[oe] [v2.5][meta-oe][PATCH 1/1] googletest: allow for shared libraries
From: Joe Slater Change the -dev RDEPENDS because -staticdev is not created if shared libraries are built. Signed-off-by: Joe Slater --- meta-oe/recipes-test/googletest/googletest_1.14.0.bb | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/meta-oe/recipes-test/googletest/googletest_1.14.0.bb b/meta-oe/recipes-test/googletest/googletest_1.14.0.bb index 1b05f3d336..e9df082d32 100644 --- a/meta-oe/recipes-test/googletest/googletest_1.14.0.bb +++ b/meta-oe/recipes-test/googletest/googletest_1.14.0.bb @@ -20,8 +20,10 @@ PACKAGECONFIG[shared] = "-DBUILD_SHARED_LIBS=ON,-DBUILD_SHARED_LIBS=OFF,," ALLOW_EMPTY:${PN} = "1" ALLOW_EMPTY:${PN}-dbg = "1" -ALLOW_EMPTY:${PN}-staticdev = "1" -RDEPENDS:${PN}-dev += "${PN}-staticdev" +# -staticdev will not be implicitly put into an SDK, so we add an rdepend +# if we are not building shared libraries +# +RDEPENDS:${PN}-dev += "${@bb.utils.contains("PACKAGECONFIG","shared","","${PN}-staticdev",d)}" BBCLASSEXTEND = "native nativesdk" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#109200): https://lists.openembedded.org/g/openembedded-devel/message/109200 Mute This Topic: https://lists.openembedded.org/mt/104790408/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [v2][meta-oe][PATCH 1/1] googletest: allow for shared libraries
From: Joe Slater Add a PACKAGECONFIG option to produce shared libraries. Change the -dev RDEPENDS because -staticdev is not created if shared libraries are built. Signed-off-by: Joe Slater --- meta-oe/recipes-test/googletest/googletest_1.14.0.bb | 12 ++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/meta-oe/recipes-test/googletest/googletest_1.14.0.bb b/meta-oe/recipes-test/googletest/googletest_1.14.0.bb index 8c75f936de..e9df082d32 100644 --- a/meta-oe/recipes-test/googletest/googletest_1.14.0.bb +++ b/meta-oe/recipes-test/googletest/googletest_1.14.0.bb @@ -10,12 +10,20 @@ S = "${WORKDIR}/git" SRCREV = "f8d7d77c06936315286eb55f8de22cd23c188571" SRC_URI = "git://github.com/google/googletest.git;branch=main;protocol=https" -inherit cmake +inherit cmake pkgconfig + +# allow for shared libraries, but do not default to them +# +PACKAGECONFIG[shared] = "-DBUILD_SHARED_LIBS=ON,-DBUILD_SHARED_LIBS=OFF,," + ALLOW_EMPTY:${PN} = "1" ALLOW_EMPTY:${PN}-dbg = "1" -RDEPENDS:${PN}-dev += "${PN}-staticdev" +# -staticdev will not be implicitly put into an SDK, so we add an rdepend +# if we are not building shared libraries +# +RDEPENDS:${PN}-dev += "${@bb.utils.contains("PACKAGECONFIG","shared","","${PN}-staticdev",d)}" BBCLASSEXTEND = "native nativesdk" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#109181): https://lists.openembedded.org/g/openembedded-devel/message/109181 Mute This Topic: https://lists.openembedded.org/mt/104776601/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe] [meta-oe][PATCH 1/1] googletest: allow for shared libraries
> -Original Message- > From: Khem Raj > Sent: Monday, March 4, 2024 3:50 PM > To: Slater, Joseph > Cc: openembedded-devel@lists.openembedded.org; MacLeod, Randy > > Subject: Re: [oe] [meta-oe][PATCH 1/1] googletest: allow for shared libraries > > On Mon, Mar 4, 2024 at 1:50 PM Joe Slater via lists.openembedded.org > wrote: > > > > From: Joe Slater > > > > Add a PACKAGECONFIG option to produce shared libraries. > > Allow staticdev to be empty if no static libraries are built. > > > > why would be not build static libs ? and if we do not then why do we need to > create empty package ? If we set -DBUILD_SHARED_LIBS=ON static libs will not be built and -staticdev will not be created, so -dev will produce an error if we try to, for example, populate an sdk. I guess we could put static libs in -dev and get rid of -staticdev, but I didn't want to mess with the packaging. Joe > > > Signed-off-by: Joe Slater > > --- > > meta-oe/recipes-test/googletest/googletest_1.14.0.bb | 8 +++- > > 1 file changed, 7 insertions(+), 1 deletion(-) > > > > diff --git a/meta-oe/recipes-test/googletest/googletest_1.14.0.bb > > b/meta-oe/recipes-test/googletest/googletest_1.14.0.bb > > index 8c75f936de..1b05f3d336 100644 > > --- a/meta-oe/recipes-test/googletest/googletest_1.14.0.bb > > +++ b/meta-oe/recipes-test/googletest/googletest_1.14.0.bb > > @@ -10,11 +10,17 @@ S = "${WORKDIR}/git" > > SRCREV = "f8d7d77c06936315286eb55f8de22cd23c188571" > > SRC_URI = > "git://github.com/google/googletest.git;branch=main;protocol=https" > > > > -inherit cmake > > +inherit cmake pkgconfig > > + > > +# allow for shared libraries, but do not default to them # > > +PACKAGECONFIG[shared] = "-DBUILD_SHARED_LIBS=ON,- > DBUILD_SHARED_LIBS=OFF,," > > + > > > > ALLOW_EMPTY:${PN} = "1" > > ALLOW_EMPTY:${PN}-dbg = "1" > > > > +ALLOW_EMPTY:${PN}-staticdev = "1" > > RDEPENDS:${PN}-dev += "${PN}-staticdev" > > > > BBCLASSEXTEND = "native nativesdk" > > -- > > 2.25.1 > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#109125): https://lists.openembedded.org/g/openembedded-devel/message/109125 Mute This Topic: https://lists.openembedded.org/mt/104732413/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-oe][PATCH 1/1] googletest: allow for shared libraries
From: Joe Slater Add a PACKAGECONFIG option to produce shared libraries. Allow staticdev to be empty if no static libraries are built. Signed-off-by: Joe Slater --- meta-oe/recipes-test/googletest/googletest_1.14.0.bb | 8 +++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/meta-oe/recipes-test/googletest/googletest_1.14.0.bb b/meta-oe/recipes-test/googletest/googletest_1.14.0.bb index 8c75f936de..1b05f3d336 100644 --- a/meta-oe/recipes-test/googletest/googletest_1.14.0.bb +++ b/meta-oe/recipes-test/googletest/googletest_1.14.0.bb @@ -10,11 +10,17 @@ S = "${WORKDIR}/git" SRCREV = "f8d7d77c06936315286eb55f8de22cd23c188571" SRC_URI = "git://github.com/google/googletest.git;branch=main;protocol=https" -inherit cmake +inherit cmake pkgconfig + +# allow for shared libraries, but do not default to them +# +PACKAGECONFIG[shared] = "-DBUILD_SHARED_LIBS=ON,-DBUILD_SHARED_LIBS=OFF,," + ALLOW_EMPTY:${PN} = "1" ALLOW_EMPTY:${PN}-dbg = "1" +ALLOW_EMPTY:${PN}-staticdev = "1" RDEPENDS:${PN}-dev += "${PN}-staticdev" BBCLASSEXTEND = "native nativesdk" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#109103): https://lists.openembedded.org/g/openembedded-devel/message/109103 Mute This Topic: https://lists.openembedded.org/mt/104732413/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [mickledore][meta-python][PATCH 1/1] python3-django: move to version 4.2.7
From: Joe Slater Version 4.2.5 fixes CVE-2023-36053 and CVE-2023-41164. Version 4.2.7 fixes CVE-2023-46695 and CVE-2023-43665. Signed-off-by: Joe Slater --- .../python/{python3-django_4.2.1.bb => python3-django_4.2.7.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-python/recipes-devtools/python/{python3-django_4.2.1.bb => python3-django_4.2.7.bb} (58%) diff --git a/meta-python/recipes-devtools/python/python3-django_4.2.1.bb b/meta-python/recipes-devtools/python/python3-django_4.2.7.bb similarity index 58% rename from meta-python/recipes-devtools/python/python3-django_4.2.1.bb rename to meta-python/recipes-devtools/python/python3-django_4.2.7.bb index b1474cf054..100db9bd71 100644 --- a/meta-python/recipes-devtools/python/python3-django_4.2.1.bb +++ b/meta-python/recipes-devtools/python/python3-django_4.2.7.bb @@ -1,7 +1,7 @@ require python-django.inc inherit setuptools3 -SRC_URI[sha256sum] = "7efa6b1f781a6119a10ac94b4794ded90db8accbe7802281cd26f8664ffed59c" +SRC_URI[sha256sum] = "8e0f1c2c2786b5c0e39fe1afce24c926040fad47c8ea8ad30aaf1188df29fc41" RDEPENDS:${PN} += "\ ${PYTHON_PN}-sqlparse \ -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#107062): https://lists.openembedded.org/g/openembedded-devel/message/107062 Mute This Topic: https://lists.openembedded.org/mt/102837465/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-python][PATCH 1/1] python3-django: move to version 4.2.5
From: Joe Slater Fixes CVE-2023-36053 and CVE-2023-41164 Signed-off-by: Joe Slater --- .../python/{python3-django_4.2.3.bb => python3-django_4.2.5.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-python/recipes-devtools/python/{python3-django_4.2.3.bb => python3-django_4.2.5.bb} (58%) diff --git a/meta-python/recipes-devtools/python/python3-django_4.2.3.bb b/meta-python/recipes-devtools/python/python3-django_4.2.5.bb similarity index 58% rename from meta-python/recipes-devtools/python/python3-django_4.2.3.bb rename to meta-python/recipes-devtools/python/python3-django_4.2.5.bb index 4e3192744e..bc919b3a87 100644 --- a/meta-python/recipes-devtools/python/python3-django_4.2.3.bb +++ b/meta-python/recipes-devtools/python/python3-django_4.2.5.bb @@ -1,7 +1,7 @@ require python-django.inc inherit setuptools3 -SRC_URI[sha256sum] = "45a747e1c5b3d6df1b141b1481e193b033fd1fdbda3ff52677dc81afdaacbaed" +SRC_URI[sha256sum] = "5e5c1c9548ffb7796b4a8a4782e9a2e5a3df3615259fc1bfd3ebc73b646146c1" RDEPENDS:${PN} += "\ ${PYTHON_PN}-sqlparse \ -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#106830): https://lists.openembedded.org/g/openembedded-devel/message/106830 Mute This Topic: https://lists.openembedded.org/mt/102636170/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [mickledore][meta-python][PATCH 1/1] python3-pynacl: add RCONFLICTS with python3-nacl
From: Joe Slater python3-nacl is in the meta-virtualization layer. Signed-off-by: Joe Slater Signed-off-by: Khem Raj (cherry picked from commit 74e31e51ffbd52b8864fed4debe7711e3ef4d739) --- meta-python/recipes-devtools/python/python3-pynacl_1.5.0.bb | 4 1 file changed, 4 insertions(+) diff --git a/meta-python/recipes-devtools/python/python3-pynacl_1.5.0.bb b/meta-python/recipes-devtools/python/python3-pynacl_1.5.0.bb index 6e53461979..5a8ed131af 100644 --- a/meta-python/recipes-devtools/python/python3-pynacl_1.5.0.bb +++ b/meta-python/recipes-devtools/python/python3-pynacl_1.5.0.bb @@ -10,6 +10,10 @@ PYPI_PACKAGE = "PyNaCl" inherit pypi python_setuptools_build_meta +# in meta-virtualization layer +# +RCONFLICTS:${PN} = "python3-nacl" + DEPENDS += "\ ${PYTHON_PN}-cffi-native \ libsodium \ -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#106686): https://lists.openembedded.org/g/openembedded-devel/message/106686 Mute This Topic: https://lists.openembedded.org/mt/102572446/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-python][PATCH 1/1] python3-pynacl: add RCONFLICTS with python3-nacl
From: Joe Slater python3-nacl is in the meta-virtualization layer. Signed-off-by: Joe Slater --- meta-python/recipes-devtools/python/python3-pynacl_1.5.0.bb | 4 1 file changed, 4 insertions(+) diff --git a/meta-python/recipes-devtools/python/python3-pynacl_1.5.0.bb b/meta-python/recipes-devtools/python/python3-pynacl_1.5.0.bb index 6e53461979..5a8ed131af 100644 --- a/meta-python/recipes-devtools/python/python3-pynacl_1.5.0.bb +++ b/meta-python/recipes-devtools/python/python3-pynacl_1.5.0.bb @@ -10,6 +10,10 @@ PYPI_PACKAGE = "PyNaCl" inherit pypi python_setuptools_build_meta +# in meta-virtualization layer +# +RCONFLICTS:${PN} = "python3-nacl" + DEPENDS += "\ ${PYTHON_PN}-cffi-native \ libsodium \ -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#105440): https://lists.openembedded.org/g/openembedded-devel/message/105440 Mute This Topic: https://lists.openembedded.org/mt/101906753/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [mickledore][meta-webserver][PATCH 1/1] nginx: add configure option
From: Joe Slater Support --with-http_xslt_module configure option via a PACKAGECONFIG option. The option is not added to the defaults. Cherry-pick from master. Signed-off-by: Joe Slater Signed-off-by: Khem Raj (cherry picked from commit e0ac8eec48c93751cfcdef2557998bfe91c8) --- .../files/0001-configure-libxslt-conf.patch | 39 +++ meta-webserver/recipes-httpd/nginx/nginx.inc | 3 ++ 2 files changed, 42 insertions(+) create mode 100644 meta-webserver/recipes-httpd/nginx/files/0001-configure-libxslt-conf.patch diff --git a/meta-webserver/recipes-httpd/nginx/files/0001-configure-libxslt-conf.patch b/meta-webserver/recipes-httpd/nginx/files/0001-configure-libxslt-conf.patch new file mode 100644 index 00..7ba2a1fb85 --- /dev/null +++ b/meta-webserver/recipes-httpd/nginx/files/0001-configure-libxslt-conf.patch @@ -0,0 +1,39 @@ +From 0c3c669464a514cf8d0cac08282ecb2b486f440f Mon Sep 17 00:00:00 2001 +From: Joe Slater +Date: Tue, 3 Oct 2023 19:21:17 + +Subject: [PATCH] configure: libxslt conf + +Modify to find libxslt related include files under sysroot. + +Upstream-Status: Pending + +Signed-off-by: Joe Slater +--- + auto/lib/libxslt/conf | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/auto/lib/libxslt/conf b/auto/lib/libxslt/conf +index 3063ac7..eb77886 100644 +--- a/auto/lib/libxslt/conf b/auto/lib/libxslt/conf +@@ -12,7 +12,7 @@ + #include + #include + #include " +-ngx_feature_path="/usr/include/libxml2" ++ngx_feature_path="=/usr/include/libxml2" + ngx_feature_libs="-lxml2 -lxslt" + ngx_feature_test="xmlParserCtxtPtrctxt = NULL; + xsltStylesheetPtr sheet = NULL; +@@ -100,7 +100,7 @@ fi + ngx_feature_name=NGX_HAVE_EXSLT + ngx_feature_run=no + ngx_feature_incs="#include " +-ngx_feature_path="/usr/include/libxml2" ++ngx_feature_path="=/usr/include/libxml2" + ngx_feature_libs="-lexslt" + ngx_feature_test="exsltRegisterAll();" + . auto/feature +-- +2.35.5 + diff --git a/meta-webserver/recipes-httpd/nginx/nginx.inc b/meta-webserver/recipes-httpd/nginx/nginx.inc index 6992a84c79..8078b7621a 100644 --- a/meta-webserver/recipes-httpd/nginx/nginx.inc +++ b/meta-webserver/recipes-httpd/nginx/nginx.inc @@ -22,6 +22,7 @@ SRC_URI = " \ file://nginx-volatile.conf \ file://nginx.service \ file://nginx-fix-pidfile.patch \ +file://0001-configure-libxslt-conf.patch \ " inherit siteinfo update-rc.d useradd systemd @@ -46,6 +47,8 @@ PACKAGECONFIG[http-auth-request] = "--with-http_auth_request_module,," PACKAGECONFIG[ipv6] = "--with-ipv6,," PACKAGECONFIG[webdav] = "--with-http_dav_module,," +PACKAGECONFIG[xslt] = "--with-http_xslt_module,,libxslt" + do_configure () { if [ "${SITEINFO_BITS}" = "64" ]; then PTRSIZE=8 -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#105420): https://lists.openembedded.org/g/openembedded-devel/message/105420 Mute This Topic: https://lists.openembedded.org/mt/101886511/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe] [mickledore][meta-python][PATCH 1/1] python3-inotify: fix tests
> -Original Message- > From: Khem Raj > Sent: Monday, October 2, 2023 12:16 PM > To: Slater, Joseph > Cc: openembedded-devel@lists.openembedded.org; MacLeod, Randy > > Subject: Re: [oe] [mickledore][meta-python][PATCH 1/1] python3-inotify: fix > tests > > Do we need this on master too ? if so please submit it for master first and > then > backport to mickledore This is cherry-picked from master. Joe > > On Mon, Oct 2, 2023 at 12:07 PM Joe Slater via lists.openembedded.org > wrote: > > > > From: Joe Slater > > > > Some tests in test-inotify.py assume values for watch descriptors. > > This is not safe, so we retrieve the assigned values to compare with > > event information generated. > > > > Signed-off-by: Joe Slater > > Signed-off-by: Khem Raj (cherry picked from > > commit 0efa5c872f6357f8639310e339d9c5a6f0315f2d) > > --- > > .../python3-inotify/new-test-inotify.patch| 620 ++ > > .../python/python3-inotify_git.bb | 1 + > > 2 files changed, 621 insertions(+) > > create mode 100644 > > meta-python/recipes-devtools/python/python3-inotify/new-test-inotify.p > > atch > > > > diff --git > > a/meta-python/recipes-devtools/python/python3-inotify/new-test-inotify > > .patch > > b/meta-python/recipes-devtools/python/python3-inotify/new-test-inotify > > .patch > > new file mode 100644 > > index 00..e462615e14 > > --- /dev/null > > +++ b/meta-python/recipes-devtools/python/python3-inotify/new-test-ino > > +++ tify.patch > > @@ -0,0 +1,620 @@ > > +From 80010e27d774e8b722d569384492eaab2bc4ac61 Mon Sep 17 00:00:00 > > +2001 > > +From: Joe Slater > > +Date: Thu, 27 Jul 2023 15:01:04 + > > +Subject: [PATCH] working commit > > + > > +It is not safe to assume the values returned by add_watch(), so we > > +add a local helper get_wd() to retrieve them. This fixes a problem > > +in TestInotifyTree.test__cycle() where the wd's for the 'aa' and 'bb' > > +paths are not '2' and '3', respectively. > > + > > +A second issue is that Inotify._get_event_names() should return a set > > +or sorted list to avoid comparison problems, but that is not > > +addressed here since it could be viewed as changing the API. > > + > > +This test_inotify.py is based on the version in the fix_tests branch > > +of pyinotify as of commit d7d3c58... > > + > > +Upstream-Status: Submitted [github.com/dsoprea/PyInotify/pull/104] > > + > > +Signed-off-by: Joe Slater > > +--- > > + tests/test_inotify.py | 346 > > +-- > > + 1 file changed, 262 insertions(+), 84 deletions(-) > > + > > +diff --git a/tests/test_inotify.py b/tests/test_inotify.py index > > +d9f1f84..d89a49e 100644 > > +--- a/tests/test_inotify.py > > b/tests/test_inotify.py > > +@@ -2,6 +2,7 @@ > > + > > + import os > > + import unittest > > ++import time > > + > > + import inotify.constants > > + import inotify.calls > > +@@ -15,6 +16,11 @@ except NameError: > > + else: > > + _HAS_PYTHON2_UNICODE_SUPPORT = True > > + > > ++# Inotify does not have a get for watch descriptors # def get_wd(i, > > ++path): > > ++return i._Inotify__watches[path] > > ++ > > + > > + class TestInotify(unittest.TestCase): > > + def __init__(self, *args, **kwargs): > > +@@ -29,11 +35,11 @@ class TestInotify(unittest.TestCase): > > + @unittest.skipIf(_HAS_PYTHON2_UNICODE_SUPPORT is True, "Not in > Python 3") > > + def test__international_naming_python3(self): > > + with inotify.test_support.temp_path() as path: > > +-inner_path = os.path.join(path, '新增資料夾') > > ++inner_path = os.path.join(path, u'新增資料夾') > > + os.mkdir(inner_path) > > + > > + i = inotify.adapters.Inotify() > > +-i.add_watch(inner_path) > > ++wd = i.add_watch(inner_path) > > + > > + with open(os.path.join(inner_path, 'filename'), 'w'): > > + pass > > +@@ -41,12 +47,27 @@ class TestInotify(unittest.TestCase): > > + events = self.__read_all_events(i) > > + > > + expected = [ > > +-(inotify.adapters._INOTIFY_EVENT(wd=1, mask=256, cookie=0, > len=16), ['IN_CREATE'], inner_path, 'filename'), > > +-(inotify.adapter
[oe] [kirkstone][meta-webserver][PATCH 1/1] nginx: add configure option
From: Joe Slater Support --with-http_xslt_module configure option via a PACKAGECONFIG option. The option is not added to the defaults. Signed-off-by: Joe Slater Signed-off-by: Khem Raj (cherry picked from commit e0ac8eec48c93751cfcdef2557998bfe91c8) --- .../files/0001-configure-libxslt-conf.patch | 39 +++ meta-webserver/recipes-httpd/nginx/nginx.inc | 3 ++ 2 files changed, 42 insertions(+) create mode 100644 meta-webserver/recipes-httpd/nginx/files/0001-configure-libxslt-conf.patch diff --git a/meta-webserver/recipes-httpd/nginx/files/0001-configure-libxslt-conf.patch b/meta-webserver/recipes-httpd/nginx/files/0001-configure-libxslt-conf.patch new file mode 100644 index 00..7ba2a1fb85 --- /dev/null +++ b/meta-webserver/recipes-httpd/nginx/files/0001-configure-libxslt-conf.patch @@ -0,0 +1,39 @@ +From 0c3c669464a514cf8d0cac08282ecb2b486f440f Mon Sep 17 00:00:00 2001 +From: Joe Slater +Date: Tue, 3 Oct 2023 19:21:17 + +Subject: [PATCH] configure: libxslt conf + +Modify to find libxslt related include files under sysroot. + +Upstream-Status: Pending + +Signed-off-by: Joe Slater +--- + auto/lib/libxslt/conf | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/auto/lib/libxslt/conf b/auto/lib/libxslt/conf +index 3063ac7..eb77886 100644 +--- a/auto/lib/libxslt/conf b/auto/lib/libxslt/conf +@@ -12,7 +12,7 @@ + #include + #include + #include " +-ngx_feature_path="/usr/include/libxml2" ++ngx_feature_path="=/usr/include/libxml2" + ngx_feature_libs="-lxml2 -lxslt" + ngx_feature_test="xmlParserCtxtPtrctxt = NULL; + xsltStylesheetPtr sheet = NULL; +@@ -100,7 +100,7 @@ fi + ngx_feature_name=NGX_HAVE_EXSLT + ngx_feature_run=no + ngx_feature_incs="#include " +-ngx_feature_path="/usr/include/libxml2" ++ngx_feature_path="=/usr/include/libxml2" + ngx_feature_libs="-lexslt" + ngx_feature_test="exsltRegisterAll();" + . auto/feature +-- +2.35.5 + diff --git a/meta-webserver/recipes-httpd/nginx/nginx.inc b/meta-webserver/recipes-httpd/nginx/nginx.inc index 231c1d1ec9..9f93c7051d 100644 --- a/meta-webserver/recipes-httpd/nginx/nginx.inc +++ b/meta-webserver/recipes-httpd/nginx/nginx.inc @@ -22,6 +22,7 @@ SRC_URI = " \ file://nginx-volatile.conf \ file://nginx.service \ file://nginx-fix-pidfile.patch \ +file://0001-configure-libxslt-conf.patch \ " inherit siteinfo update-rc.d useradd systemd @@ -45,6 +46,8 @@ PACKAGECONFIG[ssl] = "--with-http_ssl_module,,openssl" PACKAGECONFIG[http-auth-request] = "--with-http_auth_request_module,," PACKAGECONFIG[stream] = "--with-stream,," +PACKAGECONFIG[xslt] = "--with-http_xslt_module,,libxslt" + do_configure () { if [ "${SITEINFO_BITS}" = "64" ]; then PTRSIZE=8 -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#105418): https://lists.openembedded.org/g/openembedded-devel/message/105418 Mute This Topic: https://lists.openembedded.org/mt/101884309/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe] [meta-webserver][PATCH 1/1] nginx: add configure option
> -Original Message- > From: Khem Raj > Sent: Wednesday, October 4, 2023 9:58 AM > To: Slater, Joseph > Cc: openembedded-devel@lists.openembedded.org; MacLeod, Randy > > Subject: Re: [oe] [meta-webserver][PATCH 1/1] nginx: add configure option > > On Wed, Oct 4, 2023 at 9:13 AM Joe Slater via lists.openembedded.org > wrote: > > > > From: Joe Slater > > > > Support --with-http_xslt_module configure option via a PACKAGECONFIG > > option. The option is not added to the defaults. > > > > Signed-off-by: Joe Slater > > --- > > .../files/0001-configure-libxslt-conf.patch | 39 +++ > > meta-webserver/recipes-httpd/nginx/nginx.inc | 3 ++ > > 2 files changed, 42 insertions(+) > > create mode 100644 > > meta-webserver/recipes-httpd/nginx/files/0001-configure-libxslt-conf.p > > atch > > > > diff --git > > a/meta-webserver/recipes-httpd/nginx/files/0001-configure-libxslt-conf > > .patch > > b/meta-webserver/recipes-httpd/nginx/files/0001-configure-libxslt-conf > > .patch > > new file mode 100644 > > index 00..7ba2a1fb85 > > --- /dev/null > > +++ b/meta-webserver/recipes-httpd/nginx/files/0001-configure-libxslt- > > +++ conf.patch > > @@ -0,0 +1,39 @@ > > +From 0c3c669464a514cf8d0cac08282ecb2b486f440f Mon Sep 17 00:00:00 > > +2001 > > +From: Joe Slater > > +Date: Tue, 3 Oct 2023 19:21:17 + > > +Subject: [PATCH] configure: libxslt conf > > + > > +Modify to find libxslt related include files under sysroot. > > + > > +Upstream-Status: Pending > > + > > +Signed-off-by: Joe Slater > > +--- > > + auto/lib/libxslt/conf | 4 ++-- > > + 1 file changed, 2 insertions(+), 2 deletions(-) > > + > > +diff --git a/auto/lib/libxslt/conf b/auto/lib/libxslt/conf index > > +3063ac7..eb77886 100644 > > +--- a/auto/lib/libxslt/conf > > b/auto/lib/libxslt/conf > > +@@ -12,7 +12,7 @@ > > + #include > > + #include > > + #include " > > +-ngx_feature_path="/usr/include/libxml2" > > ++ngx_feature_path="=/usr/include/libxml2" > > For OE usecase, this might be enough, however, upstream might support > different > compilers or even older gcc or clang where sysroot support is not there or are > configures with sysroot support disabled so =incpath syntax may not work > universally. Perhaps adding a new case where PREFIX is set then prepend that > to > path if not them proceed as normal might make it easier to not rely on tool > features. The objs/Makefile in the source code uses the "=" syntax to add the libxml2 include path, so that would break, too. I hadn't checked that before. Joe > > > + ngx_feature_libs="-lxml2 -lxslt" > > + ngx_feature_test="xmlParserCtxtPtrctxt = NULL; > > + xsltStylesheetPtr sheet = NULL; > > +@@ -100,7 +100,7 @@ fi > > + ngx_feature_name=NGX_HAVE_EXSLT > > + ngx_feature_run=no > > + ngx_feature_incs="#include " > > +-ngx_feature_path="/usr/include/libxml2" > > ++ngx_feature_path="=/usr/include/libxml2" > > + ngx_feature_libs="-lexslt" > > + ngx_feature_test="exsltRegisterAll();" > > + . auto/feature > > +-- > > +2.35.5 > > + > > diff --git a/meta-webserver/recipes-httpd/nginx/nginx.inc > > b/meta-webserver/recipes-httpd/nginx/nginx.inc > > index 1ea32f7c94..8890e0bea1 100644 > > --- a/meta-webserver/recipes-httpd/nginx/nginx.inc > > +++ b/meta-webserver/recipes-httpd/nginx/nginx.inc > > @@ -22,6 +22,7 @@ SRC_URI = " \ > > file://nginx-volatile.conf \ > > file://nginx.service \ > > file://nginx-fix-pidfile.patch \ > > +file://0001-configure-libxslt-conf.patch \ > > " > > > > inherit siteinfo update-rc.d useradd systemd @@ -47,6 +48,8 @@ > > PACKAGECONFIG[ipv6] = "--with-ipv6,," > > PACKAGECONFIG[webdav] = "--with-http_dav_module,," > > PACKAGECONFIG[stream] = "--with-stream,," > > > > +PACKAGECONFIG[xslt] = "--with-http_xslt_module,,libxslt" > > + > > do_configure () { > > if [ "${SITEINFO_BITS}" = "64" ]; then > > PTRSIZE=8 > > -- > > 2.25.1 > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#105345): https://lists.openembedded.org/g/openembedded-devel/message/105345 Mute This Topic: https://lists.openembedded.org/mt/101758666/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-webserver][PATCH 1/1] nginx: add configure option
From: Joe Slater Support --with-http_xslt_module configure option via a PACKAGECONFIG option. The option is not added to the defaults. Signed-off-by: Joe Slater --- .../files/0001-configure-libxslt-conf.patch | 39 +++ meta-webserver/recipes-httpd/nginx/nginx.inc | 3 ++ 2 files changed, 42 insertions(+) create mode 100644 meta-webserver/recipes-httpd/nginx/files/0001-configure-libxslt-conf.patch diff --git a/meta-webserver/recipes-httpd/nginx/files/0001-configure-libxslt-conf.patch b/meta-webserver/recipes-httpd/nginx/files/0001-configure-libxslt-conf.patch new file mode 100644 index 00..7ba2a1fb85 --- /dev/null +++ b/meta-webserver/recipes-httpd/nginx/files/0001-configure-libxslt-conf.patch @@ -0,0 +1,39 @@ +From 0c3c669464a514cf8d0cac08282ecb2b486f440f Mon Sep 17 00:00:00 2001 +From: Joe Slater +Date: Tue, 3 Oct 2023 19:21:17 + +Subject: [PATCH] configure: libxslt conf + +Modify to find libxslt related include files under sysroot. + +Upstream-Status: Pending + +Signed-off-by: Joe Slater +--- + auto/lib/libxslt/conf | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/auto/lib/libxslt/conf b/auto/lib/libxslt/conf +index 3063ac7..eb77886 100644 +--- a/auto/lib/libxslt/conf b/auto/lib/libxslt/conf +@@ -12,7 +12,7 @@ + #include + #include + #include " +-ngx_feature_path="/usr/include/libxml2" ++ngx_feature_path="=/usr/include/libxml2" + ngx_feature_libs="-lxml2 -lxslt" + ngx_feature_test="xmlParserCtxtPtrctxt = NULL; + xsltStylesheetPtr sheet = NULL; +@@ -100,7 +100,7 @@ fi + ngx_feature_name=NGX_HAVE_EXSLT + ngx_feature_run=no + ngx_feature_incs="#include " +-ngx_feature_path="/usr/include/libxml2" ++ngx_feature_path="=/usr/include/libxml2" + ngx_feature_libs="-lexslt" + ngx_feature_test="exsltRegisterAll();" + . auto/feature +-- +2.35.5 + diff --git a/meta-webserver/recipes-httpd/nginx/nginx.inc b/meta-webserver/recipes-httpd/nginx/nginx.inc index 1ea32f7c94..8890e0bea1 100644 --- a/meta-webserver/recipes-httpd/nginx/nginx.inc +++ b/meta-webserver/recipes-httpd/nginx/nginx.inc @@ -22,6 +22,7 @@ SRC_URI = " \ file://nginx-volatile.conf \ file://nginx.service \ file://nginx-fix-pidfile.patch \ +file://0001-configure-libxslt-conf.patch \ " inherit siteinfo update-rc.d useradd systemd @@ -47,6 +48,8 @@ PACKAGECONFIG[ipv6] = "--with-ipv6,," PACKAGECONFIG[webdav] = "--with-http_dav_module,," PACKAGECONFIG[stream] = "--with-stream,," +PACKAGECONFIG[xslt] = "--with-http_xslt_module,,libxslt" + do_configure () { if [ "${SITEINFO_BITS}" = "64" ]; then PTRSIZE=8 -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#105337): https://lists.openembedded.org/g/openembedded-devel/message/105337 Mute This Topic: https://lists.openembedded.org/mt/101758666/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [mickledore][meta-python][PATCH 1/1] python3-inotify: fix tests
From: Joe Slater Some tests in test-inotify.py assume values for watch descriptors. This is not safe, so we retrieve the assigned values to compare with event information generated. Signed-off-by: Joe Slater Signed-off-by: Khem Raj (cherry picked from commit 0efa5c872f6357f8639310e339d9c5a6f0315f2d) --- .../python3-inotify/new-test-inotify.patch| 620 ++ .../python/python3-inotify_git.bb | 1 + 2 files changed, 621 insertions(+) create mode 100644 meta-python/recipes-devtools/python/python3-inotify/new-test-inotify.patch diff --git a/meta-python/recipes-devtools/python/python3-inotify/new-test-inotify.patch b/meta-python/recipes-devtools/python/python3-inotify/new-test-inotify.patch new file mode 100644 index 00..e462615e14 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-inotify/new-test-inotify.patch @@ -0,0 +1,620 @@ +From 80010e27d774e8b722d569384492eaab2bc4ac61 Mon Sep 17 00:00:00 2001 +From: Joe Slater +Date: Thu, 27 Jul 2023 15:01:04 + +Subject: [PATCH] working commit + +It is not safe to assume the values returned by add_watch(), +so we add a local helper get_wd() to retrieve them. This fixes +a problem in TestInotifyTree.test__cycle() where the +wd's for the 'aa' and 'bb' paths are not '2' and '3', +respectively. + +A second issue is that Inotify._get_event_names() should +return a set or sorted list to avoid comparison problems, +but that is not addressed here since it could be viewed as +changing the API. + +This test_inotify.py is based on the version in the fix_tests branch of +pyinotify as of commit d7d3c58... + +Upstream-Status: Submitted [github.com/dsoprea/PyInotify/pull/104] + +Signed-off-by: Joe Slater +--- + tests/test_inotify.py | 346 -- + 1 file changed, 262 insertions(+), 84 deletions(-) + +diff --git a/tests/test_inotify.py b/tests/test_inotify.py +index d9f1f84..d89a49e 100644 +--- a/tests/test_inotify.py b/tests/test_inotify.py +@@ -2,6 +2,7 @@ + + import os + import unittest ++import time + + import inotify.constants + import inotify.calls +@@ -15,6 +16,11 @@ except NameError: + else: + _HAS_PYTHON2_UNICODE_SUPPORT = True + ++# Inotify does not have a get for watch descriptors ++# ++def get_wd(i, path): ++return i._Inotify__watches[path] ++ + + class TestInotify(unittest.TestCase): + def __init__(self, *args, **kwargs): +@@ -29,11 +35,11 @@ class TestInotify(unittest.TestCase): + @unittest.skipIf(_HAS_PYTHON2_UNICODE_SUPPORT is True, "Not in Python 3") + def test__international_naming_python3(self): + with inotify.test_support.temp_path() as path: +-inner_path = os.path.join(path, '新增資料夾') ++inner_path = os.path.join(path, u'新增資料夾') + os.mkdir(inner_path) + + i = inotify.adapters.Inotify() +-i.add_watch(inner_path) ++wd = i.add_watch(inner_path) + + with open(os.path.join(inner_path, 'filename'), 'w'): + pass +@@ -41,12 +47,27 @@ class TestInotify(unittest.TestCase): + events = self.__read_all_events(i) + + expected = [ +-(inotify.adapters._INOTIFY_EVENT(wd=1, mask=256, cookie=0, len=16), ['IN_CREATE'], inner_path, 'filename'), +-(inotify.adapters._INOTIFY_EVENT(wd=1, mask=32, cookie=0, len=16), ['IN_OPEN'], inner_path, 'filename'), +-(inotify.adapters._INOTIFY_EVENT(wd=1, mask=8, cookie=0, len=16), ['IN_CLOSE_WRITE'], inner_path, 'filename'), ++(inotify.adapters._INOTIFY_EVENT(wd=wd, mask=256, cookie=0, len=16), ['IN_CREATE'], inner_path, 'filename'), ++(inotify.adapters._INOTIFY_EVENT(wd=wd, mask=32, cookie=0, len=16), ['IN_OPEN'], inner_path, 'filename'), ++(inotify.adapters._INOTIFY_EVENT(wd=wd, mask=8, cookie=0, len=16), ['IN_CLOSE_WRITE'], inner_path, 'filename'), + ] + +-self.assertEquals(events, expected) ++if events != expected: ++print("ACTUAL:") ++print("") ++ ++for i, event in enumerate(events): ++print(event) ++ ++print("") ++ ++print("EXPECTED:") ++print("") ++ ++for i, event in enumerate(expected): ++print(event) ++ ++raise Exception("Events not correct.") + + @unittest.skipIf(_HAS_PYTHON2_UNICODE_SUPPORT is False, "Not in Python 2") + def test__international_naming_python2(self): +@@ -55,7 +76,7 @@ class TestInotify(unittest.TestCase): + os.mkdir(inner_path) + + i = inotif
