From patchwork Wed Nov 22 02:30:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 34990 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5983EC61D92 for ; Wed, 22 Nov 2023 02:31:24 +0000 (UTC) Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com [209.85.210.180]) by mx.groups.io with SMTP id smtpd.web10.10870.1700620281811977523 for ; Tue, 21 Nov 2023 18:31:21 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=W8YVjL7M; spf=softfail (domain: sakoman.com, ip: 209.85.210.180, mailfrom: steve@sakoman.com) Received: by mail-pf1-f180.google.com with SMTP id d2e1a72fcca58-6cb66f23eddso2584091b3a.0 for ; Tue, 21 Nov 2023 18:31:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1700620280; x=1701225080; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Rp7DNsdY3FhCu/a6jK8wYb0TrBEkteGl1T9PXPfDNgc=; b=W8YVjL7MmJxtXAvWx50rAS+fRUFqyqCkwiCPuqiZYgKb93aCsjJhxFsIR8+NY/upEZ LN7j3P1jn1QXvEphYxNLErl+spiFZ7zMAzQ3FI7iUPkhSqbTq+wMD1OGH312o09DSJKD qlk6y/xNZK6cP5vI6Lx6zKOnLkR6GyHNW6w7H0d2prn80cB+66DzobAKKwSZzd1l7we9 D/v0rukmTXpjSaFP5HuhVrFYUYWO5Dz7vgFoDIcA1FD0iKAvBWOqYcZsyN5ceYxHL41R bYtB7VU4mrpzD268dQrwQ5Ya3AC4cAYxxUan8AoU5425AZpt3mQelSUdmtmIv2ouCWNx YC0w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700620280; x=1701225080; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Rp7DNsdY3FhCu/a6jK8wYb0TrBEkteGl1T9PXPfDNgc=; b=r1crl5m3Eam7yUmgYszC3PD6ZAnW0EGjmdkNJCL2kfhiGJraRHHqofdkaYqohHsgme 5J34XXXp4brW+toaYnmtBKgfpn8CUoiaSRKkuk+vtgXBtmxBvx47HVUL9nAh1khkN2W3 jZVRzDFriVZ+x1UcM7LReuKNuiG3pruRd15IDZsEQRvHJw5DbxIX4xj4e+lAjuV9vU+5 h1hckN/iuXPpMwfmeuivUjQSLigNkgjTVzddaxF1mu0glzHQ5Ibq/XllyQ+nsEZZJRgh oS+vWtvXICHnE6GXhzQUt7fBbIlbDcpBAzibufH/jgc4xYwM77kNw36KCXmXtgnBvlcU qCOg== X-Gm-Message-State: AOJu0YzvE3khGechOBPyJX78pnN8jjYSunGgtRm5LFaxp9Dh5Tg0LV3F UomjEFQ0XmkIKDkKEdlrATvKfeloflU/gJ9Kfimhjw== X-Google-Smtp-Source: AGHT+IH5gE+BuGzlw/NAO1XzZErfx/rPfCDnQCPogRJ1okdfQ9lG0aSJWZ8g3aLQv1lmyW3RnM9FyA== X-Received: by 2002:a05:6a20:1593:b0:187:e646:4faf with SMTP id h19-20020a056a20159300b00187e6464fafmr1174491pzj.14.1700620280371; Tue, 21 Nov 2023 18:31:20 -0800 (PST) Received: from hexa.lan (dhcp-72-234-108-41.hawaiiantel.net. [72.234.108.41]) by smtp.gmail.com with ESMTPSA id d11-20020a056a00198b00b006cb9a43ae4esm4384182pfl.215.2023.11.21.18.31.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 18:31:20 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 01/16] tiff: Backport fix for CVE-2023-41175 Date: Tue, 21 Nov 2023 16:30:58 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 22 Nov 2023 02:31:24 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/191000 From: Vijay Anusuri Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/6e2dac5f904496d127c92ddc4e56eccfca25c2ee] Reference: https://security-tracker.debian.org/tracker/CVE-2023-41175 Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../libtiff/tiff/CVE-2023-41175.patch | 69 +++++++++++++++++++ meta/recipes-multimedia/libtiff/tiff_4.3.0.bb | 1 + 2 files changed, 70 insertions(+) create mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2023-41175.patch diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2023-41175.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-41175.patch new file mode 100644 index 0000000000..06645bed68 --- /dev/null +++ b/meta/recipes-multimedia/libtiff/tiff/CVE-2023-41175.patch @@ -0,0 +1,69 @@ +From 6e2dac5f904496d127c92ddc4e56eccfca25c2ee Mon Sep 17 00:00:00 2001 +From: Arie Haenel +Date: Wed, 19 Jul 2023 19:40:01 +0000 +Subject: [PATCH] raw2tiff: fix integer overflow and bypass of the check (fixes #592) + +Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/-/commit/6e2dac5f904496d127c92ddc4e56eccfca25c2ee] +CVE: CVE-2023-41175 +Signed-off-by: Vijay Anusuri +--- + tools/raw2tiff.c | 29 +++++++++++++++++++++++++++++ + 1 file changed, 29 insertions(+) + +diff --git a/tools/raw2tiff.c b/tools/raw2tiff.c +index dfee715..253c023 100644 +--- a/tools/raw2tiff.c ++++ b/tools/raw2tiff.c +@@ -36,6 +36,7 @@ + #include + #include + #include ++#include + + #ifdef HAVE_UNISTD_H + # include +@@ -101,6 +102,7 @@ main(int argc, char* argv[]) + int fd; + char *outfilename = NULL; + TIFF *out; ++ uint32_t temp_limit_check = 0; /* temp for integer overflow checking*/ + + uint32_t row, col, band; + int c; +@@ -212,6 +214,33 @@ main(int argc, char* argv[]) + if (guessSize(fd, dtype, hdr_size, nbands, swab, &width, &length) < 0) + return EXIT_FAILURE; + ++ /* check for integer overflow in */ ++ /* hdr_size + (*width) * (*length) * nbands * depth */ ++ ++ if ((width == 0) || (length == 0) ){ ++ fprintf(stderr, "Too large nbands value specified.\n"); ++ return (EXIT_FAILURE); ++ } ++ ++ temp_limit_check = nbands * depth; ++ ++ if ( !temp_limit_check || length > ( UINT_MAX / temp_limit_check ) ) { ++ fprintf(stderr, "Too large length size specified.\n"); ++ return (EXIT_FAILURE); ++ } ++ temp_limit_check = temp_limit_check * length; ++ ++ if ( !temp_limit_check || width > ( UINT_MAX / temp_limit_check ) ) { ++ fprintf(stderr, "Too large width size specified.\n"); ++ return (EXIT_FAILURE); ++ } ++ temp_limit_check = temp_limit_check * width; ++ ++ if ( !temp_limit_check || hdr_size > ( UINT_MAX - temp_limit_check ) ) { ++ fprintf(stderr, "Too large header size specified.\n"); ++ return (EXIT_FAILURE); ++ } ++ + if (outfilename == NULL) + outfilename = argv[optind+1]; + out = TIFFOpen(outfilename, "w"); +-- +2.25.1 + diff --git a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb index e925b7d652..11e3818c69 100644 --- a/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb +++ b/meta/recipes-multimedia/libtiff/tiff_4.3.0.bb @@ -46,6 +46,7 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \ file://CVE-2022-40090.patch \ file://CVE-2023-1916.patch \ file://CVE-2023-40745.patch \ + file://CVE-2023-41175.patch \ " SRC_URI[sha256sum] = "0e46e5acb087ce7d1ac53cf4f56a09b221537fc86dfc5daaad1c2e89e1b37ac8" From patchwork Wed Nov 22 02:30:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 34991 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 69AFAC61D85 for ; Wed, 22 Nov 2023 02:31:24 +0000 (UTC) Received: from mail-il1-f175.google.com (mail-il1-f175.google.com [209.85.166.175]) by mx.groups.io with SMTP id smtpd.web10.10871.1700620283544698419 for ; Tue, 21 Nov 2023 18:31:23 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=dhsS51Ax; spf=softfail (domain: sakoman.com, ip: 209.85.166.175, mailfrom: steve@sakoman.com) Received: by mail-il1-f175.google.com with SMTP id e9e14a558f8ab-3574297c79eso22474395ab.1 for ; Tue, 21 Nov 2023 18:31:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1700620282; x=1701225082; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=1rKm4xhR+Sufw+tn0LMDAF8GZBM23fJVr/CUedmE484=; b=dhsS51AxVEdq5jhxnJvS2pn9WnAhEmuT9BgdioEy8Hoi9B8986F3bCDKi0B6eAiTjS zB9AV7fGdtiYPVSV5C+IOnt88+Fzy7n2lvKuxAZsMCzesJwp+CG7EK2nbcPELkuWXhhT rdHoWYEk6LoMEJ8DFZ0igVZ8L11ziiTgXX7otlcixi66DCjbuewp5URlUueEukIkist4 NgLfgXFZr5ZJSpf/Lrbe3Ta7asndiHa81xrZkAWyjdVgYdtX3j48wl6UO2fVUoavfi0p fQCdaJa6hO4YSuRw75subtIHnvLmMmXOO5MEfmkA8b6QESzq0I2mW9VcvwwwmA2HwC8j MwKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700620282; x=1701225082; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=1rKm4xhR+Sufw+tn0LMDAF8GZBM23fJVr/CUedmE484=; b=QM3COkU6scv9N7xVTaAb3KiTBuHfOED4df5H5sr8ZExpmwqvHpVFKdoXPySDhGheTV XbRwLSCQVKJz55RFLn5s5gJnQPWSJjgpKZXJn0Ld7FDwSK4a7LG8WCR/muARMJ1LRV0t 1jeq0JzJ0SiW8y7nuFl9ipEDesLFy+ZG34z5jP9wRfjM6HLeuGSOzEs3UO8TT9MIZxTE VxgJkUOIJjiDLiJQQEmU9MhpRGvLGJ0wy1B0C6qenoPu3yDw6nOkaQYIdS/nIWSYsKAX 0vwasGPqZDBDPivw6D7EvvPGV2bhffgSYX2vFeg46bf4HQUqk76eorslus9mwl7GuZev OCeQ== X-Gm-Message-State: AOJu0YyJr1AenZ97cb1mHpOF66ymz2B9yCLgVjAGfXitXT1Dmr9j6qV4 StB+aVjTcjV6TLcLAqvK75kqLsLEQEsHSs07bPbKXg== X-Google-Smtp-Source: AGHT+IEzVnefs42/k9IzMfEKO94xd7DFkaagwKXi6xNT7wPpvxSztE3f/Q/3yd62YM9Ep6pO4MM3QQ== X-Received: by 2002:a92:c56f:0:b0:351:5acb:281 with SMTP id b15-20020a92c56f000000b003515acb0281mr1027338ilj.31.1700620281938; Tue, 21 Nov 2023 18:31:21 -0800 (PST) Received: from hexa.lan (dhcp-72-234-108-41.hawaiiantel.net. [72.234.108.41]) by smtp.gmail.com with ESMTPSA id d11-20020a056a00198b00b006cb9a43ae4esm4384182pfl.215.2023.11.21.18.31.21 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 18:31:21 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 02/16] grub: fix CVE-2023-4692 Date: Tue, 21 Nov 2023 16:30:59 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 22 Nov 2023 02:31:24 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/191001 From: Yogita Urade An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a result, arbitrary code execution and secure boot protection bypass may be achieved. References: https://nvd.nist.gov/vuln/detail/CVE-2023-4692 https://bugzilla.redhat.com/show_bug.cgi?id=2236613 Signed-off-by: Yogita Urade Signed-off-by: Steve Sakoman --- .../grub/files/CVE-2023-4692.patch | 97 +++++++++++++++++++ meta/recipes-bsp/grub/grub2.inc | 1 + 2 files changed, 98 insertions(+) create mode 100644 meta/recipes-bsp/grub/files/CVE-2023-4692.patch diff --git a/meta/recipes-bsp/grub/files/CVE-2023-4692.patch b/meta/recipes-bsp/grub/files/CVE-2023-4692.patch new file mode 100644 index 0000000000..4780e35b7a --- /dev/null +++ b/meta/recipes-bsp/grub/files/CVE-2023-4692.patch @@ -0,0 +1,97 @@ +From 43651027d24e62a7a463254165e1e46e42aecdea Mon Sep 17 00:00:00 2001 +From: Maxim Suhanov +Date: Thu, 16 Nov 2023 07:21:50 +0000 +Subject: [PATCH] fs/ntfs: Fix an OOB write when parsing the $ATTRIBUTE_LIST + attribute for the $MFT file + +When parsing an extremely fragmented $MFT file, i.e., the file described +using the $ATTRIBUTE_LIST attribute, current NTFS code will reuse a buffer +containing bytes read from the underlying drive to store sector numbers, +which are consumed later to read data from these sectors into another buffer. + +These sectors numbers, two 32-bit integers, are always stored at predefined +offsets, 0x10 and 0x14, relative to first byte of the selected entry within +the $ATTRIBUTE_LIST attribute. Usually, this won't cause any problem. + +However, when parsing a specially-crafted file system image, this may cause +the NTFS code to write these integers beyond the buffer boundary, likely +causing the GRUB memory allocator to misbehave or fail. These integers contain +values which are controlled by on-disk structures of the NTFS file system. + +Such modification and resulting misbehavior may touch a memory range not +assigned to the GRUB and owned by firmware or another EFI application/driver. + +This fix introduces checks to ensure that these sector numbers are never +written beyond the boundary. + +Fixes: CVE-2023-4692 + +Reported-by: Maxim Suhanov +Signed-off-by: Maxim Suhanov +Reviewed-by: Daniel Kiper + +CVE: CVE-2023-4692 +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=43651027d24e62a7a463254165e1e46e42aecdea] + +Signed-off-by: Yogita Urade +--- + grub-core/fs/ntfs.c | 18 +++++++++++++++++- + 1 file changed, 17 insertions(+), 1 deletion(-) + +diff --git a/grub-core/fs/ntfs.c b/grub-core/fs/ntfs.c +index 2f34f76..6009e49 100644 +--- a/grub-core/fs/ntfs.c ++++ b/grub-core/fs/ntfs.c +@@ -184,7 +184,7 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr) + } + if (at->attr_end) + { +- grub_uint8_t *pa; ++ grub_uint8_t *pa, *pa_end; + + at->emft_buf = grub_malloc (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR); + if (at->emft_buf == NULL) +@@ -209,11 +209,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr) + } + at->attr_nxt = at->edat_buf; + at->attr_end = at->edat_buf + u32at (pa, 0x30); ++ pa_end = at->edat_buf + n; + } + else + { + at->attr_nxt = at->attr_end + u16at (pa, 0x14); + at->attr_end = at->attr_end + u32at (pa, 4); ++ pa_end = at->mft->buf + (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR); + } + at->flags |= GRUB_NTFS_AF_ALST; + while (at->attr_nxt < at->attr_end) +@@ -230,6 +232,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr) + at->flags |= GRUB_NTFS_AF_GPOS; + at->attr_cur = at->attr_nxt; + pa = at->attr_cur; ++ ++ if ((pa >= pa_end) || (pa_end - pa < 0x18)) ++ { ++ grub_error (GRUB_ERR_BAD_FS, "can\'t parse attribute list"); ++ return NULL; ++ } ++ + grub_set_unaligned32 ((char *) pa + 0x10, + grub_cpu_to_le32 (at->mft->data->mft_start)); + grub_set_unaligned32 ((char *) pa + 0x14, +@@ -240,6 +249,13 @@ find_attr (struct grub_ntfs_attr *at, grub_uint8_t attr) + { + if (*pa != attr) + break; ++ ++ if ((pa >= pa_end) || (pa_end - pa < 0x18)) ++ { ++ grub_error (GRUB_ERR_BAD_FS, "can\'t parse attribute list"); ++ return NULL; ++ } ++ + if (read_attr + (at, pa + 0x10, + u32at (pa, 0x10) * (at->mft->data->mft_size << GRUB_NTFS_BLK_SHR), +-- +2.40.0 diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index c14fe315d3..aaee8a1e03 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc @@ -38,6 +38,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://loader-efi-chainloader-Simplify-the-loader-state.patch \ file://commands-boot-Add-API-to-pass-context-to-loader.patch \ file://CVE-2022-28736-loader-efi-chainloader-Use-grub_loader_set_ex.patch \ + file://CVE-2023-4692.patch \ " SRC_URI[sha256sum] = "23b64b4c741569f9426ed2e3d0e6780796fca081bee4c99f62aa3f53ae803f5f" From patchwork Wed Nov 22 02:31:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 34994 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 452B4C61D85 for ; Wed, 22 Nov 2023 02:31:34 +0000 (UTC) Received: from mail-pf1-f176.google.com (mail-pf1-f176.google.com [209.85.210.176]) by mx.groups.io with SMTP id smtpd.web11.10879.1700620284934449378 for ; Tue, 21 Nov 2023 18:31:25 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=y1LTUnx7; spf=softfail (domain: sakoman.com, ip: 209.85.210.176, mailfrom: steve@sakoman.com) Received: by mail-pf1-f176.google.com with SMTP id d2e1a72fcca58-6c4eb5fda3cso6332010b3a.2 for ; Tue, 21 Nov 2023 18:31:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1700620283; x=1701225083; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=EDiFvORmONOD8fWDavdTYhD1gSYE6d98pqm2IwZryJ0=; b=y1LTUnx74Cp8ooZP9aiTp0ijemYTbajfRVJb4rBafFPppyFOXt7ckQ7R+p+CoI9wRO gIp2q9EoF/aW8mcwDdNIxowAmy/XPKkvvSfqJcqIqoDIHMq1/5zX9oDaNr7XaejY3eMb EtPDZ0ATx27m3l8i1aUl5wb/AdmKxgLUqTQ6JsjHxzdsoCpYmYR4wo7rVMP8BItyleby qpJhOq9CmhQM9oYCIHU+n8NLXPoX122yVbVYqKhnSTDk7n0MZY1WRIxUvPStS+jbi3im WSyTzZ/396SHx10zHX3Xm/RYvmkkoTNGGkeR/hQwP7L4binuinlLXnmSKITMNDeXJL4X QU2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700620283; x=1701225083; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=EDiFvORmONOD8fWDavdTYhD1gSYE6d98pqm2IwZryJ0=; b=vpCY9O6O2FTMxjjhDB2dL/q+2EXUD15fyAMLIa249VLf4dzWhdZDpP1M/jEYLCXaRF wL/MayV1wWlXy0c879h8LWvkk4XtFN4B+vBUbrSEXswBFodEAZx+SPeEncfuZnwODbaR pAPlhmLuUzBntCNE/01R5jM1xLq6v2G5ThUyuCdamHxz9hShWWsDTYnQSNbqomV4TzLV BiG6uMxJMUnEitquJ66ZnjI/NfW+t3QkXEhNWQwTOed5GYsMMhX6ySUGwBqRv3jm8Fxv 4MC+PaEogw+vTWqsguCBj/vMxg3VI9I2FH+Yx1d2KEyIgOkOSfMrhuFqyt74UJEALmSu YgMg== X-Gm-Message-State: AOJu0YzPr7xghf63lBj8JgzOE1ow1nQBdfn8dSdqiDUjAI6uDasO5Wii 7I4hu3DbEsO2pzdjBGqmiYtcJYayyaaOwrfQe8pi4w== X-Google-Smtp-Source: AGHT+IHhhfIVzgSHvuR+gOKgLwk5v6oPsEsuQPl4Q+GelrarnLPBb3dEjUGpWoQZ+KxyxBguNpLV6w== X-Received: by 2002:a05:6a20:3954:b0:186:9a3f:f2c4 with SMTP id r20-20020a056a20395400b001869a3ff2c4mr950451pzg.47.1700620283483; Tue, 21 Nov 2023 18:31:23 -0800 (PST) Received: from hexa.lan (dhcp-72-234-108-41.hawaiiantel.net. [72.234.108.41]) by smtp.gmail.com with ESMTPSA id d11-20020a056a00198b00b006cb9a43ae4esm4384182pfl.215.2023.11.21.18.31.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 18:31:23 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 03/16] qemu 6.2.0: Fix CVE-2023-1544 Date: Tue, 21 Nov 2023 16:31:00 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 22 Nov 2023 02:31:34 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/191002 From: Niranjan Pradhan Upstream Repository: https://gitlab.com/qemu-project/qemu.git Bug Details: https://nvd.nist.gov/vuln/detail/CVE-2023-1544 Type: Security Fix CVE: CVE-2023-1544 Score: 6.3 Patch: https://gitlab.com/qemu-project/qemu/-/commit/85fc35afa93c Signed-off-by: Niranjan Pradhan Signed-off-by: Steve Sakoman --- meta/recipes-devtools/qemu/qemu.inc | 1 + .../qemu/qemu/CVE-2023-1544.patch | 70 +++++++++++++++++++ 2 files changed, 71 insertions(+) create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2023-1544.patch diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index 83bd5d7e67..c8e4e2e6f3 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc @@ -101,6 +101,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ file://CVE-2023-3354.patch \ file://CVE-2023-3180.patch \ file://CVE-2021-3638.patch \ + file://CVE-2023-1544.patch \ " UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar" diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2023-1544.patch b/meta/recipes-devtools/qemu/qemu/CVE-2023-1544.patch new file mode 100644 index 0000000000..b4781e1c18 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2023-1544.patch @@ -0,0 +1,70 @@ +From e7d6e37675e422cfab2fe8c6bd411d2097228760 Mon Sep 17 00:00:00 2001 +From: Yuval Shaia +Date: Wed, 1 Mar 2023 16:29:26 +0200 +Subject: [PATCH] hw/pvrdma: Protect against buggy or malicious guest driver + +Guest driver allocates and initialize page tables to be used as a ring +of descriptors for CQ and async events. +The page table that represents the ring, along with the number of pages +in the page table is passed to the device. +Currently our device supports only one page table for a ring. + +Let's make sure that the number of page table entries the driver +reports, do not exceeds the one page table size. + +CVE: CVE-2023-1544 +Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/85fc35afa93c] + +Reported-by: Soul Chen +Signed-off-by: Yuval Shaia +Fixes: CVE-2023-1544 +Message-ID: <20230301142926.18686-1-yuval.shaia.ml@gmail.com> +Signed-off-by: Thomas Huth +(cherry picked from commit 85fc35afa93c7320d1641d344d0c5dfbe341d087) +Signed-off-by: Niranjan Pradhan +--- + hw/rdma/vmw/pvrdma_main.c | 16 +++++++++++++++- + 1 file changed, 15 insertions(+), 1 deletion(-) + +diff --git a/hw/rdma/vmw/pvrdma_main.c b/hw/rdma/vmw/pvrdma_main.c +index 4fc6712025..55b338046e 100644 +--- a/hw/rdma/vmw/pvrdma_main.c ++++ b/hw/rdma/vmw/pvrdma_main.c +@@ -91,19 +91,33 @@ static int init_dev_ring(PvrdmaRing *ring, PvrdmaRingState **ring_state, + dma_addr_t dir_addr, uint32_t num_pages) + { + uint64_t *dir, *tbl; +- int rc = 0; ++ int max_pages, rc = 0; + + if (!num_pages) { + rdma_error_report("Ring pages count must be strictly positive"); + return -EINVAL; + } + ++ /* ++ * Make sure we can satisfy the requested number of pages in a single ++ * TARGET_PAGE_SIZE sized page table (taking into account that first entry ++ * is reserved for ring-state) ++ */ ++ max_pages = TARGET_PAGE_SIZE / sizeof(dma_addr_t) - 1; ++ if (num_pages > max_pages) { ++ rdma_error_report("Maximum pages on a single directory must not exceed %d\n", ++ max_pages); ++ return -EINVAL; ++ } ++ + dir = rdma_pci_dma_map(pci_dev, dir_addr, TARGET_PAGE_SIZE); + if (!dir) { + rdma_error_report("Failed to map to page directory (ring %s)", name); + rc = -ENOMEM; + goto out; + } ++ ++ /* We support only one page table for a ring */ + tbl = rdma_pci_dma_map(pci_dev, dir[0], TARGET_PAGE_SIZE); + if (!tbl) { + rdma_error_report("Failed to map to page table (ring %s)", name); +-- +2.35.6 + From patchwork Wed Nov 22 02:31:01 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 34995 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5F4B6C61D99 for ; Wed, 22 Nov 2023 02:31:34 +0000 (UTC) Received: from mail-pg1-f174.google.com (mail-pg1-f174.google.com [209.85.215.174]) by mx.groups.io with SMTP id smtpd.web11.10880.1700620286752575416 for ; Tue, 21 Nov 2023 18:31:26 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=f8uo0ZmB; spf=softfail (domain: sakoman.com, ip: 209.85.215.174, mailfrom: steve@sakoman.com) Received: by mail-pg1-f174.google.com with SMTP id 41be03b00d2f7-53fa455cd94so4191732a12.2 for ; Tue, 21 Nov 2023 18:31:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1700620285; x=1701225085; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=/HrqdG9xORZbbYqxsmNruMXBrHYi8m9uxkXmYMWa4LM=; b=f8uo0ZmBCc2zhE/u7GxF/76aW1mQgg+3pShcILXmKVgQp7Ypm4WmWZ6mVN1pgqbCfm eJbAVF94hxYhLYKV3q5xMbqcPp7Bo9ZPC/a1WpJsacwL99EXp1pc4xEpd27Zcny0jni2 ohwx8hRIOT36+ESKVZJbUgn9VdMpo6YT9n+OEUCw5xhf/XUH6ao+MxafCPk7dgP7g3DX F6gIRNlO0CjDoYhSpWQ5Uv4TuG2NEuhIxzRvwdJR2c+/Cw7kBg+FESH3tT9/OOoUe0Ul lsDC08nEJ9ZwCREdiGV2FCD/8GfBOoVCfIgwLZnQypItp0bISzN89X4B6dGtjhBKgWPM sJ0w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700620285; x=1701225085; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/HrqdG9xORZbbYqxsmNruMXBrHYi8m9uxkXmYMWa4LM=; b=arWAIetRQdWRNmw9qha0Hw+zXmrWPpPVjDB4izACVVydjoHm3G6BqQy12V6UNZSbfL 5PxM5JaH/WSBd9px1BNS5hcytrGA6HVK/RB30f+D2rME7pGwF7YI5o3INTfrTsIN7779 QrXkzM6VKHbUzX5UMS2dvh38PZYxYMb1RYoClrMxaksGJjHu5TjTsu8S98WzdZUBLioi 9giE9SCXzejXM7mEYbHQXelnyrGubfAjgK1jK7qoHPJixLCu58SnVG4PpvN/ONWevJq7 LqrDI4YF4/WrBq1rTw2bYfv29jiU3JmcpoLpH8nkcFkcOS7hSBRm6BBYUiZdzwZcSW8m OZlA== X-Gm-Message-State: AOJu0YwnMoPjQKzkqyhorVPEDpn4zl6We+C8r8MapDm9AXwlxOxqP1Xe 75+iFyge5SdA11Fy3wIp7MeTOlyAp7Mld2BE7C/ZyQ== X-Google-Smtp-Source: AGHT+IHt52vBDTYxTYCY4BA3gYJFCSVFhw+mWVuZ76RIZVHdbutxy28OMsdEKYFbbdMy1G5ltuSdVA== X-Received: by 2002:a05:6a20:e104:b0:18a:e455:a3ae with SMTP id kr4-20020a056a20e10400b0018ae455a3aemr1191818pzb.40.1700620285312; Tue, 21 Nov 2023 18:31:25 -0800 (PST) Received: from hexa.lan (dhcp-72-234-108-41.hawaiiantel.net. [72.234.108.41]) by smtp.gmail.com with ESMTPSA id d11-20020a056a00198b00b006cb9a43ae4esm4384182pfl.215.2023.11.21.18.31.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 18:31:25 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 04/16] avahi: fix CVE-2023-38471 Date: Tue, 21 Nov 2023 16:31:01 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 22 Nov 2023 02:31:34 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/191003 From: Meenali Gupta A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function. Signed-off-by: Meenali Gupta Signed-off-by: Steve Sakoman --- meta/recipes-connectivity/avahi/avahi_0.8.bb | 1 + .../avahi/files/CVE-2023-38471.patch | 73 +++++++++++++++++++ 2 files changed, 74 insertions(+) create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38471.patch diff --git a/meta/recipes-connectivity/avahi/avahi_0.8.bb b/meta/recipes-connectivity/avahi/avahi_0.8.bb index b5c966c102..ac04b42614 100644 --- a/meta/recipes-connectivity/avahi/avahi_0.8.bb +++ b/meta/recipes-connectivity/avahi/avahi_0.8.bb @@ -26,6 +26,7 @@ SRC_URI = "https://github.com/lathiat/avahi/releases/download/v${PV}/avahi-${PV} file://0001-Fix-opening-etc-resolv.conf-error.patch \ file://handle-hup.patch \ file://local-ping.patch \ + file://CVE-2023-38471.patch \ " UPSTREAM_CHECK_URI = "https://github.com/lathiat/avahi/releases/" diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38471.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38471.patch new file mode 100644 index 0000000000..40b61b71dd --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38471.patch @@ -0,0 +1,73 @@ +From 9cd4ea89b3ac89b7bb0196fda1aa88cd51b106b6 Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Mon, 23 Oct 2023 13:38:35 +0200 +Subject: [PATCH] core: extract host name using avahi_unescape_label() + +Previously we could create invalid escape sequence when we split the +string on dot. For example, from valid host name "foo\\.bar" we have +created invalid name "foo\\" and tried to set that as the host name +which crashed the daemon. + +Fixes #453 + +Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/894f085f402e023a98cbb6f5a3d117bd88d93b09] +CVE: CVE-2023-38471 + +Signed-off-by: Meenali Gupta +--- + avahi-core/server.c | 27 +++++++++++++++++++++------ + 1 file changed, 21 insertions(+), 6 deletions(-) + +diff --git a/avahi-core/server.c b/avahi-core/server.c +index e507750..40f1d68 100644 +--- a/avahi-core/server.c ++++ b/avahi-core/server.c +@@ -1295,7 +1295,11 @@ static void update_fqdn(AvahiServer *s) { + } + + int avahi_server_set_host_name(AvahiServer *s, const char *host_name) { +- char *hn = NULL; ++ char label_escaped[AVAHI_LABEL_MAX*4+1]; ++ char label[AVAHI_LABEL_MAX]; ++ char *hn = NULL, *h; ++ size_t len; ++ + assert(s); + + AVAHI_CHECK_VALIDITY(s, !host_name || avahi_is_valid_host_name(host_name), AVAHI_ERR_INVALID_HOST_NAME); +@@ -1305,17 +1309,28 @@ int avahi_server_set_host_name(AvahiServer *s, const char *host_name) { + else + hn = avahi_normalize_name_strdup(host_name); + +- hn[strcspn(hn, ".")] = 0; ++ h = hn; ++ if (!avahi_unescape_label((const char **)&hn, label, sizeof(label))) { ++ avahi_free(h); ++ return AVAHI_ERR_INVALID_HOST_NAME; ++ } ++ ++ avahi_free(h); ++ ++ h = label_escaped; ++ len = sizeof(label_escaped); ++ if (!avahi_escape_label(label, strlen(label), &h, &len)) ++ return AVAHI_ERR_INVALID_HOST_NAME; + +- if (avahi_domain_equal(s->host_name, hn) && s->state != AVAHI_SERVER_COLLISION) { +- avahi_free(hn); ++ if (avahi_domain_equal(s->host_name, label_escaped) && s->state != AVAHI_SERVER_COLLISION) + return avahi_server_set_errno(s, AVAHI_ERR_NO_CHANGE); +- } + + withdraw_host_rrs(s); + + avahi_free(s->host_name); +- s->host_name = hn; ++ s->host_name = avahi_strdup(label_escaped); ++ if (!s->host_name) ++ return AVAHI_ERR_NO_MEMORY; + + update_fqdn(s); + +-- +2.40.0 From patchwork Wed Nov 22 02:31:02 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 34998 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7297CC61D9B for ; Wed, 22 Nov 2023 02:31:34 +0000 (UTC) Received: from mail-pf1-f181.google.com (mail-pf1-f181.google.com [209.85.210.181]) by mx.groups.io with SMTP id smtpd.web11.10882.1700620288042332511 for ; Tue, 21 Nov 2023 18:31:28 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=q4iVdlz7; spf=softfail (domain: sakoman.com, ip: 209.85.210.181, mailfrom: steve@sakoman.com) Received: by mail-pf1-f181.google.com with SMTP id d2e1a72fcca58-6cb55001124so296879b3a.0 for ; Tue, 21 Nov 2023 18:31:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1700620287; x=1701225087; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=hhYpSg88zo5M40vu3/gaFohrNs1MWlDAUqtWJyFmEGc=; b=q4iVdlz7qhqhbbLH8U8SCB3wC3YngBGcamYs7x1ovnC+7fOjMSo4Jt/LaZdnfMNDJX SZ/PFqzazsbZLrvSq4+N1m/62Uf/Q2cSYpiiwQ3d3H99Y4tXmTtyu194r6AAPxls1OyO zqtybR4JbRaix1HQyfHJzZ2AiE7+o6M5FzS/wX+PftiW2xIvFRP1S1lyNnecTDfb8QS0 HKy7WVCABFnTDu+1tMxgFUM13Eviebnqaz4sbQMyMDWwlwJedMiS/1I8tbO1XAr8P7ji j45iWmBP/F/HkEdkdw1HAPe3i0nD5BfeukffL12OtJ7kAse6wI/0SwXH92ari9P8wQoJ 5ESg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700620287; x=1701225087; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=hhYpSg88zo5M40vu3/gaFohrNs1MWlDAUqtWJyFmEGc=; b=vOhylIE4EQ/On2P35nBqEpirikYf7oPk321inETWjM/sY67dQO2n6W9Un5W8LbXgbZ opeepT8G2b9TaTYDGUoMD4tkNFq162BML+sMfF4s9HwjI+Bv1xgqYpsUCzu0rp3N9Hrd dyAAQ/AO3wZSSR4nZo5T+4kd9IWgWz8Papg/EjSNmVkGP0YCUwasPY6kEfCXFfSv1jHi eu6MOS6lzEgwLCgZQCC8u79BReJT1jiqKZ7gU1Dk9ta5WGVrUkmdpTvYt8AQZerg68E4 GngEbAC3CPUi7YCTHbgbRgdq4X8VadhO+5VA7lwdRlQI3kW/SPCOs35cGCI+elH0ETEn sbig== X-Gm-Message-State: AOJu0Yy+1BB1cI4kdEOV6hZEK5CxBwykFqKnwhhKDacG3fL4l9QXPDfv YwzWqXGpll8Zuv2BGZDKqrJfCufaFuMMQKtjtbOLvw== X-Google-Smtp-Source: AGHT+IFQYJaX3ZH1+Lxla83W9vsDlVIflXmCSFHfEDUZcsFunBZx2Nb03z96YdfST8eSixmo/X4wOA== X-Received: by 2002:a05:6a20:1613:b0:18a:da90:68ec with SMTP id l19-20020a056a20161300b0018ada9068ecmr1625104pzj.2.1700620287077; Tue, 21 Nov 2023 18:31:27 -0800 (PST) Received: from hexa.lan (dhcp-72-234-108-41.hawaiiantel.net. [72.234.108.41]) by smtp.gmail.com with ESMTPSA id d11-20020a056a00198b00b006cb9a43ae4esm4384182pfl.215.2023.11.21.18.31.26 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 18:31:26 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 05/16] avahi: fix CVE-2023-38470 Date: Tue, 21 Nov 2023 16:31:02 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 22 Nov 2023 02:31:34 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/191004 From: Meenali Gupta A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function. Signed-off-by: Meenali Gupta Signed-off-by: Steve Sakoman --- meta/recipes-connectivity/avahi/avahi_0.8.bb | 1 + .../avahi/files/CVE-2023-38470.patch | 59 +++++++++++++++++++ 2 files changed, 60 insertions(+) create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38470.patch diff --git a/meta/recipes-connectivity/avahi/avahi_0.8.bb b/meta/recipes-connectivity/avahi/avahi_0.8.bb index ac04b42614..a2ad9058d6 100644 --- a/meta/recipes-connectivity/avahi/avahi_0.8.bb +++ b/meta/recipes-connectivity/avahi/avahi_0.8.bb @@ -27,6 +27,7 @@ SRC_URI = "https://github.com/lathiat/avahi/releases/download/v${PV}/avahi-${PV} file://handle-hup.patch \ file://local-ping.patch \ file://CVE-2023-38471.patch \ + file://CVE-2023-38470.patch \ " UPSTREAM_CHECK_URI = "https://github.com/lathiat/avahi/releases/" diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38470.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38470.patch new file mode 100644 index 0000000000..5cf9af6fd6 --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38470.patch @@ -0,0 +1,59 @@ +From 26806dbde54c5b40a2bf108d334ba59ec9d242d6 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= +Date: Tue, 11 Apr 2023 15:29:59 +0200 +Subject: [PATCH]Ensure each label is at least one byte long + +The only allowed exception is single dot, where it should return empty +string. + +Fixes #454. + +Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/94cb6489114636940ac683515417990b55b5d66c] +CVE: CVE-2023-38470 + +Signed-off-by: Meenali Gupta +--- + avahi-common/domain-test.c | 14 ++++++++++++++ + avahi-common/domain.c | 2 +- + 2 files changed, 15 insertions(+), 1 deletion(-) + +diff --git a/avahi-common/domain-test.c b/avahi-common/domain-test.c +index cf763ec..3acc1c1 100644 +--- a/avahi-common/domain-test.c ++++ b/avahi-common/domain-test.c +@@ -45,6 +45,20 @@ int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) { + printf("%s\n", s = avahi_normalize_name_strdup("fo\\\\o\\..f oo.")); + avahi_free(s); + ++ printf("%s\n", s = avahi_normalize_name_strdup(".")); ++ avahi_free(s); ++ ++ s = avahi_normalize_name_strdup(",.=.}.=.?-.}.=.?.?.}.}.?.?.?.z.?.?.}.}." ++ "}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.=.=.?.?.}.}.?.?.}.}.}" ++ ".?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.=.=.?.?.}.}.?.?.?.zM.?`" ++ "?.}.}.}.?.?.?.r.=.?.}.=.?.?.}.?.?.?.}.=.?.?.}??.}.}.?.?." ++ "?.z.?.?.}.}.}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.?`?.}.}.}." ++ "??.?.zM.?`?.}.}.}.?.?.?.r.=.?.}.=.?.?.}.?.?.?.}.=.?.?.}?" ++ "?.}.}.?.?.?.z.?.?.}.}.}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM." ++ "?`?.}.}.}.?.?.?.r.=.=.?.?`.?.?}.}.}.?.?.?.r.=.?.}.=.?.?." ++ "}.?.?.?.}.=.?.?.}"); ++ assert(s == NULL); ++ + printf("%i\n", avahi_domain_equal("\\065aa bbb\\.\\046cc.cc\\\\.dee.fff.", "Aaa BBB\\.\\.cc.cc\\\\.dee.fff")); + printf("%i\n", avahi_domain_equal("A", "a")); + +diff --git a/avahi-common/domain.c b/avahi-common/domain.c +index 3b1ab68..e66d241 100644 +--- a/avahi-common/domain.c ++++ b/avahi-common/domain.c +@@ -201,7 +201,7 @@ char *avahi_normalize_name(const char *s, char *ret_s, size_t size) { + } + + if (!empty) { +- if (size < 1) ++ if (size < 2) + return NULL; + + *(r++) = '.'; +-- +2.40.0 From patchwork Wed Nov 22 02:31:03 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 34996 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 56FC4C61D9A for ; Wed, 22 Nov 2023 02:31:34 +0000 (UTC) Received: from mail-pf1-f182.google.com (mail-pf1-f182.google.com [209.85.210.182]) by mx.groups.io with SMTP id smtpd.web10.10874.1700620290150308183 for ; Tue, 21 Nov 2023 18:31:30 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=HU8EQsdK; spf=softfail (domain: sakoman.com, ip: 209.85.210.182, mailfrom: steve@sakoman.com) Received: by mail-pf1-f182.google.com with SMTP id d2e1a72fcca58-6cb7951d713so297668b3a.1 for ; Tue, 21 Nov 2023 18:31:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1700620289; x=1701225089; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=IOeLmRyCeb1rC2JyrcEp/dp089/WafZNyh9IN0sPjZs=; b=HU8EQsdKakDbimuwBNc6EHNaYOoxyi/HjUzdRCp5peJj9E8M3m+FWLS8nX4BxHJxmc Fl1zY5lg4t2fKRcPYMCkqvDKucTVSO0BLazQeLqKFPYePjE06T7xFK07obRJnqifH4To Bj9Mp3MFjlxinQ97gMGfKv1WdpjPhwrKU+xqtpl8rvSSeRGev8QHf+mUD96JI+YFbWkV SBnd74NJxPfAJQZBvsWPWQKYSxTJTVuKA5HnbCUCAtNAtf+QXhGYFzuysBJ5RoKRTEdP 5Sfflmb+/FwTgza/SHZbnKWrzHy1IeHGdeWtdVhyy02kdP+oO+7DN0/Gr8TZCUfGUYjv I6jA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700620289; x=1701225089; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=IOeLmRyCeb1rC2JyrcEp/dp089/WafZNyh9IN0sPjZs=; b=G+J2uuswQGdbnBaU5MwIgjeN/FZBesSlXKfK6NPCjIj5i9qxgdyrY2JkZ9z76tWPl/ yBD4LpTT2iULTVacibK7AL2P5DlM90tHDKJSHgpjFeXSyJfAxnHWMVK20yyiuAoB1C5Z kxAG8k13GWxLrCcsWpp+ggGt1oN/8Hd4ijXLmu9MA0piNw7tMLX7mEbKZVGM/JunbaGb ke4Iyll8uj21DPhdNMylJkd87v2nKvoe85JpTe/4u/Mezfbdg+sWn+9DKksSslNmUXM1 lyI7aeRPEeMRPHs8ORAiruree+vsnfBqnDQMzMRwTAHCUGVmU91Fnp2y5rQyvGz5/MaO bcqQ== X-Gm-Message-State: AOJu0YytXNl0qHEe8JsseUQ5vvlvMLT4E3n/YGVWKGWlJgd3Ysvr0yQM 8+nMhltqzqDAAHcHSTWYoGavjgzrdeYHhuQT3vAXKg== X-Google-Smtp-Source: AGHT+IF5mfwWOnsBbbNcl+O/gMz6y77kk5NGqrlO122qQDestVdub0D5BEL0XJvLkXD6+KFKK4yEmw== X-Received: by 2002:a05:6a00:2d17:b0:6cb:536b:1b3 with SMTP id fa23-20020a056a002d1700b006cb536b01b3mr7222893pfb.8.1700620288761; Tue, 21 Nov 2023 18:31:28 -0800 (PST) Received: from hexa.lan (dhcp-72-234-108-41.hawaiiantel.net. [72.234.108.41]) by smtp.gmail.com with ESMTPSA id d11-20020a056a00198b00b006cb9a43ae4esm4384182pfl.215.2023.11.21.18.31.28 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 18:31:28 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 06/16] avahi: fix CVE-2023-38469 Date: Tue, 21 Nov 2023 16:31:03 -1000 Message-Id: <8bd1980fd4175be3dd68987f8c5653409b76f544.1700620126.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 22 Nov 2023 02:31:34 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/191005 From: Meenali Gupta A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record. Signed-off-by: Meenali Gupta Signed-off-by: Steve Sakoman --- meta/recipes-connectivity/avahi/avahi_0.8.bb | 1 + .../avahi/files/CVE-2023-38469.patch | 47 +++++++++++++++++++ 2 files changed, 48 insertions(+) create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38469.patch diff --git a/meta/recipes-connectivity/avahi/avahi_0.8.bb b/meta/recipes-connectivity/avahi/avahi_0.8.bb index a2ad9058d6..c733f94e42 100644 --- a/meta/recipes-connectivity/avahi/avahi_0.8.bb +++ b/meta/recipes-connectivity/avahi/avahi_0.8.bb @@ -28,6 +28,7 @@ SRC_URI = "https://github.com/lathiat/avahi/releases/download/v${PV}/avahi-${PV} file://local-ping.patch \ file://CVE-2023-38471.patch \ file://CVE-2023-38470.patch \ + file://CVE-2023-38469.patch \ " UPSTREAM_CHECK_URI = "https://github.com/lathiat/avahi/releases/" diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38469.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38469.patch new file mode 100644 index 0000000000..f0f6c4bf7b --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38469.patch @@ -0,0 +1,47 @@ +From a337a1ba7d15853fb56deef1f464529af6e3a1cf Mon Sep 17 00:00:00 2001 +From: Evgeny Vereshchagin +Date: Mon, 23 Oct 2023 20:29:31 +0000 +Subject: [PATCH]core: reject overly long TXT resource records +Closes https://github.com/lathiat/avahi/issues/455 + +Upstream-Status: Backport [https://github.com/lathiat/avahi/pull/500/commits/a337a1ba7d15853fb56deef1f464529af6e3a1cf] +CVE: CVE-2023-38469 + +Signed-off-by: Meenali Gupta +--- + avahi-core/rr.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/avahi-core/rr.c b/avahi-core/rr.c +index 7fa0bee..b03a24c 100644 +--- a/avahi-core/rr.c ++++ b/avahi-core/rr.c +@@ -32,6 +32,7 @@ + #include + #include + ++#include "dns.h" + #include "rr.h" + #include "log.h" + #include "util.h" +@@ -688,11 +689,17 @@ int avahi_record_is_valid(AvahiRecord *r) { + case AVAHI_DNS_TYPE_TXT: { + + AvahiStringList *strlst; ++ size_t used = 0; + +- for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next) ++ for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next) { + if (strlst->size > 255 || strlst->size <= 0) + return 0; + ++ used += 1+strlst->size; ++ if (used > AVAHI_DNS_RDATA_MAX) ++ return 0; ++ } ++ + return 1; + } + } +-- +2.40.0 From patchwork Wed Nov 22 02:31:04 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 34993 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 50DF1C61D92 for ; Wed, 22 Nov 2023 02:31:34 +0000 (UTC) Received: from mail-pf1-f177.google.com (mail-pf1-f177.google.com [209.85.210.177]) by mx.groups.io with SMTP id smtpd.web10.10876.1700620291890526283 for ; Tue, 21 Nov 2023 18:31:31 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=otGepQyq; spf=softfail (domain: sakoman.com, ip: 209.85.210.177, mailfrom: steve@sakoman.com) Received: by mail-pf1-f177.google.com with SMTP id d2e1a72fcca58-6c4eb5fda3cso6332073b3a.2 for ; Tue, 21 Nov 2023 18:31:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1700620290; x=1701225090; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=LS7Dk+qrRwZ9mXVS/9Env6v+R1kvn27M59iIRL0Dd58=; b=otGepQyqmOu+sgkHLyhTWocnR3VSNAD8HK6onVHniomU2BNDG/zAfjTxHqhfj/PkkF JAvEKAcJh9c+3XboA1PlWobhqY5l7AYcy3GakumCBzzGMsXphpNYXBqGGn5JdwE83BnE hd4+NlPHRedEKD2/sIFiiVuw6WwZj3L7mqJQDWx5u7pZBnyXFaDTk7nkJSQaejk9iwJD S8FlN2hmFe6vYdQyapEncS0Z97qppLTXgQW0FmCh/Z8ITGMdQGyzX1iP3L2nW4joymdp 2HJNaZJ88LAR9a2T/QLZ/RTmYzN7tZDFbON207IBYYp4MsPbdTANN/hKtLIb425Hed5P LX3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700620290; x=1701225090; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=LS7Dk+qrRwZ9mXVS/9Env6v+R1kvn27M59iIRL0Dd58=; b=iK1fbOsJTzPpS0+CYPEOTXV9mgpO7aF0xFRmOhhX1kUUqpK1yKRUl1VR+hR5F5M255 rFcXfJr6f1BDZGcSQc/L9OBZEBGnQzJbm9i5dvPvliwyaxB+T516F6WaWcLfQMy/PytX mI61VDc2hdZZOG5Pb6c9fa5vJ3Bli2ygBK81O309w/aJVuBsI+28WROf71KoE6rwugW9 kgGLRogN4mO4erSBHvH5l/R3FrTmsXn3j4WT9FdltbV/m27T8WaHfIj6aGB8vOX1dxoo BA5Ge2gPoQqLmvA/sulQ9hPI8SEQ/88alSGZrfgaocB2Z468rE4niyVK4LHns9+tompi Enrw== X-Gm-Message-State: AOJu0YxMlG3MbvTwcxe4GTpes/3nfeHtFAST7+2ZAV4iQmyJkwCs9JGX M5zzpV9ROjz+1ChuCCAHrae+6xvJTgbPMTPhB+Xd2A== X-Google-Smtp-Source: AGHT+IFlhf0xWAAmIoaUdb2kpuCf04OqSSV4/vh9FlB1OgGdo2EK0IEjK+YhmW4mlOuBse66P5LqBA== X-Received: by 2002:a05:6a00:2314:b0:6be:4e6e:2a85 with SMTP id h20-20020a056a00231400b006be4e6e2a85mr1175220pfh.30.1700620290569; Tue, 21 Nov 2023 18:31:30 -0800 (PST) Received: from hexa.lan (dhcp-72-234-108-41.hawaiiantel.net. [72.234.108.41]) by smtp.gmail.com with ESMTPSA id d11-20020a056a00198b00b006cb9a43ae4esm4384182pfl.215.2023.11.21.18.31.29 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 18:31:30 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 07/16] avahi: fix CVE-2023-38472 Date: Tue, 21 Nov 2023 16:31:04 -1000 Message-Id: <1b699ac1e8519cd488ee033919b9205283b7b465.1700620126.