From patchwork Wed Oct 18 15:48:20 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 32535 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 88629CDB484 for ; Wed, 18 Oct 2023 15:48:47 +0000 (UTC) Received: from mail-pj1-f52.google.com (mail-pj1-f52.google.com [209.85.216.52]) by mx.groups.io with SMTP id smtpd.web11.284611.1697644118927567994 for ; Wed, 18 Oct 2023 08:48:39 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=PrWphhW2; spf=softfail (domain: sakoman.com, ip: 209.85.216.52, mailfrom: steve@sakoman.com) Received: by mail-pj1-f52.google.com with SMTP id 98e67ed59e1d1-27d153c7f00so4748784a91.3 for ; Wed, 18 Oct 2023 08:48:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1697644118; x=1698248918; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=tznH4Gebv6sfJMxVLrm9Nu+49JZpPrKx6/OQvRFK7ec=; b=PrWphhW2xENZ3Bz1UT+A/6Klss7l89mH5zMdQ2KJtZkovdQN1AwmFakQSQBnOdrk4F C793oBH5jYCAk9EZih3FFDTnVRCfp/iV5Jvv4cxltTTdG9m74ElGPgnGfFzM2vqgUaN+ VdRgvbYm7blLw+LBNUgcIH6v6meRpkAVnXVHqQ7Zb+7OOxVhPxX3J/haSOhAQlAxlReo RfORsXxTPUlc+Z822TAnivMhe5pyx4xK81u7aZz7/bheSFpWuX9c1HXZmTw1fc5kYvOt jchQgeoQHoFsOyPR1iXiSVVnSId8OkSDAv7jYalusdUrp/pa6WIQHzGga1pSXEnKEQSY 99QQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697644118; x=1698248918; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=tznH4Gebv6sfJMxVLrm9Nu+49JZpPrKx6/OQvRFK7ec=; b=moWI3G7D4aHz8WuvcMO6CVxSBkZpBII0Dlcfq/iduEMWB9+n0T1fCo3Oxr2HMvi4FA Sw4oXTn2kTSUoULvB4PX7Ttj+wbaOuj745/Mg+LwjVHN2SgAPULt6rOSVyVym2sQ0RNp r3+p0UtWH/H6Uupb5izqUHSzJviWMDl0W6AIZGuvIYPs2t/o/qTxUkyhiI3RRHKXTYBF iKz07fhNZ3Bq27AY8JFaDNBPYj6qAYLroC0FEu9LlLNz61Dbn7FCUBs0oGP0OcG953P6 B2GDIo9ZYvK6tjQQluQaXXADb1PEAx+ce8XuNR5yJGV6oBq6T+SEsMcoO580W/DFar5H Q2uw== X-Gm-Message-State: AOJu0YxV5Pm7710prE3iNVv2Dzz+VWFE/hbKV7i1JMFmXGjgzInzdGEg YQnjm159IP2wlHVrypjCEgWZnEMIJkEbtyNdYXY= X-Google-Smtp-Source: AGHT+IEXVmnUsNLc4liGMRQqeONaUbVm2PqeZHGJRqhUWx+omzVXtprf+UbYyaC60SnTVgMvdn6dpg== X-Received: by 2002:a17:90a:5893:b0:27d:5679:9fa1 with SMTP id j19-20020a17090a589300b0027d56799fa1mr5617251pji.17.1697644118006; Wed, 18 Oct 2023 08:48:38 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id o14-20020a17090ab88e00b002636dfcc6f5sm43268pjr.3.2023.10.18.08.48.37 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 18 Oct 2023 08:48:37 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 01/10] binutils: Fix CVE-2022-47695 Date: Wed, 18 Oct 2023 05:48:20 -1000 Message-Id: <4d4732c2e295fea610d266fa12bae3cc01f93dfa.1697642997.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 18 Oct 2023 15:48:47 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/189400 From: Chaitanya Vadrevu Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=3d3af4ba39e892b1c544d667ca241846bc3df386] Signed-off-by: Chaitanya Vadrevu Signed-off-by: Steve Sakoman --- .../binutils/binutils-2.38.inc | 1 + .../binutils/0031-CVE-2022-47695.patch | 58 +++++++++++++++++++ 2 files changed, 59 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/0031-CVE-2022-47695.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc index 0964ab0825..da444ed1ba 100644 --- a/meta/recipes-devtools/binutils/binutils-2.38.inc +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc @@ -62,5 +62,6 @@ SRC_URI = "\ file://0030-CVE-2022-44840.patch \ file://0031-CVE-2022-45703-1.patch \ file://0031-CVE-2022-45703-2.patch \ + file://0031-CVE-2022-47695.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/0031-CVE-2022-47695.patch b/meta/recipes-devtools/binutils/binutils/0031-CVE-2022-47695.patch new file mode 100644 index 0000000000..f2e9cea027 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0031-CVE-2022-47695.patch @@ -0,0 +1,58 @@ +From 2f7426b9bb2d2450b32cad3d79fab9abe3ec42bb Mon Sep 17 00:00:00 2001 +From: Alan Modra +Date: Sun, 4 Dec 2022 22:15:40 +1030 +Subject: [PATCH] PR29846, segmentation fault in objdump.c compare_symbols + +Fixes a fuzzed object file problem where plt relocs were manipulated +in such a way that two synthetic symbols were generated at the same +plt location. Won't occur in real object files. + + PR 29846 + PR 20337 + * objdump.c (compare_symbols): Test symbol flags to exclude + section and synthetic symbols before attempting to check flavour. + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=3d3af4ba39e892b1c544d667ca241846bc3df386] + +CVE: CVE-2022-47695 + +Signed-off-by: Chaitanya Vadrevu +--- + binutils/objdump.c | 23 ++++++++++------------- + 1 file changed, 10 insertions(+), 13 deletions(-) + +diff --git a/binutils/objdump.c b/binutils/objdump.c +index 08a0fe521d8..21f75f4db40 100644 +--- a/binutils/objdump.c ++++ b/binutils/objdump.c +@@ -1165,20 +1165,17 @@ compare_symbols (const void *ap, const void *bp) + return 1; + } + +- if (bfd_get_flavour (bfd_asymbol_bfd (a)) == bfd_target_elf_flavour ++ /* Sort larger size ELF symbols before smaller. See PR20337. */ ++ bfd_vma asz = 0; ++ if ((a->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0 ++ && bfd_get_flavour (bfd_asymbol_bfd (a)) == bfd_target_elf_flavour) ++ asz = ((elf_symbol_type *) a)->internal_elf_sym.st_size; ++ bfd_vma bsz = 0; ++ if ((b->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0 + && bfd_get_flavour (bfd_asymbol_bfd (b)) == bfd_target_elf_flavour) +- { +- bfd_vma asz, bsz; +- +- asz = 0; +- if ((a->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0) +- asz = ((elf_symbol_type *) a)->internal_elf_sym.st_size; +- bsz = 0; +- if ((b->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0) +- bsz = ((elf_symbol_type *) b)->internal_elf_sym.st_size; +- if (asz != bsz) +- return asz > bsz ? -1 : 1; +- } ++ bsz = ((elf_symbol_type *) b)->internal_elf_sym.st_size; ++ if (asz != bsz) ++ return asz > bsz ? -1 : 1; + + /* Symbols that start with '.' might be section names, so sort them + after symbols that don't start with '.'