[oe] [v2][meta-python][PATCH 1/1] python3-inotify: fix tests
From: Joe Slater Some tests in test-inotify.py assume values for watch descriptors. This is not safe, so we retrieve the assigned values to compare with event information generated. Signed-off-by: Joe Slater --- .../python3-inotify/new-test-inotify.patch| 620 ++ .../python/python3-inotify_git.bb | 1 + 2 files changed, 621 insertions(+) create mode 100644 meta-python/recipes-devtools/python/python3-inotify/new-test-inotify.patch diff --git a/meta-python/recipes-devtools/python/python3-inotify/new-test-inotify.patch b/meta-python/recipes-devtools/python/python3-inotify/new-test-inotify.patch new file mode 100644 index 00..e462615e14 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-inotify/new-test-inotify.patch @@ -0,0 +1,620 @@ +From 80010e27d774e8b722d569384492eaab2bc4ac61 Mon Sep 17 00:00:00 2001 +From: Joe Slater +Date: Thu, 27 Jul 2023 15:01:04 + +Subject: [PATCH] working commit + +It is not safe to assume the values returned by add_watch(), +so we add a local helper get_wd() to retrieve them. This fixes +a problem in TestInotifyTree.test__cycle() where the +wd's for the 'aa' and 'bb' paths are not '2' and '3', +respectively. + +A second issue is that Inotify._get_event_names() should +return a set or sorted list to avoid comparison problems, +but that is not addressed here since it could be viewed as +changing the API. + +This test_inotify.py is based on the version in the fix_tests branch of +pyinotify as of commit d7d3c58... + +Upstream-Status: Submitted [github.com/dsoprea/PyInotify/pull/104] + +Signed-off-by: Joe Slater +--- + tests/test_inotify.py | 346 -- + 1 file changed, 262 insertions(+), 84 deletions(-) + +diff --git a/tests/test_inotify.py b/tests/test_inotify.py +index d9f1f84..d89a49e 100644 +--- a/tests/test_inotify.py b/tests/test_inotify.py +@@ -2,6 +2,7 @@ + + import os + import unittest ++import time + + import inotify.constants + import inotify.calls +@@ -15,6 +16,11 @@ except NameError: + else: + _HAS_PYTHON2_UNICODE_SUPPORT = True + ++# Inotify does not have a get for watch descriptors ++# ++def get_wd(i, path): ++return i._Inotify__watches[path] ++ + + class TestInotify(unittest.TestCase): + def __init__(self, *args, **kwargs): +@@ -29,11 +35,11 @@ class TestInotify(unittest.TestCase): + @unittest.skipIf(_HAS_PYTHON2_UNICODE_SUPPORT is True, "Not in Python 3") + def test__international_naming_python3(self): + with inotify.test_support.temp_path() as path: +-inner_path = os.path.join(path, '新增資料夾') ++inner_path = os.path.join(path, u'新增資料夾') + os.mkdir(inner_path) + + i = inotify.adapters.Inotify() +-i.add_watch(inner_path) ++wd = i.add_watch(inner_path) + + with open(os.path.join(inner_path, 'filename'), 'w'): + pass +@@ -41,12 +47,27 @@ class TestInotify(unittest.TestCase): + events = self.__read_all_events(i) + + expected = [ +-(inotify.adapters._INOTIFY_EVENT(wd=1, mask=256, cookie=0, len=16), ['IN_CREATE'], inner_path, 'filename'), +-(inotify.adapters._INOTIFY_EVENT(wd=1, mask=32, cookie=0, len=16), ['IN_OPEN'], inner_path, 'filename'), +-(inotify.adapters._INOTIFY_EVENT(wd=1, mask=8, cookie=0, len=16), ['IN_CLOSE_WRITE'], inner_path, 'filename'), ++(inotify.adapters._INOTIFY_EVENT(wd=wd, mask=256, cookie=0, len=16), ['IN_CREATE'], inner_path, 'filename'), ++(inotify.adapters._INOTIFY_EVENT(wd=wd, mask=32, cookie=0, len=16), ['IN_OPEN'], inner_path, 'filename'), ++(inotify.adapters._INOTIFY_EVENT(wd=wd, mask=8, cookie=0, len=16), ['IN_CLOSE_WRITE'], inner_path, 'filename'), + ] + +-self.assertEquals(events, expected) ++if events != expected: ++print("ACTUAL:") ++print("") ++ ++for i, event in enumerate(events): ++print(event) ++ ++print("") ++ ++print("EXPECTED:") ++print("") ++ ++for i, event in enumerate(expected): ++print(event) ++ ++raise Exception("Events not correct.") + + @unittest.skipIf(_HAS_PYTHON2_UNICODE_SUPPORT is False, "Not in Python 2") + def test__international_naming_python2(self): +@@ -55,7 +76,7 @@ class TestInotify(unittest.TestCase): + os.mkdir(inner_path) + + i = inotify.adapters.Inotify() +-i.add_watch(inner_path) ++wd = i.add_wat
Re: [oe] [meta-python][PATCH 1/1] python3-inotify: fix tests
> -Original Message- > From: Khem Raj > Sent: Thursday, July 27, 2023 10:39 AM > To: Slater, Joseph > Cc: openembedded-devel@lists.openembedded.org; MacLeod, Randy > > Subject: Re: [oe] [meta-python][PATCH 1/1] python3-inotify: fix tests > > On Thu, Jul 27, 2023 at 10:34 AM Joe Slater via lists.openembedded.org > wrote: > > > > From: Joe Slater > > > > Some tests in test-inotify.py assume values for watch descriptors. > > This is not safe, so we retrieve the assigned values to compare with > > event information generated. > > > > Signed-off-by: Joe Slater > > --- > > .../python3-inotify/new-test-inotify.patch| 620 ++ > > .../python/python3-inotify_git.bb | 1 + > > 2 files changed, 621 insertions(+) > > create mode 100644 > > meta-python/recipes-devtools/python/python3-inotify/new-test-inotify.p > > atch > > > > diff --git > > a/meta-python/recipes-devtools/python/python3-inotify/new-test-inotify > > .patch > > b/meta-python/recipes-devtools/python/python3-inotify/new-test-inotify > > .patch > > new file mode 100644 > > index 00..08ef4fd3d6 > > --- /dev/null > > +++ b/meta-python/recipes-devtools/python/python3-inotify/new-test-ino > > +++ tify.patch > > @@ -0,0 +1,620 @@ > > +From 80010e27d774e8b722d569384492eaab2bc4ac61 Mon Sep 17 00:00:00 > > +2001 > > +From: Joe Slater > > +Date: Thu, 27 Jul 2023 15:01:04 + > > +Subject: [PATCH] working commit > > + > > +It is not safe to assume the values returned by add_watch(), so we > > +add a local helper get_wd() to retrieve them. This fixes a problem > > +in TestInotifyTree.test__cycle() where the wd's for the 'aa' and 'bb' > > +paths are not '2' and '3', respectively. > > + > > +A second issue is that Inotify._get_event_names() should return a set > > +or sorted list to avoid comparison problems, but that is not > > +addressed here since it could be viewed as changing the API. > > + > > +This test_inotify.py is based on the version in the fix_tests branch > > +of pyinotify as of commit d7d3c58... > > + > > +Upstream-Status: Submitted [to maintainer dus...@randomingenuity.com] > > hmmm, why not create a github PR at > https://github.com/dsoprea/pyinotify [Slater, Joseph] No reason other than since I'm thinking this is a one-off it was easier to do clone, format-patch rather than fork, clone, push, pull but I haven't kept up with github options, so maybe generating a PR can be done without a fork. Joe > > > + > > +Signed-off-by: Joe Slater > > +--- > > + tests/test_inotify.py | 346 > > +-- > > + 1 file changed, 262 insertions(+), 84 deletions(-) > > + > > +diff --git a/tests/test_inotify.py b/tests/test_inotify.py index > > +d9f1f84..d89a49e 100644 > > +--- a/tests/test_inotify.py > > b/tests/test_inotify.py > > +@@ -2,6 +2,7 @@ > > + > > + import os > > + import unittest > > ++import time > > + > > + import inotify.constants > > + import inotify.calls > > +@@ -15,6 +16,11 @@ except NameError: > > + else: > > + _HAS_PYTHON2_UNICODE_SUPPORT = True > > + > > ++# Inotify does not have a get for watch descriptors # def get_wd(i, > > ++path): > > ++return i._Inotify__watches[path] > > ++ > > + > > + class TestInotify(unittest.TestCase): > > + def __init__(self, *args, **kwargs): > > +@@ -29,11 +35,11 @@ class TestInotify(unittest.TestCase): > > + @unittest.skipIf(_HAS_PYTHON2_UNICODE_SUPPORT is True, "Not in > Python 3") > > + def test__international_naming_python3(self): > > + with inotify.test_support.temp_path() as path: > > +-inner_path = os.path.join(path, '新增資料夾') > > ++inner_path = os.path.join(path, u'新增資料夾') > > + os.mkdir(inner_path) > > + > > + i = inotify.adapters.Inotify() > > +-i.add_watch(inner_path) > > ++wd = i.add_watch(inner_path) > > + > > + with open(os.path.join(inner_path, 'filename'), 'w'): > > + pass > > +@@ -41,12 +47,27 @@ class TestInotify(unittest.TestCase): > > + events = self.__read_all_events(i) > > + > > + expected = [ > > +-(inotify.adapters._INOTIFY_EVENT(wd=1, mask=256, cookie=0,
[oe] [meta-python][PATCH 1/1] python3-inotify: fix tests
From: Joe Slater Some tests in test-inotify.py assume values for watch descriptors. This is not safe, so we retrieve the assigned values to compare with event information generated. Signed-off-by: Joe Slater --- .../python3-inotify/new-test-inotify.patch| 620 ++ .../python/python3-inotify_git.bb | 1 + 2 files changed, 621 insertions(+) create mode 100644 meta-python/recipes-devtools/python/python3-inotify/new-test-inotify.patch diff --git a/meta-python/recipes-devtools/python/python3-inotify/new-test-inotify.patch b/meta-python/recipes-devtools/python/python3-inotify/new-test-inotify.patch new file mode 100644 index 00..08ef4fd3d6 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-inotify/new-test-inotify.patch @@ -0,0 +1,620 @@ +From 80010e27d774e8b722d569384492eaab2bc4ac61 Mon Sep 17 00:00:00 2001 +From: Joe Slater +Date: Thu, 27 Jul 2023 15:01:04 + +Subject: [PATCH] working commit + +It is not safe to assume the values returned by add_watch(), +so we add a local helper get_wd() to retrieve them. This fixes +a problem in TestInotifyTree.test__cycle() where the +wd's for the 'aa' and 'bb' paths are not '2' and '3', +respectively. + +A second issue is that Inotify._get_event_names() should +return a set or sorted list to avoid comparison problems, +but that is not addressed here since it could be viewed as +changing the API. + +This test_inotify.py is based on the version in the fix_tests branch of +pyinotify as of commit d7d3c58... + +Upstream-Status: Submitted [to maintainer dus...@randomingenuity.com] + +Signed-off-by: Joe Slater +--- + tests/test_inotify.py | 346 -- + 1 file changed, 262 insertions(+), 84 deletions(-) + +diff --git a/tests/test_inotify.py b/tests/test_inotify.py +index d9f1f84..d89a49e 100644 +--- a/tests/test_inotify.py b/tests/test_inotify.py +@@ -2,6 +2,7 @@ + + import os + import unittest ++import time + + import inotify.constants + import inotify.calls +@@ -15,6 +16,11 @@ except NameError: + else: + _HAS_PYTHON2_UNICODE_SUPPORT = True + ++# Inotify does not have a get for watch descriptors ++# ++def get_wd(i, path): ++return i._Inotify__watches[path] ++ + + class TestInotify(unittest.TestCase): + def __init__(self, *args, **kwargs): +@@ -29,11 +35,11 @@ class TestInotify(unittest.TestCase): + @unittest.skipIf(_HAS_PYTHON2_UNICODE_SUPPORT is True, "Not in Python 3") + def test__international_naming_python3(self): + with inotify.test_support.temp_path() as path: +-inner_path = os.path.join(path, '新增資料夾') ++inner_path = os.path.join(path, u'新增資料夾') + os.mkdir(inner_path) + + i = inotify.adapters.Inotify() +-i.add_watch(inner_path) ++wd = i.add_watch(inner_path) + + with open(os.path.join(inner_path, 'filename'), 'w'): + pass +@@ -41,12 +47,27 @@ class TestInotify(unittest.TestCase): + events = self.__read_all_events(i) + + expected = [ +-(inotify.adapters._INOTIFY_EVENT(wd=1, mask=256, cookie=0, len=16), ['IN_CREATE'], inner_path, 'filename'), +-(inotify.adapters._INOTIFY_EVENT(wd=1, mask=32, cookie=0, len=16), ['IN_OPEN'], inner_path, 'filename'), +-(inotify.adapters._INOTIFY_EVENT(wd=1, mask=8, cookie=0, len=16), ['IN_CLOSE_WRITE'], inner_path, 'filename'), ++(inotify.adapters._INOTIFY_EVENT(wd=wd, mask=256, cookie=0, len=16), ['IN_CREATE'], inner_path, 'filename'), ++(inotify.adapters._INOTIFY_EVENT(wd=wd, mask=32, cookie=0, len=16), ['IN_OPEN'], inner_path, 'filename'), ++(inotify.adapters._INOTIFY_EVENT(wd=wd, mask=8, cookie=0, len=16), ['IN_CLOSE_WRITE'], inner_path, 'filename'), + ] + +-self.assertEquals(events, expected) ++if events != expected: ++print("ACTUAL:") ++print("") ++ ++for i, event in enumerate(events): ++print(event) ++ ++print("") ++ ++print("EXPECTED:") ++print("") ++ ++for i, event in enumerate(expected): ++print(event) ++ ++raise Exception("Events not correct.") + + @unittest.skipIf(_HAS_PYTHON2_UNICODE_SUPPORT is False, "Not in Python 2") + def test__international_naming_python2(self): +@@ -55,7 +76,7 @@ class TestInotify(unittest.TestCase): + os.mkdir(inner_path) + + i = inotify.adapters.Inotify() +-i.add_watch(inner_path) ++wd = i.add_wat
[oe] [mickledore][meta-oe][PATCH 1/1] libgpiod: modify RDEPENDS for ptest
From: Joe Slater The current use of RDEPENDS to add a dependency on bats results in the QA warning/error lib32-libgpiod package lib32-libgpiod-ptest-dev - suspicious values 'bats-dev' in RRECOMMENDS [multilib] when building lib32-libgpiod with ptest not enabled. We add the dependency only if ptest is enabled. Signed-off-by: Joe Slater Signed-off-by: Khem Raj (cherry picked from commit 9904bd6a24ed9327bd05926ba28f9c2ea49e34dd) --- meta-oe/recipes-support/libgpiod/libgpiod.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-support/libgpiod/libgpiod.inc b/meta-oe/recipes-support/libgpiod/libgpiod.inc index abb6544ec2..cf6c0ae0f6 100644 --- a/meta-oe/recipes-support/libgpiod/libgpiod.inc +++ b/meta-oe/recipes-support/libgpiod/libgpiod.inc @@ -38,7 +38,7 @@ FILES:${PN}-ptest += " \ FILES:libgpiodcxx = "${libdir}/libgpiodcxx.so.*" RRECOMMENDS:${PN}-ptest += "coreutils" -RDEPENDS:${PN}-ptest += "bats" +RDEPENDS:${PN}-ptest += "${@bb.utils.contains('PTEST_ENABLED', '1', 'bats', '', d)}" do_install_ptest() { install -d ${D}${PTEST_PATH}/tests/ -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#103877): https://lists.openembedded.org/g/openembedded-devel/message/103877 Mute This Topic: https://lists.openembedded.org/mt/100196047/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [oe-core][PATCH 1/1] libgpiod: modify RDEPENDS for ptest
From: Joe Slater The current use of RDEPENDS to add a dependency on bats results in the QA warning/error lib32-libgpiod package lib32-libgpiod-ptest-dev - suspicious values 'bats-dev' in RRECOMMENDS [multilib] when building lib32-libgpiod with ptest not enabled. We add the dependency only if ptest is enabled. Signed-off-by: Joe Slater --- meta-oe/recipes-support/libgpiod/libgpiod.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-support/libgpiod/libgpiod.inc b/meta-oe/recipes-support/libgpiod/libgpiod.inc index a2d1f57a8b..cb19bc5fb8 100644 --- a/meta-oe/recipes-support/libgpiod/libgpiod.inc +++ b/meta-oe/recipes-support/libgpiod/libgpiod.inc @@ -34,7 +34,7 @@ FILES:${PN}-tools += " \ FILES:libgpiodcxx = "${libdir}/libgpiodcxx.so.*" RRECOMMENDS:${PN}-ptest += "coreutils" -RDEPENDS:${PN}-ptest += "bats" +RDEPENDS:${PN}-ptest += "${@bb.utils.contains('PTEST_ENABLED', '1', 'bats', '', d)}" do_install:append() { rm -f ${D}${bindir}/gpiod-test -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#103847): https://lists.openembedded.org/g/openembedded-devel/message/103847 Mute This Topic: https://lists.openembedded.org/mt/100108912/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [mickledore][meta-python][PATCH 1/1] python3-sqlparse: fix CVE-2023-30608
From: Joe Slater Backport from commit c457abd5f... upstream. Signed-off-by: Joe Slater Signed-off-by: Khem Raj (cherry picked from commit f8df47347619f5d8dc96710e3f892ae1a21b5e90) --- .../python3-sqlparse/CVE-2023-30608.patch | 51 +++ .../python/python3-sqlparse_0.4.3.bb | 1 + 2 files changed, 52 insertions(+) create mode 100644 meta-python/recipes-devtools/python/python3-sqlparse/CVE-2023-30608.patch diff --git a/meta-python/recipes-devtools/python/python3-sqlparse/CVE-2023-30608.patch b/meta-python/recipes-devtools/python/python3-sqlparse/CVE-2023-30608.patch new file mode 100644 index 00..f5526c5b88 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-sqlparse/CVE-2023-30608.patch @@ -0,0 +1,51 @@ +From c457abd5f097dd13fb21543381e7cfafe7d31cfb Mon Sep 17 00:00:00 2001 +From: Andi Albrecht +Date: Mon, 20 Mar 2023 08:33:46 +0100 +Subject: [PATCH] Remove unnecessary parts in regex for bad escaping. + +The regex tried to deal with situations where escaping in the +SQL to be parsed was suspicious. + +Upstream-Status: Backport +CVE: CVE-2023-30608 + +Reference to upstream patch: +https://github.com/andialbrecht/sqlparse/commit/c457abd5f097dd13fb21543381e7cfafe7d31cfb + +[AZ: drop changes to CHANGELOG file and adjust context whitespaces] +Signed-off-by: Adrian Zaharia + +Adjust indentation in keywords.py. +Signed-off-by: Joe Slater +--- + sqlparse/keywords.py | 4 ++-- + tests/test_split.py | 4 ++-- + 2 files changed, 4 insertions(+), 4 deletions(-) + +--- sqlparse-0.4.3.orig/sqlparse/keywords.py sqlparse-0.4.3/sqlparse/keywords.py +@@ -72,9 +72,9 @@ SQL_REGEX = { + (r'(?![_A-ZÀ-Ü])-?(\d+(\.\d*)|\.\d+)(?![_A-ZÀ-Ü])', + tokens.Number.Float), + (r'(?![_A-ZÀ-Ü])-?\d+(?![_A-ZÀ-Ü])', tokens.Number.Integer), +-(r"'(''||\\'|[^'])*'", tokens.String.Single), ++(r"'(''|\\'|[^'])*'", tokens.String.Single), + # not a real string literal in ANSI SQL: +-(r'"(""||\\"|[^"])*"', tokens.String.Symbol), ++(r'"(""|\\"|[^"])*"', tokens.String.Symbol), + (r'(""|".*?[^\\]")', tokens.String.Symbol), + # sqlite names can be escaped with [square brackets]. left bracket + # cannot be preceded by word character or a right bracket -- +--- sqlparse-0.4.3.orig/tests/test_split.py sqlparse-0.4.3/tests/test_split.py +@@ -18,8 +18,8 @@ def test_split_semicolon(): + + + def test_split_backslash(): +-stmts = sqlparse.parse(r"select '\\'; select '\''; select '\\\'';") +-assert len(stmts) == 3 ++stmts = sqlparse.parse("select '\'; select '\'';") ++assert len(stmts) == 2 + + + @pytest.mark.parametrize('fn', ['function.sql', diff --git a/meta-python/recipes-devtools/python/python3-sqlparse_0.4.3.bb b/meta-python/recipes-devtools/python/python3-sqlparse_0.4.3.bb index c952c71d0b..a402f991f7 100644 --- a/meta-python/recipes-devtools/python/python3-sqlparse_0.4.3.bb +++ b/meta-python/recipes-devtools/python/python3-sqlparse_0.4.3.bb @@ -5,6 +5,7 @@ LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=2b136f573f5386001ea3b7b9016222fc" SRC_URI += "file://0001-sqlparse-change-shebang-to-python3.patch \ +file://CVE-2023-30608.patch \ file://run-ptest \ " -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#103480): https://lists.openembedded.org/g/openembedded-devel/message/103480 Mute This Topic: https://lists.openembedded.org/mt/99680644/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [mickledore][meta-oe][PATCH 1/1] libgpiod: modify test 'gpioset: toggle (continuous)'
From: Joe Slater Look for level transitions when testing toggling values because using fixed delays to assume value changes is not reliable. Signed-off-by: Joe Slater Reviewed-by: Bartosz Golaszewski Signed-off-by: Khem Raj cherry-pick from meta-oe/master 45a8bb2620... Signed-off-by: Joe Slater --- .../gpio-tools-test-bats-modify.patch | 67 +++ .../recipes-support/libgpiod/libgpiod_2.0.bb | 2 + 2 files changed, 69 insertions(+) create mode 100644 meta-oe/recipes-support/libgpiod/libgpiod-2.0/gpio-tools-test-bats-modify.patch diff --git a/meta-oe/recipes-support/libgpiod/libgpiod-2.0/gpio-tools-test-bats-modify.patch b/meta-oe/recipes-support/libgpiod/libgpiod-2.0/gpio-tools-test-bats-modify.patch new file mode 100644 index 00..4d49467968 --- /dev/null +++ b/meta-oe/recipes-support/libgpiod/libgpiod-2.0/gpio-tools-test-bats-modify.patch @@ -0,0 +1,67 @@ +From 53f9670d6af1bd0745c1df9c469b269c72607b23 Mon Sep 17 00:00:00 2001 +From: Joe Slater +Date: Tue, 6 Jun 2023 08:04:27 -0700 +Subject: [PATCH] tools: tests: modify delays in toggle test + +The test "gpioset: toggle (continuous)" uses fixed delays to test +toggling values. This is not reliable, so we switch to looking +for transitions from one value to another. + +We wait for a transition up to 1.5 seconds. + +Signed-off-by: Joe Slater +Signed-off-by: Bartosz Golaszewski + +Upstream-status: accepted + +Signed-off-by: Joe Slater +--- + tools/gpio-tools-test.bats | 21 - + 1 file changed, 16 insertions(+), 5 deletions(-) + +diff --git a/tools/gpio-tools-test.bats b/tools/gpio-tools-test.bats +index c83ca7d..929c35a 100755 +--- a/tools/gpio-tools-test.bats b/tools/gpio-tools-test.bats +@@ -141,6 +141,20 @@ gpiosim_check_value() { + [ "$VAL" = "$EXPECTED" ] + } + ++gpiosim_wait_value() { ++ local OFFSET=$2 ++ local EXPECTED=$3 ++ local DEVNAME=${GPIOSIM_DEV_NAME[$1]} ++ local CHIPNAME=${GPIOSIM_CHIP_NAME[$1]} ++ local PORT=$GPIOSIM_SYSFS/$DEVNAME/$CHIPNAME/sim_gpio$OFFSET/value ++ ++ for i in {1..15}; do ++ [ "$(<$PORT)" = "$EXPECTED" ] && return ++ sleep 0.1 ++ done ++ return 1 ++} ++ + gpiosim_cleanup() { + for CHIP in ${!GPIOSIM_CHIP_NAME[@]} + do +@@ -1567,15 +1581,12 @@ request_release_line() { + gpiosim_check_value sim0 4 0 + gpiosim_check_value sim0 7 0 + +- sleep 1 +- +- gpiosim_check_value sim0 1 0 ++ gpiosim_wait_value sim0 1 0 + gpiosim_check_value sim0 4 1 + gpiosim_check_value sim0 7 1 + +- sleep 1 + +- gpiosim_check_value sim0 1 1 ++ gpiosim_wait_value sim0 1 1 + gpiosim_check_value sim0 4 0 + gpiosim_check_value sim0 7 0 + } +-- +2.25.1 + diff --git a/meta-oe/recipes-support/libgpiod/libgpiod_2.0.bb b/meta-oe/recipes-support/libgpiod/libgpiod_2.0.bb index 179fe170e2..ee20aaf792 100644 --- a/meta-oe/recipes-support/libgpiod/libgpiod_2.0.bb +++ b/meta-oe/recipes-support/libgpiod/libgpiod_2.0.bb @@ -11,6 +11,8 @@ SRC_URI[sha256sum] = "f74cbf82038b3cb98ebeb25bce55ee2553be28194002d2a9889b9268cc S = "${WORKDIR}/libgpiod-2.0" +SRC_URI += "file://gpio-tools-test-bats-modify.patch" + # We must enable gpioset-interactive for all gpio-tools tests to pass PACKAGECONFIG[tests] = "--enable-tests --enable-gpioset-interactive,--disable-tests,kmod util-linux glib-2.0 catch2 libedit" PACKAGECONFIG[gpioset-interactive] = "--enable-gpioset-interactive,--disable-gpioset-interactive,libedit" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#103331): https://lists.openembedded.org/g/openembedded-devel/message/103331 Mute This Topic: https://lists.openembedded.org/mt/99559114/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-python][PATCH 1/1] python3-sqlparse: fix CVE-2023-30608
From: Joe Slater Backport from commit c457abd5f... upstream. Signed-off-by: Joe Slater --- .../python3-sqlparse/CVE-2023-30608.patch | 51 +++ .../python/python3-sqlparse_0.4.3.bb | 1 + 2 files changed, 52 insertions(+) create mode 100644 meta-python/recipes-devtools/python/python3-sqlparse/CVE-2023-30608.patch diff --git a/meta-python/recipes-devtools/python/python3-sqlparse/CVE-2023-30608.patch b/meta-python/recipes-devtools/python/python3-sqlparse/CVE-2023-30608.patch new file mode 100644 index 00..f5526c5b88 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-sqlparse/CVE-2023-30608.patch @@ -0,0 +1,51 @@ +From c457abd5f097dd13fb21543381e7cfafe7d31cfb Mon Sep 17 00:00:00 2001 +From: Andi Albrecht +Date: Mon, 20 Mar 2023 08:33:46 +0100 +Subject: [PATCH] Remove unnecessary parts in regex for bad escaping. + +The regex tried to deal with situations where escaping in the +SQL to be parsed was suspicious. + +Upstream-Status: Backport +CVE: CVE-2023-30608 + +Reference to upstream patch: +https://github.com/andialbrecht/sqlparse/commit/c457abd5f097dd13fb21543381e7cfafe7d31cfb + +[AZ: drop changes to CHANGELOG file and adjust context whitespaces] +Signed-off-by: Adrian Zaharia + +Adjust indentation in keywords.py. +Signed-off-by: Joe Slater +--- + sqlparse/keywords.py | 4 ++-- + tests/test_split.py | 4 ++-- + 2 files changed, 4 insertions(+), 4 deletions(-) + +--- sqlparse-0.4.3.orig/sqlparse/keywords.py sqlparse-0.4.3/sqlparse/keywords.py +@@ -72,9 +72,9 @@ SQL_REGEX = { + (r'(?![_A-ZÀ-Ü])-?(\d+(\.\d*)|\.\d+)(?![_A-ZÀ-Ü])', + tokens.Number.Float), + (r'(?![_A-ZÀ-Ü])-?\d+(?![_A-ZÀ-Ü])', tokens.Number.Integer), +-(r"'(''||\\'|[^'])*'", tokens.String.Single), ++(r"'(''|\\'|[^'])*'", tokens.String.Single), + # not a real string literal in ANSI SQL: +-(r'"(""||\\"|[^"])*"', tokens.String.Symbol), ++(r'"(""|\\"|[^"])*"', tokens.String.Symbol), + (r'(""|".*?[^\\]")', tokens.String.Symbol), + # sqlite names can be escaped with [square brackets]. left bracket + # cannot be preceded by word character or a right bracket -- +--- sqlparse-0.4.3.orig/tests/test_split.py sqlparse-0.4.3/tests/test_split.py +@@ -18,8 +18,8 @@ def test_split_semicolon(): + + + def test_split_backslash(): +-stmts = sqlparse.parse(r"select '\\'; select '\''; select '\\\'';") +-assert len(stmts) == 3 ++stmts = sqlparse.parse("select '\'; select '\'';") ++assert len(stmts) == 2 + + + @pytest.mark.parametrize('fn', ['function.sql', diff --git a/meta-python/recipes-devtools/python/python3-sqlparse_0.4.3.bb b/meta-python/recipes-devtools/python/python3-sqlparse_0.4.3.bb index c952c71d0b..a402f991f7 100644 --- a/meta-python/recipes-devtools/python/python3-sqlparse_0.4.3.bb +++ b/meta-python/recipes-devtools/python/python3-sqlparse_0.4.3.bb @@ -5,6 +5,7 @@ LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=2b136f573f5386001ea3b7b9016222fc" SRC_URI += "file://0001-sqlparse-change-shebang-to-python3.patch \ +file://CVE-2023-30608.patch \ file://run-ptest \ " -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#103321): https://lists.openembedded.org/g/openembedded-devel/message/103321 Mute This Topic: https://lists.openembedded.org/mt/9986/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe] [v3][meta-oe][PATCH 1/1] libgpiod: modify test 'gpioset: toggle (continuous)'
> -Original Message- > From: Bartosz Golaszewski > Sent: Wednesday, June 14, 2023 8:13 AM > To: Slater, Joseph > Cc: openembedded-devel@lists.openembedded.org; MacLeod, Randy > > Subject: Re: [v3][meta-oe][PATCH 1/1] libgpiod: modify test 'gpioset: toggle > (continuous)' > > On Wed, Jun 14, 2023 at 4:06 PM wrote: > > > > From: Joe Slater > > > > Look for level transitions when testing toggling values because using > > fixed delays to assume value changes is not reliable. > > > > Signed-off-by: Joe Slater > > --- > > .../gpio-tools-test-bats-modify.patch | 67 +++ > > .../libgpiod/libgpiod_2.0.1.bb| 2 + > > 2 files changed, 69 insertions(+) > > create mode 100644 > > meta-oe/recipes-support/libgpiod/libgpiod-2.x/gpio-tools-test-bats-mod > > ify.patch > > > > diff --git > > a/meta-oe/recipes-support/libgpiod/libgpiod-2.x/gpio-tools-test-bats-m > > odify.patch > > b/meta-oe/recipes-support/libgpiod/libgpiod-2.x/gpio-tools-test-bats-m > > odify.patch > > new file mode 100644 > > index 00..4d49467968 > > --- /dev/null > > +++ b/meta-oe/recipes-support/libgpiod/libgpiod-2.x/gpio-tools-test-ba > > +++ ts-modify.patch > > @@ -0,0 +1,67 @@ > > +From 53f9670d6af1bd0745c1df9c469b269c72607b23 Mon Sep 17 00:00:00 > > +2001 > > +From: Joe Slater > > +Date: Tue, 6 Jun 2023 08:04:27 -0700 > > +Subject: [PATCH] tools: tests: modify delays in toggle test > > + > > +The test "gpioset: toggle (continuous)" uses fixed delays to test > > +toggling values. This is not reliable, so we switch to looking for > > +transitions from one value to another. > > + > > +We wait for a transition up to 1.5 seconds. > > + > > +Signed-off-by: Joe Slater > > +Signed-off-by: Bartosz Golaszewski > > + > > +Upstream-status: accepted > > + > > +Signed-off-by: Joe Slater > > +--- > > + tools/gpio-tools-test.bats | 21 - > > + 1 file changed, 16 insertions(+), 5 deletions(-) > > + > > +diff --git a/tools/gpio-tools-test.bats b/tools/gpio-tools-test.bats > > +index c83ca7d..929c35a 100755 > > +--- a/tools/gpio-tools-test.bats > > b/tools/gpio-tools-test.bats > > +@@ -141,6 +141,20 @@ gpiosim_check_value() { > > + [ "$VAL" = "$EXPECTED" ] > > + } > > + > > ++gpiosim_wait_value() { > > ++ local OFFSET=$2 > > ++ local EXPECTED=$3 > > ++ local DEVNAME=${GPIOSIM_DEV_NAME[$1]} > > ++ local CHIPNAME=${GPIOSIM_CHIP_NAME[$1]} > > ++ local > > ++PORT=$GPIOSIM_SYSFS/$DEVNAME/$CHIPNAME/sim_gpio$OFFSET/value > > ++ > > ++ for i in {1..15}; do > > ++ [ "$(<$PORT)" = "$EXPECTED" ] && return > > ++ sleep 0.1 > > ++ done > > ++ return 1 > > ++} > > ++ > > + gpiosim_cleanup() { > > + for CHIP in ${!GPIOSIM_CHIP_NAME[@]} > > + do > > +@@ -1567,15 +1581,12 @@ request_release_line() { > > + gpiosim_check_value sim0 4 0 > > + gpiosim_check_value sim0 7 0 > > + > > +- sleep 1 > > +- > > +- gpiosim_check_value sim0 1 0 > > ++ gpiosim_wait_value sim0 1 0 > > + gpiosim_check_value sim0 4 1 > > + gpiosim_check_value sim0 7 1 > > + > > +- sleep 1 > > + > > +- gpiosim_check_value sim0 1 1 > > ++ gpiosim_wait_value sim0 1 1 > > + gpiosim_check_value sim0 4 0 > > + gpiosim_check_value sim0 7 0 > > + } > > +-- > > +2.25.1 > > + > > diff --git a/meta-oe/recipes-support/libgpiod/libgpiod_2.0.1.bb > > b/meta-oe/recipes-support/libgpiod/libgpiod_2.0.1.bb > > index 337554cd89..6958f2d841 100644 > > --- a/meta-oe/recipes-support/libgpiod/libgpiod_2.0.1.bb > > +++ b/meta-oe/recipes-support/libgpiod/libgpiod_2.0.1.bb > > @@ -9,6 +9,8 @@ LIC_FILES_CHKSUM = " \ > > > > FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}-2.x:" > > > > +SRC_URI += "file://gpio-tools-test-bats-modify.patch" > > + > > SRC_URI[sha256sum] = > "b5367d28d045b36007a4ffd42cceda4c358737ef4f2ce22b0c1d05ec57a38392" > > > > # Enable all project features for ptest > > -- > > 2.25.1 > > > Reluctant: > > Reviewed-by: Bartosz Golaszewski > > Although, I'm asking myself - why do you need this? Have you seen any failures > with ptest? Can this wait for a full release? [Slater, Joseph] Yes, we have seen failures. It is not my call as to when they need to be fixed. I can understand meta-oe wanting to wait for a release. If that is the case, I'll have to see what people want to do locally as a temporary fix. Joe > > Bart -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#103287): https://lists.openembedded.org/g/openembedded-devel/message/103287 Mute This Topic: https://lists.openembedded.org/mt/99528223/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [v3][meta-oe][PATCH 1/1] libgpiod: modify test 'gpioset: toggle (continuous)'