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 22 Nov 2023 02:31:34 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/191006 From: Meenali Gupta A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function. Signed-off-by: Meenali Gupta Signed-off-by: Steve Sakoman --- meta/recipes-connectivity/avahi/avahi_0.8.bb | 1 + .../avahi/files/CVE-2023-38472.patch | 46 +++++++++++++++++++ 2 files changed, 47 insertions(+) create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch diff --git a/meta/recipes-connectivity/avahi/avahi_0.8.bb b/meta/recipes-connectivity/avahi/avahi_0.8.bb index c733f94e42..23801a7e54 100644 --- a/meta/recipes-connectivity/avahi/avahi_0.8.bb +++ b/meta/recipes-connectivity/avahi/avahi_0.8.bb @@ -29,6 +29,7 @@ SRC_URI = "https://github.com/lathiat/avahi/releases/download/v${PV}/avahi-${PV} file://CVE-2023-38471.patch \ file://CVE-2023-38470.patch \ file://CVE-2023-38469.patch \ + file://CVE-2023-38472.patch \ " UPSTREAM_CHECK_URI = "https://github.com/lathiat/avahi/releases/" diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch new file mode 100644 index 0000000000..2f172622c9 --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch @@ -0,0 +1,46 @@ +From 4e2537500dd0a1333845482f1f4147ef906030dd Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Thu, 19 Oct 2023 17:36:44 +0200 +Subject: [PATCH]core: make sure there is rdata to process before + parsing it + +Fixes #452 + +Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/b024ae5749f4aeba03478e6391687c3c9c8dee40] +CVE: CVE-2023-38472 + +Signed-off-by: Meenali Gupta +--- + avahi-client/client-test.c | 3 +++ + avahi-daemon/dbus-entry-group.c | 2 +- + 2 files changed, 4 insertions(+), 1 deletion(-) + +diff --git a/avahi-client/client-test.c b/avahi-client/client-test.c +index 7d04a6a..57750a4 100644 +--- a/avahi-client/client-test.c ++++ b/avahi-client/client-test.c +@@ -258,6 +258,9 @@ int main (AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) { + printf("%s\n", avahi_strerror(avahi_entry_group_add_service (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "Lathiat's Site", "_http._tcp", NULL, NULL, 80, "foo=bar", NULL))); + printf("add_record: %d\n", avahi_entry_group_add_record (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", 0x01, 0x10, 120, "\5booya", 6)); + ++ error = avahi_entry_group_add_record (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", 0x01, 0x10, 120, "", 0); ++ assert(error != AVAHI_OK); ++ + avahi_entry_group_commit (group); + + domain = avahi_domain_browser_new (avahi, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, NULL, AVAHI_DOMAIN_BROWSER_BROWSE, 0, avahi_domain_browser_callback, (char*) "omghai3u"); +diff --git a/avahi-daemon/dbus-entry-group.c b/avahi-daemon/dbus-entry-group.c +index 4e879a5..aa23d4b 100644 +--- a/avahi-daemon/dbus-entry-group.c ++++ b/avahi-daemon/dbus-entry-group.c +@@ -340,7 +340,7 @@ DBusHandlerResult avahi_dbus_msg_entry_group_impl(DBusConnection *c, DBusMessage + if (!(r = avahi_record_new_full (name, clazz, type, ttl))) + return avahi_dbus_respond_error(c, m, AVAHI_ERR_NO_MEMORY, NULL); + +- if (avahi_rdata_parse (r, rdata, size) < 0) { ++ if (!rdata || avahi_rdata_parse (r, rdata, size) < 0) { + avahi_record_unref (r); + return avahi_dbus_respond_error(c, m, AVAHI_ERR_INVALID_RDATA, NULL); + } +-- +2.40.0 From patchwork Wed Nov 22 02:31:05 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 34997 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 460D2C61D97 for ; Wed, 22 Nov 2023 02:31:34 +0000 (UTC) Received: from mail-pf1-f178.google.com (mail-pf1-f178.google.com [209.85.210.178]) by mx.groups.io with SMTP id smtpd.web10.10877.1700620293642517482 for ; Tue, 21 Nov 2023 18:31:33 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=QWZrEZVM; spf=softfail (domain: sakoman.com, ip: 209.85.210.178, mailfrom: steve@sakoman.com) Received: by mail-pf1-f178.google.com with SMTP id d2e1a72fcca58-6b20a48522fso5085365b3a.1 for ; Tue, 21 Nov 2023 18:31:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1700620292; x=1701225092; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=UCw/al9lQ0Dsn3vxdHEyJbFMjFqmx3tnj/nrGQGMEDE=; b=QWZrEZVMr4yn1zZT831zOnwT/tOzOOfTcPIJmB4LBvTb5FDBQHQaVhsewNItJjU9kp 72JYx788AG6dI4vEaUd6iwobL8CAS833hAqo8wE/5sZpafxBlNI/CNCGIjFy1eqyWS6d QdrPPKsVnjpKwWZlkd3F4RBWh4rQwgr/vt01EMH5kUfeVUcymm8d5eX1GIb1WSJ8eHmp fs+573RWbV5N6kfwVJW+CCXakDUcD+BcyXnl5mgusAB5oQXFnU/4zN3boGYxODKSHtrq h/BWat7QxfwLm25aAcc6gRQRDLA7fbylT+oZ8SZj2pfF994L3pB7N1iwirEBvfnTl2Op gELg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700620292; x=1701225092; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=UCw/al9lQ0Dsn3vxdHEyJbFMjFqmx3tnj/nrGQGMEDE=; b=cAILr306uDbOZ4wVm3hbF0uB08rg0cWze/EdeqpZ/6C4KuWYlOmyOx+toma5HqyqXP VBY0Kv5LBEnUZyN990Q6nOXRrZKTLYZoUGthYstCGJORZDF1ChlynhtnuMZ5SNZYh1Uo px6oe3epX0dN4n1wEWXr3PY7mpMn//jFz9tHDFqzMBWoXLi96rtf+Cnz40RfGsPAjxtA uO5Zz/Rp/hDY8AfLPQg5bZqqmglnoIiWiktJ5oEiusgx0kxg8s7B8cAJls79LStqAtod xRBZmPoi5xeomQ1DtKWffbGR+abXCHfSeoV3o9qDuGMCSuPF7o6uvp+MiJuAdCDYiqf9 YLew== X-Gm-Message-State: AOJu0Yzgw9jyOY9KU6ol16F2VAPyKcJVWL8e5dpLG/NZCZpenKekIiVo gXDpeYq/qjvkwTzAyxFBKBdFzCX5M6ykJpbbTH+M3A== X-Google-Smtp-Source: AGHT+IEIdAZSHa9xSc2HIcebBnqOQYkl3N0W/EUr0z9a3kT1T1DHcVIGZ7mygkAF4I9F1wTsJN2bLQ== X-Received: by 2002:a05:6a00:ad6:b0:6bd:66ce:21d4 with SMTP id c22-20020a056a000ad600b006bd66ce21d4mr1016708pfl.23.1700620292282; Tue, 21 Nov 2023 18:31:32 -0800 (PST) Received: from hexa.lan (dhcp-72-234-108-41.hawaiiantel.net. [72.234.108.41]) by smtp.gmail.com with ESMTPSA id d11-20020a056a00198b00b006cb9a43ae4esm4384182pfl.215.2023.11.21.18.31.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 18:31:31 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 08/16] avahi: fix CVE-2023-38473 Date: Tue, 21 Nov 2023 16:31:05 -1000 Message-Id: <3a9b67f222d6e004a8b56eedca6ff869e9aba710.1700620126.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 22 Nov 2023 02:31:34 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/191007 From: Meenali Gupta A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function. Signed-off-by: Meenali Gupta Signed-off-by: Steve Sakoman --- meta/recipes-connectivity/avahi/avahi_0.8.bb | 1 + .../avahi/files/CVE-2023-38473.patch | 108 ++++++++++++++++++ 2 files changed, 109 insertions(+) create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38473.patch diff --git a/meta/recipes-connectivity/avahi/avahi_0.8.bb b/meta/recipes-connectivity/avahi/avahi_0.8.bb index 23801a7e54..af5284a252 100644 --- a/meta/recipes-connectivity/avahi/avahi_0.8.bb +++ b/meta/recipes-connectivity/avahi/avahi_0.8.bb @@ -30,6 +30,7 @@ SRC_URI = "https://github.com/lathiat/avahi/releases/download/v${PV}/avahi-${PV} file://CVE-2023-38470.patch \ file://CVE-2023-38469.patch \ file://CVE-2023-38472.patch \ + file://CVE-2023-38473.patch \ " UPSTREAM_CHECK_URI = "https://github.com/lathiat/avahi/releases/" diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38473.patch b/meta/recipes-connectivity/avahi/files/CVE-2023-38473.patch new file mode 100644 index 0000000000..8a372a072a --- /dev/null +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38473.patch @@ -0,0 +1,108 @@ +From b448c9f771bada14ae8de175695a9729f8646797 Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Wed, 11 Oct 2023 17:45:44 +0200 +Subject: [PATCH]common: derive alternative host name from its + unescaped version + +Normalization of input makes sure we don't have to deal with special +cases like unescaped dot at the end of label. + +Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/b448c9f771bada14ae8de175695a9729f8646797] +CVE: CVE-2023-38473 + +Signed-off-by: Meenali Gupta +--- + avahi-common/alternative-test.c | 3 +++ + avahi-common/alternative.c | 27 +++++++++++++++++++-------- + 2 files changed, 22 insertions(+), 8 deletions(-) + +diff --git a/avahi-common/alternative-test.c b/avahi-common/alternative-test.c +index 9255435..681fc15 100644 +--- a/avahi-common/alternative-test.c ++++ b/avahi-common/alternative-test.c +@@ -31,6 +31,9 @@ int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) { + const char* const test_strings[] = { + "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", + "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXüüüüüüü", ++ ").", ++ "\\.", ++ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\\\\", + "gurke", + "-", + " #", +diff --git a/avahi-common/alternative.c b/avahi-common/alternative.c +index b3d39f0..a094e6d 100644 +--- a/avahi-common/alternative.c ++++ b/avahi-common/alternative.c +@@ -49,15 +49,20 @@ static void drop_incomplete_utf8(char *c) { + } + + char *avahi_alternative_host_name(const char *s) { ++ char label[AVAHI_LABEL_MAX], alternative[AVAHI_LABEL_MAX*4+1]; ++ char *alt, *r, *ret; + const char *e; +- char *r; ++ size_t len; + + assert(s); + + if (!avahi_is_valid_host_name(s)) + return NULL; + +- if ((e = strrchr(s, '-'))) { ++ if (!avahi_unescape_label(&s, label, sizeof(label))) ++ return NULL; ++ ++ if ((e = strrchr(label, '-'))) { + const char *p; + + e++; +@@ -74,19 +79,18 @@ char *avahi_alternative_host_name(const char *s) { + + if (e) { + char *c, *m; +- size_t l; + int n; + + n = atoi(e)+1; + if (!(m = avahi_strdup_printf("%i", n))) + return NULL; + +- l = e-s-1; ++ len = e-label-1; + +- if (l >= AVAHI_LABEL_MAX-1-strlen(m)-1) +- l = AVAHI_LABEL_MAX-1-strlen(m)-1; ++ if (len >= AVAHI_LABEL_MAX-1-strlen(m)-1) ++ len = AVAHI_LABEL_MAX-1-strlen(m)-1; + +- if (!(c = avahi_strndup(s, l))) { ++ if (!(c = avahi_strndup(label, len))) { + avahi_free(m); + return NULL; + } +@@ -100,7 +104,7 @@ char *avahi_alternative_host_name(const char *s) { + } else { + char *c; + +- if (!(c = avahi_strndup(s, AVAHI_LABEL_MAX-1-2))) ++ if (!(c = avahi_strndup(label, AVAHI_LABEL_MAX-1-2))) + return NULL; + + drop_incomplete_utf8(c); +@@ -109,6 +113,13 @@ char *avahi_alternative_host_name(const char *s) { + avahi_free(c); + } + ++ alt = alternative; ++ len = sizeof(alternative); ++ ret = avahi_escape_label(r, strlen(r), &alt, &len); ++ ++ avahi_free(r); ++ r = avahi_strdup(ret); ++ + assert(avahi_is_valid_host_name(r)); + + return r; +-- +2.40.0 From patchwork Wed Nov 22 02:31:06 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 34999 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 66B64C61D92 for ; Wed, 22 Nov 2023 02:31:44 +0000 (UTC) Received: from mail-ot1-f45.google.com (mail-ot1-f45.google.com [209.85.210.45]) by mx.groups.io with SMTP id smtpd.web11.10883.1700620295106920102 for ; Tue, 21 Nov 2023 18:31:35 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=yCx94z3o; spf=softfail (domain: sakoman.com, ip: 209.85.210.45, mailfrom: steve@sakoman.com) Received: by mail-ot1-f45.google.com with SMTP id 46e09a7af769-6ce2eaf7c2bso3912599a34.0 for ; Tue, 21 Nov 2023 18:31:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1700620294; x=1701225094; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=iE/CbOwsP4Q8S9TMIoF+d5CxSfdHb2wc0guxvu/6tbw=; b=yCx94z3oEsh21TyMV8HXXMz500DfB3KAR+hboXSNIx+/RcdNuXYVLTIggHqr/L5y8J haeA1KfVbx3YhhJtulf5ZbrDMxDvva/iFlKrNkvPaiaxrkQXm/FYZE9BidYDsGhy6VDG hOZnTLAolPODU8tM/+w3kf5Ri+V4XmpFez4v5euY99RgxyfkjMrJYFURHXK1w9leL3dN GGg0OxLLw0i0IKnIOeQT4KEFAHA5AzaPYUxyM8RJjuTs4TYaZ/uzSBrDueqNrZ39gg1/ cN2bGu/jUTDBMFsrGrtUdm6beLaky/XGtlgGv1Vt/7QOi8L+spKKjcCZQzAGdUcUupXT EfkQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700620294; x=1701225094; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=iE/CbOwsP4Q8S9TMIoF+d5CxSfdHb2wc0guxvu/6tbw=; b=nmh7sRTzKWv+PG41QGp8D69u7MMr0Y3vDMM3NWIHtHg/GDj0LyOrQuGsO9ZLmEvRVh 9yXqG1chapawjBPgxQAUKRboFjzZGPpJYJKVGJV/JGNvc9mMo3se4R5ipCZURzipkH65 TTnFzt8QqLdg/GB/t76IgcjXA7kWWLJ7b3sXZRqVOFl0OZgPs1IJnYtcz8e7kJ2l5Y79 TZal5bK7Dk9LpM+YJ+XJai5ZWr5dp/Id6n1R6xE6GigRDNGcrJJzLZuHaWXdIWiWYYcu fxcs6LcOO/pE1sgzDiE4Iqdc/Ui8fi6EwmYd8TTJriFtYQYUoYNSjO+vJsHu9zqP9aYj tNlg== X-Gm-Message-State: AOJu0Yzm99El/4Zs2fBkrF4KgafrqNqjo98FgtB/j0Umv+5B3/5pfq9W ekNMPTrvG7GlfVS55QzhrUJEUZSHHcVDMKzRC+Asxw== X-Google-Smtp-Source: AGHT+IGwRapJntUmOn0rUoZr02b4a3lgwy+ytpt8C/Td/thZt6WIjtn2MLpfRp4TESv+aRMpWGjiHA== X-Received: by 2002:a05:6871:878d:b0:1f0:5543:6048 with SMTP id td13-20020a056871878d00b001f055436048mr1402535oab.49.1700620294071; Tue, 21 Nov 2023 18:31:34 -0800 (PST) Received: from hexa.lan (dhcp-72-234-108-41.hawaiiantel.net. [72.234.108.41]) by smtp.gmail.com with ESMTPSA id d11-20020a056a00198b00b006cb9a43ae4esm4384182pfl.215.2023.11.21.18.31.33 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 18:31:33 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 09/16] binutils: Fix CVE-2022-47007 Date: Tue, 21 Nov 2023 16:31:06 -1000 Message-Id: <03e6ea59d82e613ba3b5d388fa87317cef982f2b.1700620126.