| Message ID | 20240312075336.2895321-1-meenali.gupta@windriver.com |
|---|---|
| State | Changes Requested |
| Delegated to: | Steve Sakoman |
| Headers | show |
| Series | [kirkstone,1/1] expat: Upgrade to 2.6.0 | expand |
On Tue, Mar 12, 2024, 03:54 Meenali Gupta via lists.openembedded.org <meenali.gupta=windriver.com@lists.openembedded.org> wrote: > From: Meenali Gupta <meenali.gupta@windriver.com> > > Package and run benchmark as part of ptest > This is a major release As explained in: https://lists.openembedded.org/g/openembedded-core/message/196837 we can't do major release updates on kirkstone so please checkout the Debian back-port mentioned in the other thread. Thanks, ../Randy with following changes [1] > > ChangeLog: > https://github.com/libexpat/libexpat/blob/R_2_6_1/expat/Changes > > Security fixes: > #789 #814 CVE-2023-52425 -- Fix quadratic runtime issues with big > tokens > that can cause denial of service, in partial where > dealing with compressed XML input. Applications > that parsed a document in one go -- a single call to > functions XML_Parse or XML_ParseBuffer -- were not > affected. > The smaller the chunks/buffers you use for parsing > previously, the bigger the problem prior to the fix. > Backporters should be careful to no omit parts of > pull request #789 and to include earlier pull request > #771, > in order to not break the fix. > #777 CVE-2023-52426 -- Fix billion laughs attacks for users > compiling *without* XML_DTD defined (which is not > common). > Users with XML_DTD defined have been protected since > Expat >=2.4.0 (and that was CVE-2013-0340 back then). > > Bug fixes: > #753 Fix parse-size-dependent "invalid token" error for > external entities that start with a byte order mark > #780 Fix NULL pointer dereference in setContext via > XML_ExternalEntityParserCreate for compilation with > XML_DTD undefined > #812 #813 Protect against closing entities out of order > > Other changes: > #723 Improve support for arc4random/arc4random_buf > #771 #788 Improve buffer growth in XML_GetBuffer and XML_Parse > #761 #770 xmlwf: Support --help and --version > #759 #770 xmlwf: Support custom buffer size for XML_GetBuffer and > read > #744 xmlwf: Improve language and URL clickability in help > output > #673 examples: Add new example "element_declarations.c" > #764 Be stricter about macro XML_CONTEXT_BYTES at build time > #765 Make inclusion to expat_config.h consistent > #726 #727 Autotools: configure.ac: Support > --disable-maintainer-mode > #678 #705 .. > #706 #733 #792 Autotools: Sync CMake templates with CMake 3.26 > #795 Autotools: Make installation of shipped man page > doc/xmlwf.1 > independent of docbook2man availability > #815 Autotools|CMake: Add missing -DXML_STATIC to pkg-config > file > section "Cflags.private" in order to fix compilation > against static libexpat using pkg-config on Windows > #724 #751 Autotools|CMake: Require a C99 compiler > (a de-facto requirement already since Expat 2.2.2 of > 2017) > #793 Autotools|CMake: Fix PACKAGE_BUGREPORT variable > #750 #786 Autotools|CMake: Make test suite require a C++11 compiler > #749 CMake: Require CMake >=3.5.0 > #672 CMake: Lowercase off_t and size_t to help a bug in Meson > #746 CMake: Sort xmlwf sources alphabetically > #785 CMake|Windows: Fix generation of DLL file version info > #790 CMake: Build tests/benchmark/benchmark.c as well for > a build with -DEXPAT_BUILD_TESTS=ON > #745 #757 docs: Document the importance of isFinal + adjust tests > accordingly > #736 docs: Improve use of "NULL" and "null" > #713 docs: Be specific about version of XML (XML 1.0r4) > and version of C (C99); (XML 1.0r5 will need a > sponsor.) > #762 docs: reference.html: Promote function XML_ParseBuffer > more > #779 docs: reference.html: Add HTML anchors to XML_* macros > #760 docs: reference.html: Upgrade to OK.css 1.2.0 > #763 #739 docs: Fix typos > #696 docs|CI: Use HTTPS URLs instead of HTTP at various places > #669 #670 .. > #692 #703 .. > #733 #772 Address compiler warnings > #798 #800 Address clang-tidy warnings > #775 #776 Version info bumped from 9:10:8 (libexpat*.so.1.8.10) > to 10:0:9 (libexpat*.so.1.9.0); see > https://verbump.de/ > for what these numbers do > > Infrastructure: > #700 #701 docs: Document security policy in file SECURITY.md > #766 docs: Improve parse buffer variables in-code > documentation > #674 #738 .. > #740 #747 .. > #748 #781 #782 Refactor coverage and conformance tests > #714 #716 Refactor debug level variables to unsigned long > #671 Improve handling of empty environment variable value > in function getDebugLevel (without visible user effect) > #755 #774 .. > #758 #783 .. > #784 #787 tests: Improve test