From: Joe Slater Look for level transitions when testing toggling values because using fixed delays to assume value changes is not reliable. Signed-off-by: Joe Slater --- .../gpio-tools-test-bats-modify.patch | 67 +++ .../libgpiod/libgpiod_2.0.1.bb| 2 + 2 files changed, 69 insertions(+) create mode 100644 meta-oe/recipes-support/libgpiod/libgpiod-2.x/gpio-tools-test-bats-modify.patch diff --git a/meta-oe/recipes-support/libgpiod/libgpiod-2.x/gpio-tools-test-bats-modify.patch b/meta-oe/recipes-support/libgpiod/libgpiod-2.x/gpio-tools-test-bats-modify.patch new file mode 100644 index 00..4d49467968 --- /dev/null +++ b/meta-oe/recipes-support/libgpiod/libgpiod-2.x/gpio-tools-test-bats-modify.patch @@ -0,0 +1,67 @@ +From 53f9670d6af1bd0745c1df9c469b269c72607b23 Mon Sep 17 00:00:00 2001 +From: Joe Slater +Date: Tue, 6 Jun 2023 08:04:27 -0700 +Subject: [PATCH] tools: tests: modify delays in toggle test + +The test "gpioset: toggle (continuous)" uses fixed delays to test +toggling values. This is not reliable, so we switch to looking +for transitions from one value to another. + +We wait for a transition up to 1.5 seconds. + +Signed-off-by: Joe Slater +Signed-off-by: Bartosz Golaszewski + +Upstream-status: accepted + +Signed-off-by: Joe Slater +--- + tools/gpio-tools-test.bats | 21 - + 1 file changed, 16 insertions(+), 5 deletions(-) + +diff --git a/tools/gpio-tools-test.bats b/tools/gpio-tools-test.bats +index c83ca7d..929c35a 100755 +--- a/tools/gpio-tools-test.bats b/tools/gpio-tools-test.bats +@@ -141,6 +141,20 @@ gpiosim_check_value() { + [ "$VAL" = "$EXPECTED" ] + } + ++gpiosim_wait_value() { ++ local OFFSET=$2 ++ local EXPECTED=$3 ++ local DEVNAME=${GPIOSIM_DEV_NAME[$1]} ++ local CHIPNAME=${GPIOSIM_CHIP_NAME[$1]} ++ local PORT=$GPIOSIM_SYSFS/$DEVNAME/$CHIPNAME/sim_gpio$OFFSET/value ++ ++ for i in {1..15}; do ++ [ "$(<$PORT)" = "$EXPECTED" ] && return ++ sleep 0.1 ++ done ++ return 1 ++} ++ + gpiosim_cleanup() { + for CHIP in ${!GPIOSIM_CHIP_NAME[@]} + do +@@ -1567,15 +1581,12 @@ request_release_line() { + gpiosim_check_value sim0 4 0 + gpiosim_check_value sim0 7 0 + +- sleep 1 +- +- gpiosim_check_value sim0 1 0 ++ gpiosim_wait_value sim0 1 0 + gpiosim_check_value sim0 4 1 + gpiosim_check_value sim0 7 1 + +- sleep 1 + +- gpiosim_check_value sim0 1 1 ++ gpiosim_wait_value sim0 1 1 + gpiosim_check_value sim0 4 0 + gpiosim_check_value sim0 7 0 + } +-- +2.25.1 + diff --git a/meta-oe/recipes-support/libgpiod/libgpiod_2.0.1.bb b/meta-oe/recipes-support/libgpiod/libgpiod_2.0.1.bb index 337554cd89..6958f2d841 100644 --- a/meta-oe/recipes-support/libgpiod/libgpiod_2.0.1.bb +++ b/meta-oe/recipes-support/libgpiod/libgpiod_2.0.1.bb @@ -9,6 +9,8 @@ LIC_FILES_CHKSUM = " \ FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}-2.x:" +SRC_URI += "file://gpio-tools-test-bats-modify.patch" + SRC_URI[sha256sum] = "b5367d28d045b36007a4ffd42cceda4c358737ef4f2ce22b0c1d05ec57a38392" # Enable all project features for ptest -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#103284): https://lists.openembedded.org/g/openembedded-devel/message/103284 Mute This Topic: https://lists.openembedded.org/mt/99528223/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [V2][meta-oe][PATCH 1/1] libgpiod: modify test 'gpioset: toggle (continuous)'
From: Joe Slater Look for level transitions when testing toggling values because using fixed delays to assume value changes is not reliable. Signed-off-by: Joe Slater --- .../gpio-tools-test-bats-modify.patch | 67 +++ .../libgpiod/libgpiod_2.0.1.bb| 2 + 2 files changed, 69 insertions(+) create mode 100644 meta-oe/recipes-support/libgpiod/libgpiod-2.x/gpio-tools-test-bats-modify.patch diff --git a/meta-oe/recipes-support/libgpiod/libgpiod-2.x/gpio-tools-test-bats-modify.patch b/meta-oe/recipes-support/libgpiod/libgpiod-2.x/gpio-tools-test-bats-modify.patch new file mode 100644 index 00..6ad43aa041 --- /dev/null +++ b/meta-oe/recipes-support/libgpiod/libgpiod-2.x/gpio-tools-test-bats-modify.patch @@ -0,0 +1,67 @@ +From 4fc48e743de52562cd61de6cd74181392e4e75b7 Mon Sep 17 00:00:00 2001 +From: Joe Slater +Date: Fri, 19 May 2023 08:46:47 -0700 +Subject: [libgpiod][PATCH v4] gpio-tools-test.bats: modify delays in + toggle test + +The test "gpioset: toggle (continuous)" uses fixed delays to test +toggling values. This is not reliable, so we switch to looking +for transitions from one value to another. + +We wait for a transition up to 1.5 seconds. + +Signed-off-by: Joe Slater + +Upstream-status: accepted + +Signed-off-by: Joe Slater +--- + tools/gpio-tools-test.bats | 21 - + 1 file changed, 16 insertions(+), 5 deletions(-) + +diff --git a/tools/gpio-tools-test.bats b/tools/gpio-tools-test.bats +index c83ca7d..929c35a 100755 +--- a/tools/gpio-tools-test.bats b/tools/gpio-tools-test.bats +@@ -141,6 +141,20 @@ gpiosim_check_value() { + [ "$VAL" = "$EXPECTED" ] + } + ++gpiosim_wait_value() { ++ local OFFSET=$2 ++ local EXPECTED=$3 ++ local DEVNAME=${GPIOSIM_DEV_NAME[$1]} ++ local CHIPNAME=${GPIOSIM_CHIP_NAME[$1]} ++ local PORT=$GPIOSIM_SYSFS/$DEVNAME/$CHIPNAME/sim_gpio$OFFSET/value ++ ++ for i in {1..15}; do ++ [ "$(<$PORT)" = "$EXPECTED" ] && return ++ sleep 0.1 ++ done ++ return 1 ++} ++ + gpiosim_cleanup() { + for CHIP in ${!GPIOSIM_CHIP_NAME[@]} + do +@@ -1567,15 +1581,12 @@ request_release_line() { + gpiosim_check_value sim0 4 0 + gpiosim_check_value sim0 7 0 + +- sleep 1 +- +- gpiosim_check_value sim0 1 0 ++ gpiosim_wait_value sim0 1 0 + gpiosim_check_value sim0 4 1 + gpiosim_check_value sim0 7 1 + +- sleep 1 + +- gpiosim_check_value sim0 1 1 ++ gpiosim_wait_value sim0 1 1 + gpiosim_check_value sim0 4 0 + gpiosim_check_value sim0 7 0 + } +-- +2.25.1 + diff --git a/meta-oe/recipes-support/libgpiod/libgpiod_2.0.1.bb b/meta-oe/recipes-support/libgpiod/libgpiod_2.0.1.bb index 337554cd89..6958f2d841 100644 --- a/meta-oe/recipes-support/libgpiod/libgpiod_2.0.1.bb +++ b/meta-oe/recipes-support/libgpiod/libgpiod_2.0.1.bb @@ -9,6 +9,8 @@ LIC_FILES_CHKSUM = " \ FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}-2.x:" +SRC_URI += "file://gpio-tools-test-bats-modify.patch" + SRC_URI[sha256sum] = "b5367d28d045b36007a4ffd42cceda4c358737ef4f2ce22b0c1d05ec57a38392" # Enable all project features for ptest -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#103152): https://lists.openembedded.org/g/openembedded-devel/message/103152 Mute This Topic: https://lists.openembedded.org/mt/99368727/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-oe][PATCH 1/1] libgpiod: modify test 'gpioset: toggle (continuous)'
From: Joe Slater Look for level transitions when testing toggling values because using fixed delays to assume value changes is not reliable. Signed-off-by: Joe Slater --- ...-ptest-modify-delays-in-toggle-tests.patch | 60 +++ .../libgpiod/libgpiod_2.0.1.bb| 2 + 2 files changed, 62 insertions(+) create mode 100644 meta-oe/recipes-support/libgpiod/libgpiod-2.x/0001-ptest-modify-delays-in-toggle-tests.patch diff --git a/meta-oe/recipes-support/libgpiod/libgpiod-2.x/0001-ptest-modify-delays-in-toggle-tests.patch b/meta-oe/recipes-support/libgpiod/libgpiod-2.x/0001-ptest-modify-delays-in-toggle-tests.patch new file mode 100644 index 00..11f2d5c4a9 --- /dev/null +++ b/meta-oe/recipes-support/libgpiod/libgpiod-2.x/0001-ptest-modify-delays-in-toggle-tests.patch @@ -0,0 +1,60 @@ +From b73a79245ac0fa36b15bf3308e4ed008793ff15c Mon Sep 17 00:00:00 2001 +From: Joe Slater +Date: Fri, 19 May 2023 08:46:47 -0700 +Subject: [PATCH] ptest: modify delays in toggle test + +The test "gpioset: toggle (continuous)" uses fixed delays to test +toggling values. This is not reliable, so we switch to looking +for transitions from one value to another. + +Upstream-Status: pending + +Signed-off-by: Joe Slater +--- + tools/gpio-tools-test.bats | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +--- libgpiod-2.0.orig/tools/gpio-tools-test.bats libgpiod-2.0/tools/gpio-tools-test.bats +@@ -141,6 +141,20 @@ gpiosim_check_value() { + [ "$VAL" = "$EXPECTED" ] + } + ++gpiosim_wait_value() { ++ local OFFSET=$2 ++ local EXPECTED=$3 ++ local DEVNAME=${GPIOSIM_DEV_NAME[$1]} ++ local CHIPNAME=${GPIOSIM_CHIP_NAME[$1]} ++ ++ for i in {1..10} ; do ++ VAL=$(<$GPIOSIM_SYSFS/$DEVNAME/$CHIPNAME/sim_gpio$OFFSET/value) ++ [ "$VAL" = "$EXPECTED" ] && return ++ sleep 0.1 ++ done ++ return 1 ++} ++ + gpiosim_cleanup() { + for CHIP in ${!GPIOSIM_CHIP_NAME[@]} + do +@@ -1567,15 +1581,15 @@ request_release_line() { + gpiosim_check_value sim0 4 0 + gpiosim_check_value sim0 7 0 + +- sleep 1 +- +- gpiosim_check_value sim0 1 0 ++ # sleeping fixed amounts can be unreliable, so we ++ # sync to the toggles ++ # ++ gpiosim_wait_value sim0 1 0 + gpiosim_check_value sim0 4 1 + gpiosim_check_value sim0 7 1 + +- sleep 1 + +- gpiosim_check_value sim0 1 1 ++ gpiosim_wait_value sim0 1 1 + gpiosim_check_value sim0 4 0 + gpiosim_check_value sim0 7 0 + } diff --git a/meta-oe/recipes-support/libgpiod/libgpiod_2.0.1.bb b/meta-oe/recipes-support/libgpiod/libgpiod_2.0.1.bb index 337554cd89..91c4d27692 100644 --- a/meta-oe/recipes-support/libgpiod/libgpiod_2.0.1.bb +++ b/meta-oe/recipes-support/libgpiod/libgpiod_2.0.1.bb @@ -9,6 +9,8 @@ LIC_FILES_CHKSUM = " \ FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}-2.x:" +SRC_URI += "file://0001-ptest-modify-delays-in-toggle-tests.patch" + SRC_URI[sha256sum] = "b5367d28d045b36007a4ffd42cceda4c358737ef4f2ce22b0c1d05ec57a38392" # Enable all project features for ptest -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#102792): https://lists.openembedded.org/g/openembedded-devel/message/102792 Mute This Topic: https://lists.openembedded.org/mt/99114621/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [mickledore][meta-oe][PATCH 1/1] libgpiod: modify ptest value toggle test
From: Joe Slater The test "gpioset: toggle (continuous)" is modified to sync with toggles instead of assuming a delay. Signed-off-by: Joe Slater --- ...-ptest-modify-delays-in-toggle-tests.patch | 58 +++ .../recipes-support/libgpiod/libgpiod_2.0.bb | 2 + 2 files changed, 60 insertions(+) create mode 100644 meta-oe/recipes-support/libgpiod/libgpiod-2.0/0001-ptest-modify-delays-in-toggle-tests.patch diff --git a/meta-oe/recipes-support/libgpiod/libgpiod-2.0/0001-ptest-modify-delays-in-toggle-tests.patch b/meta-oe/recipes-support/libgpiod/libgpiod-2.0/0001-ptest-modify-delays-in-toggle-tests.patch new file mode 100644 index 00..359b4a2afa --- /dev/null +++ b/meta-oe/recipes-support/libgpiod/libgpiod-2.0/0001-ptest-modify-delays-in-toggle-tests.patch @@ -0,0 +1,58 @@ +From b73a79245ac0fa36b15bf3308e4ed008793ff15c Mon Sep 17 00:00:00 2001 +From: Joe Slater +Date: Fri, 19 May 2023 08:46:47 -0700 +Subject: [PATCH] ptest: modify delays in toggle tests + +Try to test toggling values at their midpoints. + +Upstream-Status: pending + +Signed-off-by: Joe Slater +--- + tools/gpio-tools-test.bats | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +--- libgpiod-2.0.orig/tools/gpio-tools-test.bats libgpiod-2.0/tools/gpio-tools-test.bats +@@ -141,6 +141,20 @@ gpiosim_check_value() { + [ "$VAL" = "$EXPECTED" ] + } + ++gpiosim_wait_value() { ++ local OFFSET=$2 ++ local EXPECTED=$3 ++ local DEVNAME=${GPIOSIM_DEV_NAME[$1]} ++ local CHIPNAME=${GPIOSIM_CHIP_NAME[$1]} ++ ++ for i in {1..10} ; do ++ VAL=$(<$GPIOSIM_SYSFS/$DEVNAME/$CHIPNAME/sim_gpio$OFFSET/value) ++ [ "$VAL" = "$EXPECTED" ] && return ++ sleep 0.1 ++ done ++ return 1 ++} ++ + gpiosim_cleanup() { + for CHIP in ${!GPIOSIM_CHIP_NAME[@]} + do +@@ -1567,15 +1581,15 @@ request_release_line() { + gpiosim_check_value sim0 4 0 + gpiosim_check_value sim0 7 0 + +- sleep 1 +- +- gpiosim_check_value sim0 1 0 ++ # sleeping fixed amounts can be unreliable, so we ++ # sync to the toggles ++ # ++ gpiosim_wait_value sim0 1 0 + gpiosim_check_value sim0 4 1 + gpiosim_check_value sim0 7 1 + +- sleep 1 + +- gpiosim_check_value sim0 1 1 ++ gpiosim_wait_value sim0 1 1 + gpiosim_check_value sim0 4 0 + gpiosim_check_value sim0 7 0 + } diff --git a/meta-oe/recipes-support/libgpiod/libgpiod_2.0.bb b/meta-oe/recipes-support/libgpiod/libgpiod_2.0.bb index 179fe170e2..25463e9a87 100644 --- a/meta-oe/recipes-support/libgpiod/libgpiod_2.0.bb +++ b/meta-oe/recipes-support/libgpiod/libgpiod_2.0.bb @@ -7,6 +7,8 @@ LIC_FILES_CHKSUM = " \ file://LICENSES/CC-BY-SA-4.0.txt;md5=fba3b94d88bfb9b81369b869a1e9a20f \ " +SRC_URI += "file://0001-ptest-modify-delays-in-toggle-tests.patch" + SRC_URI[sha256sum] = "f74cbf82038b3cb98ebeb25bce55ee2553be28194002d2a9889b9268cce2dd07" S = "${WORKDIR}/libgpiod-2.0" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#102742): https://lists.openembedded.org/g/openembedded-devel/message/102742 Mute This Topic: https://lists.openembedded.org/mt/99095364/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [mickledore][meta-oe][PATCH 1/1] bats: use baselib
From: Joe Slater Use sed to change scripts to reference ${baselib}. The former set of scripts modified was incomplete. Signed-off-by: Joe Slater Signed-off-by: Khem Raj (cherry picked from commit 1cc72c41af0c6a55a10be9158a2f856b02a56282) --- meta-oe/recipes-test/bats/bats_1.9.0.bb | 8 +--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/meta-oe/recipes-test/bats/bats_1.9.0.bb b/meta-oe/recipes-test/bats/bats_1.9.0.bb index a642d7cf5d..015bc42f82 100644 --- a/meta-oe/recipes-test/bats/bats_1.9.0.bb +++ b/meta-oe/recipes-test/bats/bats_1.9.0.bb @@ -15,10 +15,12 @@ SRCREV = "6636e2c2ef5ffe361535cb45fc61682c5ef46b71" S = "${WORKDIR}/git" +# Numerous scripts assume ${baselib} == lib, which is not true. +# do_configure:prepend() { - sed -i 's:\$BATS_ROOT/lib:\$BATS_ROOT/${baselib}:g' ${S}/libexec/bats-core/bats - sed -i 's:\$BATS_ROOT/lib:\$BATS_ROOT/${baselib}:g' ${S}/libexec/bats-core/bats-exec-file - sed -i 's:\$BATS_ROOT/lib:\$BATS_ROOT/${baselib}:g' ${S}/libexec/bats-core/bats-exec-test + for f in ${S}/libexec/bats-core/* ${S}/lib/bats-core/* ; do + sed -i 's:\$BATS_ROOT/lib/:\$BATS_ROOT/${baselib}/:g' $f + done } do_install() { -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#102710): https://lists.openembedded.org/g/openembedded-devel/message/102710 Mute This Topic: https://lists.openembedded.org/mt/99071585/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-oe][PATCH 1/1] bats: use baselib
From: Joe Slater Use sed to change scripts to reference ${baselib}. The former set of scripts modified was incomplete. Signed-off-by: Joe Slater --- meta-oe/recipes-test/bats/bats_1.9.0.bb | 8 +--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/meta-oe/recipes-test/bats/bats_1.9.0.bb b/meta-oe/recipes-test/bats/bats_1.9.0.bb index a642d7cf5d..015bc42f82 100644 --- a/meta-oe/recipes-test/bats/bats_1.9.0.bb +++ b/meta-oe/recipes-test/bats/bats_1.9.0.bb @@ -15,10 +15,12 @@ SRCREV = "6636e2c2ef5ffe361535cb45fc61682c5ef46b71" S = "${WORKDIR}/git" +# Numerous scripts assume ${baselib} == lib, which is not true. +# do_configure:prepend() { - sed -i 's:\$BATS_ROOT/lib:\$BATS_ROOT/${baselib}:g' ${S}/libexec/bats-core/bats - sed -i 's:\$BATS_ROOT/lib:\$BATS_ROOT/${baselib}:g' ${S}/libexec/bats-core/bats-exec-file - sed -i 's:\$BATS_ROOT/lib:\$BATS_ROOT/${baselib}:g' ${S}/libexec/bats-core/bats-exec-test + for f in ${S}/libexec/bats-core/* ${S}/lib/bats-core/* ; do + sed -i 's:\$BATS_ROOT/lib/:\$BATS_ROOT/${baselib}/:g' $f + done } do_install() { -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#102658): https://lists.openembedded.org/g/openembedded-devel/message/102658 Mute This Topic: https://lists.openembedded.org/mt/98992967/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-webserver][kirkstone][PATCH 1/1] phpmyadmin: fix CVE-2023-25727
From: Dragos-Marian Panait In phpMyAdmin before 4.9.11 and 5.x before 5.2.1, an authenticated user can trigger XSS by uploading a crafted .sql file through the drag-and-drop interface. Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-25727 Upstream patch: https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e Signed-off-by: Dragos-Marian Panait Signed-off-by: Joe Slater --- .../phpmyadmin/CVE-2023-25727.patch | 37 +++ .../phpmyadmin/phpmyadmin_5.1.3.bb| 1 + 2 files changed, 38 insertions(+) create mode 100644 meta-webserver/recipes-php/phpmyadmin/phpmyadmin/CVE-2023-25727.patch diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/CVE-2023-25727.patch b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/CVE-2023-25727.patch new file mode 100644 index 0..707334a51 --- /dev/null +++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/CVE-2023-25727.patch @@ -0,0 +1,37 @@ +From 0842f11158699a979437125756b26eeabedab9ab Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Maur=C3=ADcio=20Meneghini=20Fauth?= +Date: Fri, 5 Aug 2022 20:18:16 -0300 +Subject: [PATCH] Fix not escaped title when using drag and drop upload +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Maurício Meneghini Fauth + +Upstream-Status: Backport +CVE: CVE-2023-25727 + +Reference to upstream patch: +https://github.com/phpmyadmin/phpmyadmin/commit/efa2406695551667f726497750d3db91fb6f662e + +Signed-off-by: Dragos-Marian Panait +--- + js/src/drag_drop_import.js | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/js/src/drag_drop_import.js b/js/src/drag_drop_import.js +index 55250c2..9b8710e 100644 +--- a/js/src/drag_drop_import.js b/js/src/drag_drop_import.js +@@ -130,7 +130,7 @@ var DragDropImport = { + var filename = $this.parent('span').attr('data-filename'); + $('body').append('' + + Messages.dropImportImportResultHeader + ' - ' + +-filename + 'x' + value.message + ''); ++Functions.escapeHtml(filename) + 'x' + value.message + ''); + $('.pma_drop_result').draggable(); // to make this dialog draggable + } + }); +-- +2.39.1 + diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_5.1.3.bb b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_5.1.3.bb index 7ccc05ec3..3f1919439 100644 --- a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_5.1.3.bb +++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_5.1.3.bb @@ -9,6 +9,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ SRC_URI = "https://files.phpmyadmin.net/phpMyAdmin/${PV}/phpMyAdmin-${PV}-all-languages.tar.xz \ file://apache.conf \ + file://CVE-2023-25727.patch \ " SRC_URI[sha256sum] = "c562feddc0f8ff5e69629113f273a0d024a65fb928c48e89ce614744d478296f" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#101708): https://lists.openembedded.org/g/openembedded-devel/message/101708 Mute This Topic: https://lists.openembedded.org/mt/97824996/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [v2][meta-oe][PATCH 1/1] libreport: update to version 2.17.8
Update SRC_REV and change recipe name. Modify patches to apply and remove unrecognized configure option --without-python2. Retain --with-python3 even though it is the default. Signed-off-by: Joe Slater --- ...01-Makefile.am-remove-doc-and-apidoc.patch | 16 ++- ...move-prog-test-of-xmlto-and-asciidoc.patch | 16 ++- .../files/0003-without-build-plugins.patch| 14 ++ ...gure.ac-remove-prog-test-of-augparse.patch | 27 +++ ...ibreport_2.10.0.bb => libreport_2.17.8.bb} | 6 +++-- 5 files changed, 49 insertions(+), 30 deletions(-) rename meta-oe/recipes-extended/libreport/{libreport_2.10.0.bb => libreport_2.17.8.bb} (93%) diff --git a/meta-oe/recipes-extended/libreport/files/0001-Makefile.am-remove-doc-and-apidoc.patch b/meta-oe/recipes-extended/libreport/files/0001-Makefile.am-remove-doc-and-apidoc.patch index 1ee0dd2f5..934dd1778 100644 --- a/meta-oe/recipes-extended/libreport/files/0001-Makefile.am-remove-doc-and-apidoc.patch +++ b/meta-oe/recipes-extended/libreport/files/0001-Makefile.am-remove-doc-and-apidoc.patch @@ -1,28 +1,32 @@ -From 1f7d106c7d982fe055addc8d883b161202233175 Mon Sep 17 00:00:00 2001 +From 73dc0c2cd942e30f5f7cb40cb5828895b96f0fb1 Mon Sep 17 00:00:00 2001 From: Hongxu Jia Date: Wed, 26 Apr 2017 03:47:58 -0400 -Subject: [PATCH 1/4] Makefile.am: remove doc and apidoc +Subject: [PATCH] Makefile.am: remove doc and apidoc There was a failure at do_install time, so remove doc to workaround. Upstream-Status: Inappropriate [workaround] Signed-off-by: Hongxu Jia + +Context modified to apply to v2.17.8. + +Signed-off-by: Joe Slater --- Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile.am b/Makefile.am -index 9ad827c..34364a8 100644 +index 4ff2f5c5..d4e30bc2 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,5 +1,5 @@ ACLOCAL_AMFLAGS = -I m4 --SUBDIRS = po src tests doc apidoc -+SUBDIRS = po src tests +-SUBDIRS = data po src tests doc apidoc ++SUBDIRS = data po src tests EXTRA_DIST = \ libreport.pc.in \ -- -2.7.4 +2.25.1 diff --git a/meta-oe/recipes-extended/libreport/files/0002-configure.ac-remove-prog-test-of-xmlto-and-asciidoc.patch b/meta-oe/recipes-extended/libreport/files/0002-configure.ac-remove-prog-test-of-xmlto-and-asciidoc.patch index 2e691e95f..4fdf69c73 100644 --- a/meta-oe/recipes-extended/libreport/files/0002-configure.ac-remove-prog-test-of-xmlto-and-asciidoc.patch +++ b/meta-oe/recipes-extended/libreport/files/0002-configure.ac-remove-prog-test-of-xmlto-and-asciidoc.patch @@ -1,7 +1,7 @@ -From 9beadcdfca9198548f06bf18f3f26e1d11542e53 Mon Sep 17 00:00:00 2001 +From 276c45d0663124c9ccab0ddc8b97fb5cdc8b3867 Mon Sep 17 00:00:00 2001 From: Hongxu Jia Date: Tue, 31 Jul 2018 16:53:04 +0800 -Subject: [PATCH 2/4] configure.ac: remove prog test of xmlto and asciidoc +Subject: [PATCH] configure.ac: remove prog test of xmlto and asciidoc The prog of xmlto and asciidoc were used to generate documents, and since the doc module has already been disabled, so we should @@ -10,15 +10,19 @@ remove the prog test. Upstream-Status: Inappropriate [workaround] Signed-off-by: Hongxu Jia + +Modify to apply to v 2.17.8. + +Signed-off-by: Joe Slater --- configure.ac | 18 -- 1 file changed, 18 deletions(-) diff --git a/configure.ac b/configure.ac -index feafc28..aceccf4 100644 +index da8cf898..17ece200 100644 --- a/configure.ac +++ b/configure.ac -@@ -56,24 +56,6 @@ IT_PROG_INTLTOOL([0.35.0]) +@@ -57,24 +57,6 @@ IT_PROG_INTLTOOL([0.35.0]) dnl ** END @@ -42,7 +46,7 @@ index feafc28..aceccf4 100644 - AC_ARG_WITH(bugzilla, AS_HELP_STRING([--with-bugzilla],[use Bugzilla plugin (default is YES)]), - LIBREPORT_PARSE_WITH([bugzilla])) + LIBREPORT_PARSE_WITH([bugzilla]), -- -2.7.4 +2.25.1 diff --git a/meta-oe/recipes-extended/libreport/files/0003-without-build-plugins.patch b/meta-oe/recipes-extended/libreport/files/0003-without-build-plugins.patch index c331677d8..f6ff86040 100644 --- a/meta-oe/recipes-extended/libreport/files/0003-without-build-plugins.patch +++ b/meta-oe/recipes-extended/libreport/files/0003-without-build-plugins.patch @@ -1,26 +1,30 @@ -From 41bce1de2fd2a0f79c266f245ae3e3720ccaf46a Mon Sep 17 00:00:00 2001 +From f46610901dbac56d9631df012374c600db08453e Mon Sep 17 00:00:00 2001 From: Hongxu Jia Date: Wed, 26 Apr 2017 03:51:03 -0400 -Subject: [PATCH 3/4] without build plugins +Subject: [PATCH] without build plugins Upstream-Status: Inappropriate [workaround] Rebase to 2.9.1 Signed-off-by: Hongxu Jia + +Modify to apply to v2.17.8. + +Signed-off-by: Joe Slater --- src/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Makefile.am b/src/Makefile.am -index c15928c..bac02b1 100644 +index 410bfcb0..bac02b16 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -8,4 +8,4 @@ if BUILD_NEWT sub_dirs += repor
Re: [oe] [meta-oe][PATCH 1/1] libreport: update to version 2.17.8
This patch is incomplete. Ignore it. Joe > -Original Message- > From: openembedded-devel@lists.openembedded.org de...@lists.openembedded.org> On Behalf Of Joe Slater via > lists.openembedded.org > Sent: Tuesday, March 14, 2023 9:15 AM > To: openembedded-devel@lists.openembedded.org > Cc: Slater, Joseph ; MacLeod, Randy > > Subject: [oe] [meta-oe][PATCH 1/1] libreport: update to version 2.17.8 > > Modify patches to apply and remove unrecognized configure option --without- > python2. Retain --with-python3 even though it is the default. > > Signed-off-by: Joe Slater > --- > ...01-Makefile.am-remove-doc-and-apidoc.patch | 16 ++- ...move- > prog-test-of-xmlto-and-asciidoc.patch | 16 ++- > .../files/0003-without-build-plugins.patch| 14 ++ > ...gure.ac-remove-prog-test-of-augparse.patch | 27 +++ > .../libreport/libreport_2.17.8.bb | 2 +- > 5 files changed, 46 insertions(+), 29 deletions(-) > > diff --git a/meta-oe/recipes-extended/libreport/files/0001-Makefile.am- > remove-doc-and-apidoc.patch b/meta-oe/recipes- > extended/libreport/files/0001-Makefile.am-remove-doc-and-apidoc.patch > index 1ee0dd2f5..934dd1778 100644 > --- a/meta-oe/recipes-extended/libreport/files/0001-Makefile.am-remove-doc- > and-apidoc.patch > +++ b/meta-oe/recipes-extended/libreport/files/0001-Makefile.am-remove-d > +++ oc-and-apidoc.patch > @@ -1,28 +1,32 @@ > -From 1f7d106c7d982fe055addc8d883b161202233175 Mon Sep 17 00:00:00 > 2001 > +From 73dc0c2cd942e30f5f7cb40cb5828895b96f0fb1 Mon Sep 17 00:00:00 > 2001 > From: Hongxu Jia > Date: Wed, 26 Apr 2017 03:47:58 -0400 > -Subject: [PATCH 1/4] Makefile.am: remove doc and apidoc > +Subject: [PATCH] Makefile.am: remove doc and apidoc > > There was a failure at do_install time, so remove doc to workaround. > > Upstream-Status: Inappropriate [workaround] > > Signed-off-by: Hongxu Jia > + > +Context modified to apply to v2.17.8. > + > +Signed-off-by: Joe Slater > --- > Makefile.am | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/Makefile.am b/Makefile.am > -index 9ad827c..34364a8 100644 > +index 4ff2f5c5..d4e30bc2 100644 > --- a/Makefile.am > +++ b/Makefile.am > @@ -1,5 +1,5 @@ > ACLOCAL_AMFLAGS = -I m4 > --SUBDIRS = po src tests doc apidoc > -+SUBDIRS = po src tests > +-SUBDIRS = data po src tests doc apidoc > ++SUBDIRS = data po src tests > > EXTRA_DIST = \ > libreport.pc.in \ > -- > -2.7.4 > +2.25.1 > > diff --git a/meta-oe/recipes-extended/libreport/files/0002-configure.ac- > remove-prog-test-of-xmlto-and-asciidoc.patch b/meta-oe/recipes- > extended/libreport/files/0002-configure.ac-remove-prog-test-of-xmlto-and- > asciidoc.patch > index 2e691e95f..4fdf69c73 100644 > --- a/meta-oe/recipes-extended/libreport/files/0002-configure.ac-remove- > prog-test-of-xmlto-and-asciidoc.patch > +++ b/meta-oe/recipes-extended/libreport/files/0002-configure.ac-remove- > +++ prog-test-of-xmlto-and-asciidoc.patch > @@ -1,7 +1,7 @@ > -From 9beadcdfca9198548f06bf18f3f26e1d11542e53 Mon Sep 17 00:00:00 > 2001 > +From 276c45d0663124c9ccab0ddc8b97fb5cdc8b3867 Mon Sep 17 00:00:00 > 2001 > From: Hongxu Jia > Date: Tue, 31 Jul 2018 16:53:04 +0800 > -Subject: [PATCH 2/4] configure.ac: remove prog test of xmlto and asciidoc > +Subject: [PATCH] configure.ac: remove prog test of xmlto and asciidoc > > The prog of xmlto and asciidoc were used to generate documents, and since > the doc module has already been disabled, so we should @@ -10,15 +10,19 @@ > remove the prog test. > Upstream-Status: Inappropriate [workaround] > > Signed-off-by: Hongxu Jia > + > +Modify to apply to v 2.17.8. > + > +Signed-off-by: Joe Slater > --- > configure.ac | 18 -- > 1 file changed, 18 deletions(-) > > diff --git a/configure.ac b/configure.ac -index feafc28..aceccf4 100644 > +index da8cf898..17ece200 100644 > --- a/configure.ac > +++ b/configure.ac > -@@ -56,24 +56,6 @@ IT_PROG_INTLTOOL([0.35.0]) > +@@ -57,24 +57,6 @@ IT_PROG_INTLTOOL([0.35.0]) > > dnl ** END > > @@ -42,7 +46,7 @@ index feafc28..aceccf4 100644 > - > AC_ARG_WITH(bugzilla, > AS_HELP_STRING([--with-bugzilla],[use Bugzilla plugin (default is YES)]), > - LIBREPORT_PARSE_WITH([bugzilla])) > + LIBREPORT_PARSE_WITH([bugzilla]), > -- > -2.7.4 > +2.25.1 > > diff --git a/meta-oe/recipes-extended/libreport/files/0003-without-build- > plugins.patch b/meta-oe/recipes-extended/libreport/files/0003-without-build- > plugins.patch > index c331677d8..f6ff86040 100644 > --- a/meta-oe/recipes
[oe] [meta-oe][PATCH 1/1] libreport: update to version 2.17.8
Modify patches to apply and remove unrecognized configure option --without-python2. Retain --with-python3 even though it is the default. Signed-off-by: Joe Slater --- ...01-Makefile.am-remove-doc-and-apidoc.patch | 16 ++- ...move-prog-test-of-xmlto-and-asciidoc.patch | 16 ++- .../files/0003-without-build-plugins.patch| 14 ++ ...gure.ac-remove-prog-test-of-augparse.patch | 27 +++ .../libreport/libreport_2.17.8.bb | 2 +- 5 files changed, 46 insertions(+), 29 deletions(-) diff --git a/meta-oe/recipes-extended/libreport/files/0001-Makefile.am-remove-doc-and-apidoc.patch b/meta-oe/recipes-extended/libreport/files/0001-Makefile.am-remove-doc-and-apidoc.patch index 1ee0dd2f5..934dd1778 100644 --- a/meta-oe/recipes-extended/libreport/files/0001-Makefile.am-remove-doc-and-apidoc.patch +++ b/meta-oe/recipes-extended/libreport/files/0001-Makefile.am-remove-doc-and-apidoc.patch @@ -1,28 +1,32 @@ -From 1f7d106c7d982fe055addc8d883b161202233175 Mon Sep 17 00:00:00 2001 +From 73dc0c2cd942e30f5f7cb40cb5828895b96f0fb1 Mon Sep 17 00:00:00 2001 From: Hongxu Jia Date: Wed, 26 Apr 2017 03:47:58 -0400 -Subject: [PATCH 1/4] Makefile.am: remove doc and apidoc +Subject: [PATCH] Makefile.am: remove doc and apidoc There was a failure at do_install time, so remove doc to workaround. Upstream-Status: Inappropriate [workaround] Signed-off-by: Hongxu Jia + +Context modified to apply to v2.17.8. + +Signed-off-by: Joe Slater --- Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile.am b/Makefile.am -index 9ad827c..34364a8 100644 +index 4ff2f5c5..d4e30bc2 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,5 +1,5 @@ ACLOCAL_AMFLAGS = -I m4 --SUBDIRS = po src tests doc apidoc -+SUBDIRS = po src tests +-SUBDIRS = data po src tests doc apidoc ++SUBDIRS = data po src tests EXTRA_DIST = \ libreport.pc.in \ -- -2.7.4 +2.25.1 diff --git a/meta-oe/recipes-extended/libreport/files/0002-configure.ac-remove-prog-test-of-xmlto-and-asciidoc.patch b/meta-oe/recipes-extended/libreport/files/0002-configure.ac-remove-prog-test-of-xmlto-and-asciidoc.patch index 2e691e95f..4fdf69c73 100644 --- a/meta-oe/recipes-extended/libreport/files/0002-configure.ac-remove-prog-test-of-xmlto-and-asciidoc.patch +++ b/meta-oe/recipes-extended/libreport/files/0002-configure.ac-remove-prog-test-of-xmlto-and-asciidoc.patch @@ -1,7 +1,7 @@ -From 9beadcdfca9198548f06bf18f3f26e1d11542e53 Mon Sep 17 00:00:00 2001 +From 276c45d0663124c9ccab0ddc8b97fb5cdc8b3867 Mon Sep 17 00:00:00 2001 From: Hongxu Jia Date: Tue, 31 Jul 2018 16:53:04 +0800 -Subject: [PATCH 2/4] configure.ac: remove prog test of xmlto and asciidoc +Subject: [PATCH] configure.ac: remove prog test of xmlto and asciidoc The prog of xmlto and asciidoc were used to generate documents, and since the doc module has already been disabled, so we should @@ -10,15 +10,19 @@ remove the prog test. Upstream-Status: Inappropriate [workaround] Signed-off-by: Hongxu Jia + +Modify to apply to v 2.17.8. + +Signed-off-by: Joe Slater --- configure.ac | 18 -- 1 file changed, 18 deletions(-) diff --git a/configure.ac b/configure.ac -index feafc28..aceccf4 100644 +index da8cf898..17ece200 100644 --- a/configure.ac +++ b/configure.ac -@@ -56,24 +56,6 @@ IT_PROG_INTLTOOL([0.35.0]) +@@ -57,24 +57,6 @@ IT_PROG_INTLTOOL([0.35.0]) dnl ** END @@ -42,7 +46,7 @@ index feafc28..aceccf4 100644 - AC_ARG_WITH(bugzilla, AS_HELP_STRING([--with-bugzilla],[use Bugzilla plugin (default is YES)]), - LIBREPORT_PARSE_WITH([bugzilla])) + LIBREPORT_PARSE_WITH([bugzilla]), -- -2.7.4 +2.25.1 diff --git a/meta-oe/recipes-extended/libreport/files/0003-without-build-plugins.patch b/meta-oe/recipes-extended/libreport/files/0003-without-build-plugins.patch index c331677d8..f6ff86040 100644 --- a/meta-oe/recipes-extended/libreport/files/0003-without-build-plugins.patch +++ b/meta-oe/recipes-extended/libreport/files/0003-without-build-plugins.patch @@ -1,26 +1,30 @@ -From 41bce1de2fd2a0f79c266f245ae3e3720ccaf46a Mon Sep 17 00:00:00 2001 +From f46610901dbac56d9631df012374c600db08453e Mon Sep 17 00:00:00 2001 From: Hongxu Jia Date: Wed, 26 Apr 2017 03:51:03 -0400 -Subject: [PATCH 3/4] without build plugins +Subject: [PATCH] without build plugins Upstream-Status: Inappropriate [workaround] Rebase to 2.9.1 Signed-off-by: Hongxu Jia + +Modify to apply to v2.17.8. + +Signed-off-by: Joe Slater --- src/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Makefile.am b/src/Makefile.am -index c15928c..bac02b1 100644 +index 410bfcb0..bac02b16 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -8,4 +8,4 @@ if BUILD_NEWT sub_dirs += report-newt endif --SUBDIRS = include lib plugins report-python cli client-python workflows $(sub_dirs) +-SUBDIRS = include lib report-python
