curl v7.79.0 contained fixes for three CVEs:
The description of CVE-2021-22945[1] contains:
> This flaw was introduced in commit 2522903b79 but since MQTT support
> was marked 'experimental' then and not enabled in the build by default
> until curl 7.73.0 (October 14, 2020) we count that as the first flawed
> version.
which I believe means that curl v7.69.1 is not vulnerable.
curl v7.69.1 is vulnerable to both CVE-2021-22946[2] and CVE-22947[3].
These patches are from Ubuntu 20.04's curl 7.68.0 package. The patches
applied without conflicts, but I used devtool to regenerate them to
avoid fuzz warnings.
[1] https://curl.se/docs/CVE-2021-22945.html
[2] https://curl.se/docs/CVE-2021-22946.html
[3] https://curl.se/docs/CVE-2021-22947.html
(From OE-Core rev: b9b343704afc28a6182f699ef17943afacd482a8)
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Source: https://dist.apache.org
MR: 112793
Type: Security Fix
Disposition: Backport from https://dist.apache.org/repos/dist/release/apr/patches/apr-1.7.0-CVE-2021-35940.patch
ChangeID: c8247210204ffcc7d1425e3d60f077ad3dd54ebc
Description:
An out-of-bounds array read in the apr_time_exp*() functions was fixed in the
Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The fix for this issue
was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed
compared to 1.6.3 and is vulnerable to the same issue.
(From OE-Core rev: 315262830bfe2bc8b2a9259541bb3a0bc83a2cdd)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
SDKPATHINSTALL is the default installation path used for the SDK but is not
the path encoded into every SDK binary as the default path. This change
allows it to contain things like dates without requiring every nativesdk
recipe to rebuild.
Partially fixes [YOCTO #14100]
(From meta-yocto rev: 7eac76587428202db781f269439ad9d719017289)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a62175ee581bd05661717f0fb89dad2a297b4034)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE is effectively disputed - yes there is stack exhaustion but no bug and it
is building the parser, not running it, effectively similar to a compiler ICE.
Upstream no plans to address and there is no security issue.
https://github.com/westes/flex/issues/414
(From OE-Core rev: b939b005b06be58a276d565f755ee2d8f3e5dfc1)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0cae5d7a24bedf6784781b62cbb3795a44bab4d1)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
dbus and dbus-test share the same source code and base configuration options,
so factor out the common parts into dbus.inc.
This way we can eliminate the need to keep the two recipes in sync. When they
are not properly in sync (e.g. when dbus recipe has extra patches/config
options that are not duplicated in dbus-test) ptest testsuite will actually
test a slightly different codebase. This is due to the fact that dbus-test does
not run the testsuite against the system libdbus library, but instead it
generates a local libdbus.so that needs to configured/compiled as close as
possible to the system one.
(From OE-Core rev: 1cde2935526d2eec7d6b17a6c622647b0c132439)
(From OE-Core rev: 6c90e4dd59eb06058d14deeb9aa87717fd88ab09)
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 44ae5d8d6f)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: 8d33a2a4e4b6ff8f831523e5b1b16ead6b29cc79)
(From OE-Core rev: 7337d7e4faf20a513c065c44d7d9d472334452b2)
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a62471f064)
[Bug fix only update, drop cve patch now included
a0926ef86f (tag: dbus-1.12.18) Prepare 1.12.18
8bc1381819 fdpass test: Assert that we don't leak file descriptors
272d484283 sysdeps-unix: On MSG_CTRUNC, close the fds we did receive <- cve fix
31297172f1 Update NEWS
041d579139 dbus-daemon test: Don't test fd limits if in an unprivileged container
55b3f71376 Update NEWS
ced04aabc7 doxygen: fix example for dbus_message_append_args
3e40637b10 Update NEWS
3e0ea34966 cmake: Add X11 include path for tools
d0992805d7 doc: replace dbus-send's --address with --peer and --bus
dd32f6b617 Update NEWS
d251fe7850 Merge branch 'cherry-pick-b034b83b' into 'dbus-1.12'
2c6b0ad7f6 bus: Don't explicitly clear BusConnections.monitors
df0c675b93 Merge branch 'cherry-pick-bf71a58e' into 'dbus-1.12'
beb79b94fb doc: Fix environment variable name in dbus-daemon(1)
eab5d4a420 Start 1.12.18 development]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upstream repo no longer has 'master' branch, and switched to
'main'. To avoid issue such as:
ERROR: rt-tests-1_1.1-r0 do_fetch: Fetcher failure: Unable to find
revision dff174f994f547a5785d32454865f140daacb0f5 in branch master
even from upstream
we need to set the default branch name to 'main' in the recipe.