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 22 Nov 2023 02:31:44 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/191008 From: Deepthi Hemraj Signed-off-by: Deepthi Hemraj Signed-off-by: Steve Sakoman --- .../binutils/binutils-2.38.inc | 1 + .../binutils/0033-CVE-2022-47007.patch | 34 +++++++++++++++++++ 2 files changed, 35 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/0033-CVE-2022-47007.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc index 43cc97f1ef..dc29141812 100644 --- a/meta/recipes-devtools/binutils/binutils-2.38.inc +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc @@ -67,5 +67,6 @@ SRC_URI = "\ file://0031-CVE-2022-47695.patch \ file://CVE-2022-48063.patch \ file://0032-CVE-2022-47010.patch \ + file://0033-CVE-2022-47007.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/0033-CVE-2022-47007.patch b/meta/recipes-devtools/binutils/binutils/0033-CVE-2022-47007.patch new file mode 100644 index 0000000000..cc6dfe684b --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0033-CVE-2022-47007.patch @@ -0,0 +1,34 @@ +From: Alan Modra +Date: Thu, 16 Jun 2022 23:30:41 +0000 (+0930) +Subject: PR29254, memory leak in stab_demangle_v3_arg +X-Git-Tag: binutils-2_39~237 +X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=0ebc886149c22aceaf8ed74267821a59ca9d03eb + +PR29254, memory leak in stab_demangle_v3_arg + + PR 29254 + * stabs.c (stab_demangle_v3_arg): Free dt on failure path. + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=0ebc886149c22aceaf8ed74267821a59ca9d03eb] + +CVE: CVE-2022-47007 + +Signed-off-by: Deepthi Hemraj +--- + +diff --git a/binutils/stabs.c b/binutils/stabs.c +index 2b5241637c1..796ff85b86a 100644 +--- a/binutils/stabs.c ++++ b/binutils/stabs.c +@@ -5467,7 +5467,10 @@ stab_demangle_v3_arg (void *dhandle, struct stab_handle *info, + dc->u.s_binary.right, + &varargs); + if (pargs == NULL) +- return NULL; ++ { ++ free (dt); ++ return NULL; ++ } + + return debug_make_function_type (dhandle, dt, pargs, varargs); + } From patchwork Wed Nov 22 02:31:07 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 35001 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7D124C61D9B for ; Wed, 22 Nov 2023 02:31:44 +0000 (UTC) Received: from mail-ot1-f52.google.com (mail-ot1-f52.google.com [209.85.210.52]) by mx.groups.io with SMTP id smtpd.web11.10884.1700620297149476367 for ; Tue, 21 Nov 2023 18:31:37 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=MMBC2gEA; spf=softfail (domain: sakoman.com, ip: 209.85.210.52, mailfrom: steve@sakoman.com) Received: by mail-ot1-f52.google.com with SMTP id 46e09a7af769-6d648679605so3340371a34.1 for ; Tue, 21 Nov 2023 18:31:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1700620296; x=1701225096; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=CkkHVjx4fvGIAndEXco2GjTo6CAYvOXzll/cUW+rptY=; b=MMBC2gEAjLEmA2w35loNWjuumvUisbebhZ8CuYPBK2nhgJCOyRxFWnmovvHXYjyBwx dnoJBH5us4nLZ4d3sgFR61hYExn2k6Hn5MO+mrB7tIhZzFCRZbo/UUP/USMFgpK31eEw m2HWBaaNQhgksuGkEa3y8d3dOxRbX2irzEI/4/n9X+Dzp/MGBuOGDMD60NwaYyA5ZWLF iroydYP2QsuOGwY1+C0L7UbvCVVzq4ZpEE5+1rrf1txgxfaH+FasthrKlHyMT1OpngfS JAfJ6P8g4RZ9P8VHMzESQjbazgk5TKFyzyn2+RWS8X1dsMd+dCwmwd7bMXUwPCvC+9/h NQ1A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700620296; x=1701225096; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=CkkHVjx4fvGIAndEXco2GjTo6CAYvOXzll/cUW+rptY=; b=ZZ/PDbBVm07ka/bjeSSNbZJSwl8Nk+sA6ew5lJitaw7BNreCAXmhaOpb2fydspLWpQ vj6x73g/aR4H9fvkr6qS0LvaTqgCsvTnFxf8wrut7MIzNE9KZBJt8tNIOA6XjE0lhyuI +qR4573V6mFoacBex4TFz1XRMmls+qO8PKZ3KYdOXUpDrQA16+9Dk1l/aaHAscgDsDKJ b6ZoQLfp/uQNe8cBAP05SmEvmEJ09iomt62rmkrc9bfGBwq14SUdGf05aNUAyn0WIFUk swnPoYgVMB+0Kb+p0WTTlKubnFWvUUjk9puFdd+vQ6Eb95KHwd9LQFUp2iyAMWFuSd9O wokA== X-Gm-Message-State: AOJu0YxOb6b2zHz4LkNe5Y7vN530iGim0bKxfTSsln4vkbDgHcIQCy6L e0vccKUK1Sl8n++7wu19sALsJuE+zL+pUmZS8VCS/g== X-Google-Smtp-Source: AGHT+IG9GvrULFIjjP6U8qkZwKYCykFdj1ob2Up+Qp6g7QcM3U69FOqMg+HLSit5owJiqH2YYQxFxA== X-Received: by 2002:a05:6870:cc89:b0:1f4:d2df:c53c with SMTP id ot9-20020a056870cc8900b001f4d2dfc53cmr1656785oab.24.1700620295689; Tue, 21 Nov 2023 18:31:35 -0800 (PST) Received: from hexa.lan (dhcp-72-234-108-41.hawaiiantel.net. [72.234.108.41]) by smtp.gmail.com with ESMTPSA id d11-20020a056a00198b00b006cb9a43ae4esm4384182pfl.215.2023.11.21.18.31.34 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 18:31:35 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 10/16] binutils: Fix CVE-2022-48064 Date: Tue, 21 Nov 2023 16:31:07 -1000 Message-Id: <88cbf5eb4a075e677b1f9e6444ec6378a5949978.1700620126.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 22 Nov 2023 02:31:44 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/191009 From: Deepthi Hemraj Signed-off-by: Deepthi Hemraj Signed-off-by: Steve Sakoman --- .../binutils/binutils-2.38.inc | 1 + .../binutils/0034-CVE-2022-48064.patch | 57 +++++++++++++++++++ 2 files changed, 58 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/0034-CVE-2022-48064.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc index dc29141812..3787063cba 100644 --- a/meta/recipes-devtools/binutils/binutils-2.38.inc +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc @@ -68,5 +68,6 @@ SRC_URI = "\ file://CVE-2022-48063.patch \ file://0032-CVE-2022-47010.patch \ file://0033-CVE-2022-47007.patch \ + file://0034-CVE-2022-48064.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/0034-CVE-2022-48064.patch b/meta/recipes-devtools/binutils/binutils/0034-CVE-2022-48064.patch new file mode 100644 index 0000000000..b0840366c7 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0034-CVE-2022-48064.patch @@ -0,0 +1,57 @@ +From: Alan Modra +Date: Tue, 20 Dec 2022 13:17:03 +0000 (+1030) +Subject: PR29922, SHT_NOBITS section avoids section size sanity check +X-Git-Tag: binutils-2_40~202 +X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=8f2c64de86bc3d7556121fe296dd679000283931 + +PR29922, SHT_NOBITS section avoids section size sanity check + + PR 29922 + * dwarf2.c (find_debug_info): Ignore sections without + SEC_HAS_CONTENTS. + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=8f2c64de86bc3d7556121fe296dd679000283931] + +CVE: CVE-2022-48064 + +Signed-off-by: Deepthi Hemraj + +--- + +diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c +index 95f45708e9d..0cd8152ee6e 100644 +--- a/bfd/dwarf2.c ++++ b/bfd/dwarf2.c +@@ -4831,16 +4831,19 @@ find_debug_info (bfd *abfd, const struct dwarf_debug_section *debug_sections, + { + look = debug_sections[debug_info].uncompressed_name; + msec = bfd_get_section_by_name (abfd, look); +- if (msec != NULL) ++ /* Testing SEC_HAS_CONTENTS is an anti-fuzzer measure. Of ++ course debug sections always have contents. */ ++ if (msec != NULL && (msec->flags & SEC_HAS_CONTENTS) != 0) + return msec; + + look = debug_sections[debug_info].compressed_name; + msec = bfd_get_section_by_name (abfd, look); +- if (msec != NULL) ++ if (msec != NULL && (msec->flags & SEC_HAS_CONTENTS) != 0) + return msec; + + for (msec = abfd->sections; msec != NULL; msec = msec->next) +- if (startswith (msec->name, GNU_LINKONCE_INFO)) ++ if ((msec->flags & SEC_HAS_CONTENTS) != 0 ++ && startswith (msec->name, GNU_LINKONCE_INFO)) + return msec; + + return NULL; +@@ -4848,6 +4851,9 @@ find_debug_info (bfd *abfd, const struct dwarf_debug_section *debug_sections, + + for (msec = after_sec->next; msec != NULL; msec = msec->next) + { ++ if ((msec->flags & SEC_HAS_CONTENTS) == 0) ++ continue; ++ + look = debug_sections[debug_info].uncompressed_name; + if (strcmp (msec->name, look) == 0) + return msec; From patchwork Wed Nov 22 02:31:08 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 35003 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 8A318C61D9A for ; Wed, 22 Nov 2023 02:31:44 +0000 (UTC) Received: from mail-oi1-f173.google.com (mail-oi1-f173.google.com [209.85.167.173]) by mx.groups.io with SMTP id smtpd.web10.10883.1700620298312765688 for ; Tue, 21 Nov 2023 18:31:38 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=Eq63jMPp; spf=softfail (domain: sakoman.com, ip: 209.85.167.173, mailfrom: steve@sakoman.com) Received: by mail-oi1-f173.google.com with SMTP id 5614622812f47-3b83ed78a91so61918b6e.1 for ; Tue, 21 Nov 2023 18:31:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1700620297; x=1701225097; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=x3d+CIovhxk79w7DwOaFpHhNioE+aQyVtifM4TRhJUk=; b=Eq63jMPp356geCiBwat6kJsdnXNrcHjBcF5ymCBqejTPY/JKGsTOPKtBnT1Kja6nL4 cH+v8p59QVa1ycKdSf8aXna5l57/7OWAXgk3WrF5pZ4tcOvZV721/YyxLuvv8vIUUw5l v5etQP0esgLsMzepZHI0rdrVEHe1DHZ5lSPGNzqgwHtZPm4A9gVtHF/WZMqe9B92Ubnq UB66H2u5eCOik1jmbYVhX7/eXr4ZJrgeQn4iDpaA1F4ames6P/72EuroaEvHPmx5piZU /Thh0a7PsYuYq429fAsDFYb9aHnZx4pzmBa4njAwZAZVD+y4bUUpwMsvJT6w3I+8Iowj 6nLQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700620297; x=1701225097; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=x3d+CIovhxk79w7DwOaFpHhNioE+aQyVtifM4TRhJUk=; b=NeLqFWLherfkpmiRGu4jor7+AR7DGekiWcinvScNkOqfwAO2AOQEGwcbi6TgeJLx6S PS2nmRkNWXhtXaO0/STWKYuzalw+CNGHHu/PjtjY3w2t/dhr2byLdR9m+HDJtUQz5ijp wecO+RulRPLGzY5ultq6aJQB3Hq5FDu+C2+dgYvaUacEkmtpGj4B+XT0sRWLW57EFcBl 4Z/9d07/JK1PVdHkrDb6bC4ea9lhMZht9/Skpq4/HZjcLK2WnGgKDGt1SyrRkOSyF+QR NUyfCxfweTqffUtjqK1QGCGeX8gVt9VrmVFSFHTBP1Zj/wIyTZxGlyGjXYUBYMqr4I8U HP2w== X-Gm-Message-State: AOJu0YwjVBCEQVMWPrEjMWponpC0X6vBDJuFePEGTDCEjK0JMPLj2SUj 37yQ5zXc0KvL9Eqn5TldcrFC0IfZEkXHJlxujLvTYA== X-Google-Smtp-Source: AGHT+IEFQkm0MbRfp8HoKQ7YRVrSBJzx3ZD0tEFPcv/89FIEujbi0qZw5EBJV18ON74agike1zmw7g== X-Received: by 2002:a05:6871:6081:b0:1ef:fa20:3812 with SMTP id qy1-20020a056871608100b001effa203812mr1701389oab.13.1700620297339; Tue, 21 Nov 2023 18:31:37 -0800 (PST) Received: from hexa.lan (dhcp-72-234-108-41.hawaiiantel.net. [72.234.108.41]) by smtp.gmail.com with ESMTPSA id d11-20020a056a00198b00b006cb9a43ae4esm4384182pfl.215.2023.11.21.18.31.36 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 18:31:37 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 11/16] ghostscript: ignore GhostPCL CVE-2023-38560 Date: Tue, 21 Nov 2023 16:31:08 -1000 Message-Id: <7c4b4daeeca8fab257475eacb83c58b7e5dfee24.1700620126.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 22 Nov 2023 02:31:44 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/191010 From: Lee Chee Yang issue in GhostPCL. GhostPCL not part of this GhostScript recipe. Signed-off-by: Lee Chee Yang Signed-off-by: Steve Sakoman --- meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb b/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb index 4c4c22cf39..7f4050755c 100644 --- a/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb +++ b/meta/recipes-extended/ghostscript/ghostscript_9.55.0.bb @@ -23,6 +23,9 @@ UPSTREAM_CHECK_REGEX = "(?P\d+(\.\d+)+)\.tar" # however we use an external jpeg which doesn't have the issue. CVE_CHECK_IGNORE += "CVE-2013-6629" +# Issue in the GhostPCL. GhostPCL not part of this GhostScript recipe. +CVE_CHECK_IGNORE += "CVE-2023-38560" + def gs_verdir(v): return "".join(v.split(".")) From patchwork Wed Nov 22 02:31:09 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 35002 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 77BEBC61D99 for ; Wed, 22 Nov 2023 02:31:44 +0000 (UTC) Received: from mail-pf1-f172.google.com (mail-pf1-f172.google.com [209.85.210.172]) by mx.groups.io with SMTP id smtpd.web10.10884.1700620299772314627 for ; Tue, 21 Nov 2023 18:31:39 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=MUl+on4E; spf=softfail (domain: sakoman.com, ip: 209.85.210.172, mailfrom: steve@sakoman.com) Received: by mail-pf1-f172.google.com with SMTP id d2e1a72fcca58-6bd0e1b1890so5106533b3a.3 for ; Tue, 21 Nov 2023 18:31:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1700620299; x=1701225099; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=BiTmPSlYKGQ8mI5LUN+ra/utff2XzQVXqTxml1gsVA4=; b=MUl+on4Em9S07kzBKq1H7qptUmSwRihalb60VE3mIb1eH+ipEZB02QWESa2p8mHAxk SIcU0sqjVmTQq8WHGGfjOUI9bAZxsvI4iKhmZ1fUXzDhkUOjpNtZqj9qnYLSqstAMWjO a2yXMAKfvNLIak8CTeasnlIdDBens+1L5T/iSsPiw2e1sN4G8x448L9a7QcIMTtXlgTH xYA6TmWE4FYEb5CPNjdWju8uK/s86yVcxUU2tlCrBpdM9xNRLjGA59IVAU1zeM2Yi4Mx xtqtoW4Ew+KPBa5oxP8YFmSjJazbOniciXRxdlpqddl2NybGjXQwym/e1ZRbTy+h3lcL 5fYw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700620299; x=1701225099; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=BiTmPSlYKGQ8mI5LUN+ra/utff2XzQVXqTxml1gsVA4=; b=D0I04ZloN5n6ihbiLn+qps+sGZNG0cwIpGeXeqV6QXC6amNfCgSl04PZ4CXblY03dC vq6JX9yZUL6NzVOLejF2nBsnheYOvfEfhIqobiLGtSNfZ4wyWOMtP0Lvem+LtvwpLfCG 41n74JJiCd4G3SsyjdPc0PFKNSMorNOsJSh0VcifcibdOqu1GFbutD2WbcGiTzp0ZMQS yazp21selIGV9VE0caDhbH67C9DZvxms79eb2XjyjVFuVehSh4o7pv/C1Ra1LikmNkO4 sABi7PJzOnSMKDGjsTPzCOIHLShOlF3e0v2SlpIUTNhMmYO2kvCp+CItKzSUhNElZtXx VPnw== X-Gm-Message-State: AOJu0YzZKq5sYLVlSl34clFmkthVH6K9pAB2mfJ+Tsw1CXC8BBJvIvpe axV0AU6gaexI54K+RkXDEmB45rVEQR2a6u8NR0jXzw== X-Google-Smtp-Source: AGHT+IHxLW68hU1puObYO5BmKp5AlbZ0LVt5wfxtPOQE3ocZ4RGSQ+RmCtIb6JIyxO8gjXy1Os22WQ== X-Received: by 2002:a05:6a00:391f:b0:6be:287d:46d6 with SMTP id fh31-20020a056a00391f00b006be287d46d6mr1171189pfb.33.1700620298907; Tue, 21 Nov 2023 18:31:38 -0800 (PST) Received: from hexa.lan (dhcp-72-234-108-41.hawaiiantel.net. [72.234.108.41]) by smtp.gmail.com with ESMTPSA id d11-20020a056a00198b00b006cb9a43ae4esm4384182pfl.215.2023.11.21.18.31.38 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 18:31:38 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 12/16] go: ignore CVE-2023-45283 and CVE-2023-45284 Date: Tue, 21 Nov 2023 16:31:09 -1000 Message-Id: <60f75fd6a671fcbfeefb634fe88f6faa17b446b7.1700620126.