. */ From patchwork Wed Oct 18 15:48:21 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 32532 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8BE2CC41513 for ; Wed, 18 Oct 2023 15:48:47 +0000 (UTC) Received: from mail-pj1-f46.google.com (mail-pj1-f46.google.com [209.85.216.46]) by mx.groups.io with SMTP id smtpd.web10.285063.1697644120657992016 for ; Wed, 18 Oct 2023 08:48:40 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=myve6tfB; spf=softfail (domain: sakoman.com, ip: 209.85.216.46, mailfrom: steve@sakoman.com) Received: by mail-pj1-f46.google.com with SMTP id 98e67ed59e1d1-27d329a704bso3454789a91.0 for ; Wed, 18 Oct 2023 08:48:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1697644120; x=1698248920; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=kmYKEgrn01cjZ33WnUn30cyipiTm0T+MLFUktvCFex4=; b=myve6tfBllwGtlUjSJICaT7Vw5qNFBzLDGatkrPoklkzVnaHnZ/11KsrPB4cKOEcIY EkyM1TUXvJ858uVO/K7oGGEXgJJFGtEJH2WIB5FsmrZBphYpo658pNF06HuraKWCzwcj zbQIZCE3GJn4WmwAeRr11WmiZjGM6RWAiKBtnf0EZFgtnaIxkUh5+DGzRQ+mrdZQYe92 1e8KpdueQXb0RokUc42bmbROUZsAiJH85WSaJm2zfH9jua0/w7vo7i82q15I+GGBJBYK pLWpTae7go3jMddZAQv5flQgHDgetTiUqysjwH3hFDpkL9410IqM2CClFBpzCDMeQx8+ 2HGw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697644120; x=1698248920; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=kmYKEgrn01cjZ33WnUn30cyipiTm0T+MLFUktvCFex4=; b=NahJXtj7TiWvP58wbrRze7P3TJB0U5xJ3pOLM3RNhhph0Yvv34k2mllmO6WhSw2E6y 9wCSv5OM24axo+1A+NFRPz405MCIKr/W7ZjvnMyuKDONA/ueXVJv7oVmhRWexx7vVhtk yPAgBhDs8kqZB2SpHQhEs7MyEd8Z58QNwTz2WH1y81rXvM6UXX4J1Wt32wHOPuSf0lxv 4MmSgielpbbOSFXT422WdCyFpePOOHaAE2LtT4mKLGf80XiN1xhMfbpbCnnBEzvzstuq Siqk7QX2mcscxSljh9btHNgfl7HReJCb0bP82MyqjTgRQlR2EyiUbhEzQ0fucIPkRXsE KjdA== X-Gm-Message-State: AOJu0YzKuss9nO9KNFoMSHIeY+0HXhXQ6nTUvA4O9i3oILRUUc5ujbW/ 2pib9csOXaynLwlG8zn2972wa+kZBYLX8QRkhUM= X-Google-Smtp-Source: AGHT+IFivFof41QfWh4xBoErYovPc4HPi5KM0HZz5lyLCXlDpEhNVpNifsNA20C33kyHW1++Xszk0w== X-Received: by 2002:a17:90a:19cb:b0:27d:4d0:5d7f with SMTP id 11-20020a17090a19cb00b0027d04d05d7fmr5732321pjj.28.1697644119781; Wed, 18 Oct 2023 08:48:39 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id o14-20020a17090ab88e00b002636dfcc6f5sm43268pjr.3.2023.10.18.08.48.38 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 18 Oct 2023 08:48:39 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 02/10] binutils: Mark CVE-2022-47673 as patched Date: Wed, 18 Oct 2023 05:48:21 -1000 Message-Id: <96fe4b522a35f75a7d2b597d7e650dfc7ae82e27.1697642997.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 18 Oct 2023 15:48:47 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/189401 From: Chaitanya Vadrevu Signed-off-by: Chaitanya Vadrevu Signed-off-by: Steve Sakoman --- .../binutils/binutils/0022-CVE-2023-25584-3.patch | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/recipes-devtools/binutils/binutils/0022-CVE-2023-25584-3.patch b/meta/recipes-devtools/binutils/binutils/0022-CVE-2023-25584-3.patch index abe501e570..47cc3f310b 100644 --- a/meta/recipes-devtools/binutils/binutils/0022-CVE-2023-25584-3.patch +++ b/meta/recipes-devtools/binutils/binutils/0022-CVE-2023-25584-3.patch @@ -35,8 +35,10 @@ Lack of bounds checking in vms-alpha.c parse_module Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=77c225bdeb410cf60da804879ad41622f5f1aa44] CVE: CVE-2023-25584 +CVE: CVE-2022-47673 Signed-off-by: Deepthi Hemraj +Signed-off-by: Chaitanya Vadrevu --- From patchwork Wed Oct 18 15:48:22 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 32536 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A0FCAC46CA1 for ; Wed, 18 Oct 2023 15:48:47 +0000 (UTC) Received: from mail-pg1-f180.google.com (mail-pg1-f180.google.com [209.85.215.180]) by mx.groups.io with SMTP id smtpd.web11.284614.1697644122362089521 for ; Wed, 18 Oct 2023 08:48:42 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=It4mrwpC; spf=softfail (domain: sakoman.com, ip: 209.85.215.180, mailfrom: steve@sakoman.com) Received: by mail-pg1-f180.google.com with SMTP id 41be03b00d2f7-5b837db1b26so363964a12.3 for ; Wed, 18 Oct 2023 08:48:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1697644121; x=1698248921; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=/tdy6YNpHFeKFoZJq+xBj6+yANRkAQHGK9MvLEGTw70=; b=It4mrwpCMuzrmEj8iWYdQtEJ78IFUT8eDzSOwqklWvR6VfBuUDQHTaxlz5QcpewVSe gi1l2qfpO7lJkK1MVJi6cNqcW2RnBVj5xBFc7uNT8vkx+o8EY1Tv0Ae8vfI1J7k0oFi8 qSTRTQ1zkvd4X/9bviVKTRzq4XT+qy6P554nlpTXHpfazguTm23ByM02x8g1R/kNnMvf kEXaizP8wLWlrXP93ceM05TpwslPkXuU5NiNdqVfOYa7Ts5ARi/x9xyUWhYZdmvaR/CY JSbCGyi0QxBCjCmPDqAjbzULcH34u/2LBLgx8BRK3uH3G+AbgekuKPGdICZU+qSuPeEB PqFQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697644121; x=1698248921; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/tdy6YNpHFeKFoZJq+xBj6+yANRkAQHGK9MvLEGTw70=; b=OihOsNtsGQb1VmqCq6h176q1tm9yshKMnLWEHdBOHEPUfFbRsbJR1YtdRVNhxSvAfg vcXh+Z0tRqbe+cg7yK1zzDG16MOAKqsv5phINHRqBcgyYYhalfLCJqJs5tgMYO07TgvH d/EWRdg+khRL3mKcpE2t6mZfk6dIvqsz5Mr1pU0gtnqnAuZlwdGMuhrfxgdaMX2E2YZG O2GlrdIvv6jQdZ0NEnr4EQmWpGZf96oX/LFXUUg8YHE6uvY4picfR9H7lrDnIpHE6pFb T/bY58gqnIAMWXKhXEEndUvnPWEXOkFTri4bGst1R3K7Nhe8hHKBXD3+/cM4Zf0O+Qm1 f8Pg== X-Gm-Message-State: AOJu0Yz0aAVf9NMaScx0O3R5hElHrKwY2ot5wUFR3KH4Y5S6xlXk5sbv 1Kal6pXN5t/MRS+p2Fyzj+krYNQAdQtaYOdwFbI= X-Google-Smtp-Source: AGHT+IHKHYPzz0LwHMz0e4Mickv0H+N69XjA9zYzyLB2ZhIap9KzXTu7lmsNkjHZyVV1wXwE7FIuKA== X-Received: by 2002:a17:90b:5103:b0:27d:5946:5e2e with SMTP id sc3-20020a17090b510300b0027d59465e2emr5540273pjb.1.1697644121466; Wed, 18 Oct 2023 08:48:41 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id o14-20020a17090ab88e00b002636dfcc6f5sm43268pjr.3.2023.10.18.08.48.40 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 18 Oct 2023 08:48:41 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 03/10] binutils: Mark CVE-2022-47696 as patched Date: Wed, 18 Oct 2023 05:48:22 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 18 Oct 2023 15:48:47 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/189402 From: Chaitanya Vadrevu Signed-off-by: Chaitanya Vadrevu Signed-off-by: Steve Sakoman --- .../binutils/binutils/0025-CVE-2023-25588.patch | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/recipes-devtools/binutils/binutils/0025-CVE-2023-25588.patch b/meta/recipes-devtools/binutils/binutils/0025-CVE-2023-25588.patch index 142d201c40..9b5825037f 100644 --- a/meta/recipes-devtools/binutils/binutils/0025-CVE-2023-25588.patch +++ b/meta/recipes-devtools/binutils/binutils/0025-CVE-2023-25588.patch @@ -17,8 +17,10 @@ anyway, so get rid of them. Also, simplify and correct sanity checks. Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=d12f8998d2d086f0a6606589e5aedb7147e6f2f1] CVE: CVE-2023-25588 +CVE: CVE-2022-47696 Signed-off-by: Deepthi Hemraj +Signed-off-by: Chaitanya Vadrevu --- From patchwork Wed Oct 18 15:48:23 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 32534 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9FD37CDB485 for ; Wed, 18 Oct 2023 15:48:47 +0000 (UTC) Received: from mail-pg1-f179.google.com (mail-pg1-f179.google.com [209.85.215.179]) by mx.groups.io with SMTP id smtpd.web10.285064.1697644124014851376 for ; Wed, 18 Oct 2023 08:48:44 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=1FUAkBKK; spf=softfail (domain: sakoman.com, ip: 209.85.215.179, mailfrom: steve@sakoman.com) Received: by mail-pg1-f179.google.com with SMTP id 41be03b00d2f7-5ab2cb900fcso3417475a12.0 for ; Wed, 18 Oct 2023 08:48:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1697644123; x=1698248923; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=S2RWij/YsGXkTfFS0bfu8fR6N8/5XpwvEa1RRQlZvDw=; b=1FUAkBKKxPmWDWJsD1eFMKwSqwGZtUnUPhJuxNWiTIgWskcnMsGUs9Om7cHAXw2I4a Dsx2fgZW6bkr0stcxohlh+XdqjtfoyF1w5D8lYFJ3O2t82gUuJXqmrERbQvcQ0xpStJU FAli8ZMLWrFb2LtZjCjhjW+fHke/I1QD8PNhaxu7JvWKnYjedhEwr9rHb1fyBFNrTXmR stmHJWHPbzvwFWjLn0qUG1K1s8xr8zNjcWhqzgZyFQZZZGMbZNJyllZAne1eqfkqq991 0aXvQnLc+wiZp7CxExWBXJJHG1FWJJiLxK5+yRIgEjFjlVVzlNqnyhSCfr9leyFlFHWZ /Yng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697644123; x=1698248923; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=S2RWij/YsGXkTfFS0bfu8fR6N8/5XpwvEa1RRQlZvDw=; b=D5NMMFH/YHHpH+QQ3mH141zI0xftoyDKhZo8lTBiVnIpXFJO/LmIJxcoxKm/8eWYB9 8Ci1iJzrg1SSpYJle8wxTNuCDeHjDWV9KOXY5JCcqV7O5GeqU18HQ33V3qypY1YUSzxX 3eBLMzZD7TlHFsHNitGF2WFYvhb6ReZQNzclE+gIPiUdLuzw88Ubuimjgkyuk2/yHRlw M4XW7mxaEbObUvMg8I9pTd5MDrEVHKH/hvsxsPrFrsgTwcVQ3ffv1jiPIGYrEafedoNz E8GLuogqLKSkeVYZ0gx9L0wUpBOf4B+xhiz06tBOB6L9yUbwXSIGSIeiy34xoCsZ71nG x79g== X-Gm-Message-State: AOJu0YwuZ6gdJEyvQIY41Kist842MtmIhPG/GjcJMLOGCoar8bIAYWQt bj5UATsblI+Y+Rv22L6I7h8ujmb7+9nTTtz/76A= X-Google-Smtp-Source: AGHT+IF9ewY2SjX3dI7vwSu9zqvZ1bkIs/z8bjwljFe9lnZb4ojY/9cSMqHq+TNRVgHhVNJeRMEF0w== X-Received: by 2002:a17:90a:854c:b0:27d:4ab9:fcd9 with SMTP id a12-20020a17090a854c00b0027d4ab9fcd9mr5475512pjw.21.1697644123114; Wed, 18 Oct 2023 08:48:43 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id o14-20020a17090ab88e00b002636dfcc6f5sm43268pjr.3.2023.10.18.08.48.42 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 18 Oct 2023 08:48:42 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 04/10] binutils: Fix CVE-2022-47008 Date: Wed, 18 Oct 2023 05:48:23 -1000 Message-Id: <3a299d1610bf085790017569de090b0a41cf809b.1697642997.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 18 Oct 2023 15:48:47 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/189403 From: Deepthi Hemraj Signed-off-by: Deepthi Hemraj Signed-off-by: Steve Sakoman --- .../binutils/binutils-2.38.inc | 1 + .../binutils/0027-CVE-2022-47008.patch | 67 +++++++++++++++++++ 2 files changed, 68 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/0027-CVE-2022-47008.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc index da444ed1ba..125af13d74 100644 --- a/meta/recipes-devtools/binutils/binutils-2.38.inc +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc @@ -56,6 +56,7 @@ SRC_URI = "\ file://0023-CVE-2023-25585.patch \ file://0026-CVE-2023-1972.patch \ file://0025-CVE-2023-25588.patch \ + file://0027-CVE-2022-47008.patch \ file://0029-CVE-2022-48065-1.patch \ file://0029-CVE-2022-48065-2.patch \ file://0029-CVE-2022-48065-3.patch \ diff --git a/meta/recipes-devtools/binutils/binutils/0027-CVE-2022-47008.patch b/meta/recipes-devtools/binutils/binutils/0027-CVE-2022-47008.patch new file mode 100644 index 0000000000..a3fff65409 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0027-CVE-2022-47008.patch @@ -0,0 +1,67 @@ +From: Alan Modra +Date: Thu, 16 Jun 2022 23:43:38 +0000 (+0930) +Subject: PR29255, memory leak in make_tempdir +X-Git-Tag: binutils-2_39~236 +X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=d6e1d48c83b165c129cb0aa78905f7ca80a1f682 + +PR29255, memory leak in make_tempdir + + PR 29255 + * bucomm.c (make_tempdir, make_tempname): Free template on all + failure paths. + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=d6e1d48c83b165c129cb0aa78905f7ca80a1f682] + +CVE: CVE-2022-47008 + +Signed-off-by: Deepthi Hemraj + +--- + +diff --git a/binutils/bucomm.c b/binutils/bucomm.c +index fdc2209df9c..4395cb9f7f5 100644 +--- a/binutils/bucomm.c ++++ b/binutils/bucomm.c +@@ -537,8 +537,9 @@ make_tempname (const char *filename, int *ofd) + #else + tmpname = mktemp (tmpname); + if (tmpname == NULL) +- return NULL; +- fd = open (tmpname, O_RDWR | O_CREAT | O_EXCL, 0600); ++ fd = -1; ++ else ++ fd = open (tmpname, O_RDWR | O_CREAT | O_EXCL, 0600); + #endif + if (fd == -1) + { +@@ -556,22 +557,23 @@ char * + make_tempdir (const char *filename) + { + char *tmpname = template_in_dir (filename); ++ char *ret; + + #ifdef HAVE_MKDTEMP +- return mkdtemp (tmpname); ++ ret = mkdtemp (tmpname); + #else +- tmpname = mktemp (tmpname); +- if (tmpname == NULL) +- return NULL; ++ ret = mktemp (tmpname); + #if defined (_WIN32) && !defined (__CYGWIN32__) + if (mkdir (tmpname) != 0) +- return NULL; ++ ret = NULL; + #else + if (mkdir (tmpname, 0700) != 0) +- return NULL; ++ ret = NULL; + #endif +- return tmpname; + #endif ++ if (ret == NULL) ++ free (tmpname); ++ return ret; + } + + /* Parse a string into a VMA, with a fatal error if it can't be From patchwork Wed Oct 18 15:48:24 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 32533 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7A386CDB483 for ; Wed, 18 Oct 2023 15:48:47 +0000 (UTC) Received: from mail-pj1-f54.google.com (mail-pj1-f54.google.com [209.85.216.54]) by mx.groups.io with SMTP id smtpd.web10.285066.1697644125841995098 for ; Wed, 18 Oct 2023 08:48:45 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=iEkVTvab; spf=softfail (domain: sakoman.com, ip: 209.85.216.54, mailfrom: steve@sakoman.com) Received: by mail-pj1-f54.google.com with SMTP id 98e67ed59e1d1-27cefb5ae1fso4203035a91.3 for ; Wed, 18 Oct 2023 08:48:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1697644125; x=1698248925; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=vA/lmQnpfNsroiRoF3tJzv7te+uxZQYYWfM/R/WMRDo=; b=iEkVTvabuPlbioLGocmcHld7EAugKzueI+Rj+Wvss5pZuwkVsRWaRhiYZ27dOx0G17 