From patchwork Sat Jan 15 14:27:44 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: akuster808 <akuster808@gmail.com>
X-Patchwork-Id: 2496
Return-Path: <akuster808@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 75FEBC433EF
	for <webhook@archiver.kernel.org>; Sat, 15 Jan 2022 14:27:59 +0000 (UTC)
Received: from mail-pj1-f45.google.com (mail-pj1-f45.google.com
 [209.85.216.45])
 by mx.groups.io with SMTP id smtpd.web08.7643.1642256878806053154
 for <openembedded-devel@lists.openembedded.org>;
 Sat, 15 Jan 2022 06:27:58 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20210112 header.b=MeDhqqqq;
 spf=pass (domain: gmail.com, ip: 209.85.216.45,
 mailfrom: akuster808@gmail.com)
Received: by mail-pj1-f45.google.com with SMTP id
 l16-20020a17090a409000b001b2e9628c9cso16909760pjg.4
        for <openembedded-devel@lists.openembedded.org>;
 Sat, 15 Jan 2022 06:27:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:subject:date:message-id:in-reply-to:references:mime-version
         :content-transfer-encoding;
        bh=il8VWTvloA8FZUiyXDNdkvkmGPZYIEGNbF+kPczLHZM=;
        b=MeDhqqqqqAYZIJSxGBADGi8Dy643h+//xB3LVdGi4uXDdJypJiFlfNJDlm/1d2YGb9
         g4emwQUUntvkPt7G/sy57wY6lS5kAlZw4FHQuEtUvW326H9/SlQH7Py9UxW2YT4nKQnv
         1W1U4FW9ktKZsvdTvvC8CbcXSZcV+KZ98FXQq/qcG21Y2f4TCcv6cKJ2dwsu6rsBmMCB
         ObC21YV9RVCei9/xIcOw+3YSKFsD/x1SKy/Erf3Bmw1HuHiuOp9XbbxgrruPdyLpK3fT
         AvGzMX6+8VvX9Nb3WKDzyXtBnpaXjQGOiRUHV27eWELJVm7r6IT4+VR5fc9nFnmsR+fg
         RXeg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=il8VWTvloA8FZUiyXDNdkvkmGPZYIEGNbF+kPczLHZM=;
        b=02AwA2UvNy5WLr3zCcp+rB44NjZUrzTjr6wIxHErsMNTUiOdXUk+3l0dAXAYI1B+AN
         /iqr1l3XAeJc539tdceLFs99YdbIyduwOIwVyEciHWPLargzjsf+BPWHTgkVichx7nI+
         jkNZVNnK3l2DPnhrJOH2XbyDhMd8oihwKvehfrzi8+9w3x820qf9K2eBTY4YMXmdjrNL
         2GfwrvtTLQz8dLbLl1+u5DBsvWkfMTycqy+Pn5z3RxNM4I66NUJHVXqwARwlsOu85F7O
         CGIPZixmKHW89x8NYz2XFHQ9tw7G8myYiS0JvPavSB7cu8ORum1930WbJrYYy+kRyL5L
         x+nA==
X-Gm-Message-State: AOAM530/6tDZ3eDCk63xGdZsQhFNf8WeCrnvkCJRXEVs936hrx+gOPzv
	6aHZDHtj544xyMMFavTRm4ikC0QMCKSm6A==
X-Google-Smtp-Source: 
 ABdhPJx3yvybbI5BuGxJsfi2I3Z2+IrEnAZZNX9E3KzUJzxsO4E/Y5KHzBVtNDqazYLuQFWeXf6fVw==
X-Received: by 2002:a17:902:d883:b0:14a:4ba5:6e72 with SMTP id
 b3-20020a170902d88300b0014a4ba56e72mr14368651plz.27.1642256878205;
        Sat, 15 Jan 2022 06:27:58 -0800 (PST)
Received: from keaua.caveonetworks.com
 ([2601:202:4180:a5c0:7ab9:6507:6566:58c8])
        by smtp.gmail.com with ESMTPSA id
 k20sm8606779pfk.111.2022.01.15.06.27.57
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 15 Jan 2022 06:27:57 -0800 (PST)
From: Armin Kuster <akuster808@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [hardknott 01/11] syslog-ng: adjust control socket location
Date: Sat, 15 Jan 2022 06:27:44 -0800
Message-Id: 
 <bc906a49dcc070c219587e6cf98caf2ea2219043.1642256649.git.akuster808@gmail.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <cover.1642256648.git.akuster808@gmail.com>
References: <cover.1642256648.git.akuster808@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Sat, 15 Jan 2022 14:27:59 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/94860

From: Changqing Li <changqing.li@windriver.com>

Commit [1] changed the pidfile dir to /var/run/syslog-ng. This also changed
the location where the control socket is searched for, causing the following
error with systemd:

root@qemux86-64:~# syslog-ng-ctl config
Error connecting control socket, socket='/var/run/syslog-ng/syslog-ng.ctl',
error='No such file or directory'

Update the systemd service file to point to the new location.

[1] 00d1d63e4f7f ("syslog-ng: provide correct PID directory location to
                   restart/stop syslog-ng daemon")

(master rev: b57d824fdf822a4c3fdb153b92063f88705e3a6b)

Signed-off-by: lmorales <luisalejandro.moralespena@windriver.com>
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../files/syslog-ng.service-the-syslog-ng-service.patch         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-oe/recipes-support/syslog-ng/files/syslog-ng.service-the-syslog-ng-service.patch b/meta-oe/recipes-support/syslog-ng/files/syslog-ng.service-the-syslog-ng-service.patch
index 0e1d09492b..7334800304 100644
--- a/meta-oe/recipes-support/syslog-ng/files/syslog-ng.service-the-syslog-ng-service.patch
+++ b/meta-oe/recipes-support/syslog-ng/files/syslog-ng.service-the-syslog-ng-service.patch
@@ -38,7 +38,7 @@ index 0ccc2b9..7f08c0e 100644
 -CONTROL_FILE=/var/run/syslog-ng.ctl
 -PID_FILE=/var/run/syslog-ng.pid
 +PERSIST_FILE=@LOCALSTATEDIR@/lib/syslog-ng/syslog-ng.persist
-+CONTROL_FILE=@LOCALSTATEDIR@/lib/syslog-ng/syslog-ng.ctl
++CONTROL_FILE=@LOCALSTATEDIR@/run/syslog-ng/syslog-ng.ctl
 +PID_FILE=@LOCALSTATEDIR@/run/syslog-ng.pid
  OTHER_OPTIONS="--enable-core"
 -- 

From patchwork Sat Jan 15 14:27:45 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: akuster808 <akuster808@gmail.com>
X-Patchwork-Id: 2497
Return-Path: <akuster808@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 65E7AC433FE
	for <webhook@archiver.kernel.org>; Sat, 15 Jan 2022 14:28:00 +0000 (UTC)
Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com
 [209.85.214.170])
 by mx.groups.io with SMTP id smtpd.web11.7750.1642256879838805148
 for <openembedded-devel@lists.openembedded.org>;
 Sat, 15 Jan 2022 06:27:59 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20210112 header.b=ObCuURn5;
 spf=pass (domain: gmail.com, ip: 209.85.214.170,
 mailfrom: akuster808@gmail.com)
Received: by mail-pl1-f170.google.com with SMTP id a7so12872461plh.1
        for <openembedded-devel@lists.openembedded.org>;
 Sat, 15 Jan 2022 06:27:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:subject:date:message-id:in-reply-to:references:mime-version
         :content-transfer-encoding;
        bh=uMRFzMO+zX0YEnxGK0gcCj3qAN9+j7EveJJTxA9BtGI=;
        b=ObCuURn5n2jz5slXrLnCHpdipTooGD4Pr1hIIruBbZuOd/XbkDCnMxC6ZXHXwG3RgW
         omnbgWpj0UfFViXDZepXlhaod0GOXNcSaSQ9MgT4rcD6XYmSSHAdbBHd65cAMli1t5jS
         ndXilfLBwrGWvxuDfkxOiuZvGIAdgTRbcWZE4/RYbWW9zdfn13q7ZHP/vziv4kvxdWIy
         CrpF98RU5Glrd8ivr0X4nGwY8sSNx9nWOD5RgWaDTfEwGly0U0pvDTXb6t5Q+w+4gF9z
         NoDBkBEw6fzQinXj5kifKD7r+5ePXXnw/F6QdlWBeIT4YUkrKCSHmHNNL4rXmouuCx3O
         2FRA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=uMRFzMO+zX0YEnxGK0gcCj3qAN9+j7EveJJTxA9BtGI=;
        b=XFv+rVTiMjEATJd31yZySbRO7OvAymcy9H30g9f37aRRVcySsKYKUpdj8QrxpUwiSk
         PuiiRrN0jkuQfYb6yTdsa8q17KjO8KLXtb+kbl1u/GIRfRL24wFtlr+wkqnHYue3GEMy
         NHyDPwmh0VmsXMhG9ip5obQZFp8TaGvm6KOjm/LBeUNqtRTKUbiZhCkl91rVQKbfA6dw
         pjelvX1DcxuRWyELR6KcnCjK9ACJVmSEw4V/abD+uxiTzHaIAt+6Tg90A5bFrTN/KLPb
         CsEQNsYIKvZr2nPfid8PWWr9GrKwQsMVwI7qb2A2BdrYs2KdEDyKDQMG0Imtz+kJpa5F
         C3hg==
X-Gm-Message-State: AOAM530bvtfEjXqv/xFOP5tenxkDNRMa7ZZJZdoCR103yvmNO1Wzfagp
	Ju1Ngzjtgnb1Jl3JOIzC1ZfzNUbMXtPTlA==
X-Google-Smtp-Source: 
 ABdhPJztMR5rmuQrEIX3WxiLGgaYxCWmRwREzlBvCAKuyrzdAW+WAAzQlkD204Ymb6P/faPrUsAyQQ==
X-Received: by 2002:a17:902:f545:b0:14a:725f:74a5 with SMTP id
 h5-20020a170902f54500b0014a725f74a5mr14307935plf.2.1642256879155;
        Sat, 15 Jan 2022 06:27:59 -0800 (PST)
Received: from keaua.caveonetworks.com
 ([2601:202:4180:a5c0:7ab9:6507:6566:58c8])
        by smtp.gmail.com with ESMTPSA id
 k20sm8606779pfk.111.2022.01.15.06.27.58
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 15 Jan 2022 06:27:58 -0800 (PST)
From: Armin Kuster <akuster808@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [hardknott 02/11] libteam: switch to python3
Date: Sat, 15 Jan 2022 06:27:45 -0800
Message-Id: 
 <f0f4dbb3b4c32ad6e36471c2ba974a465cbebb34.1642256649.git.akuster808@gmail.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <cover.1642256648.git.akuster808@gmail.com>
References: <cover.1642256648.git.akuster808@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Sat, 15 Jan 2022 14:28:00 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/94861

From: Mingli Yu <mingli.yu@windriver.com>

The original fix for team_basic_test.py only change the interpreter
to python3, but still some error as below:
 # ./run-ptest
 File "/usr/lib64/libteam/ptest/./team_basic_test.py", line 35
 print "Usage: team_basic_test.py [OPTION...]"
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 SyntaxError: Missing parentheses in call to 'print'. Did you mean print(...)?