coverage with regard to parse chunk > size > #660 #797 #801 Fuzzing: Improve fuzzing coverage > #367 #799 Fuzzing|CI: Start running OSS-Fuzz fuzzing regression > tests > #698 #721 CI: Resolve some Travis CI leftovers > #669 CI: Be robust towards absence of Git tags > #693 #694 CI: Set permissions to "contents: read" for security > #709 CI: Pin all GitHub Actions to specific commits for > security > #739 CI: Reject spelling errors using codespell > #798 CI: Enforce clang-tidy clean code > #773 #808 .. > #809 #810 CI: Upgrade Clang from 15 to 18 > #796 CI: Start using Clang's Control Flow Integrity sanitizer > #675 #720 #722 CI: Adapt to breaking changes in GitHub Actions Ubuntu > images > #689 CI: Adapt to breaking changes in Clang/LLVM Debian > packaging > #763 CI: Adapt to breaking changes in codespell > #803 CI: Adapt to breaking changes in Cppcheck > > Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com> > --- > meta/recipes-core/expat/expat/run-ptest | 2 +- > meta/recipes-core/expat/{expat_2.5.0.bb => expat_2.6.0.bb} | 5 +++-- > 2 files changed, 4 insertions(+), 3 deletions(-) > rename meta/recipes-core/expat/{expat_2.5.0.bb => expat_2.6.0.bb} (81%) > > diff --git a/meta/recipes-core/expat/expat/run-ptest > b/meta/recipes-core/expat/expat/run-ptest > index dbf602ca80..ff7986db3c 100644 > --- a/meta/recipes-core/expat/expat/run-ptest > +++ b/meta/recipes-core/expat/expat/run-ptest > @@ -5,5 +5,5 @@ TIME=$(which time) > echo "runtests" > ${TIME} -f 'Execution time: %e s' bash -c "./runtests -v" > echo "runtestspp" > -${TIME} -f 'Execution time: %e s' bash -c "./runtestspp -v" > +${TIME} -f 'Execution time: %e s' bash -c "./runtests_cxx -v" > echo > diff --git a/meta/recipes-core/expat/expat_2.5.0.bb > b/meta/recipes-core/expat/expat_2.6.0.bb > similarity index 81% > rename from meta/recipes-core/expat/expat_2.5.0.bb > rename to meta/recipes-core/expat/expat_2.6.0.bb > index 7080f934d1..bdc405148b 100644 > --- a/meta/recipes-core/expat/expat_2.5.0.bb > +++ b/meta/recipes-core/expat/expat_2.6.0.bb > @@ -14,7 +14,7 @@ SRC_URI = " > https://github.com/libexpat/libexpat/releases/download/R_${VERSION_TA > > UPSTREAM_CHECK_URI = "https://github.com/libexpat/libexpat/releases/" > > -SRC_URI[sha256sum] = > "6f0e6e01f7b30025fa05c85fdad1e5d0ec7fd35d9f61b22f34998de11969ff67" > +SRC_URI[sha256sum] = > "ff60e6a6b6ce570ae012dc7b73169c7fdf4b6bf08c12ed0ec6f55736b78d85ba" > > EXTRA_OECMAKE:class-native += "-DEXPAT_BUILD_DOCS=OFF" > > @@ -23,7 +23,8 @@ RDEPENDS:${PN}-ptest += "bash" > inherit cmake lib_package ptest > > do_install_ptest:class-target() { > - install -m 755 ${B}/tests/* ${D}${PTEST_PATH} > + install -m 755 ${B}/tests/runtests* ${D}${PTEST_PATH} > + install -m 755 ${B}/tests/benchmark/benchmark ${D}${PTEST_PATH} > } > > BBCLASSEXTEND += "native nativesdk" > -- > 2.40.0 > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#196972): > https://lists.openembedded.org/g/openembedded-core/message/196972 > Mute This Topic: https://lists.openembedded.org/mt/104880559/953399 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [ > rwmacleod@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- > >
diff --git a/meta/recipes-core/expat/expat/run-ptest b/meta/recipes-core/expat/expat/run-ptest index dbf602ca80..ff7986db3c 100644 --- a/meta/recipes-core/expat/expat/run-ptest +++ b/meta/recipes-core/expat/expat/run-ptest @@ -5,5 +5,5 @@ TIME=$(which time) echo "runtests" ${TIME} -f 'Execution time: %e s' bash -c "./runtests -v" echo "runtestspp" -${TIME} -f 'Execution time: %e s' bash -c "./runtestspp -v" +${TIME} -f 'Execution time: %e s' bash -c "./runtests_cxx -v" echo diff --git a/meta/recipes-core/expat/expat_2.5.0.bb b/meta/recipes-core/expat/expat_2.6.0.bb similarity index 81% rename from meta/recipes-core/expat/expat_2.5.0.bb rename to meta/recipes-core/expat/expat_2.6.0.bb index 7080f934d1..bdc405148b 100644 --- a/meta/recipes-core/expat/expat_2.5.0.bb +++ b/meta/recipes-core/expat/expat_2.6.0.bb @@ -14,7 +14,7 @@ SRC_URI = "https://github.com/libexpat/libexpat/releases/download/R_${VERSION_TA UPSTREAM_CHECK_URI = "https://github.com/libexpat/libexpat/releases/" -SRC_URI[sha256sum] = "6f0e6e01f7b30025fa05c85fdad1e5d0ec7fd35d9f61b22f34998de11969ff67" +SRC_URI[sha256sum] = "ff60e6a6b6ce570ae012dc7b73169c7fdf4b6bf08c12ed0ec6f55736b78d85ba" EXTRA_OECMAKE:class-native += "-DEXPAT_BUILD_DOCS=OFF" @@ -23,7 +23,8 @@ RDEPENDS:${PN}-ptest += "bash" inherit cmake lib_package ptest do_install_ptest:class-target() { - install -m 755 ${B}/tests/* ${D}${PTEST_PATH} + install -m 755 ${B}/tests/runtests* ${D}${PTEST_PATH} + install -m 755 ${B}/tests/benchmark/benchmark ${D}${PTEST_PATH} } BBCLASSEXTEND += "native nativesdk"