(From OE-Core rev: ed52bea54f135b7b5367a24bb3861d9bc0c53117)
Signed-off-by: Nicolas Dechesne <nicolas.dechesne@linaro.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This log checking fix is needed for both qemux86 and qemux86-64 so move
to the common section.
[YOCTO #14528]
(From OE-Core rev: e47fcdd767f97d788b5bf749815d902215520edc)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2475ce68f0bc1f342c75364dfcfaf7f30499badf)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Added 0001-core-reuse-large-mem-chunks-fix-mem-usage-fixes-3033.patch
to fix large memory usage for large file downloads
from dynamic backends reuse or release large memory chunks.
Also, added patch to set default chunk size 8k earlier it was 4k.
This issue is caused by a bug in the lighttpd 1.4.55 version and
has been fixed in lighttpd 1.4.58. Hence, it is not needed for
master and hardknott branch because lighttpd has 1.4.59 version.
Link: 7ba521ffb4
Link: 304e46d4f8
(From OE-Core rev: d3ac63230b98251d67a75a67456b769b6a002df0)
Signed-off-by: Purushottam Choudhary <purushottamchoudhary29@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport an upstream patch for the CVE.
(From OE-Core rev: 5042a4116a024bbc320d97ea29b21a589dea9942)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 87191ed0303f6552865ad1edcacd674c57f2010c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Commit 05a87be51b44608ce4f77ac332df90a3cd2445ef introduced
a Python conditional expression when updating PATH that
generates syntax warnings in bitbake-cookerdaemon.log:
Var <PATH[:=]>:1: SyntaxWarning: "is not" with a literal. Did you mean "!="?
Fix this by using the more appropriate '!=' comparison
operator.
(From OE-Core rev: b46b059a306b2823624e64adecded9f76430471a)
Signed-off-by: Matt Madison <matt@madison.systems>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2e753a12cf6bb98f9e0940e5ed6255ce8c538eed)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- Some distributions with UTF-8 locale have problem when National Language
Support is enabled. Add there an option to disable it.
(From OE-Core rev: 9224b01eaa46986b1c363a541e88f20387d8c30b)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit da630d6d81a396c3e1635fbd7b8103df47ed2732)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add SDKPATHINSTALL which is used as the default install location of the SDK
instead of SDKPATH. This means the default install path isn't encoded into
every SDK binary, meaning if a date is used there the entire SDK doesn't
have to rebuild. Most distros can switch to only customise SDKPATHINSTALL
meaning more sstate reuse too.
[YOCTO #14100]
(From OE-Core rev: 33a5714592bf41a26fcd7e8ff595b45538082431)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit bc4ee5453560dcefc4a4ecc5657df5cc1666e153)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Crashes in mesa when using vgem kernel module (in the absence of real GPU)
have been observed in dunfell (they do not happen in master):
https://bugzilla.yoctoproject.org/show_bug.cgi?id=14527
Let's focus on making host-accelerated virtualized graphics work well in master
and upcoming releases (the issue is not seen there).
(From OE-Core rev: 448e0271ed831582bb5833486fc17b131676fb53)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We don't use the CD/DVD ROM drive in any of our tests, but it
periodically fails discovery and that leads to a QA error:
[ 6.403477] ata3.00: failed to IDENTIFY (I/O error, err_mask=0x4)
The only way to disable the optical ROM drive in qemu is to use
the '-nodefaults' option, which disables the CDROM (among other things).
We can't be sure that none of our tests, or extended users are relying
on default devices, so using that option is more of a risk than adding
the message to our ignore list.
To date, no one has sent a patch to just disable the optical drive
(either in qemu or the BIOS), but that is something we could consider
in the future.
[YOCTO #14528]
(From OE-Core rev: ae65f4a6a10ad9ca7cf94d653b3b07039b483e72)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 143fc5504539c69752ca87717507c197a8920ce5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is done when starting up qemu has failed, but is not done
when qemu started ok, but fails later in QMP communication.