 # ./run-ptest
 RUN #1
 # "ip link add testteamx type team"
 # "teamnl testteamx getoption mode"
 # "ip link del testteamx"
 # "modprobe -r team_mode_loadbalance team_mode_roundrobin team_mode_activebackup team_mode_broadcast team"
 Traceback (most recent call last):
  File "/usr/lib64/libteam/ptest/./team_basic_test.py", line 206, in <module>
    main()
  File "/usr/lib64/libteam/ptest/./team_basic_test.py", line 203, in main
    btest.run()
  File "/usr/lib64/libteam/ptest/./team_basic_test.py", line 180, in run
    self._run_one_loop(i + 1)
  File "/usr/lib64/libteam/ptest/./team_basic_test.py", line 173, in _run_one_loop
    self._run_one_mode(mode_name)
  File "/usr/lib64/libteam/ptest/./team_basic_test.py", line 101, in _run_one_mode
    cmd_exec("teamnl %s getoption mode" % team_name, "*NOMODE*")
  File "/usr/lib64/libteam/ptest/./team_basic_test.py", line 80, in cmd_exec
    raise CmdExecUnexpectedOutputException(output, expected_output)
 __main__.CmdExecUnexpectedOutputException: Command execution output unexpected: "b'*NOMODE*'" != "*NOMODE*"

 So rework team_basic_test.py to fix the above issue.

Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 ...team_basic_test.py-switch-to-python3.patch | 101 ++++++++++++++++++
 ...asic_test.py-use-python3-interpreter.patch |  28 -----
 .../recipes-support/libteam/libteam_1.31.bb   |   2 +-
 3 files changed, 102 insertions(+), 29 deletions(-)
 create mode 100644 meta-oe/recipes-support/libteam/libteam/0001-team_basic_test.py-switch-to-python3.patch
 delete mode 100644 meta-oe/recipes-support/libteam/libteam/0001-team_basic_test.py-use-python3-interpreter.patch

diff --git a/meta-oe/recipes-support/libteam/libteam/0001-team_basic_test.py-switch-to-python3.patch b/meta-oe/recipes-support/libteam/libteam/0001-team_basic_test.py-switch-to-python3.patch
new file mode 100644
index 0000000000..69276aba91
--- /dev/null
+++ b/meta-oe/recipes-support/libteam/libteam/0001-team_basic_test.py-switch-to-python3.patch
@@ -0,0 +1,101 @@
+From 06050e79655f0fa7d9daeda1fbd3a9a2c7736841 Mon Sep 17 00:00:00 2001
+From: Mingli Yu <mingli.yu@windriver.com>
+Date: Thu, 2 Dec 2021 15:08:25 +0800
+Subject: [PATCH] team_basic_test.py: switch to python3
+
+Switch the script team_basic_test.py to python3
+
+Upstream-Status: Submitted [https://github.com/jpirko/libteam/pull/63]
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ scripts/team_basic_test.py | 28 ++++++++++++++--------------
+ 1 file changed, 14 insertions(+), 14 deletions(-)
+
+diff --git a/scripts/team_basic_test.py b/scripts/team_basic_test.py
+index faabd18..0b64af2 100755
+--- a/scripts/team_basic_test.py
++++ b/scripts/team_basic_test.py
+@@ -1,4 +1,4 @@
+-#! /usr/bin/env python
++#! /usr/bin/env python3
+ """
+ Basic test.
+ 
+@@ -32,11 +32,11 @@ def usage():
+     """
+     Print usage of this app
+     """
+-    print "Usage: team_basic_test.py [OPTION...]"
+-    print ""
+-    print "  -h, --help                         print this message"
+-    print "  -c, --loop-count=NUMBER            number of loops (default 1)"
+-    print "  -p, --port=NETDEV                  port device (can be defined multiple times)"
++    print("Usage: team_basic_test.py [OPTION...]")
++    print("")
++    print("  -h, --help                         print this message")
++    print("  -c, --loop-count=NUMBER            number of loops (default 1)")
++    print("  -p, --port=NETDEV                  port device (can be defined multiple times)")
+     sys.exit()
+ 
+ class CmdExecFailedException(Exception):
+@@ -55,15 +55,15 @@ class CmdExecUnexpectedOutputException(Exception):
+         return "Command execution output unexpected: \"%s\" != \"%s\"" % (self.__output, self.__expected_output)
+ 
+ def print_output(out_type, string):
+-    print("%s:\n"
++    print(("%s:\n"
+           "----------------------------\n"
+           "%s"
+-          "----------------------------" % (out_type, string))
++          "----------------------------" % (out_type, string)))
+ 
+ def cmd_exec(cmd, expected_output=None, cleaner=False):
+     cmd = cmd.rstrip(" ")
+     if not cleaner:
+-        print("# \"%s\"" % cmd)
++        print(("# \"%s\"" % cmd))
+     subp = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE,
+                             stderr=subprocess.PIPE)
+     (data_stdout, data_stderr) = subp.communicate()
+@@ -74,7 +74,7 @@ def cmd_exec(cmd, expected_output=None, cleaner=False):
+         if data_stderr:
+             print_output("Stderr", data_stderr)
+         raise CmdExecFailedException(subp.returncode)
+-    output = data_stdout.rstrip()
++    output = (data_stdout.rstrip()).decode()
+     if expected_output:
+         if output != expected_output:
+             raise CmdExecUnexpectedOutputException(output, expected_output)
+@@ -166,7 +166,7 @@ TEAM_PORT_CONFIG='{"prio": 10}'
+             os.removedirs("/tmp/team_test/")
+ 
+     def _run_one_loop(self, run_nr):
+-        print "RUN #%d" % (run_nr)
++        print("RUN #%d" % (run_nr))
+         self._created_teams = []
+         try:
+             for mode_name in self._team_modes:
+@@ -176,7 +176,7 @@ TEAM_PORT_CONFIG='{"prio": 10}'
+             cmd_exec("modprobe -r team_mode_loadbalance team_mode_roundrobin team_mode_activebackup team_mode_broadcast team");
+ 
+     def run(self):
+-        for i in xrange(self._loop_count):
++        for i in range(self._loop_count):
+             self._run_one_loop(i + 1)
+ 
+ def main():
+@@ -186,8 +186,8 @@ def main():
+             "hc:p:",
+             ["help", "loop-count=", "port="]
+         )
+-    except getopt.GetoptError, err:
+-        print str(err)
++    except getopt.GetoptError as err:
++        print(str(err))
+         usage()
+ 
+     btest = TeamBasicTest()
+-- 
+2.17.1
+
diff --git a/meta-oe/recipes-support/libteam/libteam/0001-team_basic_test.py-use-python3-interpreter.patch b/meta-oe/recipes-support/libteam/libteam/0001-team_basic_test.py-use-python3-interpreter.patch
deleted file mode 100644
index e27e4f3291..0000000000
--- a/meta-oe/recipes-support/libteam/libteam/0001-team_basic_test.py-use-python3-interpreter.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From 571c141b434dff13494c6a3afe621f63a8e610e9 Mon Sep 17 00:00:00 2001
-From: Andrey Zhizhikin <andrey.z@gmail.com>
-Date: Mon, 27 Jan 2020 14:29:34 +0000
-Subject: [PATCH] team_basic_test.py: use python3 interpreter
-
-Use python3 since python2 is EOL and has been removed from several
-distributions.
-
-Upstream-Status: Pending
-
-Signed-off-by: Andrey Zhizhikin <andrey.z@gmail.com>
----
- scripts/team_basic_test.py | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/scripts/team_basic_test.py b/scripts/team_basic_test.py
-index b05be9e..ad980e8 100755
---- a/scripts/team_basic_test.py
-+++ b/scripts/team_basic_test.py
-@@ -1,4 +1,4 @@
--#! /usr/bin/env python
-+#! /usr/bin/env python3
- """
- Basic test.
- 
--- 
-2.17.1
-
diff --git a/meta-oe/recipes-support/libteam/libteam_1.31.bb b/meta-oe/recipes-support/libteam/libteam_1.31.bb
index eb59c1e3e9..764eb6fb74 100644
--- a/meta-oe/recipes-support/libteam/libteam_1.31.bb
+++ b/meta-oe/recipes-support/libteam/libteam_1.31.bb
@@ -11,7 +11,7 @@ SRC_URI = "git://github.com/jpirko/libteam;branch=master;protocol=https \
            file://0001-include-sys-select.h-for-fd_set-definition.patch \
            file://0002-teamd-Re-adjust-include-header-order.patch \
            file://0001-team_basic_test.py-disable-RedHat-specific-test.patch \
-           file://0001-team_basic_test.py-use-python3-interpreter.patch \
+           file://0001-team_basic_test.py-switch-to-python3.patch \
            file://run-ptest \
            "
 SRCREV = "3ee12c6d569977cf1cd30d0da77807a07aa77158"