[oe] [meta-oe][PATCH 1/1] re2: move to version 2023-03-01
/usr/lib64/libre2.so is now a symlink instead of being the library itself. We choose to ignore it for QA. Signed-off-by: Joe Slater --- .../re2/{re2_2020.11.01.bb => re2_2023.03.01.bb} | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) rename meta-oe/recipes-support/re2/{re2_2020.11.01.bb => re2_2023.03.01.bb} (80%) diff --git a/meta-oe/recipes-support/re2/re2_2020.11.01.bb b/meta-oe/recipes-support/re2/re2_2023.03.01.bb similarity index 80% rename from meta-oe/recipes-support/re2/re2_2020.11.01.bb rename to meta-oe/recipes-support/re2/re2_2023.03.01.bb index 5ec1c6b5a..78bf695a4 100644 --- a/meta-oe/recipes-support/re2/re2_2020.11.01.bb +++ b/meta-oe/recipes-support/re2/re2_2023.03.01.bb @@ -3,7 +3,8 @@ HOMEPAGE = "https://github.com/google/re2/"; LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=3b5c31eb512bdf3cb11ffd5713963760" -SRCREV = "166dbbeb3b0ab7e733b278e8f42a84f6882b8a25" +# tag 2023-03-01 +SRCREV = "241e2e430836e80f93d704d1f06cd3e7fe3100f5" SRC_URI = "git://github.com/google/re2.git;branch=main;protocol=https" @@ -16,8 +17,11 @@ EXTRA_OECMAKE += " \ -DRE2_BUILD_TESTING=OFF \ " -# Don't include so files in dev package +# ignore .so in /usr/lib64 FILES:${PN} = "${libdir}" +INSANE_SKIP:${PN} += "dev-so" + +# Don't include so files in dev package FILES:${PN}-dev = "${includedir} ${libdir}/cmake" BBCLASSEXTEND = "native nativesdk" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#101502): https://lists.openembedded.org/g/openembedded-devel/message/101502 Mute This Topic: https://lists.openembedded.org/mt/97532101/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-oe][PATCH 1/1] libidn: update to 1.41
Adjust dont-depend-on-help2man patch to apply. Remove unneeded format warnings patch. Cosmetic changes to license files require new checksums. Signed-off-by: Joe Slater --- .../0001-idn-format-security-warnings.patch | 180 -- .../libidn/dont-depend-on-help2man.patch | 24 +-- .../libidn/{libidn_1.36.bb => libidn_1.41.bb} | 16 +- 3 files changed, 21 insertions(+), 199 deletions(-) delete mode 100644 meta-oe/recipes-extended/libidn/libidn/0001-idn-format-security-warnings.patch rename meta-oe/recipes-extended/libidn/{libidn_1.36.bb => libidn_1.41.bb} (66%) diff --git a/meta-oe/recipes-extended/libidn/libidn/0001-idn-format-security-warnings.patch b/meta-oe/recipes-extended/libidn/libidn/0001-idn-format-security-warnings.patch deleted file mode 100644 index d5fb8e7c8..0 --- a/meta-oe/recipes-extended/libidn/libidn/0001-idn-format-security-warnings.patch +++ /dev/null @@ -1,180 +0,0 @@ -Subject: [PATCH] idn: fix printf() format security warnings -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -| ../../libidn-1.32/src/idn.c: In function 'main': -| ../../libidn-1.32/src/idn.c:172:7: error: format not a string literal and no format arguments [-Werror=format-security] -|error (0, 0, _("only one of -s, -e, -d, -a, -u or -n can be specified")); -|^ -| ../../libidn-1.32/src/idn.c:187:5: error: format not a string literal and no format arguments [-Werror=format-security] -| fprintf (stderr, _("Type each input string on a line by itself, " -| ^~~ -| ../../libidn-1.32/src/idn.c:202:4: error: format not a string literal and no format arguments [-Werror=format-security] -| error (EXIT_FAILURE, errno, _("input error")); -| ^ -| ../../libidn-1.32/src/idn.c:220:8: error: format not a string literal and no format arguments [-Werror=format-security] -| _("could not convert from UTF-8 to UCS-4")); -| ^ -| ../../libidn-1.32/src/idn.c:245:8: error: format not a string literal and no format arguments [-Werror=format-security] -| _("could not convert from UTF-8 to UCS-4")); -| ^ -| ../../libidn-1.32/src/idn.c:281:6: error: format not a string literal and no format arguments [-Werror=format-security] -| _("could not convert from UTF-8 to UCS-4")); -| ^ -| ../../libidn-1.32/src/idn.c:340:6: error: format not a string literal and no format arguments [-Werror=format-security] -| _("could not convert from UCS-4 to UTF-8")); -| ^ -| ../../libidn-1.32/src/idn.c:364:6: error: format not a string literal and no format arguments [-Werror=format-security] -| _("could not convert from UCS-4 to UTF-8")); -| ^ -| ../../libidn-1.32/src/idn.c:442:8: error: format not a string literal and no format arguments [-Werror=format-security] -| _("could not convert from UCS-4 to UTF-8")); -| ^ -| ../../libidn-1.32/src/idn.c:498:6: error: format not a string literal and no format arguments [-Werror=format-security] -| _("could not convert from UTF-8 to UCS-4")); -| ^ -| ../../libidn-1.32/src/idn.c:527:5: error: format not a string literal and no format arguments [-Werror=format-security] -| _("could not convert from UTF-8 to UCS-4")); -| ^ -| ../../libidn-1.32/src/idn.c:540:6: error: format not a string literal and no format arguments [-Werror=format-security] -| error (EXIT_FAILURE, 0, _("could not do NFKC normalization")); -| ^ -| ../../libidn-1.32/src/idn.c:551:5: error: format not a string literal and no format arguments [-Werror=format-security] -| _("could not convert from UTF-8 to UCS-4")); -| ^ - -Signed-off-by: André Draszik -Signed-off-by: Zang Ruochen - -Upstream-Status: Pending - - src/idn.c | 27 ++- - 1 file changed, 14 insertions(+), 13 deletions(-) - -diff --git a/src/idn.c b/src/idn.c -index f2fee11..c6e5caa 100644 a/src/idn.c -+++ b/src/idn.c -@@ -169,7 +169,7 @@ main (int argc, char *argv[]) - (args_info.idna_to_unicode_given ? 1 : 0) + - (args_info.nfkc_given ? 1 : 0) != 1) - { -- error (0, 0, -+ error (0, 0, "%s", -_("only one of -s, -e, -d, -a, -u or -n can be specified")); - usage (EXIT_FAILURE); - } -@@ -183,7 +183,7 @@ main (int argc, char *argv[]) - - if (!args_info.quiet_given - && args_info.inputs_num == 0 && isatty (fileno (stdin))) --fprintf (stderr, _("Type each input string on a line by itself, " -+fprintf (stderr, "%s", _("Type each input string on a line by itself, " - "terminated by a newline character.\n")); - - do -@@ -195,7 +195,7 @@ main (int argc, char *argv[]) - if (feof (stdin)) -
Re: [oe] [oe-core][PATCH 1/2] Revert "tar: Fix CVE-2022-48303"
To be able to cherry-pick the final patch. Comparing the patches won’t tell you much – they are totally different. Joe From: Martin Jansa Sent: Friday, February 17, 2023 2:37 PM To: Slater, Joseph Cc: openembedded-devel@lists.openembedded.org; MacLeod, Randy ; Quesada, Rodolfo Subject: Re: [oe] [oe-core][PATCH 1/2] Revert "tar: Fix CVE-2022-48303" Why did you send it as revert and re-apply instead of just updating the .patch file? It would be much easier to review and to see what really changed. On Fri, Feb 17, 2023 at 11:31 PM Joe Slater mailto:joe.sla...@windriver.com>> wrote: This reverts commit 4573a584397f197fbc9170abec3c590ea36667f7. A fix is available from gnu. Signed-off-by: Joe Slater mailto:joe.sla...@windriver.com>> --- .../tar/files/CVE-2022-48303.patch| 36 --- meta/recipes-extended/tar/tar_1.34.bb<https://urldefense.com/v3/__http:/tar_1.34.bb__;!!AjveYdw8EvQ!a8aDKkQZ4LVrbnnja8bpsEmZW0p9s3rW1nSk9nmq6eWOez1RpWHjaPDgo8d1ebDoOE4wOwJVUaZV0p-PgMPTpBG3$> | 4 +-- 2 files changed, 1 insertion(+), 39 deletions(-) delete mode 100644 meta/recipes-extended/tar/files/CVE-2022-48303.patch diff --git a/meta/recipes-extended/tar/files/CVE-2022-48303.patch b/meta/recipes-extended/tar/files/CVE-2022-48303.patch deleted file mode 100644 index a8e9f4ac7d..00 --- a/meta/recipes-extended/tar/files/CVE-2022-48303.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 1d530107a24d71e798727d7f0afa0833473d1074 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Matej=20Mu=C5=BEila?= mailto:mmuz...@gmail.com>> -Date: Wed, 11 Jan 2023 08:55:58 +0100 -Subject: [PATCH] Fix savannah bug #62387 - -* src/list.c (from_header): Check for the end of field after leading byte - (0x80 or 0xff) of base-256 encoded header value - -Upstream-Status: Backport -[https://savannah.gnu.org/patch/download.php?file_id=54212<https://urldefense.com/v3/__https:/savannah.gnu.org/patch/download.php?file_id=54212__;!!AjveYdw8EvQ!a8aDKkQZ4LVrbnnja8bpsEmZW0p9s3rW1nSk9nmq6eWOez1RpWHjaPDgo8d1ebDoOE4wOwJVUaZV0p-PgB0ezNK4$>] -CVE: CVE-2022-48303 -Signed-off-by: Chee Yang Lee mailto:chee.yang@intel.com>> - src/list.c | 6 ++ - 1 file changed, 6 insertions(+) - -diff --git a/src/list.c b/src/list.c -index 9fafc425..bf41b581 100644 a/src/list.c -+++ b/src/list.c -@@ -895,6 +895,12 @@ from_header (char const *where0, size_t digs, char const *type, - << (CHAR_BIT * sizeof (uintmax_t) - - LG_256 - (LG_256 - 2))); - value = (*where++ & ((1 << (LG_256 - 2)) - 1)) - signbit; -+ if (where == lim) -+{ -+ if (type && !silent) -+ERROR ((0, 0, _("Archive base-256 value is invalid"))); -+ return -1; -+} - for (;;) - { - value = (value << LG_256) + (unsigned char) *where++; --- -2.38.1 - diff --git a/meta/recipes-extended/tar/tar_1.34.bb<https://urldefense.com/v3/__http:/tar_1.34.bb__;!!AjveYdw8EvQ!a8aDKkQZ4LVrbnnja8bpsEmZW0p9s3rW1nSk9nmq6eWOez1RpWHjaPDgo8d1ebDoOE4wOwJVUaZV0p-PgMPTpBG3$> b/meta/recipes-extended/tar/tar_1.34.bb<https://urldefense.com/v3/__http:/tar_1.34.bb__;!!AjveYdw8EvQ!a8aDKkQZ4LVrbnnja8bpsEmZW0p9s3rW1nSk9nmq6eWOez1RpWHjaPDgo8d1ebDoOE4wOwJVUaZV0p-PgMPTpBG3$> index 22c04ba70a..7307cd57a2 100644 --- a/meta/recipes-extended/tar/tar_1.34.bb<https://urldefense.com/v3/__http:/tar_1.34.bb__;!!AjveYdw8EvQ!a8aDKkQZ4LVrbnnja8bpsEmZW0p9s3rW1nSk9nmq6eWOez1RpWHjaPDgo8d1ebDoOE4wOwJVUaZV0p-PgMPTpBG3$> +++ b/meta/recipes-extended/tar/tar_1.34.bb<https://urldefense.com/v3/__http:/tar_1.34.bb__;!!AjveYdw8EvQ!a8aDKkQZ4LVrbnnja8bpsEmZW0p9s3rW1nSk9nmq6eWOez1RpWHjaPDgo8d1ebDoOE4wOwJVUaZV0p-PgMPTpBG3$> @@ -6,9 +6,7 @@ SECTION = "base" LICENSE = "GPL-3.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" -SRC_URI = "${GNU_MIRROR}/tar/tar-${PV}.tar.bz2 \ - file://CVE-2022-48303.patch \ - " +SRC_URI = "${GNU_MIRROR}/tar/tar-${PV}.tar.bz2" SRC_URI[sha256sum] = "b44cc67f8a1f6b0250b7c860e952b37e8ed932a90bd9b1862a511079255646ff" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#101128): https://lists.openembedded.org/g/openembedded-devel/message/101128 Mute This Topic: https://lists.openembedded.org/mt/97039915/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [oe-core][PATCH 2/2] tar: CVE-2022-48303
From: Rodolfo Quesada Zumbado Fixes CVE-2022-48303 by checking Base-256 encoding is at least 2 bytes long. GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters. Reference: https://nvd.nist.gov/vuln/detail/CVE-2022-48303 Upstream patch: https://savannah.gnu.org/bugs/?62387 https://git.savannah.gnu.org/cgit/tar.git/patch/src/list.c?id=3da78400eafcccb97e2f2fd4b227ea40d794ede8 Signed-off-by: Rodolfo Quesada Zumbado Signed-off-by: Joe Slater --- .../tar/tar/CVE-2022-48303.patch | 43 +++ meta/recipes-extended/tar/tar_1.34.bb | 4 +- 2 files changed, 46 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-extended/tar/tar/CVE-2022-48303.patch diff --git a/meta/recipes-extended/tar/tar/CVE-2022-48303.patch b/meta/recipes-extended/tar/tar/CVE-2022-48303.patch new file mode 100644 index 00..b2f40f3e64 --- /dev/null +++ b/meta/recipes-extended/tar/tar/CVE-2022-48303.patch @@ -0,0 +1,43 @@ +From 3da78400eafcccb97e2f2fd4b227ea40d794ede8 Mon Sep 17 00:00:00 2001 +From: Sergey Poznyakoff +Date: Sat, 11 Feb 2023 11:57:39 +0200 +Subject: Fix boundary checking in base-256 decoder + +* src/list.c (from_header): Base-256 encoding is at least 2 bytes +long. + +Upstream-Status: Backport [see reference below] +CVE: CVE-2022-48303 + +Reference to upstream patch: +https://savannah.gnu.org/bugs/?62387 +https://git.savannah.gnu.org/cgit/tar.git/patch/src/list.c?id=3da78400eafcccb97e2f2fd4b227ea40d794ede8 + +Signed-off-by: Rodolfo Quesada Zumbado +Signed-off-by: Joe Slater +--- + src/list.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-)Signed-off-by: Rodolfo Quesada Zumbado + + +(limited to 'src/list.c') + +diff --git a/src/list.c b/src/list.c +index 9fafc42..86bcfdd 100644 +--- a/src/list.c b/src/list.c +@@ -881,8 +881,9 @@ from_header (char const *where0, size_t digs, char const *type, + where++; + } + } +- else if (*where == '\200' /* positive base-256 */ +- || *where == '\377' /* negative base-256 */) ++ else if (where <= lim - 2 ++ && (*where == '\200' /* positive base-256 */ ++ || *where == '\377' /* negative base-256 */)) + { + /* Parse base-256 output. A nonnegative number N is +represented as (256**DIGS)/2 + N; a negative number -N is +-- +cgit v1.1 + diff --git a/meta/recipes-extended/tar/tar_1.34.bb b/meta/recipes-extended/tar/tar_1.34.bb index 7307cd57a2..1ef5fe221e 100644 --- a/meta/recipes-extended/tar/tar_1.34.bb +++ b/meta/recipes-extended/tar/tar_1.34.bb @@ -6,7 +6,9 @@ SECTION = "base" LICENSE = "GPL-3.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" -SRC_URI = "${GNU_MIRROR}/tar/tar-${PV}.tar.bz2" +SRC_URI = "${GNU_MIRROR}/tar/tar-${PV}.tar.bz2 \ + file://CVE-2022-48303.patch \ +" SRC_URI[sha256sum] = "b44cc67f8a1f6b0250b7c860e952b37e8ed932a90bd9b1862a511079255646ff" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#101125): https://lists.openembedded.org/g/openembedded-devel/message/101125 Mute This Topic: https://lists.openembedded.org/mt/97039916/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [oe-core][PATCH 1/2] Revert "tar: Fix CVE-2022-48303"
This reverts commit 4573a584397f197fbc9170abec3c590ea36667f7. A fix is available from gnu. Signed-off-by: Joe Slater --- .../tar/files/CVE-2022-48303.patch| 36 --- meta/recipes-extended/tar/tar_1.34.bb | 4 +-- 2 files changed, 1 insertion(+), 39 deletions(-) delete mode 100644 meta/recipes-extended/tar/files/CVE-2022-48303.patch diff --git a/meta/recipes-extended/tar/files/CVE-2022-48303.patch b/meta/recipes-extended/tar/files/CVE-2022-48303.patch deleted file mode 100644 index a8e9f4ac7d..00 --- a/meta/recipes-extended/tar/files/CVE-2022-48303.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 1d530107a24d71e798727d7f0afa0833473d1074 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Matej=20Mu=C5=BEila?= -Date: Wed, 11 Jan 2023 08:55:58 +0100 -Subject: [PATCH] Fix savannah bug #62387 - -* src/list.c (from_header): Check for the end of field after leading byte - (0x80 or 0xff) of base-256 encoded header value - -Upstream-Status: Backport -[https://savannah.gnu.org/patch/download.php?file_id=54212] -CVE: CVE-2022-48303 -Signed-off-by: Chee Yang Lee - src/list.c | 6 ++ - 1 file changed, 6 insertions(+) - -diff --git a/src/list.c b/src/list.c -index 9fafc425..bf41b581 100644 a/src/list.c -+++ b/src/list.c -@@ -895,6 +895,12 @@ from_header (char const *where0, size_t digs, char const *type, - << (CHAR_BIT * sizeof (uintmax_t) - - LG_256 - (LG_256 - 2))); - value = (*where++ & ((1 << (LG_256 - 2)) - 1)) - signbit; -+ if (where == lim) -+{ -+ if (type && !silent) -+ERROR ((0, 0, _("Archive base-256 value is invalid"))); -+ return -1; -+} - for (;;) - { - value = (value << LG_256) + (unsigned char) *where++; --- -2.38.1 - diff --git a/meta/recipes-extended/tar/tar_1.34.bb b/meta/recipes-extended/tar/tar_1.34.bb index 22c04ba70a..7307cd57a2 100644 --- a/meta/recipes-extended/tar/tar_1.34.bb +++ b/meta/recipes-extended/tar/tar_1.34.bb @@ -6,9 +6,7 @@ SECTION = "base" LICENSE = "GPL-3.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" -SRC_URI = "${GNU_MIRROR}/tar/tar-${PV}.tar.bz2 \ - file://CVE-2022-48303.patch \ - " +SRC_URI = "${GNU_MIRROR}/tar/tar-${PV}.tar.bz2" SRC_URI[sha256sum] = "b44cc67f8a1f6b0250b7c860e952b37e8ed932a90bd9b1862a511079255646ff" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#101124): https://lists.openembedded.org/g/openembedded-devel/message/101124 Mute This Topic: https://lists.openembedded.org/mt/97039915/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [kirkstone][meta-oe][PATCH 1/1] phoronix-test-suite: Fix CVE-2022-40704
Add fix created after latest release (10.8.4). Signed-off-by: Joe Slater --- .../files/CVE-2022-40704.patch| 46 +++ .../phoronix-test-suite_10.8.2.bb | 6 ++- 2 files changed, 51 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-benchmark/phoronix-test-suite/files/CVE-2022-40704.patch diff --git a/meta-oe/recipes-benchmark/phoronix-test-suite/files/CVE-2022-40704.patch b/meta-oe/recipes-benchmark/phoronix-test-suite/files/CVE-2022-40704.patch new file mode 100644 index 0..8b6405b4a --- /dev/null +++ b/meta-oe/recipes-benchmark/phoronix-test-suite/files/CVE-2022-40704.patch @@ -0,0 +1,46 @@ +From d3880d9d3ba795138444da83f1153c3c3ac27640 Mon Sep 17 00:00:00 2001 +From: Michael Larabel +Date: Sat, 23 Jul 2022 07:32:43 -0500 +Subject: [PATCH] phoromatic: Explicitly check both $_GET abd $_POST in + phoromatic_quit_if_invalid_input_found() + +Fixes: https://github.com/phoronix-test-suite/phoronix-test-suite/issues/650#issuecomment-1193116678 + +Upstream-Status: Backport +CVE: CVE-2022-40704 + +Reference to upstream patch: +https://github.com/phoronix-test-suite/phoronix-test-suite/commit/d3880d9d3ba795138444da83f1153c3c3ac27640 + +Signed-off-by: Li Wang +--- + pts-core/phoromatic/phoromatic_functions.php | 15 +-- + 1 file changed, 13 insertions(+), 2 deletions(-) + +diff --git a/pts-core/phoromatic/phoromatic_functions.php b/pts-core/phoromatic/phoromatic_functions.php +index 74ccc5444c..c2313dcdea 100644 +--- a/pts-core/phoromatic/phoromatic_functions.php b/pts-core/phoromatic/phoromatic_functions.php +@@ -37,9 +37,20 @@ function phoromatic_quit_if_invalid_input_found($input_keys = null) + { + foreach($input_keys as $key) + { +- if(isset($_REQUEST[$key]) && !empty($_REQUEST[$key])) ++ if(isset($_GET[$key]) && !empty($_GET[$key])) + { +- foreach(pts_arrays::to_array($_REQUEST[$key]) as $val_to_check) ++ foreach(pts_arrays::to_array($_GET[$key]) as $val_to_check) ++ { ++ if(stripos($val_to_check, $invalid_string) !== false) ++ { ++ echo 'Exited due to invalid input ( ' . $invalid_string . ') attempted: ' . htmlspecialchars($val_to_check); ++ exit; ++ } ++ } ++ } ++ if(isset($_POST[$key]) && !empty($_POST[$key])) ++ { ++ foreach(pts_arrays::to_array($_POST[$key]) as $val_to_check) + { + if(stripos($val_to_check, $invalid_string) !== false) + { diff --git a/meta-oe/recipes-benchmark/phoronix-test-suite/phoronix-test-suite_10.8.2.bb b/meta-oe/recipes-benchmark/phoronix-test-suite/phoronix-test-suite_10.8.2.bb index 825f7024e..44f2249bc 100644 --- a/meta-oe/recipes-benchmark/phoronix-test-suite/phoronix-test-suite_10.8.2.bb +++ b/meta-oe/recipes-benchmark/phoronix-test-suite/phoronix-test-suite_10.8.2.bb @@ -5,7 +5,11 @@ LICENSE = "GPL-3.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" SECTION = "console/tests" -SRC_URI = "http://www.phoronix-test-suite.com/releases/${BP}.tar.gz"; +SRC_URI = "http://www.phoronix-test-suite.com/releases/${BP}.tar.gz \ + file://CVE-2022-40704.patch \ + " + + SRC_URI[md5sum] = "459c3c45b39bb3d720ddc8ba5f944332" SRC_URI[sha256sum] = "86681343d20415831ab16ef6c3d1c317e2345e771925e0698ae920a03a9eaab6" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#101069): https://lists.openembedded.org/g/openembedded-devel/message/101069 Mute This Topic: https://lists.openembedded.org/mt/96942430/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-python][PATCH 1/1] python3-django: Fix CVE-2023-23969
Advance to version 4.1.6. Signed-off-by: Joe Slater --- .../python/{python3-django_4.1.3.bb => python3-django_4.1.6.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-python/recipes-devtools/python/{python3-django_4.1.3.bb => python3-django_4.1.6.bb} (58%) diff --git a/meta-python/recipes-devtools/python/python3-django_4.1.3.bb b/meta-python/recipes-devtools/python/python3-django_4.1.6.bb similarity index 58% rename from meta-python/recipes-devtools/python/python3-django_4.1.3.bb rename to meta-python/recipes-devtools/python/python3-django_4.1.6.bb index 6d800982a..e54398c45 100644 --- a/meta-python/recipes-devtools/python/python3-django_4.1.3.bb +++ b/meta-python/recipes-devtools/python/python3-django_4.1.6.bb @@ -1,7 +1,7 @@ require python-django.inc inherit setuptools3 -SRC_URI[sha256sum] = "678bbfc8604eb246ed54e2063f0765f13b321a50526bdc8cb1f943eda7fa31f1" +SRC_URI[sha256sum] = "bceb0fe1a386781af0788cae4108622756cd05e7775448deec04a71ddf87685d" RDEPENDS:${PN} += "\ ${PYTHON_PN}-sqlparse \ -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#101014): https://lists.openembedded.org/g/openembedded-devel/message/101014 Mute This Topic: https://lists.openembedded.org/mt/96864599/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-oe][PATCH 1/1] phoronix-test-suite: fix CVE-2022-40704
CVE fix added after latest release (10.8.4). Signed-off-by: Joe Slater --- .../files/CVE-2022-40704.patch| 46 +++ .../phoronix-test-suite_10.8.4.bb | 5 +- 2 files changed, 50 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-benchmark/phoronix-test-suite/files/CVE-2022-40704.patch diff --git a/meta-oe/recipes-benchmark/phoronix-test-suite/files/CVE-2022-40704.patch b/meta-oe/recipes-benchmark/phoronix-test-suite/files/CVE-2022-40704.patch new file mode 100644 index 0..8b6405b4a --- /dev/null +++ b/meta-oe/recipes-benchmark/phoronix-test-suite/files/CVE-2022-40704.patch @@ -0,0 +1,46 @@ +From d3880d9d3ba795138444da83f1153c3c3ac27640 Mon Sep 17 00:00:00 2001 +From: Michael Larabel +Date: Sat, 23 Jul 2022 07:32:43 -0500 +Subject: [PATCH] phoromatic: Explicitly check both $_GET abd $_POST in + phoromatic_quit_if_invalid_input_found() + +Fixes: https://github.com/phoronix-test-suite/phoronix-test-suite/issues/650#issuecomment-1193116678 + +Upstream-Status: Backport +CVE: CVE-2022-40704 + +Reference to upstream patch: +https://github.com/phoronix-test-suite/phoronix-test-suite/commit/d3880d9d3ba795138444da83f1153c3c3ac27640 + +Signed-off-by: Li Wang +--- + pts-core/phoromatic/phoromatic_functions.php | 15 +-- + 1 file changed, 13 insertions(+), 2 deletions(-) + +diff --git a/pts-core/phoromatic/phoromatic_functions.php b/pts-core/phoromatic/phoromatic_functions.php +index 74ccc5444c..c2313dcdea 100644 +--- a/pts-core/phoromatic/phoromatic_functions.php b/pts-core/phoromatic/phoromatic_functions.php +@@ -37,9 +37,20 @@ function phoromatic_quit_if_invalid_input_found($input_keys = null) + { + foreach($input_keys as $key) + { +- if(isset($_REQUEST[$key]) && !empty($_REQUEST[$key])) ++ if(isset($_GET[$key]) && !empty($_GET[$key])) + { +- foreach(pts_arrays::to_array($_REQUEST[$key]) as $val_to_check) ++ foreach(pts_arrays::to_array($_GET[$key]) as $val_to_check) ++ { ++ if(stripos($val_to_check, $invalid_string) !== false) ++ { ++ echo 'Exited due to invalid input ( ' . $invalid_string . ') attempted: ' . htmlspecialchars($val_to_check); ++ exit; ++ } ++ } ++ } ++ if(isset($_POST[$key]) && !empty($_POST[$key])) ++ { ++ foreach(pts_arrays::to_array($_POST[$key]) as $val_to_check) + { + if(stripos($val_to_check, $invalid_string) !== false) + { diff --git a/meta-oe/recipes-benchmark/phoronix-test-suite/phoronix-test-suite_10.8.4.bb b/meta-oe/recipes-benchmark/phoronix-test-suite/phoronix-test-suite_10.8.4.bb index be9756d9a..8de3314b3 100644 --- a/meta-oe/recipes-benchmark/phoronix-test-suite/phoronix-test-suite_10.8.4.bb +++ b/meta-oe/recipes-benchmark/phoronix-test-suite/phoronix-test-suite_10.8.4.bb @@ -5,7 +5,10 @@ LICENSE = "GPL-3.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" SECTION = "console/tests" -SRC_URI = "http://www.phoronix-test-suite.com/releases/${BP}.tar.gz"; +SRC_URI = "http://www.phoronix-test-suite.com/releases/${BP}.tar.gz \ + file://CVE-2022-40704.patch \ + " + SRC_URI[sha256sum] = "1f2092d536c0a3193efc53e4a50f3cee65c0ef1a78d31e5404f1c663fff7b7f4" S = "${WORKDIR}/phoronix-test-suite" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#101003): https://lists.openembedded.org/g/openembedded-devel/message/101003 Mute This Topic: https://lists.openembedded.org/mt/96844120/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [hardknott][meta-webserver][PATCH 1/1] phpmyadmin: CVE fixes
Move from 5.1.0 to 5.1.3 fixing CVE-2022-0813, CVE-2022-23807, and CVE-2022-23808. Signed-off-by: Joe Slater --- .../{phpmyadmin_5.1.0.bb => phpmyadmin_5.1.3.bb} | 11 +-- 1 file changed, 5 insertions(+), 6 deletions(-) rename meta-webserver/recipes-php/phpmyadmin/{phpmyadmin_5.1.0.bb => phpmyadmin_5.1.3.bb} (82%) diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_5.1.0.bb b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_5.1.3.bb similarity index 82% rename from meta-webserver/recipes-php/phpmyadmin/phpmyadmin_5.1.0.bb rename to meta-webserver/recipes-php/phpmyadmin/phpmyadmin_5.1.3.bb index cbb5bd971..7ccc05ec3 100644 --- a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_5.1.0.bb +++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_5.1.3.bb @@ -1,18 +1,17 @@ SUMMARY = "Web-based MySQL administration interface" HOMEPAGE = "http://www.phpmyadmin.net"; # Main code is GPLv2, vendor/tecnickcom/tcpdf is under LGPLv3, js/jquery is under MIT -LICENSE = "GPLv2 & LGPLv3 & MIT" +LICENSE = "GPL-2.0-only & LGPL-3.0-only & MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://vendor/tecnickcom/tcpdf/LICENSE.TXT;md5=dd6470bbcd3436ca317f82d34abaf688 \ - file://js/vendor/jquery/MIT-LICENSE.txt;md5=75308107741f7dcdc39127209c7e3fc8 \ + file://js/vendor/jquery/MIT-LICENSE.txt;md5=de877aa6d744cc160ff41c26a8e4811f \ " SRC_URI = "https://files.phpmyadmin.net/phpMyAdmin/${PV}/phpMyAdmin-${PV}-all-languages.tar.xz \ file://apache.conf \ " -SRC_URI[md5sum] = "4587343e706c5434adf91c396b418731" -SRC_URI[sha256sum] = "aa8ccf357f672012384df34e1c2bc70147476761c8458a0dad6233497e142c68" +SRC_URI[sha256sum] = "c562feddc0f8ff5e69629113f273a0d024a65fb928c48e89ce614744d478296f" UPSTREAM_CHECK_URI = "https://www.phpmyadmin.net/downloads/"; UPSTREAM_CHECK_REGEX = "phpMyAdmin-(?P\d+(\.\d+)+)-all-languages.tar.xz" @@ -35,7 +34,7 @@ do_install() { rm -f ${D}${datadir}/phpmyadmin/libraries/transformations/*.sh } -FILES_${PN} = "${datadir}/${BPN} \ +FILES:${PN} = "${datadir}/${BPN} \ ${sysconfdir}/apache2/conf.d" -RDEPENDS_${PN} += "bash php-cli" +RDEPENDS:${PN} += "bash php-cli" -- 2.35.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#97045): https://lists.openembedded.org/g/openembedded-devel/message/97045 Mute This Topic: https://lists.openembedded.org/mt/91041203/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-oe][PATCH 1/1] redis: advance to version 6.2.5
Pull in fix for CVE-2021-32761. Signed-off-by: Joe Slater --- .../recipes-extended/redis/{redis_6.2.4.bb => redis_6.2.5.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-extended/redis/{redis_6.2.4.bb => redis_6.2.5.bb} (96%) diff --git a/meta-oe/recipes-extended/redis/redis_6.2.4.bb b/meta-oe/recipes-extended/redis/redis_6.2.5.bb similarity index 96% rename from meta-oe/recipes-extended/redis/redis_6.2.4.bb rename to meta-oe/recipes-extended/redis/redis_6.2.5.bb index 0db71240e..58d759b59 100644 --- a/meta-oe/recipes-extended/redis/redis_6.2.4.bb +++ b/meta-oe/recipes-extended/redis/redis_6.2.5.bb @@ -17,7 +17,7 @@ SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \ file://GNU_SOURCE.patch \ file://0006-Define-correct-gregs-for-RISCV32.patch \ " -SRC_URI[sha256sum] = "ba32c406a10fc2c09426e2be2787d74ff204eb3a2e496d87cff76a476b6ae16e" +SRC_URI[sha256sum] = "4b9a75709a1b74b3785e20a6c158cab94cf52298aa381eea947a678a60d551ae" inherit autotools-brokensep update-rc.d systemd useradd -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#92924): https://lists.openembedded.org/g/openembedded-devel/message/92924 Mute This Topic: https://lists.openembedded.org/mt/85492291/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-oe][hardknott][PATCH 1/1] redis: fix CVE-2021-32761
