLAGS used in build [dunfell,18/23] apr-util: update 1.6.1 -> 1.6.3 [dunfell,19/23] openssl: upgrade 1.1.1s to 1.1.1t [dunfell,20/23] gcc: Fix inconsistent noexcept specifier for valarray in libstdc++ [dunfell,21/23] kernel-yocto: fix kernel-meta data detection [dunfell,22/23] image.bbclass: print all QA functions exceptions [dunfell,23/23] devshell: Do not add scripts/git-intercept to PATH

Message ID

9eb027bebb19bfb0fb136169e865ca269890fa6f.1678228988.git.steve@sakoman.com

State

Accepted, archived

Commit

9eb027bebb19bfb0fb136169e865ca269890fa6f

Headers

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 18/23] apr-util: update 1.6.1 -> 1.6.3
Date: Tue,  7 Mar 2023 12:47:52 -1000
Message-Id: 
 <9eb027bebb19bfb0fb136169e865ca269890fa6f.1678228988.git.steve@sakoman.com>
In-Reply-To: <cover.1678228988.git.steve@sakoman.com>
References: <cover.1678228988.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[dunfell,01/23] curl: fix CVE-2022-43552 Use-after-free triggered by an HTTP proxy deny response | expand

Commit Message

Steve Sakoman March 7, 2023, 10:47 p.m. UTC

From: Alexander Kanavin <alex.kanavin@gmail.com>

Changes with APR-util 1.6.3

  *) Correct a packaging issue in 1.6.2. The contents of the release were
     correct, but the top level directory was misnamed.

Changes with APR-util 1.6.2

  *) SECURITY: CVE-2022-25147 (cve.mitre.org)
     Integer Overflow or Wraparound vulnerability in apr_base64 functions
     of Apache Portable Runtime Utility (APR-util) allows an attacker to
     write beyond bounds of a buffer.

  *) Teach configure how to find and build against MariaDB 10.2. PR 61517
     [Kris Karas <bugs-a17 moonlit-rail.com>]

  *) apr_crypto_commoncrypto: Remove stray reference to -lcrypto that
     prevented commoncrypto being enabled. [Graham Leggett]

  *) Add --tag=CC to libtool invocations. PR 62640. [Michael Osipov]

  *) apr_dbm_gdbm: Fix handling of error codes. This makes gdbm 1.14 work.
     apr_dbm_gdbm will now also return error codes starting with
     APR_OS_START_USEERR, as apr_dbm_berkleydb does, instead of always
     returning APR_EGENERAL. [Stefan Fritsch]

Drop backport.

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit dca707f9fecc805503e17f6db3e4c88069ac0125)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit 43cd36b178ebb602edd5919c26f8b8642736a3a8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit e24b38a14b3520648ec418783fb74fcf61df7ff2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../0001-Fix-error-handling-in-gdbm.patch     | 135 ------------------
 .../{apr-util_1.6.1.bb => apr-util_1.6.3.bb}  |   6 +-
 2 files changed, 2 insertions(+), 139 deletions(-)
 delete mode 100644 meta/recipes-support/apr/apr-util/0001-Fix-error-handling-in-gdbm.patch
 rename meta/recipes-support/apr/{apr-util_1.6.1.bb => apr-util_1.6.3.bb} (94%)