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 22 Nov 2023 02:31:44 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/191011 From: Peter Marko These CVEs affect path handling on Windows. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- meta/recipes-devtools/go/go-1.17.13.inc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/recipes-devtools/go/go-1.17.13.inc b/meta/recipes-devtools/go/go-1.17.13.inc index 461819d80f..a0974629fb 100644 --- a/meta/recipes-devtools/go/go-1.17.13.inc +++ b/meta/recipes-devtools/go/go-1.17.13.inc @@ -54,5 +54,5 @@ SRC_URI[main.sha256sum] = "a1a48b23afb206f95e7bbaa9b898d965f90826f6f1d1fc0c1d784 # https://github.com/golang/go/issues/30999#issuecomment-910470358 CVE_CHECK_IGNORE += "CVE-2021-29923" -# This is specific to Microsoft Windows -CVE_CHECK_IGNORE += "CVE-2022-41716" +# This are specific to Microsoft Windows +CVE_CHECK_IGNORE += "CVE-2022-41716 CVE-2023-45283 CVE-2023-45284" From patchwork Wed Nov 22 02:31:10 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 35004 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 738BCC61D97 for ; Wed, 22 Nov 2023 02:31:44 +0000 (UTC) Received: from mail-il1-f178.google.com (mail-il1-f178.google.com [209.85.166.178]) by mx.groups.io with SMTP id smtpd.web11.10888.1700620302380922975 for ; Tue, 21 Nov 2023 18:31:42 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=ynfnV/hQ; spf=softfail (domain: sakoman.com, ip: 209.85.166.178, mailfrom: steve@sakoman.com) Received: by mail-il1-f178.google.com with SMTP id e9e14a558f8ab-359d27f6d46so20044125ab.3 for ; Tue, 21 Nov 2023 18:31:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1700620301; x=1701225101; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=r5XSZEbP6sq51zTRukUnqQ6lZH80aS88zMvQTTUE9JI=; b=ynfnV/hQemmp8Xa0VrlXwjSNI2LqyqdgReegLQnmL0jD57lMJdo4V9PJWpz5k4C8hX FLlPo1eVb7aod2xFD8yhPYRV0LKRz+aDGXjMxpfti6816A0hD+q/TaunCdm+P6eGA0tq gqPSUkjF7CEIRM2eq0wdgrqgUTBFKY1mRDUTsKMsqXzk+8npZPxb4Y7OAFmbKcIaUI7d oC54wmur3tt+AFyH27IJipee3BQhK09kYsPxlWzt2n2zRp5RJ6gW2mhVHYm3wnRgf087 L4fabdvSkAs/jxoLQNEsj8egkISGSYJKPAzu4Yr4S/hXl/lLJ5rpBsMItwh4VLpqCgI2 zYCw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700620301; x=1701225101; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=r5XSZEbP6sq51zTRukUnqQ6lZH80aS88zMvQTTUE9JI=; b=qgLouyAb90bAtj2G89xI9cSMIv7r6rXi2Wdm8ytKoB69UVuslSgc7wV9iArADcvoss lqRCgOFjwmcWkn0WwoMAjIgdJF106BLcpbGFfXMAM00aG6KZElx3J2RNfPC3PdaM5hbG GhbNwTMWzDceoo5h17zhweglgQET6FK8r8uT7LlSUFxzFXmJI4/1hupOGbof7NuWwFuP FmayQVAr39BMu4AitiNhcsPF7o9lhaclOQXTxHZmA9vpHbjdll7pqREL0EcEtg2XAV66 ig4PqHpnGXiHtxppc/oWgzMpy/DNemx+NQvXFbkfmAh9TDo1RaP5ThlQXygFsIcE389x mhRw== X-Gm-Message-State: AOJu0Yxcja/tSwqE0LghmR8uqk1wMyAKDfPSeoR4CEp+bgeE9EoTEkcL snt7umm/KiZjFrgs3kSiYDLiRvujWzU+5gOlIFFy9Q== X-Google-Smtp-Source: AGHT+IE+lHpWabK8SKYNmm6FanFv/snQYoO9XJAnuwKkX+PXubQ2Y3WOZOXIj/WokdIbzbmWxEVtcg== X-Received: by 2002:a05:6e02:1113:b0:35a:d052:da48 with SMTP id u19-20020a056e02111300b0035ad052da48mr874450ilk.29.1700620300572; Tue, 21 Nov 2023 18:31:40 -0800 (PST) Received: from hexa.lan (dhcp-72-234-108-41.hawaiiantel.net. [72.234.108.41]) by smtp.gmail.com with ESMTPSA id d11-20020a056a00198b00b006cb9a43ae4esm4384182pfl.215.2023.11.21.18.31.39 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 18:31:40 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 13/16] sudo: upgrade 1.9.13p3 -> 1.9.15p2 Date: Tue, 21 Nov 2023 16:31:10 -1000 Message-Id: <55f1437e2e7f11724ace489677ae214611244faf.1700620126.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 22 Nov 2023 02:31:44 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/191012 From: Soumya Sambu License-update: file removed upstream Drop patch as issue fixed upstream. Changelog: =========== 1.9.15p2 * Fixed a bug on BSD systems where sudo would not restore the terminal settings on exit if the terminal had parity enabled. GitHub issue #326. 1.9.15p1 * Fixed a bug introduced in sudo 1.9.15 that prevented LDAP-based sudoers from being able to read the ldap.conf file. GitHub issue #325. 1.9.15 * Fixed an undefined symbol problem on older versions of macOS when "intercept" or "log_subcmds" are enabled in sudoers. GitHub issue #276. * Fixed "make check" failure related to getpwent(3) wrapping on NetBSD. * Fixed the warning message for "sudo -l command" when the command is not permitted. There was a missing space between "list" and the actual command due to changes in sudo 1.9.14. * Fixed a bug where output could go to the wrong terminal if "use_pty" is enabled (the default) and the standard input, output or error is redirected to a different terminal. Bug #1056. * The visudo utility will no longer create an empty file when the specified sudoers file does not exist and the user exits the editor without making any changes. GitHub issue #294. * The AIX and Solaris sudo packages on www.sudo.ws now support "log_subcmds" and "intercept" with both 32-bit and 64-bit binaries. Previously, they only worked when running binaries with the same word size as the sudo binary. GitHub issue #289. * The sudoers source is now logged in the JSON event log. This makes it possible to tell which rule resulted in a match. * Running "sudo -ll command" now produces verbose output that includes matching rule as well as the path to the sudoers file the matching rule came from. For LDAP sudoers, the name of the matching sudoRole is printed instead. * The embedded copy of zlib has been updated to version 1.3. * The sudoers plugin has been modified to make it more resilient to ROWHAMMER attacks on authentication and policy matching. This addresses CVE-2023-42465. * The sudoers plugin now constructs the user time stamp file path name using the user-ID instead of the user name. This avoids a potential problem with user names that contain a path separator ('/') being interpreted as part of the path name. A similar issue in sudo-rs has been assigned CVE-2023-42456. * A path separator ('/') in a user, group or host name is now replaced with an underbar character ('_') when expanding escapes in @include and @includedir directives as well as the "iolog_file" and "iolog_dir" sudoers Default settings. * The "intercept_verify" sudoers option is now only applied when the "intercept" option is set in sudoers. Previously, it was also applied when "log_subcmds" was enabled. Sudo 1.9.14 contained an incorrect fix for this. Bug #1058. * Changes to terminal settings are now performed atomically, where possible. If the command is being run in a pseudo-terminal and the user's terminal is already in raw mode, sudo will not change the user's terminal settings. This prevents concurrent sudo processes from restoring the terminal settings to the wrong values. GitHub issue #312. * Reverted a change from sudo 1.9.4 that resulted in PAM session modules being called with the environment of the command to be run instead of the environment of the invoking user. GitHub issue #318. * New Indonesian translation from translationproject.org. * The sudo_logsrvd server will now raise its open file descriptor limit to the maximum allowed value when it starts up. Each connection can require up to nine open file descriptors so the default soft limit may be too low. * Better log message when rejecting a command if the "intercept" option is enabled and the "intercept_allow_setid" option is disabled. Previously, "command not allowed" would be logged and the user had no way of knowing what the actual problem was. * Sudo will now log the invoking user's environment as "submitenv" in the JSON logs. The command's environment ("runenv") is no longer logged for commands rejected by the sudoers file or an approval plugin. 1.9.14p3 * Fixed a crash with Python 3.12 when the sudo Python plugin is unloaded. This only affects "make check" for the Python plugin. * Adapted the sudo Python plugin test output to match Python 3.12. 1.9.14p2 * Fixed a crash on Linux systems introduced in version 1.9.14 when running a command with a NULL argv[0] if "log_subcmds" or "intercept" is enabled in sudoers. * Fixed a problem with "stair-stepped" output when piping or redirecting the output of a sudo command that takes user input. * Fixed a bug introduced in sudo 1.9.14 that affects matching sudoers rules containing a Runas_Spec with an empty Runas user. These rules should only match when sudo's -g option is used but were matching even without the -g option. GitHub issue #290. 1.9.14p1 * Fixed an invalid free bug in sudo_logsrvd that was introduced in version 1.9.14 which could cause sudo_logsrvd to crash. * The sudoers plugin no longer tries to send the terminal name to the log server when no terminal is present. This bug was introduced in version 1.9.14. 1.9.14 * Fixed a bug where if the "intercept" or "log_subcmds" sudoers option was enabled and a sub-command was run where the first entry of the argument vector didn't match the command being run. This resulted in commands like "sudo su -" being killed due to the mismatch. Bug #1050. * The sudoers plugin now canonicalizes command path names before matching (where possible). This fixes a bug where sudo could execute the wrong path if there are multiple symbolic links with the same target and the same base name in sudoers that a user is allowed to run. GitHub issue #228. * Improved command matching when a chroot is specified in sudoers. The sudoers plugin will now change the root directory id needed before performing command matching. Previously, the root directory was simply prepended to the path that was being processed. * When NETGROUP_BASE is set in the ldap.conf file, sudo will now perform its own netgroup lookups of the host name instead of using the system innetgr(3) function. This guarantees that user and host netgroup lookups are performed using the same LDAP server (or servers). * Fixed a bug introduced in sudo 1.9.13 that resulted in a missing " ; " separator between environment variables and the command in log entries. * The visudo utility now displays a warning when it ignores a file in an include dir such as /etc/sudoers.d. * When running a command in a pseudo-terminal, sudo will initialize the terminal settings even if it is the background process. Previously, sudo only initialized the pseudo-terminal when running in the foreground. This fixes an issue where a program that checks the window size would read the wrong value when sudo was running in the background. * Fixed a bug where only the first two digits of the TSID field being was logged. Bug #1046. * The "use_pty" sudoers option is now enabled by default. To restore the historic behavior where a command is run in the user's terminal, add "Defaults !use_pty" to the sudoers file. GitHub issue #258. * Sudo's "-b" option now works when the command is run in a pseudo-terminal. * When disabling core dumps, sudo now only modifies the soft limit and leaves the hard limit as-is. This avoids problems on Linux when sudo does not have CAP_SYS_RESOURCE, which may be the case when run inside a container. GitHub issue #42. * Sudo configuration file paths have been converted to colon-separated lists of paths. This makes it possible to have configuration files on a read-only file system while still allowing for local modifications in a different (writable) directory. The new --enable-adminconf configure option can be used to specify a directory that is searched for configuration files in preference to the sysconfdir (which is usually /etc). * The NETGROUP_QUERY ldap.conf parameter can now be disabled for LDAP servers that do not support querying the nisNetgroup object by its nisNetgroupTriple attribute, while still allowing sudo to query the LDAP server directly to determine netgroup membership. * Fixed a long-standing bug where a sudoers rule without an explicit runas list allowed the user to run a command as root and any