Backport from version 6.2.5. Signed-off-by: Joe Slater --- .../redis/redis/CVE-2021-32761.patch | 257 ++ meta-oe/recipes-extended/redis/redis_6.2.2.bb | 1 + 2 files changed, 258 insertions(+) create mode 100644 meta-oe/recipes-extended/redis/redis/CVE-2021-32761.patch diff --git a/meta-oe/recipes-extended/redis/redis/CVE-2021-32761.patch b/meta-oe/recipes-extended/redis/redis/CVE-2021-32761.patch new file mode 100644 index 0..14992b789 --- /dev/null +++ b/meta-oe/recipes-extended/redis/redis/CVE-2021-32761.patch @@ -0,0 +1,257 @@ +From 835d15b5360e277e6f95529c4d8685946a977ddd Mon Sep 17 00:00:00 2001 +From: Huang Zhw +Date: Wed, 21 Jul 2021 21:25:19 +0800 +Subject: [PATCH 1/1] On 32 bit platform, the bit position of + GETBIT/SETBIT/BITFIELD/BITCOUNT,BITPOS may overflow (see CVE-2021-32761) + (#9191) + +GETBIT, SETBIT may access wrong address because of wrap. +BITCOUNT and BITPOS may return wrapped results. +BITFIELD may access the wrong address but also allocate insufficient memory and segfault (see CVE-2021-32761). + +This commit uses `uint64_t` or `long long` instead of `size_t`. +related https://github.com/redis/redis/pull/8096 + +At 32bit platform: +> setbit bit 4294967295 1 +(integer) 0 +> config set proto-max-bulk-len 536870913 +OK +> append bit "\xFF" +(integer) 536870913 +> getbit bit 4294967296 +(integer) 0 + +When the bit index is larger than 4294967295, size_t can't hold bit index. In the past, `proto-max-bulk-len` is limit to 536870912, so there is no problem. + +After this commit, bit position is stored in `uint64_t` or `long long`. So when `proto-max-bulk-len > 536870912`, 32bit platforms can still be correct. + +For 64bit platform, this problem still exists. The major reason is bit pos 8 times of byte pos. When proto-max-bulk-len is very larger, bit pos may overflow. +But at 64bit platform, we don't have so long string. So this bug may never happen. + +Additionally this commit add a test cost `512MB` memory which is tag as `large-memory`. Make freebsd ci and valgrind ci ignore this test. + +(cherry picked from commit 71d452876ebf8456afaadd6b3c27988abadd1148)d +--- + +CVE: CVE-2021-32761 + +Upstream-Status: Backport [835d15b5360e277e6f95529c4d8685946a977ddd] + https://github.com/redis/redis.git + +Signed-off-by: Joe Slater + +--- + .github/workflows/daily.yml | 6 +++--- + src/bitops.c| 32 + src/server.h| 2 +- + tests/unit/bitops.tcl | 28 + 4 files changed, 48 insertions(+), 20 deletions(-) + +diff --git a/.github/workflows/daily.yml b/.github/workflows/daily.yml +index 9e4630e29..432971a9d 100644 +--- a/.github/workflows/daily.yml b/.github/workflows/daily.yml +@@ -151,7 +151,7 @@ jobs: + run: | + sudo apt-get update + sudo apt-get install tcl8.6 valgrind -y +-./runtest --valgrind --verbose --clients 1 --dump-logs ++./runtest --valgrind --verbose --clients 1 --tags -large-memory --dump-logs + - name: module api test + run: ./runtest-moduleapi --valgrind --no-latency --verbose --clients 1 + - name: unittest +@@ -171,7 +171,7 @@ jobs: + run: | + sudo apt-get update + sudo apt-get install tcl8.6 valgrind -y +-./runtest --valgrind --verbose --clients 1 --dump-logs ++./runtest --valgrind --verbose --clients 1 --tags -large-memory --dump-logs + - name: module api test + run: ./runtest-moduleapi --valgrind --no-latency --verbose --clients 1 + +@@ -260,7 +260,7 @@ jobs: + prepare: pkg install -y bash gmake lang/tcl86 + run: > + gmake && +- ./runtest --accurate --verbose --no-latency --dump-logs && ++ ./runtest --accurate --verbose --no-latency --tags -large-memory --dump-logs && + MAKE=gmake ./runtest-moduleapi --verbose && + ./runtest-sentinel && + ./runtest-cluster +diff --git a/src/bitops.c b/src/bitops.c +index afd79ad88..f1c563a41 100644 +--- a/src/bitops.c b/src/bitops.c +@@ -37,8 +37,8 @@ + /* Count number of bits set in the binary array pointed by 's' and long + * 'count' bytes. The implementation of this function is required to + * work with an input string length up to 512 MB or more (server.proto_max_bulk_len) */ +-size_t redisPopcount(void *s, long count) { +-size_t bits = 0; ++long long redisPopcount(void *s, long count) { ++long long bits = 0; + unsigned char *p = s; + uint32_t *p4; + static const unsigned char bitsinbyte[256] = {0,1,1,2,1,2,2,3,1,2,2,3,2,3,3,4,1,2,2,3,2,3,3,4,2,3,3,4,3,4,4,5,1,2,2,3,2,3,3,4,2,3,3,4,3,4,4,5,2,3,3,4,3,4,4,5,3,4,4,5,4,5,5,6,1,2,2,3,2,3,3,4,2,3,3,4,3,4,4
[oe] [meta-web][hardknott][PATCH 1/1] nginx: fix CVE-2021-3618
Apply patch made to version 1.20.1 to version 1.18.0. Signed-off-by: Joe Slater --- .../nginx/files/CVE-2021-3618.patch | 107 ++ .../recipes-httpd/nginx/nginx_1.18.0.bb | 2 + 2 files changed, 109 insertions(+) create mode 100644 meta-webserver/recipes-httpd/nginx/files/CVE-2021-3618.patch diff --git a/meta-webserver/recipes-httpd/nginx/files/CVE-2021-3618.patch b/meta-webserver/recipes-httpd/nginx/files/CVE-2021-3618.patch new file mode 100644 index 0..be42a1ed5 --- /dev/null +++ b/meta-webserver/recipes-httpd/nginx/files/CVE-2021-3618.patch @@ -0,0 +1,107 @@ +From 6dafcdebde58577f4fcb190be46a0eb910cf1b96 Mon Sep 17 00:00:00 2001 +From: Maxim Dounin +Date: Wed, 19 May 2021 03:13:31 +0300 +Subject: [PATCH 1/1] Mail: max_errors directive. + +Similarly to smtpd_hard_error_limit in Postfix and smtp_max_unknown_commands +in Exim, specifies the number of errors after which the connection is closed. +--- end of original header --- + +CVE: CVE-2021-3618 + +Upstream-Status: Backport + https://github.com/nginx/nginx.git + commit 173f16f736c10eae46cd15dd861b04b82d91a37a + +Signed-off-by: Joe Slater +--- + src/mail/ngx_mail.h | 3 +++ + src/mail/ngx_mail_core_module.c | 10 ++ + src/mail/ngx_mail_handler.c | 15 ++- + 3 files changed, 27 insertions(+), 1 deletion(-) + +diff --git a/src/mail/ngx_mail.h b/src/mail/ngx_mail.h +index b865a3b9..76cae37a 100644 +--- a/src/mail/ngx_mail.h b/src/mail/ngx_mail.h +@@ -115,6 +115,8 @@ typedef struct { + ngx_msec_t timeout; + ngx_msec_t resolver_timeout; + ++ngx_uint_t max_errors; ++ + ngx_str_t server_name; + + u_char *file_name; +@@ -231,6 +233,7 @@ typedef struct { + ngx_uint_t command; + ngx_array_t args; + ++ngx_uint_t errors; + ngx_uint_t login_attempt; + + /* used to parse POP3/IMAP/SMTP command */ +diff --git a/src/mail/ngx_mail_core_module.c b/src/mail/ngx_mail_core_module.c +index 40831242..115671ca 100644 +--- a/src/mail/ngx_mail_core_module.c b/src/mail/ngx_mail_core_module.c +@@ -85,6 +85,13 @@ static ngx_command_t ngx_mail_core_commands[] = { + offsetof(ngx_mail_core_srv_conf_t, resolver_timeout), + NULL }, + ++{ ngx_string("max_errors"), ++ NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, ++ ngx_conf_set_num_slot, ++ NGX_MAIL_SRV_CONF_OFFSET, ++ offsetof(ngx_mail_core_srv_conf_t, max_errors), ++ NULL }, ++ + ngx_null_command + }; + +@@ -163,6 +170,8 @@ ngx_mail_core_create_srv_conf(ngx_conf_t *cf) + cscf->timeout = NGX_CONF_UNSET_MSEC; + cscf->resolver_timeout = NGX_CONF_UNSET_MSEC; + ++cscf->max_errors = NGX_CONF_UNSET_UINT; ++ + cscf->resolver = NGX_CONF_UNSET_PTR; + + cscf->file_name = cf->conf_file->file.name.data; +@@ -182,6 +191,7 @@ ngx_mail_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) + ngx_conf_merge_msec_value(conf->resolver_timeout, prev->resolver_timeout, + 3); + ++ngx_conf_merge_uint_value(conf->max_errors, prev->max_errors, 5); + + ngx_conf_merge_str_value(conf->server_name, prev->server_name, ""); + +diff --git a/src/mail/ngx_mail_handler.c b/src/mail/ngx_mail_handler.c +index 0aaa0e78..71b81512 100644 +--- a/src/mail/ngx_mail_handler.c b/src/mail/ngx_mail_handler.c +@@ -871,7 +871,20 @@ ngx_mail_read_command(ngx_mail_session_t *s, ngx_connection_t *c) + return NGX_MAIL_PARSE_INVALID_COMMAND; + } + +-if (rc == NGX_IMAP_NEXT || rc == NGX_MAIL_PARSE_INVALID_COMMAND) { ++if (rc == NGX_MAIL_PARSE_INVALID_COMMAND) { ++ ++s->errors++; ++ ++if (s->errors >= cscf->max_errors) { ++ngx_log_error(NGX_LOG_INFO, c->log, 0, ++ "client sent too many invalid commands"); ++s->quit = 1; ++} ++ ++return rc; ++} ++ ++if (rc == NGX_IMAP_NEXT) { + return rc; + } + +-- +2.25.1 + diff --git a/meta-webserver/recipes-httpd/nginx/nginx_1.18.0.bb b/meta-webserver/recipes-httpd/nginx/nginx_1.18.0.bb index ac303e47d..c20ca6f40 100644 --- a/meta-webserver/recipes-httpd/nginx/nginx_1.18.0.bb +++ b/meta-webserver/recipes-httpd/nginx/nginx_1.18.0.bb @@ -1,5 +1,7 @@ require nginx.inc +SRC_URI += "file://CVE-2021-3618.patch" + LIC_FILES_CHKSUM = "file://LICENSE;md5=52e384aaac868b755b93ad5535e2d075" SRC_URI[md5sum] = "b2d33d24d89b8b1f87ff5d251aa27eb8" -- 2.31.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#92837): https://lists.openembedded.org/g/openembedded-devel/message/92837 Mute This Topic: https://lists.openembedded.org/mt/85338519/21656 Group Ow
[oe] [meta-webserver][PATCH 1/1] nginx: fix CVE-2021-3618
Backport with no change a patch from version 1.21.0. This patch was not cherry-picked by nginx to version 1.20.1. Information about this CVE comes from https://ubuntu.com/security/CVE-2021-3618. Signed-off-by: Joe Slater --- .../nginx/files/CVE-2021-3618.patch | 107 ++ .../recipes-httpd/nginx/nginx_1.20.1.bb | 2 + 2 files changed, 109 insertions(+) create mode 100644 meta-webserver/recipes-httpd/nginx/files/CVE-2021-3618.patch diff --git a/meta-webserver/recipes-httpd/nginx/files/CVE-2021-3618.patch b/meta-webserver/recipes-httpd/nginx/files/CVE-2021-3618.patch new file mode 100644 index 0..be42a1ed5 --- /dev/null +++ b/meta-webserver/recipes-httpd/nginx/files/CVE-2021-3618.patch @@ -0,0 +1,107 @@ +From 6dafcdebde58577f4fcb190be46a0eb910cf1b96 Mon Sep 17 00:00:00 2001 +From: Maxim Dounin +Date: Wed, 19 May 2021 03:13:31 +0300 +Subject: [PATCH 1/1] Mail: max_errors directive. + +Similarly to smtpd_hard_error_limit in Postfix and smtp_max_unknown_commands +in Exim, specifies the number of errors after which the connection is closed. +--- end of original header --- + +CVE: CVE-2021-3618 + +Upstream-Status: Backport + https://github.com/nginx/nginx.git + commit 173f16f736c10eae46cd15dd861b04b82d91a37a + +Signed-off-by: Joe Slater +--- + src/mail/ngx_mail.h | 3 +++ + src/mail/ngx_mail_core_module.c | 10 ++ + src/mail/ngx_mail_handler.c | 15 ++- + 3 files changed, 27 insertions(+), 1 deletion(-) + +diff --git a/src/mail/ngx_mail.h b/src/mail/ngx_mail.h +index b865a3b9..76cae37a 100644 +--- a/src/mail/ngx_mail.h b/src/mail/ngx_mail.h +@@ -115,6 +115,8 @@ typedef struct { + ngx_msec_t timeout; + ngx_msec_t resolver_timeout; + ++ngx_uint_t max_errors; ++ + ngx_str_t server_name; + + u_char *file_name; +@@ -231,6 +233,7 @@ typedef struct { + ngx_uint_t command; + ngx_array_t args; + ++ngx_uint_t errors; + ngx_uint_t login_attempt; + + /* used to parse POP3/IMAP/SMTP command */ +diff --git a/src/mail/ngx_mail_core_module.c b/src/mail/ngx_mail_core_module.c +index 40831242..115671ca 100644 +--- a/src/mail/ngx_mail_core_module.c b/src/mail/ngx_mail_core_module.c +@@ -85,6 +85,13 @@ static ngx_command_t ngx_mail_core_commands[] = { + offsetof(ngx_mail_core_srv_conf_t, resolver_timeout), + NULL }, + ++{ ngx_string("max_errors"), ++ NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1, ++ ngx_conf_set_num_slot, ++ NGX_MAIL_SRV_CONF_OFFSET, ++ offsetof(ngx_mail_core_srv_conf_t, max_errors), ++ NULL }, ++ + ngx_null_command + }; + +@@ -163,6 +170,8 @@ ngx_mail_core_create_srv_conf(ngx_conf_t *cf) + cscf->timeout = NGX_CONF_UNSET_MSEC; + cscf->resolver_timeout = NGX_CONF_UNSET_MSEC; + ++cscf->max_errors = NGX_CONF_UNSET_UINT; ++ + cscf->resolver = NGX_CONF_UNSET_PTR; + + cscf->file_name = cf->conf_file->file.name.data; +@@ -182,6 +191,7 @@ ngx_mail_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) + ngx_conf_merge_msec_value(conf->resolver_timeout, prev->resolver_timeout, + 3); + ++ngx_conf_merge_uint_value(conf->max_errors, prev->max_errors, 5); + + ngx_conf_merge_str_value(conf->server_name, prev->server_name, ""); + +diff --git a/src/mail/ngx_mail_handler.c b/src/mail/ngx_mail_handler.c +index 0aaa0e78..71b81512 100644 +--- a/src/mail/ngx_mail_handler.c b/src/mail/ngx_mail_handler.c +@@ -871,7 +871,20 @@ ngx_mail_read_command(ngx_mail_session_t *s, ngx_connection_t *c) + return NGX_MAIL_PARSE_INVALID_COMMAND; + } + +-if (rc == NGX_IMAP_NEXT || rc == NGX_MAIL_PARSE_INVALID_COMMAND) { ++if (rc == NGX_MAIL_PARSE_INVALID_COMMAND) { ++ ++s->errors++; ++ ++if (s->errors >= cscf->max_errors) { ++ngx_log_error(NGX_LOG_INFO, c->log, 0, ++ "client sent too many invalid commands"); ++s->quit = 1; ++} ++ ++return rc; ++} ++ ++if (rc == NGX_IMAP_NEXT) { + return rc; + } + +-- +2.25.1 + diff --git a/meta-webserver/recipes-httpd/nginx/nginx_1.20.1.bb b/meta-webserver/recipes-httpd/nginx/nginx_1.20.1.bb index 7f159a2a3..d686c627f 100644 --- a/meta-webserver/recipes-httpd/nginx/nginx_1.20.1.bb +++ b/meta-webserver/recipes-httpd/nginx/nginx_1.20.1.bb @@ -1,5 +1,7 @@ require nginx.inc +SRC_URI += "file://CVE-2021-3618.patch" + LIC_FILES_CHKSUM = "file://LICENSE;md5=206629dc7c7b3e87acb31162363ae505" SRC_URI[md5sum] = "8ca6edd5076bdfad30a69c9c9b41cc68" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#92674):
[oe] [meta-oe][hardknott][PATCH 1/1] php: move to version 7.4.21
Lots of bug fixes. CVE: CVE-2021-21704 CVE-2021-21705 Signed-off-by: Joe Slater Signed-off-by: Khem Raj (cherry picked from commit 93045c3db744a9f1cd0a9b0ce992d44d9c44c309) Signed-off-by: Joe Slater --- meta-oe/recipes-devtools/php/{php_7.4.16.bb => php_7.4.21.bb} | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) rename meta-oe/recipes-devtools/php/{php_7.4.16.bb => php_7.4.21.bb} (99%) diff --git a/meta-oe/recipes-devtools/php/php_7.4.16.bb b/meta-oe/recipes-devtools/php/php_7.4.21.bb similarity index 99% rename from meta-oe/recipes-devtools/php/php_7.4.16.bb rename to meta-oe/recipes-devtools/php/php_7.4.21.bb index 821d9cd04..4d427252f 100644 --- a/meta-oe/recipes-devtools/php/php_7.4.16.bb +++ b/meta-oe/recipes-devtools/php/php_7.4.21.bb @@ -33,7 +33,8 @@ SRC_URI_append_class-target = " \ " S = "${WORKDIR}/php-${PV}" -SRC_URI[sha256sum] = "85710f007cfd0fae94e13a02a3a036f4e81ef43693260cae8a2e1ca93659ce3e" +SRC_URI[sha256sum] = "36ec6102e757e2c2b7742057a700bbff77c76fa0ccbe9c860398c3d24e32822a" + inherit autotools pkgconfig python3native gettext -- 2.31.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#92466): https://lists.openembedded.org/g/openembedded-devel/message/92466 Mute This Topic: https://lists.openembedded.org/mt/84651367/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-gnome][PATCH 1/1] gtksourceview4: work around dependency deficiency
Compile in two stages. First, generate gtksourceview-gresources.h, then compile everything else. Adding the dependency is not trivial so we wait for upstream and add a benign workaround. Signed-off-by: Joe Slater --- .../gtksourceview/gtksourceview4_4.8.1.bb| 16 +++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/meta-gnome/recipes-gnome/gtksourceview/gtksourceview4_4.8.1.bb b/meta-gnome/recipes-gnome/gtksourceview/gtksourceview4_4.8.1.bb index f7d040d73..0be12bcdb 100644 --- a/meta-gnome/recipes-gnome/gtksourceview/gtksourceview4_4.8.1.bb +++ b/meta-gnome/recipes-gnome/gtksourceview/gtksourceview4_4.8.1.bb @@ -16,10 +16,24 @@ inherit gnomebase lib_package gettext features_check gtk-doc gobject-introspecti REQUIRED_DISTRO_FEATURES = "x11" -SRC_URI = "https://download.gnome.org/sources/gtksourceview/4.8/${PNAME}-${PV}.tar.xz"; +SRC_URI = "https://download.gnome.org/sources/gtksourceview/4.8/${PNAME}-${PV}.tar.xz \ + " + SRC_URI[sha256sum] = "d163d71b5fcafbc5b1eec6dd841edbdbcddd3a7511cd5fdcffd86b8bbfe69ac1" GIR_MESON_OPTION = 'gir' GTKDOC_MESON_OPTION = "gtk_doc" +# Override the definition in meson.bbclass. The dependencies in mason.build are incomplete +# and the recipe will not build with "-j 1". This fix is benign but should be reviewed when +# updating versions. +# +meson_do_compile() { +bbnote "== generating gtksourceview-gresources.h " +bbnote "PARALLEL_MAKE is ${PARALLEL_MAKE}" +ninja ${PARALLEL_MAKE} gtksourceview/gtksourceview-gresources.h +bbnote "== compiling target all " +ninja ${PARALLEL_MAKE} +} + FILES_${PN} += "${datadir}/gtksourceview-4" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#92445): https://lists.openembedded.org/g/openembedded-devel/message/92445 Mute This Topic: https://lists.openembedded.org/mt/84628122/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-oe][PATCH 1/1] php: move to version 7.4.21
Lots of bug fixes. CVE: CVE-2021-21704 CVE-2021-21705 Signed-off-by: Joe Slater --- meta-oe/recipes-devtools/php/{php_7.4.16.bb => php_7.4.21.bb} | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) rename meta-oe/recipes-devtools/php/{php_7.4.16.bb => php_7.4.21.bb} (99%) diff --git a/meta-oe/recipes-devtools/php/php_7.4.16.bb b/meta-oe/recipes-devtools/php/php_7.4.21.bb similarity index 99% rename from meta-oe/recipes-devtools/php/php_7.4.16.bb rename to meta-oe/recipes-devtools/php/php_7.4.21.bb index 821d9cd04..4d427252f 100644 --- a/meta-oe/recipes-devtools/php/php_7.4.16.bb +++ b/meta-oe/recipes-devtools/php/php_7.4.21.bb @@ -33,7 +33,8 @@ SRC_URI_append_class-target = " \ " S = "${WORKDIR}/php-${PV}" -SRC_URI[sha256sum] = "85710f007cfd0fae94e13a02a3a036f4e81ef43693260cae8a2e1ca93659ce3e" +SRC_URI[sha256sum] = "36ec6102e757e2c2b7742057a700bbff77c76fa0ccbe9c860398c3d24e32822a" + inherit autotools pkgconfig python3native gettext -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#92352): https://lists.openembedded.org/g/openembedded-devel/message/92352 Mute This Topic: https://lists.openembedded.org/mt/84469325/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [hardknott][meta-python][PATCH 1/1] python3-pillow: fix CVE-2021-34552
Pull fix from version 8.3.1 back to 8.2.0. Signed-off-by: Joe Slater --- ...Limit-sprintf-modes-to-10-characters.patch | 49 +++ ...0001-Use-snprintf-instead-of-sprintf.patch | 43 .../python/python3-pillow_8.2.0.bb| 2 + 3 files changed, 94 insertions(+) create mode 100644 meta-python/recipes-devtools/python/python3-pillow/0001-Limit-sprintf-modes-to-10-characters.patch create mode 100644 meta-python/recipes-devtools/python/python3-pillow/0001-Use-snprintf-instead-of-sprintf.patch diff --git a/meta-python/recipes-devtools/python/python3-pillow/0001-Limit-sprintf-modes-to-10-characters.patch b/meta-python/recipes-devtools/python/python3-pillow/0001-Limit-sprintf-modes-to-10-characters.patch new file mode 100644 index 0..d61ae3a62 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-pillow/0001-Limit-sprintf-modes-to-10-characters.patch @@ -0,0 +1,49 @@ +From 5f4504bb03f4edeeef8c2633dc5ba03a4c2a8a97 Mon Sep 17 00:00:00 2001 +From: Andrew Murray +Date: Tue, 15 Jun 2021 15:14:26 +1000 +Subject: [PATCH 1/1] Limit sprintf modes to 10 characters + +Needed to make CVE-2021-34552 fix apply cleanly. + +commit 5f4504bb03f4edeeef8c2633dc5ba03a4c2a8a97 (unmodified) + +Upstream-Status: Backport +Signed-off-by: Joe Slater + +--- + src/libImaging/Convert.c | 10 -- + 1 file changed, 4 insertions(+), 6 deletions(-) + +diff --git a/src/libImaging/Convert.c b/src/libImaging/Convert.c +index 8c7be36a2..1fa74a13b 100644 +--- a/src/libImaging/Convert.c b/src/libImaging/Convert.c +@@ -1594,9 +1594,8 @@ convert( + #ifdef notdef + return (Imaging)ImagingError_ValueError("conversion not supported"); + #else +-static char buf[256]; +-/* FIXME: may overflow if mode is too large */ +-sprintf(buf, "conversion from %s to %s not supported", imIn->mode, mode); ++static char buf[100]; ++sprintf(buf, "conversion from %.10s to %.10s not supported", imIn->mode, mode); + return (Imaging)ImagingError_ValueError(buf); + #endif + } +@@ -1645,11 +1644,10 @@ ImagingConvertTransparent(Imaging imIn, const char *mode, int r, int g, int b) { + } + #else + { +-static char buf[256]; +-/* FIXME: may overflow if mode is too large */ ++static char buf[100]; + sprintf( + buf, +-"conversion from %s to %s not supported in convert_transparent", ++"conversion from %.10s to %.10s not supported in convert_transparent", + imIn->mode, + mode); + return (Imaging)ImagingError_ValueError(buf); +-- +2.29.2 + diff --git a/meta-python/recipes-devtools/python/python3-pillow/0001-Use-snprintf-instead-of-sprintf.patch b/meta-python/recipes-devtools/python/python3-pillow/0001-Use-snprintf-instead-of-sprintf.patch new file mode 100644 index 0..fc0337f13 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-pillow/0001-Use-snprintf-instead-of-sprintf.patch @@ -0,0 +1,43 @@ +From 518ee3722a99d7f7d890db82a20bd81c1c0327fb Mon Sep 17 00:00:00 2001 +From: Andrew Murray +Date: Wed, 30 Jun 2021 23:47:10 +1000 +Subject: [PATCH 1/1] Use snprintf instead of sprintf + +Fix CVE-2021-34552. + +commit 518ee3722a99d7f7d890db82a20bd81c1c0327fb (unmodified) + +Upstream-Status: Backport +Signed-off-by: Joe Slater + +--- + src/libImaging/Convert.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/src/libImaging/Convert.c b/src/libImaging/Convert.c +index 1fa74a13b..9012cfcd7 100644 +--- a/src/libImaging/Convert.c b/src/libImaging/Convert.c +@@ -1595,7 +1595,7 @@ convert( + return (Imaging)ImagingError_ValueError("conversion not supported"); + #else + static char buf[100]; +-sprintf(buf, "conversion from %.10s to %.10s not supported", imIn->mode, mode); ++snprintf(buf, 100, "conversion from %.10s to %.10s not supported", imIn->mode, mode); + return (Imaging)ImagingError_ValueError(buf); + #endif + } +@@ -1645,8 +1645,9 @@ ImagingConvertTransparent(Imaging imIn, const char *mode, int r, int g, int b) { + #else + { + static char buf[100]; +-sprintf( ++snprintf( + buf, ++100, + "conversion from %.10s to %.10s not supported in convert_transparent", + imIn->mode, + mode); +-- +2.29.2 + diff --git a/meta-python/recipes-devtools/python/python3-pillow_8.2.0.bb b/meta-python/recipes-devtools/python/python3-pillow_8.2.0.bb index 3241230d1..40745bb76 100644 --- a/meta-python/recipes-devtools/python/python3-pillow_8.2.0.bb +++ b/meta-python/recipes-devtools/python/python3-pillow_8.2.0.bb @@ -8,6 +8,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=0337b116233da4616ae9fdb130bf6f1a" SRC_URI = "git://github.com/python-pillow/Pillow.git;branch=8
Re: [oe] [hardknott][meta-python][PATCH 1/1] python3-pillow: Upgrade 8.2.0 -> 8.3.1
CVE fix. > -Original Message- > From: MacLeod, Randy > Sent: Wednesday, July 21, 2021 4:12 PM > To: Slater, Joseph ; openembedded- > de...@lists.openembedded.org > Subject: Re: [hardknott][meta-python][PATCH 1/1] python3-pillow: Upgrade > 8.2.0 -> 8.3.1 > > On 2021-07-21 4:28 p.m., Joe Slater wrote: > > From: Leon Anavi > > > > Upgrade to release 8.3.1: > > It looks like 8.3 has some API Changes: > > https://pillow.readthedocs.io/en/stable/releasenotes/8.3.0.html > > so it's likely not a go for hardknott but I didn't clone and examine the src > repo. > > > Was you goal to fix a CVE Joe or something else? > > ../Randy > > > > > > - Catch OSError when checking if fp is sys.stdout > > - Handle removing orientation from alternate types of EXIF data > > - Make Image.__array__ take optional dtype argument > > > > Signed-off-by: Leon Anavi > > Signed-off-by: Khem Raj > > Signed-off-by: Trevor Gamblin > > > > Fixes CVE-2021-34552. > > (cherry picked from commit a5fc60071f0a0a16096792c4e1970d31f5964539) > > > > Signed-off-by: Joe Slater > > --- > > .../{python3-pillow_8.2.0.bb => python3-pillow_8.3.1.bb} | 4 ++-- > > 1 file changed, 2 insertions(+), 2 deletions(-) > > rename meta-python/recipes-devtools/python/{python3-pillow_8.2.0.bb > > => python3-pillow_8.3.1.bb} (86%) > > > > diff --git > > a/meta-python/recipes-devtools/python/python3-pillow_8.2.0.bb > > b/meta-python/recipes-devtools/python/python3-pillow_8.3.1.bb > > similarity index 86% > > rename from > > meta-python/recipes-devtools/python/python3-pillow_8.2.0.bb > > rename to meta-python/recipes-devtools/python/python3-pillow_8.3.1.bb > > index 3241230d1..045357a6a 100644 > > --- a/meta-python/recipes-devtools/python/python3-pillow_8.2.0.bb > > +++ b/meta-python/recipes-devtools/python/python3-pillow_8.3.1.bb > > @@ -5,11 +5,11 @@ HOMEPAGE = "https://pillow.readthedocs.io"; > > LICENSE = "MIT" > > LIC_FILES_CHKSUM = > "file://LICENSE;md5=0337b116233da4616ae9fdb130bf6f1a" > > > > -SRC_URI = "git://github.com/python-pillow/Pillow.git;branch=8.2.x \ > > +SRC_URI = "git://github.com/python-pillow/Pillow.git;branch=8.3.x \ > > file://0001-support-cross-compiling.patch \ > > file://0001-explicitly-set-compile-options.patch \ > > " > > -SRCREV ?= "e0e353c0ef7516979a9aedce3792596649ce4433" > > +SRCREV ?= "92933b86574b9c80764bf52c357ed29e1ef53382" > > > > inherit setuptools3 > > > > > > > -- > # Randy MacLeod > # Wind River Linux -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#92302): https://lists.openembedded.org/g/openembedded-devel/message/92302 Mute This Topic: https://lists.openembedded.org/mt/84365624/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [hardknott][meta-python][PATCH 1/1] python3-pillow: Upgrade 8.2.0 -> 8.3.1
From: Leon Anavi Upgrade to release 8.3.1: - Catch OSError when checking if fp is sys.stdout - Handle removing orientation from alternate types of EXIF data - Make Image.__array__ take optional dtype argument Signed-off-by: Leon Anavi Signed-off-by: Khem Raj Signed-off-by: Trevor Gamblin Fixes CVE-2021-34552. (cherry picked from commit a5fc60071f0a0a16096792c4e1970d31f5964539) Signed-off-by: Joe Slater --- .../{python3-pillow_8.2.0.bb => python3-pillow_8.3.1.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta-python/recipes-devtools/python/{python3-pillow_8.2.0.bb => python3-pillow_8.3.1.bb} (86%) diff --git a/meta-python/recipes-devtools/python/python3-pillow_8.2.0.bb b/meta-python/recipes-devtools/python/python3-pillow_8.3.1.bb similarity index 86% rename from meta-python/recipes-devtools/python/python3-pillow_8.2.0.bb rename to meta-python/recipes-devtools/python/python3-pillow_8.3.1.bb index 3241230d1..045357a6a 100644 --- a/meta-python/recipes-devtools/python/python3-pillow_8.2.0.bb +++ b/meta-python/recipes-devtools/python/python3-pillow_8.3.1.bb @@ -5,11 +5,11 @@ HOMEPAGE = "https://pillow.readthedocs.io"; LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=0337b116233da4616ae9fdb130bf6f1a" -SRC_URI = "git://github.com/python-pillow/Pillow.git;branch=8.2.x \ +SRC_URI = "git://github.com/python-pillow/Pillow.git;branch=8.3.x \ file://0001-support-cross-compiling.patch \ file://0001-explicitly-set-compile-options.patch \ " -SRCREV ?= "e0e353c0ef7516979a9aedce3792596649ce4433" +SRCREV ?= "92933b86574b9c80764bf52c357ed29e1ef53382" inherit setuptools3 -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#92300): https://lists.openembedded.org/g/openembedded-devel/message/92300 Mute This Topic: https://lists.openembedded.org/mt/84365624/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [hardknott][meta-python][PATCH 1/1] python3-urllib3: Upgrade 1.26.4 -> 1.26.5
From: Leon Anavi Upgrade to release 1.26.5: - Fixed deprecation warnings emitted in Python 3.10. - Updated vendored six library to 1.16.0. - Improved performance of URL parser when splitting the authority component. Signed-off-by: Leon Anavi Signed-off-by: Khem Raj Signed-off-by: Trevor Gamblin Fixes CVE 2021-33503. (cherry picked from commit bb39c29a46e44fcc082aed0ce8772f4267a41d2d) Signed-off-by: Joe Slater --- .../{python3-urllib3_1.26.4.bb => python3-urllib3_1.26.5.bb}| 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-python/recipes-devtools/python/{python3-urllib3_1.26.4.bb => python3-urllib3_1.26.5.bb} (86%) diff --git a/meta-python/recipes-devtools/python/python3-urllib3_1.26.4.bb b/meta-python/recipes-devtools/python/python3-urllib3_1.26.5.bb similarity index 86% rename from meta-python/recipes-devtools/python/python3-urllib3_1.26.4.bb rename to meta-python/recipes-devtools/python/python3-urllib3_1.26.5.bb index 0a31fb1e2..f2fb33c6d 100644 --- a/meta-python/recipes-devtools/python/python3-urllib3_1.26.4.bb +++ b/meta-python/recipes-devtools/python/python3-urllib3_1.26.5.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://github.com/shazow/urllib3"; LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=c2823cb995439c984fd62a973d79815c" -SRC_URI[sha256sum] = "e7b021f7241115872f92f43c6508082facffbd1c048e3c6e2bb9c2a157e28937" +SRC_URI[sha256sum] = "a7acd0977125325f516bda9735fa7142b909a8d01e8b2e4c8108d0984e6e0098" inherit pypi setuptools3 -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#92289): https://lists.openembedded.org/g/openembedded-devel/message/92289 Mute This Topic: https://lists.openembedded.org/mt/84340084/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [hardknott][meta-python][PATCH 1/1] python3-django: upgrade 3.2.4 -> 3.2.5 (fix CVE-2021-35042)
From: Trevor Gamblin 3.2.5 fixes CVE-2021-35042: Potential SQL injection via unsanitized QuerySet.order_by() input. Additional release notes: - Fixed a regression in Django 3.2 that caused a crash of QuerySet.values_list(…, named=True) after prefetch_related() (#32812). - Fixed a bug in Django 3.2 that caused a migration crash on MySQL 8.0.13+ when altering BinaryField, JSONField, or TextField to non-nullable (#32503). - Fixed a regression in Django 3.2 that caused a migration crash on MySQL 8.0.13+ when adding nullable BinaryField, JSONField, or TextField with a default value (#32832). - Fixed a bug in Django 3.2 where a system check would crash on a model with an invalid app_label (#32863). There is no corresponding uprev for the 2.x LTS branch since it is already at the latest version (2.2.24). Signed-off-by: Trevor Gamblin Signed-off-by: Khem Raj Signed-off-by: Trevor Gamblin (cherry picked from commit fe50bd100548500842667210df9757d84ec11b16) Signed-off-by: Joe Slater --- .../python/{python3-django_3.2.4.bb => python3-django_3.2.5.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-python/recipes-devtools/python/{python3-django_3.2.4.bb => python3-django_3.2.5.bb} (77%) diff --git a/meta-python/recipes-devtools/python/python3-django_3.2.4.bb b/meta-python/recipes-devtools/python/python3-django_3.2.5.bb similarity index 77% rename from meta-python/recipes-devtools/python/python3-django_3.2.4.bb rename to meta-python/recipes-devtools/python/python3-django_3.2.5.bb index 52504885e..5890c8541 100644 --- a/meta-python/recipes-devtools/python/python3-django_3.2.4.bb +++ b/meta-python/recipes-devtools/python/python3-django_3.2.5.bb @@ -1,7 +1,7 @@ require python-django.inc inherit setuptools3 -SRC_URI[sha256sum] = "66c9d8db8cc6fe938a28b7887c1596e42d522e27618562517cc8929eb7e7f296" +SRC_URI[sha256sum] = "3da05fea54fdec2315b54a563d5b59f3b4e2b1e69c3a5841dda35019c01855cd" RDEPENDS_${PN} += "\ ${PYTHON_PN}-sqlparse \ -- 2.31.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#92288): https://lists.openembedded.org/g/openembedded-devel/message/92288 Mute This Topic: https://lists.openembedded.org/mt/84338402/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe] [meta-python2][PATCH 1/1] python: use update-alternatives for python link