From patchwork Sat Jan 15 14:27:46 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: akuster808 <akuster808@gmail.com>
X-Patchwork-Id: 2498
Return-Path: <akuster808@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 5771EC433EF
	for <webhook@archiver.kernel.org>; Sat, 15 Jan 2022 14:28:01 +0000 (UTC)
Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com
 [209.85.214.178])
 by mx.groups.io with SMTP id smtpd.web11.7751.1642256880733518287
 for <openembedded-devel@lists.openembedded.org>;
 Sat, 15 Jan 2022 06:28:00 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20210112 header.b=LO0eQpiX;
 spf=pass (domain: gmail.com, ip: 209.85.214.178,
 mailfrom: akuster808@gmail.com)
Received: by mail-pl1-f178.google.com with SMTP id n11so13665352plf.4
        for <openembedded-devel@lists.openembedded.org>;
 Sat, 15 Jan 2022 06:28:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:subject:date:message-id:in-reply-to:references:mime-version
         :content-transfer-encoding;
        bh=Nok5EUlmRVLJ1FDtEPmx/hCcKKpbqKjJR4Us1qsC/UE=;
        b=LO0eQpiXl+loLZUhHwXXKWupu5IasuXj9dEgFaIUJh+KQ9tU7fDPfRVIYcJQ4qGgFZ
         9m2YnChYf+NxXXMR+3qdPwiLo8zf9zINzFfJpDGcb/gL+neaiJrBCAUO3UNBVhNKMew3
         PiZn57tPSfB+5gtaW1TcgIwigDcAiWn46g6Ys5LBVgsa4+T/Ee3VR6v85gKz6N0A7GEM
         nfT5YmLM9+UEgxDLqfhYdMqT9zN0nrgsyXRy9ASO8lnd9yNhMUyZIGl7MhwbJWGPiAfW
         ctPQZ89sMDZ2fIpn2/l4DMhmbNHtbQPRoC+Rhy+NfVkfHUc7f+GPeDQiZMgnUr+UcgLl
         6SMw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=Nok5EUlmRVLJ1FDtEPmx/hCcKKpbqKjJR4Us1qsC/UE=;
        b=ixeTTj+qakPIumEfpAcUTl/HI7vVKm201yp12qrvVxIQeNr+0e345ANrBU2va6S7k+
         Z8Y3BnztLiPlTU+AwLrmM60Ik+6g5oQReC4fvtHGt0apV1vPybVMPfnoTDv+v+CfhYu9
         wi7ugLf8ZgrO3eflOIZ01FuHJAsULqTzRYMnNIvF1xT7M36O/vvvkUKdxFwYPhZYxvXf
         IAoANuQKFf8eZaMwPBpcVgoDHg8AtTYahxKPqRfuhiqUS2QVTIRPyhhhj7JDofPL3jBl
         QP4PVziBios+g66kTzKJBTBPwf1bv0gIoiN0eppxA3fs2s4dkQBl9VJktB+/ZtbdfnaT
         hw0Q==
X-Gm-Message-State: AOAM533dJKXGNKXkPslwgykSnQ0IGfgHtzih+lNblBt2EbXW1Z2qgsWq
	mn/s9hzI+7bQBLvbKJ/7AAglJEE3cpPe3A==
X-Google-Smtp-Source: 
 ABdhPJyF5tsufMbuPmjqzQYjn7pgnSaHyJHy9EKNskounr4s1T+uCe6kk9QZR5AeGk0FKmd16CvbjA==
X-Received: by 2002:a17:902:d4c3:b0:14a:3575:2843 with SMTP id
 o3-20020a170902d4c300b0014a35752843mr13971426plg.40.1642256880169;
        Sat, 15 Jan 2022 06:28:00 -0800 (PST)
Received: from keaua.caveonetworks.com
 ([2601:202:4180:a5c0:7ab9:6507:6566:58c8])
        by smtp.gmail.com with ESMTPSA id
 k20sm8606779pfk.111.2022.01.15.06.27.59
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 15 Jan 2022 06:27:59 -0800 (PST)
From: Armin Kuster <akuster808@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [hardknott 03/11] redis: add back missing patch
Date: Sat, 15 Jan 2022 06:27:46 -0800
Message-Id: 
 <1cf3147f66746cd2573a88bfca93cc94ba1c0cbd.1642256649.git.akuster808@gmail.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <cover.1642256648.git.akuster808@gmail.com>
References: <cover.1642256648.git.akuster808@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Sat, 15 Jan 2022 14:28:01 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/94862

From: Changqing Li <changqing.li@windriver.com>

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 meta-oe/recipes-extended/redis/redis_6.2.6.bb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/meta-oe/recipes-extended/redis/redis_6.2.6.bb b/meta-oe/recipes-extended/redis/redis_6.2.6.bb
index c129e61988..202fce16bb 100644
--- a/meta-oe/recipes-extended/redis/redis_6.2.6.bb
+++ b/meta-oe/recipes-extended/redis/redis_6.2.6.bb
@@ -13,7 +13,11 @@ SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \
            file://hiredis-use-default-CC-if-it-is-set.patch \
            file://lua-update-Makefile-to-use-environment-build-setting.patch \
            file://oe-use-libc-malloc.patch \
+           file://0001-src-Do-not-reset-FINAL_LIBS.patch \
+           file://GNU_SOURCE.patch \
+           file://0006-Define-correct-gregs-for-RISCV32.patch \
            "
+
 SRC_URI[sha256sum] = "5b2b8b7a50111ef395bf1c1d5be11e6e167ac018125055daa8b5c2317ae131ab"
 
 inherit autotools-brokensep update-rc.d systemd useradd

From patchwork Sat Jan 15 14:27:47 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: akuster808 <akuster808@gmail.com>
X-Patchwork-Id: 2499
Return-Path: <akuster808@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 5892DC4332F
	for <webhook@archiver.kernel.org>; Sat, 15 Jan 2022 14:28:02 +0000 (UTC)
Received: from mail-pj1-f50.google.com (mail-pj1-f50.google.com
 [209.85.216.50])
 by mx.groups.io with SMTP id smtpd.web08.7644.1642256881776979030
 for <openembedded-devel@lists.openembedded.org>;
 Sat, 15 Jan 2022 06:28:01 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20210112 header.b=mygMrCP0;
 spf=pass (domain: gmail.com, ip: 209.85.216.50,
 mailfrom: akuster808@gmail.com)
Received: by mail-pj1-f50.google.com with SMTP id
 w12-20020a17090a528c00b001b276aa3aabso1421152pjh.0
        for <openembedded-devel@lists.openembedded.org>;
 Sat, 15 Jan 2022 06:28:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:subject:date:message-id:in-reply-to:references:mime-version
         :content-transfer-encoding;
        bh=swt6BIlhVvwxQXVFjAyJ/uMDfKT+V97GHJO6EgUyMQM=;
        b=mygMrCP0HFyn9gYXn/dEXQAnFn5+xvtv5l7YrZOCGPOLl9RCrhaTRiMlwwuAZgc+y4
         Oftb8bAKhFVvUMTU35ecJ2sig4AY0zRW8MNfoMcb20yMayzPo245OgHIuRSkP2g7w9Jn
         U+VX3YErJrQuQ+/oeRfvJiNR/JKm5jkb5OriRNMjI68C0MQzxlvQtA+zbtxRDnz2jAk+
         BQ6EcsnA2pdeph4gOrgrNLMleNaM7giVSmcD6BzqRzaDBUNUzW3CQKiShoncX/NUSPpK
         213lXbLTUZcAUDFJQcgki1zOdDowwtxoeYFrDJytgpXksvwtrPdZ8CoVrEOWCuCTnc2B
         xvBw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=swt6BIlhVvwxQXVFjAyJ/uMDfKT+V97GHJO6EgUyMQM=;
        b=NX2Bye1Bcu84RsGJHxPfoyCqXzpVuqvAOVuzm8pQQytm4cVFA0CTQklZty9cQF1AfQ
         HNpdtNTT2l+mQ8mdwPmrGdFVCf/YyUQ57pTgxOlkqaFlxlP/iHJ5EnyP7JXKdXzOfABB
         AlRhrDzao7jcQYiRQWYAnYYrTMvSkyPOMZsodh7nMpwnvh9+H87Y8dL2mo3FKpixZ7ih
         a5lUmM9rKzfEsoOCmDJv9KeiAVn0iU42Tbtc2AwpuHBdWx6TUpDLzEEky+9tzeXIob5I
         LJCzNSuD1CV5/+TzRM8NNj0Skm5nQJsuerkZEoQPOx7DnwpyYc4oJRTXw0dGGs7jku64
         8MtA==
X-Gm-Message-State: AOAM5304Ut5cE+JbwBI+oqlcQWtw9VtPMsQ2U+2YjPzz/oehqyAsfzeK
	3n9mZWk7nJZlL6BLdsQ9rtkBqtGmbOtkfQ==
X-Google-Smtp-Source: 
 ABdhPJyI9gUN45CsWGnH1zl4KN4Ks7DmWXuoXQsfTNRDmVCTVPTrs4il8yKqkCMwljyRkOgUiVvudA==
X-Received: by 2002:a17:902:cec5:b0:14a:5aa5:6a76 with SMTP id
 d5-20020a170902cec500b0014a5aa56a76mr13908824plg.51.1642256881161;
        Sat, 15 Jan 2022 06:28:01 -0800 (PST)
Received: from keaua.caveonetworks.com
 ([2601:202:4180:a5c0:7ab9:6507:6566:58c8])
        by smtp.gmail.com with ESMTPSA id
 k20sm8606779pfk.111.2022.01.15.06.28.00
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 15 Jan 2022 06:28:00 -0800 (PST)
From: Armin Kuster <akuster808@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [hardknott 04/11] googletest: Switch branch from master to main
Date: Sat, 15 Jan 2022 06:27:47 -0800
Message-Id: 
 <91ef937c49de1c39ba815ff65c58f2240faf3013.1642256649.git.akuster808@gmail.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <cover.1642256648.git.akuster808@gmail.com>
References: <cover.1642256648.git.akuster808@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Sat, 15 Jan 2022 14:28:02 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/94863

From: Peter Kjellerstedt <peter.kjellerstedt@axis.com>

The master branch has been renamed to main in the github repo.

Change-Id: I19e9ea3998cf22508425d87fceb64ae68fbff166
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 meta-oe/recipes-test/googletest/googletest_git.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-oe/recipes-test/googletest/googletest_git.bb b/meta-oe/recipes-test/googletest/googletest_git.bb
index 898f23fafb..35fe1bed00 100644
--- a/meta-oe/recipes-test/googletest/googletest_git.bb
+++ b/meta-oe/recipes-test/googletest/googletest_git.bb
@@ -11,7 +11,7 @@ PROVIDES += "gmock gtest"
 
 S = "${WORKDIR}/git"
 SRCREV = "703bd9caab50b139428cea1aaff9974ebee5742e"
-SRC_URI = "git://github.com/google/googletest.git;branch=master;protocol=https"
+SRC_URI = "git://github.com/google/googletest.git;branch=main;protocol=https"
 