diff --git a/meta/recipes-support/apr/apr-util/0001-Fix-error-handling-in-gdbm.patch b/meta/recipes-support/apr/apr-util/0001-Fix-error-handling-in-gdbm.patch
deleted file mode 100644
index 57e7453312..0000000000
--- a/meta/recipes-support/apr/apr-util/0001-Fix-error-handling-in-gdbm.patch
+++ /dev/null
@@ -1,135 +0,0 @@ 
-From 6b638fa9afbeb54dfa19378e391465a5284ce1ad Mon Sep 17 00:00:00 2001
-From: Changqing Li <changqing.li@windriver.com>
-Date: Wed, 12 Sep 2018 17:16:36 +0800
-Subject: [PATCH] Fix error handling in gdbm
-
-Only check for gdbm_errno if the return value of the called gdbm_*
-function says so. This fixes apr-util with gdbm 1.14, which does not
-seem to always reset gdbm_errno.
-
-Also make the gdbm driver return error codes starting with
-APR_OS_START_USEERR instead of always returning APR_EGENERAL. This is
-what the berkleydb driver already does.
-
-Also ensure that dsize is 0 if dptr == NULL.
-
-Upstream-Status: Backport[https://svn.apache.org/viewvc?
-view=revision&amp;revision=1825311]
-
-Signed-off-by: Changqing Li <changqing.li@windriver.com>
----
- dbm/apr_dbm_gdbm.c | 47 +++++++++++++++++++++++++++++------------------
- 1 file changed, 29 insertions(+), 18 deletions(-)
-
-diff --git a/dbm/apr_dbm_gdbm.c b/dbm/apr_dbm_gdbm.c
-index 749447a..1c86327 100644
---- a/dbm/apr_dbm_gdbm.c
-+++ b/dbm/apr_dbm_gdbm.c
-@@ -36,13 +36,25 @@
- static apr_status_t g2s(int gerr)
- {
-     if (gerr == -1) {
--        /* ### need to fix this */
--        return APR_EGENERAL;
-+        if (gdbm_errno == GDBM_NO_ERROR)
-+           return APR_SUCCESS;
-+        return APR_OS_START_USEERR + gdbm_errno;
-     }
- 
-     return APR_SUCCESS;
- }
- 
-+static apr_status_t gdat2s(datum d)
-+{
-+    if (d.dptr == NULL) {
-+        if (gdbm_errno == GDBM_NO_ERROR || gdbm_errno == GDBM_ITEM_NOT_FOUND)
-+           return APR_SUCCESS;
-+        return APR_OS_START_USEERR + gdbm_errno;
-+   }
-+
-+    return APR_SUCCESS;
-+}
-+
- static apr_status_t datum_cleanup(void *dptr)
- {
-     if (dptr)
-@@ -53,22 +65,15 @@ static apr_status_t datum_cleanup(void *dptr)
- 
- static apr_status_t set_error(apr_dbm_t *dbm, apr_status_t dbm_said)
- {
--    apr_status_t rv = APR_SUCCESS;
- 
--    /* ### ignore whatever the DBM said (dbm_said); ask it explicitly */
-+    dbm->errcode = dbm_said;  
- 
--    if ((dbm->errcode = gdbm_errno) == GDBM_NO_ERROR) {
-+    if (dbm_said == APR_SUCCESS)
-         dbm->errmsg = NULL;
--    }
--    else {
--        dbm->errmsg = gdbm_strerror(gdbm_errno);
--        rv = APR_EGENERAL;        /* ### need something better */
--    }
--
--    /* captured it. clear it now. */
--    gdbm_errno = GDBM_NO_ERROR;
-+    else
-+        dbm->errmsg = gdbm_strerror(dbm_said - APR_OS_START_USEERR);
- 
--    return rv;
-+    return dbm_said;
- }
- 
- /* --------------------------------------------------------------------------
-@@ -107,7 +112,7 @@ static apr_status_t vt_gdbm_open(apr_dbm_t **pdb, const char *pathname,
-                      NULL);
- 
-     if (file == NULL)
--        return APR_EGENERAL;      /* ### need a better error */
-+        return APR_OS_START_USEERR + gdbm_errno;   /* ### need a better error */
- 
-     /* we have an open database... return it */
-     *pdb = apr_pcalloc(pool, sizeof(**pdb));
-@@ -141,10 +146,12 @@ static apr_status_t vt_gdbm_fetch(apr_dbm_t *dbm, apr_datum_t key,
-     if (pvalue->dptr)
-         apr_pool_cleanup_register(dbm->pool, pvalue->dptr, datum_cleanup,
-                                   apr_pool_cleanup_null);
-+    else
-+       pvalue->dsize = 0;
- 
-     /* store the error info into DBM, and return a status code. Also, note
-        that *pvalue should have been cleared on error. */
--    return set_error(dbm, APR_SUCCESS);
-+    return set_error(dbm, gdat2s(rd));
- }
- 
- static apr_status_t vt_gdbm_store(apr_dbm_t *dbm, apr_datum_t key,
-@@ -201,9 +208,11 @@ static apr_status_t vt_gdbm_firstkey(apr_dbm_t *dbm, apr_datum_t *pkey)
-     if (pkey->dptr)
-         apr_pool_cleanup_register(dbm->pool, pkey->dptr, datum_cleanup,
-                                   apr_pool_cleanup_null);
-+    else
-+        pkey->dsize = 0;
- 
-     /* store any error info into DBM, and return a status code. */
--    return set_error(dbm, APR_SUCCESS);
-+    return set_error(dbm, gdat2s(rd));
- }
- 
- static apr_status_t vt_gdbm_nextkey(apr_dbm_t *dbm, apr_datum_t *pkey)
-@@ -221,9 +230,11 @@ static apr_status_t vt_gdbm_nextkey(apr_dbm_t *dbm, apr_datum_t *pkey)
-     if (pkey->dptr)
-         apr_pool_cleanup_register(dbm->pool, pkey->dptr, datum_cleanup,
-                                   apr_pool_cleanup_null);
-+    else
-+       pkey->dsize = 0;
- 
-     /* store any error info into DBM, and return a status code. */
--    return set_error(dbm, APR_SUCCESS);
-+    return set_error(dbm, gdat2s(rd));
- }
- 
- static void vt_gdbm_freedatum(apr_dbm_t *dbm, apr_datum_t data)
--- 
-2.7.4
-
diff --git a/meta/recipes-support/apr/apr-util_1.6.1.bb b/meta/recipes-support/apr/apr-util_1.6.3.bb
similarity index 94%
rename from meta/recipes-support/apr/apr-util_1.6.1.bb
rename to meta/recipes-support/apr/apr-util_1.6.3.bb
index 4e183ca374..3d9d619c7b 100644
--- a/meta/recipes-support/apr/apr-util_1.6.1.bb
+++ b/meta/recipes-support/apr/apr-util_1.6.3.bb
@@ -13,11 +13,9 @@  SRC_URI = "${APACHE_MIRROR}/apr/${BPN}-${PV}.tar.gz \
            file://configfix.patch \
            file://configure_fixes.patch \
            file://run-ptest \
-           file://0001-Fix-error-handling-in-gdbm.patch \
-"
+           "
 
-SRC_URI[md5sum] = "bd502b9a8670a8012c4d90c31a84955f"
-SRC_URI[sha256sum] = "b65e40713da57d004123b6319828be7f1273fbc6490e145874ee1177e112c459"
+SRC_URI[sha256sum] = "2b74d8932703826862ca305b094eef2983c27b39d5c9414442e9976a9acf1983"
 
 EXTRA_OECONF = "--with-apr=${STAGING_BINDIR_CROSS}/apr-1-config \
 		--without-odbc \

[dunfell,18/23] apr-util: update 1.6.1 -> 1.6.3

Commit Message

Patch