Sorry for the delay, but I your message got put in a folder I don’t look at much. Some projects, like blktrace, have scripts that work with python2 or python3 and want to leave the shebangs “generic”. Of course, that won’t work if python3 doesn’t supply “python”. I admit that wanting to put both python2 and python3 in an image is weird, but we could do it and have both versions supply “python”. I don’t see any downside to making “python” a u-a link. It’s already a link. I admit, though, that there is no guarantee python3 will be allowed to supply a u-a link. Joe From: Martin Jansa Sent: Friday, July 9, 2021 5:07 AM To: Slater, Joseph Cc: openembedded-devel ; MacLeod, Randy Subject: Re: [oe] [meta-python2][PATCH 1/1] python: use update-alternatives for python link As this wasn't needed until now and python3 also doesn't use u-a for ${bindir}/python as all python3 scripts should explicitly call python3, why do you think it would be worth adding to dead python2 recipe? If you need this symlink would it make sense to use separate recipe like python-is-python2/python-is-python3 packages in debian based systems and create the symlink there instead of u-a in python itself? On Tue, Jul 6, 2021 at 8:19 PM Joe Slater mailto:joe.sla...@windriver.com>> wrote: Make the link of python to python2.7 an alternative. This allows python3 to provide a link if we are not around, but makes our link override any python3 provides, assuming he uses the default priority. Signed-off-by: Joe Slater mailto:joe.sla...@windriver.com>> --- recipes-devtools/python/python_2.7.18.bb<https://urldefense.com/v3/__http:/python_2.7.18.bb__;!!AjveYdw8EvQ!IzYw73MQjD6zus_YwfXCpL1kV27Ob5bh1iViRVPnJ4yt0eoqSXx8vPwZ9wdWmHEceZ8$> | 9 - 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/recipes-devtools/python/python_2.7.18.bb<https://urldefense.com/v3/__http:/python_2.7.18.bb__;!!AjveYdw8EvQ!IzYw73MQjD6zus_YwfXCpL1kV27Ob5bh1iViRVPnJ4yt0eoqSXx8vPwZ9wdWmHEceZ8$> b/recipes-devtools/python/python_2.7.18.bb<https://urldefense.com/v3/__http:/python_2.7.18.bb__;!!AjveYdw8EvQ!IzYw73MQjD6zus_YwfXCpL1kV27Ob5bh1iViRVPnJ4yt0eoqSXx8vPwZ9wdWmHEceZ8$> index 7350562..3faf154 100644 --- a/recipes-devtools/python/python_2.7.18.bb<https://urldefense.com/v3/__http:/python_2.7.18.bb__;!!AjveYdw8EvQ!IzYw73MQjD6zus_YwfXCpL1kV27Ob5bh1iViRVPnJ4yt0eoqSXx8vPwZ9wdWmHEceZ8$> +++ b/recipes-devtools/python/python_2.7.18.bb<https://urldefense.com/v3/__http:/python_2.7.18.bb__;!!AjveYdw8EvQ!IzYw73MQjD6zus_YwfXCpL1kV27Ob5bh1iViRVPnJ4yt0eoqSXx8vPwZ9wdWmHEceZ8$> @@ -34,7 +34,14 @@ SRC_URI += " \ S = "${WORKDIR}/Python-${PV}" -inherit autotools multilib_header python-dir pythonnative ptest +inherit autotools multilib_header python-dir pythonnative ptest update-alternatives + +# Make 'python' an alternative so that if python3 also provides it, we will be the default. +# +ALTERNATIVE_${PN}-core = "python" +ALTERNATIVE_LINK_NAME[python] = "${bindir}/python" +ALTERNATIVE_TARGET[python] = "${bindir}/python${PYTHON_MAJMIN}" +ALTERNATIVE_PRIORITY[python] = "50" EXTRA_OECONF += "--with-system-ffi" -- 2.29.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#92270): https://lists.openembedded.org/g/openembedded-devel/message/92270 Mute This Topic: https://lists.openembedded.org/mt/84027038/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [hardknott][meta-python][PATCH 1/1] python3-django: upgrade 3.2.4 -> 3.2.5 (fix CVE-2021-35042)
From: Trevor Gamblin 3.2.5 fixes CVE-2021-35042: Potential SQL injection via unsanitized QuerySet.order_by() input. Additional release notes: - Fixed a regression in Django 3.2 that caused a crash of QuerySet.values_list(…, named=True) after prefetch_related() (#32812). - Fixed a bug in Django 3.2 that caused a migration crash on MySQL 8.0.13+ when altering BinaryField, JSONField, or TextField to non-nullable (#32503). - Fixed a regression in Django 3.2 that caused a migration crash on MySQL 8.0.13+ when adding nullable BinaryField, JSONField, or TextField with a default value (#32832). - Fixed a bug in Django 3.2 where a system check would crash on a model with an invalid app_label (#32863). There is no corresponding uprev for the 2.x LTS branch since it is already at the latest version (2.2.24). Signed-off-by: Trevor Gamblin Signed-off-by: Khem Raj Signed-off-by: Trevor Gamblin (cherry picked from commit fe50bd100548500842667210df9757d84ec11b16) Signed-off-by: Joe Slater --- .../python/{python3-django_3.2.4.bb => python3-django_3.2.5.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-python/recipes-devtools/python/{python3-django_3.2.4.bb => python3-django_3.2.5.bb} (77%) diff --git a/meta-python/recipes-devtools/python/python3-django_3.2.4.bb b/meta-python/recipes-devtools/python/python3-django_3.2.5.bb similarity index 77% rename from meta-python/recipes-devtools/python/python3-django_3.2.4.bb rename to meta-python/recipes-devtools/python/python3-django_3.2.5.bb index 52504885e..5890c8541 100644 --- a/meta-python/recipes-devtools/python/python3-django_3.2.4.bb +++ b/meta-python/recipes-devtools/python/python3-django_3.2.5.bb @@ -1,7 +1,7 @@ require python-django.inc inherit setuptools3 -SRC_URI[sha256sum] = "66c9d8db8cc6fe938a28b7887c1596e42d522e27618562517cc8929eb7e7f296" +SRC_URI[sha256sum] = "3da05fea54fdec2315b54a563d5b59f3b4e2b1e69c3a5841dda35019c01855cd" RDEPENDS_${PN} += "\ ${PYTHON_PN}-sqlparse \ -- 2.31.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#92253): https://lists.openembedded.org/g/openembedded-devel/message/92253 Mute This Topic: https://lists.openembedded.org/mt/84257718/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-python2][PATCH 1/1] python: use update-alternatives for python link
Make the link of python to python2.7 an alternative. This allows python3 to provide a link if we are not around, but makes our link override any python3 provides, assuming he uses the default priority. Signed-off-by: Joe Slater --- recipes-devtools/python/python_2.7.18.bb | 9 - 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/recipes-devtools/python/python_2.7.18.bb b/recipes-devtools/python/python_2.7.18.bb index 7350562..3faf154 100644 --- a/recipes-devtools/python/python_2.7.18.bb +++ b/recipes-devtools/python/python_2.7.18.bb @@ -34,7 +34,14 @@ SRC_URI += " \ S = "${WORKDIR}/Python-${PV}" -inherit autotools multilib_header python-dir pythonnative ptest +inherit autotools multilib_header python-dir pythonnative ptest update-alternatives + +# Make 'python' an alternative so that if python3 also provides it, we will be the default. +# +ALTERNATIVE_${PN}-core = "python" +ALTERNATIVE_LINK_NAME[python] = "${bindir}/python" +ALTERNATIVE_TARGET[python] = "${bindir}/python${PYTHON_MAJMIN}" +ALTERNATIVE_PRIORITY[python] = "50" EXTRA_OECONF += "--with-system-ffi" -- 2.29.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#92138): https://lists.openembedded.org/g/openembedded-devel/message/92138 Mute This Topic: https://lists.openembedded.org/mt/84027038/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [v2][meta-oe][PATCH 1/1] luajit: advance SRCREV to fix two CVE's
Fix CVE-2020-15890 and CVE-2020-24372. Also change PV format because the reference to 2.1.0-beta3 was already far behind the SRCREV. Now, base PV on a tag and date of SRCREV commit if it is later. Sort order is 2.1.0~beta3 -> 2.1.0~beta-yymmdd -> 2.1.0 -> 2.1.0-yymmdd. Signed-off-by: Joe Slater --- meta-oe/recipes-devtools/luajit/luajit_git.bb | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/meta-oe/recipes-devtools/luajit/luajit_git.bb b/meta-oe/recipes-devtools/luajit/luajit_git.bb index cc9039416..6573efcd9 100644 --- a/meta-oe/recipes-devtools/luajit/luajit_git.bb +++ b/meta-oe/recipes-devtools/luajit/luajit_git.bb @@ -3,13 +3,15 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=d739bb9250a55c124a545b588fd76771" HOMEPAGE = "http://luajit.org"; -PV = "2.1.0~beta3" -SRCREV = "0ad60ccbc3768fa8e3e726858adf261950edbc22" SRC_URI = "git://luajit.org/git/luajit-2.0.git;protocol=http;branch=v2.1 \ file://0001-Do-not-strip-automatically-this-leaves-the-stripping.patch \ file://clang.patch \ " +# Set PV to a version tag and date associated with SRCREV if it is later. +PV = "2.1.0~beta3-200809" +SRCREV = "94d4abcca966df2cc423e821bcacd04898f73117" + S = "${WORKDIR}/git" inherit pkgconfig binconfig siteinfo -- 2.17.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#87062): https://lists.openembedded.org/g/openembedded-devel/message/87062 Mute This Topic: https://lists.openembedded.org/mt/76851194/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe] [meta-oe][PATCH 1/1] luajit: advance SRCREV to fix two CVE's
Yeah, I should have checked that out, but why below 2.1.0? If we change the format, we will never have a 2.1.0, But maybe a format of 2.1.0~? or 2.1.0-? would be better. Joe -Original Message- From: Khem Raj Sent: Friday, September 11, 2020 9:49 PM To: Slater, Joseph ; openembedded-devel@lists.openembedded.org Cc: MacLeod, Randy Subject: Re: [oe] [meta-oe][PATCH 1/1] luajit: advance SRCREV to fix two CVE's On 9/11/20 3:06 PM, Joe Slater wrote: > No comments on this? I do not see it has been accepted. Joe Thanks for reminder, there was a comment I made https://lists.openembedded.org/g/openembedded-devel/topic/76607300#86861 patchwork also noticed it. https://patchwork.openembedded.org/patch/176016/ > > -Original Message- > From: openembedded-devel@lists.openembedded.org > On Behalf Of Joe Slater > Sent: Thursday, September 3, 2020 6:58 AM > To: openembedded-devel@lists.openembedded.org > Cc: Slater, Joseph ; MacLeod, Randy > > Subject: [oe] [meta-oe][PATCH 1/1] luajit: advance SRCREV to fix two CVE's > > Fix CVE-2020-15890 and CVE-2020-24372. > > Also change PV format because the reference to 2.1.0-beta3 was already far > behind the SRCREV. Now, base PV on the branch name and date of SRCREV commit. > > Signed-off-by: Joe Slater > --- > meta-oe/recipes-devtools/luajit/luajit_git.bb | 6 -- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/meta-oe/recipes-devtools/luajit/luajit_git.bb > b/meta-oe/recipes-devtools/luajit/luajit_git.bb > index cc9039416..820722195 100644 > --- a/meta-oe/recipes-devtools/luajit/luajit_git.bb > +++ b/meta-oe/recipes-devtools/luajit/luajit_git.bb > @@ -3,13 +3,15 @@ LICENSE = "MIT" > LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=d739bb9250a55c124a545b588fd76771" > HOMEPAGE = "http://luajit.org"; > > -PV = "2.1.0~beta3" > -SRCREV = "0ad60ccbc3768fa8e3e726858adf261950edbc22" > SRC_URI = "git://luajit.org/git/luajit-2.0.git;protocol=http;branch=v2.1 \ > > file://0001-Do-not-strip-automatically-this-leaves-the-stripping.patch \ > file://clang.patch \ > " > > +# Set PV to the branch and date associated with SRCREV. > +PV = "v2.1-200809" > +SRCREV = "94d4abcca966df2cc423e821bcacd04898f73117" > + > S = "${WORKDIR}/git" > > inherit pkgconfig binconfig siteinfo > -- > 2.17.1 > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#87059): https://lists.openembedded.org/g/openembedded-devel/message/87059 Mute This Topic: https://lists.openembedded.org/mt/76607300/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe] [meta-oe][PATCH 1/1] luajit: advance SRCREV to fix two CVE's
No comments on this? I do not see it has been accepted. Joe -Original Message- From: openembedded-devel@lists.openembedded.org On Behalf Of Joe Slater Sent: Thursday, September 3, 2020 6:58 AM To: openembedded-devel@lists.openembedded.org Cc: Slater, Joseph ; MacLeod, Randy Subject: [oe] [meta-oe][PATCH 1/1] luajit: advance SRCREV to fix two CVE's Fix CVE-2020-15890 and CVE-2020-24372. Also change PV format because the reference to 2.1.0-beta3 was already far behind the SRCREV. Now, base PV on the branch name and date of SRCREV commit. Signed-off-by: Joe Slater --- meta-oe/recipes-devtools/luajit/luajit_git.bb | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/meta-oe/recipes-devtools/luajit/luajit_git.bb b/meta-oe/recipes-devtools/luajit/luajit_git.bb index cc9039416..820722195 100644 --- a/meta-oe/recipes-devtools/luajit/luajit_git.bb +++ b/meta-oe/recipes-devtools/luajit/luajit_git.bb @@ -3,13 +3,15 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=d739bb9250a55c124a545b588fd76771" HOMEPAGE = "http://luajit.org"; -PV = "2.1.0~beta3" -SRCREV = "0ad60ccbc3768fa8e3e726858adf261950edbc22" SRC_URI = "git://luajit.org/git/luajit-2.0.git;protocol=http;branch=v2.1 \ file://0001-Do-not-strip-automatically-this-leaves-the-stripping.patch \ file://clang.patch \ " +# Set PV to the branch and date associated with SRCREV. +PV = "v2.1-200809" +SRCREV = "94d4abcca966df2cc423e821bcacd04898f73117" + S = "${WORKDIR}/git" inherit pkgconfig binconfig siteinfo -- 2.17.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#87010): https://lists.openembedded.org/g/openembedded-devel/message/87010 Mute This Topic: https://lists.openembedded.org/mt/76607300/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-oe][PATCH 1/1] luajit: advance SRCREV to fix two CVE's
Fix CVE-2020-15890 and CVE-2020-24372. Also change PV format because the reference to 2.1.0-beta3 was already far behind the SRCREV. Now, base PV on the branch name and date of SRCREV commit. Signed-off-by: Joe Slater --- meta-oe/recipes-devtools/luajit/luajit_git.bb | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/meta-oe/recipes-devtools/luajit/luajit_git.bb b/meta-oe/recipes-devtools/luajit/luajit_git.bb index cc9039416..820722195 100644 --- a/meta-oe/recipes-devtools/luajit/luajit_git.bb +++ b/meta-oe/recipes-devtools/luajit/luajit_git.bb @@ -3,13 +3,15 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=d739bb9250a55c124a545b588fd76771" HOMEPAGE = "http://luajit.org"; -PV = "2.1.0~beta3" -SRCREV = "0ad60ccbc3768fa8e3e726858adf261950edbc22" SRC_URI = "git://luajit.org/git/luajit-2.0.git;protocol=http;branch=v2.1 \ file://0001-Do-not-strip-automatically-this-leaves-the-stripping.patch \ file://clang.patch \ " +# Set PV to the branch and date associated with SRCREV. +PV = "v2.1-200809" +SRCREV = "94d4abcca966df2cc423e821bcacd04898f73117" + S = "${WORKDIR}/git" inherit pkgconfig binconfig siteinfo -- 2.17.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#86859): https://lists.openembedded.org/g/openembedded-devel/message/86859 Mute This Topic: https://lists.openembedded.org/mt/76607300/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [v2][meta-oe][PATCH 1/1] openjpeg: fix CVE-2020-15389
Backport from github meta-xilinx-tools. Signed-off-by: Joe Slater --- .../openjpeg/openjpeg/CVE-2020-15389.patch| 51 +++ .../openjpeg/openjpeg_2.3.1.bb| 1 + 2 files changed, 52 insertions(+) create mode 100644 meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2020-15389.patch diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2020-15389.patch b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2020-15389.patch new file mode 100644 index 0..5c5d3f48e --- /dev/null +++ b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2020-15389.patch @@ -0,0 +1,51 @@ +From e8e258ab049240c2dd1f1051b4e773b21e2d3dc0 Mon Sep 17 00:00:00 2001 +From: Even Rouault +Date: Sun, 28 Jun 2020 14:19:59 +0200 +Subject: [PATCH] opj_decompress: fix double-free on input directory with mix + of valid and invalid images (CVE-2020-15389) + +Fixes #1261 + +Credits to @Ruia-ruia for reporting and analysis. +--- + src/bin/jp2/opj_decompress.c | 8 + 1 file changed, 4 insertions(+), 4 deletions(-) + +--- end of original header --- + +CVE: CVE-2020-15389 + +Upstream-Status: Backport [git://github.com/uclouvain/openjpeg.git] + +Signed-off-by: Joe Slater + +--- +diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c +index 7eeb0952..2634907f 100644 +--- a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c +@@ -1316,10 +1316,6 @@ static opj_image_t* upsample_image_components(opj_image_t* original) + int main(int argc, char **argv) + { + opj_decompress_parameters parameters; /* decompression parameters */ +-opj_image_t* image = NULL; +-opj_stream_t *l_stream = NULL; /* Stream */ +-opj_codec_t* l_codec = NULL;/* Handle to a decompressor */ +-opj_codestream_index_t* cstr_index = NULL; + + OPJ_INT32 num_images, imageno; + img_fol_t img_fol; +@@ -1393,6 +1389,10 @@ int main(int argc, char **argv) + + /*Decoding image one by one*/ + for (imageno = 0; imageno < num_images ; imageno++) { ++opj_image_t* image = NULL; ++opj_stream_t *l_stream = NULL; /* Stream */ ++opj_codec_t* l_codec = NULL;/* Handle to a decompressor */ ++opj_codestream_index_t* cstr_index = NULL; + + if (!parameters.quiet) { + fprintf(stderr, "\n"); +-- +2.17.1 + diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.3.1.bb b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.3.1.bb index 42011efa9..a0740a274 100644 --- a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.3.1.bb +++ b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.3.1.bb @@ -10,6 +10,7 @@ SRC_URI = " \ file://0002-Do-not-ask-cmake-to-export-binaries-they-don-t-make-.patch \ file://CVE-2020-6851.patch \ file://CVE-2020-8112.patch \ +file://CVE-2020-15389.patch \ " SRCREV = "57096325457f96d8cd07bd3af04fe81d7a2ba788" S = "${WORKDIR}/git" -- 2.17.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#86763): https://lists.openembedded.org/g/openembedded-devel/message/86763 Mute This Topic: https://lists.openembedded.org/mt/76570072/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-oe][PATCH 1/1] lua: fix CVE-2020-15945
From: Wenlin Kang Backport with modifications to apply successfully. Signed-off-by: Wenlin Kang Signed-off-by: Joe Slater --- .../lua/lua/CVE-2020-15945.patch | 167 ++ meta-oe/recipes-devtools/lua/lua_5.3.5.bb | 1 + 2 files changed, 168 insertions(+) create mode 100644 meta-oe/recipes-devtools/lua/lua/CVE-2020-15945.patch diff --git a/meta-oe/recipes-devtools/lua/lua/CVE-2020-15945.patch b/meta-oe/recipes-devtools/lua/lua/CVE-2020-15945.patch new file mode 100644 index 0..89ce49148 --- /dev/null +++ b/meta-oe/recipes-devtools/lua/lua/CVE-2020-15945.patch @@ -0,0 +1,167 @@ +From d8d344365945a534f700c82c5dd26f704f89fef3 Mon Sep 17 00:00:00 2001 +From: Roberto Ierusalimschy +Date: Wed, 5 Aug 2020 16:59:58 +0800 +Subject: [PATCH] Fixed bug: invalid 'oldpc' when returning to a function + +The field 'L->oldpc' is not always updated when control returns to a +function; an invalid value can seg. fault when computing 'changedline'. +(One example is an error in a finalizer; control can return to +'luaV_execute' without executing 'luaD_poscall'.) Instead of trying to +fix all possible corner cases, it seems safer to be resilient to invalid +values for 'oldpc'. Valid but wrong values at most cause an extra call +to a line hook. + +CVE: CVE-2020-15945 + +[Adjust the code to be applicable to the tree] + +Upstream-Status: Backport [https://github.com/lua/lua/commit/a2195644d89812e5b157ce7bac35543e06db05e3] + +Signed-off-by: Wenlin Kang +Signed-off-by: Joe Slater + +--- + src/ldebug.c | 30 +++--- + src/ldebug.h | 4 + src/ldo.c| 2 +- + src/lstate.c | 1 + + src/lstate.h | 2 +- + 5 files changed, 22 insertions(+), 17 deletions(-) + +diff --git a/src/ldebug.c b/src/ldebug.c +index 239affb..832b16c 100644 +--- a/src/ldebug.c b/src/ldebug.c +@@ -34,9 +34,8 @@ + #define noLuaClosure(f) ((f) == NULL || (f)->c.tt == LUA_TCCL) + + +-/* Active Lua function (given call info) */ +-#define ci_func(ci) (clLvalue((ci)->func)) +- ++/* inverse of 'pcRel' */ ++#define invpcRel(pc, p)((p)->code + (pc) + 1) + + static const char *funcnamefromcode (lua_State *L, CallInfo *ci, + const char **name); +@@ -71,20 +70,18 @@ static void swapextra (lua_State *L) { + + /* + ** This function can be called asynchronously (e.g. during a signal). +-** Fields 'oldpc', 'basehookcount', and 'hookcount' (set by +-** 'resethookcount') are for debug only, and it is no problem if they +-** get arbitrary values (causes at most one wrong hook call). 'hookmask' +-** is an atomic value. We assume that pointers are atomic too (e.g., gcc +-** ensures that for all platforms where it runs). Moreover, 'hook' is +-** always checked before being called (see 'luaD_hook'). ++** Fields 'basehookcount' and 'hookcount' (set by 'resethookcount') ++** are for debug only, and it is no problem if they get arbitrary ++** values (causes at most one wrong hook call). 'hookmask' is an atomic ++** value. We assume that pointers are atomic too (e.g., gcc ensures that ++** for all platforms where it runs). Moreover, 'hook' is always checked ++** before being called (see 'luaD_hook'). + */ + LUA_API void lua_sethook (lua_State *L, lua_Hook func, int mask, int count) { + if (func == NULL || mask == 0) { /* turn off hooks? */ + mask = 0; + func = NULL; + } +- if (isLua(L->ci)) +-L->oldpc = L->ci->u.l.savedpc; + L->hook = func; + L->basehookcount = count; + resethookcount(L); +@@ -665,7 +662,10 @@ l_noret luaG_runerror (lua_State *L, const char *fmt, ...) { + void luaG_traceexec (lua_State *L) { + CallInfo *ci = L->ci; + lu_byte mask = L->hookmask; ++ const Proto *p = ci_func(ci)->p; + int counthook = (--L->hookcount == 0 && (mask & LUA_MASKCOUNT)); ++ /* 'L->oldpc' may be invalid; reset it in this case */ ++ int oldpc = (L->oldpc < p->sizecode) ? L->oldpc : 0; + if (counthook) + resethookcount(L); /* reset count */ + else if (!(mask & LUA_MASKLINE)) +@@ -677,15 +677,15 @@ void luaG_traceexec (lua_State *L) { + if (counthook) + luaD_hook(L, LUA_HOOKCOUNT, -1); /* call count hook */ + if (mask & LUA_MASKLINE) { +-Proto *p = ci_func(ci)->p; + int npc = pcRel(ci->u.l.savedpc, p); + int newline = getfuncline(p, npc); + if (npc == 0 || /* call linehook when enter a new function, */ +-ci->u.l.savedpc <= L->oldpc || /* when jump back (loop), or when */ +-newline != getfuncline(p, pcRel(L->oldpc, p))) /* enter a new line */ ++ci->u.l.savedpc <= invpcRel(oldpc, p) || /* when jump back (loop), or when */ ++ne
[oe] [meta-oe][PATCH 1/1] openjpeg: fix CVE-2020-15389
Backport from github meta-xilinx-tools. Signed-off-by: Joe Slater --- .../openjpeg/openjpeg/CVE-2020-15389.patch| 51 +++ .../openjpeg/openjpeg_2.3.1.bb| 1 + 2 files changed, 52 insertions(+) create mode 100644 meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2020-15389.patch diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2020-15389.patch b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2020-15389.patch new file mode 100644 index 0..5c5d3f48e --- /dev/null +++ b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2020-15389.patch @@ -0,0 +1,51 @@ +From e8e258ab049240c2dd1f1051b4e773b21e2d3dc0 Mon Sep 17 00:00:00 2001 +From: Even Rouault +Date: Sun, 28 Jun 2020 14:19:59 +0200 +Subject: [PATCH] opj_decompress: fix double-free on input directory with mix + of valid and invalid images (CVE-2020-15389) + +Fixes #1261 + +Credits to @Ruia-ruia for reporting and analysis. +--- + src/bin/jp2/opj_decompress.c | 8 + 1 file changed, 4 insertions(+), 4 deletions(-) + +--- end of original header --- + +CVE: CVE-2020-15389 + +Upstream-Status: Backport [git://github/uclouvain/openjpeg.git] + +Signed-off-by: Joe Slater + +--- +diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c +index 7eeb0952..2634907f 100644 +--- a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c +@@ -1316,10 +1316,6 @@ static opj_image_t* upsample_image_components(opj_image_t* original) + int main(int argc, char **argv) + { + opj_decompress_parameters parameters; /* decompression parameters */ +-opj_image_t* image = NULL; +-opj_stream_t *l_stream = NULL; /* Stream */ +-opj_codec_t* l_codec = NULL;/* Handle to a decompressor */ +-opj_codestream_index_t* cstr_index = NULL; + + OPJ_INT32 num_images, imageno; + img_fol_t img_fol; +@@ -1393,6 +1389,10 @@ int main(int argc, char **argv) + + /*Decoding image one by one*/ + for (imageno = 0; imageno < num_images ; imageno++) { ++opj_image_t* image = NULL; ++opj_stream_t *l_stream = NULL; /* Stream */ ++opj_codec_t* l_codec = NULL;/* Handle to a decompressor */ ++opj_codestream_index_t* cstr_index = NULL; + + if (!parameters.quiet) { + fprintf(stderr, "\n"); +-- +2.17.1 + diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.3.1.bb b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.3.1.bb index 42011efa9..a0740a274 100644 --- a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.3.1.bb +++ b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.3.1.bb @@ -10,6 +10,7 @@ SRC_URI = " \ file://0002-Do-not-ask-cmake-to-export-binaries-they-don-t-make-.patch \ file://CVE-2020-6851.patch \ file://CVE-2020-8112.patch \ +file://CVE-2020-15389.patch \ " SRCREV = "57096325457f96d8cd07bd3af04fe81d7a2ba788" S = "${WORKDIR}/git" -- 2.17.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#86760): https://lists.openembedded.org/g/openembedded-devel/message/86760 Mute This Topic: https://lists.openembedded.org/mt/76565562/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-networking][V2][PATCH 1/1] aoetool: make builds reproducible
Strip host path infomation out of binaries by not suppressing default CFLAGS. Signed-off-by: Joe Slater --- .../aoetools/reproducible-build.patch | 21 +++ .../recipes-support/aoetools/aoetools_36.bb | 1 + 2 files changed, 22 insertions(+) create mode 100644 meta-networking/recipes-support/aoetools/aoetools/reproducible-build.patch diff --git a/meta-networking/recipes-support/aoetools/aoetools/reproducible-build.patch b/meta-networking/recipes-support/aoetools/aoetools/reproducible-build.patch new file mode 100644 index 0..2cbd5016d --- /dev/null +++ b/meta-networking/recipes-support/aoetools/aoetools/reproducible-build.patch @@ -0,0 +1,21 @@ +aoetools: modify CFLAGS for reproducible build + +Use the build system CFLAGS, if provided. + +Upstream-Status: Pending + +Signed-off-by: Joe Slater + + +--- aoetools-36.orig/Makefile aoetools-36/Makefile +@@ -40,7 +40,8 @@ NPERSHELF=16 + CONF_SCRIPTS = aoe-discover aoe-interfaces aoe-mkshelf aoe-revalidate aoe-flush aoe-stat + PROGS = aoeping aoecfg aoe-sancheck + COMMANDS := ${CONF_SCRIPTS} aoe-mkdevs aoe-version coraid-update ${PROGS} +-CFLAGS = -Wall -O -g ++# Provide a default. ++CFLAGS ?= -Wall -O -g + SANCHECKLIBS = -lpthread + + AOE_PING_OBJ = aoeping.o linux.o diff --git a/meta-networking/recipes-support/aoetools/aoetools_36.bb b/meta-networking/recipes-support/aoetools/aoetools_36.bb index 9b73b442a..60f3dc9b2 100644 --- a/meta-networking/recipes-support/aoetools/aoetools_36.bb +++ b/meta-networking/recipes-support/aoetools/aoetools_36.bb @@ -13,6 +13,7 @@ RRECOMMENDS_${PN} = "kernel-module-aoe" SRC_URI = "http://sourceforge.net/projects/${BPN}/files/${BPN}/${BPN}-${PV}.tar.gz \ file://aoe-stat-no-bashism.patch \ file://makefile-add-ldflags.patch \ + file://reproducible-build.patch \ " SRC_URI[md5sum] = "bff30daa988a65f69d4448ce4726a6db" SRC_URI[sha256sum] = "fb5e2cd0de7644cc1ec04ee3aeb43211cf7445a0c19e13d6b3ed5a8fbdf215ff" -- 2.24.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#86439): https://lists.openembedded.org/g/openembedded-devel/message/86439 Mute This Topic: https://lists.openembedded.org/mt/76267723/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe] [meta-networking][PATCH 1/1] aoetool: make builds reproducible
Fine with me, but I thought there could be some reason they REALLY want -O. Assuming it builds, I'll send a V2 Joe -Original Message- From: Khem Raj Sent: Thursday, August 13, 2020 3:25 PM To: Slater, Joseph Cc: openembeded-devel ; MacLeod, Randy Subject: Re: [oe] [meta-networking][PATCH 1/1] aoetool: make builds reproducible On Thu, Aug 13, 2020 at 12:40 PM Joe Slater wrote: > > Strip host path infomation out of binaries by not suppressing default > CFLAGS. > > Signed-off-by: Joe Slater > --- > .../aoetools/aoetools/reproducible-build.patch | 12 > .../recipes-support/aoetools/aoetools_36.bb | 1 + > 2 files changed, 13 insertions(+) > create mode 100644 > meta-networking/recipes-support/aoetools/aoetools/reproducible-build.p > atch > > diff --git > a/meta-networking/recipes-support/aoetools/aoetools/reproducible-build > .patch > b/meta-networking/recipes-support/aoetools/aoetools/reproducible-build > .patch > new file mode 100644 > index 0..4939ab25c > --- /dev/null > +++ b/meta-networking/recipes-support/aoetools/aoetools/reproducible-b > +++ uild.patch > @@ -0,0 +1,12 @@ > +--- a/Makefile > b/Makefile > +@@ -40,7 +40,8 @@ NPERSHELF=16 > + CONF_SCRIPTS = aoe-discover aoe-interfaces aoe-mkshelf > +aoe-revalidate aoe-flush aoe-stat PROGS = aoeping aoecfg > +aoe-sancheck COMMANDS := ${CONF_SCRIPTS} aoe-mkdevs aoe-version > +coraid-update ${PROGS} -CFLAGS = -Wall -O -g > ++# We could still override this on the command line. > ++CFLAGS += -Wall -O -g Perhaps use ?= here, since -O will override the default optimization that bitbake will pass in env > + SANCHECKLIBS = -lpthread > + > + AOE_PING_OBJ = aoeping.o linux.o > diff --git a/meta-networking/recipes-support/aoetools/aoetools_36.bb > b/meta-networking/recipes-support/aoetools/aoetools_36.bb > index 9b73b442a..60f3dc9b2 100644 > --- a/meta-networking/recipes-support/aoetools/aoetools_36.bb > +++ b/meta-networking/recipes-support/aoetools/aoetools_36.bb > @@ -13,6 +13,7 @@ RRECOMMENDS_${PN} = "kernel-module-aoe" > SRC_URI = > "http://sourceforge.net/projects/${BPN}/files/${BPN}/${BPN}-${PV}.tar.gz \ > file://aoe-stat-no-bashism.patch \ > file://makefile-add-ldflags.patch \ > + file://reproducible-build.patch \ > " > SRC_URI[md5sum] = "bff30daa988a65f69d4448ce4726a6db" > SRC_URI[sha256sum] = > "fb5e2cd0de7644cc1ec04ee3aeb43211cf7445a0c19e13d6b3ed5a8fbdf215ff" > -- > 2.24.1 > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#86410): https://lists.openembedded.org/g/openembedded-devel/message/86410 Mute This Topic: https://lists.openembedded.org/mt/76174679/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-networking][PATCH 1/1] aoetool: make builds reproducible
Strip host path infomation out of binaries by not suppressing default CFLAGS. Signed-off-by: Joe Slater --- .../aoetools/aoetools/reproducible-build.patch | 12 .../recipes-support/aoetools/aoetools_36.bb | 1 + 2 files changed, 13 insertions(+) create mode 100644 meta-networking/recipes-support/aoetools/aoetools/reproducible-build.patch diff --git a/meta-networking/recipes-support/aoetools/aoetools/reproducible-build.patch b/meta-networking/recipes-support/aoetools/aoetools/reproducible-build.patch new file mode 100644 index 0..4939ab25c --- /dev/null +++ b/meta-networking/recipes-support/aoetools/aoetools/reproducible-build.patch @@ -0,0 +1,12 @@ +--- a/Makefile b/Makefile +@@ -40,7 +40,8 @@ NPERSHELF=16 + CONF_SCRIPTS = aoe-discover aoe-interfaces aoe-mkshelf aoe-revalidate aoe-flush aoe-stat + PROGS = aoeping aoecfg aoe-sancheck + COMMANDS := ${CONF_SCRIPTS} aoe-mkdevs aoe-version coraid-update ${PROGS} +-CFLAGS = -Wall -O -g ++# We could still override this on the command line. ++CFLAGS += -Wall -O -g + SANCHECKLIBS = -lpthread + + AOE_PING_OBJ = aoeping.o linux.o diff --git a/meta-networking/recipes-support/aoetools/aoetools_36.bb b/meta-networking/recipes-support/aoetools/aoetools_36.bb index 9b73b442a..60f3dc9b2 100644 --- a/meta-networking/recipes-support/aoetools/aoetools_36.bb +++ b/meta-networking/recipes-support/aoetools/aoetools_36.bb @@ -13,6 +13,7 @@ RRECOMMENDS_${PN} = "kernel-module-aoe" SRC_URI = "http://sourceforge.net/projects/${BPN}/files/${BPN}/${BPN}-${PV}.tar.gz \ file://aoe-stat-no-bashism.patch \ file://makefile-add-ldflags.patch \ + file://reproducible-build.patch \ " SRC_URI[md5sum] = "bff30daa988a65f69d4448ce4726a6db" SRC_URI[sha256sum] = "fb5e2cd0de7644cc1ec04ee3aeb43211cf7445a0c19e13d6b3ed5a8fbdf215ff" -- 2.24.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#86357): https://lists.openembedded.org/g/openembedded-devel/message/86357 Mute This Topic: https://lists.openembedded.org/mt/76174679/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe] [meta-oe][PATCH 1/1] mozjs: specify TMPDIR
