Re: [oe] [meta-oe][PATCH v4 4/4] libspatialite: Upgrade to 5.0.1
does this need some specific version of geos ? seeing this https://autobuilder.yoctoproject.org/typhoon/#/builders/88/builds/1813/steps/14/logs/stdio On Wed, Jun 22, 2022 at 10:17 AM Zoltan Boszormenyi via lists.openembedded.org wrote: > > From: Zoltán Böszörményi > > Removed a patch that didn't apply to the new version. > > Added three patches without changes from Fedora that allowed > the new version to compile. > See https://koji.fedoraproject.org/koji/buildinfo?buildID=1924183 > > Signed-off-by: Zoltán Böszörményi > --- > .../libspatialite/geos-config.patch | 17 > .../libspatialite/libspatialite_geos.patch| 43 +++ > .../libspatialite/libspatialite_macros.patch | 12 ++ > .../libspatialite_pkgconfig.patch | 11 + > ...alite_4.3.0a.bb => libspatialite_5.0.1.bb} | 14 +++--- > 5 files changed, 74 insertions(+), 23 deletions(-) > delete mode 100644 > meta-oe/recipes-navigation/libspatialite/libspatialite/geos-config.patch > create mode 100644 > meta-oe/recipes-navigation/libspatialite/libspatialite/libspatialite_geos.patch > create mode 100644 > meta-oe/recipes-navigation/libspatialite/libspatialite/libspatialite_macros.patch > create mode 100644 > meta-oe/recipes-navigation/libspatialite/libspatialite/libspatialite_pkgconfig.patch > rename meta-oe/recipes-navigation/libspatialite/{libspatialite_4.3.0a.bb => > libspatialite_5.0.1.bb} (63%) > > diff --git > a/meta-oe/recipes-navigation/libspatialite/libspatialite/geos-config.patch > b/meta-oe/recipes-navigation/libspatialite/libspatialite/geos-config.patch > deleted file mode 100644 > index 28bd7dad8..0 > --- a/meta-oe/recipes-navigation/libspatialite/libspatialite/geos-config.patch > +++ /dev/null > @@ -1,17 +0,0 @@ > -https://www.gaia-gis.it/fossil/libspatialite/tktview?name=abeeaad448 > - > -Upstream-Status: Submitted [rpm5-de...@rpm5.org] > - > -Index: libspatialite-4.2.0/configure.ac > -=== > libspatialite-4.2.0.orig/configure.ac > -+++ libspatialite-4.2.0/configure.ac > -@@ -260,7 +260,7 @@ if test x"$enable_geos" != "xno"; then > - fi > - # Extract the linker and include flags > - GEOS_LDFLAGS=`$GEOSCONFIG --ldflags` > -- GEOS_CFLAGS=-I`$GEOSCONFIG --includes` > -+ GEOS_CFLAGS=`$GEOSCONFIG --cflags` > - AC_SUBST([GEOS_LDFLAGS]) > - AC_SUBST([GEOS_CFLAGS]) > - # Ensure that we can parse geos_c.h > diff --git > a/meta-oe/recipes-navigation/libspatialite/libspatialite/libspatialite_geos.patch > > b/meta-oe/recipes-navigation/libspatialite/libspatialite/libspatialite_geos.patch > new file mode 100644 > index 0..7d8d2c2e4 > --- /dev/null > +++ > b/meta-oe/recipes-navigation/libspatialite/libspatialite/libspatialite_geos.patch > @@ -0,0 +1,43 @@ > +diff -rupN --no-dereference libspatialite-5.0.1/configure.ac > libspatialite-5.0.1-new/configure.ac > +--- libspatialite-5.0.1/configure.ac 2021-03-08 08:57:19.015858195 +0100 > libspatialite-5.0.1-new/configure.ac 2021-03-08 08:57:19.017858195 > +0100 > +@@ -312,35 +312,10 @@ AC_ARG_ENABLE(geos, [AS_HELP_STRING( > + [], [enable_geos=yes]) > + if test x"$enable_geos" != "xno"; then > + #--- > +- # --with-geosconfig > +- # > +- AC_ARG_WITH([geosconfig], > +-[AS_HELP_STRING([--with-geosconfig=FILE], [specify an alternative > geos-config file])], > +- [GEOSCONFIG="$withval"], [GEOSCONFIG=""]) > +- if test "x$GEOSCONFIG" = "x"; then > +-# GEOSCONFIG was not specified, so search within the current path > +-AC_PATH_PROG([GEOSCONFIG], [geos-config]) > +-# If we couldn't find geos-config, display an error > +-if test "x$GEOSCONFIG" = "x"; then > +-AC_MSG_ERROR([could not find geos-config within the current > path. You may need to try re-running configure with a --with-geosconfig > parameter.]) > +-fi > +- else > +-# GEOSCONFIG was specified; display a message to the user > +-if test "x$GEOSCONFIG" = "xyes"; then > +-AC_MSG_ERROR([you must specify a parameter to > --with-geosconfig, e.g. --with-geosconfig=/path/to/geos-config]) > +-else > +-if test -f $GEOSCONFIG; then > +-AC_MSG_RESULT([Using user-specified geos-config > file: $GEOSCONFIG]) > +-else > +-AC_MSG_ERROR([the user-specified geos-config file > $GEOSCONFIG does not exist]) > +-fi > +-fi > +- fi > +- # Extract the linker and include flags > +- GEOS_LDFLAGS=`$GEOSCONFIG --ldflags` > +- GEOS_CFLAGS=-I`$GEOSCONFIG --includes` > +- AC_SUBST([GEOS_LDFLAGS]) > +- AC_SUBST([GEOS_CFLAGS]) > ++ PKG_CHECK_MODULES([GEOS], [geos], , AC_MSG_ERROR(['geos' is required but > it doesn't seem to be installed on this system.])) > ++ GEOS_LDFLAGS="$GEOS_LIBS" > ++
[oe] [meta-networking][master|kirkstone][PATCH] freeradius: mutlilib fixes
Define raddbdir based on multilib Add multilib headers and scripts for conflicting content --- .../freeradius/freeradius_3.0.21.bb | 34 --- 1 file changed, 21 insertions(+), 13 deletions(-) diff --git a/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb b/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb index da7e60419..453e514b6 100644 --- a/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb +++ b/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb @@ -34,6 +34,8 @@ SRC_URI = "git://github.com/FreeRADIUS/freeradius-server.git;branch=v3.0.x;lfs=0 file://check-openssl-cmds-in-script-bootstrap.patch \ " +raddbdir="${sysconfdir}/${MLPREFIX}raddb" + SRCREV = "af428abda249b2279ba0582180985a9f6f4a144a" PARALLEL_MAKE = "" @@ -48,6 +50,7 @@ EXTRA_OECONF = " --enable-strict-dependencies \ --with-docdir=${docdir}/freeradius-${PV} \ --with-openssl-includes=${STAGING_INCDIR} \ --with-openssl-libraries=${STAGING_LIBDIR} \ +--with-raddbdir=${raddbdir} \ --without-rlm_ippool \ --without-rlm_cache_memcached \ --without-rlm_counter \ @@ -98,7 +101,9 @@ PACKAGECONFIG[openssl] = "--with-openssl, --without-openssl" PACKAGECONFIG[rlm-eap-fast] = "--with-rlm_eap_fast, --without-rlm_eap_fast" PACKAGECONFIG[rlm-eap-pwd] = "--with-rlm_eap_pwd, --without-rlm_eap_pwd" -inherit useradd autotools-brokensep update-rc.d systemd +inherit useradd autotools-brokensep update-rc.d systemd multilib_script multilib_header + +MULTILIB_SCRIPTS = "${PN}:${sbindir}/checkrad" # This is not a cpan or python based package, but it needs some definitions # from cpan-base and python3-dir bbclasses for building rlm_perl and rlm_python @@ -141,7 +146,7 @@ do_install() { oe_runmake install R=${D} INSTALLSTRIP="" # remove unsupported config files -rm -f ${D}/${sysconfdir}/raddb/experimental.conf +rm -f ${D}/${raddbdir}/experimental.conf # remove scripts that required Perl(DBI) rm -rf ${D}/${bindir}/radsqlrelay @@ -153,7 +158,7 @@ do_install() { rm -rf ${D}/${localstatedir}/log/ install -m 0644 ${WORKDIR}/volatiles.58_radiusd ${D}${sysconfdir}/default/volatiles/58_radiusd -chown -R radiusd:radiusd ${D}/${sysconfdir}/raddb/ +chown -R radiusd:radiusd ${D}/${raddbdir} chown -R radiusd:radiusd ${D}/${localstatedir}/lib/radiusd # For systemd @@ -169,6 +174,9 @@ do_install() { install -d ${D}${sysconfdir}/tmpfiles.d/ install -m 0644 ${WORKDIR}/radiusd-volatiles.conf ${D}${sysconfdir}/tmpfiles.d/radiusd.conf fi +oe_multilib_header freeradius/autoconf.h +oe_multilib_header freeradius/missing.h +oe_multilib_header freeradius/radpaths.h } # This is only needed when we install/update on a running target. @@ -183,7 +191,7 @@ pkg_postinst:${PN} () { fi # Fix ownership for /etc/raddb/*, /var/lib/radiusd -chown -R radiusd:radiusd ${sysconfdir}/raddb +chown -R radiusd:radiusd ${raddbdir} chown -R radiusd:radiusd ${localstatedir}/lib/radiusd fi } @@ -204,30 +212,30 @@ PACKAGES =+ "${PN}-utils ${PN}-ldap ${PN}-krb5 ${PN}-perl \ FILES:${PN}-utils = "${bindir}/*" FILES:${PN}-ldap = "${libdir}/rlm_ldap.so* \ -${sysconfdir}/raddb/mods-available/ldap \ +${raddbdir}/mods-available/ldap \ " FILES:${PN}-krb5 = "${libdir}/rlm_krb5.so* \ -${sysconfdir}/raddb/mods-available/krb5 \ +${raddbdir}/mods-available/krb5 \ " FILES:${PN}-perl = "${libdir}/rlm_perl.so* \ -${sysconfdir}/raddb/mods-config/perl \ -${sysconfdir}/raddb/mods-available/perl \ +${raddbdir}/mods-config/perl \ +${raddbdir}/mods-available/perl \ " FILES:${PN}-python = "${libdir}/rlm_python3.so* \ -${sysconfdir}/raddb/mods-config/python3 \ -${sysconfdir}/raddb/mods-available/python3 \ +${raddbdir}/mods-config/python3 \ +${raddbdir}/mods-available/python3 \ " FILES:${PN}-mysql = "${libdir}/rlm_sql_mysql.so* \ -${sysconfdir}/raddb/mods-config/sql/*/mysql \ -${sysconfdir}/raddb/mods-available/sql \ +${raddbdir}/mods-config/sql/*/mysql \ +${raddbdir}/mods-available/sql \ " FILES:${PN}-postgresql = "${libdir}/rlm_sql_postgresql.so* \ -${sysconfdir}/raddb/mods-config/sql/*/postgresql \ +${raddbdir}/mods-config/sql/*/postgresql \ " FILES:${PN}-unixodbc = "${libdir}/rlm_sql_unixodbc.so*" -- 2.35.3 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#97673): https://lists.openembedded.org/g/openembedded-devel/message/97673 Mute This Topic: https://lists.openembedded.org/mt/92117098/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] dunfell gpsfake
Hello, I have added gpsd (3.19) and gps-utils to my project, but gpsfake, gpscat, and the other gpsd python clients are missing from the built image. Is there something additional I need to do to get those installed? In the build output scons shows that it's skipping the python portion due to "python" missing, even though python3 is listed as a dependency in the recipe and the gpsd python modules are added to the python3 site-packages. I wonder if target_python=python3 needs to be set in the scons invocation. Any guidance would be appreciated. Kind regards, Matt -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#97672): https://lists.openembedded.org/g/openembedded-devel/message/97672 Mute This Topic: https://lists.openembedded.org/mt/92113292/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe][meta-networking][PATCH] crda: Depend on correct wireless-regdb package
The cdra application is looking for the `regulatory.bin` file that is installed by the `wireless-regdb` package, but that is not installed because the RDEPENDS lists`wireless-regdb-static` (which conflicts with `wireless-regdb`). Changing RDEPENDS to use `wireless-regdb` instead of `wireless-regdb-static` allows the cdra application to function properly. Example output before this fix was applied: root@yocto:~# COUNTRY=US crda failed to open db file: No such file or directory root@yocto:~# COUNTRY=US strace crda execve("/usr/sbin/crda", ["crda"], 0xbec80d70 /* 17 vars */) = 0 ... openat(AT_FDCWD, "/usr/local/lib/crda/regulatory.bin", O_RDONLY) = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "/usr/lib/crda/regulatory.bin", O_RDONLY) = -1 ENOENT (No such file or directory) openat(AT_FDCWD, "/lib/crda/regulatory.bin", O_RDONLY) = -1 ENOENT (No such file or directory) ... write(3, "failed to open db file: No such "..., 50failed to open db file: No such file or directory ) = 50 close(3)= 0 exit_group(-2) = ? +++ exited with 254 +++ Signed-off-by: Theodore A. Roth Signed-off-by: Theodore A. Roth --- .../meta-python/recipes-connectivity/crda/crda_3.18.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-networking/dynamic-layers/meta-python/recipes-connectivity/crda/crda_3.18.bb b/meta-networking/dynamic-layers/meta-python/recipes-connectivity/crda/crda_3.18.bb index 9abfd61cf..a616557e7 100644 --- a/meta-networking/dynamic-layers/meta-python/recipes-connectivity/crda/crda_3.18.bb +++ b/meta-networking/dynamic-layers/meta-python/recipes-connectivity/crda/crda_3.18.bb @@ -36,4 +36,4 @@ do_install() { oe_runmake SBINDIR=${sbindir}/ install } -RDEPENDS:${PN} = "udev wireless-regdb-static" +RDEPENDS:${PN} = "udev wireless-regdb" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#97671): https://lists.openembedded.org/g/openembedded-devel/message/97671 Mute This Topic: https://lists.openembedded.org/mt/92112962/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe] [meta-python][PATCH] python3-debugpy: add recipe
fails in QA checks https://errors.yoctoproject.org/Errors/Details/659231/ On Thu, Jun 30, 2022 at 11:16 AM Enguerrand de Ribaucourt wrote: > > debugpy provides an implementation of the Debug Adapter Protocol for > Python 3. > > It is for instance compatible with the VSCode Python remote debugger > extension. > > Signed-off-by: Enguerrand de Ribaucourt > > --- > ...se-generic-yocto-architecture-suffix.patch | 64 +++ > .../python/python3-debugpy_1.6.0.bb | 40 > 2 files changed, 104 insertions(+) > create mode 100644 > meta-python/recipes-devtools/python/python3-debugpy/0001-arch-use-generic-yocto-architecture-suffix.patch > create mode 100644 > meta-python/recipes-devtools/python/python3-debugpy_1.6.0.bb > > diff --git > a/meta-python/recipes-devtools/python/python3-debugpy/0001-arch-use-generic-yocto-architecture-suffix.patch > > b/meta-python/recipes-devtools/python/python3-debugpy/0001-arch-use-generic-yocto-architecture-suffix.patch > new file mode 100644 > index 0..0a58b39fa > --- /dev/null > +++ > b/meta-python/recipes-devtools/python/python3-debugpy/0001-arch-use-generic-yocto-architecture-suffix.patch > @@ -0,0 +1,64 @@ > +From f6552b6d3cef48401188fcacd8718f9268493608 Mon Sep 17 00:00:00 2001 > +From: Enguerrand de Ribaucourt > > +Date: Thu, 30 Jun 2022 14:51:36 +0200 > +Subject: [PATCH] arch: use generic yocto architecture suffix > + > +A precompiled attach_linux_.so library comes for only a limited > +number of architectures in debugpy. We have to compile it for the > +others. > + > +Yocto may use the TARGET_ARCH suffix but it will be different than what is > +returned at runtime by Python's platform.machine(). Ex: core2-64/amd64. > +This makes it hard to match the names used to generate and load the > +library. > + > +We ease the process of matching both by using a generating "yocto" > +suffix. > + > +Upstream-Status: Inappropriate > +Signed-off-by: Enguerrand de Ribaucourt > > +--- > + .../pydevd_attach_to_process/add_code_to_python_process.py | 5 ++--- > + src/debugpy/_vendored/pydevd/pydevd_tracing.py | 5 ++--- > + 2 files changed, 4 insertions(+), 6 deletions(-) > + > +diff --git > a/src/debugpy/_vendored/pydevd/pydevd_attach_to_process/add_code_to_python_process.py > > b/src/debugpy/_vendored/pydevd/pydevd_attach_to_process/add_code_to_python_process.py > +index 3c0e1b94..4c7d4b46 100644 > +--- > a/src/debugpy/_vendored/pydevd/pydevd_attach_to_process/add_code_to_python_process.py > > b/src/debugpy/_vendored/pydevd/pydevd_attach_to_process/add_code_to_python_process.py > +@@ -171,8 +171,8 @@ def get_target_filename(is_target_process_64=None, > prefix=None, extension=None): > + elif IS_LINUX: > + if not extension: > + extension = '.so' > +-suffix_64 = 'amd64' > +-suffix_32 = 'x86' > ++suffix_64 = 'yocto' > ++suffix_32 = 'yocto' > + > + elif IS_MAC: > + if not extension: > +@@ -577,4 +577,3 @@ if __name__ == '__main__': > + test() > + else: > + main(args) > +- > +diff --git a/src/debugpy/_vendored/pydevd/pydevd_tracing.py > b/src/debugpy/_vendored/pydevd/pydevd_tracing.py > +index 561d7f71..7acbf3e1 100644 > +--- a/src/debugpy/_vendored/pydevd/pydevd_tracing.py > b/src/debugpy/_vendored/pydevd/pydevd_tracing.py > +@@ -157,8 +157,8 @@ def get_python_helper_lib_filename(): > + > + elif IS_LINUX: > + extension = '.so' > +-suffix_64 = 'amd64' > +-suffix_32 = 'x86' > ++suffix_64 = 'yocto' > ++suffix_32 = 'yocto' > + > + elif IS_MAC: > + extension = '.dylib' > +@@ -372,4 +372,3 @@ def set_trace_to_threads(tracing_func, > thread_idents=None, create_dummy_thread=T > + ret = result > + > + return ret > +- > diff --git a/meta-python/recipes-devtools/python/python3-debugpy_1.6.0.bb > b/meta-python/recipes-devtools/python/python3-debugpy_1.6.0.bb > new file mode 100644 > index 0..1fe238169 > --- /dev/null > +++ b/meta-python/recipes-devtools/python/python3-debugpy_1.6.0.bb > @@ -0,0 +1,40 @@ > +SUMMARY = "An implementation of the Debug Adapter Protocol for Python 3" > +LICENSE = "MIT & EPL-1.0" > +LIC_FILES_CHKSUM = "file://LICENSE;md5=18496e0e5a38c5caaade8503120ef9ea \ > + > file://src/debugpy/_vendored/pydevd/LICENSE;md5=30b3836521b3d65bef598bbc358a3afa > \ > + > file://src/debugpy/_vendored/pydevd/_pydevd_frame_eval/vendored/bytecode-0.13.0.dev0.dist-info/COPYING;md5=0b470642172a83f6cf504fba28bac72f" > +SRCREV = "2ac9538dd5d59d0bb582d445e4a6b87663cfbab4" > + > +SRC_URI = > "git://g...