aW5nFzTFAIEBYoDdW77eGFu9h/Q0hA/iVa5I7uXatFzee6LjOt+fAS2hQC7jSfMTX/BC cTstHbnJSyPVyovtIDMSsoo2CO+gsX2yCBkKPR9vl1o1aVXRDkfgLdFku/pdvIinVkFN EIe0ULKd5SQyAQ6q+nJ2H+54RGBfj87VRs3kCeK022z9Sduyw2vo93f7/P5H8SqQRkuT Swz//skKUKZ3Eha7zVeyht/A7XHzbu3/vSfae0BwN7oIF6lVZylhuZrMAei8QFiCicgb tANw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697644125; x=1698248925; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=vA/lmQnpfNsroiRoF3tJzv7te+uxZQYYWfM/R/WMRDo=; b=LM223OJw6d19nHZQj3OeWdMZgED00lww/Bg4X68/DS+k74FswvN348IeIRJ7a3Ddrn m59fNOK12jyrPghKnAOvgpLSoS9v2Km3rOJjcsDMf07iyNhC/TdGEl+kBnYqGCqypB9B 5be8NpuE8+Q2ehiX5g+yxQrqSIG3twAdTbOtMSQxGuwDgatoTSlcC6U0U4RvunLhP20J zqkF2GDWWVJkoJT9xIf4Sg0P379ZJ1rdL2JbbrpHM29fiAEn1c6WdMVvEaw2aVYFdwGH aHNolDG1Tja+SAvjiRwf8t+/gbWqveROIRjnFgpxyImEzMW0ycg97zSnSAbg9ZRWgRHe zhiQ== X-Gm-Message-State: AOJu0Yzh4xzq4E4L/QJ010mFya9qTVhKVv/SI9nWh6mmUE0hMu/xp8HB QSSdevkUlAAerUPtRwijjK7aBYoKIyaQwrPBjoc= X-Google-Smtp-Source: AGHT+IEIur22G9Ywz+G3HGayFVUD4sYq7Bt7GspnZqTQbvrZjHCtB9XcgYc3mSUK8DyAi08jQY3FWQ== X-Received: by 2002:a17:90a:ab8c:b0:27d:bc2:7c6e with SMTP id n12-20020a17090aab8c00b0027d0bc27c6emr5422204pjq.20.1697644124851; Wed, 18 Oct 2023 08:48:44 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id o14-20020a17090ab88e00b002636dfcc6f5sm43268pjr.3.2023.10.18.08.48.44 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 18 Oct 2023 08:48:44 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 05/10] binutils: Fix CVE-2022-47011 Date: Wed, 18 Oct 2023 05:48:24 -1000 Message-Id: <5ff2e3c880705c2e920a4a61a5165810fadd7b84.1697642997.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 18 Oct 2023 15:48:47 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/189404 From: Deepthi Hemraj Signed-off-by: Deepthi Hemraj Signed-off-by: Steve Sakoman --- .../binutils/binutils-2.38.inc | 1 + .../binutils/0028-CVE-2022-47011.patch | 35 +++++++++++++++++++ 2 files changed, 36 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/0028-CVE-2022-47011.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc index 125af13d74..c25b49f8b0 100644 --- a/meta/recipes-devtools/binutils/binutils-2.38.inc +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc @@ -57,6 +57,7 @@ SRC_URI = "\ file://0026-CVE-2023-1972.patch \ file://0025-CVE-2023-25588.patch \ file://0027-CVE-2022-47008.patch \ + file://0028-CVE-2022-47011.patch \ file://0029-CVE-2022-48065-1.patch \ file://0029-CVE-2022-48065-2.patch \ file://0029-CVE-2022-48065-3.patch \ diff --git a/meta/recipes-devtools/binutils/binutils/0028-CVE-2022-47011.patch b/meta/recipes-devtools/binutils/binutils/0028-CVE-2022-47011.patch new file mode 100644 index 0000000000..73ae46e218 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0028-CVE-2022-47011.patch @@ -0,0 +1,35 @@ +From: Alan Modra +Date: Mon, 20 Jun 2022 01:09:13 +0000 (+0930) +Subject: PR29261, memory leak in parse_stab_struct_fields +X-Git-Tag: binutils-2_39~225 +X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=8a24927bc8dbf6beac2000593b21235c3796dc35 + +PR29261, memory leak in parse_stab_struct_fields + + PR 29261 + * stabs.c (parse_stab_struct_fields): Free "fields" on failure path. + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=8a24927bc8dbf6beac2000593b21235c3796dc35] + +CVE: CVE-2022-47011 + +Signed-off-by: Deepthi Hemraj + +--- + +diff --git a/binutils/stabs.c b/binutils/stabs.c +index 796ff85b86a..bf3f578cbcc 100644 +--- a/binutils/stabs.c ++++ b/binutils/stabs.c +@@ -2367,7 +2367,10 @@ parse_stab_struct_fields (void *dhandle, + + if (! parse_stab_one_struct_field (dhandle, info, pp, p, fields + c, + staticsp, p_end)) +- return false; ++ { ++ free (fields); ++ return false; ++ } + + ++c; + } From patchwork Wed Oct 18 15:48:25 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 32540 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9F734C41513 for ; Wed, 18 Oct 2023 15:48:57 +0000 (UTC) Received: from mail-pf1-f178.google.com (mail-pf1-f178.google.com [209.85.210.178]) by mx.groups.io with SMTP id smtpd.web11.284619.1697644127537593178 for ; Wed, 18 Oct 2023 08:48:47 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=rbwPqFhD; spf=softfail (domain: sakoman.com, ip: 209.85.210.178, mailfrom: steve@sakoman.com) Received: by mail-pf1-f178.google.com with SMTP id d2e1a72fcca58-6b201a93c9cso4598618b3a.0 for ; Wed, 18 Oct 2023 08:48:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1697644127; x=1698248927; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=uU2Njdw3QTJt2bUQtrF7f9H+4t+dK5Cb8GXTBigKejc=; b=rbwPqFhDLoTt+743gh2qE+xmi7unwkuhqUbzZGgO2jGIgSDTB8uHtNjGfucxJn391w jDZ03qC/KaQaDR1y7h4SHqcEG9UiYTgLiz6RhlqW1wc5xZRfLu7SJiWTuHdfrIUXeB1P TPu554ydIgbAdpctxvA162Vmn5mDtrbGL3JMGc2Cm4R0GbyTJ1ExRFbWXbHhMoYaGOzd j2BPrA5JfqMBkt6AwEXzzQtCPOAxBD4hc4vk3u533uWq0FszJWJswC1Crm02+JHhkrUG epxp/NzrszZHJRwxlPFqDSlHZB2nxNulp+vsiK904rT1eqJ9mgIxzqcyOXFIhO0P188q Ky7g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697644127; x=1698248927; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=uU2Njdw3QTJt2bUQtrF7f9H+4t+dK5Cb8GXTBigKejc=; b=YkblVSpHwUrkRxpsz+t3AkhgmH5l1fCmP/ppZuOPBJ1GpSOn7zsnVx24YtiPcDZrj+ YUjh6n17Zw8+S5W0iBktXBCPEB1kTJoYrshYlemCQBr3hRkVUM36o4GOHj6WuI8cXccW CDMV+cTQ990sIrt0eeNnXJOMEyWc5D8KRzPe+PYGYzOIy+hsywZhsjj3ludJSwxJuDLG n6oFIfmNEC92cSM39uOw0uez7PUBtgCBeAb9vFXR43WFf6FtBUD+uy+nFG7pDnGKvOIN 3Xrnss5MPdx/WGqfwQI7jNLdiDOJ2yg2UE0YkTSi3KD0OQn5t3BCToxpS93SA/fxFc7e Gsnw== X-Gm-Message-State: AOJu0Yx+/lwfs/GiWTIw82m5GZxZwNYtUdUyA7y27xvTU+iC8gmURYK6 SZ1TYVs1uhGpy+WTB828h5F8BHWKJ4Xl9/5N5XU= X-Google-Smtp-Source: AGHT+IGItZp8ShiPpr+SEKrtAD0HYHM4V+S6Q6ED42bIXI7wDq5H4kINRjFLVIFsHjIl9lbXkurjfw== X-Received: by 2002:a05:6a20:72a5:b0:17b:1f75:e3f2 with SMTP id o37-20020a056a2072a500b0017b1f75e3f2mr4056119pzk.39.1697644126612; Wed, 18 Oct 2023 08:48:46 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id o14-20020a17090ab88e00b002636dfcc6f5sm43268pjr.3.2023.10.18.08.48.45 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 18 Oct 2023 08:48:46 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 06/10] binutils: CVE-2022-48063 Date: Wed, 18 Oct 2023 05:48:25 -1000 Message-Id: <80a8d16a4038868469b4583404b6f73e12bae0f1.1697642997.