 inherit cmake
 

From patchwork Sat Jan 15 14:27:48 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: akuster808 <akuster808@gmail.com>
X-Patchwork-Id: 2500
Return-Path: <akuster808@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 680CAC433F5
	for <webhook@archiver.kernel.org>; Sat, 15 Jan 2022 14:28:04 +0000 (UTC)
Received: from mail-pf1-f174.google.com (mail-pf1-f174.google.com
 [209.85.210.174])
 by mx.groups.io with SMTP id smtpd.web11.7755.1642256883626444611
 for <openembedded-devel@lists.openembedded.org>;
 Sat, 15 Jan 2022 06:28:03 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20210112 header.b=GZUlmTU4;
 spf=pass (domain: gmail.com, ip: 209.85.210.174,
 mailfrom: akuster808@gmail.com)
Received: by mail-pf1-f174.google.com with SMTP id m21so5487629pfd.3
        for <openembedded-devel@lists.openembedded.org>;
 Sat, 15 Jan 2022 06:28:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:subject:date:message-id:in-reply-to:references:mime-version
         :content-transfer-encoding;
        bh=f7zwKP9JiRXEoXre0iIi57j+l+BmkjsRBfyAwbHwLL4=;
        b=GZUlmTU4olkkQXX9eVBg4pE8QAK9bARBMeROPW+6lQv2jUmQt1VIeeLRC26gNU1Tp6
         fGU0jcVxhSw7pd8mGJao75trmma0Xm9JpWAXuq+7dnuhj0VWakmJ5TVwZ2SfHlNpyS/I
         U5bgCGVkRPgylyqO0XkMsJb9QhZ1rNxogPPr1ulZiLUhTH0Q+RL2xNmKtoKqFU7RIR0T
         IeP8kfhOuyEPxoAkTEDjaPMnrbyXfNd4dFMs1uCLKGBY9+lGSJl5uGbNxOMj1pM7Tar/
         L70DTw6uKbihp1pneTtJ6HRpVzeMAK/jLKpoMgXbhKdD2LGFB+amNF6k2Clv/SE8aORZ
         oDxA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=f7zwKP9JiRXEoXre0iIi57j+l+BmkjsRBfyAwbHwLL4=;
        b=DNFXOrwAwiA9q+LEfiH6fcFqMfE/9XVFtO2ijzSgCfIjb3Yc70AhvcAX1QuIJuoXHX
         xpVzftwIVpj1WLIeZSyo4bLtq+72FD39gN0XTDbmt4DIrSv+vaD/uD4rWRgkz9yM8QMg
         0i+g9J2F8R0jBHbAOOOXCiv5ZmL3JNMSAL98viiOr33feBzK5L7ajloGtuwWunOA3mzx
         IqZM8htHJGo5we9XND1Jjp8Bmm80A1VbagbhCw3nLO8if6mz0CiBQYFDVUGLReISs6TR
         HsYWYvTd0Cv98Uh1JTBq+JFhuM0knEfsnQyI61d/Ur4NhzwSOkPMwrFkCRY4fVMsOXVu
         BRhw==
X-Gm-Message-State: AOAM532YLqZYEH/ftZgAyahhS21ODwxyA7Nr57MkeDZVPOHM5L4yJJec
	1i9JLoHiF60fYg/zhzZVDd+3qF44935qQQ==
X-Google-Smtp-Source: 
 ABdhPJwz3wE/HXHrkaH/hVNGb6+U9QHo1wOFzy2MfZjkOkNOTsf9mTC1B45wW39rO6kDeG/7IxFuAw==
X-Received: by 2002:a05:6a00:16c7:b0:4a4:edfe:4625 with SMTP id
 l7-20020a056a0016c700b004a4edfe4625mr13400817pfc.58.1642256882771;
        Sat, 15 Jan 2022 06:28:02 -0800 (PST)
Received: from keaua.caveonetworks.com
 ([2601:202:4180:a5c0:7ab9:6507:6566:58c8])
        by smtp.gmail.com with ESMTPSA id
 k20sm8606779pfk.111.2022.01.15.06.28.01
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 15 Jan 2022 06:28:01 -0800 (PST)
From: Armin Kuster <akuster808@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [hardknott 05/11] nss: fix CVE-2021-43527
Date: Sat, 15 Jan 2022 06:27:48 -0800
Message-Id: 
 <63248ef8225df38432ecf798739606bf6270cc27.1642256649.git.akuster808@gmail.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <cover.1642256648.git.akuster808@gmail.com>
References: <cover.1642256648.git.akuster808@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Sat, 15 Jan 2022 14:28:04 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/94864

From: Sakib Sajal <sakib.sajal@windriver.com>

Backport patch to fix CVE-2021-43527.

Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 ...re-DER-encoded-signatures-are-within.patch | 297 ++++++++++++++++++
 meta-oe/recipes-support/nss/nss_3.64.bb       |   1 +
 2 files changed, 298 insertions(+)
 create mode 100644 meta-oe/recipes-support/nss/nss/0001-Bug-1737470-Ensure-DER-encoded-signatures-are-within.patch

diff --git a/meta-oe/recipes-support/nss/nss/0001-Bug-1737470-Ensure-DER-encoded-signatures-are-within.patch b/meta-oe/recipes-support/nss/nss/0001-Bug-1737470-Ensure-DER-encoded-signatures-are-within.patch
new file mode 100644
index 0000000000..dff07de92f
--- /dev/null
+++ b/meta-oe/recipes-support/nss/nss/0001-Bug-1737470-Ensure-DER-encoded-signatures-are-within.patch
@@ -0,0 +1,297 @@
+From 7c6fb56c3bcafa96c0bc87350f0f9e85f002a254 Mon Sep 17 00:00:00 2001
+From: Dennis Jackson <djackson@mozilla.com>
+Date: Mon, 22 Nov 2021 10:40:42 +0000
+Subject: [PATCH] Bug 1737470 - Ensure DER encoded signatures are within size
+ limits. r=jschanck,mt,bbeurdouche,rrelyea
+
+Differential Revision: https://phabricator.services.mozilla.com/D129514
+
+--HG--
+branch : NSS_3_68_1_BRANCH
+
+Upstream-Status: Backport [7c6fb56c3bcafa96c0bc87350f0f9e85f002a254]
+Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
+---
+ lib/cryptohi/secvfy.c | 192 ++++++++++++++++++++++++++----------------
+ 1 file changed, 121 insertions(+), 71 deletions(-)
+
+diff --git a/nss/lib/cryptohi/secvfy.c b/nss/lib/cryptohi/secvfy.c
+index 2540a544c..17545848c 100644
+--- a/nss/lib/cryptohi/secvfy.c
++++ b/nss/lib/cryptohi/secvfy.c
+@@ -164,6 +164,37 @@ verifyPKCS1DigestInfo(const VFYContext *cx, const SECItem *digest)
+         PR_FALSE /*XXX: unsafeAllowMissingParameters*/);
+ }
+ 
++static unsigned int
++checkedSignatureLen(const SECKEYPublicKey *pubk)
++{
++    unsigned int sigLen = SECKEY_SignatureLen(pubk);
++    if (sigLen == 0) {
++        /* Error set by SECKEY_SignatureLen */
++        return sigLen;
++    }
++    unsigned int maxSigLen;
++    switch (pubk->keyType) {
++        case rsaKey:
++        case rsaPssKey:
++            maxSigLen = (RSA_MAX_MODULUS_BITS + 7) / 8;
++            break;
++        case dsaKey:
++            maxSigLen = DSA_MAX_SIGNATURE_LEN;
++            break;
++        case ecKey:
++            maxSigLen = 2 * MAX_ECKEY_LEN;
++            break;
++        default:
++            PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
++            return 0;
++    }
++    if (sigLen > maxSigLen) {
++        PORT_SetError(SEC_ERROR_INVALID_KEY);
++        return 0;
++    }
++    return sigLen;
++}
++
+ /*
+  * decode the ECDSA or DSA signature from it's DER wrapping.
+  * The unwrapped/raw signature is placed in the buffer pointed
+@@ -174,38 +205,38 @@ decodeECorDSASignature(SECOidTag algid, const SECItem *sig, unsigned char *dsig,
+                        unsigned int len)
+ {
+     SECItem *dsasig = NULL; /* also used for ECDSA */
+-    SECStatus rv = SECSuccess;
+ 
+-    if ((algid != SEC_OID_ANSIX9_DSA_SIGNATURE) &&
+-        (algid != SEC_OID_ANSIX962_EC_PUBLIC_KEY)) {
+-        if (sig->len != len) {
+-            PORT_SetError(SEC_ERROR_BAD_DER);
+-            return SECFailure;
++    /* Safety: Ensure algId is as expected and that signature size is within maxmimums */
++    if (algid == SEC_OID_ANSIX9_DSA_SIGNATURE) {
++        if (len > DSA_MAX_SIGNATURE_LEN) {
++            goto loser;
+         }
+-
+-        PORT_Memcpy(dsig, sig->data, sig->len);
+-        return SECSuccess;
+-    }
+-
+-    if (algid == SEC_OID_ANSIX962_EC_PUBLIC_KEY) {
++    } else if (algid == SEC_OID_ANSIX962_EC_PUBLIC_KEY) {
+         if (len > MAX_ECKEY_LEN * 2) {
+-            PORT_SetError(SEC_ERROR_BAD_DER);
+-            return SECFailure;
++            goto loser;
+         }
+-    }
+-    dsasig = DSAU_DecodeDerSigToLen((SECItem *)sig, len);
+-
+-    if ((dsasig == NULL) || (dsasig->len != len)) {
+-        rv = SECFailure;
+     } else {
+-        PORT_Memcpy(dsig, dsasig->data, dsasig->len);
++        goto loser;
+     }
+ 
+-    if (dsasig != NULL)
++    /* Decode and pad to length */
++    dsasig = DSAU_DecodeDerSigToLen((SECItem *)sig, len);
++    if (dsasig == NULL) {
++        goto loser;
++    }
++    if (dsasig->len != len) {
+         SECITEM_FreeItem(dsasig, PR_TRUE);
+-    if (rv == SECFailure)
+-        PORT_SetError(SEC_ERROR_BAD_DER);
+-    return rv;
++        goto loser;
++    }
++
++    PORT_Memcpy(dsig, dsasig->data, len);
++    SECITEM_FreeItem(dsasig, PR_TRUE);
++
++    return SECSuccess;
++
++loser:
++    PORT_SetError(SEC_ERROR_BAD_DER);
++    return SECFailure;
+ }
+ 
+ const SEC_ASN1Template hashParameterTemplate[] =
+@@ -281,7 +312,7 @@ SECStatus
+ sec_DecodeSigAlg(const SECKEYPublicKey *key, SECOidTag sigAlg,
+                  const SECItem *param, SECOidTag *encalgp, SECOidTag *hashalg)
+ {
+-    int len;
++    unsigned int len;
+     PLArenaPool *arena;
+     SECStatus rv;
+     SECItem oid;
+@@ -466,48 +497,52 @@ vfy_CreateContext(const SECKEYPublicKey *key, const SECItem *sig,
+     cx->pkcs1RSADigestInfo = NULL;
+     rv = SECSuccess;
+     if (sig) {
+-        switch (type) {
+-            case rsaKey:
+-                rv = recoverPKCS1DigestInfo(hashAlg, &cx->hashAlg,
+-                                            &cx->pkcs1RSADigestInfo,
+-                                            &cx->pkcs1RSADigestInfoLen,
+-                                            cx->key,
+-                                            sig, wincx);
+-                break;
+-            case rsaPssKey:
+-                sigLen = SECKEY_SignatureLen(key);
+-                if (sigLen == 0) {
+-                    /* error set by SECKEY_SignatureLen */
+-                    rv = SECFailure;
++        rv = SECFailure;
++        if (type == rsaKey) {
++            rv = recoverPKCS1DigestInfo(hashAlg, &cx->hashAlg,
++                                        &cx->pkcs1RSADigestInfo,
++                                        &cx->pkcs1RSADigestInfoLen,
++                                        cx->key,
++                                        sig, wincx);
++        } else {
++            sigLen = checkedSignatureLen(key);
++            /* Check signature length is within limits */
++            if (sigLen == 0) {
++                /* error set by checkedSignatureLen */
++                rv = SECFailure;
++                goto loser;
++            }
++            if (sigLen > sizeof(cx->u)) {
++                PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
++                rv = SECFailure;
++                goto loser;
++            }
++            switch (type) {
++                case rsaPssKey:
++                    if (sig->len != sigLen) {
++                        PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
++                        rv = SECFailure;
++                        goto loser;
++                    }
++                    PORT_Memcpy(cx->u.buffer, sig->data, sigLen);
++                    rv = SECSuccess;
+                     break;
+-                }
+-                if (sig->len != sigLen) {
+-                    PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+-                    rv = SECFailure;
++                case ecKey:
++                case dsaKey:
++                    /* decodeECorDSASignature will check sigLen == sig->len after padding */
++                    rv = decodeECorDSASignature(encAlg, sig, cx->u.buffer, sigLen);
+                     break;
+-                }
+-                PORT_Memcpy(cx->u.buffer, sig->data, sigLen);
+-                break;
+-            case dsaKey:
+-            case ecKey:
+-                sigLen = SECKEY_SignatureLen(key);
+-                if (sigLen == 0) {
+-                    /* error set by SECKEY_SignatureLen */
++                default:
++                    /* Unreachable */
+                     rv = SECFailure;
+-                    break;
+-                }
+-                rv = decodeECorDSASignature(encAlg, sig, cx->u.buffer, sigLen);
+-                break;
+-            default:
+-                rv = SECFailure;
+-                PORT_SetError(SEC_ERROR_UNSUPPORTED_KEYALG);
+-                break;
++                    goto loser;
++            }
++        }
++        if (rv != SECSuccess) {
++            goto loser;
+         }
+     }
+ 
+-    if (rv)
+-        goto loser;
+-
+     /* check hash alg again, RSA may have changed it.*/
+     if (HASH_GetHashTypeByOidTag(cx->hashAlg) == HASH_AlgNULL) {
+         /* error set by HASH_GetHashTypeByOidTag */
+@@ -650,11 +685,16 @@ VFY_EndWithSignature(VFYContext *cx, SECItem *sig)
+     switch (cx->key->keyType) {
+         case ecKey:
+         case dsaKey:
+-            dsasig.data = cx->u.buffer;
+-            dsasig.len = SECKEY_SignatureLen(cx->key);
++            dsasig.len = checkedSignatureLen(cx->key);
+             if (dsasig.len == 0) {
+                 return SECFailure;
+             }
++            if (dsasig.len > sizeof(cx->u)) {
++                PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
++                return SECFailure;
++            }
++            dsasig.data = cx->u.buffer;
++
+             if (sig) {
+                 rv = decodeECorDSASignature(cx->encAlg, sig, dsasig.data,
+                                             dsasig.len);
+@@ -686,8 +726,13 @@ VFY_EndWithSignature(VFYContext *cx, SECItem *sig)
+                 }
+ 
+                 rsasig.data = cx->u.buffer;
+-                rsasig.len = SECKEY_SignatureLen(cx->key);
++                rsasig.len = checkedSignatureLen(cx->key);
+                 if (rsasig.len == 0) {
++                    /* Error set by checkedSignatureLen */
++                    return SECFailure;
++                }
++                if (rsasig.len > sizeof(cx->u)) {
++                    PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+                     return SECFailure;
+                 }
+                 if (sig) {
+@@ -749,7 +794,6 @@ vfy_VerifyDigest(const SECItem *digest, const SECKEYPublicKey *key,
+     SECStatus rv;
+     VFYContext *cx;
+     SECItem dsasig; /* also used for ECDSA */
+-
+     rv = SECFailure;
+ 
+     cx = vfy_CreateContext(key, sig, encAlg, hashAlg, NULL, wincx);
+@@ -757,19 +801,25 @@ vfy_VerifyDigest(const SECItem *digest, const SECKEYPublicKey *key,
+         switch (key->keyType) {
+             case rsaKey:
+                 rv = verifyPKCS1DigestInfo(cx, digest);
++                /* Error (if any) set by verifyPKCS1DigestInfo */
+                 break;
+-            case dsaKey:
+             case ecKey:
++            case dsaKey:
+                 dsasig.data = cx->u.buffer;
+-                dsasig.len = SECKEY_SignatureLen(cx->key);
++                dsasig.len = checkedSignatureLen(cx->key);
+                 if (dsasig.len == 0) {
++                    /* Error set by checkedSignatureLen */
++                    rv = SECFailure;
+                     break;
+                 }
+-                if (PK11_Verify(cx->key, &dsasig, (SECItem *)digest, cx->wincx) !=
+-                    SECSuccess) {
++                if (dsasig.len > sizeof(cx->u)) {
++                    PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
++                    rv = SECFailure;
++                    break;
++                }
++                rv = PK11_Verify(cx->key, &dsasig, (SECItem *)digest, cx->wincx);
++                if (rv != SECSuccess) {
+                     PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
+-                } else {
+-                    rv = SECSuccess;
+                 }
+                 break;
+             default:
+-- 
+2.25.1
+
diff --git a/meta-oe/recipes-support/nss/nss_3.64.bb b/meta-oe/recipes-support/nss/nss_3.64.bb
index 97193aff5c..ccb5201d49 100644
--- a/meta-oe/recipes-support/nss/nss_3.64.bb
+++ b/meta-oe/recipes-support/nss/nss_3.64.bb
@@ -32,6 +32,7 @@ SRC_URI = "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${VERSIO
            file://system-pkcs11.txt \
            file://nss-fix-nsinstall-build.patch \
            file://0001-freebl-add-a-configure-option-to-disable-ARM-HW-cryp.patch \
+           file://0001-Bug-1737470-Ensure-DER-encoded-signatures-are-within.patch \
            "
 SRC_URI[sha256sum] = "d3175427172e9c3a6f1ebc74452cb791590f28191c6a1a443dbc0d87c9df1126"
 