@github.com/microsoft/debugpy.git;protocol=ssh;branch=main \ > + file://0001-arch-use-generic-yocto-architecture-suffix.patch \ > + " > + > +S = "${WORKDIR}/git" > + > +inherit setuptools3 > + > +EXTRA_CXXFLAGS += "-fPIC -nostartfiles" > + > +do_compile:append() { > +${CC}
Re: [oe] [meta-oe][PATCH v3 1/4] geos: Upgrade to 3.9.3
this fails to build on arm/clang https://errors.yoctoproject.org/Errors/Details/659199/ On Wed, Jun 22, 2022 at 10:13 AM Zoltan Boszormenyi via lists.openembedded.org wrote: > > From: Zoltán Böszörményi > > Remove an upstreamed patch. > > Signed-off-by: Zoltán Böszörményi > --- > meta-oe/recipes-navigation/geos/geos_3.4.3.bb | 7 --- > meta-oe/recipes-navigation/geos/geos_3.9.3.bb | 3 +++ > 2 files changed, 3 insertions(+), 7 deletions(-) > delete mode 100644 meta-oe/recipes-navigation/geos/geos_3.4.3.bb > create mode 100644 meta-oe/recipes-navigation/geos/geos_3.9.3.bb > > diff --git a/meta-oe/recipes-navigation/geos/geos_3.4.3.bb > b/meta-oe/recipes-navigation/geos/geos_3.4.3.bb > deleted file mode 100644 > index 538456cc2..0 > --- a/meta-oe/recipes-navigation/geos/geos_3.4.3.bb > +++ /dev/null > @@ -1,7 +0,0 @@ > -require geos.inc > - > -SRC_URI += "file://geos-config-Add-includedir-variable.patch \ > -" > - > -SRC_URI[md5sum] = "77f2c2cca1e9f49bc1bece9037ac7a7a" > -SRC_URI[sha256sum] = > "cfbf68079117c1c2b76411636444ff41d73c31093c4cab9dcc9a8c1bbe7e3897" > diff --git a/meta-oe/recipes-navigation/geos/geos_3.9.3.bb > b/meta-oe/recipes-navigation/geos/geos_3.9.3.bb > new file mode 100644 > index 0..fdb72204e > --- /dev/null > +++ b/meta-oe/recipes-navigation/geos/geos_3.9.3.bb > @@ -0,0 +1,3 @@ > +require geos.inc > + > +SRC_URI[sha256sum] = > "f8b2314e311456f7a449144efb5e3188c2a28774752bc50fc882a3cd5c89ee35" > -- > 2.36.1 > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#97669): https://lists.openembedded.org/g/openembedded-devel/message/97669 Mute This Topic: https://lists.openembedded.org/mt/91922610/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe] [PATCH 1/3] python3-hatchling: remove (now in oe-core)
I have staged a patch to remove all these in one patch yesterday On Fri, Jul 1, 2022 at 7:36 AM Ross Burton wrote: > As of 846e80 this is now in oe-core. > > Signed-off-by: Ross Burton > --- > meta-python/classes/python_hatchling.bbclass | 5 - > .../python/python3-hatchling_1.3.0.bb | 21 --- > 2 files changed, 26 deletions(-) > delete mode 100644 meta-python/classes/python_hatchling.bbclass > delete mode 100644 meta-python/recipes-devtools/python/ > python3-hatchling_1.3.0.bb > > diff --git a/meta-python/classes/python_hatchling.bbclass > b/meta-python/classes/python_hatchling.bbclass > deleted file mode 100644 > index b3cbe23601..00 > --- a/meta-python/classes/python_hatchling.bbclass > +++ /dev/null > @@ -1,5 +0,0 @@ > -inherit python_pep517 python3native python3-dir setuptools3-base > - > -DEPENDS += "python3-hatchling-native" > - > -PEP517_BUILD_API = "hatchling.build" > diff --git a/meta-python/recipes-devtools/python/ > python3-hatchling_1.3.0.bb b/meta-python/recipes-devtools/python/ > python3-hatchling_1.3.0.bb > deleted file mode 100644 > index a6550a9732..00 > --- a/meta-python/recipes-devtools/python/python3-hatchling_1.3.0.bb > +++ /dev/null > @@ -1,21 +0,0 @@ > -SUMMARY = "The extensible, standards compliant build backend used by > Hatch" > -HOMEPAGE = "https://hatch.pypa.io/latest/; > -LICENSE = "MIT" > -LIC_FILES_CHKSUM = > "file://LICENSE.txt;md5=cbe2fd33fc9297692812fc94b7d27fd9" > - > -inherit pypi python_hatchling > - > -DEPENDS += "python3-pluggy-native python3-tomli-native > python3-pathspec-native python3-packaging-native python3-editables-native" > -DEPENDS:remove:class-native = "python3-hatchling-native" > - > -SRC_URI[sha256sum] = > "1401d45d3dd6a5910f64d539acaa943486d5e8b7dda1a97f2b0040fdddc5b85e" > - > -# Until we have a proper tool to invoke PEP517 builds, hatchling can't > -# bootstrap itself automatically. > -PEP517_BUILD_API = "hatchling.ouroboros" > - > -do_compile:prepend() { > -export PYTHONPATH=src > -} > - > -BBCLASSEXTEND = "native nativesdk" > -- > 2.25.1 > > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#97668): https://lists.openembedded.org/g/openembedded-devel/message/97668 Mute This Topic: https://lists.openembedded.org/mt/92106450/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe] [meta-networking][kirkstone][PATCH] networkmanager: fix build with enabled ppp
On Fri, Jul 1, 2022 at 7:45 AM Otavio Salvador < otavio.salva...@ossystems.com.br> wrote: > > > Em seg., 27 de jun. de 2022 às 10:39, Javier Viguera via > lists.openembedded.org > escreveu: > >> If 'ppp' packageconfig option is enabled, but the build system does NOT >> have pppd binary installed, the build fails with: >> >> | Has header "pppd/pppd.h" : YES >> | Program pppd /sbin/pppd /usr/sbin/pppd found: NO >> | >> | ../NetworkManager-1.36.2/meson.build:570:4: ERROR: Assert failed: pppd >> required but not found, please provide a valid pppd path or use -Dppp=false >> to disable it >> >> This is due to meson trying to look for the 'pppd' binary in the build >> system when it should not. If the build system does not contain pppd, >> the build fails. >> >> Signed-off-by: Javier Viguera >> > > Please send it against master, first, then we can ask for backports. > I have staged it with a bit of editing > -- > Otavio Salvador O.S. Systems > http://www.ossystems.com.brhttp://code.ossystems.com.br > Mobile: +55 (53) 9 9981-7854 Mobile: +1 (347) 903-9750 > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#97667): https://lists.openembedded.org/g/openembedded-devel/message/97667 Mute This Topic: https://lists.openembedded.org/mt/92020681/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe] maximum shebang size exceeded, the maximum size is 128. [shebang-size]
On Fri, Jul 1, 2022 at 9:04 AM Ross Burton wrote: > Is that with oe-core master-next? There’s a sanity test patch there which > is very relative. The recipe is buggy > > Yes master-next. I see so we have few recipes to fix then, I hope someone can send fixes > > > *From: *openembedded-devel@lists.openembedded.org < > openembedded-devel@lists.openembedded.org> on behalf of Khem Raj via > lists.openembedded.org > *Date: *Thursday, 30 June 2022 at 12:18 > *To: *openembeded-devel > *Subject: *[oe] maximum shebang size exceeded, the maximum size is 128. > [shebang-size] > > Hi All > > I am seeing few build QA errors during do_populate_sysroot on native > packages predominantly perl packages failing with > > maximum shebang size exceeded, the maximum size is 128. [shebang-size] > > This is the list from meta-oe world builds > > https://errors.yoctoproject.org/Errors/Build/147810/ > > This was working fine few weeks ago > > Any ideas ? > > Thanks > Khem > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy the > information in any medium. Thank you. > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#97666): https://lists.openembedded.org/g/openembedded-devel/message/97666 Mute This Topic: https://lists.openembedded.org/mt/92083850/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe] maximum shebang size exceeded, the maximum size is 128. [shebang-size]
