diff options
156 files changed, 4288 insertions, 544 deletions
diff --git a/meta-filesystems/recipes-support/fuse/fuse3/fuse3.conf b/meta-filesystems/recipes-support/fuse/fuse3/fuse3.conf new file mode 100644 index 0000000000..a517c488f3 --- /dev/null +++ b/meta-filesystems/recipes-support/fuse/fuse3/fuse3.conf @@ -0,0 +1 @@ +fuse diff --git a/meta-filesystems/recipes-support/fuse/fuse3_3.16.2.bb b/meta-filesystems/recipes-support/fuse/fuse3_3.16.2.bb index 2b0797a6f5..b946b63ee4 100644 --- a/meta-filesystems/recipes-support/fuse/fuse3_3.16.2.bb +++ b/meta-filesystems/recipes-support/fuse/fuse3_3.16.2.bb @@ -14,6 +14,7 @@ LIC_FILES_CHKSUM = " \ " SRC_URI = "https://github.com/libfuse/libfuse/releases/download/fuse-${PV}/fuse-${PV}.tar.gz \ + file://fuse3.conf \ " SRC_URI[sha256sum] = "f797055d9296b275e981f5f62d4e32e089614fc253d1ef2985851025b8a0ce87" @@ -79,6 +80,20 @@ FILES:fuse3-utils = "${bindir} ${base_sbindir}" DEBIAN_NOAUTONAME:fuse3-utils = "1" DEBIAN_NOAUTONAME:${PN}-dbg = "1" +SYSTEMD_SERVICE:${PN} = "" + do_install:append() { rm -rf ${D}${base_prefix}/dev + + # systemd class remove the sysv_initddir only if systemd_system_unitdir + # contains anything, but it's not needed if sysvinit is not in DISTRO_FEATURES + if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'false', 'true', d)}; then + rm -rf ${D}${sysconfdir}/init.d/ + fi + + # Install systemd related configuration file + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}${sysconfdir}/modules-load.d + install -m 0644 ${WORKDIR}/fuse3.conf ${D}${sysconfdir}/modules-load.d + fi } diff --git a/meta-gnome/dynamic-layers/meta-security/recipes-gnome/gnome-remote-desktop/gnome-remote-desktop_46.1.bb b/meta-gnome/dynamic-layers/meta-security/recipes-gnome/gnome-remote-desktop/gnome-remote-desktop_46.2.bb index 634b37971e..59ae9383db 100644 --- a/meta-gnome/dynamic-layers/meta-security/recipes-gnome/gnome-remote-desktop/gnome-remote-desktop_46.1.bb +++ b/meta-gnome/dynamic-layers/meta-security/recipes-gnome/gnome-remote-desktop/gnome-remote-desktop_46.2.bb @@ -4,11 +4,11 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" GNOMEBASEBUILDCLASS = "meson" -inherit gnomebase gettext gsettings features_check +inherit gnomebase gettext gsettings features_check useradd -REQUIRED_DISTRO_FEATURES = "opengl" +REQUIRED_DISTRO_FEATURES = "opengl polkit" -SRC_URI[archive.sha256sum] = "7c62a4281fdfa9522110affbf75d09973035f2adc7fa4577511d733186beb68f" +SRC_URI[archive.sha256sum] = "97443eaffe4b1a69626886a41d25cbeb2c148d3fed43d92115c1b7d20d5238ab" DEPENDS = " \ asciidoc-native \ @@ -36,5 +36,15 @@ PACKAGECONFIG[vnc] = "-Dvnc=true,-Dvnc=false,libvncserver" PACKAGECONFIG[rdp] = "-Drdp=true,-Drdp=false,freerdp3 fuse3 libxkbcommon" PACKAGECONFIG[systemd] = "-Dsystemd=true,-Dsystemd=false,systemd" +USERADD_PACKAGES = "${PN}" +USERADD_PARAM:${PN} = "--system --no-create-home --user-group --home-dir ${sysconfdir}/polkit-1 polkitd" + +do_install:append() { + if [ -d ${D}${datadir}/polkit-1/rules.d ]; then + chmod 700 ${D}${datadir}/polkit-1/rules.d + chown polkitd:root ${D}${datadir}/polkit-1/rules.d + fi +} + PACKAGE_DEBUG_SPLIT_STYLE = "debug-without-src" FILES:${PN} += "${systemd_user_unitdir} ${systemd_system_unitdir} ${datadir} ${libdir}/sysusers.d ${libdir}/tmpfiles.d" diff --git a/meta-gnome/recipes-gnome/gnome-shell/gnome-shell/0002-screencast-Correct-expected-bus-name-for-streams.patch b/meta-gnome/recipes-gnome/gnome-shell/gnome-shell/0002-screencast-Correct-expected-bus-name-for-streams.patch new file mode 100644 index 0000000000..736594716a --- /dev/null +++ b/meta-gnome/recipes-gnome/gnome-shell/gnome-shell/0002-screencast-Correct-expected-bus-name-for-streams.patch @@ -0,0 +1,38 @@ +From 50a011a19dcc6997ea6173c07bb80b2d9888d363 Mon Sep 17 00:00:00 2001 +From: Simon McVittie <smcv@debian.org> +Date: Mon, 6 May 2024 21:58:09 +0100 +Subject: [PATCH] screencast: Correct expected bus name for streams +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Previously, this only worked because GDBusConnection was not filtering +signals by their sender correctly (GNOME/glib#3268). + +Thanks: Alicia Boya GarcÃa +Signed-off-by: Simon McVittie <smcv@debian.org> +Part-of: <https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/3303> + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/gnome-shell/-/commit/50a011a19dcc6997ea6173c07bb80b2d9888d363] + +Signed-off-by: Peter Marko <peter.marko@siemens.com> +--- + js/dbusServices/screencast/screencastService.js | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/js/dbusServices/screencast/screencastService.js b/js/dbusServices/screencast/screencastService.js +index d664a51b083..0645811fa0a 100644 +--- a/js/dbusServices/screencast/screencastService.js ++++ b/js/dbusServices/screencast/screencastService.js +@@ -340,7 +340,7 @@ class Recorder extends Signals.EventEmitter { + }); + + this._streamProxy = new ScreenCastStreamProxy(Gio.DBus.session, +- 'org.gnome.ScreenCast.Stream', ++ 'org.gnome.Mutter.ScreenCast', + streamPath); + + this._streamProxy.connectSignal('PipeWireStreamAdded', +-- +2.30.2 + diff --git a/meta-gnome/recipes-gnome/gnome-shell/gnome-shell_46.1.bb b/meta-gnome/recipes-gnome/gnome-shell/gnome-shell_46.1.bb index ed86cbcb6a..1bc9b6b394 100644 --- a/meta-gnome/recipes-gnome/gnome-shell/gnome-shell_46.1.bb +++ b/meta-gnome/recipes-gnome/gnome-shell/gnome-shell_46.1.bb @@ -34,6 +34,7 @@ REQUIRED_DISTRO_FEATURES += "gobject-introspection-data" SRC_URI[archive.sha256sum] = "64f999844c101e63bf294d45b138de56319ad2f326282721aad0fa860653b369" SRC_URI += "file://0001-Introduce-options-gjs_path-to-optionally-set-path-to.patch" +SRC_URI += "file://0002-screencast-Correct-expected-bus-name-for-streams.patch" PACKAGECONFIG ??= "bluetooth nm ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" PACKAGECONFIG[bluetooth] = ",,gnome-bluetooth" diff --git a/meta-gnome/recipes-gnome/nautilus/nautilus_46.1.bb b/meta-gnome/recipes-gnome/nautilus/nautilus_45.1.bb index 4092ff9dd2..9c0d154ec8 100644 --- a/meta-gnome/recipes-gnome/nautilus/nautilus_46.1.bb +++ b/meta-gnome/recipes-gnome/nautilus/nautilus_45.1.bb @@ -22,7 +22,7 @@ DEPENDS = " \ inherit gnomebase gsettings gobject-introspection gi-docgen gettext features_check mime-xdg gtk-icon-cache -SRC_URI[archive.sha256sum] = "cc1a5fdf1dd72f92e9e3f3c7ad263709a0de5391a895be9344f6a67f43887bd7" +SRC_URI[archive.sha256sum] = "23bdaa9a85466c5937a89daddd080ed03bcc2b49e8b64af607206353bde82fe3" REQUIRED_DISTRO_FEATURES = "x11 opengl gobject-introspection-data" diff --git a/meta-networking/recipes-connectivity/daq/daq_2.0.7.bb b/meta-networking/recipes-connectivity/daq/daq_2.0.7.bb index 66ad83f711..8cb4c04fa3 100644 --- a/meta-networking/recipes-connectivity/daq/daq_2.0.7.bb +++ b/meta-networking/recipes-connectivity/daq/daq_2.0.7.bb @@ -11,6 +11,7 @@ DEPENDS = "libpcap libpcre libdnet bison-native libnetfilter-queue" SRC_URI = "http://fossies.org/linux/misc/daq-${PV}.tar.gz \ file://disable-run-test-program-while-cross-compiling.patch \ file://0001-correct-the-location-of-unistd.h.patch \ + file://daq-fix-incompatible-pointer-type-error.patch \ " SRC_URI[sha256sum] = "bdc4e5a24d1ea492c39ee213a63c55466a2e8114b6a9abed609927ae13a7705e" # these 2 create undeclared dependency on libdnet and libnetfilter-queue from meta-networking diff --git a/meta-networking/recipes-connectivity/daq/files/daq-fix-incompatible-pointer-type-error.patch b/meta-networking/recipes-connectivity/daq/files/daq-fix-incompatible-pointer-type-error.patch new file mode 100644 index 0000000000..ade3ec686b --- /dev/null +++ b/meta-networking/recipes-connectivity/daq/files/daq-fix-incompatible-pointer-type-error.patch @@ -0,0 +1,31 @@ +Fix daq incompatible pointer type error when gcc option +'-Wincompatible-pointer-types is set: + +| ../../daq-2.0.7/os-daq-modules/daq_nfq.c: In function 'SetPktHdr': +| ../../daq-2.0.7/os-daq-modules/daq_nfq.c:394:37: error: passing argument 2 + of 'nfq_get_payload' from incompatible pointer type [-Wincompatible-pointer-types] +| 394 | int len = nfq_get_payload(nfad, (char**)pkt); +| | ^~~~~~~~~~~ +| | | +| | char ** + +Upstream-Status: Inactive-Upstream [lastrelease: 2019-03-09] + +Signed-off-by: Kai Kang <kai.kang@windriver.com> +--- + os-daq-modules/daq_nfq.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/os-daq-modules/daq_nfq.c b/os-daq-modules/daq_nfq.c +index 4de94b6..a6de2f3 100644 +--- a/os-daq-modules/daq_nfq.c ++++ b/os-daq-modules/daq_nfq.c +@@ -391,7 +391,7 @@ static inline int SetPktHdr ( + DAQ_PktHdr_t* hdr, + uint8_t** pkt + ) { +- int len = nfq_get_payload(nfad, (char**)pkt); ++ int len = nfq_get_payload(nfad, (unsigned char**)pkt); + + if ( len <= 0 ) + return -1; diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.8.bb b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.9.bb index 301e655989..da984a3990 100644 --- a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.8.bb +++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.9.bb @@ -23,7 +23,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=379d5819937a6c2f1ef1630d341e026d" SECTION = "libs" S = "${WORKDIR}/git" -SRCREV = "5a764e5555c64337ed17444410269ff21cb617b1" +SRCREV = "5e146adef63b326b04282252639bebc2730939c6" SRC_URI = "git://github.com/Mbed-TLS/mbedtls.git;protocol=https;branch=mbedtls-2.28 \ file://run-ptest \ " diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.6.0.bb b/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.6.1.bb index 92a2de82a3..29c96f19aa 100644 --- a/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.6.0.bb +++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.6.1.bb @@ -23,12 +23,12 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=379d5819937a6c2f1ef1630d341e026d" SECTION = "libs" S = "${WORKDIR}/git" -SRC_URI = "git://github.com/Mbed-TLS/mbedtls.git;protocol=https;branch=master \ +SRC_URI = "git://github.com/Mbed-TLS/mbedtls.git;protocol=https;branch=mbedtls-3.6 \ git://github.com/Mbed-TLS/mbedtls-framework.git;protocol=https;branch=main;destsuffix=git/framework;name=framework \ file://run-ptest" -SRCREV = "2ca6c285a0dd3f33982dd57299012dacab1ff206" -SRCREV_framework = "750634d3a51eb9d61b59fd5d801546927c946588" +SRCREV = "71c569d44bf3a8bd53d874c81ee8ac644dd6e9e3" +SRCREV_framework = "94599c0e3b5036e086446a51a3f79640f70f22f6" SRCREV_FORMAT .= "_framework" UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>\d+(\.\d+)+)" @@ -76,7 +76,8 @@ sysroot_stage_all:append() { do_install_ptest () { install -d ${D}${PTEST_PATH}/tests + install -d ${D}${PTEST_PATH}/framework cp -f ${B}/tests/test_suite_* ${D}${PTEST_PATH}/tests/ find ${D}${PTEST_PATH}/tests/ -type f -name "*.c" -delete - cp -fR ${S}/tests/data_files ${D}${PTEST_PATH}/tests/ + cp -fR ${S}/framework/data_files ${D}${PTEST_PATH}/framework/ } diff --git a/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.46.0.bb b/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.46.0.bb index 8184fcf1a1..1b4003df18 100644 --- a/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.46.0.bb +++ b/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.46.0.bb @@ -99,7 +99,7 @@ PACKAGECONFIG[polkit] = "-Dpolkit=true,-Dpolkit=false,polkit" PACKAGECONFIG[bluez5] = "-Dbluez5_dun=true,-Dbluez5_dun=false,bluez5" # consolekit is not picked by shlibs, so add it to RDEPENDS too PACKAGECONFIG[consolekit] = "-Dsession_tracking_consolekit=true,-Dsession_tracking_consolekit=false,consolekit,consolekit" -PACKAGECONFIG[modemmanager] = "-Dmodem_manager=true,-Dmodem_manager=false,modemmanager mobile-broadband-provider-info,modemmanager mobile-broadband-provider-info" +PACKAGECONFIG[modemmanager] = "-Dmodem_manager=true,-Dmodem_manager=false,modemmanager mobile-broadband-provider-info" PACKAGECONFIG[ppp] = "-Dppp=true -Dpppd=${sbindir}/pppd,-Dppp=false,ppp" PACKAGECONFIG[dnsmasq] = "-Ddnsmasq=${bindir}/dnsmasq" PACKAGECONFIG[nss] = "-Dcrypto=nss,,nss" diff --git a/meta-networking/recipes-connectivity/samba/samba_4.19.5.bb b/meta-networking/recipes-connectivity/samba/samba_4.19.8.bb index f5ef86dd4b..429f983c93 100644 --- a/meta-networking/recipes-connectivity/samba/samba_4.19.5.bb +++ b/meta-networking/recipes-connectivity/samba/samba_4.19.8.bb @@ -31,7 +31,7 @@ SRC_URI:append:libc-musl = " \ file://samba-4.3.9-remove-getpwent_r.patch \ " -SRC_URI[sha256sum] = "0e2405b4cec29d0459621f4340a1a74af771ec7cffedff43250cad7f1f87605e" +SRC_URI[sha256sum] = "1aeff76c207f383477ce4badebd154691c408d2e15b01b333c85eb775468ddf6" UPSTREAM_CHECK_REGEX = "samba\-(?P<pver>4\.19(\.\d+)+).tar.gz" diff --git a/meta-networking/recipes-connectivity/tayga/tayga_0.9.2.bb b/meta-networking/recipes-connectivity/tayga/tayga_0.9.2.bb index 36d35e6dee..40dbccb840 100644 --- a/meta-networking/recipes-connectivity/tayga/tayga_0.9.2.bb +++ b/meta-networking/recipes-connectivity/tayga/tayga_0.9.2.bb @@ -12,6 +12,8 @@ SRC_URI[sha256sum] = "2b1f7927a9d2dcff9095aff3c271924b052ccfd2faca9588b277431a44 SYSTEMD_PACKAGES = "${PN}" SYSTEMD_SERVICE:${PN} = "tayga.service" +EXTRA_OEMAKE += "CFLAGS='${CFLAGS}'" + do_install:append() { install -m 0644 ${WORKDIR}/tayga.conf ${D}${sysconfdir}/tayga.conf install -d ${D}${systemd_unitdir}/system/ @@ -19,3 +21,4 @@ do_install:append() { } inherit autotools systemd + diff --git a/meta-networking/recipes-daemons/squid/files/CVE-2024-37894.patch b/meta-networking/recipes-daemons/squid/files/CVE-2024-37894.patch new file mode 100644 index 0000000000..ba12b71d6f --- /dev/null +++ b/meta-networking/recipes-daemons/squid/files/CVE-2024-37894.patch @@ -0,0 +1,36 @@ +From 920563e7a080155fae3ced73d6198781e8b0ff04 Mon Sep 17 00:00:00 2001 +From: Francesco Chemolli <5175948+kinkie@users.noreply.github.com> +Date: Sun, 2 Jun 2024 14:41:16 +0000 +Subject: [PATCH] Bug 5378: type mismatch in libTrie (#1830) + +TrieNode::add() incorrectly computed an offset of an internal data +structure, resulting in out-of-bounds memory accesses that could cause +corruption or crashes. + +This bug was