From patchwork Sat Jan 15 14:27:49 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: akuster808 <akuster808@gmail.com>
X-Patchwork-Id: 2501
Return-Path: <akuster808@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 59EAAC433FE
	for <webhook@archiver.kernel.org>; Sat, 15 Jan 2022 14:28:05 +0000 (UTC)
Received: from mail-pg1-f179.google.com (mail-pg1-f179.google.com
 [209.85.215.179])
 by mx.groups.io with SMTP id smtpd.web08.7647.1642256884292124733
 for <openembedded-devel@lists.openembedded.org>;
 Sat, 15 Jan 2022 06:28:04 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20210112 header.b=lSFBcXNI;
 spf=pass (domain: gmail.com, ip: 209.85.215.179,
 mailfrom: akuster808@gmail.com)
Received: by mail-pg1-f179.google.com with SMTP id c5so5347217pgk.12
        for <openembedded-devel@lists.openembedded.org>;
 Sat, 15 Jan 2022 06:28:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:subject:date:message-id:in-reply-to:references:mime-version
         :content-transfer-encoding;
        bh=SHj/u/+gF4rMT1tbLUwm3d4f9Jv/bfO5kaRYbX4gQUc=;
        b=lSFBcXNIquNA6XmN8+DIlUXFWXv5nGMUGHyfBkDJ6dZ7mjuqQB9VTptgzxcruLvZJN
         GbKhT9iyqiPKFn+BfmmYP2bMsJtrpZakdxXf5m73lRw4URhLN+mnx01bXvZvoVpTKJsD
         ShPzn8Eldzh7lTs77PeT+nF71s5dROqKgmYDbbzB7bwcMSAz3sH5ar3nmgvJD/TVTMV8
         CcEf9E2cFJeeibXCZcoJJrpydYwXh53FSVdS7YDmog/wKcL/Khlnp7gsW1frXnJkY53G
         LS6R7SPVF7l7rCJx6C0W9Kh0CsBNL4Yrlwrch8vYHbIB8h+u+c1nnLYv/vvcYwuFryyR
         /csA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=SHj/u/+gF4rMT1tbLUwm3d4f9Jv/bfO5kaRYbX4gQUc=;
        b=aQhE2uNb7uqfPxzksltGLvQ0yNtYhcCPcRJIc4nyjcfuI6BUqAh+gUyN+VjPKavx/w
         3REBXvJxyBKeLheryLmO3GvK2znqrg0wWNGpcSVoWtrdjoXojrOUDH8UNlEoMvp7HBU4
         vRE3W31SOKN8m3hNW70jAl9IMWee0TNG9sVL4JN90mp1YJ7q57INfuDWKAtj+ypRKBcG
         +NXoN2i1rcGrTQI13VrqyRVMocnP9aT9AwMuiHndU93ts6jgW4CSZPRiwVpzaqszSeXB
         ACQTSkCDYlxyzydcKVuo+3Sa0WPMVgCycYJwvRPDBDxzTk6dyZJouBcCXjXkTSWD15iN
         Bk4Q==
X-Gm-Message-State: AOAM531rY4RiUq6gpkx8soYaQADRDVZp1agCXVS/6YTetbFYEuBpp9P9
	NpCSJ/lQiD9l8qwmxErug3vXcri58i7tuw==
X-Google-Smtp-Source: 
 ABdhPJzsYfFhGM1yjKRpAyW3CSIVQ2/obesw7n3hDDZCUXZPVAyLeyoU8mFGXYHgqRrdhGWGHXtOGg==
X-Received: by 2002:a63:385e:: with SMTP id h30mr1534388pgn.16.1642256883667;
        Sat, 15 Jan 2022 06:28:03 -0800 (PST)
Received: from keaua.caveonetworks.com
 ([2601:202:4180:a5c0:7ab9:6507:6566:58c8])
        by smtp.gmail.com with ESMTPSA id
 k20sm8606779pfk.111.2022.01.15.06.28.02
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 15 Jan 2022 06:28:03 -0800 (PST)
From: Armin Kuster <akuster808@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [hardknott 06/11] ifenslave: Add branch=main
Date: Sat, 15 Jan 2022 06:27:49 -0800
Message-Id: 
 <2151027209d11ba2f918e65497d5331bd4f32798.1642256649.git.akuster808@gmail.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <cover.1642256648.git.akuster808@gmail.com>
References: <cover.1642256648.git.akuster808@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Sat, 15 Jan 2022 14:28:05 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/94865

From: Jeremy Puhlman <jpuhlman@mvista.com>

master branch has been removed upstream

Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
[tweeked to apply to previous branch define]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 meta-networking/recipes-support/ifenslave/ifenslave_2.11.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-networking/recipes-support/ifenslave/ifenslave_2.11.bb b/meta-networking/recipes-support/ifenslave/ifenslave_2.11.bb
index d2a6d02d2f..5e547a4621 100644
--- a/meta-networking/recipes-support/ifenslave/ifenslave_2.11.bb
+++ b/meta-networking/recipes-support/ifenslave/ifenslave_2.11.bb
@@ -9,7 +9,7 @@ inherit manpages
 MAN_PKG = "${PN}"
 
 SRCREV = "c26e9310f552e69d0d44eb48746e02c9ae4b4f6f"
-SRC_URI = "git://salsa.debian.org/debian/ifenslave.git;protocol=https;branch=master"
+SRC_URI = "git://salsa.debian.org/debian/ifenslave.git;protocol=https;branch=main"
 
 S = "${WORKDIR}/git"
 