Is that with oe-core master-next? There’s a sanity test patch there which is very relative. The recipe is buggy From: openembedded-devel@lists.openembedded.org on behalf of Khem Raj via lists.openembedded.org Date: Thursday, 30 June 2022 at 12:18 To: openembeded-devel Subject: [oe] maximum shebang size exceeded, the maximum size is 128. [shebang-size] Hi All I am seeing few build QA errors during do_populate_sysroot on native packages predominantly perl packages failing with maximum shebang size exceeded, the maximum size is 128. [shebang-size] This is the list from meta-oe world builds https://errors.yoctoproject.org/Errors/Build/147810/ This was working fine few weeks ago Any ideas ? Thanks Khem IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#97665): https://lists.openembedded.org/g/openembedded-devel/message/97665 Mute This Topic: https://lists.openembedded.org/mt/92083850/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe] [meta-networking][kirkstone][PATCH] networkmanager: fix build with enabled ppp
From: Otavio Salvador Sent: Friday, July 1, 2022 13:45 To: Viguera, Javier Cc: OpenEmbedded Devel List ; akuster808 Subject: Re: [oe] [meta-networking][kirkstone][PATCH] networkmanager: fix build with enabled ppp Please send it against master, first, then we can ask for backports. It’s already on *master-next* -- jviguera -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#97664): https://lists.openembedded.org/g/openembedded-devel/message/97664 Mute This Topic: https://lists.openembedded.org/mt/92020681/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe] [meta-networking][kirkstone][PATCH] networkmanager: fix build with enabled ppp
Em seg., 27 de jun. de 2022 às 10:39, Javier Viguera via lists.openembedded.org escreveu: > If 'ppp' packageconfig option is enabled, but the build system does NOT > have pppd binary installed, the build fails with: > > | Has header "pppd/pppd.h" : YES > | Program pppd /sbin/pppd /usr/sbin/pppd found: NO > | > | ../NetworkManager-1.36.2/meson.build:570:4: ERROR: Assert failed: pppd > required but not found, please provide a valid pppd path or use -Dppp=false > to disable it > > This is due to meson trying to look for the 'pppd' binary in the build > system when it should not. If the build system does not contain pppd, > the build fails. > > Signed-off-by: Javier Viguera > Please send it against master, first, then we can ask for backports. -- Otavio Salvador O.S. Systems http://www.ossystems.com.brhttp://code.ossystems.com.br Mobile: +55 (53) 9 9981-7854 Mobile: +1 (347) 903-9750 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#97663): https://lists.openembedded.org/g/openembedded-devel/message/97663 Mute This Topic: https://lists.openembedded.org/mt/92020681/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [PATCH 2/3] python3-pathspec: remove (now in oe-core)
As of 857f324 this is now in oe-core. Signed-off-by: Ross Burton --- .../recipes-devtools/python/python3-pathspec_0.9.0.bb | 11 --- 1 file changed, 11 deletions(-) delete mode 100644 meta-python/recipes-devtools/python/python3-pathspec_0.9.0.bb diff --git a/meta-python/recipes-devtools/python/python3-pathspec_0.9.0.bb b/meta-python/recipes-devtools/python/python3-pathspec_0.9.0.bb deleted file mode 100644 index 641f1cfd87..00 --- a/meta-python/recipes-devtools/python/python3-pathspec_0.9.0.bb +++ /dev/null @@ -1,11 +0,0 @@ -SUMMARY = "Utility library for gitignore style pattern matching of file paths." -HOMEPAGE = "https://github.com/cpburnz/python-path-specification; -SECTION = "devel/python" -LICENSE = "MPL-2.0" -LIC_FILES_CHKSUM = "file://LICENSE;md5=815ca599c9df247a0c7f619bab123dad" - -SRC_URI[sha256sum] = "e564499435a2673d586f6b2130bb5b95f04a3ba06f81b8f895b651a3c76aabb1" - -inherit pypi setuptools3 - -BBCLASSEXTEND = "native nativesdk" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#97661): https://lists.openembedded.org/g/openembedded-devel/message/97661 Mute This Topic: https://lists.openembedded.org/mt/92106452/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [PATCH 3/3] python3-editables: remove (now in oe-core)
As of 781da720 this is now in oe-core. Signed-off-by: Ross Burton --- .../recipes-devtools/python/python3-editables_0.3.bb | 11 --- 1 file changed, 11 deletions(-) delete mode 100644 meta-python/recipes-devtools/python/python3-editables_0.3.bb diff --git a/meta-python/recipes-devtools/python/python3-editables_0.3.bb b/meta-python/recipes-devtools/python/python3-editables_0.3.bb deleted file mode 100644 index b42ff06872..00 --- a/meta-python/recipes-devtools/python/python3-editables_0.3.bb +++ /dev/null @@ -1,11 +0,0 @@ -SUMMARY = "A Python library for creating editable wheels" -HOMEPAGE = "https://github.com/pfmoore/editables; -SECTION = "devel/python" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=41bc1be47b7bb8240db3ef928c7cb0bf" - -SRC_URI[sha256sum] = "167524e377358ed1f1374e61c268f0d7a4bf7dbd046c656f7b410cde16161b1a" - -inherit pypi python_setuptools_build_meta - -BBCLASSEXTEND = "native nativesdk" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#97662): https://lists.openembedded.org/g/openembedded-devel/message/97662 Mute This Topic: https://lists.openembedded.org/mt/92106453/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [PATCH 1/3] python3-hatchling: remove (now in oe-core)
As of 846e80 this is now in oe-core. Signed-off-by: Ross Burton --- meta-python/classes/python_hatchling.bbclass | 5 - .../python/python3-hatchling_1.3.0.bb | 21 --- 2 files changed, 26 deletions(-) delete mode 100644 meta-python/classes/python_hatchling.bbclass delete mode 100644 meta-python/recipes-devtools/python/python3-hatchling_1.3.0.bb diff --git a/meta-python/classes/python_hatchling.bbclass b/meta-python/classes/python_hatchling.bbclass deleted file mode 100644 index b3cbe23601..00 --- a/meta-python/classes/python_hatchling.bbclass +++ /dev/null @@ -1,5 +0,0 @@ -inherit python_pep517 python3native python3-dir setuptools3-base - -DEPENDS += "python3-hatchling-native" - -PEP517_BUILD_API = "hatchling.build" diff --git a/meta-python/recipes-devtools/python/python3-hatchling_1.3.0.bb b/meta-python/recipes-devtools/python/python3-hatchling_1.3.0.bb deleted file mode 100644 index a6550a9732..00 --- a/meta-python/recipes-devtools/python/python3-hatchling_1.3.0.bb +++ /dev/null @@ -1,21 +0,0 @@ -SUMMARY = "The extensible, standards compliant build backend used by Hatch" -HOMEPAGE = "https://hatch.pypa.io/latest/; -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=cbe2fd33fc9297692812fc94b7d27fd9" - -inherit pypi python_hatchling - -DEPENDS += "python3-pluggy-native python3-tomli-native python3-pathspec-native python3-packaging-native python3-editables-native" -DEPENDS:remove:class-native = "python3-hatchling-native" - -SRC_URI[sha256sum] = "1401d45d3dd6a5910f64d539acaa943486d5e8b7dda1a97f2b0040fdddc5b85e" - -# Until we have a proper tool to invoke PEP517 builds, hatchling can't -# bootstrap itself automatically. -PEP517_BUILD_API = "hatchling.ouroboros" - -do_compile:prepend() { -export PYTHONPATH=src -} - -BBCLASSEXTEND = "native nativesdk" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#97660): https://lists.openembedded.org/g/openembedded-devel/message/97660 Mute This Topic: https://lists.openembedded.org/mt/92106450/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe][meta-filesystems][dunfell][PATCH 7/8] ntfs-3g-ntfsprogs: Fix CVE-2022-30788