discovered and detailed by Joshua Rogers at +https://megamansec.github.io/Squid-Security-Audit/esi-underflow.html +where it was filed as "Buffer Underflow in ESI". + +CVE: CVE-2024-37894 +Upstream-Status: Backport [https://github.com/squid-cache/squid/commit/920563e7a080155fae3ced73d6198781e8b0ff04] +Signed-off-by: Peter Marko <peter.marko@siemens.com> +--- + lib/libTrie/TrieNode.cc | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/libTrie/TrieNode.cc b/lib/libTrie/TrieNode.cc +index 0f991a06d..d417e0f54 100644 +--- a/lib/libTrie/TrieNode.cc ++++ b/lib/libTrie/TrieNode.cc +@@ -32,7 +32,7 @@ TrieNode::add(char const *aString, size_t theLength, void *privatedata, TrieChar + /* We trust that privatedata and existent keys have already been checked */ + + if (theLength) { +- int index = transform ? (*transform)(*aString): *aString; ++ const unsigned char index = transform ? (*transform)(*aString): *aString; + + if (!internal[index]) + internal[index] = new TrieNode; +-- +2.30.2 + diff --git a/meta-networking/recipes-daemons/squid/squid_6.9.bb b/meta-networking/recipes-daemons/squid/squid_6.9.bb index f0663a5e04..61fc6027b3 100644 --- a/meta-networking/recipes-daemons/squid/squid_6.9.bb +++ b/meta-networking/recipes-daemons/squid/squid_6.9.bb @@ -20,6 +20,7 @@ SRC_URI = "http://www.squid-cache.org/Versions/v${MAJ_VER}/${BPN}-${PV}.tar.xz \ file://volatiles.03_squid \ file://0002-squid-make-squid-conf-tests-run-on-target-device.patch \ file://squid.nm \ + file://CVE-2024-37894.patch \ " SRC_URI[sha256sum] = "1ad72d46e1cb556e9561214f0fb181adb87c7c47927ef69bc8acd68a03f61882" @@ -68,6 +69,11 @@ EXTRA_OECONF += "--with-default-user=squid \ --with-logdir=${localstatedir}/log/${BPN} \ 'PERL=${USRBINPATH}/env perl'" +# Workaround a build failure when using a native compiler that need -std=c++17 +# with a cross-compiler that doesn't. +# Upstream issue closed as invalid : https://bugs.squid-cache.org/show_bug.cgi?id=5376 +BUILD_CXXFLAGS += "-std=c++17" + export BUILDCXXFLAGS="${BUILD_CXXFLAGS}" TESTDIR = "test-suite" diff --git a/meta-networking/recipes-extended/tgt/files/CVE-2024-45751.patch b/meta-networking/recipes-extended/tgt/files/CVE-2024-45751.patch new file mode 100644 index 0000000000..2de9ae9b28 --- /dev/null +++ b/meta-networking/recipes-extended/tgt/files/CVE-2024-45751.patch @@ -0,0 +1,71 @@ +From abd8e0d987ab56013d360077202bf2aca20a42dd Mon Sep 17 00:00:00 2001 +From: Richard Weinberger <richard@nod.at> +Date: Tue, 3 Sep 2024 16:14:58 +0200 +Subject: [PATCH] chap: Use proper entropy source + +The challenge sent to the initiator is based on a poor +source of randomness, it uses rand() without seeding it by srand(). +So the glibc PRNG is always seeded with 1 and as a consequence the +sequence of challenges is always the same. + +An attacker which is able to monitor network traffic can apply a replay +attack to bypass the CHAP authentication. All the attacker has to do +is waiting for the server or the service to restart and replay with a +previously record CHAP session which fits into the sequence. + +To overcome the issue, use getrandom() to query the kernel random +number generator. +Also always send a challenge of length CHAP_CHALLENGE_MAX, there is no +benefit in sending a variable length challenge. + +Signed-off-by: Richard Weinberger <richard@nod.at> + +Upstream-Status: Backport [https://github.com/fujita/tgt/commit/abd8e0d987ab56013d360077202bf2aca20a42dd] +CVE: CVE-2024-45751 +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> +--- + usr/iscsi/chap.c | 12 +++++------- + 1 file changed, 5 insertions(+), 7 deletions(-) + +diff --git a/usr/iscsi/chap.c b/usr/iscsi/chap.c +index aa0fc67..b89ecab 100644 +--- a/usr/iscsi/chap.c ++++ b/usr/iscsi/chap.c +@@ -28,6 +28,7 @@ + #include <stdio.h> + #include <stdlib.h> + #include <string.h> ++#include <sys/random.h> + + #include "iscsid.h" + #include "tgtd.h" +@@ -359,22 +360,19 @@ static int chap_initiator_auth_create_challenge(struct iscsi_connection *conn) + sprintf(text, "%u", (unsigned char)conn->auth.chap.id); + text_key_add(conn, "CHAP_I", text); + +- /* +- * FIXME: does a random challenge length provide any benefits security- +- * wise, or should we rather always use the max. allowed length of +- * 1024 for the (unencoded) challenge? +- */ +- conn->auth.chap.challenge_size = (rand() % (CHAP_CHALLENGE_MAX / 2)) + CHAP_CHALLENGE_MAX / 2; ++ conn->auth.chap.challenge_size = CHAP_CHALLENGE_MAX; + + conn->auth.chap.challenge = malloc(conn->auth.chap.challenge_size); + if (!conn->auth.chap.challenge) + return CHAP_TARGET_ERROR; + ++ if (getrandom(conn->auth.chap.challenge, conn->auth.chap.challenge_size, 0) != conn->auth.chap.challenge_size) ++ return CHAP_TARGET_ERROR; ++ + p = text; + strcpy(p, "0x"); + p += 2; + for (i = 0; i < conn->auth.chap.challenge_size; i++) { +- conn->auth.chap.challenge[i] = rand(); + sprintf(p, "%.2hhx", conn->auth.chap.challenge[i]); + p += 2; + } +-- +2.25.1 + diff --git a/meta-networking/recipes-extended/tgt/tgt_1.0.90.bb b/meta-networking/recipes-extended/tgt/tgt_1.0.90.bb index 35995f7876..f70f77f540 100644 --- a/meta-networking/recipes-extended/tgt/tgt_1.0.90.bb +++ b/meta-networking/recipes-extended/tgt/tgt_1.0.90.bb @@ -11,6 +11,7 @@ SRC_URI = "git://github.com/fujita/tgt.git;branch=master;protocol=https \ file://0001-usr-Makefile-WARNING-fix.patch \ file://usr-Makefile-apply-LDFLAGS-to-all-executables.patch \ file://musl-__wordsize.patch \ + file://CVE-2024-45751.patch \ " SRC_URI += "file://tgtd.init \ file://tgtd.service \ diff --git a/meta-networking/recipes-filter/nftables/nftables/run-ptest b/meta-networking/recipes-filter/nftables/nftables/run-ptest index 32ddf9f455..55e801f67c 100644 --- a/meta-networking/recipes-filter/nftables/nftables/run-ptest +++ b/meta-networking/recipes-filter/nftables/nftables/run-ptest @@ -5,14 +5,18 @@ cd ${NFTABLESLIB}/ptest || exit 1 LOG="${NFTABLESLIB}/ptest/nftables_ptest_$(date +%Y%m%d-%H%M%S).log" NFT=nft -tests/shell/run-tests.sh -v | sed -E '/I: \[OK\]/ s/^/PASS: / ; /W: \[(CHK DUMP|VALGRIND|TAINTED|DUMP FAIL|FAILED)\]/ s/^/FAIL: /' | sed "s,\x1B\[[0-9;]*[a-zA-Z],,g" | tee -a "${LOG}" +tests/shell/run-tests.sh -v | sed -E '/I: \[OK\]/ s/^/PASS: / ; /W: \[(CHK DUMP|VALGRIND|TAINTED|DUMP FAIL|FAILED)\]/ s/^/FAIL: / ; /I: \[SKIPPED\]/ s/^/SKIP: /' | sed "s,\x1B\[[0-9;]*[a-zA-Z],,g" | tee -a "${LOG}" passed=$(grep -c PASS: "${LOG}") failed=$(grep -c FAIL: "${LOG}") -all=$((passed + failed)) +skiped=$(grep -c SKIP: "${LOG}") + +all=$((passed + failed + skiped)) ( echo "=== Test Summary ===" echo "TOTAL: ${all}" echo "PASSED: ${passed}" echo "FAILED: ${failed}" + echo "SKIPED: ${skiped}" + echo "====================" ) | tee -a "${LOG}" diff --git a/meta-networking/recipes-irc/znc/znc_1.8.2.bb b/meta-networking/recipes-irc/znc/znc_1.8.2.bb index 1517384eca..68dd0702f7 100644 --- a/meta-networking/recipes-irc/znc/znc_1.8.2.bb +++ b/meta-networking/recipes-irc/znc/znc_1.8.2.bb @@ -29,4 +29,5 @@ do_configure:prepend() { do_install:append() { sed -i -e 's|${DEBUG_PREFIX_MAP}||g; s|--sysroot=${STAGING_DIR_TARGET}||g' ${D}${libdir}/pkgconfig/*.pc + sed -i -e 's|${DEBUG_PREFIX_MAP}||g; s|--sysroot=${STAGING_DIR_TARGET}||g' ${D}${bindir}/znc-buildmod } diff --git a/meta-networking/recipes-support/libtevent/libtevent_0.16.0.bb b/meta-networking/recipes-support/libtevent/libtevent_0.16.1.bb index ac80f3733a..0a37d7977d 100644 --- a/meta-networking/recipes-support/libtevent/libtevent_0.16.0.bb +++ b/meta-networking/recipes-support/libtevent/libtevent_0.16.1.bb @@ -17,7 +17,7 @@ SRC_URI = "https://samba.org/ftp/tevent/tevent-${PV}.tar.gz \ LIC_FILES_CHKSUM = "file://tevent.h;endline=26;md5=47386b7c539bf2706b7ce52dc9341681" -SRC_URI[sha256sum] = "1aa58f21017ed8c2f606ae84aa7e795b5439edd4dd5f68f1a388a7d6fb40f682" +SRC_URI[sha256sum] = "362971e0f32dc1905f6fe4736319c4b8348c22dc85aa6c3f690a28efe548029e" inherit pkgconfig ptest waf-samba diff --git a/meta-networking/recipes-support/tcpdump/tcpdump/CVE-2024-2397.patch b/meta-networking/recipes-support/tcpdump/tcpdump/CVE-2024-2397.patch new file mode 100644 index 0000000000..69348030bb --- /dev/null +++ b/meta-networking/recipes-support/tcpdump/tcpdump/CVE-2024-2397.patch @@ -0,0 +1,129 @@ +From b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2 Mon Sep 17 00:00:00 2001 +From: Guy Harris <gharris@sonic.net> +Date: Tue, 12 Mar 2024 00:37:23 -0700 +Subject: [PATCH] ppp: use the buffer stack for the de-escaping buffer. + +This both saves the buffer for freeing later and saves the packet +pointer and snapend to be restored when packet processing is complete, +even if an exception is thrown with longjmp. + +This means that the hex/ASCII printing in pretty_print_packet() +processes the packet data as captured or read from the savefile, rather +than as modified by the PPP printer, so that the bounds checking is +correct. + +That fixes CVE-2024-2397, which was caused by an exception being thrown +by the hex/ASCII printer (which should only happen if those routines are +called by a packet printer, not if they're called for the -X/-x/-A +flag), which jumps back to the setjmp() that surrounds the packet +printer. Hilarity^Winfinite looping ensues. + +Also, restore ndo->ndo_packetp before calling the hex/ASCII printing +routine, in case nd_pop_all_packet_info() didn't restore it. + +Upstream-Status: Backport [https://github.com/the-tcpdump-group/tcpdump/commit/b9811ef5bb1b7d45a90e042f81f3aaf233c8bcb2] +CVE: CVE-2024-2397 +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> +--- + print-ppp.c | 31 +++++++++++++++++-------------- + print.c | 8 ++++++-- + 2 files changed, 23 insertions(+), 16 deletions(-) + +diff --git a/print-ppp.c b/print-ppp.c +index aba243d..e5ae064 100644 +--- a/print-ppp.c ++++ b/print-ppp.c +@@ -42,6 +42,8 @@ + #include <net/if_ppp.h> + #endif + ++#include <stdlib.h> ++ + #include "netdissect.h" + #include "extract.h" + #include "addrtoname.h" +@@ -1363,7 +1365,6 @@ ppp_hdlc(netdissect_options *ndo, + u_char *b, *t, c; + const u_char *s; + u_int i, proto; +- const void *sb, *se; + + if (caplen == 0) + return; +@@ -1371,9 +1372,11 @@ ppp_hdlc(netdissect_options *ndo, + if (length == 0) + return; + +- b = (u_char *)nd_malloc(ndo, caplen); +- if (b == NULL) +- return; ++ b = (u_char *)malloc(caplen); ++ if (b == NULL) { ++ (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC, ++ "%s: malloc", __func__); ++ } + + /* + * Unescape all the data into a temporary, private, buffer. +@@ -1394,13 +1397,15 @@ ppp_hdlc(netdissect_options *ndo, + } + + /* +- * Change the end pointer, so bounds checks work. +- * Change the pointer to packet data to help debugging. ++ * Switch to the output buffer for dissection, and save it ++ * on the buffer stack so it can be freed; our caller must ++ * pop it when done. + */ +- sb = ndo->ndo_packetp; +- se = ndo->ndo_snapend; +- ndo->ndo_packetp = b; +- ndo->ndo_snapend = t; ++ if (!nd_push_buffer(ndo, b, b, (u_int)(t - b))) { ++ free(b); ++ (*ndo->ndo_error)(ndo, S_ERR_ND_MEM_ALLOC, ++ "%s: can't push buffer on buffer stack", __func__); ++ } + length = ND_BYTES_AVAILABLE_AFTER(b); + + /* now lets guess about the payload codepoint format */ +@@ -1442,13 +1447,11 @@ ppp_hdlc(netdissect_options *ndo, + } + + cleanup: +- ndo->ndo_packetp = sb; +- ndo->ndo_snapend = se; ++ nd_pop_packet_info(ndo); + return; + + trunc: +- ndo->ndo_packetp = sb; +- ndo->ndo_snapend = se; ++ nd_pop_packet_info(ndo); + nd_print_trunc(ndo); + } + +diff --git a/print.c b/print.c +index 9c0ab86..33706b9 100644 +--- a/print.c ++++ b/print.c +@@ -431,10 +431,14 @@ pretty_print_packet(netdissect_options *ndo, const struct pcap_pkthdr *h, + nd_pop_all_packet_info(ndo); + + /* +- * Restore the original snapend, as a printer might have +- * changed it. ++ * Restore the originals snapend and packetp, as a printer ++ * might have changed them. ++ * ++ * XXX - nd_pop_all_packet_info() should have restored the ++ * original values, but, just in case.... + */ + ndo->ndo_snapend = sp + h->caplen; ++ ndo->ndo_packetp = sp; + if (ndo->ndo_Xflag) { + /* + * Print the raw packet data in hex and ASCII. +-- +2.25.1 + diff --git a/meta-networking/recipes-support/tcpdump/tcpdump_4.99.4.bb b/meta-networking/recipes-support/tcpdump/tcpdump_4.99.4.bb index 803a9bb5f5..b05b832dd8 100644 --- a/meta-networking/recipes-support/tcpdump/tcpdump_4.99.4.bb +++ b/meta-networking/recipes-support/tcpdump/tcpdump_4.99.4.bb @@ -24,6 +24,7 @@ SRC_URI = " \ http://www.tcpdump.org/release/${BP}.tar.gz \ file://add-ptest.patch \ file://run-ptest \ + file://CVE-2024-2397.patch \ " SRC_URI[sha256sum] = "0232231bb2f29d6bf2426e70a08a7e0c63a0d59a9b44863b7f5e2357a6e49fea" diff --git a/meta-networking/recipes-support/tcpreplay/tcpreplay/CVE-2023-4256.patch b/meta-networking/recipes-support/tcpreplay/tcpreplay/CVE-2023-4256.patch new file mode 100644 index 0000000000..2e4eee025b --- /dev/null +++ b/meta-networking/recipes-support/tcpreplay/tcpreplay/CVE-2023-4256.patch @@ -0,0 +1,27 @@ +From 62bc10d4f1d2c9e2833ef2898fb0170e9300a9dd Mon Sep 17 00:00:00 2001 +From: Marsman1996 <lqliuyuwei@outlook.com> +Date: Tue, 2 Apr 2024 17:29:21 +0800 +Subject: [PATCH] dlt_jnpr_ether_cleanup: check config before cleanup + +CVE: CVE-2023-4256 +Upstream-Status: Backport [https://github.com/appneta/tcpreplay/pull/851] +Signed-off-by: Poonam Jadhav <poonam.jadhav@kpit.com> +--- + src/tcpedit/plugins/dlt_jnpr_ether/jnpr_ether.