From patchwork Sat Jan 15 14:27:51 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: akuster808 <akuster808@gmail.com>
X-Patchwork-Id: 2502
Return-Path: <akuster808@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 5F3D2C433F5
	for <webhook@archiver.kernel.org>; Sat, 15 Jan 2022 14:28:07 +0000 (UTC)
Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com
 [209.85.210.180])
 by mx.groups.io with SMTP id smtpd.web10.7725.1642256886863174701
 for <openembedded-devel@lists.openembedded.org>;
 Sat, 15 Jan 2022 06:28:06 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20210112 header.b=o68vl4GY;
 spf=pass (domain: gmail.com, ip: 209.85.210.180,
 mailfrom: akuster808@gmail.com)
Received: by mail-pf1-f180.google.com with SMTP id m21so5487742pfd.3
        for <openembedded-devel@lists.openembedded.org>;
 Sat, 15 Jan 2022 06:28:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:subject:date:message-id:in-reply-to:references:mime-version
         :content-transfer-encoding;
        bh=z1as7KRHLr+4lKM+35fxh/md4wwm+054BRWK3jWbaAU=;
        b=o68vl4GYhlgzaNacT5zv71SGNTxQWDbNi3jhQimhjUyV4HwED803rTAPPRuXaag974
         gbwnMFA3O7rR6Gq1eLjR4MXY34eOam35jvfrmRxepfKHNUcLyHUMhz4e5YUfW6qKytxT
         fHZz369B6Ttu1NhLazoim3gn7DjJ2O9iweugcfHPfSlMtFvSxdn85XHVbL95Z6xDYFpf
         bCOC240zA+kwCDlwt3lg34Q01SMPWfkWr9dKt16SQ6cWUzsUXqmxwpXW4qYNXxLs7chi
         t3TTFtx1pqWXggFiZYh8r4KYf9oPsS0BxKXzfpcq0GiTncxbVK2YZT1uIxFTYNNhzIed
         8kEA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=z1as7KRHLr+4lKM+35fxh/md4wwm+054BRWK3jWbaAU=;
        b=k7bH58h6KQU6TlpRNRC5urMww4tYzLsKA7XUwRU+CXNjyCPJmDYRBzcmrR+Qw80bvi
         8eMfv6PZEXfeiE7GT5IDFW7rVNBEpy15i5q9O7WSmJfTQQV8Q5o6jWpuaoo6z16XU62M
         hBbatNBfko/NT1ceM82LZYqKtU/zfFkapX7UanYeseTH+oP8j33DNcfycT+QJQTaGkki
         zeYZh4uEOmWUjv3wLWlY319i+BhOqQB4/yRtvUYoFu7Jj2BOwwLPOjiwnXBFp+MlYeVU
         B1/k5BYtKMmSzk2EMpPtrR1u+0qe+ZBwOyLsDO4m7tHXaNI9Xxx3nKInR2d5ZLhu3Jzg
         Eyxw==
X-Gm-Message-State: AOAM530QrlM1rxMtr0S7VPBFsBnH5h2wNLzA414yToEGliae/p5EaKs1
	L8q1kBZvPjLmouqTUfvMpA3abGpOKNRbVA==
X-Google-Smtp-Source: 
 ABdhPJwmyStbOJRxQHUf4zkhJx40dSPLABq/5/wWsswbUWbBcwy2/HdYheMT71FFQXNmR/uKTo7GZw==
X-Received: by 2002:a05:6a00:803:b0:4c3:37b9:74d8 with SMTP id
 m3-20020a056a00080300b004c337b974d8mr2464575pfk.60.1642256886119;
        Sat, 15 Jan 2022 06:28:06 -0800 (PST)
Received: from keaua.caveonetworks.com
 ([2601:202:4180:a5c0:7ab9:6507:6566:58c8])
        by smtp.gmail.com with ESMTPSA id
 k20sm8606779pfk.111.2022.01.15.06.28.05
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 15 Jan 2022 06:28:05 -0800 (PST)
From: Armin Kuster <akuster808@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [hardknott 08/11] postfix: upgrade 3.4.12 -> 3.4.23
Date: Sat, 15 Jan 2022 06:27:51 -0800
Message-Id: 
 <cd2b1288aee7f736314b48efd183ba9c5e219e31.1642256649.git.akuster808@gmail.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <cover.1642256648.git.akuster808@gmail.com>
References: <cover.1642256648.git.akuster808@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Sat, 15 Jan 2022 14:28:07 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/94867

From: Yi Zhao <yi.zhao@windriver.com>

Changelog:
http://cdn.postfix.johnriley.me/mirrors/postfix-release/official/postfix-3.3.20.HISTORY

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../postfix/{postfix_3.4.12.bb => postfix_3.4.23.bb}          | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta-networking/recipes-daemons/postfix/{postfix_3.4.12.bb => postfix_3.4.23.bb} (82%)

diff --git a/meta-networking/recipes-daemons/postfix/postfix_3.4.12.bb b/meta-networking/recipes-daemons/postfix/postfix_3.4.23.bb
similarity index 82%
rename from meta-networking/recipes-daemons/postfix/postfix_3.4.12.bb
rename to meta-networking/recipes-daemons/postfix/postfix_3.4.23.bb
index e7bb3e9d32..bb66345805 100644
--- a/meta-networking/recipes-daemons/postfix/postfix_3.4.12.bb
+++ b/meta-networking/recipes-daemons/postfix/postfix_3.4.23.bb
@@ -15,5 +15,5 @@ SRC_URI += "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-${P
            file://0001-makedefs-add-lnsl-and-lresolv-to-SYSLIBS-by-default.patch \
            file://0001-fix-build-with-glibc-2.34.patch \
            "
-SRC_URI[sha256sum] = "18555183ae8b52a9e76067799279c86f9f2770cdef3836deb8462ee0a0855dec"
-UPSTREAM_CHECK_REGEX = "postfix\-(?P<pver>3\.3(\.\d+)+).tar.gz"
+SRC_URI[sha256sum] = "1759e953bf7baccb533899845c17753bf57a99ebac9c21717626262966a122f9"
+UPSTREAM_CHECK_REGEX = "postfix\-(?P<pver>3\.4(\.\d+)+).tar.gz"

From patchwork Sat Jan 15 14:27:52 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: akuster808 <akuster808@gmail.com>
X-Patchwork-Id: 2503
Return-Path: <akuster808@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 62CA2C433EF
	for <webhook@archiver.kernel.org>; Sat, 15 Jan 2022 14:28:08 +0000 (UTC)
Received: from mail-pl1-f175.google.com (mail-pl1-f175.google.com
 [209.85.214.175])
 by mx.groups.io with SMTP id smtpd.web11.7758.1642256887994255725
 for <openembedded-devel@lists.openembedded.org>;
 Sat, 15 Jan 2022 06:28:08 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20210112 header.b=TDEkUNmU;
 spf=pass (domain: gmail.com, ip: 209.85.214.175,
 mailfrom: akuster808@gmail.com)
Received: by mail-pl1-f175.google.com with SMTP id n8so2430403plc.3
        for <openembedded-devel@lists.openembedded.org>;
 Sat, 15 Jan 2022 06:28:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:subject:date:message-id:in-reply-to:references:mime-version
         :content-transfer-encoding;
        bh=kZGoEd5ism09BdMlYuF0dwRKExKzlorFfb9Op0ztsw0=;
        b=TDEkUNmUjOypSE9sXHsvRzIXp+UQZ2zrgttxpN8AePd4NUKzj8WMPisEggthV/dElc
         wC99JYL+Xh84PAcGPI553BN7qkOL9NG+9prPF1L73bRYX+o8JXwaVvUGt4s28zLUMLSd
         dndTiIbBv6VOm0jiCLZzsl2j+wE9ohX/ebquh3zVIkIlp2oKLjjMagYTLuUiNfYDgSIW
         4jyF52kOqhZNwTHWYlHcbB+ujTT+Bq7iQSxDkbuwObPWjP7IGNzl9uQlZaGkcKWVRtOR
         a63bLKASMmY5FnpOKIYpZgqMUy9Pk142NUjWJjcYrTOpfoIDz9F7ULN2Uq497j4AYadu
         Ps/g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=kZGoEd5ism09BdMlYuF0dwRKExKzlorFfb9Op0ztsw0=;
        b=5wlmjR+TKA+oD3XTUEUWz+bNGvmW7wahD9e82vZZ+wSgyGRoYMnJsdM1PdY8dz4o1O
         CYrduB2eeFMCtWj1Ee4g6p9CpAf9PlDGkMI/pP9uM0yh1RyGVGsBl35j6z/1iDBVwL4u
         4vseZSMokSAj9/Ch1rx47XuCPA+OgUK/bCAIVJ34RPFIbmL8Q8swwuk0d0iJ/jZ7zC2j
         CRUdELyELeDMZHjTbqAsYd4QAzA4IUB9BtzZTAKbaair1VCYqyAv+fYcDdKF5NGYIb8h
         EBU/uUvSR5qt+6eCXAoS7IVDSXzQB0Umj/BVrUNOrvsIiIHJdBHvIiJn0UcO3gdyVf9L
         9foQ==
X-Gm-Message-State: AOAM5338zTMzdpWz3ctEAIsbS7DMgvB8FoMA7pu/8JYW2Cf8iWFFBYmx
	Q8IxeMQTQTzxVrxtwB0rBg3983lsf7Js2A==
X-Google-Smtp-Source: 
 ABdhPJwuNP9llNBOBduvKcvdhuKuOtE/gUQcL/jr4wulu3vK3CSTw4S6+tPuB/lFWlJOTVjCt668cQ==
X-Received: by 2002:a17:902:7e82:b0:149:9714:699e with SMTP id
 z2-20020a1709027e8200b001499714699emr14134669pla.66.1642256887264;
        Sat, 15 Jan 2022 06:28:07 -0800 (PST)
Received: from keaua.caveonetworks.com
 ([2601:202:4180:a5c0:7ab9:6507:6566:58c8])
        by smtp.gmail.com with ESMTPSA id
 k20sm8606779pfk.111.2022.01.15.06.28.06
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 15 Jan 2022 06:28:06 -0800 (PST)
From: Armin Kuster <akuster808@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [hardknott 09/11] apache2: upgrade 2.4.51 -> 2.4.52
Date: Sat, 15 Jan 2022 06:27:52 -0800
Message-Id: 
 <e8cb9338dfdb80be1e2022a91fa8bacf327172ae.1642256649.git.akuster808@gmail.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <cover.1642256648.git.akuster808@gmail.com>
References: <cover.1642256648.git.akuster808@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Sat, 15 Jan 2022 14:28:08 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/94868

From: wangmy <wangmy@fujitsu.com>

Changelog:
==========
 *) SECURITY: CVE-2021-44790: Possible buffer overflow when parsing
     multipart content in mod_lua of Apache HTTP Server 2.4.51 and
     earlier (cve.mitre.org)
     A carefully crafted request body can cause a buffer overflow in
     the mod_lua multipart parser (r:parsebody() called from Lua
     scripts).
     The Apache httpd team is not aware of an exploit for the
     vulnerabilty though it might be possible to craft one.
     This issue affects Apache HTTP Server 2.4.51 and earlier.