From: Omkar Patil CVE: CVE-2022-30788 Signed-off-by: Omkar Patil Signed-off-by: Ranjitsinh Rathod --- .../ntfs-3g-ntfsprogs/CVE-2022-30788-1.patch | 51 +++ .../ntfs-3g-ntfsprogs/CVE-2022-30788-2.patch | 30 +++ .../ntfs-3g-ntfsprogs_2021.8.22.bb| 2 + 3 files changed, 83 insertions(+) create mode 100644 meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30788-1.patch create mode 100644 meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30788-2.patch diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30788-1.patch b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30788-1.patch new file mode 100644 index 0..fc10af53f --- /dev/null +++ b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30788-1.patch @@ -0,0 +1,51 @@ +From a8818cf779d3a32f2f52337c6f258c16719625a3 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= +Date: Tue, 21 Sep 2021 10:53:16 +0200 +Subject: [PATCH] Used a default usn when the former one cannot be retrieved + +When creating a new MFT record, the former seq_no and usn are retrieved +to avoid the new one to be mistaken for the former one. +This may not be possible when the record is used for the first time +or after some bad error. In such situation use default values. + +CVE: CVE-2022-30788 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/n/ntfs-3g/ntfs-3g_2021.8.22-3ubuntu1.1.debian.tar.xz] +Comment: No change in any hunk +Signed-off-by: Omkar Patil + +--- + libntfs-3g/mft.c | 13 +++-- + 1 file changed, 11 insertions(+), 2 deletions(-) + +diff --git a/libntfs-3g/mft.c b/libntfs-3g/mft.c +index d0a601ff..5052d1ec 100644 +--- a/libntfs-3g/mft.c b/libntfs-3g/mft.c +@@ -5,7 +5,7 @@ + * Copyright (c) 2004-2005 Richard Russon + * Copyright (c) 2004-2008 Szabolcs Szakacsits + * Copyright (c) 2005 Yura Pakhuchiy +- * Copyright (c) 2014-2018 Jean-Pierre Andre ++ * Copyright (c) 2014-2021 Jean-Pierre Andre + * + * This program/include file is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as published +@@ -1529,8 +1529,17 @@ ntfs_inode *ntfs_mft_rec_alloc(ntfs_volume *vol, BOOL mft_data) + goto undo_mftbmp_alloc; + } + ++ /* ++ * Retrieve the former seq_no and usn so that the new record ++ * cannot be mistaken for the former one. ++ * However the original record may just be garbage, so ++ * use some sensible value when they cannot be retrieved. ++ */ + seq_no = m->sequence_number; +- usn = *(le16*)((u8*)m + le16_to_cpu(m->usa_ofs)); ++ if (le16_to_cpu(m->usa_ofs) <= (NTFS_BLOCK_SIZE - 2)) ++ usn = *(le16*)((u8*)m + le16_to_cpu(m->usa_ofs & -2)); ++ else ++ usn = const_cpu_to_le16(1); + if (ntfs_mft_record_layout(vol, bit, m)) { + ntfs_log_error("Failed to re-format mft record.\n"); + free(m); diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30788-2.patch b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30788-2.patch new file mode 100644 index 0..4759296a2 --- /dev/null +++ b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30788-2.patch @@ -0,0 +1,30 @@ +From bce5734a757fd59d70a52f4d4fe9abe260629b3a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= +Date: Tue, 10 May 2022 10:40:17 +0200 +Subject: [PATCH] Fixed operation on little endian data + +Forcing an even usa_of, in a recent security patch, must be made on cpu +endian data. + +CVE: CVE-2022-30788 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/n/ntfs-3g/ntfs-3g_2021.8.22-3ubuntu1.1.debian.tar.xz] +Comment: No change in any hunk +Signed-off-by: Omkar Patil + +--- + libntfs-3g/mft.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libntfs-3g/mft.c b/libntfs-3g/mft.c +index 5052d1ec..aefbb5f1 100644 +--- a/libntfs-3g/mft.c b/libntfs-3g/mft.c +@@ -1537,7 +1537,7 @@ ntfs_inode *ntfs_mft_rec_alloc(ntfs_volume *vol, BOOL mft_data) +*/ + seq_no = m->sequence_number; + if (le16_to_cpu(m->usa_ofs) <= (NTFS_BLOCK_SIZE - 2)) +- usn = *(le16*)((u8*)m + le16_to_cpu(m->usa_ofs & -2)); ++ usn = *(le16*)((u8*)m + (le16_to_cpu(m->usa_ofs) & -2)); + else + usn = const_cpu_to_le16(1); + if (ntfs_mft_record_layout(vol, bit, m)) { diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb index f74e91c93..0da80f8ff 100644
[oe][meta-filesystems][dunfell][PATCH 6/8] ntfs-3g-ntfsprogs: Fix CVE-2022-30786
From: Omkar Patil CVE: CVE-2022-30786 Signed-off-by: Omkar Patil Signed-off-by: Ranjitsinh Rathod --- .../ntfs-3g-ntfsprogs/CVE-2022-30786-1.patch | 36 +++ .../ntfs-3g-ntfsprogs/CVE-2022-30786-2.patch | 45 +++ .../ntfs-3g-ntfsprogs_2021.8.22.bb| 2 + 3 files changed, 83 insertions(+) create mode 100644 meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30786-1.patch create mode 100644 meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30786-2.patch diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30786-1.patch b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30786-1.patch new file mode 100644 index 0..9d485fed8 --- /dev/null +++ b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30786-1.patch @@ -0,0 +1,36 @@ +From 838b6e35b43062353998853eab50cd0675201ed7 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= +Date: Tue, 21 Sep 2021 10:54:50 +0200 +Subject: [PATCH] Made sure there is no null character in an attribute name + +When copying an attribute name which contains a null, it is truncated +and this may lead to accessing non-allocated bytes when relying on the +expected name length. Such names must therefore be rejected. + +CVE: CVE-2022-30786 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/n/ntfs-3g/ntfs-3g_2021.8.22-3ubuntu1.1.debian.tar.xz] +Comment: No change in any hunk +Signed-off-by: Omkar Patil + +--- + libntfs-3g/attrib.c | 8 + 1 file changed, 8 insertions(+) + +--- a/libntfs-3g/attrib.c b/libntfs-3g/attrib.c +@@ -426,7 +426,15 @@ ntfs_attr *ntfs_attr_open(ntfs_inode *ni + na = ntfs_calloc(sizeof(ntfs_attr)); + if (!na) + goto out; ++ if (!name_len) ++ name = (ntfschar*)NULL; + if (name && name != AT_UNNAMED && name != NTFS_INDEX_I30) { ++ /* A null char leads to a short name and unallocated bytes */ ++ if (ntfs_ucsnlen(name, name_len) != name_len) { ++ ntfs_log_error("Null character in attribute name" ++ " of inode %lld\n",(long long)ni->mft_no); ++ goto err_out; ++ } + name = ntfs_ucsndup(name, name_len); + if (!name) + goto err_out; diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30786-2.patch b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30786-2.patch new file mode 100644 index 0..85a2971b4 --- /dev/null +++ b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30786-2.patch @@ -0,0 +1,45 @@ +From 5ce8941bf47291cd6ffe7cdb1797253f1cc3a86f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= +Date: Fri, 5 Nov 2021 08:41:20 +0100 +Subject: [PATCH] Made sure there is no null character in an attribute name + (bis) + +When copying an attribute name which contains a null, it is truncated +and this may lead to accessing non-allocated bytes when relying on the +expected name length. Such (illegal) names must therefore be rejected. + +CVE: CVE-2022-30786 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/n/ntfs-3g/ntfs-3g_2021.8.22-3ubuntu1.1.debian.tar.xz] +Comment: No change in any hunk +Signed-off-by: Omkar Patil + +--- + libntfs-3g/attrib.c | 15 +-- + 1 file changed, 13 insertions(+), 2 deletions(-) + +diff --git a/libntfs-3g/attrib.c b/libntfs-3g/attrib.c +index 51c8536f..efb91943 100644 +--- a/libntfs-3g/attrib.c b/libntfs-3g/attrib.c +@@ -452,8 +452,19 @@ ntfs_attr *ntfs_attr_open(ntfs_inode *ni, const ATTR_TYPES type, + + if (!name) { + if (a->name_length) { +- name = ntfs_ucsndup((ntfschar*)((u8*)a + le16_to_cpu( +- a->name_offset)), a->name_length); ++ ntfschar *attr_name; ++ ++ attr_name = (ntfschar*)((u8*)a ++ + le16_to_cpu(a->name_offset)); ++ /* A null character leads to illegal memory access */ ++ if (ntfs_ucsnlen(attr_name, a->name_length) ++ != a->name_length) { ++ ntfs_log_error("Null character in attribute" ++ " name in inode %lld\n", ++ (long long)ni->mft_no); ++ goto put_err_out; ++ } ++ name = ntfs_ucsndup(attr_name, a->name_length); + if (!name) + goto put_err_out; + newname = name; diff --git