group instead of just one of the groups that root is a member of. For example, a rule such as "myuser ALL = ALL" would permit "sudo -u root -g othergroup" even if root did not belong to "othergroup". * Fixed a bug where a sudoers rule with an explicit runas list allowed a user to run sudo commands as themselves. For example, a rule such as "myuser ALL = (root) ALL", "myuser" should only allow commands to be run as root (optionally using one of root's groups). However, the rule also allowed the user to run "sudo -u myuser -g myuser command". * Fixed a bug that prevented the user from specifying a group on the command line via "sudo -g" if the rule's Runas_Spec contained a Runas_Alias. * Sudo now requires a C compiler that conforms to ISO C99 or higher to build. Signed-off-by: Soumya Sambu Signed-off-by: Steve Sakoman --- ...me.c-correctly-include-header-for-ou.patch | 25 ------------------- meta/recipes-extended/sudo/sudo.inc | 5 ++-- .../{sudo_1.9.13p3.bb => sudo_1.9.15p2.bb} | 3 +-- 3 files changed, 3 insertions(+), 30 deletions(-) delete mode 100644 meta/recipes-extended/sudo/files/0001-lib-util-mksigname.c-correctly-include-header-for-ou.patch rename meta/recipes-extended/sudo/{sudo_1.9.13p3.bb => sudo_1.9.15p2.bb} (92%) diff --git a/meta/recipes-extended/sudo/files/0001-lib-util-mksigname.c-correctly-include-header-for-ou.patch b/meta/recipes-extended/sudo/files/0001-lib-util-mksigname.c-correctly-include-header-for-ou.patch deleted file mode 100644 index f63ed553be..0000000000 --- a/meta/recipes-extended/sudo/files/0001-lib-util-mksigname.c-correctly-include-header-for-ou.patch +++ /dev/null @@ -1,25 +0,0 @@ -From f993c5c88faacc43971899aae2168ffb3e34dc80 Mon Sep 17 00:00:00 2001 -From: Alexander Kanavin -Date: Fri, 24 Sep 2021 13:36:24 +0200 -Subject: [PATCH] lib/util/mksigname.c: correctly include header for out of - tree builds - -Upstream-Status: Submitted [https://github.com/sudo-project/sudo/pull/123] -Signed-off-by: Alexander Kanavin ---- - lib/util/mksigname.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/lib/util/mksigname.c b/lib/util/mksigname.c -index de8b1ad..0a69e7e 100644 ---- a/lib/util/mksigname.c -+++ b/lib/util/mksigname.c -@@ -36,7 +36,7 @@ main(int argc, char *argv[]) - { - unsigned int i; - --#include "mksigname.h" -+#include "lib/util/mksigname.h" - - printf("const char *const sudo_sys_signame[] = {\n"); - for (i = 0; i < nitems(sudo_sys_signame); i++) { diff --git a/meta/recipes-extended/sudo/sudo.inc b/meta/recipes-extended/sudo/sudo.inc index f22b3eab99..d3b6bf1ad8 100644 --- a/meta/recipes-extended/sudo/sudo.inc +++ b/meta/recipes-extended/sudo/sudo.inc @@ -8,7 +8,6 @@ LIC_FILES_CHKSUM = "file://LICENSE.md;md5=5100e20d35f9015f9eef6bdb27ba194f \ file://plugins/sudoers/redblack.c;beginline=1;endline=46;md5=03e35317699ba00b496251e0dfe9f109 \ file://lib/util/reallocarray.c;beginline=3;endline=15;md5=397dd45c7683e90b9f8bf24638cf03bf \ file://lib/util/fnmatch.c;beginline=3;endline=27;md5=004d7d2866ba1f5b41174906849d2e0f \ - file://lib/util/getcwd.c;beginline=2;endline=27;md5=50f8d9667750e18dea4e84a935c12009 \ file://lib/util/glob.c;beginline=2;endline=31;md5=2852f68687544e3eb8a0a61665506f0e \ file://lib/util/snprintf.c;beginline=3;endline=33;md5=b70df6179969e38fcf68da91b53b8029 \ file://include/sudo_queue.h;beginline=2;endline=27;md5=ad578e9664d17a010b63e4bc0576ee8d \ @@ -29,12 +28,12 @@ EXTRA_OECONF = "--with-editor=${base_bindir}/vi --with-env-editor" EXTRA_OECONF:append:libc-musl = " --disable-hardening " do_compile:prepend () { - # Remove build host references from sudo_usage.h + # Remove build host references from config.h sed -i \ -e 's,--with-libtool-sysroot=${STAGING_DIR_TARGET},,g' \ -e 's,--build=${BUILD_SYS},,g' \ -e 's,--host=${HOST_SYS},,g' \ - ${B}/src/sudo_usage.h + ${B}/config.h } # Explicitly create ${localstatedir}/lib before do_install to ensure diff --git a/meta/recipes-extended/sudo/sudo_1.9.13p3.bb b/meta/recipes-extended/sudo/sudo_1.9.15p2.bb similarity index 92% rename from meta/recipes-extended/sudo/sudo_1.9.13p3.bb rename to meta/recipes-extended/sudo/sudo_1.9.15p2.bb index 2e11739470..431dfba3c2 100644 --- a/meta/recipes-extended/sudo/sudo_1.9.13p3.bb +++ b/meta/recipes-extended/sudo/sudo_1.9.15p2.bb @@ -3,12 +3,11 @@ require sudo.inc SRC_URI = "https://www.sudo.ws/dist/sudo-${PV}.tar.gz \ ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \ file://0001-sudo.conf.in-fix-conflict-with-multilib.patch \ - file://0001-lib-util-mksigname.c-correctly-include-header-for-ou.patch \ " PAM_SRC_URI = "file://sudo.pam" -SRC_URI[sha256sum] = "92334a12bb93e0c056b09f53e255ccb7d6f67c6350e2813cd9593ceeca78560b" +SRC_URI[sha256sum] = "199c0cdbfa7efcfffa9c88684a8e2fb206a62b70a316507e4a91c89c873bbcc8" DEPENDS += " virtual/crypt ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" RDEPENDS:${PN} += " ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-limits pam-plugin-keyinit', '', d)}" From patchwork Wed Nov 22 02:31:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 35000 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 65377C61D85 for ; Wed, 22 Nov 2023 02:31:44 +0000 (UTC) Received: from mail-pf1-f181.google.com (mail-pf1-f181.google.com [209.85.210.181]) by mx.groups.io with SMTP id smtpd.web10.10887.1700620303585371783 for ; Tue, 21 Nov 2023 18:31:43 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=Jq9fbST7; spf=softfail (domain: sakoman.com, ip: 209.85.210.181, mailfrom: steve@sakoman.com) Received: by mail-pf1-f181.google.com with SMTP id d2e1a72fcca58-6b2018a11efso6365570b3a.0 for ; Tue, 21 Nov 2023 18:31:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1700620302; x=1701225102; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=bgitgLAckBmqQ+XCJ9ibuZFRBdUdF/BSG77vPBcKcMU=; b=Jq9fbST7J2Do/yeJtARnRlz7E0XxqAtEkVTDb0wdEumXHsMelx0gIN0DMsXZBEKPRl hPJLHou4B9mjAf7RON0W1dKE1vfjC9AzAhU/oPf5eSSHQdLlrg8zem3bVws2uxDREmBJ +foYU5m0qrc3n4IkUbbKd3+SfgloC34UzK0zp/xX1leoFvE5UUZqcXlcfkML63QarkxH qyw0nFoAGDQmkTDyM2KICPpj0ggCnVoIoEKpJ5wMosJSieVsisXpTsDhNHHwSx37Mi1l EOF+oBK1/D8BKDDcj5YTRQnzXpiTnIQcU5c3qIW3bLI611s+Q57CWHdb8GMtlvjtSAhm ttyw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700620302; x=1701225102; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=bgitgLAckBmqQ+XCJ9ibuZFRBdUdF/BSG77vPBcKcMU=; b=OZWXHdOy7hJW5GGmuSIOMO7kFL8mH6xRzfv0DTdaO/nqRsjGa0LOQwg98jmAIg/199 0AI/vmgMQRgwPtAoaoWVizzZhYSEFJGtCt6YebOti0Gkn1Cp6LBtkLUOds4nOcS0yIZ7 LsSbi/wpazgoQ0EPZd2xQrE/ikTASljsDO5JRkGca6KAltXzxsgOSH96hs3Db+rmgDAO VYnVejv4oVXtJU5HAA8jXlbSDKwLZTszv5oa9d0iKEgEDENZdADg58wsBM07bYjzX0ZT n4W57lgt48HnzES8m3Fn9vP1cTWYm8BO0mtk2xF9SU/JTNlzHINQ4Nd601DQfPdyyw5C V9jA== X-Gm-Message-State: AOJu0Yy7RUtlzoojgNLk/PZZIsejnZ+svYOGVMG4MD/bmPYsYC4D6SrN ZhH9xG44jt/weTIR6sVFgeTp2RcN7H8JjFYjvC2yhQ== X-Google-Smtp-Source: AGHT+IGyynGNcbVBkWhBj5MKcT91peFrRwD/dC7rZ+Mw7uInj2NfLT4rbTEuHPZo0VvBfHWQrpz3wQ== X-Received: by 2002:a05:6a00:230b:b0:6cb:a1a7:ebcb with SMTP id h11-20020a056a00230b00b006cba1a7ebcbmr1330366pfh.24.1700620302184; Tue, 21 Nov 2023 18:31:42 -0800 (PST) Received: from hexa.lan (dhcp-72-234-108-41.hawaiiantel.net. [72.234.108.41]) by smtp.gmail.com with ESMTPSA id d11-20020a056a00198b00b006cb9a43ae4esm4384182pfl.215.2023.11.21.18.31.41 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 18:31:41 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 14/16] go: Fix issue in DNS resolver Date: Tue, 21 Nov 2023 16:31:11 -1000 Message-Id: <8c8b01e84844a7e721c668d5ffbc7161e67f0862.1700620126.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 22 Nov 2023 02:31:44 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/191013 From: Chaitanya Vadrevu This change adds a patch that is a partial backport of an upstream commit[1]. It fixes a bug in go's DNS resolver that was causing a docker issue where the first "docker pull" always fails after system boot if docker daemon is started before networking is completely up. [1] https://github.com/golang/go/commit/d52883f443e1d564b0300acdd382af1769bf0477 Signed-off-by: Chaitanya Vadrevu Signed-off-by: Steve Sakoman --- meta/recipes-devtools/go/go-1.17.13.inc | 1 + ...Fix-issue-with-DNS-not-being-updated.patch | 51 +++++++++++++++++++ 2 files changed, 52 insertions(+) create mode 100644 meta/recipes-devtools/go/go-1.20/0010-net-Fix-issue-with-DNS-not-being-updated.patch diff --git a/meta/recipes-devtools/go/go-1.17.13.inc b/meta/recipes-devtools/go/go-1.17.13.inc index a0974629fb..330f571d22 100644 --- a/meta/recipes-devtools/go/go-1.17.13.inc +++ b/meta/recipes-devtools/go/go-1.17.13.inc @@ -16,6 +16,7 @@ SRC_URI += "\ file://0009-Revert-cmd-go-make-sure-CC-and-CXX-are-absolute.patch \ file://0001-exec.go-do-not-write-linker-flags-into-buildids.patch \ file://0001-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \ + file://0010-net-Fix-issue-with-DNS-not-being-updated.patch \ file://CVE-2022-27664.patch \ file://0001-net-http-httputil-avoid-query-parameter-smuggling.patch \ file://CVE-2022-41715.patch \ diff --git a/meta/recipes-devtools/go/go-1.20/0010-net-Fix-issue-with-DNS-not-being-updated.patch b/meta/recipes-devtools/go/go-1.20/0010-net-Fix-issue-with-DNS-not-being-updated.patch new file mode 100644 index 0000000000..6ead518843 --- /dev/null +++ b/meta/recipes-devtools/go/go-1.20/0010-net-Fix-issue-with-DNS-not-being-updated.patch @@ -0,0 +1,51 @@ +From 20176b390e28daa86b4552965cb7bd9181983c4d Mon Sep 17 00:00:00 2001 +From: Chaitanya Vadrevu +Date: Mon, 6 Nov 2023 20:11:19 -0600 +Subject: [PATCH] net: Fix issue with DNS not being updated + +When dns requests are made, go's native DNS resolver only reads +/etc/resolv.conf if the previous request is older than 5 seconds. + +On first network call, an initialization code runs that is +supposed to initialize DNS data and set lastChecked time. There is a bug +in this code that causes /etc/resolv.conf to not be read during +initialization and the DNS data from program startup ends up being used +until the next 5 seconds. This means that if /etc/resolv.conf changed +between program startup and the first network call, old DNS data is +still used until the next 5 seconds. + +This causes "docker pull" to fail the first time if docker daemon is +started before networking is up. + +Upstream commit d52883f443e1d564b0300acdd382af1769bf0477 made lot of +improvements to DNS resolver to fix some issues which also fixes this +issue. +This patch picks the relevant changes from it to fix this particular +issue. + +Upstream-Status: Backport [https://github.com/golang/go/commit/d52883f443e1d564b0300acdd382af1769bf0477] + +Signed-off-by: Chaitanya Vadrevu +--- + src/net/dnsclient_unix.go | 5 +---- + 1 file changed, 1 insertion(+), 4 deletions(-) + +diff --git a/src/net/dnsclient_unix.go b/src/net/dnsclient_unix.go +index 6dfd4af..520ffe6 100644 +--- a/src/net/dnsclient_unix.go ++++ b/src/net/dnsclient_unix.go +@@ -337,10 +337,7 @@ var resolvConf resolverConfig + func (conf *resolverConfig) init() { + // Set dnsConfig and lastChecked so we don't parse + // resolv.conf twice the first time. +- conf.dnsConfig = systemConf().resolv +- if conf.dnsConfig == nil { +- conf.dnsConfig = dnsReadConfig("/etc/resolv.conf") +- } ++ conf.dnsConfig = dnsReadConfig("/etc/resolv.conf") + conf.lastChecked = time.Now() + + // Prepare ch so that only one update of resolverConfig may +-- +2.34.1 + From patchwork Wed Nov 22 02:31:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 35006 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 85F7AC61D85 for ; Wed, 22 Nov 2023 02:31:54 +0000 (UTC) Received: from mail-oi1-f182.google.com (mail-oi1-f182.google.com [209.85.167.182]) by mx.groups.io with SMTP id smtpd.web10.10889.1700620304812902288 for ; Tue, 21 Nov 2023 18:31:44 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=bhTKqVW3; spf=softfail (domain: sakoman.com, ip: 209.85.167.182, mailfrom: steve@sakoman.com) Received: by mail-oi1-f182.google.com with SMTP id 5614622812f47-3b83398cfc7so889000b6e.3 for ; Tue, 21 Nov 2023 18:31:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1700620304; x=1701225104; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=1ouWmz9jKrU1RDs05fXVML3r+myZKo8WAsweR5p+o94=; b=bhTKqVW3T6VuZcTCp44ovKxDkBgGbD23W6XAE8rGCWxPZJImmFZbGcNCaaJeqrkCra lTWQIr12xzTBBXu7fn+jbaRRrcBCr6ylNkudMqLe/D7HurWHqoIp8W2hRwREx9AIvwmH 4G131SjsAz3PXi4p/lEaii7Z60Ks4la1IKtxN+JivAvvZccRt0NUA1JYDwzd1p7EAA9s TwGs5D3bcpCy3OeqjoQzEurgtsSGtTNGX30DqTg1sKXZrkGHlRficKfxK4Po1U+QxWSQ ihKlwwn6tbWCQpdqDdMS36hxaS0zkQA2y7gi7VzNZ/6V66epUGbO6SZAlP5gaon5yUbO XHzw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700620304; x=1701225104; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=1ouWmz9jKrU1RDs05fXVML3r+myZKo8WAsweR5p+o94=; b=unD+M7kQ009I5vdeIQ4ECLriKsdVM5uSIUSqUvfupH2OGG+zQSi7UA/cUR5AOeiZxP SA4AySYGNJLYW2mB6iG/1EhMguUf0kaJqxZaTZ6AQbOGfUZibF7vx2xAwwCyYYs4tO/Y GYhAYiVlFWXYi1dYQzVWmB245Kzn/ItCKinaYZiLcLQj8rnjREsCEer54vwAqTbm6Mbf oLM6nY4a1+WG1FAGKGat2I/dDwMKmXm05wGIfjtrbpVMDnSkRqINlbrHiKB4tJZvQZ8S NnNHbC+Z15FtC/lPj3Z1csFV+T5djnwgXJYS75/APAYFSxkVNbSYWWeScY7BtjcBO5Tz cXaA== X-Gm-Message-State: AOJu0Yw3mMqw4g+fq0ApzGxCA5iJ33av8WeulAi37bPKxVa+eDSDxybt 4NLcAGPs6nqpqBcwZRY8wPVh3d26DJkb0NX2zovaUw== X-Google-Smtp-Source: AGHT+IG0JbdjQzQZ/WVwc3e7G5mZ5D4hzhpmJ6R+AeGWlZtbBpc3JW9DNLNBPXgJ4/JPUgIc3soMZw== X-Received: by 2002:a54:4e8c:0:b0:3b8:37ba:7c73 with SMTP id c12-20020a544e8c000000b003b837ba7c73mr1060731oiy.53.1700620303851; Tue, 21 Nov 2023 18:31:43 -0800 (PST) Received: from hexa.lan (dhcp-72-234-108-41.hawaiiantel.net. [72.234.108.41]) by smtp.gmail.com with ESMTPSA id d11-20020a056a00198b00b006cb9a43ae4esm4384182pfl.215.2023.11.21.18.31.43 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 18:31:43 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 15/16] goarch: Move Go architecture mapping to a library Date: Tue, 21 Nov 2023 16:31:12 -1000 Message-Id: <8726ae02d760270f9e7fe7ef5715d8f7553371ce.1700620126.