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 18 Oct 2023 15:48:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/189405 From: Armin Kuster Source: Binutils MR: 128800 Type: Security Fix Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=75393a2d54bcc40053e5262a3de9d70c5ebfbbfd ChangeID: ab04e4ec62d054c90d94f82230adb2342ce1ee1b Description: Affects binutils < 2.40 Signed-off-by: Armin Kuster Signed-off-by: Steve Sakoman --- .../binutils/binutils-2.38.inc | 1 + .../binutils/binutils/CVE-2022-48063.patch | 48 +++++++++++++++++++ 2 files changed, 49 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2022-48063.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc index c25b49f8b0..60a0c04412 100644 --- a/meta/recipes-devtools/binutils/binutils-2.38.inc +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc @@ -65,5 +65,6 @@ SRC_URI = "\ file://0031-CVE-2022-45703-1.patch \ file://0031-CVE-2022-45703-2.patch \ file://0031-CVE-2022-47695.patch \ + file://CVE-2022-48063.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2022-48063.patch b/meta/recipes-devtools/binutils/binutils/CVE-2022-48063.patch new file mode 100644 index 0000000000..ea2e030503 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2022-48063.patch @@ -0,0 +1,48 @@ +From 75393a2d54bcc40053e5262a3de9d70c5ebfbbfd Mon Sep 17 00:00:00 2001 +From: Nick Clifton +Date: Wed, 21 Dec 2022 11:51:23 +0000 +Subject: [PATCH] Fix an attempt to allocate an unreasonably large amount of + memory when parsing a corrupt ELF file. + + PR 29924 + * objdump.c (load_specific_debug_section): Check for excessively + large sections. + +Upstream-Status: Backport +CVE: CVE-2022-48063 +Signed-off-by: Armin Kuster + +--- + binutils/ChangeLog | 6 ++++++ + binutils/objdump.c | 4 +++- + 2 files changed, 9 insertions(+), 1 deletion(-) + +Index: git/binutils/objdump.c +=================================================================== +--- git.orig/binutils/objdump.c ++++ git/binutils/objdump.c +@@ -3768,7 +3768,9 @@ load_specific_debug_section (enum dwarf_ + section->size = bfd_section_size (sec); + /* PR 24360: On 32-bit hosts sizeof (size_t) < sizeof (bfd_size_type). */ + alloced = amt = section->size + 1; +- if (alloced != amt || alloced == 0) ++ if (alloced != amt ++ || alloced == 0 ++ || (bfd_get_size (abfd) != 0 && alloced >= bfd_get_size (abfd))) + { + section->start = NULL; + free_debug_section (debug); +Index: git/binutils/ChangeLog +=================================================================== +--- git.orig/binutils/ChangeLog ++++ git/binutils/ChangeLog +@@ -1,3 +1,9 @@ ++2022-12-21 Nick Clifton ++ ++ PR 29924 ++ * objdump.c (load_specific_debug_section): Check for excessively ++ large sections. ++ + 2022-03-23 Nick Clifton + + Import patch from mainline: From patchwork Wed Oct 18 15:48:26 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 32537 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9F650CDB47E for ; Wed, 18 Oct 2023 15:48:57 +0000 (UTC) Received: from mail-pg1-f177.google.com (mail-pg1-f177.google.com [209.85.215.177]) by mx.groups.io with SMTP id smtpd.web11.284621.1697644129275593213 for ; Wed, 18 Oct 2023 08:48:49 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=Z5CTezRD; spf=softfail (domain: sakoman.com, ip: 209.85.215.177, mailfrom: steve@sakoman.com) Received: by mail-pg1-f177.google.com with SMTP id 41be03b00d2f7-5ab53b230f1so3532342a12.3 for ; Wed, 18 Oct 2023 08:48:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1697644128; x=1698248928; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=mabIy/ymNkokD6kIuhebKhWh6k8I11WJO1QP6wwDjpI=; b=Z5CTezRDszl/Q/vIEcmdkIZo9lLypzVMqwnYn2/zFEaZ4BzGOgUWUomzl7Myy95MAR EZvSjZqXbo46r1bPjH+Mu0QofqfcqOCjtlYXc0nLiw76w885NuRzjTCzAozjJOkeRtpZ dmHAH+qkLlrD/vtAfg3D5VRDbKihB1WroOE5mwgY4fRTTgTUGiQVkcg339EVk8Nja7YJ PDvHHbKRxBzP9DE7n2qAcfQSgVN7EyLw3sHpCTczY9v296jlBdbPEjRydtdnu1HskmI4 0PdAuDmujt5rmnNsAN1xdAQiQIrdeNAohR4rXznCmTnjomp5KYVApPA7TnCIhx9gUXa5 UZog== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697644128; x=1698248928; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=mabIy/ymNkokD6kIuhebKhWh6k8I11WJO1QP6wwDjpI=; b=CPcdt9m57cFcOWvqx8sNAdztrHuHnKDikgXU2kcP1OmdxXagfjMjb6DUhOuU2g3UPd cKm5jtfUg3TWMLud4uKOWOtkN7iahAUNbcdA6TJXydS48a1Zek/GXf6Ijth0qsLCWUD3 n5kd7LZ1volsQrgVlF8mrZ1+B0W0k47zzqlvrTv5DxqWmMsVP3HPEm1qJPQKW89qNACj KqjwhTtz3AYOVTmAIt+Dc1vFW54ZQVHOzqyHyQ1lhCZr/OMOZVHDJ6V35fdcgay62o5m ev1uCJ349ACp0DZQ7+3LUey6rxcxiAQEfoOOgi4n8+73HhJBZphBAHKaIFxBUuSpAKJ/ khpw== X-Gm-Message-State: AOJu0YyG89S8KagESpTvdlJW0zaPfWMYIRJjYqK3yTfJDkIAjTacLRIE 26uWUoMz5VqhX9bpEF8aKBt7Eeu/0q78NJ7yEBc= X-Google-Smtp-Source: AGHT+IHFEHfwnnI9hLt2jgtrRpgClnRXsJt2zwAm2SVXOdpo6Bzrm35xvnUSYsKW7on1+ks86xEDjg== X-Received: by 2002:a17:90a:d808:b0:27d:7ebe:2ee with SMTP id a8-20020a17090ad80800b0027d7ebe02eemr5287353pjv.39.1697644128336; Wed, 18 Oct 2023 08:48:48 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id o14-20020a17090ab88e00b002636dfcc6f5sm43268pjr.3.2023.10.18.08.48.47 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 18 Oct 2023 08:48:48 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 07/10] libtiff: Add fix for tiffcrop CVE-2023-1916 Date: Wed, 18 Oct 2023 05:48:26 -1000 Message-Id: <4d3e7f9a157e56a4a8ffb4d16fd6401a22851307.1697642997.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 18 Oct 2023 15:48:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/189406 From: Hitendra Prajapati Add fix for tiffcrop tool CVE-2023-1916 [1]. A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff versions 4.x. The tool is no longer part of newer libtiff distributions, hence the fix is rejected by upstream in [2]. The backport is still applicable to older versions of libtiff, pick the CVE fix from ubuntu 20.04 [3]. [1] https://nvd.nist.gov/vuln/detail/CVE-2023-1916 [2] https://gitlab.com/libtiff/libtiff/-/merge_requests/535 [3] https://packages.ubuntu.com/source/focal-updates/tiff Signed-off-by: Marek Vasut Upstream-Status: Backport from https://gitlab.com/libtiff/libtiff/-/commit/848434a81c443f59ec90d41218eba6e48a450a11 && https://gitlab.com/libtiff/libtiff/-/merge_requests/535 Signed-off-by: Hitendra Prajapati Signed-off-by: Steve Sakoman --- .../libtiff/tiff/CVE-2023-1916.patch | 99 +++++++++++++++++++ meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 1 + 2 files changed, 100 insertions(+) create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-1916.patch diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2023-1916.