[oe][meta-filesystems][dunfell][PATCH 8/8] ntfs-3g-ntfsprogs: Fix CVE-2022-30789
From: Omkar Patil CVE: CVE-2022-30789 Signed-off-by: Omkar Patil Signed-off-by: Ranjitsinh Rathod --- .../ntfs-3g-ntfsprogs/CVE-2022-30789.patch| 68 +++ .../ntfs-3g-ntfsprogs_2021.8.22.bb| 1 + 2 files changed, 69 insertions(+) create mode 100644 meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30789.patch diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30789.patch b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30789.patch new file mode 100644 index 0..0ee3b7ae3 --- /dev/null +++ b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30789.patch @@ -0,0 +1,68 @@ +From 6efc1305c1951c1d72181f449f2fab68fa25fae8 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= +Date: Wed, 20 Oct 2021 09:53:28 +0200 +Subject: [PATCH] Made sure the client log data does not overflow from restart + page + +Strengthen the consistency check of the length of restart pages, and +check that log client records are within such a restart page. + +CVE: CVE-2022-30789 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/n/ntfs-3g/ntfs-3g_2021.8.22-3ubuntu1.1.debian.tar.xz] +Comment: No change in any hunk +Signed-off-by: Omkar Patil + +--- + libntfs-3g/logfile.c | 21 + + 1 file changed, 21 insertions(+) + +diff --git a/libntfs-3g/logfile.c b/libntfs-3g/logfile.c +index adc0557f..9c3155e7 100644 +--- a/libntfs-3g/logfile.c b/libntfs-3g/logfile.c +@@ -287,9 +287,19 @@ static BOOL ntfs_check_log_client_array(RESTART_PAGE_HEADER *rp) + LOG_CLIENT_RECORD *ca, *cr; + u16 nr_clients, idx; + BOOL in_free_list, idx_is_first; ++ u32 offset_clients; + + ntfs_log_trace("Entering.\n"); ++ /* The restart area must be fully within page */ ++ if ((le16_to_cpu(rp->restart_area_offset) + sizeof(RESTART_AREA)) ++ > le32_to_cpu(rp->system_page_size)) ++ goto err_out; + ra = (RESTART_AREA*)((u8*)rp + le16_to_cpu(rp->restart_area_offset)); ++ offset_clients = le16_to_cpu(rp->restart_area_offset) ++ + le16_to_cpu(ra->client_array_offset); ++ /* The clients' records must begin within page */ ++ if (offset_clients >= le32_to_cpu(rp->system_page_size)) ++ goto err_out; + ca = (LOG_CLIENT_RECORD*)((u8*)ra + + le16_to_cpu(ra->client_array_offset)); + /* +@@ -308,6 +318,10 @@ static BOOL ntfs_check_log_client_array(RESTART_PAGE_HEADER *rp) + idx = le16_to_cpu(cr->next_client)) { + if (!nr_clients || idx >= le16_to_cpu(ra->log_clients)) + goto err_out; ++ /* The client record must be fully within page */ ++ if ((offset_clients + (idx + 1)*sizeof(LOG_CLIENT_RECORD)) ++ > le32_to_cpu(rp->system_page_size)) ++ goto err_out; + /* Set @cr to the current log client record. */ + cr = ca + idx; + /* The first log client record must not have a prev_client. */ +@@ -380,7 +394,14 @@ static int ntfs_check_and_load_restart_page(ntfs_attr *log_na, + /* +* Allocate a buffer to store the whole restart page so we can multi +* sector transfer deprotect it. ++ * For safety, make sure this is consistent with the usa_count ++ * and shorter than the full log size +*/ ++ if ((le32_to_cpu(rp->system_page_size) ++ > (u32)(le16_to_cpu(rp->usa_count) - 1)*NTFS_BLOCK_SIZE) ++ || (le32_to_cpu(rp->system_page_size) ++ > le64_to_cpu(log_na->data_size))) ++ return (EINVAL); + trp = ntfs_malloc(le32_to_cpu(rp->system_page_size)); + if (!trp) + return errno; diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb index 0da80f8ff..c926d6ddd 100644 --- a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb +++ b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb @@ -16,6 +16,7 @@ SRC_URI = "http://tuxera.com/opensource/ntfs-3g_ntfsprogs-${PV}.tgz \ file://CVE-2022-30786-2.patch \ file://CVE-2022-30788-1.patch \ file://CVE-2022-30788-2.patch \ + file://CVE-2022-30789.patch \ " S = "${WORKDIR}/ntfs-3g_ntfsprogs-${PV}" -- 2.17.1 This message contains information that may be privileged or confidential and is the property of the KPIT Technologies Ltd. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain
[oe][meta-filesystems][dunfell][PATCH 3/8] ntfs-3g-ntfsprogs: Fix CVE-2022-30783
From: Omkar Patil CVE: CVE-2022-30783 Signed-off-by: Omkar Patil Signed-off-by: Ranjitsinh Rathod --- .../ntfs-3g-ntfsprogs/CVE-2022-30783.patch| 75 +++ .../ntfs-3g-ntfsprogs_2021.8.22.bb| 1 + 2 files changed, 76 insertions(+) create mode 100644 meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30783.patch diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30783.patch b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30783.patch new file mode 100644 index 0..41f26503e --- /dev/null +++ b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30783.patch @@ -0,0 +1,75 @@ +From 7f81935f32e58e8fec22bc46683b1b067469405f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= +Date: Tue, 10 May 2022 10:44:34 +0200 +Subject: [PATCH] Returned an error code when the --help or --version options + are used + +Accepting --help or --version options may leave the ntfs-3g process in an +unclean state, so reject them while processing options. Also reject +them in libfuse-lite. + +CVE: CVE-2022-30783 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/n/ntfs-3g/ntfs-3g_2021.8.22-3ubuntu1.1.debian.tar.xz] +Comment: No change in any hunk +Signed-off-by: Omkar Patil + +--- + libfuse-lite/mount.c | 3 +-- + src/ntfs-3g_common.c | 6 ++ + src/ntfs-3g_common.h | 2 ++ + 3 files changed, 9 insertions(+), 2 deletions(-) + +diff --git a/libfuse-lite/mount.c b/libfuse-lite/mount.c +index 64adee7d..6ae29d8c 100644 +--- a/libfuse-lite/mount.c b/libfuse-lite/mount.c +@@ -670,11 +670,10 @@ int fuse_kern_mount(const char *mountpoint, struct fuse_args *args) + fprintf(stderr, "fuse: 'allow_other' and 'allow_root' options are mutually exclusive\n"); + goto out; + } +-res = 0; ++res = -1; + if (mo.ishelp) + goto out; + +-res = -1; + if (get_mnt_flag_opts(_opts, mo.flags) == -1) + goto out; + #ifndef __SOLARIS__ +diff --git a/src/ntfs-3g_common.c b/src/ntfs-3g_common.c +index 7e3e93d2..29021dfc 100644 +--- a/src/ntfs-3g_common.c b/src/ntfs-3g_common.c +@@ -128,6 +128,10 @@ const struct DEFOPTION optionlist[] = { + { "efs_raw", OPT_EFS_RAW, FLGOPT_BOGUS }, + { "posix_nlink", OPT_POSIX_NLINK, FLGOPT_BOGUS }, + { "special_files", OPT_SPECIAL_FILES, FLGOPT_STRING }, ++ { "--help", OPT_HELP, FLGOPT_BOGUS }, ++ { "-h", OPT_HELP, FLGOPT_BOGUS }, ++ { "--version", OPT_VERSION, FLGOPT_BOGUS }, ++ { "-V", OPT_VERSION, FLGOPT_BOGUS }, + { (const char*)NULL, 0, 0 } /* end marker */ + } ; + +@@ -521,6 +525,8 @@ char *parse_mount_options(ntfs_fuse_context_t *ctx, +* mounted or not. +* (falling through to default) +*/ ++ case OPT_HELP : /* Could lead to unclean condition */ ++ case OPT_VERSION : /* Could lead to unclean condition */ + default : + ntfs_log_error("'%s' is an unsupported option.\n", + poptl->name); +diff --git a/src/ntfs-3g_common.h b/src/ntfs-3g_common.h +index 4ed256a3..8ead5107 100644 +--- a/src/ntfs-3g_common.h b/src/ntfs-3g_common.h +@@ -94,6 +94,8 @@ enum { + OPT_EFS_RAW, + OPT_POSIX_NLINK, + OPT_SPECIAL_FILES, ++ OPT_HELP, ++ OPT_VERSION, + } ; + + /* Option flags */ diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb index ca8af163e..ccd18f86c 100644 --- a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb +++ b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb @@ -9,6 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=59530bdf33659b29e73d4adb9f9f6552 \ SRC_URI = "http://tuxera.com/opensource/ntfs-3g_ntfsprogs-${PV}.tgz \ file://0001-libntfs-3g-Makefile.am-fix-install-failed-while-host.patch \ file://CVE-2021-46790.patch \ + file://CVE-2022-30783.patch \ " S = "${WORKDIR}/ntfs-3g_ntfsprogs-${PV}" -- 2.17.1 This message contains information that may be privileged or confidential and is the property of the KPIT Technologies Ltd. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. KPIT Technologies Ltd. does not accept any liability for virus infected mails. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all