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/tcpedit/plugins/dlt_jnpr_ether/jnpr_ether.c b/src/tcpedit/plugins/dlt_jnpr_ether/jnpr_ether.c +index c53ec297..9642a2c2 100644 +--- a/src/tcpedit/plugins/dlt_jnpr_ether/jnpr_ether.c ++++ b/src/tcpedit/plugins/dlt_jnpr_ether/jnpr_ether.c +@@ -164,8 +164,9 @@ dlt_jnpr_ether_cleanup(tcpeditdlt_t *ctx) + jnpr_ether_config_t *config; + + config = (jnpr_ether_config_t *)ctx->encoder->config; +- if (config->subctx != NULL) ++ if (config != NULL && config->subctx != NULL) { + tcpedit_dlt_cleanup(config->subctx); ++ } + safe_free(plugin->config); + plugin->config = NULL; + plugin->config_size = 0; diff --git a/meta-networking/recipes-support/tcpreplay/tcpreplay_4.4.4.bb b/meta-networking/recipes-support/tcpreplay/tcpreplay_4.4.4.bb index 26de40a65a..16cff2f0e4 100644 --- a/meta-networking/recipes-support/tcpreplay/tcpreplay_4.4.4.bb +++ b/meta-networking/recipes-support/tcpreplay/tcpreplay_4.4.4.bb @@ -11,6 +11,7 @@ SRC_URI = "https://github.com/appneta/${BPN}/releases/download/v${PV}/${BP}.tar. file://0001-libopts.m4-set-POSIX_SHELL-to-bin-sh.patch \ file://0001-configure.ac-unify-search-dirs-for-pcap-and-add-lib3.patch \ file://0001-configure.ac-do-not-run-conftest-in-case-of-cross-co.patch \ + file://CVE-2023-4256.patch \ " SRC_URI[sha256sum] = "44f18fb6d3470ecaf77a51b901a119dae16da5be4d4140ffbb2785e37ad6d4bf" diff --git a/meta-networking/recipes-support/wireshark/wireshark_4.2.4.bb b/meta-networking/recipes-support/wireshark/wireshark_4.2.7.bb index 95db2efc4c..b80710683c 100644 --- a/meta-networking/recipes-support/wireshark/wireshark_4.2.4.bb +++ b/meta-networking/recipes-support/wireshark/wireshark_4.2.7.bb @@ -17,7 +17,7 @@ SRC_URI = "https://1.eu.dl.wireshark.org/src/wireshark-${PV}.tar.xz \ UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src" -SRC_URI[sha256sum] = "46bd0f4474337144b30816fb2d8f14e72a26d0391f24fe0b7b619acdcdad8c0c" +SRC_URI[sha256sum] = "2c5de08e19081bd666a2ce3f052c023274d06acaabc5d667a3c3051a9c618f86" PE = "1" diff --git a/meta-oe/conf/layer.conf b/meta-oe/conf/layer.conf index 4d9acb8cc8..9faf579b82 100644 --- a/meta-oe/conf/layer.conf +++ b/meta-oe/conf/layer.conf @@ -115,3 +115,6 @@ SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS += " \ DEFAULT_TEST_SUITES:pn-meta-oe-ptest-image = " ${PTESTTESTSUITE}" NON_MULTILIB_RECIPES:append = " crash pahole libbpf" + +NON_MULTILIB_RECIPES:remove:x86 = "libbpf" +NON_MULTILIB_RECIPES:remove:x86-64 = "libbpf" diff --git a/meta-oe/dynamic-layers/meta-python/recipes-connectivity/netplan/netplan_1.0.bb b/meta-oe/dynamic-layers/meta-python/recipes-connectivity/netplan/netplan_1.0.bb index 229414718c..cf8d6d19e7 100644 --- a/meta-oe/dynamic-layers/meta-python/recipes-connectivity/netplan/netplan_1.0.bb +++ b/meta-oe/dynamic-layers/meta-python/recipes-connectivity/netplan/netplan_1.0.bb @@ -34,6 +34,7 @@ EXTRA_OEMESON = "-Dunit_testing=false" RDEPENDS:${PN} = "python3-core python3-netifaces python3-pyyaml \ python3-dbus python3-rich python3-cffi \ + python3-json python3-fcntl \ util-linux-libuuid libnetplan \ " diff --git a/meta-oe/recipes-bsp/bolt/bolt_0.9.6.bb b/meta-oe/recipes-bsp/bolt/bolt_0.9.6.bb index 4688ae860b..c278a0982a 100644 --- a/meta-oe/recipes-bsp/bolt/bolt_0.9.6.bb +++ b/meta-oe/recipes-bsp/bolt/bolt_0.9.6.bb @@ -18,5 +18,5 @@ inherit cmake pkgconfig meson features_check FILES:${PN} += "${datadir}/dbus-1/* \ ${datadir}/polkit-1/* \ - ${libdir}/systemd/* \ - " + ${systemd_system_unitdir} \ +" diff --git a/meta-oe/recipes-bsp/fwupd/fwupd_1.9.18.bb b/meta-oe/recipes-bsp/fwupd/fwupd_1.9.18.bb index d20d5ed2ae..a98ed67f76 100644 --- a/meta-oe/recipes-bsp/fwupd/fwupd_1.9.18.bb +++ b/meta-oe/recipes-bsp/fwupd/fwupd_1.9.18.bb @@ -104,7 +104,7 @@ PACKAGECONFIG[plugin_synaptics_mst] = "-Dplugin_synaptics_mst=enabled,-Dplugin_s PACKAGECONFIG[plugin_synaptics_rmi] = "-Dplugin_synaptics_rmi=enabled,-Dplugin_synaptics_rmi=disabled" PACKAGECONFIG[plugin_tpm] = "-Dplugin_tpm=enabled,-Dplugin_tpm=disabled,tpm2-tss" # Turn off the capsule splash as it needs G-I at buildtime, which isn't currently supported -PACKAGECONFIG[plugin_uefi_capsule] = "-Dplugin_uefi_capsule=enabled -Dplugin_uefi_capsule_splash=disabled,-Dplugin_uefi_capsule=disabled,efivar fwupd-efi" +PACKAGECONFIG[plugin_uefi_capsule] = "-Dplugin_uefi_capsule=enabled -Dplugin_uefi_capsule_splash=false,-Dplugin_uefi_capsule=disabled,efivar fwupd-efi" PACKAGECONFIG[plugin_uefi_pk] = "-Dplugin_uefi_pk=enabled,-Dplugin_uefi_pk=disabled" PACKAGECONFIG[plugin_uf2] = "-Dplugin_uf2=enabled,-Dplugin_uf2=disabled" PACKAGECONFIG[plugin_upower] = "-Dplugin_upower=enabled,-Dplugin_upower=disabled" @@ -140,3 +140,5 @@ FILES:${PN} += "${libdir}/fwupd-plugins-* \ FILES:${PN}-ptest += "${libexecdir}/installed-tests/ \ ${datadir}/installed-tests/" RDEPENDS:${PN}-ptest += "gnome-desktop-testing" + +INSANE_SKIP:${PN}-ptest += "buildpaths" diff --git a/meta-oe/recipes-connectivity/hostapd/hostapd_2.10.bb b/meta-oe/recipes-connectivity/hostapd/hostapd_2.10.bb index dbdc5c1bdf..3c5f78f91a 100644 --- a/meta-oe/recipes-connectivity/hostapd/hostapd_2.10.bb +++ b/meta-oe/recipes-connectivity/hostapd/hostapd_2.10.bb @@ -2,7 +2,7 @@ SUMMARY = "User space daemon for extended IEEE 802.11 management" HOMEPAGE = "http://w1.fi/hostapd/" SECTION = "kernel/userland" LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://hostapd/README;md5=c905478466c90f1cefc0df987c40e172" +LIC_FILES_CHKSUM = "file://hostapd/README;beginline=5;endline=47;md5=aa03b8bd6216d1a7ca01fd4b89863073" DEPENDS = "libnl openssl" @@ -16,9 +16,6 @@ SRC_URI = " \ SRC_URI[sha256sum] = "206e7c799b678572c2e3d12030238784bc4a9f82323b0156b4c9466f1498915d" -S = "${WORKDIR}/hostapd-${PV}" -B = "${WORKDIR}/hostapd-${PV}/hostapd" - inherit update-rc.d systemd pkgconfig features_check CONFLICT_DISTRO_FEATURES = "openssl-no-weak-ciphers" @@ -29,20 +26,20 @@ SYSTEMD_SERVICE:${PN} = "hostapd.service" SYSTEMD_AUTO_ENABLE:${PN} = "disable" do_configure:append() { - install -m 0644 ${WORKDIR}/defconfig ${B}/.config + install -m 0644 ${WORKDIR}/defconfig ${B}/hostapd/.config } do_compile() { export CFLAGS="-MMD -O2 -Wall -g" export EXTRA_CFLAGS="${CFLAGS}" - make V=1 + make -C hostapd V=1 } do_install() { install -d ${D}${sbindir} ${D}${sysconfdir}/init.d ${D}${systemd_unitdir}/system/ - install -m 0644 ${B}/hostapd.conf ${D}${sysconfdir} - install -m 0755 ${B}/hostapd ${D}${sbindir} - install -m 0755 ${B}/hostapd_cli ${D}${sbindir} + install -m 0644 ${B}/hostapd/hostapd.conf ${D}${sysconfdir} + install -m 0755 ${B}/hostapd/hostapd ${D}${sbindir} + install -m 0755 ${B}/hostapd/hostapd_cli ${D}${sbindir} install -m 755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/hostapd install -m 0644 ${WORKDIR}/hostapd.service ${D}${systemd_unitdir}/system/ sed -i -e 's,@SBINDIR@,${sbindir},g' -e 's,@SYSCONFDIR@,${sysconfdir},g' ${D}${systemd_unitdir}/system/hostapd.service diff --git a/meta-oe/recipes-connectivity/krb5/krb5/CVE-2024-26458_CVE-2024-26461.patch b/meta-oe/recipes-connectivity/krb5/krb5/CVE-2024-26458_CVE-2024-26461.patch new file mode 100644 index 0000000000..46eb6aa96c --- /dev/null +++ b/meta-oe/recipes-connectivity/krb5/krb5/CVE-2024-26458_CVE-2024-26461.patch @@ -0,0 +1,207 @@ +From c5f9c816107f70139de11b38aa02db2f1774ee0d Mon Sep 17 00:00:00 2001 +From: Greg Hudson <ghudson@mit.edu> +Date: Tue, 5 Mar 2024 19:53:07 -0500 +Subject: [PATCH] Fix two unlikely memory leaks + +In gss_krb5int_make_seal_token_v3(), one of the bounds checks (which +could probably