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 22 Nov 2023 02:31:54 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/191014 From: Peter Marko Other spaces uses the Go architecture definitions as their own (for example, container arches are defined to be Go arches). To make it easier for other places to use this mapping, move the code that does the translation of OpenEmbedded arches to Go arches to a library. (From oe-core rev: 3e86f72fc2e1cc2e5ea4b4499722d736941167ce) This commit together with meta-virtualization commit 115f6367f37095415f289fb6981cda9608ac72ff broke meta-virtualization master used with meta-lts-mixins kirkstone/go which is our primary usecase for having kirkstone/go mixin layer Manually crafted since cherry-pick had too many conflicts: * different path to classes * additional architecture loongarch64 * different way how to import library Signed-off-by: Peter Marko Cc: Joshua Watt Cc: Bruce Ashfield Cc: Jose Quaresma Signed-off-by: Steve Sakoman --- meta/classes/base.bbclass | 2 +- meta/classes/goarch.bbclass | 27 +++------------------------ meta/lib/oe/go.py | 32 ++++++++++++++++++++++++++++++++ 3 files changed, 36 insertions(+), 25 deletions(-) create mode 100644 meta/lib/oe/go.py diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass index b15c5839b6..ee26ee5597 100644 --- a/meta/classes/base.bbclass +++ b/meta/classes/base.bbclass @@ -12,7 +12,7 @@ inherit logging OE_EXTRA_IMPORTS ?= "" -OE_IMPORTS += "os sys time oe.path oe.utils oe.types oe.package oe.packagegroup oe.sstatesig oe.lsb oe.cachedpath oe.license oe.qa oe.reproducible oe.rust ${OE_EXTRA_IMPORTS}" +OE_IMPORTS += "os sys time oe.path oe.utils oe.types oe.package oe.packagegroup oe.sstatesig oe.lsb oe.cachedpath oe.license oe.qa oe.reproducible oe.rust oe.go ${OE_EXTRA_IMPORTS}" OE_IMPORTS[type] = "list" PACKAGECONFIG_CONFARGS ??= "" diff --git a/meta/classes/goarch.bbclass b/meta/classes/goarch.bbclass index 92fec16b82..394c0c5d84 100644 --- a/meta/classes/goarch.bbclass +++ b/meta/classes/goarch.bbclass @@ -61,31 +61,10 @@ SECURITY_NOPIE_CFLAGS ??= "" CCACHE_DISABLE ?= "1" def go_map_arch(a, d): - import re - if re.match('i.86', a): - return '386' - elif a == 'x86_64': - return 'amd64' - elif re.match('arm.*', a): - return 'arm' - elif re.match('aarch64.*', a): - return 'arm64' - elif re.match('mips64el.*', a): - return 'mips64le' - elif re.match('mips64.*', a): - return 'mips64' - elif a == 'mips': - return 'mips' - elif a == 'mipsel': - return 'mipsle' - elif re.match('p(pc|owerpc)(64le)', a): - return 'ppc64le' - elif re.match('p(pc|owerpc)(64)', a): - return 'ppc64' - elif a == 'riscv64': - return 'riscv64' - else: + arch = oe.go.map_arch(a) + if not arch: raise bb.parse.SkipRecipe("Unsupported CPU architecture: %s" % a) + return arch def go_map_arm(a, d): if a.startswith("arm"): diff --git a/meta/lib/oe/go.py b/meta/lib/oe/go.py new file mode 100644 index 0000000000..9996057f12 --- /dev/null +++ b/meta/lib/oe/go.py @@ -0,0 +1,32 @@ +# +# Copyright OpenEmbedded Contributors +# +# SPDX-License-Identifier: MIT +# + +import re + +def map_arch(a): + if re.match('i.86', a): + return '386' + elif a == 'x86_64': + return 'amd64' + elif re.match('arm.*', a): + return 'arm' + elif re.match('aarch64.*', a): + return 'arm64' + elif re.match('mips64el.*', a): + return 'mips64le' + elif re.match('mips64.*', a): + return 'mips64' + elif a == 'mips': + return 'mips' + elif a == 'mipsel': + return 'mipsle' + elif re.match('p(pc|owerpc)(64le)', a): + return 'ppc64le' + elif re.match('p(pc|owerpc)(64)', a): + return 'ppc64' + elif a == 'riscv64': + return 'riscv64' + return '' From patchwork Wed Nov 22 02:31:13 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 35005 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 85FB5C61D97 for ; Wed, 22 Nov 2023 02:31:54 +0000 (UTC) Received: from mail-pg1-f173.google.com (mail-pg1-f173.google.com [209.85.215.173]) by mx.groups.io with SMTP id smtpd.web10.10890.1700620306629771919 for ; Tue, 21 Nov 2023 18:31:46 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=uPnpRQoR; spf=softfail (domain: sakoman.com, ip: 209.85.215.173, mailfrom: steve@sakoman.com) Received: by mail-pg1-f173.google.com with SMTP id 41be03b00d2f7-5aa7172bafdso4129759a12.1 for ; Tue, 21 Nov 2023 18:31:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1700620305; x=1701225105; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=d2SdTaIEahh+tg5kZOOjhkSV3iviikCRcAUdJuqnfV8=; b=uPnpRQoRAV7YKajnbtIiDEDEuKmeNzZUE04y0aXstYMeqo4qya59rGSoqEa5ItSBxm wnyOI9p+UjzBqvgg7MpFwOxnlPP/+cDXH+Az9u1uQc0p9s53xVEiNb56iZbIoU9+hgKI 1Qn1BksDKiM9iCFibl30LLTMyJwxfymQILmkW+jGczQHFLX448p2HE+BxEafxZCJO1Y/ pMeXBoxtxbGqrXD9kILnKxmLEHONSUshRBlG5dKXEZU5lVIi+VDJIfGq8WrCurR6F8p0 4VrSGTY0SX/5+q2boHHnGCn2FXPpdJ0FkYmyritR1LRKiHZY/T5UrAEQmbvanprbFIfo TbtQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700620305; x=1701225105; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=d2SdTaIEahh+tg5kZOOjhkSV3iviikCRcAUdJuqnfV8=; b=NhiG9X+iudas/etK94PinZwdOYhV3XboSnQ0A6r3dWvUqORIqx1HFxbLrJiq6oiwS/ tYJs1eqhm1eWKFGjKNe5WtinJXc3Y+RmSrQFPgA3gj0osvwqWNFd5Z3FTJKgKAMQg0gk FEc9Y3eJOLPeldcpNkAc4U/Ou7bpxSNYTt7BugrBNbEm/8Ll8KHRumTbYgOm24vuFS4m lYjXShdMwPhudD111+FWOE2AdX/J+KJsqVepcz/1hHTtDWYSigrmusQ0DnNvLXU63pHA 5MuVFr4yaQ80XhKlgk1EnEyWG7c7tlKmjSWlkn1MBE2uu4jfBEholCSKz4yRZAPUPw85 5Mkg== X-Gm-Message-State: AOJu0YxKqtZTfbSApT1dbSNCnqBjZV8Gle54vqEVr0DY3S9buQhXfR2R dDeTte4GWOxESOELVzQdwnmKn8yDOcpRcxFLI0f58w== X-Google-Smtp-Source: AGHT+IGFxwpQacjlWNBeE2I5mGxo2rUlX1iIlpFFfJva8X5A5eKK5lu88cQlXlMs83oKnqF84QlfKA== X-Received: by 2002:a05:6a20:5507:b0:187:f7d3:fe4 with SMTP id ko7-20020a056a20550700b00187f7d30fe4mr851265pzb.11.1700620305477; Tue, 21 Nov 2023 18:31:45 -0800 (PST) Received: from hexa.lan (dhcp-72-234-108-41.hawaiiantel.net. [72.234.108.41]) by smtp.gmail.com with ESMTPSA id d11-20020a056a00198b00b006cb9a43ae4esm4384182pfl.215.2023.11.21.18.31.44 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 18:31:45 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 16/16] libxcrypt: fixed some build error for nativesdk with mingw Date: Tue, 21 Nov 2023 16:31:13 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 22 Nov 2023 02:31:54 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/191015 From: Wenlin Kang Steps to reproduce 1) add layer meta-mingw 2) add line in local.conf SDKMACHINE = "x86_64-mingw32" 3) bitbake nativesdk-libxcrypt Fixed: 1. .symver error | {standard input}: Assembler messages: | {standard input}:4: Error: unknown pseudo-op: `.symver' 2. pedantic error | ../git/lib/crypt.c:316:24: error: ISO C does not allow extra ';' outside of a function [-Werror=pedantic] | 316 | SYMVER_crypt_gensalt_rn; | | 3. conversion error | ../git/lib/util-get-random-bytes.c: In function '_crypt_get_random_bytes': | ../git/lib/util-get-random-bytes.c:140:42: error: conversion from 'size_t' {aka 'long long unsigned int'} to 'unsigned int' may change value [-Werror=conversion] | 140 | ssize_t nread = read (fd, buf, buflen); Signed-off-by: Wenlin Kang Signed-off-by: Steve Sakoman --- .../0001-Fix-for-compilation-on-Windows.patch | 37 +++++++++++++++ ...dom-bytes.c-fixed-conversion-error-w.patch | 47 +++++++++++++++++++ meta/recipes-core/libxcrypt/libxcrypt.inc | 4 ++ 3 files changed, 88 insertions(+) create mode 100644 meta/recipes-core/libxcrypt/files/0001-Fix-for-compilation-on-Windows.patch create mode 100644 meta/recipes-core/libxcrypt/files/0001-lib-util-get-random-bytes.c-fixed-conversion-error-w.patch diff --git a/meta/recipes-core/libxcrypt/files/0001-Fix-for-compilation-on-Windows.patch b/meta/recipes-core/libxcrypt/files/0001-Fix-for-compilation-on-Windows.patch new file mode 100644 index 0000000000..5760ee09cc --- /dev/null +++ b/meta/recipes-core/libxcrypt/files/0001-Fix-for-compilation-on-Windows.patch @@ -0,0 +1,37 @@ +From a507b628a5a5d4e4f1cf0f0a9a72967470ee7624 Mon Sep 17 00:00:00 2001 +From: Brecht Sanders +Date: Fri, 3 Feb 2023 08:44:49 +0100 +Subject: [PATCH] Fix for compilation on Windows + +This fix allows the library to build on Windows (at least with MinGW-w64). + +`.symver` is only supported for ELF format but Windows uses COFF/PE. + +Workaround dummy define of `symver_set()` + +Upstream-Status: Backport [https://github.com/besser82/libxcrypt/commit/a507b628a5a5d4e4f1cf0f0a9a72967470ee7624] + +Signed-off-by: Wenlin Kang +--- + lib/crypt-port.h | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/lib/crypt-port.h b/lib/crypt-port.h +index f06ca24..a707939 100644 +--- a/lib/crypt-port.h ++++ b/lib/crypt-port.h +@@ -201,6 +201,11 @@ extern size_t strcpy_or_abort (void *dst, size_t d_size, const void *src); + __asm__(".globl _" extstr); \ + __asm__(".set _" extstr ", _" #intname) + ++#elif defined _WIN32 ++ ++/* .symver is only supported for ELF format, Windows uses COFF/PE */ ++# define symver_set(extstr, intname, version, mode) ++ + #elif defined __GNUC__ && __GNUC__ >= 3 + + # define _strong_alias(name, aliasname) \ +-- +2.34.1 + diff --git a/meta/recipes-core/libxcrypt/files/0001-lib-util-get-random-bytes.c-fixed-conversion-error-w.patch b/meta/recipes-core/libxcrypt/files/0001-lib-util-get-random-bytes.c-fixed-conversion-error-w.patch new file mode 100644 index 0000000000..3846f76674 --- /dev/null +++ b/meta/recipes-core/libxcrypt/files/0001-lib-util-get-random-bytes.c-fixed-conversion-error-w.patch @@ -0,0 +1,47 @@ +From ff99091eb8a6b9e6edc567f6d2552183fbaacec3 Mon Sep 17 00:00:00 2001 +From: Wenlin Kang +Date: Mon, 6 Nov 2023 14:43:28 +0800 +Subject: [PATCH] lib/util-get-random-bytes.c: fixed conversion error with + mingw + +With x86_64-w64-mingw32-gcc. get below error: +| ../git/lib/util-get-random-bytes.c: In function '_crypt_get_random_bytes': +| ../git/lib/util-get-random-bytes.c:140:42: error: conversion from 'size_t' {aka 'long long unsigned int'} to 'unsigned int' may change value [-Werror=conversion] +| 140 | ssize_t nread = read (fd, buf, buflen); +| | ^~~~~~ + +In util-get-random-bytes.c, has get_random_bytes(void *buf, size_t buflen), +but in mingw-w64-mingw-w64/mingw-w64-headers/crt/io.h, read() has "unsigned int" +read(int _FileHandle,void *_DstBuf,unsigned int _MaxCharCount), and has: + #ifdef _WIN64 + __MINGW_EXTENSION typedef unsigned __int64 size_t; + #else + typedef unsigned int size_t; + #endif /* _WIN64 */ + +Upstream-Status: Pending + +Signed-off-by: Wenlin Kang +--- + lib/util-get-random-bytes.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/lib/util-get-random-bytes.c b/lib/util-get-random-bytes.c +index 79816db..68cd378 100644 +--- a/lib/util-get-random-bytes.c ++++ b/lib/util-get-random-bytes.c +@@ -137,7 +137,11 @@ get_random_bytes(void *buf, size_t buflen) + dev_urandom_doesnt_work = true; + else + { ++#ifdef _WIN64 ++ ssize_t nread = read (fd, buf, (unsigned int)buflen); ++#else + ssize_t nread = read (fd, buf, buflen); ++#endif + if (nread < 0 || (size_t)nread < buflen) + dev_urandom_doesnt_work = true; + +-- +2.25.1 + diff --git a/meta/recipes-core/libxcrypt/libxcrypt.inc b/meta/recipes-core/libxcrypt/libxcrypt.inc index 342cbd0d06..2b3cd31c2a 100644 --- a/meta/recipes-core/libxcrypt/libxcrypt.inc +++ b/meta/recipes-core/libxcrypt/libxcrypt.inc @@ -16,6 +16,8 @@ SRCBRANCH ?= "master" SRC_URI += "file://fix_cflags_handling.patch \ file://0001-Make-BuildCommon.pm-compatible-with-latest-perl.patch \ file://0002-Remove-smartmatch-usage-from-gen-crypt-h.patch \ + file://0001-Fix-for-compilation-on-Windows.patch \ + file://0001-lib-util-get-random-bytes.c-fixed-conversion-error-w.patch \ " PROVIDES = "virtual/crypt" @@ -29,4 +31,6 @@ CPPFLAGS:append:class-nativesdk = " -Wno-error" API = "--disable-obsolete-api" EXTRA_OECONF += "${API}" +CFLAGS:append:class-nativesdk = " -Wno-pedantic" + BBCLASSEXTEND = "native nativesdk"