[oe][meta-filesystems][dunfell][PATCH 5/8] ntfs-3g-ntfsprogs: Add Patch For Multiple CVE
From: Omkar Patil Fixed CVE's: CVE-2022-30785 CVE-2022-30787 Signed-off-by: Omkar Patil Signed-off-by: Ranjitsinh Rathod --- .../CVE-2022-30785_30787.patch| 32 +++ .../ntfs-3g-ntfsprogs_2021.8.22.bb| 1 + 2 files changed, 33 insertions(+) create mode 100644 meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30785_30787.patch diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30785_30787.patch b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30785_30787.patch new file mode 100644 index 0..ae71e8ccf --- /dev/null +++ b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30785_30787.patch @@ -0,0 +1,32 @@ +From fb28eef6f1c26170566187c1ab7dc913a13ea43c Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= +Date: Tue, 10 May 2022 10:48:18 +0200 +Subject: [PATCH] Hardened the checking of directory offset requested by a + readdir + +When asked for the next directory entries, make sure the chunk offset +is within valid values, otherwise return no more entries in chunk. + +CVE: CVE-2022-30785 +CVE: CVE-2022-30787 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/n/ntfs-3g/ntfs-3g_2021.8.22-3ubuntu1.1.debian.tar.xz] +Comment: No change in any hunk +Signed-off-by: Omkar Patil + +--- + libfuse-lite/fuse.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libfuse-lite/fuse.c b/libfuse-lite/fuse.c +index 6f9242b7..3d653e63 100644 +--- a/libfuse-lite/fuse.c b/libfuse-lite/fuse.c +@@ -2223,7 +2223,7 @@ static void fuse_lib_readdir(fuse_req_t req, fuse_ino_t ino, size_t size, + } + } + if (dh->filled) { +-if (off < dh->len) { ++if ((off >= 0) && (off < dh->len)) { + if (off + size > dh->len) + size = dh->len - off; + } else diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb index 9e233e127..ea8607e6d 100644 --- a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb +++ b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb @@ -11,6 +11,7 @@ SRC_URI = "http://tuxera.com/opensource/ntfs-3g_ntfsprogs-${PV}.tgz \ file://CVE-2021-46790.patch \ file://CVE-2022-30783.patch \ file://CVE-2022-30784.patch \ + file://CVE-2022-30785_30787.patch \ " S = "${WORKDIR}/ntfs-3g_ntfsprogs-${PV}" -- 2.17.1 This message contains information that may be privileged or confidential and is the property of the KPIT Technologies Ltd. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. KPIT Technologies Ltd. does not accept any liability for virus infected mails. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#97656): https://lists.openembedded.org/g/openembedded-devel/message/97656 Mute This Topic: https://lists.openembedded.org/mt/92104303/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe][meta-filesystems][dunfell][PATCH 4/8] ntfs-3g-ntfsprogs: Fix CVE-2022-30784
From: Omkar Patil CVE: CVE-2022-30784 Signed-off-by: Omkar Patil Signed-off-by: Ranjitsinh Rathod --- .../ntfs-3g-ntfsprogs/CVE-2022-30784.patch| 74 +++ .../ntfs-3g-ntfsprogs_2021.8.22.bb| 1 + 2 files changed, 75 insertions(+) create mode 100644 meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30784.patch diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30784.patch b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30784.patch new file mode 100644 index 0..ff4ee6df0 --- /dev/null +++ b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30784.patch @@ -0,0 +1,74 @@ +From 60717a846deaaea47e50ce58872869f7bd1103b5 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= +Date: Tue, 21 Sep 2021 10:56:06 +0200 +Subject: [PATCH] Avoided allocating and reading an attribute beyond its full + size + +Before reading a full attribute value for internal use, its expected +length has been checked to be < 0x4. However the allocated size +in the runlist may be much bigger as a consequence of a bug or malice. +To prevent malloc'ing excessive size, restrict the size of the last +run to read to the needed length. + +CVE: CVE-2022-30784 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/n/ntfs-3g/ntfs-3g_2021.8.22-3ubuntu1.1.debian.tar.xz] +Comment: No change in any hunk +Signed-off-by: Omkar Patil + +--- + libntfs-3g/attrib.c | 24 ++-- + 1 file changed, 18 insertions(+), 6 deletions(-) + +diff --git a/libntfs-3g/attrib.c b/libntfs-3g/attrib.c +index 00bfca84..51c8536f 100644 +--- a/libntfs-3g/attrib.c b/libntfs-3g/attrib.c +@@ -216,6 +216,7 @@ s64 ntfs_get_attribute_value(const ntfs_volume *vol, + if (total + (rl[i].length << vol->cluster_size_bits) >= + sle64_to_cpu(a->data_size)) { + unsigned char *intbuf = NULL; ++ s64 intlth; + /* +* We have reached the last run so we were going to +* overflow when executing the ntfs_pread() which is +@@ -229,8 +230,18 @@ s64 ntfs_get_attribute_value(const ntfs_volume *vol, +* We have reached the end of data size so we were +* going to overflow in the same fashion. +* Temporary fix: same as above. ++ * ++ * For safety, limit the amount to read to the ++ * needed size, knowing that the whole attribute ++ * size has been checked to be <= 0x4. +*/ +- intbuf = ntfs_malloc(rl[i].length << vol->cluster_size_bits); ++ intlth = (sle64_to_cpu(a->data_size) - total ++ + vol->cluster_size - 1) ++ >> vol->cluster_size_bits; ++ if (rl[i].length < intlth) ++ intlth = rl[i].length; ++ intbuf = (u8*)ntfs_malloc(intlth ++ << vol->cluster_size_bits); + if (!intbuf) { + free(rl); + return 0; +@@ -246,14 +257,15 @@ s64 ntfs_get_attribute_value(const ntfs_volume *vol, +* - Yes we can, in sparse files! But not necessarily +* size of 16, just run length. +*/ +- r = ntfs_pread(vol->dev, rl[i].lcn << +- vol->cluster_size_bits, rl[i].length << +- vol->cluster_size_bits, intbuf); +- if (r != rl[i].length << vol->cluster_size_bits) { ++ r = ntfs_pread(vol->dev, ++ rl[i].lcn << vol->cluster_size_bits, ++ intlth << vol->cluster_size_bits, ++ intbuf); ++ if (r != intlth << vol->cluster_size_bits) { + #define ESTR "Error reading attribute value" + if (r == -1) + ntfs_log_perror(ESTR); +- else if (r < rl[i].length << ++ else if (r < intlth << + vol->cluster_size_bits) { + ntfs_log_debug(ESTR ": Ran out of input data.\n"); + errno = EIO; diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb index
[oe][meta-filesystems][dunfell][PATCH 1/8] ntfs-3g-ntfsprogs: upgrade to 2021.8.22