never be triggered) leaks plain.data. Fix this leak +and use current practices for cleanup throughout the function. + +In xmt_rmtcallres() (unused within the tree and likely elsewhere), +store port_ptr into crp->port_ptr as soon as it is allocated; +otherwise it could leak if the subsequent xdr_u_int32() operation +fails. + +CVE: CVE-2024-26458 CVE-2024-26461 +Upstream-Status: Backport [https://github.com/krb5/krb5/commit/c5f9c816107f70139de11b38aa02db2f1774ee0d] + +Signed-off-by: Yogita Urade <yogita.urade@windriver.com> +--- + src/lib/gssapi/krb5/k5sealv3.c | 56 +++++++++++++++------------------- + src/lib/rpc/pmap_rmt.c | 9 +++--- + 2 files changed, 29 insertions(+), 36 deletions(-) + +diff --git a/src/lib/gssapi/krb5/k5sealv3.c b/src/lib/gssapi/krb5/k5sealv3.c +index 1fcbdfb..d3210c1 100644 +--- a/src/lib/gssapi/krb5/k5sealv3.c ++++ b/src/lib/gssapi/krb5/k5sealv3.c +@@ -65,7 +65,7 @@ gss_krb5int_make_seal_token_v3 (krb5_context context, + int conf_req_flag, int toktype) + { + size_t bufsize = 16; +- unsigned char *outbuf = 0; ++ unsigned char *outbuf = NULL; + krb5_error_code err; + int key_usage; + unsigned char acceptor_flag; +@@ -75,9 +75,13 @@ gss_krb5int_make_seal_token_v3 (krb5_context context, + #endif + size_t ec; + unsigned short tok_id; +- krb5_checksum sum; ++ krb5_checksum sum = { 0 }; + krb5_key key; + krb5_cksumtype cksumtype; ++ krb5_data plain = empty_data(); ++ ++ token->value = NULL; ++ token->length = 0; + + acceptor_flag = ctx->initiate ? 0 : FLAG_SENDER_IS_ACCEPTOR; + key_usage = (toktype == KG_TOK_WRAP_MSG +@@ -107,14 +111,15 @@ gss_krb5int_make_seal_token_v3 (krb5_context context, + #endif + + if (toktype == KG_TOK_WRAP_MSG && conf_req_flag) { +- krb5_data plain; + krb5_enc_data cipher; + size_t ec_max; + size_t encrypt_size; + + /* 300: Adds some slop. */ +- if (SIZE_MAX - 300 < message->length) +- return ENOMEM; ++ if (SIZE_MAX - 300 < message->length) { ++ err = ENOMEM; ++ goto cleanup; ++ } + ec_max = SIZE_MAX - message->length - 300; + if (ec_max > 0xffff) + ec_max = 0xffff; +@@ -126,20 +131,20 @@ gss_krb5int_make_seal_token_v3 (krb5_context context, + #endif + err = alloc_data(&plain, message->length + 16 + ec); + if (err) +- return err; ++ goto cleanup; + + /* Get size of ciphertext. */ + encrypt_size = krb5_encrypt_size(plain.length, key->keyblock.enctype); + if (encrypt_size > SIZE_MAX / 2) { + err = ENOMEM; +- goto error; ++ goto cleanup; + } + bufsize = 16 + encrypt_size; + /* Allocate space for header plus encrypted data. */ + outbuf = gssalloc_malloc(bufsize); + if (outbuf == NULL) { +- free(plain.data); +- return ENOMEM; ++ err = ENOMEM; ++ goto cleanup; + } + + /* TOK_ID */ +@@ -164,11 +169,8 @@ gss_krb5int_make_seal_token_v3 (krb5_context context, + cipher.ciphertext.length = bufsize - 16; + cipher.enctype = key->keyblock.enctype; + err = krb5_k_encrypt(context, key, key_usage, 0, &plain, &cipher); +- zap(plain.data, plain.length); +- free(plain.data); +- plain.data = 0; + if (err) +- goto error; ++ goto cleanup; + + /* Now that we know we're returning a valid token.... */ + ctx->seq_send++; +@@ -181,7 +183,6 @@ gss_krb5int_make_seal_token_v3 (krb5_context context, + /* If the rotate fails, don't worry about it. */ + #endif + } else if (toktype == KG_TOK_WRAP_MSG && !conf_req_flag) { +- krb5_data plain; + size_t cksumsize; + + /* Here, message is the application-supplied data; message2 is +@@ -193,21 +194,19 @@ gss_krb5int_make_seal_token_v3 (krb5_context context, + wrap_with_checksum: + err = alloc_data(&plain, message->length + 16); + if (err) +- return err; ++ goto cleanup; + + err = krb5_c_checksum_length(context, cksumtype, &cksumsize); + if (err) +- goto error; ++ goto cleanup; + + assert(cksumsize <= 0xffff); + + bufsize = 16 + message2->length + cksumsize; + outbuf = gssalloc_malloc(bufsize); + if (outbuf == NULL) { +- free(plain.data); +- plain.data = 0; + err = ENOMEM; +- goto error; ++ goto cleanup; + } + + /* TOK_ID */ +@@ -239,23 +238,15 @@ gss_krb5int_make_seal_token_v3 (krb5_context context, + if (message2->length) + memcpy(outbuf + 16, message2->value, message2->length); + +- sum.contents = outbuf + 16 + message2->length; +- sum.length = cksumsize; +- + err = krb5_k_make_checksum(context, cksumtype, key, + key_usage, &plain, &sum); +- zap(plain.data, plain.length); +- free(plain.data); +- plain.data = 0; + if (err) { + zap(outbuf,bufsize); +- goto error; ++ goto cleanup; + } + if (sum.length != cksumsize) + abort(); + memcpy(outbuf + 16 + message2->length, sum.contents, cksumsize); +- krb5_free_checksum_contents(context, &sum); +- sum.contents = 0; + /* Now that we know we're actually generating the token... */ + ctx->seq_send++; + +@@ -285,12 +276,13 @@ gss_krb5int_make_seal_token_v3 (krb5_context context, + + token->value = outbuf; + token->length = bufsize; +- return 0; ++ outbuf = NULL; ++ err = 0; + +-error: ++cleanup: ++ krb5_free_checksum_contents(context, &sum); ++ zapfree(plain.data, plain.length); + gssalloc_free(outbuf); +- token->value = NULL; +- token->length = 0; + return err; + } + +diff --git a/src/lib/rpc/pmap_rmt.c b/src/lib/rpc/pmap_rmt.c +index 8c7e30c..522cb20 100644 +--- a/src/lib/rpc/pmap_rmt.c ++++ b/src/lib/rpc/pmap_rmt.c +@@ -160,11 +160,12 @@ xdr_rmtcallres( + caddr_t port_ptr; + + port_ptr = (caddr_t)(void *)crp->port_ptr; +- if (xdr_reference(xdrs, &port_ptr, sizeof (uint32_t), +- xdr_u_int32) && xdr_u_int32(xdrs, &crp->resultslen)) { +- crp->port_ptr = (uint32_t *)(void *)port_ptr; ++ if (!xdr_reference(xdrs, &port_ptr, sizeof (uint32_t), ++ (xdrproc_t)xdr_u_int32)) ++ return (FALSE); ++ crp->port_ptr = (uint32_t *)(void *)port_ptr; ++ if (xdr_u_int32(xdrs, &crp->resultslen)) + return ((*(crp->xdr_results))(xdrs, crp->results_ptr)); +- } + return (FALSE); + } + +-- +2.40.0 diff --git a/meta-oe/recipes-connectivity/krb5/krb5_1.21.2.bb b/meta-oe/recipes-connectivity/krb5/krb5_1.21.3.bb index 7af33e4e7e..8262da500d 100644 --- a/meta-oe/recipes-connectivity/krb5/krb5_1.21.2.bb +++ b/meta-oe/recipes-connectivity/krb5/krb5_1.21.3.bb @@ -14,7 +14,7 @@ DESCRIPTION = "Kerberos is a system for authenticating users and services on a n HOMEPAGE = "http://web.mit.edu/Kerberos/" SECTION = "console/network" LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://${S}/../NOTICE;md5=32cb3a99207053d9f5c1ef177c4d6e34" +LIC_FILES_CHKSUM = "file://${S}/../NOTICE;md5=71c06694263581762668e88b7b77a1a5" inherit autotools-brokensep binconfig perlnative systemd update-rc.d pkgconfig @@ -28,9 +28,10 @@ SRC_URI = "http://web.mit.edu/kerberos/dist/${BPN}/${SHRT_VER}/${BP}.tar.gz \ file://etc/default/krb5-admin-server \ file://krb5-kdc.service \ file://krb5-admin-server.service \ + file://CVE-2024-26458_CVE-2024-26461.patch;striplevel=2 \ " -SRC_URI[sha256sum] = "9560941a9d843c0243a71b17a7ac6fe31c7cebb5bce3983db79e52ae7e850491" +SRC_URI[sha256sum] = "b7a4cd5ead67fb08b980b21abd150ff7217e85ea320c9ed0c6dadd304840ad35" CVE_PRODUCT = "kerberos" CVE_VERSION = "5-${PV}" diff --git