  *) SECURITY: CVE-2021-44224: Possible NULL dereference or SSRF in
     forward proxy configurations in Apache HTTP Server 2.4.51 and
     earlier (cve.mitre.org)
     A crafted URI sent to httpd configured as a forward proxy
     (ProxyRequests on) can cause a crash (NULL pointer dereference)
     or, for configurations mixing forward and reverse proxy
     declarations, can allow for requests to be directed to a
     declared Unix Domain Socket endpoint (Server Side Request
     Forgery).
     This issue affects Apache HTTP Server 2.4.7 up to 2.4.51
     (included).

  *) http: Enforce that fully qualified uri-paths not to be forward-proxied
     have an http(s) scheme, and that the ones to be forward proxied have a
     hostname, per HTTP specifications.

  *) OpenSSL autoconf detection improvement: pick up openssl.pc in the
     specified openssl path.

  *) mod_proxy_connect, mod_proxy: Do not change the status code after we
     already sent it to the client.

  *) mod_http: Correctly sent a 100 Continue status code when sending an interim
     response as result of an Expect: 100-Continue in the request and not the
     current status code of the request. PR 65725

  *) mod_dav: Some DAV extensions, like CalDAV, specify both document
     elements and property elements that need to be taken into account
     when generating a property. The document element and property element
     are made available in the dav_liveprop_elem structure by calling
     dav_get_liveprop_element().

  *) mod_dav: Add utility functions dav_validate_root_ns(),
     dav_find_child_ns(), dav_find_next_ns(), dav_find_attr_ns() and
     dav_find_attr() so that other modules get to play too.

  *) mpm_event: Restart stopping of idle children after a load peak. PR 65626.

  *) mod_http2: fixes 2 regressions in server limit handling.
     1. When reaching server limits, such as MaxRequestsPerChild, the
        HTTP/2 connection send a GOAWAY frame much too early on new
        connections, leading to invalid protocol state and a client
        failing the request. See PR65731.
        The module now initializes the HTTP/2 protocol correctly and
        allows the client to submit one request before the shutdown
        via a GOAWAY frame is being announced.
     2. A regression in v1.15.24 was fixed that could lead to httpd
        child processes not being terminated on a graceful reload or
        when reaching MaxConnectionsPerChild. When unprocessed h2
        requests were queued at the time, these could stall.
        See <https://github.com/icing/mod_h2/issues/212>.

  *) mod_ssl: Add build support for OpenSSL v3.

  *) mod_proxy_connect: Honor the smallest of the backend or client timeout
     while tunneling.

  *) mod_proxy: SetEnv proxy-nohalfclose (or alike) allows to disable TCP
     half-close forwarding when tunneling protocols.

  *) core: Be safe with ap_lingering_close() called with a socket NULL-ed by
     a third-party module.  PR 65627.

  *) mod_md: Fix memory leak in case of failures to load the private key.
     PR 65620

  *) mod_md: adding v2.4.8 with the following changes
    - Added support for ACME External Account Binding (EAB).
      Use the new directive `MDExternalAccountBinding` to provide the
      server with the value for key identifier and hmac as provided by
      your CA.
      While working on some servers, EAB handling is not uniform
      across CAs. First tests with a Sectigo Certificate Manager in
      demo mode are successful. But ZeroSSL, for example, seems to
      regard EAB values as a one-time-use-only thing, which makes them
      fail if you create a seconde account or retry the creation of the
      first account with the same EAB.
    - The directive 'MDCertificateAuthority' now checks if its parameter
      is a http/https url or one of a set of known names. Those are
      'LetsEncrypt', 'LetsEncrypt-Test', 'Buypass' and 'Buypass-Test'
      for now and they are not case-sensitive.
      The default of LetsEncrypt is unchanged.
    - `MDContactEmail` can now be specified inside a `<MDomain dnsname>`
      section.
    - Treating 401 HTTP status codes for orders like 403, since some ACME
      servers seem to prefer that for accessing oders from other accounts.
    - When retrieving certificate chains, try to read the repsonse even
      if the HTTP Content-Type is unrecognized.
    - Fixed a bug that reset the error counter of a certificate renewal
      and prevented the increasing delays in further attempts.
    - Fixed the renewal process giving up every time on an already existing
      order with some invalid domains. Now, if such are seen in a previous
      order, a new order is created for a clean start over again.
      See <https://github.com/icing/mod_md/issues/268>
    - Fixed a mixup in md-status handler when static certificate files
      and renewal was configured at the same time.

  *) mod_md: values for External Account Binding (EAB) can
     now also be configured to be read from a separate JSON
     file. This allows to keep server configuration permissions
     world readable without exposing secrets.

  *) mod_proxy_uwsgi: Remove duplicate slashes at the beginning of PATH_INFO.
     PR 65616.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit ea76fc643713915a1618597be8bdbe0e4a3d993e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../apache2/{apache2_2.4.51.bb => apache2_2.4.52.bb}            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.51.bb => apache2_2.4.52.bb} (99%)

diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.51.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.52.bb
similarity index 99%
rename from meta-webserver/recipes-httpd/apache2/apache2_2.4.51.bb
rename to meta-webserver/recipes-httpd/apache2/apache2_2.4.52.bb
index d6e736d31d..10123aa2bb 100644
--- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.51.bb
+++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.52.bb
@@ -26,7 +26,7 @@ SRC_URI_append_class-target = " \
            "
 
 LIC_FILES_CHKSUM = "file://LICENSE;md5=bddeddfac80b2c9a882241d008bb41c3"
-SRC_URI[sha256sum] = "20e01d81fecf077690a4439e3969a9b22a09a8d43c525356e863407741b838f4"
+SRC_URI[sha256sum] = "0127f7dc497e9983e9c51474bed75e45607f2f870a7675a86dc90af6d572f5c9"
 
 S = "${WORKDIR}/httpd-${PV}"
 

From patchwork Sat Jan 15 14:27:53 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: akuster808 <akuster808@gmail.com>
X-Patchwork-Id: 2504
Return-Path: <akuster808@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 5F31CC433F5
	for <webhook@archiver.kernel.org>; Sat, 15 Jan 2022 14:28:09 +0000 (UTC)
Received: from mail-pl1-f175.google.com (mail-pl1-f175.google.com
 [209.85.214.175])
 by mx.groups.io with SMTP id smtpd.web09.7771.1642256888752535002
 for <openembedded-devel@lists.openembedded.org>;
 Sat, 15 Jan 2022 06:28:08 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20210112 header.b=pa0zOp1l;
 spf=pass (domain: gmail.com, ip: 209.85.214.175,
 mailfrom: akuster808@gmail.com)
Received: by mail-pl1-f175.google.com with SMTP id e19so15600159plc.10
        for <openembedded-devel@lists.openembedded.org>;
 Sat, 15 Jan 2022 06:28:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:subject:date:message-id:in-reply-to:references:mime-version
         :content-transfer-encoding;
        bh=9OSS4aa7HdsvXbIseT9+krnGdlmjmNd4LQa7L63VFxo=;
        b=pa0zOp1lGvra6G65HLhgLX8Q5U+1zScr5bmTRIyDM/HkXDz2t0Jubc36llCzO9ddFH
         Ruqtg2IXt/YaqfbypPVHhGsbsBADA/YZbtLs0QHR1s2SKPceb+/0pkz2p6gNKnqkUbI7
         KbhF6AB5i0OW3WmbmtI2PHJnL2Afp02s/5klxaVPOOMlbuGEuZHA6g1NPyoDbaOB8UNQ
         QJwl7hQqHSORfA6H0KmrdmTERCWwiL2Q8jvlv/CY2KAzY83cnk0ifRiwlgYOKjW65XF+
         CA4T1FAPiSROfv7z+NwbxTR7MAcBlgJR5Av53lBj8h0XsCJL0Wv8PoFiPzSHV/CJonZ9
         QZyg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=9OSS4aa7HdsvXbIseT9+krnGdlmjmNd4LQa7L63VFxo=;
        b=2QgUdY/2AVUKcQHEi6s6UTdY/McWObkt4DepHU3zlOU3zEwiRIGZa1g0ZwF5dk+jEp
         lud+LaRjo1i6sFS9+57sWoA8SDT5KxnCh6hgPenQXNoGnK/sg0JBPmUtS6QeORcwCJeu
         tOVUeqo/F5IP+6yE6Q1Foeps1809VA3sXl3gA75RsV9913vmCkkGVytEyQAu++DKrriz
         D4a3f6oCyz7zXF80lyYiBYSoNrLnQY2V28Rw+myCTW7GzlVzf0H+iufBc+u6FETY+9nU
         /IBDhI2wn22T/HywS07ZaTO7JRQv1TMamlPRWXRdDcqOLlGoFNCq92NoOgUuQ5XFGbXQ
         bHVw==
X-Gm-Message-State: AOAM530wCJF4a5gLaUoxZuyw6CsEpQfZwAiHESShHx1FMAByGt14qg2B
	BXN8BK+LpjCWAZmdWihira4yQZr3LD8ZFQ==
X-Google-Smtp-Source: 
 ABdhPJyRC3YG0NM23lWe0kZe4+yizaBd//yhc1r5BPZzKzZ+xFTeM5OCFW73gqU08jfmg9/AWh9btQ==
X-Received: by 2002:a17:90b:4f4d:: with SMTP id
 pj13mr20453699pjb.30.1642256888093;
        Sat, 15 Jan 2022 06:28:08 -0800 (PST)
Received: from keaua.caveonetworks.com
 ([2601:202:4180:a5c0:7ab9:6507:6566:58c8])
        by smtp.gmail.com with ESMTPSA id
 k20sm8606779pfk.111.2022.01.15.06.28.07
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 15 Jan 2022 06:28:07 -0800 (PST)
From: Armin Kuster <akuster808@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [hardknott 10/11] wireshark: update to latest stable 3.4.11
Date: Sat, 15 Jan 2022 06:27:53 -0800
Message-Id: 
 <357e6a8495eda11d9b22216a59360afafce51317.1642256649.git.akuster808@gmail.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <cover.1642256648.git.akuster808@gmail.com>
References: <cover.1642256648.git.akuster808@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Sat, 15 Jan 2022 14:28:09 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/94869

For more infromation, see:
https://www.wireshark.org/docs/relnotes/wireshark-3.4.11.html

refresh 0004-lemon-Remove-line-directives.patch

Includes CVEs:

3.4.11:
wnpa-sec-2021-16 Gryphon dissector crash. Issue 17737. CVE-2021-4186.
wnpa-sec-2021-17 RTMPT dissector infinite loop. Issue 17745. CVE-2021-4185.
wnpa-sec-2021-18 BitTorrent DHT dissector infinite loop. Issue 17754. CVE-2021-4184.
wnpa-sec-2021-20 RFC 7468 file parser infinite loop. Issue 17801. CVE-2021-4182.
wnpa-sec-2021-21 Sysdig Event dissector crash. CVE-2021-4181.