From: Chen Qi This upgrade revolves a bunch of CVEs. See more details in: https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp. Fixed CVE's: CVE-2021-33285 CVE-2021-33289 CVE-2021-33286 CVE-2021-35266 CVE-2021-33287 CVE-2021-35267 CVE-2021-35268 CVE-2021-35269 CVE-2021-39251 CVE-2021-39252 CVE-2021-39253 CVE-2021-39254 CVE-2021-39255 CVE-2021-39256 CVE-2021-39257 CVE-2021-39258 CVE-2021-39259 CVE-2021-39260 CVE-2021-39261 CVE-2021-39262 CVE-2021-39263 Signed-off-by: Chen Qi Signed-off-by: Khem Raj (cherry picked from commit 6791dc536444a1dd0f473653501ba43fc84704f2) Signed-off-by: Omkar Patil Signed-off-by: Ranjitsinh Rathod --- ...-ntfsprogs_2017.3.23.bb => ntfs-3g-ntfsprogs_2021.8.22.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/{ntfs-3g-ntfsprogs_2017.3.23.bb => ntfs-3g-ntfsprogs_2021.8.22.bb} (92%) diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2017.3.23.bb b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb similarity index 92% rename from meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2017.3.23.bb rename to meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb index 6f5cb6cee..19b2d6ca2 100644 --- a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2017.3.23.bb +++ b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb @@ -10,8 +10,8 @@ SRC_URI = "http://tuxera.com/opensource/ntfs-3g_ntfsprogs-${PV}.tgz \ file://0001-libntfs-3g-Makefile.am-fix-install-failed-while-host.patch \ " S = "${WORKDIR}/ntfs-3g_ntfsprogs-${PV}" -SRC_URI[md5sum] = "d97474ae1954f772c6d2fa386a6f462c" -SRC_URI[sha256sum] = "3e5a021d7b761261836dcb305370af299793eedbded731df3d6943802e1262d5" +SRC_URI[md5sum] = "90da343e78877d388eb34cefae6799ae" +SRC_URI[sha256sum] = "55b883aa05d94b2ec746ef3966cb41e66bed6db99f22ddd41d1b8b94bb202efb" UPSTREAM_CHECK_URI = "https://www.tuxera.com/community/open-source-ntfs-3g/; UPSTREAM_CHECK_REGEX = "ntfs-3g_ntfsprogs-(?P\d+(\.\d+)+)\.tgz" -- 2.17.1 This message contains information that may be privileged or confidential and is the property of the KPIT Technologies Ltd. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. KPIT Technologies Ltd. does not accept any liability for virus infected mails. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#97653): https://lists.openembedded.org/g/openembedded-devel/message/97653 Mute This Topic: https://lists.openembedded.org/mt/92104299/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe][meta-filesystems][dunfell][PATCH 0/8] Multiple CVE Fixes
There are following unpatched CVEs that fixing them individually would be a much bigger problem than just doing the update. Fixed CVE's: CVE-2021-33285 CVE-2021-33289 CVE-2021-33286 CVE-2021-35266 CVE-2021-33287 CVE-2021-35267 CVE-2021-35268 CVE-2021-35269 CVE-2021-39251 CVE-2021-39252 CVE-2021-39253 CVE-2021-39254 CVE-2021-39255 CVE-2021-39256 CVE-2021-39257 CVE-2021-39258 CVE-2021-39259 CVE-2021-39260 CVE-2021-39261 CVE-2021-39262 CVE-2021-39263 CVE-2022-30783 CVE-2022-30784 CVE-2022-30785 CVE-2022-30786 CVE-2022-30787 CVE-2022-30788 CVE-2022-30789 Chen Qi (1): ntfs-3g-ntfsprogs: upgrade to 2021.8.22 Omkar Patil (7): ntfs-3g-ntfsprogs: Fix CVE-2021-46790 ntfs-3g-ntfsprogs: Fix CVE-2022-30783 ntfs-3g-ntfsprogs: Fix CVE-2022-30784 ntfs-3g-ntfsprogs: Add Patch For Multiple CVE ntfs-3g-ntfsprogs: Fix CVE-2022-30786 ntfs-3g-ntfsprogs: Fix CVE-2022-30788 ntfs-3g-ntfsprogs: Fix CVE-2022-30789 .../ntfs-3g-ntfsprogs/CVE-2021-46790.patch| 31 .../ntfs-3g-ntfsprogs/CVE-2022-30783.patch| 75 +++ .../ntfs-3g-ntfsprogs/CVE-2022-30784.patch| 74 ++ .../CVE-2022-30785_30787.patch| 32 .../ntfs-3g-ntfsprogs/CVE-2022-30786-1.patch | 36 + .../ntfs-3g-ntfsprogs/CVE-2022-30786-2.patch | 45 +++ .../ntfs-3g-ntfsprogs/CVE-2022-30788-1.patch | 51 + .../ntfs-3g-ntfsprogs/CVE-2022-30788-2.patch | 30 .../ntfs-3g-ntfsprogs/CVE-2022-30789.patch| 68 + ...3.23.bb => ntfs-3g-ntfsprogs_2021.8.22.bb} | 16 +++- 10 files changed, 455 insertions(+), 3 deletions(-) create mode 100644 meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2021-46790.patch create mode 100644 meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30783.patch create mode 100644 meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30784.patch create mode 100644 meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30785_30787.patch create mode 100644 meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30786-1.patch create mode 100644 meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30786-2.patch create mode 100644 meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30788-1.patch create mode 100644 meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30788-2.patch create mode 100644 meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2022-30789.patch rename meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/{ntfs-3g-ntfsprogs_2017.3.23.bb => ntfs-3g-ntfsprogs_2021.8.22.bb} (77%) -- 2.17.1 This message contains information that may be privileged or confidential and is the property of the KPIT Technologies Ltd. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. KPIT Technologies Ltd. does not accept any liability for virus infected mails. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#97652): https://lists.openembedded.org/g/openembedded-devel/message/97652 Mute This Topic: https://lists.openembedded.org/mt/92104298/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe][meta-filesystems][dunfell][PATCH 2/8] ntfs-3g-ntfsprogs: Fix CVE-2021-46790
From: Omkar Patil CVE: CVE-2021-46790 Signed-off-by: Omkar Patil Signed-off-by: Ranjitsinh Rathod --- .../ntfs-3g-ntfsprogs/CVE-2021-46790.patch| 31 +++ .../ntfs-3g-ntfsprogs_2021.8.22.bb| 4 ++- 2 files changed, 34 insertions(+), 1 deletion(-) create mode 100644 meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2021-46790.patch diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2021-46790.patch b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2021-46790.patch new file mode 100644 index 0..e0bb1b77f --- /dev/null +++ b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs/CVE-2021-46790.patch @@ -0,0 +1,31 @@ +From 96412e28e5c7ac2d15f1cff8c825330bbb60976e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= +Date: Tue, 10 May 2022 10:30:24 +0200 +Subject: [PATCH] Fixed possible out-of-buffer condition in ntfsck + +A bad usa_count could lead to an out-of-buffer condition. Just avoid +the issue and report the error, still not fix it. + +CVE: CVE-2021-46790 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/n/ntfs-3g/ntfs-3g_2021.8.22-3ubuntu1.1.debian.tar.xz] +Comment: No change in any hunk +Signed-off-by: Omkar Patil + +--- + ntfsprogs/ntfsck.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/ntfsprogs/ntfsck.c b/ntfsprogs/ntfsck.c +index d49f3f96..8c126411 100644 +--- a/ntfsprogs/ntfsck.c b/ntfsprogs/ntfsck.c +@@ -616,7 +616,8 @@ static BOOL check_file_record(u8 *buffer, u16 buflen) + + // Remove update seq & check it. + usa = *(u16*)(buffer+usa_ofs); // The value that should be at the end of every sector. +- assert_u32_equal(usa_count-1, buflen/NTFS_BLOCK_SIZE, "USA length"); ++ if (assert_u32_equal(usa_count-1, buflen/NTFS_BLOCK_SIZE, "USA length")) ++ return (1); + for (i=1;ihttp://tuxera.com/opensource/ntfs-3g_ntfsprogs-${PV}.tgz \ file://0001-libntfs-3g-Makefile.am-fix-install-failed-while-host.patch \ -" + file://CVE-2021-46790.patch \ + " + S = "${WORKDIR}/ntfs-3g_ntfsprogs-${PV}" SRC_URI[md5sum] = "90da343e78877d388eb34cefae6799ae" SRC_URI[sha256sum] = "55b883aa05d94b2ec746ef3966cb41e66bed6db99f22ddd41d1b8b94bb202efb" -- 2.17.1 This message contains information that may be privileged or confidential and is the property of the KPIT Technologies Ltd. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. KPIT Technologies Ltd. does not accept any liability for virus infected mails. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#97651): https://lists.openembedded.org/g/openembedded-devel/message/97651 Mute This Topic: https://lists.openembedded.org/mt/92104296/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-