a/meta-oe/recipes-connectivity/libndp/libndp/CVE-2024-5564.patch b/meta-oe/recipes-connectivity/libndp/libndp/CVE-2024-5564.patch new file mode 100644 index 0000000000..fe7ce41b87 --- /dev/null +++ b/meta-oe/recipes-connectivity/libndp/libndp/CVE-2024-5564.patch @@ -0,0 +1,48 @@ +From 05e4ba7b0d126eea4c04387dcf40596059ee24af Mon Sep 17 00:00:00 2001 +From: Hangbin Liu <liuhangbin@gmail.com> +Date: Wed, 5 Jun 2024 11:57:43 +0800 +Subject: [PATCH] libndp: valid route information option length + +RFC 4191 specifies that the Route Information Option Length should be 1, 2, +or 3, depending on the Prefix Length. A malicious node could potentially +trigger a buffer overflow and crash the tool by sending an IPv6 router +advertisement message containing the "Route Information" option with a +"Length" field larger than 3. + +To address this, add a check on the length field. + +Fixes: 8296a5bf0755 ("add support for Route Information Option (rfc4191)") +Reported-by: Evgeny Vereshchagin <evverx@gmail.com> +Suggested-by: Felix Maurer <fmaurer@redhat.com> +Signed-off-by: Hangbin Liu <liuhangbin@gmail.com> +Signed-off-by: Jiri Pirko <jiri@nvidia.com> + +CVE: CVE-2024-5564 +Upstream-Status: Backport [https://github.com/jpirko/libndp/commit/05e4ba7b0d126eea4c04387dcf40596059ee24af] +Signed-off-by: Peter Marko <peter.marko@siemens.com> +--- + libndp/libndp.c | 11 +++++++++++ + 1 file changed, 11 insertions(+) + +diff --git a/libndp/libndp.c b/libndp/libndp.c +index 6314717..72ec92e 100644 +--- a/libndp/libndp.c ++++ b/libndp/libndp.c +@@ -1231,6 +1231,17 @@ static bool ndp_msg_opt_route_check_valid(void *opt_data) + */ + if (((ri->nd_opt_ri_prf_reserved >> 3) & 3) == 2) + return false; ++ ++ /* The Length field is 1, 2, or 3 depending on the Prefix Length. ++ * If Prefix Length is greater than 64, then Length must be 3. ++ * If Prefix Length is greater than 0, then Length must be 2 or 3. ++ * If Prefix Length is zero, then Length must be 1, 2, or 3. ++ */ ++ if (ri->nd_opt_ri_len > 3 || ++ (ri->nd_opt_ri_prefix_len > 64 && ri->nd_opt_ri_len != 3) || ++ (ri->nd_opt_ri_prefix_len > 0 && ri->nd_opt_ri_len == 1)) ++ return false; ++ + return true; + } + diff --git a/meta-oe/recipes-connectivity/libndp/libndp_1.8.bb b/meta-oe/recipes-connectivity/libndp/libndp_1.8.bb index 4d4d3e51cd..70d6abec1b 100644 --- a/meta-oe/recipes-connectivity/libndp/libndp_1.8.bb +++ b/meta-oe/recipes-connectivity/libndp/libndp_1.8.bb @@ -4,6 +4,7 @@ LICENSE = "LGPL-2.1-only" LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" SRC_URI = "git://github.com/jpirko/libndp;branch=master;protocol=https \ + file://CVE-2024-5564.patch \ " # tag for v1.8 SRCREV = "009ce9cd9b950ffa1f4f94c9436027b936850d0c" diff --git a/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.3.3.bb b/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.3.3.bb index 4518e2faaa..3170d37f5b 100644 --- a/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.3.3.bb +++ b/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.3.3.bb @@ -42,6 +42,8 @@ do_install:append() { sed -i -e 's|${STAGING_LIBDIR}/libuv.so|uv|g' ${D}${libdir}/cmake/libwebsockets/LibwebsocketsTargets.cmake sed -i -e 's|${STAGING_INCDIR}||g' ${D}${libdir}/cmake/libwebsockets/LibwebsocketsTargets.cmake \ ${D}${libdir}/cmake/libwebsockets/libwebsockets-config.cmake + sed -i -e 's|${STAGING_LIBDIR}/||g' ${D}${libdir}/cmake/libwebsockets/LibwebsocketsTargets.cmake \ + ${D}${libdir}/cmake/libwebsockets/libwebsockets-config.cmake } PACKAGES =+ "${PN}-testapps ${PN}-evlib-event ${PN}-evlib-uv ${PN}-evlib-ev ${PN}-evlib-sd" diff --git a/meta-oe/recipes-connectivity/pcapplusplus/pcapplusplus/0001-initialize-timespec-variable.patch b/meta-oe/recipes-connectivity/pcapplusplus/pcapplusplus/0001-initialize-timespec-variable.patch new file mode 100644 index 0000000000..f2e210fc67 --- /dev/null +++ b/meta-oe/recipes-connectivity/pcapplusplus/pcapplusplus/0001-initialize-timespec-variable.patch @@ -0,0 +1,35 @@ +From 298dec6f87061914c85049faca3d0ff3310d1794 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Mon, 6 May 2024 12:15:30 -0700 +Subject: [PATCH] initialize timespec variable + +Fixes build warnings with GCC14 + +/mnt/b/yoe/master/build/tmp/work/core2-32-yoe-linux/pcapplusplus/23.09/git/Packet++/src/RawPacket.cpp: In constructor 'pcpp::RawPacket::RawPacket(const uint8_t*, int, timeval, bool, pcpp::LinkLayerType)': +/mnt/b/yoe/master/build/tmp/work/core2-32-yoe-linux/pcapplusplus/23.09/git/Packet++/src/RawPacket.cpp:23:18: error: 'nsec_time.timespec::<anonymous>' is used uninitialized [-Werror=uninitialized] + 23 | timespec nsec_time; + | ^~~~~~~~~ +cc1plus: all warnings being treated as errors + +Upstream-Status: Submitted [https://github.com/seladb/PcapPlusPlus/pull/1389] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + Packet++/src/RawPacket.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Packet++/src/RawPacket.cpp b/Packet++/src/RawPacket.cpp +index 8ad52d52..07dbbbe2 100644 +--- a/Packet++/src/RawPacket.cpp ++++ b/Packet++/src/RawPacket.cpp +@@ -20,7 +20,7 @@ void RawPacket::init(bool deleteRawDataAtDestructor) + + RawPacket::RawPacket(const uint8_t* pRawData, int rawDataLen, timeval timestamp, bool deleteRawDataAtDestructor, LinkLayerType layerType) + { +- timespec nsec_time; ++ timespec nsec_time = {}; + TIMEVAL_TO_TIMESPEC(×tamp, &nsec_time); + init(deleteRawDataAtDestructor); + setRawData(pRawData, rawDataLen, nsec_time, layerType); +-- +2.45.0 + diff --git a/meta-oe/recipes-connectivity/pcapplusplus/pcapplusplus/0001-packet-Initialize-m_ExternalRawData-in-IDnsResource-.patch b/meta-oe/recipes-connectivity/pcapplusplus/pcapplusplus/0001-packet-Initialize-m_ExternalRawData-in-IDnsResource-.patch new file mode 100644 index 0000000000..b6389e0e3f --- /dev/null +++ b/meta-oe/recipes-connectivity/pcapplusplus/pcapplusplus/0001-packet-Initialize-m_ExternalRawData-in-IDnsResource-.patch @@ -0,0 +1,34 @@ +From 742f564ee80749e9f1f3363092775545e37c0f87 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Thu, 9 May 2024 17:02:09 -0700 +Subject: [PATCH] packet++: Initialize m_ExternalRawData in IDnsResource + constructor + +Fixes following warning with GCC-14 + +Packet++/src/DnsResource.cpp:29:24: error: '*this.pcpp::IDnsResource::m_ExternalRawData' may be used uninitialized [-Werror=maybe-uninitialized] + 29 | return m_ExternalRawData; + | ^~~~~~~~~~~~~~~~~ + +Upstream-Status: Submitted [https://github.com/seladb/PcapPlusPlus/pull/1391] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + Packet++/src/DnsResource.