3.4.10:
wnpa-sec-2021-07 Bluetooth DHT dissector crash. Issue 17651. CVE-2021-39929.
wnpa-sec-2021-08 Bluetooth HCI_ISO dissector crash. Issue 17649. CVE-2021-39926.
wnpa-sec-2021-09 Bluetooth SDP dissector crash. Issue 17635. CVE-2021-39925.
wnpa-sec-2021-10 Bluetooth DHT dissector large loop. Issue 17677. CVE-2021-39924.
wnpa-sec-2021-11 PNRP dissector large loop. Issue 17684.
wnpa-sec-2021-12 C12.22 dissector crash. Issue 17636. CVE-2021-39922.
wnpa-sec-2021-13 IEEE 802.11 dissector crash. Issue 17704. CVE-2021-39928.
wnpa-sec-2021-14 Modbus dissector crash. Issue 17703. CVE-2021-39921.
wnpa-sec-2021-15 IPPUSB dissector crash. Issue 17705. CVE-2021-39920.

Signed-off-by: Armin Kuster <akuster808@gmail.com>
(cherry picked from commit 89bf10d0cb8af495de02ba7a02c487a8b5592cc6)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../files/0004-lemon-Remove-line-directives.patch | 15 ++++++---------
 .../{wireshark_3.4.8.bb => wireshark_3.4.11.bb}   |  2 +-
 2 files changed, 7 insertions(+), 10 deletions(-)
 rename meta-networking/recipes-support/wireshark/{wireshark_3.4.8.bb => wireshark_3.4.11.bb} (97%)

diff --git a/meta-networking/recipes-support/wireshark/files/0004-lemon-Remove-line-directives.patch b/meta-networking/recipes-support/wireshark/files/0004-lemon-Remove-line-directives.patch
index c1a528f90d..134633f668 100644
--- a/meta-networking/recipes-support/wireshark/files/0004-lemon-Remove-line-directives.patch
+++ b/meta-networking/recipes-support/wireshark/files/0004-lemon-Remove-line-directives.patch
@@ -12,11 +12,11 @@ Signed-off-by: Oleksiy Obitotskyy <oobitots@cisco.com>
  cmake/modules/UseLemon.cmake | 49 +++++++++++++++++++++++++-----------
  1 file changed, 34 insertions(+), 15 deletions(-)
 
-diff --git a/cmake/modules/UseLemon.cmake b/cmake/modules/UseLemon.cmake
-index 849ffc1..ca38ab7 100644
---- a/cmake/modules/UseLemon.cmake
-+++ b/cmake/modules/UseLemon.cmake
-@@ -7,21 +7,40 @@ MACRO(ADD_LEMON_FILES _source _generated)
+Index: wireshark-3.4.11/cmake/modules/UseLemon.cmake
+===================================================================
+--- wireshark-3.4.11.orig/cmake/modules/UseLemon.cmake
++++ wireshark-3.4.11/cmake/modules/UseLemon.cmake
+@@ -7,21 +7,40 @@ MACRO(ADD_LEMON_FILES _source _generated
  
        SET(_out ${CMAKE_CURRENT_BINARY_DIR}/${_basename})
  
@@ -26,7 +26,7 @@ index 849ffc1..ca38ab7 100644
 -          # These files are generated as side-effect
 -          ${_out}.h
 -          ${_out}.out
--         COMMAND lemon
+-         COMMAND $<TARGET_FILE:lemon>
 -           -T${_lemonpardir}/lempar.c
 -           -d.
 -           ${_in}
@@ -72,6 +72,3 @@ index 849ffc1..ca38ab7 100644
  
        LIST(APPEND ${_source} ${_in})
        LIST(APPEND ${_generated} ${_out}.c)
--- 
-2.26.2.Cisco
-
diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.4.8.bb b/meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb
similarity index 97%
rename from meta-networking/recipes-support/wireshark/wireshark_3.4.8.bb
rename to meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb
index 73ccfc5f30..df1fb89f0a 100644
--- a/meta-networking/recipes-support/wireshark/wireshark_3.4.8.bb
+++ b/meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb
@@ -19,7 +19,7 @@ SRC_URI += " \
 
 UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src"
 
-SRC_URI[sha256sum] = "58a7fa8dfe2010a8c8b7dcf66438c653e6493d47eb936ba48ef49d4aa4dbd725"
+SRC_URI[sha256sum] = "a0e227bce2cc3a51ef3301891a0243231990b52a39b68a84a6e32f69c4e75279"
 
 PE = "1"
 

From patchwork Sat Jan 15 14:27:54 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: akuster808 <akuster808@gmail.com>
X-Patchwork-Id: 2505
Return-Path: <akuster808@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 5972CC433EF
	for <webhook@archiver.kernel.org>; Sat, 15 Jan 2022 14:28:10 +0000 (UTC)
Received: from mail-pj1-f53.google.com (mail-pj1-f53.google.com
 [209.85.216.53])
 by mx.groups.io with SMTP id smtpd.web08.7649.1642256889622296623
 for <openembedded-devel@lists.openembedded.org>;
 Sat, 15 Jan 2022 06:28:09 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@gmail.com header.s=20210112 header.b=l5bNnI0q;
 spf=pass (domain: gmail.com, ip: 209.85.216.53,
 mailfrom: akuster808@gmail.com)
Received: by mail-pj1-f53.google.com with SMTP id
 i8-20020a17090a138800b001b3936fb375so25103481pja.1
        for <openembedded-devel@lists.openembedded.org>;
 Sat, 15 Jan 2022 06:28:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:subject:date:message-id:in-reply-to:references:mime-version
         :content-transfer-encoding;
        bh=ckfqGzFehkf/RVhCSZaVYl2DPkFK5MTIoXLjWR7DOcY=;
        b=l5bNnI0qI5ZIWsz3H2/YbirEqn4SsyZUHLZy6JRDHk2v0T/y+lrZu80sC3oL0UB3mf
         iD2rr0DLcHdSsn406KWOqCafJ5HvVu5hLsnEPDponI6KE1JpjjVBvUdkDucIsxTcnsXo
         2Dzo1kUB1XcfxQTKffLeJNp53VzBOTFUdSc6+WU5NpXWYGpFmO/jESivkHWg/+rtv/Vk
         jZex/YbdadNRNIfAy1NTHsSgnbvspCDheRFQgqN7YdzRn/VTKUvQ0PJjJYuyG35cvPeT
         1skMJEBksm2TAdh2m3i4GgBptr56RzVV500lVO+zrwYBXqsFb0oOV5OXhedcnoCN+G/0
         FTzw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=ckfqGzFehkf/RVhCSZaVYl2DPkFK5MTIoXLjWR7DOcY=;
        b=qWZqNN+lp32U43j0YW1Ufn7HKc80uALaw4lz66nJqL9cv14zaYft0mRCi1QGcmzXll
         RHQMrU0GSqdNhUn0+k+xjCiw/ARRb2EvQEcdbyLKv5fmS4E1Vkm9xATsdqjamr9wCJbw
         S8KnLLRJUzPeh1hWSGRZ+OWYDTv49SPjlA7JXlLLhG+iSnSsAVG4fjhIYxaVwenkSSwB
         TkyNJn2lSnJA4NFTBu2Bxv/mUvQ1YIO7rxIBni5xoDx4Wp/QqXJKEfgEuJHEYhFeCj8H
         tGTmJydjxqbmQCt6Ck3U5yd45q1s9gU8ASn9H6pV8qsLlnBtV+ptvmMurywgYWVRt2dF
         gmlw==
X-Gm-Message-State: AOAM533vrvFQKOkAo9PJbOEf3Ct3EkzTY0DmzWHAsVpcIJrTM6oy3nOv
	ng9sYTpXcvwIbytHdL8KX7cHd47ru9m7gA==
X-Google-Smtp-Source: 
 ABdhPJzFGMnRAQcReSqDtp59dB10U5Y/Z73pIJTCLi8rNj5viZLvzBSWPz+R9Ln4VDdiafGSQKC78A==
X-Received: by 2002:a17:90b:4a8c:: with SMTP id
 lp12mr802194pjb.65.1642256888908;
        Sat, 15 Jan 2022 06:28:08 -0800 (PST)
Received: from keaua.caveonetworks.com
 ([2601:202:4180:a5c0:7ab9:6507:6566:58c8])
        by smtp.gmail.com with ESMTPSA id
 k20sm8606779pfk.111.2022.01.15.06.28.08
        for <openembedded-devel@lists.openembedded.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sat, 15 Jan 2022 06:28:08 -0800 (PST)
From: Armin Kuster <akuster808@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [hardknott 11/11] udisks2: upgrade from 2.9.2 to 2.9.4
Date: Sat, 15 Jan 2022 06:27:54 -0800
Message-Id: 
 <f48ecaa7057e61f6825005b783db2e04dd6400f1.1642256649.git.akuster808@gmail.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <cover.1642256648.git.akuster808@gmail.com>
References: <cover.1642256648.git.akuster808@gmail.com>
MIME-Version: 1.0
List-Id: <openembedded-devel.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-devel@lists.openembedded.org>; Sat, 15 Jan 2022 14:28:10 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-devel/message/94870

From: Chen Qi <Qi.Chen@windriver.com>

Upgrade udisks2 from 2.9.2 to 2.9.4. This upgrade will solves
CVE-2021-3802.

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../udisks/{udisks2_2.9.2.bb => udisks2_2.9.4.bb}             | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta-oe/recipes-support/udisks/{udisks2_2.9.2.bb => udisks2_2.9.4.bb} (89%)

diff --git a/meta-oe/recipes-support/udisks/udisks2_2.9.2.bb b/meta-oe/recipes-support/udisks/udisks2_2.9.4.bb
similarity index 89%
rename from meta-oe/recipes-support/udisks/udisks2_2.9.2.bb
rename to meta-oe/recipes-support/udisks/udisks2_2.9.4.bb
index 4c64f91a9e..a25860fd92 100644
--- a/meta-oe/recipes-support/udisks/udisks2_2.9.2.bb
+++ b/meta-oe/recipes-support/udisks/udisks2_2.9.4.bb
@@ -17,8 +17,8 @@ DEPENDS += "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}"
 
 RDEPENDS_${PN} = "acl"
 
-SRC_URI = "git://github.com/storaged-project/udisks.git;branch=master;protocol=https"
-SRCREV = "da6d9480fefeb0ffdf8a84626b5096827d8d7030"
+SRC_URI = "git://github.com/storaged-project/udisks.git;branch=2.9.x-branch;protocol=https"
+SRCREV = "001c486e6d099ed33e2de4f5c73c03e3ee180f81"
 S = "${WORKDIR}/git"
 
 CVE_PRODUCT = "udisks"