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-1916.patch new file mode 100644 index 0000000000..6722781a3a --- /dev/null +++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-1916.patch @@ -0,0 +1,99 @@ +From 848434a81c443f59ec90d41218eba6e48a450a11 Mon Sep 17 00:00:00 2001 +From: zhailiangliang +Date: Thu, 16 Mar 2023 16:16:54 +0800 +Subject: [PATCH] Fix heap-buffer-overflow in function extractImageSection + +CVE: CVE-2023-1916 +Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/848434a81c443f59ec90d41218eba6e48a450a11 https://gitlab.com/libtiff/libtiff/-/merge_requests/535] +Signed-off-by: Marek Vasut +Signed-off-by: Hitendra Prajapati +--- + tools/tiffcrop.c | 44 ++++++++++++++++++++++++++++++++++++++++---- + 1 file changed, 40 insertions(+), 4 deletions(-) + +diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c +index 05ba4d2..8a08536 100644 +--- a/tools/tiffcrop.c ++++ b/tools/tiffcrop.c +@@ -5700,6 +5700,15 @@ getCropOffsets(struct image_data *image, struct crop_mask *crop, struct dump_opt + crop->combined_width += (uint32_t)zwidth; + else + crop->combined_width = (uint32_t)zwidth; ++ ++ /* When the degrees clockwise rotation is 90 or 270, check the boundary */ ++ if (((crop->rotation == 90) || (crop->rotation == 270)) ++ && ((crop->combined_length > image->width) || (crop->combined_width > image->length))) ++ { ++ TIFFError("getCropOffsets", "The crop size exceeds the image boundary size"); ++ return -1; ++ } ++ + break; + case EDGE_BOTTOM: /* width from left, zones from bottom to top */ + zwidth = offsets.crop_width; +@@ -5735,6 +5744,15 @@ getCropOffsets(struct image_data *image, struct crop_mask *crop, struct dump_opt + else + crop->combined_length = (uint32_t)zlength; + crop->combined_width = (uint32_t)zwidth; ++ ++ /* When the degrees clockwise rotation is 90 or 270, check the boundary */ ++ if (((crop->rotation == 90) || (crop->rotation == 270)) ++ && ((crop->combined_length > image->width) || (crop->combined_width > image->length))) ++ { ++ TIFFError("getCropOffsets", "The crop size exceeds the image boundary size"); ++ return -1; ++ } ++ + break; + case EDGE_RIGHT: /* zones from right to left, length from top */ + zlength = offsets.crop_length; +@@ -5772,6 +5790,15 @@ getCropOffsets(struct image_data *image, struct crop_mask *crop, struct dump_opt + crop->combined_width += (uint32_t)zwidth; + else + crop->combined_width = (uint32_t)zwidth; ++ ++ /* When the degrees clockwise rotation is 90 or 270, check the boundary */ ++ if (((crop->rotation == 90) || (crop->rotation == 270)) ++ && ((crop->combined_length > image->width) || (crop->combined_width > image->length))) ++ { ++ TIFFError("getCropOffsets", "The crop size exceeds the image boundary size"); ++ return -1; ++ } ++ + break; + case EDGE_TOP: /* width from left, zones from top to bottom */ + default: +@@ -5818,7 +5845,16 @@ getCropOffsets(struct image_data *image, struct crop_mask *crop, struct dump_opt + else + crop->combined_length = (uint32_t)zlength; + crop->combined_width = (uint32_t)zwidth; +- break; ++ ++ /* When the degrees clockwise rotation is 90 or 270, check the boundary */ ++ if (((crop->rotation == 90) || (crop->rotation == 270)) ++ && ((crop->combined_length > image->width) || (crop->combined_width > image->length))) ++ { ++ TIFFError("getCropOffsets", "The crop size exceeds the image boundary size"); ++ return -1; ++ } ++ ++ break; + } /* end switch statement */ + + buffsize = (uint32_t) +@@ -7016,9 +7052,9 @@ extractImageSection(struct image_data *image, struct pageseg *section, + * regardless of the way the data are organized in the input file. + * Furthermore, bytes and bits are arranged in buffer according to COMPRESSION=1 and FILLORDER=1 + */ +- img_rowsize = (((img_width * spp * bps) + 7) / 8); /* row size in full bytes of source image */ +- full_bytes = (sect_width * spp * bps) / 8; /* number of COMPLETE bytes per row in section */ +- trailing_bits = (sect_width * spp * bps) % 8; /* trailing bits within the last byte of destination buffer */ ++ img_rowsize = (((img_width * spp * bps) + 7) / 8); /* row size in full bytes of source image */ ++ full_bytes = (sect_width * spp * bps) / 8; /* number of COMPLETE bytes per row in section */ ++ trailing_bits = (sect_width * spp * bps) % 8; /* trailing bits within the last byte of destination buffer */ + + #ifdef DEVELMODE + TIFFError ("", "First row: %"PRIu32", last row: %"PRIu32", First col: %"PRIu32", last col: %"PRIu32"\n", +-- +2.25.1 + diff --git a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb index 9e1e6fa099..8ef98fe5d0 100644 --- a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb +++ b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb @@ -44,6 +44,7 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \ file://CVE-2023-3618-2.patch \ file://CVE-2023-26966.patch \ file://CVE-2022-40090.patch \ + file://CVE-2023-1916.patch \ " SRC_URI[sha256sum] = "0e46e5acb087ce7d1ac53cf4f56a09b221537fc86dfc5daaad1c2e89e1b37ac8" From patchwork Wed Oct 18 15:48:27 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 32539 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id AC7A2CDB483 for ; Wed, 18 Oct 2023 15:48:57 +0000 (UTC) Received: from mail-pj1-f53.google.com (mail-pj1-f53.google.com [209.85.216.53]) by mx.groups.io with SMTP id smtpd.web10.285070.1697644130879941195 for ; Wed, 18 Oct 2023 08:48:50 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=Q5l8jksW; spf=softfail (domain: sakoman.com, ip: 209.85.216.53, mailfrom: steve@sakoman.com) Received: by mail-pj1-f53.google.com with SMTP id 98e67ed59e1d1-27d113508bfso5695975a91.3 for ; Wed, 18 Oct 2023 08:48:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1697644130; x=1698248930; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=TxKwC4Ku27niSg9IFK7y1cAxfozYfpzj675QBWW+OdU=; b=Q5l8jksWLUQ8668LCGPUS8FmDmZXzk0iehOmCuS9xgZfpjoz/GQ6Ag3O8/vsfs7sKX DDTaT7G6vyXjbCtsAE1hBsgS/6+t3NiOGje+9bWNdF7cRbzMiO17LgVNuV8E9NbPqDH9 