Output from runqemu does contain valuable information to find out
why, so rather than fix all the QMP fails to include it, let's just
print it in stop().
(From OE-Core rev: 1732290d4d2147bd9ffd76deaf90650519a6ad3d)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6e2bf68e4401db747484c2c8ba0f77500b1d2d49)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Updating linux-yocto/5.4 to the latest korg -stable release that comprises
the following commits:
c15b830f7c1c Linux 5.4.142
a17f2f2c8949 KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (CVE-2021-3656)
7c1c96ffb658 KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653)
456fd889227f iommu/vt-d: Fix agaw for a supported 48 bit guest address width
5b5f855a793c vmlinux.lds.h: Handle clang's module.{c,d}tor sections
e9b2b2b29ca8 ceph: take snap_empty_lock atomically with snaprealm refcount change
95ff775df6ec ceph: clean up locking annotation for ceph_get_snap_realm and __lookup_snap_realm
1d8c232afb03 ceph: add some lockdep assertions around snaprealm handling
a6ff0f3f9f90 KVM: VMX: Use current VMCS to query WAITPKG support for MSR emulation
ec25d05e1893 PCI/MSI: Protect msi_desc::masked for multi-MSI
48d2439c6f2a PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown()
386ead1d3598 PCI/MSI: Correct misleading comments
76d81dec16d0 PCI/MSI: Do not set invalid bits in MSI mask
6b4bcbf13390 PCI/MSI: Enforce MSI[X] entry updates to be visible
4495a41fbcd7 PCI/MSI: Enforce that MSI-X table entry is masked for update
1866c8f6d43c PCI/MSI: Mask all unused MSI-X entries
3b4220c2bf35 PCI/MSI: Enable and mask MSI-X early
0c8dea3fd55c genirq/timings: Prevent potential array overflow in __irq_timings_store()
4dfe80927102 genirq/msi: Ensure deactivation on teardown
e3e54a930073 x86/resctrl: Fix default monitoring groups reporting
a6b594ad7419 x86/ioapic: Force affinity setup before startup
db5e2666946a x86/msi: Force affinity setup before startup
eda32c21882c genirq: Provide IRQCHIP_AFFINITY_PRE_STARTUP
06b347743608 x86/tools: Fix objdump version check again
74451dd8bfca powerpc/kprobes: Fix kprobe Oops happens in booke
b74145d858a8 nbd: Aovid double completion of a request
ad9550114d4c vsock/virtio: avoid potential deadlock when vsock device remove
b9cd73cce50a xen/events: Fix race in set_evtchn_to_irq
4d3c5c319b19 net: igmp: increase size of mr_ifc_count
721ff564cc6a tcp_bbr: fix u32 wrap bug in round logic if bbr_init() called after 2B packets
2ce8a68a312c net: linkwatch: fix failure to restore device state across suspend/resume
33597972a2e9 net: bridge: fix memleak in br_add_if()
f6eee53beb07 net: dsa: sja1105: fix broken backpressure in .port_fdb_dump
1e6a570d3786 net: dsa: lantiq: fix broken backpressure in .port_fdb_dump
564f6bbd0ed6 net: dsa: lan9303: fix broken backpressure in .port_fdb_dump
a9243455e874 net: igmp: fix data-race in igmp_ifc_timer_expire()
ed957c77b391 net: Fix memory leak in ieee802154_raw_deliver
13a381b8bc22 net: dsa: microchip: Fix ksz_read64()
991117eeeee8 drm/meson: fix colour distortion from HDR set during vendor u-boot
e114f15de881 net/mlx5: Fix return value from tracer initialization
f99aa76bb83c psample: Add a fwd declaration for skbuff
9dc8e396c12e iavf: Set RSS LUT and key in reset handle path
23436edae3c9 net: sched: act_mirred: Reset ct info when mirror/redirect skb
9636fbfe7bdd ppp: Fix generating ifname when empty IFLA_IFNAME is specified
1c31ee907fde net: phy: micrel: Fix link detection on ksz87xx switch"
dfeb64f6e2ce platform/x86: pcengines-apuv2: Add missing terminating entries to gpio-lookup tables
699db2bb96ad platform/x86: pcengines-apuv2: revert wiring up simswitch GPIO as LED
af7f1539cfb1 net: dsa: mt7530: add the missing RxUnicast MIB counter
d353a61860a2 ASoC: cs42l42: Fix LRCLK frame start edge
b036452082f3 netfilter: nf_conntrack_bridge: Fix memory leak when error
