Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package mbedtls for openSUSE:Factory checked in at 2021-03-29 18:21:29 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/mbedtls (Old) and /work/SRC/openSUSE:Factory/.mbedtls.new.2401 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "mbedtls" Mon Mar 29 18:21:29 2021 rev:29 rq:880715 version:2.26.0 Changes: -------- --- /work/SRC/openSUSE:Factory/mbedtls/mbedtls.changes 2021-01-22 21:49:25.133601870 +0100 +++ /work/SRC/openSUSE:Factory/.mbedtls.new.2401/mbedtls.changes 2021-03-29 18:21:33.486248762 +0200 @@ -1,0 +2,10 @@ +Mon Mar 22 15:54:07 UTC 2021 - Guillaume GARDET <[email protected]> + +- Update to 2.26.0: + * * This release of Mbed TLS provides bug fixes, minor enhancements and new + features. This release includes fixes for security issues. + * see https://github.com/ARMmbed/mbedtls/releases/tag/v2.26.0 +- Fix build with patch from https://github.com/ARMmbed/mbedtls/pull/4237 + mbedtls-4237.patch + +------------------------------------------------------------------- Old: ---- mbedtls-2.25.0.tar.gz New: ---- mbedtls-2.26.0.tar.gz mbedtls-4237.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mbedtls.spec ++++++ --- /var/tmp/diff_new_pack.sBJ2I0/_old 2021-03-29 18:21:34.090249380 +0200 +++ /var/tmp/diff_new_pack.sBJ2I0/_new 2021-03-29 18:21:34.094249384 +0200 @@ -20,7 +20,7 @@ %define lib_crypto libmbedcrypto6 %define lib_x509 libmbedx509-1 Name: mbedtls -Version: 2.25.0 +Version: 2.26.0 Release: 0 Summary: Libraries for crypto and SSL/TLS protocols License: Apache-2.0 @@ -28,6 +28,8 @@ URL: https://tls.mbed.org Source: https://github.com/ARMmbed/mbedtls/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz Source99: baselibs.conf +# PATCH-FIX-UPSTREAM - https://github.com/ARMmbed/mbedtls/issues/4233 +Patch1: mbedtls-4237.patch BuildRequires: cmake BuildRequires: ninja BuildRequires: pkgconfig @@ -87,7 +89,7 @@ SSL/TLS protocol suite. %prep -%autosetup +%autosetup -p1 sed -i 's|//\(#define MBEDTLS_ZLIB_SUPPORT\)|\1|' include/mbedtls/config.h sed -i 's|//\(#define MBEDTLS_HAVEGE_C\)|\1|' include/mbedtls/config.h sed -i 's|//\(#define MBEDTLS_THREADING_C\)|\1|' include/mbedtls/config.h ++++++ mbedtls-2.25.0.tar.gz -> mbedtls-2.26.0.tar.gz ++++++ ++++ 34145 lines of diff (skipped) ++++++ mbedtls-4237.patch ++++++ >From 29b641688d038143a193c69eac4d6e8eacc934d8 Mon Sep 17 00:00:00 2001 From: Paul Elliott <[email protected]> Date: Wed, 17 Mar 2021 13:02:02 +0000 Subject: [PATCH 1/2] Fix printf format issue in programs Fix issues that were missed as part of previous printf attribute cleanup Signed-off-by: Paul Elliott <[email protected]> --- programs/random/gen_random_havege.c | 2 +- programs/ssl/ssl_pthread_server.c | 22 ++++++++++++---------- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/programs/random/gen_random_havege.c b/programs/random/gen_random_havege.c index ccca7f3d470..e82e62769e8 100644 --- a/programs/random/gen_random_havege.c +++ b/programs/random/gen_random_havege.c @@ -81,7 +81,7 @@ int main( int argc, char *argv[] ) if( ( ret = mbedtls_havege_random( &hs, buf, sizeof( buf ) ) ) != 0 ) { mbedtls_printf( " failed\n ! mbedtls_havege_random returned -0x%04X", - -ret ); + ( unsigned int ) -ret ); goto exit; } diff --git a/programs/ssl/ssl_pthread_server.c b/programs/ssl/ssl_pthread_server.c index c8ab21522ed..c4c6ef1037b 100644 --- a/programs/ssl/ssl_pthread_server.c +++ b/programs/ssl/ssl_pthread_server.c @@ -142,7 +142,7 @@ static void *handle_ssl_connection( void *data ) if( ( ret = mbedtls_ssl_setup( &ssl, thread_info->config ) ) != 0 ) { mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_setup returned -0x%04x\n", - thread_id, -ret ); + thread_id, ( unsigned int ) -ret ); goto thread_exit; } @@ -158,7 +158,7 @@ static void *handle_ssl_connection( void *data ) if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) { mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_handshake returned -0x%04x\n", - thread_id, -ret ); + thread_id, ( unsigned int ) -ret ); goto thread_exit; } } @@ -195,7 +195,7 @@ static void *handle_ssl_connection( void *data ) default: mbedtls_printf( " [ #%ld ] mbedtls_ssl_read returned -0x%04x\n", - thread_id, -ret ); + thread_id, ( unsigned int ) -ret ); goto thread_exit; } } @@ -229,7 +229,7 @@ static void *handle_ssl_connection( void *data ) if( ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE ) { mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_write returned -0x%04x\n", - thread_id, ret ); + thread_id, ( unsigned int ) ret ); goto thread_exit; } } @@ -246,7 +246,7 @@ static void *handle_ssl_connection( void *data ) ret != MBEDTLS_ERR_SSL_WANT_WRITE ) { mbedtls_printf( " [ #%ld ] failed: mbedtls_ssl_close_notify returned -0x%04x\n", - thread_id, ret ); + thread_id, ( unsigned int ) ret ); goto thread_exit; } } @@ -263,7 +263,7 @@ static void *handle_ssl_connection( void *data ) char error_buf[100]; mbedtls_strerror( ret, error_buf, 100 ); mbedtls_printf(" [ #%ld ] Last error was: -0x%04x - %s\n\n", - thread_id, -ret, error_buf ); + thread_id, ( unsigned int ) -ret, error_buf ); } #endif @@ -408,7 +408,7 @@ int main( void ) strlen( pers ) ) ) != 0 ) { mbedtls_printf( " failed: mbedtls_ctr_drbg_seed returned -0x%04x\n", - -ret ); + ( unsigned int ) -ret ); goto exit; } @@ -425,7 +425,7 @@ int main( void ) MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 ) { mbedtls_printf( " failed: mbedtls_ssl_config_defaults returned -0x%04x\n", - -ret ); + ( unsigned int ) -ret ); goto exit; } @@ -470,7 +470,8 @@ int main( void ) { char error_buf[100]; mbedtls_strerror( ret, error_buf, 100 ); - mbedtls_printf( " [ main ] Last error was: -0x%04x - %s\n", -ret, error_buf ); + mbedtls_printf( " [ main ] Last error was: -0x%04x - %s\n", ( unsigned int ) -ret, + error_buf ); } #endif @@ -482,7 +483,8 @@ int main( void ) if( ( ret = mbedtls_net_accept( &listen_fd, &client_fd, NULL, 0, NULL ) ) != 0 ) { - mbedtls_printf( " [ main ] failed: mbedtls_net_accept returned -0x%04x\n", ret ); + mbedtls_printf( " [ main ] failed: mbedtls_net_accept returned -0x%04x\n", + ( unsigned int ) ret ); goto exit; } >From 2065a8d8af27c6cb1e40c9462b5933336dca7434 Mon Sep 17 00:00:00 2001 From: Paul Elliott <[email protected]> Date: Wed, 17 Mar 2021 13:12:22 +0000 Subject: [PATCH 2/2] Reduce level of -Wformat-truncation Reduce level of format truncation warnings due to issues with false positives (an unknown size buffer is always treated as size 1) Signed-off-by: Paul Elliott <[email protected]> --- CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 2ab2e01ebf0..14ca7b69625 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -198,7 +198,7 @@ if(CMAKE_COMPILER_IS_GNU) endif() endif() if (GCC_VERSION VERSION_GREATER 7.0 OR GCC_VERSION VERSION_EQUAL 7.0) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat-overflow=2 -Wformat-truncation=2") + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wformat-overflow=2 -Wformat-truncation") endif() set(CMAKE_C_FLAGS_RELEASE "-O2") set(CMAKE_C_FLAGS_DEBUG "-O0 -g3")