DwpbNZgxxxiXezipmXknMaaez+ncJtQe3e75O6/v2cXNiulm7ix5/m81Q1Et9DgbVWPe tly7jPWMJ7hddiRgCzVVudrqrkvLbBHtKeu1iVYUQNAKcICXaouqJLz/Rv56GTqmAHHY BzXROCr3fVR/Z0eLHfzmxs+EW3SZM6rTxHIzqV+XNFQchnTtXmncYz4pWLKr0RgTmgPG ZwgQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697644130; x=1698248930; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=TxKwC4Ku27niSg9IFK7y1cAxfozYfpzj675QBWW+OdU=; b=NGXeIA1apRwXD84/pEDrXQ+QVeExGu/hOx4wfe8BfS3o83tZ5obz+rGUxVSb8Qtdvh ELPF/jmGlI+ZFrvVeINtM/Kbi7doTCmc0exTdkfGVWIdA2hy2E+mudyXZCIcS45VHZmd vaLzRLdshOfE6r9UeMDGzn+PRulggwMnANqhVpD5+cOidLvFZ4pewoqAUcl8ZrI2MXis j/5olxO6uiUYIQEs4TweXQ5tGoe8SNuh564tatPeTW4QVbZWEr8r8s7I/2mq6RhdY08k oKRRAHCOWUqASRGsYv27kEsirlnwr5MqlcHScPxfYOaa6qDG4r8a16FAvyEXte7mJx6f BMIw== X-Gm-Message-State: AOJu0YxdseDOcZe2c1xSgHCP/rExxjLU9elKz8ZZ4c8cd6pkrfkUb73Z ystm5WwqLAEBPVvvdl9xNNEMTm/LjGjGAQju/5g= X-Google-Smtp-Source: AGHT+IGFkeeZfMb6PgnJz/ye8r9nvn0sAlRbLZ2K4zmv9L5NM+n70EQhjVkm2zTYglahSL58zXQjtQ== X-Received: by 2002:a17:90a:d98d:b0:261:685:95b6 with SMTP id d13-20020a17090ad98d00b00261068595b6mr5437037pjv.13.1697644129990; Wed, 18 Oct 2023 08:48:49 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id o14-20020a17090ab88e00b002636dfcc6f5sm43268pjr.3.2023.10.18.08.48.49 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 18 Oct 2023 08:48:49 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 08/10] tiff: Security fix for CVE-2023-40745 Date: Wed, 18 Oct 2023 05:48:27 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 18 Oct 2023 15:48:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/189407 From: Siddharth Doshi Upstream-Status: Backport from [https://gitlab.com/libtiff/libtiff/-/commit/4fc16f649fa2875d5c388cf2edc295510a247ee5] CVE: CVE-2023-40745 Signed-off-by: Siddharth Doshi Signed-off-by: Steve Sakoman --- .../libtiff/tiff/CVE-2023-40745.patch | 34 +++++++++++++++++++ meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 1 + 2 files changed, 35 insertions(+) create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-40745.patch diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2023-40745.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-40745.patch new file mode 100644 index 0000000000..cb4656fd46 --- /dev/null +++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-40745.patch @@ -0,0 +1,34 @@ +From 4fc16f649fa2875d5c388cf2edc295510a247ee5 Mon Sep 17 00:00:00 2001 +From: Arie Haenel +Date: Wed, 19 Jul 2023 19:34:25 +0000 +Subject: [PATCH] tiffcp: fix memory corruption (overflow) on hostile images + (fixes #591) + +Upstream-Status: Backport from [https://gitlab.com/libtiff/libtiff/-/commit/4fc16f649fa2875d5c388cf2edc295510a247ee5] +CVE: CVE-2023-40745 +Signed-off-by: Siddharth Doshi +--- + tools/tiffcp.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/tools/tiffcp.c b/tools/tiffcp.c +index 57eef90..34b6ef2 100644 +--- a/tools/tiffcp.c ++++ b/tools/tiffcp.c +@@ -1577,6 +1577,13 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer) + TIFFError(TIFFFileName(in), "Error, cannot handle that much samples per tile row (Tile Width * Samples/Pixel)"); + return 0; + } ++ ++ if ( (imagew - tilew * spp) > INT_MAX ){ ++ TIFFError(TIFFFileName(in), ++ "Error, image raster scan line size is too large"); ++ return 0; ++ } ++ + iskew = imagew - tilew*spp; + tilebuf = limitMalloc(tilesize); + if (tilebuf == 0) +-- +2.25.1 + diff --git a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb index 8ef98fe5d0..8dcd73273e 100644 --- a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb +++ b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb @@ -45,6 +45,7 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \ file://CVE-2023-26966.patch \ file://CVE-2022-40090.patch \ file://CVE-2023-1916.patch \ + file://CVE-2023-40745.patch \ " SRC_URI[sha256sum] = "0e46e5acb087ce7d1ac53cf4f56a09b221537fc86dfc5daaad1c2e89e1b37ac8" From patchwork Wed Oct 18 15:48:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 32538 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B270DCDB484 for ; Wed, 18 Oct 2023 15:48:57 +0000 (UTC) Received: from mail-pj1-f47.google.com (mail-pj1-f47.google.com [209.85.216.47]) by mx.groups.io with SMTP id smtpd.web10.285073.1697644132424493405 for ; Wed, 18 Oct 2023 08:48:52 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=VZGRG94c; spf=softfail (domain: sakoman.com, ip: 209.85.216.47, mailfrom: steve@sakoman.com) Received: by mail-pj1-f47.google.com with SMTP id 98e67ed59e1d1-27db9fdec0dso1780926a91.0 for ; Wed, 18 Oct 2023 08:48:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1697644131; x=1698248931; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=apcCQ6irbTInt81w6LvT9VW/z41JKltNcJSJZvC8Gp8=; b=VZGRG94cJULnX0BXK0gjuA2dh3GchET0Eq4/CIXW/kuuf9L17pUGtflgT1JQePZMnx 9NjXg2A+eFH38X3m/q9ZxBtjKBhrdABjh0iD3a/dvfIX3q9ZzAjdpS/FEuuuhIXwVbAR ZR2dumw1zu251jJsu8twOT5e2kE+Xb2DpLLCgxI4RgTldte6aTtEsmMj8PulivWinIj0 Shie7KYjAt8CwcOc2/aQlfnMEfH8JrU6UzFj0fPs4aisZhSzTOOxBtiLEFGh/VH94kxI BEU4JUplG2TJ5LUVn8EPKfB5ANUePutudWAH9TXMH/oWU6E0Dc83efIJB7ylztsISY3N FFdw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697644131; x=1698248931; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=apcCQ6irbTInt81w6LvT9VW/z41JKltNcJSJZvC8Gp8=; b=Q6Gb27j68HfXSRuKiDIZHIrhlO6/w/zAgn3VAx1fUmm36fGcTCgFdHhkrkguJ5jpAc 56arbZa4k0mSfsIXmvtSVjGE1R/jso0yCNIF2nx15PMBQoZgEc4avMRLP9lbVMo+PTcw XfQbNa852KEjZZa1QKJNQyhylHtGnpsyaiQ6sBIQoKcp8jggtDDk5uBGynWYVTo48kFx wgtSNdTYnphoeUbMsJUyXtmUOa/Nhp0Qz69Ahyc+ki5fVohfjgr2KZlPNFsDeI3tdkS1 l9H5qQ5lzRQ7dBuAstcD1xevc+D6BnI7RxJvc9szesVdoQgRlCpwKm7vW76YNvzSmz82 WeKw== X-Gm-Message-State: AOJu0Yw+Ws4sNkgux/7lAT3T/kVW2mdUaLTtp69gJQnMrwuRYiH6hJMS NCuqALBkMkmoeq6ThMAT9dPnyiiFxoWdSdMGcHI= X-Google-Smtp-Source: AGHT+IGchTPHEdgXVlAyvG+41OXbPHTNLyWjryM/1bel94eGVGrAZY2EerynXcr7enT77VLnpg+9eA== X-Received: by 2002:a17:90a:f003:b0:27d:b3d:5c33 with SMTP id bt3-20020a17090af00300b0027d0b3d5c33mr6067840pjb.28.1697644131650; Wed, 18 Oct 2023 08:48:51 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id o14-20020a17090ab88e00b002636dfcc6f5sm43268pjr.3.2023.10.18.08.48.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 18 Oct 2023 08:48:51 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 09/10] libxpm: upgrade to 3.5.17 Date: Wed, 18 Oct 2023 05:48:28 -1000 Message-Id: <1475a47239d77a368bcec69f12e5a63f8bebe14f.1697642997.