mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-22 09:29:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
dfbd3aac89fe9344d752ff8e77f0afe25bcd6866
poky/meta/recipes-devtools/rsync/rsync_3.2.7.bb
Archana Polampalli dfbd3aac89 rsync: fix CVE-2024-12086 
A flaw was found in rsync. It could allow a server to enumerate the contents of an
arbitrary file from the client's machine. This issue occurs when files are being
copied from a client to a server. During this process, the rsync server will send
checksums of local data to the client to compare with in order to determine what
data needs to be sent to the server. By sending specially constructed checksum values
for arbitrary files, an attacker may be able to reconstruct the data of those files
byte-by-byte based on the responses from the client.

(From OE-Core rev: 19f4e7bd965c63f19cc756e6e2bf8f58d9e1dc8d)

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-01-25 06:20:37 -08:00

75 lines
3.1 KiB
BlitzBasic
Raw Blame History

SUMMARY = "File synchronization tool"
HOMEPAGE = "http://rsync.samba.org/"
DESCRIPTION = "rsync is an open source utility that provides fast incremental file transfer."
BUGTRACKER = "http://rsync.samba.org/bugzilla.html"
SECTION = "console/network"
# GPL-2.0-or-later (<< 3.0.0), GPL-3.0-or-later (>= 3.0.0)
# Includes opennsh and xxhash dynamic link exception
LICENSE = "GPL-3.0-or-later"
LIC_FILES_CHKSUM = "file://COPYING;md5=24423708fe159c9d12be1ea29fcb18c7"
DEPENDS = "popt"
SRC_URI = "https://download.samba.org/pub/${BPN}/src/${BP}.tar.gz \
file://rsyncd.conf \
file://makefile-no-rebuild.patch \
file://determism.patch \
file://0001-Add-missing-prototypes-to-function-declarations.patch \
file://CVE-2024-12084-0001.patch \
file://CVE-2024-12084-0002.patch \
file://CVE-2024-12085.patch \
file://CVE-2024-12086-0001.patch \
file://CVE-2024-12086-0002.patch \
file://CVE-2024-12086-0003.patch \
file://CVE-2024-12086-0004.patch \
"
SRC_URI[sha256sum] = "4e7d9d3f6ed10878c58c5fb724a67dacf4b6aac7340b13e488fb2dc41346f2bb"
inherit autotools-brokensep
PACKAGECONFIG ??= "acl attr \
${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \
"
PACKAGECONFIG[acl] = "--enable-acl-support,--disable-acl-support,acl,"
PACKAGECONFIG[attr] = "--enable-xattr-support,--disable-xattr-support,attr,"
PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6,"
PACKAGECONFIG[lz4] = "--enable-lz4,--disable-lz4,lz4"
PACKAGECONFIG[openssl] = "--enable-openssl,--disable-openssl,openssl"
PACKAGECONFIG[xxhash] = "--enable-xxhash,--disable-xxhash,xxhash"
PACKAGECONFIG[zstd] = "--enable-zstd,--disable-zstd,zstd"
# By default, if crosscompiling, rsync disables a number of
# capabilities, hardlinking symlinks and special files (i.e. devices)
CACHED_CONFIGUREVARS += "rsync_cv_can_hardlink_special=yes rsync_cv_can_hardlink_symlink=yes"
EXTRA_OEMAKE = 'STRIP=""'
EXTRA_OECONF = "--disable-md2man --with-nobody-group=nogroup"
#| ./simd-checksum-x86_64.cpp: In function 'uint32_t get_checksum1_cpp(char*, int32_t)':
#| ./simd-checksum-x86_64.cpp:89:52: error: multiversioning needs 'ifunc' which is not supported on this target
#| 89 | __attribute__ ((target("default"))) MVSTATIC int32 get_checksum1_avx2_64(schar* buf, int32 len, int32 i, uint32* ps1, uint32* ps2) { return i; }
#| | ^~~~~~~~~~~~~~~~~~~~~
#| ./simd-checksum-x86_64.cpp:480:1: error: use of multiversioned function without a default
#| 480 | }
#| | ^
#| If you can't fix the issue, re-run ./configure with --disable-roll-simd.
EXTRA_OECONF:append:libc-musl = " --disable-roll-simd"
# rsync 3.0 uses configure.sh instead of configure, and
# makefile checks the existence of configure.sh
do_configure:prepend () {
rm -f ${S}/configure ${S}/configure.sh
}
do_configure:append () {
cp -f ${S}/configure ${S}/configure.sh
}
do_install:append() {
install -d ${D}${sysconfdir}
install -m 0644 ${WORKDIR}/rsyncd.conf ${D}${sysconfdir}
}
BBCLASSEXTEND = "native nativesdk"
Reference in New Issue View Git Blame Copy Permalink