The symptom seems to be that sometimes, when a lot of similar tempfiles are created under /tmp, a file will be created that cannot be read once the original fd is closed. Moving where these files are created might avoid some underlying problem, but it also might just reduce the failure rate to something so low that you never see it. There should probably be more investigation into what is going on, but it is hard to put much effort into dealing with something that (usually) occurs very rarely and is easily avoided. Joe -Original Message- From: Khem Raj Sent: Tuesday, August 11, 2020 4:04 PM To: Slater, Joseph Cc: openembeded-devel ; MacLeod, Randy Subject: Re: [oe] [meta-oe][PATCH 1/1] mozjs: specify TMPDIR On Tue, Aug 11, 2020 at 2:02 PM Joe Slater wrote: > > Although it is extremely rare the following type of error can occur > during configuration: > > Creating `/tmp/conftest.i53clm4z.cpp` with content: > ... > x86_64-wrs-linux-g++: error: /tmp/conftest.i53clm4z.cpp: No such file > or directory > x86_64-wrs-linux-g++: error: /tmp/conftest.i53clm4z.cpp: No such file > or directory > x86_64-wrs-linux-g++: fatal error: no input files > > So, specify a local directory as TMPDIR during configuration. Do we know the real underlying issue ? it's not clear to me from description /tmp is always mounted on linux build systems so I am assuming its hitting some sort of race condition since /tmp is mounted using tmpfs it might be more evident since its faster whereas when its pointing to custom dir on HDD its hiding the underlying issue. IOW how is the problem manifested and how is this patch helping ? > > Signed-off-by: Joe Slater > --- > .../dynamic-layers/meta-python/recipes-extended/mozjs/mozjs_60.9.0.bb > | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git > a/meta-oe/dynamic-layers/meta-python/recipes-extended/mozjs/mozjs_60.9 > .0.bb > b/meta-oe/dynamic-layers/meta-python/recipes-extended/mozjs/mozjs_60.9 > .0.bb > index f13a184..629c652 100644 > --- > a/meta-oe/dynamic-layers/meta-python/recipes-extended/mozjs/mozjs_60.9 > .0.bb > +++ b/meta-oe/dynamic-layers/meta-python/recipes-extended/mozjs/mozjs_ > +++ 60.9.0.bb > @@ -100,7 +100,9 @@ do_configure() { > autoconf213 --macrodir=${STAGING_DATADIR_NATIVE}/autoconf213 > old-configure.in > old-configure > > cd ${B} > -${S}/js/src/configure ${EXTRA_OECONF} > +# use of /tmp can causes problems on heavily loaded hosts > +mkdir -p "${B}/lcl_tmp" > +TMPDIR="${B}/lcl_tmp" ${S}/js/src/configure ${EXTRA_OECONF} > > # Make standard Makefile checks pass > touch ${S}/js/src/configure > -- > 2.7.4 > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#86279): https://lists.openembedded.org/g/openembedded-devel/message/86279 Mute This Topic: https://lists.openembedded.org/mt/76135435/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-oe][PATCH 1/1] mozjs: specify TMPDIR
Although it is extremely rare the following type of error can occur during configuration: Creating `/tmp/conftest.i53clm4z.cpp` with content: ... x86_64-wrs-linux-g++: error: /tmp/conftest.i53clm4z.cpp: No such file or directory x86_64-wrs-linux-g++: error: /tmp/conftest.i53clm4z.cpp: No such file or directory x86_64-wrs-linux-g++: fatal error: no input files So, specify a local directory as TMPDIR during configuration. Signed-off-by: Joe Slater --- .../dynamic-layers/meta-python/recipes-extended/mozjs/mozjs_60.9.0.bb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/meta-oe/dynamic-layers/meta-python/recipes-extended/mozjs/mozjs_60.9.0.bb b/meta-oe/dynamic-layers/meta-python/recipes-extended/mozjs/mozjs_60.9.0.bb index f13a184..629c652 100644 --- a/meta-oe/dynamic-layers/meta-python/recipes-extended/mozjs/mozjs_60.9.0.bb +++ b/meta-oe/dynamic-layers/meta-python/recipes-extended/mozjs/mozjs_60.9.0.bb @@ -100,7 +100,9 @@ do_configure() { autoconf213 --macrodir=${STAGING_DATADIR_NATIVE}/autoconf213 old-configure.in > old-configure cd ${B} -${S}/js/src/configure ${EXTRA_OECONF} +# use of /tmp can causes problems on heavily loaded hosts +mkdir -p "${B}/lcl_tmp" +TMPDIR="${B}/lcl_tmp" ${S}/js/src/configure ${EXTRA_OECONF} # Make standard Makefile checks pass touch ${S}/js/src/configure -- 2.7.4 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#86261): https://lists.openembedded.org/g/openembedded-devel/message/86261 Mute This Topic: https://lists.openembedded.org/mt/76135435/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-python][PATCH 1/1] python3-cryptography: fix two tests
Tests depending on the hypothesis module should be skipped if the module is not available. Signed-off-by: Joe Slater --- .../recipes-devtools/python/python3-cryptography/h-test.patch | 10 ++ .../recipes-devtools/python/python3-cryptography_2.8.bb| 1 + 2 files changed, 11 insertions(+) create mode 100644 meta-python/recipes-devtools/python/python3-cryptography/h-test.patch diff --git a/meta-python/recipes-devtools/python/python3-cryptography/h-test.patch b/meta-python/recipes-devtools/python/python3-cryptography/h-test.patch new file mode 100644 index 000..9f07c73 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-cryptography/h-test.patch @@ -0,0 +1,10 @@ +--- a/tests/hypothesis/__init__.py b/tests/hypothesis/__init__.py +@@ -3,3 +3,7 @@ + # for complete details. + + from __future__ import absolute_import, division, print_function ++ ++import pytest ++hypothesis = pytest.importorskip("hypothesis") ++ diff --git a/meta-python/recipes-devtools/python/python3-cryptography_2.8.bb b/meta-python/recipes-devtools/python/python3-cryptography_2.8.bb index c75dabb..95e903b 100644 --- a/meta-python/recipes-devtools/python/python3-cryptography_2.8.bb +++ b/meta-python/recipes-devtools/python/python3-cryptography_2.8.bb @@ -11,6 +11,7 @@ SRC_URI[sha256sum] = "3cda1f0ed8747339bbdf71b9f38ca74c7b592f24f65cdb3ab3765e4b02 SRC_URI += " \ file://run-ptest \ +file://h-test.patch \ " inherit pypi setuptools3 -- 2.7.4 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#86097): https://lists.openembedded.org/g/openembedded-devel/message/86097 Mute This Topic: https://lists.openembedded.org/mt/75910995/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-oe][PATCH 1/1] lua: Security Advisory - lua - CVE-2020-15888
From: Yue Tao Backport fix from https://github.com/lua/lua.git. Signed-off-by: Yue Tao Signed-off-by: Joe Slater --- .../lua/lua/CVE-2020-15888.patch | 45 +++ meta-oe/recipes-devtools/lua/lua_5.3.5.bb | 1 + 2 files changed, 46 insertions(+) create mode 100644 meta-oe/recipes-devtools/lua/lua/CVE-2020-15888.patch diff --git a/meta-oe/recipes-devtools/lua/lua/CVE-2020-15888.patch b/meta-oe/recipes-devtools/lua/lua/CVE-2020-15888.patch new file mode 100644 index 0..60a412597 --- /dev/null +++ b/meta-oe/recipes-devtools/lua/lua/CVE-2020-15888.patch @@ -0,0 +1,45 @@ +From 6298903e35217ab69c279056f925fb72900ce0b7 Mon Sep 17 00:00:00 2001 +From: Roberto Ierusalimschy +Date: Mon, 6 Jul 2020 12:11:54 -0300 +Subject: [PATCH] Keep minimum size when shrinking a stack + +When shrinking a stack (during GC), do not make it smaller than the +initial stack size. +--- + ldo.c | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + end of original header + +CVE: CVE-2020-15888 + +Upstream-Status: backport [https://github.com/lua/lua.git] + +Signed-off-by: Joe Slater + + +diff --git a/ldo.c b/ldo.c +index c563b1d9..a89ac010 100644 +--- a/src/ldo.c b/src/ldo.c +@@ -220,7 +220,7 @@ static int stackinuse (lua_State *L) { + + void luaD_shrinkstack (lua_State *L) { + int inuse = stackinuse(L); +- int goodsize = inuse + (inuse / 8) + 2*EXTRA_STACK; ++ int goodsize = inuse + BASIC_STACK_SIZE; + if (goodsize > LUAI_MAXSTACK) + goodsize = LUAI_MAXSTACK; /* respect stack limit */ + if (L->stacksize > LUAI_MAXSTACK) /* had been handling stack overflow? */ +@@ -229,8 +229,7 @@ void luaD_shrinkstack (lua_State *L) { + luaE_shrinkCI(L); /* shrink list */ + /* if thread is currently not handling a stack overflow and its + good size is smaller than current size, shrink its stack */ +- if (inuse <= (LUAI_MAXSTACK - EXTRA_STACK) && +- goodsize < L->stacksize) ++ if (inuse <= (LUAI_MAXSTACK - EXTRA_STACK) && goodsize < L->stacksize) + luaD_reallocstack(L, goodsize); + else /* don't change stack */ + condmovestack(L,{},{}); /* (change only for debugging) */ +-- +2.17.1 + diff --git a/meta-oe/recipes-devtools/lua/lua_5.3.5.bb b/meta-oe/recipes-devtools/lua/lua_5.3.5.bb index a23a4a5da..d3461b06d 100644 --- a/meta-oe/recipes-devtools/lua/lua_5.3.5.bb +++ b/meta-oe/recipes-devtools/lua/lua_5.3.5.bb @@ -7,6 +7,7 @@ HOMEPAGE = "http://www.lua.org/"; SRC_URI = "http://www.lua.org/ftp/lua-${PV}.tar.gz;name=tarballsrc \ file://lua.pc.in \ file://0001-Allow-building-lua-without-readline-on-Linux.patch \ + file://CVE-2020-15888.patch \ " # if no test suite matches PV release of Lua exactly, download the suite for the closest Lua release. -- 2.17.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#86017): https://lists.openembedded.org/g/openembedded-devel/message/86017 Mute This Topic: https://lists.openembedded.org/mt/75849131/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [v2 resend][meta-oe][PATCH 1/1] lvm2: allow for reproducible binary builds
Modify original method to eliminate conditional patching of configure.ac. Use SOURCE_DATE_EPOCH which is required for reproducible binaries. Signed-off-by: Joe Slater --- .../recipes-support/lvm2/files/reproducible-build.patch | 16 ++-- meta-oe/recipes-support/lvm2/lvm2.inc| 2 +- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/meta-oe/recipes-support/lvm2/files/reproducible-build.patch b/meta-oe/recipes-support/lvm2/files/reproducible-build.patch index db598a8..3f53db9 100644 --- a/meta-oe/recipes-support/lvm2/files/reproducible-build.patch +++ b/meta-oe/recipes-support/lvm2/files/reproducible-build.patch @@ -1,23 +1,27 @@ configure.ac: override CONFIGURE_LINE For reproducible binaries, we need to report a constant CONFIGURE_LINE. -This patched is only applied for such builds. -Upstream-Status: Inappropriate [oe specific] +Upstream-Status: Pending Signed-off-by: Joe Slater --- git.orig/configure.ac +++ git/configure.ac -@@ -15,7 +15,10 @@ AC_PREREQ(2.69) +@@ -15,7 +15,15 @@ AC_PREREQ(2.69) dnl -- Process this file with autoconf to produce a configure script. AC_INIT -CONFIGURE_LINE="$0 $@" -+dnl The default CONFIGURE_LINE has been overridden for reproducible binaries -+dnl CONFIGURE_LINE="$0 $@" -+CONFIGURE_LINE="configure parameters are not available for reproducible builds" ++ ++dnl per reproducible-builds.org check SOURCE_DATE_EPOCH ++dnl ++if test -z "${SOURCE_DATE_EPOCH+set}" ; then ++CONFIGURE_LINE="$0 $@" ++else ++CONFIGURE_LINE="configure options are not available for reproducible builds" ++fi + AC_CONFIG_SRCDIR([lib/device/dev-cache.h]) AC_CONFIG_HEADERS([include/configure.h]) diff --git a/meta-oe/recipes-support/lvm2/lvm2.inc b/meta-oe/recipes-support/lvm2/lvm2.inc index ab618b4..3c6c7ed 100644 --- a/meta-oe/recipes-support/lvm2/lvm2.inc +++ b/meta-oe/recipes-support/lvm2/lvm2.inc @@ -15,7 +15,7 @@ SRC_URI = "git://sourceware.org/git/lvm2.git \ file://0001-Avoid-bashisms-in-init-scripts.patch \ file://0005-do-not-build-manual.patch \ file://0006-start-lvm2-monitor.service-after-tmp.mount.patch \ - ${@bb.utils.contains('BUILD_REPRODUCIBLE_BINARIES','1','file://reproducible-build.patch','', d)} \ + file://reproducible-build.patch \ " SRCREV = "b9391b1b9f0b73303fa21f8f92574d17ce4c2b02" -- 2.7.4 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#85909): https://lists.openembedded.org/g/openembedded-devel/message/85909 Mute This Topic: https://lists.openembedded.org/mt/75768903/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [v2][meta-oe][PATCH 1/1] lvm2: allow for reproducible binary builds
Modify original method to eliminate conditional patching of configure.ac. Use SOURCE_DATE_EPOCH which is required for reproducible binaries. Signed-off-by: Joe Slater --- .../recipes-support/lvm2/files/reproducible-build.patch | 16 ++-- meta-oe/recipes-support/lvm2/lvm2.inc| 2 +- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/meta-oe/recipes-support/lvm2/files/reproducible-build.patch b/meta-oe/recipes-support/lvm2/files/reproducible-build.patch index db598a8..3f53db9 100644 --- a/meta-oe/recipes-support/lvm2/files/reproducible-build.patch +++ b/meta-oe/recipes-support/lvm2/files/reproducible-build.patch @@ -1,23 +1,27 @@ configure.ac: override CONFIGURE_LINE For reproducible binaries, we need to report a constant CONFIGURE_LINE. -This patched is only applied for such builds. -Upstream-Status: Inappropriate [oe specific] +Upstream-Status: Pending Signed-off-by: Joe Slater --- git.orig/configure.ac +++ git/configure.ac -@@ -15,7 +15,10 @@ AC_PREREQ(2.69) +@@ -15,7 +15,15 @@ AC_PREREQ(2.69) dnl -- Process this file with autoconf to produce a configure script. AC_INIT -CONFIGURE_LINE="$0 $@" -+dnl The default CONFIGURE_LINE has been overridden for reproducible binaries -+dnl CONFIGURE_LINE="$0 $@" -+CONFIGURE_LINE="configure parameters are not available for reproducible builds" ++ ++dnl per reproducible-builds.org check SOURCE_DATE_EPOCH ++dnl ++if test -z "${SOURCE_DATE_EPOCH+set}" ; then ++CONFIGURE_LINE="$0 $@" ++else ++CONFIGURE_LINE="configure options are not available for reproducible builds" ++fi + AC_CONFIG_SRCDIR([lib/device/dev-cache.h]) AC_CONFIG_HEADERS([include/configure.h]) diff --git a/meta-oe/recipes-support/lvm2/lvm2.inc b/meta-oe/recipes-support/lvm2/lvm2.inc index ab618b4..3c6c7ed 100644 --- a/meta-oe/recipes-support/lvm2/lvm2.inc +++ b/meta-oe/recipes-support/lvm2/lvm2.inc @@ -15,7 +15,7 @@ SRC_URI = "git://sourceware.org/git/lvm2.git \ file://0001-Avoid-bashisms-in-init-scripts.patch \ file://0005-do-not-build-manual.patch \ file://0006-start-lvm2-monitor.service-after-tmp.mount.patch \ - ${@bb.utils.contains('BUILD_REPRODUCIBLE_BINARIES','1','file://reproducible-build.patch','', d)} \ + file://reproducible-build.patch \ " SRCREV = "b9391b1b9f0b73303fa21f8f92574d17ce4c2b02" -- 2.7.4 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#85885): https://lists.openembedded.org/g/openembedded-devel/message/85885 Mute This Topic: https://lists.openembedded.org/mt/75751534/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-oe][PATCH 1/1][v2] toybox-inittab: unpack to S
toybox-inittab does not unpack source files into S, so the archiver cannot see them. We copy them to a sub-directory in order to keep the originals available if running do_configure() (again) without first running do_unpack(). Signed-off-by: Joe Slater --- .../recipes-core/toybox/toybox-inittab_0.8.2.bb | 15 +-- 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/meta-oe/recipes-core/toybox/toybox-inittab_0.8.2.bb b/meta-oe/recipes-core/toybox/toybox-inittab_0.8.2.bb index 9af1e3f14..f82f8e9ce 100644 --- a/meta-oe/recipes-core/toybox/toybox-inittab_0.8.2.bb +++ b/meta-oe/recipes-core/toybox/toybox-inittab_0.8.2.bb @@ -2,10 +2,12 @@ SUMMARY = "Toybox Inittab Configuration" LICENSE = "BSD-0-Clause" LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/BSD-0-Clause;md5=81eeb0083e31f11ab1e33ded846d521c" +# Unpack to ${S}/orig +# SRC_URI = "\ -file://inittab \ -file://rcK \ -file://rcS \ +file://inittab;subdir=${BP}/orig \ +file://rcK;subdir=${BP}/orig \ +file://rcS;subdir=${BP}/orig \ " PACKAGE_ARCH = "${MACHINE_ARCH}" @@ -15,6 +17,9 @@ RCONFLICTS_${PN} = "\ sysvinit-inittab \ " +# Just being sure. +B = "${S}" + # most users may want to have getty enabled by default PACKAGECONFIG ??= "getty" @@ -26,9 +31,7 @@ do_patch[noexec] = "1" do_configure() { # copy over files now to have a fresh start on each config - for f in inittab rcK rcS; do - cp ${WORKDIR}/$f ${S} - done + cp orig/* . for config in ${PACKAGECONFIG_CONFARGS}; do if [[ ${config} == "enable_getty" ]]; then -- 2.17.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#85850): https://lists.openembedded.org/g/openembedded-devel/message/85850 Mute This Topic: https://lists.openembedded.org/mt/75713808/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-oe][PATCH 0/1][v2] toybox-inittab unpack to S
Should apply to master or master-next. Built for both using poky. Joe Slater (1): toybox-inittab: unpack to S .../recipes-core/toybox/toybox-inittab_0.8.2.bb | 15 +-- 1 file changed, 9 insertions(+), 6 deletions(-) -- 2.17.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#85849): https://lists.openembedded.org/g/openembedded-devel/message/85849 Mute This Topic: https://lists.openembedded.org/mt/75713802/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [oe] [meta-oe][PATCH 1/1] lvm2: reproducible binaries
I have not looked at when it is printed, probably for --help or --version, but we would not be able to see the command line that invoked configure. To me, that's not much of a loss. I originally had a patch that would allow the definition of CONFIGURE_LINE in configure.ac to be overridden by setting it in the environment. We could then do that, or not, in the recipe. Maybe even make it a packageconf option. I can't remember why I switched to conditional patching, but I could always switch back. Joe -Original Message- From: Khem Raj Sent: Monday, July 20, 2020 2:40 PM To: Slater, Joseph Cc: openembeded-devel ; MacLeod, Randy Subject: Re: [oe] [meta-oe][PATCH 1/1] lvm2: reproducible binaries On Fri, Jul 17, 2020 at 2:00 PM Joe Slater wrote: > > For reproducible binaries, create a static CONFIGURE_LINE during > configuration rather than reporting the command line invoking > configure. > is there any downside of applying this patch without conditional dependency on reproducible builds ? what do we lose ? > Signed-off-by: Joe Slater > --- > .../lvm2/files/reproducible-build.patch| 24 > ++ > meta-oe/recipes-support/lvm2/lvm2.inc | 2 ++ > 2 files changed, 26 insertions(+) > create mode 100644 > meta-oe/recipes-support/lvm2/files/reproducible-build.patch > > diff --git > a/meta-oe/recipes-support/lvm2/files/reproducible-build.patch > b/meta-oe/recipes-support/lvm2/files/reproducible-build.patch > new file mode 100644 > index 000..db598a8 > --- /dev/null > +++ b/meta-oe/recipes-support/lvm2/files/reproducible-build.patch > @@ -0,0 +1,24 @@ > +configure.ac: override CONFIGURE_LINE > + > +For reproducible binaries, we need to report a constant CONFIGURE_LINE. > +This patched is only applied for such builds. > + > +Upstream-Status: Inappropriate [oe specific] > + > +Signed-off-by: Joe Slater > + > + > +--- git.orig/configure.ac > git/configure.ac > +@@ -15,7 +15,10 @@ AC_PREREQ(2.69) > + > +# > +### dnl -- Process this file with autoconf to produce a > +configure script. > + AC_INIT > +-CONFIGURE_LINE="$0 $@" > ++dnl The default CONFIGURE_LINE has been overridden for reproducible > ++binaries dnl CONFIGURE_LINE="$0 $@" > ++CONFIGURE_LINE="configure parameters are not available for reproducible > builds" > ++ > + AC_CONFIG_SRCDIR([lib/device/dev-cache.h]) > + AC_CONFIG_HEADERS([include/configure.h]) > + > diff --git a/meta-oe/recipes-support/lvm2/lvm2.inc > b/meta-oe/recipes-support/lvm2/lvm2.inc > index 01c9df4..ab618b4 100644 > --- a/meta-oe/recipes-support/lvm2/lvm2.inc > +++ b/meta-oe/recipes-support/lvm2/lvm2.inc > @@ -15,7 +15,9 @@ SRC_URI = "git://sourceware.org/git/lvm2.git \ > file://0001-Avoid-bashisms-in-init-scripts.patch \ > file://0005-do-not-build-manual.patch \ > > file://0006-start-lvm2-monitor.service-after-tmp.mount.patch \ > + > + ${@bb.utils.contains('BUILD_REPRODUCIBLE_BINARIES','1','file://repro > + ducible-build.patch','', d)} \ > " > + > SRCREV = "b9391b1b9f0b73303fa21f8f92574d17ce4c2b02" > S = "${WORKDIR}/git" > > -- > 2.7.4 > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#85836): https://lists.openembedded.org/g/openembedded-devel/message/85836 Mute This Topic: https://lists.openembedded.org/mt/75621231/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-oe][PATCH 1/1] lvm2: reproducible binaries
For reproducible binaries, create a static CONFIGURE_LINE during configuration rather than reporting the command line invoking configure. Signed-off-by: Joe Slater --- .../lvm2/files/reproducible-build.patch| 24 ++ meta-oe/recipes-support/lvm2/lvm2.inc | 2 ++ 2 files changed, 26 insertions(+) create mode 100644 meta-oe/recipes-support/lvm2/files/reproducible-build.patch diff --git a/meta-oe/recipes-support/lvm2/files/reproducible-build.patch b/meta-oe/recipes-support/lvm2/files/reproducible-build.patch new file mode 100644 index 000..db598a8 --- /dev/null +++ b/meta-oe/recipes-support/lvm2/files/reproducible-build.patch @@ -0,0 +1,24 @@ +configure.ac: override CONFIGURE_LINE + +For reproducible binaries, we need to report a constant CONFIGURE_LINE. +This patched is only applied for such builds. + +Upstream-Status: Inappropriate [oe specific] + +Signed-off-by: Joe Slater + + +--- git.orig/configure.ac git/configure.ac +@@ -15,7 +15,10 @@ AC_PREREQ(2.69) + + dnl -- Process this file with autoconf to produce a configure script. + AC_INIT +-CONFIGURE_LINE="$0 $@" ++dnl The default CONFIGURE_LINE has been overridden for reproducible binaries ++dnl CONFIGURE_LINE="$0 $@" ++CONFIGURE_LINE="configure parameters are not available for reproducible builds" ++ + AC_CONFIG_SRCDIR([lib/device/dev-cache.h]) + AC_CONFIG_HEADERS([include/configure.h]) + diff --git a/meta-oe/recipes-support/lvm2/lvm2.inc b/meta-oe/recipes-support/lvm2/lvm2.inc index 01c9df4..ab618b4 100644 --- a/meta-oe/recipes-support/lvm2/lvm2.inc +++ b/meta-oe/recipes-support/lvm2/lvm2.inc @@ -15,7 +15,9 @@ SRC_URI = "git://sourceware.org/git/lvm2.git \ file://0001-Avoid-bashisms-in-init-scripts.patch \ file://0005-do-not-build-manual.patch \ file://0006-start-lvm2-monitor.service-after-tmp.mount.patch \ + ${@bb.utils.contains('BUILD_REPRODUCIBLE_BINARIES','1','file://reproducible-build.patch','', d)} \ " + SRCREV = "b9391b1b9f0b73303fa21f8f92574d17ce4c2b02" S = "${WORKDIR}/git" -- 2.7.4 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#85818): https://lists.openembedded.org/g/openembedded-devel/message/85818 Mute This Topic: https://lists.openembedded.org/mt/75621231/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-oe][PATCH 1/1] toybox-inittab: unpack to S
toybox-inittab does not unpack source files into S, so the archiver cannot see them. We copy them to a sub-directory in order to keep the originals available if running do_configure() (again) without first running do_unpack(). Signed-off-by: Joe Slater --- .../recipes-core/toybox/toybox-inittab_0.8.2.bb | 15 +-- 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/meta-oe/recipes-core/toybox/toybox-inittab_0.8.2.bb b/meta-oe/recipes-core/toybox/toybox-inittab_0.8.2.bb index 8d7ff61e8..f82f8e9ce 100644 --- a/meta-oe/recipes-core/toybox/toybox-inittab_0.8.2.bb +++ b/meta-oe/recipes-core/toybox/toybox-inittab_0.8.2.bb @@ -2,10 +2,12 @@ SUMMARY = "Toybox Inittab Configuration" LICENSE = "BSD-0-Clause" LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/BSD-0-Clause;md5=81eeb0083e31f11ab1e33ded846d521c" +# Unpack to ${S}/orig +# SRC_URI = "\ -file://inittab \ -file://rcK \ -file://rcS \ +file://inittab;subdir=${BP}/orig \ +file://rcK;subdir=${BP}/orig \ +file://rcS;subdir=${BP}/orig \ " PACKAGE_ARCH = "${MACHINE_ARCH}" @@ -15,6 +17,9 @@ RCONFLICTS_${PN} = "\ sysvinit-inittab \ " +# Just being sure. +B = "${S}" + # most users may want to have getty enabled by default PACKAGECONFIG ??= "getty" @@ -26,9 +31,7 @@ do_patch[noexec] = "1" do_configure() { # copy over files now to have a fresh start on each config - for file in ${SRC_URI}; do - cp ${WORKDIR}/${file/file:\/\//} ${S} - done + cp orig/* . for config in ${PACKAGECONFIG_CONFARGS}; do if [[ ${config} == "enable_getty" ]]; then -- 2.17.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#85550): https://lists.openembedded.org/g/openembedded-devel/message/85550 Mute This Topic: https://lists.openembedded.org/mt/75245914/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-networking][PATCH 1/1] postfix: gcc-10
Add -fcommon to CCARGS to avoid multiple definition errors for uninitialized variables. Signed-off-by: Joe Slater --- meta-networking/recipes-daemons/postfix/postfix.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-networking/recipes-daemons/postfix/postfix.inc b/meta-networking/recipes-daemons/postfix/postfix.inc index 4b9940cc7..a8d55a6c9 100644 --- a/meta-networking/recipes-daemons/postfix/postfix.inc +++ b/meta-networking/recipes-daemons/postfix/postfix.inc @@ -61,7 +61,7 @@ export CCARGS-sasl_class-native = "" export AUXLIBS-sasl_class-native = "" # PCRE, TLS support default -export CCARGS = "${CFLAGS} -DHAS_PCRE -DUSE_TLS -I${STAGING_INCDIR}/openssl ${CCARGS-ldap} ${CCARGS-sasl} ${CCARGS-nonis}" +export CCARGS = "${CFLAGS} -fcommon -DHAS_PCRE -DUSE_TLS -I${STAGING_INCDIR}/openssl ${CCARGS-ldap} ${CCARGS-sasl} ${CCARGS-nonis}" export AUXLIBS = "-lpcre -lssl -lcrypto ${AUXLIBS-sasl} ${AUXLIBS-ldap}" export POSTCONF = "${STAGING_DIR_NATIVE}${sbindir_native}/postconf" -- 2.26.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#84500): https://lists.openembedded.org/g/openembedded-devel/message/84500 Mute This Topic: https://lists.openembedded.org/mt/74336492/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-python][PATCH 2/2] python3-pyhamcrest: add rdep
python3-six. Signed-off-by: Joe Slater --- meta-python/recipes-devtools/python/python3-pyhamcrest_1.9.0.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-python/recipes-devtools/python/python3-pyhamcrest_1.9.0.bb b/meta-python/recipes-devtools/python/python3-pyhamcrest_1.9.0.bb index 04aa9b4..ee96a07 100644 --- a/meta-python/recipes-devtools/python/python3-pyhamcrest_1.9.0.bb +++ b/meta-python/recipes-devtools/python/python3-pyhamcrest_1.9.0.bb @@ -8,3 +8,5 @@ SRC_URI[md5sum] = "8b833a3fa30197455df79424f30c8c3f" SRC_URI[sha256sum] = "8ffaa0a53da57e89de14ced7185ac746227a8894dbd5a3c718bf05ddbd1d56cd" inherit pypi setuptools3 + +RDEPENDS_${PN} += "${PYTHON_PN}-six" -- 2.7.4 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#84265): https://lists.openembedded.org/g/openembedded-devel/message/84265 Mute This Topic: https://lists.openembedded.org/mt/74079315/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-python][PATCH 1/2] python-pretty-table: add rdep's
python(3)-math and python(3)-html. Signed-off-by: Joe Slater --- meta-python/recipes-devtools/python/python-prettytable.inc | 5 + 1 file changed, 5 insertions(+) diff --git a/meta-python/recipes-devtools/python/python-prettytable.inc b/meta-python/recipes-devtools/python/python-prettytable.inc index 09384da..c77a491 100644 --- a/meta-python/recipes-devtools/python/python-prettytable.inc +++ b/meta-python/recipes-devtools/python/python-prettytable.inc @@ -29,6 +29,11 @@ SRC_URI += " \ file://run-ptest \ " +RDEPENDS_${PN} += " \ + ${PYTHON_PN}-math \ + ${PYTHON_PN}-html \ +" + RDEPENDS_${PN}-ptest += " \ ${PYTHON_PN}-pytest \ " -- 2.7.4 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#84264): https://lists.openembedded.org/g/openembedded-devel/message/84264 Mute This Topic: https://lists.openembedded.org/mt/74079312/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-oe][PATCH 1/1] syslog-ng: change shebang to python3
The file is executable and can be put on a target. Signed-off-by: Joe Slater --- meta-oe/recipes-support/syslog-ng/files/shebang.patch | 18 ++ meta-oe/recipes-support/syslog-ng/syslog-ng_3.24.1.bb | 1 + 2 files changed, 19 insertions(+) create mode 100644 meta-oe/recipes-support/syslog-ng/files/shebang.patch diff --git a/meta-oe/recipes-support/syslog-ng/files/shebang.patch b/meta-oe/recipes-support/syslog-ng/files/shebang.patch new file mode 100644 index 000..35d9677 --- /dev/null +++ b/meta-oe/recipes-support/syslog-ng/files/shebang.patch @@ -0,0 +1,18 @@ +syslog-ng: change shebang to use python3 + +Correct shebang for python3. This is far from the only python file with an out of date shebang, +but it is the only one that winds up on a target. + +Upstream-Status: Pending + +Signed-off-by: Joe Slater + + +--- a/lib/merge-grammar.py b/lib/merge-grammar.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # + # Copyright (c) 2010-2017 Balabit + # diff --git a/meta-oe/recipes-support/syslog-ng/syslog-ng_3.24.1.bb b/meta-oe/recipes-support/syslog-ng/syslog-ng_3.24.1.bb index 01ed767..10bf00f 100644 --- a/meta-oe/recipes-support/syslog-ng/syslog-ng_3.24.1.bb +++ b/meta-oe/recipes-support/syslog-ng/syslog-ng_3.24.1.bb @@ -7,6 +7,7 @@ SRC_URI += " \ file://fix-invalid-ownership.patch \ file://syslog-ng.service-the-syslog-ng-service.patch \ file://0001-syslog-ng-fix-segment-fault-during-service-start.patch \ + file://shebang.patch \ file://syslog-ng-tmp.conf \ " -- 2.7.4 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#84187): https://lists.openembedded.org/g/openembedded-devel/message/84187 Mute This Topic: https://lists.openembedded.org/mt/73444831/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/leave/8024792/1994799631/xyzzy [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-gnome][PATCH 1/1] libnma: allow building for mipsn32
go object introspection is not support for mipsn32, so disable vapi for that architecture. Signed-off-by: Joe Slater --- meta-gnome/recipes-connectivity/libnma/libnma_1.8.28.bb | 4 1 file changed, 4 insertions(+) diff --git a/meta-gnome/recipes-connectivity/libnma/libnma_1.8.28.bb b/meta-gnome/recipes-connectivity/libnma/libnma_1.8.28.bb index 267baff..8cb0bbc 100644 --- a/meta-gnome/recipes-connectivity/libnma/libnma_1.8.28.bb +++ b/meta-gnome/recipes-connectivity/libnma/libnma_1.8.28.bb @@ -18,4 +18,8 @@ PACKAGECONFIG[gcr] = "-Dgcr=true,-Dgcr=false,gcr" PACKAGECONFIG[iso_codes] = "-Diso_codes=true,-Diso_codes=false,iso-codes,iso-codes" PACKAGECONFIG[mobile_broadband_provider_info] = "-Dmobile_broadband_provider_info=true,-Dmobile_broadband_provider_info=false,mobile-broadband-provider-info,mobile-broadband-provider-info" +# go introspection is not supported for mipsn32, but vapi needs it +# +EXTRA_OEMESON_mipsarchn32_append = " -Dvapi=false" + GTKDOC_MESON_OPTION = "gtk_doc" -- 2.7.4 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#83965): https://lists.openembedded.org/g/openembedded-devel/message/83965 Mute This Topic: https://lists.openembedded.org/mt/73057821/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-gnome][PATCH 1/1] libnma: allow building nor mipsn32
go introspection is not support for mipsn32, so we must not try to build vapi support. Using sed allows us to change the meson option, if it is present, to be set correctly, and is more flexible than a patch would be. Signed-off-by: Joe Slater --- meta-gnome/recipes-connectivity/libnma/libnma_1.8.28.bb | 7 +++ 1 file changed, 7 insertions(+) diff --git a/meta-gnome/recipes-connectivity/libnma/libnma_1.8.28.bb b/meta-gnome/recipes-connectivity/libnma/libnma_1.8.28.bb index 267baff..f0f0064 100644 --- a/meta-gnome/recipes-connectivity/libnma/libnma_1.8.28.bb +++ b/meta-gnome/recipes-connectivity/libnma/libnma_1.8.28.bb @@ -19,3 +19,10 @@ PACKAGECONFIG[iso_codes] = "-Diso_codes=true,-Diso_codes=false,iso-codes,iso-cod PACKAGECONFIG[mobile_broadband_provider_info] = "-Dmobile_broadband_provider_info=true,-Dmobile_broadband_provider_info=false,mobile-broadband-provider-info,mobile-broadband-provider-info" GTKDOC_MESON_OPTION = "gtk_doc" + +# go object introspection is not supported for mipsn32, so we must disable trying +# to build vapi. +# +do_configure_prepend_mipsarchn32 () { +sed -i "/^option('vapi/ s!true!false!" ${S}/meson_options.txt +} -- 2.7.4 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#83841): https://lists.openembedded.org/g/openembedded-devel/message/83841 Mute This Topic: https://lists.openembedded.org/mt/72903869/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-oe][PATCH 1/1] nss: suppress unused-function compile error