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 18 Oct 2023 15:48:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/189408 From: Siddharth Doshi This release fixes the following CVEs: - CVE-2023-43788 - CVE-2023-43789 Signed-off-by: Ross Burton Signed-off-by: Siddharth Doshi Signed-off-by: Steve Sakoman --- .../xorg-lib/{libxpm_3.5.16.bb => libxpm_3.5.17.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-graphics/xorg-lib/{libxpm_3.5.16.bb => libxpm_3.5.17.bb} (88%) diff --git a/meta/recipes-graphics/xorg-lib/libxpm_3.5.16.bb b/meta/recipes-graphics/xorg-lib/libxpm_3.5.17.bb similarity index 88% rename from meta/recipes-graphics/xorg-lib/libxpm_3.5.16.bb rename to meta/recipes-graphics/xorg-lib/libxpm_3.5.17.bb index 28a775c5f4..7bc494a690 100644 --- a/meta/recipes-graphics/xorg-lib/libxpm_3.5.16.bb +++ b/meta/recipes-graphics/xorg-lib/libxpm_3.5.17.bb @@ -23,6 +23,6 @@ PACKAGES =+ "sxpm cxpm" FILES:cxpm = "${bindir}/cxpm" FILES:sxpm = "${bindir}/sxpm" -SRC_URI[sha256sum] = "e6bc5da7a69dbd9bcc67e87c93d4904fe2f5177a0711c56e71fa2f6eff649f51" +SRC_URI[sha256sum] = "64b31f81019e7d388c822b0b28af8d51c4622b83f1f0cb6fa3fc95e271226e43" BBCLASSEXTEND = "native" From patchwork Wed Oct 18 15:48:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 32541 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B91F6CDB487 for ; Wed, 18 Oct 2023 15:48:57 +0000 (UTC) Received: from mail-pg1-f170.google.com (mail-pg1-f170.google.com [209.85.215.170]) by mx.groups.io with SMTP id smtpd.web11.284627.1697644134290191306 for ; Wed, 18 Oct 2023 08:48:54 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=Ud2gXZnu; spf=softfail (domain: sakoman.com, ip: 209.85.215.170, mailfrom: steve@sakoman.com) Received: by mail-pg1-f170.google.com with SMTP id 41be03b00d2f7-564b6276941so5231546a12.3 for ; Wed, 18 Oct 2023 08:48:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1697644133; x=1698248933; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=eXTTH8U2qi1QBzD5T70FdUHBcrQbWboHh7ZJhxxXkyE=; b=Ud2gXZnup1j63IcBzLaKQZGgTHOXCL+NoEUL0Vj97R+hukvs2bh3IaOB7ieY24aGae wKpTYD64VvZSSLvzDiBI2igWVvz+c40LxDHybjHIMzF1LwB0cT4aoDCydjhJNxtNH3vE f5ewOnIjOPfAK1l0UMIVrayLuwf3asPtcK8H/ctPTdmvmc1ldDLK3k2Td1pUcfHeBqXo l7/2iwMtY6SGlooDXBlLmgZmh5Oqk+aXFqqBdV4MuW5kFWtJ6/yy2lE4m+MwniOKkaek U8IKX9ChyOEj/mBxeC5mgUgx13wGyuYaD/SEoWQHKBgDhmXVMHnQc85zy2BGMrdP9eDp /aSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697644133; x=1698248933; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=eXTTH8U2qi1QBzD5T70FdUHBcrQbWboHh7ZJhxxXkyE=; b=VkQxKs8HRG1zHteuaawWwfliE4GCPeOf8d12nWEQGnMENPjBtmsus4fvdPyqtHTZK8 jaCC6wFhgQLlyoWDZF2tIHTEIPVQxfAzywmKL/4EnDYw3gYubbBr8LMzRAblj6PJMsPf gExvuMZfLEmJNAJozefJAhnrEvthlqt1aG4uuCFa2JEOJT4psv8jOaH0+thuKK5QFaA1 NznaI6EAO141EzbzGBnlX+Hd8aA054x5YpBpJI0We0Cr1yMUcm53hdWFMqZziiPKuLWX gKbQ+KNw1ufYyHBu4nL42NXdP8kY4zW8xZ6W90oIv7ztQvFV4wNfNVIS8hJsHqo+05dZ JUvA== X-Gm-Message-State: AOJu0Yx+EAoBTlKMjINakZzcN9C+/7hKFup/6x5MuqJAqTPjrwRS5+3k i6YX7WXnAsoKNmO46EL6DbcdHHLHTT1CnSaK5Bo= X-Google-Smtp-Source: AGHT+IE4DBq8sZVIAEXgCa5ahFAIipt52q8+qhp+lTAOP+jmET8CPjzYQbxNM3AgycOIG1qgppuMiw== X-Received: by 2002:a17:90b:a0c:b0:27d:5693:7340 with SMTP id gg12-20020a17090b0a0c00b0027d56937340mr5171616pjb.24.1697644133392; Wed, 18 Oct 2023 08:48:53 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-234-106-30.hawaiiantel.net. [72.234.106.30]) by smtp.gmail.com with ESMTPSA id o14-20020a17090ab88e00b002636dfcc6f5sm43268pjr.3.2023.10.18.08.48.52 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 18 Oct 2023 08:48:53 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 10/10] uboot-extlinux-config.bbclass: fix missed override syntax migration Date: Wed, 18 Oct 2023 05:48:29 -1000 Message-Id: <5570e49791b770271f176a4deeb5f6f1a028cb4a.1697642997.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 18 Oct 2023 15:48:57 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/189409 From: Quentin Schulz uboot-extlinux-config allows to specify multiple "labels" (entries in a menu, à-la grub) and each of them have their own values for some fields. Each "base" variable, e.g. UBOOT_EXTLINUX_FDT can be overridden for each label. This is done via the OVERRIDES mechanism based on the label name, e.g. UBOOT_EXTLINUX_FDT:linux if linux is a label. However, OVERRIDES doesn't contain the label globally because it's only necessary in one task. Therefore, the OVERRIDES itself is modified within the task. This means that the sigdata will not be told the dependency on UBOOT_EXTLINUX_FDT:linux, because it cannot know about it. For this reason, we need to explicitly specify which variables this task depends on via vardeps varflag for the task. This was done in the past, but we missed updating it during the override syntax migration so the cache wouldn't get invalidated if someone modifies UBOOT_EXTLINUX_FDT:linux from a configuration file or a bbappend for example. Let's fix this by migrating it to the new syntax. Signed-off-by: Quentin Schulz Signed-off-by: Richard Purdie (cherry picked from commit b4dd9d873508128adbbf5ff6cf0a3df3d2ffbcf6) Signed-off-by: Steve Sakoman --- meta/classes/uboot-extlinux-config.bbclass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/classes/uboot-extlinux-config.bbclass b/meta/classes/uboot-extlinux-config.bbclass index 5495ba0256..ba7a213ea2 100644 --- a/meta/classes/uboot-extlinux-config.bbclass +++ b/meta/classes/uboot-extlinux-config.bbclass @@ -152,7 +152,7 @@ python do_create_extlinux_config() { bb.fatal('Unable to open %s' % (cfile)) } UBOOT_EXTLINUX_VARS = "CONSOLE MENU_DESCRIPTION ROOT KERNEL_IMAGE FDTDIR FDT KERNEL_ARGS INITRD" -do_create_extlinux_config[vardeps] += "${@' '.join(['UBOOT_EXTLINUX_%s_%s' % (v, l) for v in d.getVar('UBOOT_EXTLINUX_VARS').split() for l in d.getVar('UBOOT_EXTLINUX_LABELS').split()])}" +do_create_extlinux_config[vardeps] += "${@' '.join(['UBOOT_EXTLINUX_%s:%s' % (v, l) for v in d.getVar('UBOOT_EXTLINUX_VARS').split() for l in d.getVar('UBOOT_EXTLINUX_LABELS').split()])}" do_create_extlinux_config[vardepsexclude] += "OVERRIDES" addtask create_extlinux_config before do_install do_deploy after do_compile