cd36a36ea4ea ASoC: cs42l42: Remove duplicate control for WNF filter frequency
eb789cc9179f ASoC: cs42l42: Fix inversion of ADC Notch Switch control
6a3381336398 ASoC: cs42l42: Don't allow SND_SOC_DAIFMT_LEFT_J
55e86f07b85e ASoC: cs42l42: Correct definition of ADC Volume control
22d2e3c6a1b8 ieee802154: hwsim: fix GPF in hwsim_new_edge_nl
5bac8c2a3087 ieee802154: hwsim: fix GPF in hwsim_set_edge_lqi
ddcf807fbb70 libnvdimm/region: Fix label activation vs errors
bc97fde4c668 ACPI: NFIT: Fix support for virtual SPA ranges
a753e3f33405 ceph: reduce contention in ceph_check_delayed_caps()
aa04486c419d i2c: dev: zero out array used for i2c reads from userspace
c18b28e5ade8 ASoC: intel: atom: Fix reference to PCM buffer address
aab3fa544647 ASoC: xilinx: Fix reference to PCM buffer address
60e2854acf3b iio: adc: Fix incorrect exit of for-loop
bcac5225923b iio: humidity: hdc100x: Add margin to the conversion time
da7cb80905ec iio: adc: ti-ads7950: Ensure CS is deasserted after reading channels
(From OE-Core rev: 18e0b6edc40a6e26b90f582e7eb3edcd10b62887)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Currently the mkfs.btrfs generates large images with a lot of wasted
space. This happens since OE-core updated btrfs-tools from 4.13.3 to
4.15.1 in commit 94b645aa77 ("btrfs-tools: update to 4.15.1") .
Note in mkfs.btrfs(8) manpage section -r says the following:
"
-r|--rootdir <rootdir>
...
Note This option may enlarge the image or file to ensure
it’s big enough to contain the files from rootdir. Since
version 4.14.1 the filesystem size is not minimized. Please
see option --shrink if you need that functionality.
--shrink
Shrink the filesystem to its minimal size, only works with
--rootdir option.
...
Note prior to version 4.14.1, the shrinking was done
automatically.
"
Add the --shrink option to EXTRA_IMAGECMD_btrfs to reinstate the
original behavior and un-waste the space.
(From OE-Core rev: 6de30e62fc5815edc19c96b49c0ff9681298c56c)
Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Cc: Richard Purdie <richard.purdie@linuxfoundation.org>
Cc: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c4a99d36967302c176b62fad840b5e79486ea356)
Cc: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
utils.bbclass contains create_cmdline_wrapper() function that
creates wrapper script with additional arguments for any passed
"$cmd" command, and uses several calls to "dirname".
Because "dirname" is an external command, in cases of lots of
calls to wrapped "$cmd", each call of "dirname" will incur
significant overhead.
There are three same calls to "dirname": one for saving it`s
output to "realdir" variable, and other two in "exec" command.
So last two "dirname" calls can be replaced with cached value
from "realdir" variable.
(From OE-Core rev: 912c9eda653c45fee2f55092fbe281efba897bc0)
Signed-off-by: Oleksandr Popovych <opopovyc@cisco.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4b9cf2c80fd14386e0b88a2e6c40a9fa3f1ae0f7)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
lzo was missing CVE_PRODUCT and related CVEs (at least CVE-2014-4607) were
not reported.
(From OE-Core rev: 69e33b9eee6ae97208e766fd96353dfcb8c20bd5)
Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 366cf8201e36df1ac836e49de04ccda1f763ca9e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Previously the bootimg-pcbios wic plugin was not respecting
the --label option provided from the wks file. The plugin
was setting the label to 'boot'. With this fix, the --label
option is use. If no option are specified, then the default
is 'boot'.
(From OE-Core rev: c9617934a20d30198a8ddcf10fc02de4885fd433)
Signed-off-by: jbouchard <jeanbouch418@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0fd7a73c1bd2486b7a022f0f69bbcb2e0d9cb141)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