Allows qemumips64 nss to compile. Signed-off-by: Joe Slater --- .../nss/nss/no_unused_function_error.patch | 18 ++ meta-oe/recipes-support/nss/nss_3.51.bb| 1 + 2 files changed, 19 insertions(+) create mode 100644 meta-oe/recipes-support/nss/nss/no_unused_function_error.patch diff --git a/meta-oe/recipes-support/nss/nss/no_unused_function_error.patch b/meta-oe/recipes-support/nss/nss/no_unused_function_error.patch new file mode 100644 index 000..cce748f --- /dev/null +++ b/meta-oe/recipes-support/nss/nss/no_unused_function_error.patch @@ -0,0 +1,18 @@ +nss: suppress unused-function compile error + +Upstream-Status: Inappropriate [workaround] + +Signed-off-by: Joe Slater + + +--- a/nss/coreconf/Werror.mk b/nss/coreconf/Werror.mk +@@ -96,7 +96,7 @@ ifndef WARNING_CFLAGS + endif #ndef NSS_ENABLE_WERROR + + ifeq ($(NSS_ENABLE_WERROR),1) +- WARNING_CFLAGS += -Werror ++ WARNING_CFLAGS += -Werror -Wno-error=unused-function + else + # Old versions of gcc (< 4.8) don't support #pragma diagnostic in functions. + # Use this to disable use of that #pragma and the warnings it suppresses. diff --git a/meta-oe/recipes-support/nss/nss_3.51.bb b/meta-oe/recipes-support/nss/nss_3.51.bb index 889967c..73e5150 100644 --- a/meta-oe/recipes-support/nss/nss_3.51.bb +++ b/meta-oe/recipes-support/nss/nss_3.51.bb @@ -32,6 +32,7 @@ SRC_URI = "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${VERSIO file://system-pkcs11.txt \ file://nss-fix-nsinstall-build.patch \ file://0001-freebl-add-a-configure-option-to-disable-ARM-HW-cryp.patch \ + file://no_unused_function_error.patch \ " SRC_URI[md5sum] = "e59dc16965ef7713669c628d2640ebd1" -- 2.7.4 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#83458): https://lists.openembedded.org/g/openembedded-devel/message/83458 Mute This Topic: https://lists.openembedded.org/mt/72499655/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[oe] [meta-oe][PATCH 1/1] fio: change four python shebangs
Use python3. Note that the recipe already depends on python3-core at runtime. We only change scripts that show up under /usr/bin. Signed-off-by: Joe Slater --- .../fio/files/python3_shebangs.patch | 38 ++ meta-oe/recipes-benchmark/fio/fio_3.17.bb | 1 + 2 files changed, 39 insertions(+) create mode 100644 meta-oe/recipes-benchmark/fio/files/python3_shebangs.patch diff --git a/meta-oe/recipes-benchmark/fio/files/python3_shebangs.patch b/meta-oe/recipes-benchmark/fio/files/python3_shebangs.patch new file mode 100644 index 000..068b021 --- /dev/null +++ b/meta-oe/recipes-benchmark/fio/files/python3_shebangs.patch @@ -0,0 +1,38 @@ +python3: change four shebangs to python3 + +Upstream-Status: Pending + +Signed-off-by: Joe Slater + +--- a/tools/fio_jsonplus_clat2csv b/tools/fio_jsonplus_clat2csv +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # Note: this script is python2 and python3 compatible. + # + # fio_jsonplus_clat2csv +--- a/tools/fiologparser.py b/tools/fiologparser.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # Note: this script is python2 and python 3 compatible. + # + # fiologparser.py +--- a/tools/hist/fiologparser_hist.py b/tools/hist/fiologparser_hist.py +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + """ + Utility for converting *_clat_hist* files generated by fio into latency statistics. + +--- a/tools/plot/fio2gnuplot b/tools/plot/fio2gnuplot +@@ -1,4 +1,4 @@ +-#!/usr/bin/env python ++#!/usr/bin/env python3 + # Note: this script is python2 and python3 compatible. + # + # Copyright (C) 2013 eNovance SAS diff --git a/meta-oe/recipes-benchmark/fio/fio_3.17.bb b/meta-oe/recipes-benchmark/fio/fio_3.17.bb index b15d7ba..b65ab19 100644 --- a/meta-oe/recipes-benchmark/fio/fio_3.17.bb +++ b/meta-oe/recipes-benchmark/fio/fio_3.17.bb @@ -25,6 +25,7 @@ PACKAGECONFIG[numa] = ",--disable-numa,numactl" SRCREV = "08ce9dc20b8a4e55db7af6d869ddfa49b4a02d03" SRC_URI = "git://git.kernel.dk/fio.git \ file://0001-update-the-interpreter-paths.patch \ + file://python3_shebangs.patch \ " S = "${WORKDIR}/git" -- 2.7.4 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [meta-python2][PATCH 1/1] python-lxml: fix installation
Inherit setuptools before adding to variables defined in it. Signed-off-by: Joe Slater --- recipes-devtools/python/python-lxml_4.4.2.bb | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/recipes-devtools/python/python-lxml_4.4.2.bb b/recipes-devtools/python/python-lxml_4.4.2.bb index 911ba58..0f9cdf7 100644 --- a/recipes-devtools/python/python-lxml_4.4.2.bb +++ b/recipes-devtools/python/python-lxml_4.4.2.bb @@ -21,6 +21,11 @@ SRC_URI[sha256sum] = "eff69ddbf3ad86375c344339371168640951c302450c5d3e9936e98d64 DEPENDS += "libxml2 libxslt" + +inherit setuptools + +# add to the defaults which are set in the setuptools bbclass +# DISTUTILS_BUILD_ARGS += " \ --with-xslt-config='pkg-config libxslt' \ --with-xml2-config='pkg-config libxml-2.0' \ @@ -31,7 +36,7 @@ DISTUTILS_INSTALL_ARGS += " \ --with-xml2-config='pkg-config libxml-2.0' \ " -inherit pypi setuptools +inherit pypi # {standard input}: Assembler messages: # {standard input}:1488805: Error: branch out of range -- 2.7.4 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [meta-webserver][PATCH 1/1] phpmyadmin: move to version 4.9.2
Fixes CVE-2019-18622. Signed-off-by: Joe Slater --- .../phpmyadmin/{phpmyadmin_4.9.1.bb => phpmyadmin_4.9.2.bb} | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) rename meta-webserver/recipes-php/phpmyadmin/{phpmyadmin_4.9.1.bb => phpmyadmin_4.9.2.bb} (91%) diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.9.1.bb b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.9.2.bb similarity index 91% rename from meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.9.1.bb rename to meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.9.2.bb index 3da2d9b..9cd43a8 100644 --- a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.9.1.bb +++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.9.2.bb @@ -11,8 +11,9 @@ SRC_URI = "https://files.phpmyadmin.net/phpMyAdmin/${PV}/phpMyAdmin-${PV}-all-la file://apache.conf \ " -SRC_URI[md5sum] = "a165109629731f5311ec3171cce50972" -SRC_URI[sha256sum] = "8f89dd62e3fdddabca187b092eeb5af4a4fb956189564c56038970519d0496c5" +SRC_URI[md5sum] = "5b5d1d84a05624430ac659e36af00f4e" +SRC_URI[sha256sum] = "3bc3e37fefbdfcaf12fd59d6d7fdbf11ffcffe3e211155bf5b822b54a3c2043e" + UPSTREAM_CHECK_URI = "https://www.phpmyadmin.net/downloads/"; UPSTREAM_CHECK_REGEX = "phpMyAdmin-(?P\d+(\.\d+)+)-all-languages.tar.xz" -- 2.7.4 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [meta-oe][zeus][PATCH 1/1] php: fix CVE-2019-11043
Backport unmodified patch from git.php.net. Fixed in php 7.3.11. Signed-off-by: Joe Slater --- .../recipes-devtools/php/php/CVE-2019-11043.patch | 38 ++ meta-oe/recipes-devtools/php/php_7.3.9.bb | 1 + 2 files changed, 39 insertions(+) create mode 100644 meta-oe/recipes-devtools/php/php/CVE-2019-11043.patch diff --git a/meta-oe/recipes-devtools/php/php/CVE-2019-11043.patch b/meta-oe/recipes-devtools/php/php/CVE-2019-11043.patch new file mode 100644 index 000..7e20063 --- /dev/null +++ b/meta-oe/recipes-devtools/php/php/CVE-2019-11043.patch @@ -0,0 +1,38 @@ +From ab061f95ca966731b1c84cf5b7b20155c0a1c06a Mon Sep 17 00:00:00 2001 +From: Jakub Zelenka +Date: Sat, 12 Oct 2019 15:56:16 +0100 +Subject: [PATCH] Fix bug #78599 (env_path_info underflow can lead to RCE) + +CVE: CVE-2019-11043 + +Fixed in php version 7.3.11. + +Upstream-Status: Backport [https://git.php.net/repository/php-src.git] + +Signed-off-by: Joe Slater +--- + NEWS | 4 +- + sapi/fpm/fpm/fpm_main.c | 4 +- + .../tests/bug78599-path-info-underflow.phpt | 61 +++ + sapi/fpm/tests/tester.inc | 11 +++- + 4 files changed, 75 insertions(+), 5 deletions(-) + create mode 100644 sapi/fpm/tests/bug78599-path-info-underflow.phpt + +diff --git a/sapi/fpm/fpm/fpm_main.c b/sapi/fpm/fpm/fpm_main.c +index 24a7e5d56a..50f92981f1 100644 +--- a/sapi/fpm/fpm/fpm_main.c b/sapi/fpm/fpm/fpm_main.c +@@ -1209,8 +1209,8 @@ static void init_request_info(void) + path_info = script_path_translated + ptlen; + tflag = (slen != 0 && (!orig_path_info || strcmp(orig_path_info, path_info) != 0)); + } else { +- path_info = env_path_info ? env_path_info + pilen - slen : NULL; +- tflag = (orig_path_info != path_info); ++ path_info = (env_path_info && pilen > slen) ? env_path_info + pilen - slen : NULL; ++ tflag = path_info && (orig_path_info != path_info); + } + + if (tflag) { +-- +2.17.1 + diff --git a/meta-oe/recipes-devtools/php/php_7.3.9.bb b/meta-oe/recipes-devtools/php/php_7.3.9.bb index a5c7b9b..e886cb1 100644 --- a/meta-oe/recipes-devtools/php/php_7.3.9.bb +++ b/meta-oe/recipes-devtools/php/php_7.3.9.bb @@ -8,6 +8,7 @@ SRC_URI += "file://0001-acinclude.m4-don-t-unset-cache-variables.patch \ file://0001-Use-pkg-config-for-libxml2-detection.patch \ file://debian-php-fixheader.patch \ file://CVE-2019-6978.patch \ +file://CVE-2019-11043.patch \ " SRC_URI_append_class-target = " \ file://pear-makefile.patch \ -- 2.7.4 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [oe-core][zeus][PATCH 1/1] webkitgtk: fix occasional link error
Partial backport from WebKit.git. See patch for details. Fixed in webkitgtk 2.26.1. Signed-off-by: Joe Slater --- .../webkit/webkitgtk/fix-link-error.patch | 45 ++ meta/recipes-sato/webkit/webkitgtk_2.24.4.bb | 1 + 2 files changed, 46 insertions(+) create mode 100755 meta/recipes-sato/webkit/webkitgtk/fix-link-error.patch diff --git a/meta/recipes-sato/webkit/webkitgtk/fix-link-error.patch b/meta/recipes-sato/webkit/webkitgtk/fix-link-error.patch new file mode 100755 index 000..9696ddd --- /dev/null +++ b/meta/recipes-sato/webkit/webkitgtk/fix-link-error.patch @@ -0,0 +1,45 @@ +webkitgtk: fix an occasional link error + +Part of ae465a4e... Changelog is not included in the source tarball. + +Upstream-Status: backport [git://git.webkit.org/WebKit.git] + +commit ae465a4e3b1498b6c4038fc7e596e0e3662d116f +Author: hironori.fu...@sony.com +Date: Fri Jun 28 07:38:09 2019 + + +[Win] unresolved external symbol "JSC::JSObject::didBecomePrototype(void)" referenced in function "JSC::Structure::create(...)" +https://bugs.webkit.org/show_bug.cgi?id=199312 + +Reviewed by Keith Miller. + +WinCairo port, clang-cl Release builds reported a following linkage error: + +> WebCore.lib(UnifiedSource-4babe430-10.cpp.obj) : error LNK2019: unresolved external symbol "public: void __cdecl JSC::JSObject::didBecomePrototype(void)" (?didBecomePrototype@JSObject@JSC@@QEAAXXZ) referenced in function "public: static class JSC::Structure * __cdecl JSC::Structure::create(class JSC::VM &,class JSC::JSGlobalObject *,class JSC::JSValue,class JSC::TypeInfo const &,struct JSC::ClassInfo const *,unsigned char,unsigned int)" (?create@Structure@JSC@@SAPEAV12@AEAVVM@2@PEAVJSGlobalObject@2@VJSValue@2@AEBVTypeInfo@2@PEBUClassInfo@2@EI@Z) + +No new tests because there is no behavior change. + +* Modules/indexeddb/server/SQLiteIDBBackingStore.cpp: Include , +and do not include headers which is included by it. + +git-svn-id: http://svn.webkit.org/repository/webkit/trunk@246922 268f45cc-cd09-0410-ab3c-d52691b4dbfc + +[ modification of Changelog deleted ] + +diff --git a/Source/WebCore/Modules/indexeddb/server/SQLiteIDBBackingStore.cpp b/Source/WebCore/Modules/indexeddb/server/SQLiteIDBBackingStore.cpp +index d1b047c..0899a9a 100644 +--- a/Source/WebCore/Modules/indexeddb/server/SQLiteIDBBackingStore.cpp b/Source/WebCore/Modules/indexeddb/server/SQLiteIDBBackingStore.cpp +@@ -49,11 +49,8 @@ + #include "SQLiteTransaction.h" + #include "ThreadSafeDataBuffer.h" + #include +-#include +-#include +-#include ++#include + #include +-#include + #include + #include + #include diff --git a/meta/recipes-sato/webkit/webkitgtk_2.24.4.bb b/meta/recipes-sato/webkit/webkitgtk_2.24.4.bb index 8c695ce..b04ec82 100644 --- a/meta/recipes-sato/webkit/webkitgtk_2.24.4.bb +++ b/meta/recipes-sato/webkit/webkitgtk_2.24.4.bb @@ -23,6 +23,7 @@ SRC_URI = "http://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \ file://include_array.patch \ file://narrowing.patch \ file://0001-gstreamer-add-a-missing-format-string.patch \ + file://fix-link-error.patch \ " SRC_URI[md5sum] = "c214963d8c0e7d83460da04a0d8dda87" -- 2.7.4 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [meta-oe][PATCH 1/1] syslog-ng: change conf files to version 3.19
Also add dns_cache(no) option to eliminate initialization warning. Signed-off-by: Joe Slater --- meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.systemd | 9 +++-- meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.sysvinit | 9 +++-- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.systemd b/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.systemd index 9e910ca..965abf7 100644 --- a/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.systemd +++ b/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.systemd @@ -1,11 +1,16 @@ -@version: 3.15 +@version: 3.19 # # Syslog-ng configuration file, compatible with default Debian syslogd # installation. Originally written by anonymous (I can't find his name) # Revised, and rewrited by me (SZALAY Attila ) +# +# Move to 3.19 +# Only change is to add dns_cache(no) to options to suppress initialization warning. +# +# Joe Slater # First, set some global options. -options { chain_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no); +options { chain_hostnames(off); flush_lines(0); use_dns(no); dns_cache(no); use_fqdn(no); owner("root"); group("adm"); perm(0640); stats_freq(0); bad_hostname("^gconfd$"); }; diff --git a/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.sysvinit b/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.sysvinit index fb183ee..2b39b8c 100644 --- a/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.sysvinit +++ b/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.sysvinit @@ -1,11 +1,16 @@ -@version: 3.15 +@version: 3.19 # # Syslog-ng configuration file, compatible with default Debian syslogd # installation. Originally written by anonymous (I can't find his name) # Revised, and rewrited by me (SZALAY Attila ) +# +# Move to 3.19 +# Only change is to add dns_cache(no) to options to suppress initialization warning. +# +# Joe Slater # First, set some global options. -options { chain_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no); +options { chain_hostnames(off); flush_lines(0); use_dns(no); dns_cache(no); use_fqdn(no); owner("root"); group("adm"); perm(0640); stats_freq(0); bad_hostname("^gconfd$"); }; -- 2.7.4 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [meta-oe][PATCH 1/1] syslog-ng: add volatile directory init for systemd
systemd requires volatile file/directory specifications to be in a tmpfiles.d directory. We put ours in /etc/tmpfiles.d. Also eliminate SRC_URI duplication in .bb and .inc files. Signed-off-by: Joe Slater --- meta-oe/recipes-support/syslog-ng/files/syslog-ng-tmp.conf | 1 + meta-oe/recipes-support/syslog-ng/syslog-ng.inc| 6 ++ meta-oe/recipes-support/syslog-ng/syslog-ng_3.19.1.bb | 10 -- 3 files changed, 11 insertions(+), 6 deletions(-) create mode 100644 meta-oe/recipes-support/syslog-ng/files/syslog-ng-tmp.conf diff --git a/meta-oe/recipes-support/syslog-ng/files/syslog-ng-tmp.conf b/meta-oe/recipes-support/syslog-ng/files/syslog-ng-tmp.conf new file mode 100644 index 000..32a7953 --- /dev/null +++ b/meta-oe/recipes-support/syslog-ng/files/syslog-ng-tmp.conf @@ -0,0 +1 @@ +d /var/run/syslog-ng 0755 root root diff --git a/meta-oe/recipes-support/syslog-ng/syslog-ng.inc b/meta-oe/recipes-support/syslog-ng/syslog-ng.inc index b00cb91..4c22d4b 100644 --- a/meta-oe/recipes-support/syslog-ng/syslog-ng.inc +++ b/meta-oe/recipes-support/syslog-ng/syslog-ng.inc @@ -15,6 +15,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=24c0c5cb2c83d9f2ab725481e4df5240" # util-linux added to get libuuid DEPENDS = "libpcre flex glib-2.0 openssl util-linux" +# We expect the recipe to add anything specific for that version to these defaults. +# SRC_URI = "https://github.com/balabit/syslog-ng/releases/download/${BP}/${BP}.tar.gz \ file://syslog-ng.conf.systemd \ file://syslog-ng.conf.sysvinit \ @@ -74,8 +76,12 @@ do_install_append() { install -d ${D}/${sysconfdir}/${BPN} install -d ${D}/${sysconfdir}/init.d install -m 755 ${WORKDIR}/initscript ${D}/${sysconfdir}/init.d/syslog + install -d ${D}/${sysconfdir}/default/volatiles/ install -m 755 ${WORKDIR}/volatiles.03_syslog-ng ${D}/${sysconfdir}/default/volatiles/03_syslog-ng +install -d ${D}/${sysconfdir}/tmpfiles.d/ +install -m 755 ${WORKDIR}/syslog-ng-tmp.conf ${D}/${sysconfdir}/tmpfiles.d/syslog-ng.conf + install -d ${D}/${localstatedir}/lib/${BPN} # Remove /var/run as it is created on startup rm -rf ${D}${localstatedir}/run diff --git a/meta-oe/recipes-support/syslog-ng/syslog-ng_3.19.1.bb b/meta-oe/recipes-support/syslog-ng/syslog-ng_3.19.1.bb index 4eecf6b..852343c 100644 --- a/meta-oe/recipes-support/syslog-ng/syslog-ng_3.19.1.bb +++ b/meta-oe/recipes-support/syslog-ng/syslog-ng_3.19.1.bb @@ -1,15 +1,13 @@ require syslog-ng.inc -SRC_URI = "https://github.com/balabit/syslog-ng/releases/download/${BP}/${BP}.tar.gz \ - file://syslog-ng.conf.systemd \ - file://syslog-ng.conf.sysvinit \ - file://initscript \ - file://volatiles.03_syslog-ng \ - file://configure.ac-add-option-enable-thread-tls-to-manage-.patch \ +# We only want to add stuff we need to the defaults provided in syslog-ng.inc. +# +SRC_URI += " \ file://fix-config-libnet.patch \ file://fix-invalid-ownership.patch \ file://syslog-ng.service-the-syslog-ng-service.patch \ file://0001-syslog-ng-fix-segment-fault-during-service-start.patch \ + file://syslog-ng-tmp.conf \ " SRC_URI[md5sum] = "aa79bc13d9fd925aa5fb9516e87aacd3" -- 2.7.4 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [meta-oe][PATCH 1/1] live555: update to version 20190828
Includes fix for CVE-2019-7733. Also adjust SRC_URI and use different mirror. Signed-off-by: Joe Slater --- meta-oe/recipes-multimedia/live555/live555.inc | 4 ++-- meta-oe/recipes-multimedia/live555/live555_20190306.bb | 8 meta-oe/recipes-multimedia/live555/live555_20190828.bb | 11 +++ 3 files changed, 13 insertions(+), 10 deletions(-) delete mode 100644 meta-oe/recipes-multimedia/live555/live555_20190306.bb create mode 100644 meta-oe/recipes-multimedia/live555/live555_20190828.bb diff --git a/meta-oe/recipes-multimedia/live555/live555.inc b/meta-oe/recipes-multimedia/live555/live555.inc index 4fe744c..a88f7eb 100644 --- a/meta-oe/recipes-multimedia/live555/live555.inc +++ b/meta-oe/recipes-multimedia/live555/live555.inc @@ -8,10 +8,10 @@ LICENSE = "LGPLv3" SECTION = "devel" URLV = "${@d.getVar('PV')[0:4]}.${@d.getVar('PV')[4:6]}.${@d.getVar('PV')[6:8]}" -SRC_URI = "http://www.live555.com/live.${URLV}.tar.gz \ +SRC_URI = "http://www.live555.com/liveMedia/public/live.${URLV}.tar.gz \ file://config.linux-cross" # only latest live version stays on http://www.live555.com/liveMedia/public/, add mirror for older -MIRRORS += "http://www.live555.com/liveMedia/public/ http://distcache.FreeBSD.org/ports-distfiles/ \n" +MIRRORS += "http://www.live555.com/liveMedia/public/ http://download.videolan.org/contrib/live555/ \n" S = "${WORKDIR}/live" TARGET_CC_ARCH += "${LDFLAGS}" diff --git a/meta-oe/recipes-multimedia/live555/live555_20190306.bb b/meta-oe/recipes-multimedia/live555/live555_20190306.bb deleted file mode 100644 index fa6057d..000 --- a/meta-oe/recipes-multimedia/live555/live555_20190306.bb +++ /dev/null @@ -1,8 +0,0 @@ -require live555.inc - -LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \ -file://COPYING.LESSER;md5=e6a600fd5e1d9cbde2d983680233ad02 \ - " -SRC_URI[md5sum] = "a84ca3946d899f5592c7d31012ed2fe3" -SRC_URI[sha256sum] = "0bd0c26d980425d9a419d835193e292a08a968f175da1902da4b495f126d5abd" - diff --git a/meta-oe/recipes-multimedia/live555/live555_20190828.bb b/meta-oe/recipes-multimedia/live555/live555_20190828.bb new file mode 100644 index 000..1da61c0 --- /dev/null +++ b/meta-oe/recipes-multimedia/live555/live555_20190828.bb @@ -0,0 +1,11 @@ +require live555.inc + +LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \ +file://COPYING.LESSER;md5=e6a600fd5e1d9cbde2d983680233ad02 \ + " +# SRC_URI[md5sum] = "a84ca3946d899f5592c7d31012ed2fe3" +# SRC_URI[sha256sum] = "0bd0c26d980425d9a419d835193e292a08a968f175da1902da4b495f126d5abd" + +SRC_URI[md5sum] = "a593f915664793b3ba41299b17b8bedc" +SRC_URI[sha256sum] = "a3dcd157865186cf883c3a80b4bb09637e91fff96b234b2c780a7f7dcc7a35dc" + -- 2.7.4 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [meta-networking][PATCH 1/1] openhpi: control snmp-bc ptest generation
Do not try to compile ptests for snmp-bc if it is not in PACKGECONFIG. Signed-off-by: Joe Slater --- meta-networking/recipes-daemons/openhpi/openhpi_3.8.0.bb | 15 +++ 1 file changed, 15 insertions(+) diff --git a/meta-networking/recipes-daemons/openhpi/openhpi_3.8.0.bb b/meta-networking/recipes-daemons/openhpi/openhpi_3.8.0.bb index e3a0c2e..8a92f10 100644 --- a/meta-networking/recipes-daemons/openhpi/openhpi_3.8.0.bb +++ b/meta-networking/recipes-daemons/openhpi/openhpi_3.8.0.bb @@ -85,6 +85,21 @@ do_install_append () { do_compile_ptest () { for x in `find ${B} -name Makefile -exec grep -l buildtest-TESTS {} \;`; do dir=`dirname ${x}` +case $dir in +*cpp/t) ;; +*snmp_bc/t) if ${@bb.utils.contains('PACKAGECONFIG','snmp-bc','true','false',d)} + then + oe_runmake -C ${dir} buildtest-TESTS + fi + ;; +*) oe_runmake -C ${dir} buildtest-TESTS ;; +esac +done +} + +ack_do_compile_ptest () { +for x in `find ${B} -name Makefile -exec grep -l buildtest-TESTS {} \;`; do +dir=`dirname ${x}` upper=`dirname ${dir}` if [ `basename ${upper}` != "cpp" ]; then oe_runmake -C ${dir} buildtest-TESTS -- 2.7.4 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [meta-oe][V2][PATCH 1/1] php: zlib and zip support
Add back zlib support. Define zip support but do not enable it. Signed-off-by: Joe Slater --- meta-oe/recipes-devtools/php/php.inc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/meta-oe/recipes-devtools/php/php.inc b/meta-oe/recipes-devtools/php/php.inc index 33bcf12..b63ed4c 100644 --- a/meta-oe/recipes-devtools/php/php.inc +++ b/meta-oe/recipes-devtools/php/php.inc @@ -59,7 +59,7 @@ EXTRA_OECONF = "--enable-mbstring \ --enable-fpm \ --with-libdir=${baselib} \ --with-gettext=${STAGING_LIBDIR}/.. \ ---with-libzip=${STAGING_LIBDIR}/.. \ +--with-zlib=${STAGING_LIBDIR}/.. \ --with-iconv=${STAGING_LIBDIR}/.. \ --with-bz2=${STAGING_DIR_TARGET}${exec_prefix} \ --with-config-file-path=${sysconfdir}/php/apache2-php${PHP_MAJOR_VERSION} \ @@ -81,6 +81,8 @@ PACKAGECONFIG ??= "mysql sqlite3 imap opcache openssl \ " PACKAGECONFIG_class-native = "" +PACKAGECONFIG[zip] = "--enable-zip --with-libzip=${STAGING_EXECPREFIXDIR},,libzip" + PACKAGECONFIG[mysql] = "--with-mysql=${STAGING_DIR_TARGET}${prefix} \ --with-mysqli=${STAGING_BINDIR_CROSS}/mysql_config \ --with-pdo-mysql=${STAGING_BINDIR_CROSS}/mysql_config \ -- 2.7.4 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [meta-oe][PATCH 1/1] php: zlib and zip support
Add back zlib support. Define zip support but do not enable it. Signed-off-by: Joe Slater --- meta-oe/recipes-devtools/php/php.inc | 7 ++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/meta-oe/recipes-devtools/php/php.inc b/meta-oe/recipes-devtools/php/php.inc index 33bcf12..08173ea 100644 --- a/meta-oe/recipes-devtools/php/php.inc +++ b/meta-oe/recipes-devtools/php/php.inc @@ -59,7 +59,7 @@ EXTRA_OECONF = "--enable-mbstring \ --enable-fpm \ --with-libdir=${baselib} \ --with-gettext=${STAGING_LIBDIR}/.. \ ---with-libzip=${STAGING_LIBDIR}/.. \ +--with-zlib=${STAGING_LIBDIR}/.. \ --with-iconv=${STAGING_LIBDIR}/.. \ --with-bz2=${STAGING_DIR_TARGET}${exec_prefix} \ --with-config-file-path=${sysconfdir}/php/apache2-php${PHP_MAJOR_VERSION} \ @@ -81,6 +81,11 @@ PACKAGECONFIG ??= "mysql sqlite3 imap opcache openssl \ " PACKAGECONFIG_class-native = "" +# For zip, select one or none. oldzip uses a bundled library and is deprecated. +# +PACKAGECONFIG[newzip] = "--enable-zip --with-libzip=${STAGING_EXECPREFIXDIR},,libzip" +PACKAGECONFIG[oldzip] = "--enable-zip --without-libzip," + PACKAGECONFIG[mysql] = "--with-mysql=${STAGING_DIR_TARGET}${prefix} \ --with-mysqli=${STAGING_BINDIR_CROSS}/mysql_config \ --with-pdo-mysql=${STAGING_BINDIR_CROSS}/mysql_config \ -- 2.7.4 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [meta-oe][PATCH 1/1] mozjs: do not expose intl api for mips64
Add --with-intl-api=build to configure options. Otherwise, JS_Init() will fail. Signed-off-by: Joe Slater --- meta-oe/recipes-extended/mozjs/mozjs_60.5.2.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-oe/recipes-extended/mozjs/mozjs_60.5.2.bb b/meta-oe/recipes-extended/mozjs/mozjs_60.5.2.bb index c89aba7..33142d6 100644 --- a/meta-oe/recipes-extended/mozjs/mozjs_60.5.2.bb +++ b/meta-oe/recipes-extended/mozjs/mozjs_60.5.2.bb @@ -55,6 +55,9 @@ EXTRA_OECONF = " \ ${@bb.utils.contains('DISTRO_FEATURES', 'ld-is-gold', "--enable-gold", '--disable-gold', d)} \ " +# Without this, JS_Init() will fail for mips64. +EXTRA_OECONF_append_mips64 = " --with-intl-api=build" + EXTRA_OECONF_append_mipsarch = " --disable-ion" EXTRA_OECONF_append_riscv64 = " --disable-ion" EXTRA_OECONF_append_riscv32 = " --disable-ion" -- 2.7.4 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [meta-oe][PATCH 1/1] php: remove host specific info from header file
Import patch from Debian. Signed-off-by: Joe Slater --- .../php/php/debian-php-fixheader.patch | 31 ++ meta-oe/recipes-devtools/php/php_7.3.7.bb | 1 + 2 files changed, 32 insertions(+) create mode 100755 meta-oe/recipes-devtools/php/php/debian-php-fixheader.patch diff --git a/meta-oe/recipes-devtools/php/php/debian-php-fixheader.patch b/meta-oe/recipes-devtools/php/php/debian-php-fixheader.patch new file mode 100755 index 000..21050f7 --- /dev/null +++ b/meta-oe/recipes-devtools/php/php/debian-php-fixheader.patch @@ -0,0 +1,31 @@ +php: remove host specific info from header file + +https://sources.debian.org/data/main/p/php7.3/7.3.6-1/debian/patches/ +0036-php-5.4.9-fixheader.patch + +Upstream-Status: Inappropriate [not author] +Signed-off-by: Joe Slater + +--- +From: Debian PHP Maintainers +Date: Sat, 2 May 2015 10:26:56 +0200 +Subject: php-5.4.9-fixheader + +Make generated php_config.h constant across rebuilds. +--- + configure.ac | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index 433d7e6..41893d7 100644 +--- a/configure.ac b/configure.ac +@@ -1357,7 +1357,7 @@ PHP_BUILD_DATE=`date -u +%Y-%m-%d` + fi + AC_DEFINE_UNQUOTED(PHP_BUILD_DATE,"$PHP_BUILD_DATE",[PHP build date]) + +-PHP_UNAME=`uname -a | xargs` ++PHP_UNAME=`uname | xargs` + AC_DEFINE_UNQUOTED(PHP_UNAME,"$PHP_UNAME",[uname -a output]) + PHP_OS=`uname | xargs` + AC_DEFINE_UNQUOTED(PHP_OS,"$PHP_OS",[uname output]) diff --git a/meta-oe/recipes-devtools/php/php_7.3.7.bb b/meta-oe/recipes-devtools/php/php_7.3.7.bb index 1028cf1..72e4c26 100644 --- a/meta-oe/recipes-devtools/php/php_7.3.7.bb +++ b/meta-oe/recipes-devtools/php/php_7.3.7.bb @@ -6,6 +6,7 @@ SRC_URI += "file://0001-acinclude.m4-don-t-unset-cache-variables.patch \ file://0048-Use-pkg-config-for-FreeType2-detection.patch \ file://0049-ext-intl-Use-pkg-config-to-detect-icu.patch \ file://0001-Use-pkg-config-for-libxml2-detection.patch \ +file://debian-php-fixheader.patch \ " SRC_URI_append_class-target = " \ file://pear-makefile.patch \ -- 2.7.4 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [meta-networking][PATCH 1/1] drbd-utils: enable reproducible_build awareness
Enable use of SOURCE_DATE_EPOCH from the reproducible_build bbclass. Signed-off-by: Joe Slater --- meta-networking/recipes-support/drbd/drbd-utils_9.10.0.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-networking/recipes-support/drbd/drbd-utils_9.10.0.bb b/meta-networking/recipes-support/drbd/drbd-utils_9.10.0.bb index 70e04b9..7fd3090 100644 --- a/meta-networking/recipes-support/drbd/drbd-utils_9.10.0.bb +++ b/meta-networking/recipes-support/drbd/drbd-utils_9.10.0.bb @@ -35,6 +35,9 @@ EXTRA_OECONF = " \ --without-manual \ " +# If we have inherited reproducible_build, we want to use it. +export WANT_DRBD_REPRODUCIBLE_BUILD = "yes" + do_configure_prepend() { # move the the file under folder /lib/drbd/ to /usr/lib/drbd when usrmerge enabled if ${@bb.utils.contains('DISTRO_FEATURES', 'usrmerge', 'true', 'false', d)}; then -- 2.7.4 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel
[oe] [meta-oe][PATCH 1/1] php-7: mark two tests as expected to fail
The output is reasonable, but not what is expected. Signed-off-by: Joe Slater --- .../php/php/xfail_two_bug_tests.patch | 34 ++ meta-oe/recipes-devtools/php/php_7.3.4.bb | 1 + 2 files changed, 35 insertions(+) create mode 100644 meta-oe/recipes-devtools/php/php/xfail_two_bug_tests.patch diff --git a/meta-oe/recipes-devtools/php/php/xfail_two_bug_tests.patch b/meta-oe/recipes-devtools/php/php/xfail_two_bug_tests.patch new file mode 100644 index 000..2105743 --- /dev/null +++ b/meta-oe/recipes-devtools/php/php/xfail_two_bug_tests.patch @@ -0,0 +1,34 @@ +php-ptest: xfail two tests + +If and when these tests are modified to expect the correct output, they will +succeed and generate warnings in the test summary. This patch can then be removed. + +Note that we add a closing '?>' to one test so that it can be executed directly by php. + +Upstream-Status: Pending + +Signed-off-By: Joe Slater + + +--- a/tests/basic/bug71273.phpt b/tests/basic/bug71273.phpt +@@ -16,6 +16,8 @@ Bug #71273 A wrong ext directory setup i + var_dump(preg_match(",.+a[\\/].+[\\/]w.php_kartoffelbrei.dll.+,s", $out)); + ?> + ==DONE== ++--XFAIL-- ++Output is int(0), not int(1) + --EXPECT-- + int(1) + ==DONE== +--- a/tests/run-test/bug75042-3.phpt b/tests/run-test/bug75042-3.phpt +@@ -8,5 +8,8 @@ display_errors=1 + nonexistentsharedmodule + --FILE-- + ++--XFAIL-- ++No warning message printed. + --EXPECTF-- + PHP Warning: PHP Startup: Unable to load dynamic library '%snonexistentsharedmodule.%s' %A diff --git a/meta-oe/recipes-devtools/php/php_7.3.4.bb b/meta-oe/recipes-devtools/php/php_7.3.4.bb index 1a5c976..4e577df 100644 --- a/meta-oe/recipes-devtools/php/php_7.3.4.bb +++ b/meta-oe/recipes-devtools/php/php_7.3.4.bb @@ -11,6 +11,7 @@ SRC_URI_append_class-target = " \ file://pear-makefile.patch \ file://phar-makefile.patch \ file://0001-opcache-config.m4-enable-opcache.patch \ +file://xfail_two_bug_tests.patch \ " SRC_URI[md5sum] = "efb58aea95a66738d871f83ec55fec6f" -- 2.7.4 -- ___ Openembedded-devel mailing list Openembedded-devel@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-devel