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Packet++/src/DnsResource.cpp b/Packet++/src/DnsResource.cpp +index fec1bf05..c1f97041 100644 +--- a/Packet++/src/DnsResource.cpp ++++ b/Packet++/src/DnsResource.cpp +@@ -10,7 +10,7 @@ namespace pcpp + { + + IDnsResource::IDnsResource(DnsLayer* dnsLayer, size_t offsetInLayer) +- : m_DnsLayer(dnsLayer), m_OffsetInLayer(offsetInLayer), m_NextResource(nullptr) ++ : m_DnsLayer(dnsLayer), m_OffsetInLayer(offsetInLayer), m_NextResource(nullptr), m_ExternalRawData(nullptr) + { + char decodedName[4096]; + m_NameLength = decodeName((const char*)getRawData(), decodedName); +-- +2.45.0 + diff --git a/meta-oe/recipes-connectivity/pcapplusplus/pcapplusplus_23.09.bb b/meta-oe/recipes-connectivity/pcapplusplus/pcapplusplus_23.09.bb index 39c6942c83..9db0222172 100644 --- a/meta-oe/recipes-connectivity/pcapplusplus/pcapplusplus_23.09.bb +++ b/meta-oe/recipes-connectivity/pcapplusplus/pcapplusplus_23.09.bb @@ -7,7 +7,10 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=911690f51af322440237a253d695d19f" DEPENDS = "libpcap" -SRC_URI = "git://github.com/seladb/PcapPlusPlus.git;protocol=https;branch=master" +SRC_URI = "git://github.com/seladb/PcapPlusPlus.git;protocol=https;branch=master \ + file://0001-packet-Initialize-m_ExternalRawData-in-IDnsResource-.patch \ + file://0001-initialize-timespec-variable.patch" + SRCREV = "4cf8ed44f9dd145f874dc1dd747dfefcfcab75be" S = "${WORKDIR}/git" diff --git a/meta-oe/recipes-core/opencl/opencl-clhpp_git.bb b/meta-oe/recipes-core/opencl/opencl-clhpp_git.bb index 7ae0362d37..23007d7cca 100644 --- a/meta-oe/recipes-core/opencl/opencl-clhpp_git.bb +++ b/meta-oe/recipes-core/opencl/opencl-clhpp_git.bb @@ -21,3 +21,5 @@ EXTRA_OECMAKE = " \ # Headers only so PN is empty RDEPENDS:${PN}-dev = "" + +BBCLASSEXTEND += "native nativesdk" diff --git a/meta-oe/recipes-core/packagegroups/packagegroup-meta-oe.bb b/meta-oe/recipes-core/packagegroups/packagegroup-meta-oe.bb index 7544a9fbfa..71f74287c7 100644 --- a/meta-oe/recipes-core/packagegroups/packagegroup-meta-oe.bb +++ b/meta-oe/recipes-core/packagegroups/packagegroup-meta-oe.bb @@ -511,7 +511,7 @@ RDEPENDS:packagegroup-meta-oe-graphics ="\ libsdl2-net \ ${@bb.utils.contains("DISTRO_FEATURES", "opengl", "libsdl2-ttf", "", d)} \ libsdl \ - ${@bb.utils.contains("DISTRO_FEATURES", "wayland", "lv-drivers lvgl lv-lib-png", "", d)} \ + lvgl \ ttf-arphic-uming \ ttf-droid-sans ttf-droid-sans-mono ttf-droid-sans-fallback ttf-droid-sans-japanese ttf-droid-serif \ ttf-abyssinica \ diff --git a/meta-oe/recipes-core/uutils-coreutils/uutils-coreutils-crates.inc b/meta-oe/recipes-core/uutils-coreutils/uutils-coreutils-crates.inc index 58d8325628..e5bde3d041 100644 --- a/meta-oe/recipes-core/uutils-coreutils/uutils-coreutils-crates.inc +++ b/meta-oe/recipes-core/uutils-coreutils/uutils-coreutils-crates.inc @@ -3,34 +3,40 @@ # from Cargo.lock SRC_URI += " \ crate://crates.io/adler/1.0.2 \ + crate://crates.io/ahash/0.8.11 \ crate://crates.io/aho-corasick/1.0.4 \ + crate://crates.io/allocator-api2/0.2.18 \ crate://crates.io/android-tzdata/0.1.1 \ crate://crates.io/android_system_properties/0.1.5 \ + crate://crates.io/ansi-width/0.1.0 \ crate://crates.io/anstream/0.5.0 \ crate://crates.io/anstyle/1.0.0 \ crate://crates.io/anstyle-parse/0.2.0 \ crate://crates.io/anstyle-query/1.0.0 \ crate://crates.io/anstyle-wincon/2.1.0 \ + crate://crates.io/arbitrary/1.3.2 \ crate://crates.io/arrayref/0.3.6 \ crate://crates.io/arrayvec/0.7.4 \ crate://crates.io/autocfg/1.1.0 \ - crate://crates.io/bigdecimal/0.4.0 \ + crate://crates.io/bigdecimal/0.4.5 \ crate://crates.io/binary-heap-plus/0.5.0 \ - crate://crates.io/bindgen/0.63.0 \ + crate://crates.io/bincode/1.3.3 \ + crate://crates.io/bindgen/0.69.4 \ crate://crates.io/bitflags/1.3.2 \ - crate://crates.io/bitflags/2.4.2 \ + crate://crates.io/bitflags/2.5.0 \ + crate://crates.io/bitvec/1.0.1 \ crate://crates.io/blake2b_simd/1.0.2 \ crate://crates.io/blake3/1.5.1 \ crate://crates.io/block-buffer/0.10.3 \ crate://crates.io/bstr/1.9.1 \ crate://crates.io/bumpalo/3.11.1 \ - crate://crates.io/bytecount/0.6.7 \ + crate://crates.io/bytecount/0.6.8 \ crate://crates.io/byteorder/1.5.0 \ crate://crates.io/cc/1.0.79 \ crate://crates.io/cexpr/0.6.0 \ crate://crates.io/cfg-if/1.0.0 \ crate://crates.io/cfg_aliases/0.1.1 \ - crate://crates.io/chrono/0.4.35 \ + crate://crates.io/chrono/0.4.38 \ crate://crates.io/clang-sys/1.4.0 \ crate://crates.io/clap/4.4.2 \ crate://crates.io/clap_builder/4.4.2 \ @@ -43,7 +49,6 @@ SRC_URI += " \ crate://crates.io/const-random/0.1.16 \ crate://crates.io/const-random-macro/0.1.16 \ crate://crates.io/constant_time_eq/0.3.0 \ - crate://crates.io/conv/0.3.3 \ crate://crates.io/core-foundation-sys/0.8.3 \ crate://crates.io/coz/0.1.3 \ crate://crates.io/cpp/0.5.9 \ @@ -51,40 +56,45 @@ SRC_URI += " \ crate://crates.io/cpp_common/0.5.9 \ crate://crates.io/cpp_macros/0.5.9 \ crate://crates.io/cpufeatures/0.2.5 \ - crate://crates.io/crc32fast/1.3.2 \ + crate://crates.io/crc32fast/1.4.0 \ crate://crates.io/crossbeam-channel/0.5.10 \ crate://crates.io/crossbeam-deque/0.8.4 \ crate://crates.io/crossbeam-epoch/0.9.17 \ - crate://crates.io/crossbeam-utils/0.8.18 \ + crate://crates.io/crossbeam-utils/0.8.19 \ crate://crates.io/crossterm/0.27.0 \ crate://crates.io/crossterm_winapi/0.9.1 \ crate://crates.io/crunchy/0.2.2 \ crate://crates.io/crypto-common/0.1.6 \ crate://crates.io/ctrlc/3.4.4 \ - crate://crates.io/custom_derive/0.1.7 \ - crate://crates.io/data-encoding/2.5.0 \ - crate://crates.io/data-encoding-macro/0.1.14 \ - crate://crates.io/data-encoding-macro-internal/0.1.12 \ + crate://crates.io/data-encoding/2.6.0 \ + crate://crates.io/data-encoding-macro/0.1.15 \ + crate://crates.io/data-encoding-macro-internal/0.1.13 \ + crate://crates.io/deranged/0.3.11 \ + crate://crates.io/derive_arbitrary/1.3.2 \ crate://crates.io/diff/0.1.13 \ crate://crates.io/digest/0.10.7 \ + crate://crates.io/displaydoc/0.2.4 \ crate://crates.io/dlv-list/0.5.0 \ crate://crates.io/dns-lookup/2.0.4 \ crate://crates.io/dunce/1.0.4 \ crate://crates.io/either/1.8.0 \ crate://crates.io/encode_unicode/0.3.6 \ crate://crates.io/env_logger/0.8.4 \ + crate://crates.io/equivalent/1.0.1 \ crate://crates.io/errno/0.3.8 \ crate://crates.io/exacl/0.12.0 \ crate://crates.io/fastrand/2.0.1 \ crate://crates.io/file_diff/1.0.0 \ + crate://crates.io/filedescriptor/0.8.2 \ crate://crates.io/filetime/0.2.23 \ - crate://crates.io/flate2/1.0.24 \ + crate://crates.io/flate2/1.0.28 \ crate://crates.io/fnv/1.0.7 \ crate://crates.io/fs_extra/1.3.0 \ crate://crates.io/fsevent-sys/4.1.0 \ - crate://crates.io/fts-sys/0.2.4 \ + crate://crates.io/fts-sys/0.2.9 \ crate://crates.io/fundu/2.0.0 \ crate://crates.io/fundu-core/0.3.0 \ + crate://crates.io/funty/2.0.0 \ crate://crates.io/futures/0.3.28 \ crate://crates.io/futures-channel/0.3.28 \ crate://crates.io/futures-core/0.3.28 \ @@ -99,19 +109,22 @@ SRC_URI += " \ crate://crates.io/generic-array/0.14.6 \ crate://crates.io/getrandom/0.2.9 \ crate://crates.io/glob/0.3.1 \ - crate://crates.io/half/2.4.0 \ - crate://crates.io/hashbrown/0.13.2 \ + crate://crates.io/half/2.4.1 \ + crate://crates.io/hashbrown/0.14.3 \ crate://crates.io/hermit-abi/0.3.2 \ crate://crates.io/hex/0.4.3 \ crate://crates.io/hex-literal/0.4.1 \ - crate://crates.io/hostname/0.3.1 \ + crate://crates.io/hostname/0.4.0 \ crate://crates.io/iana-time-zone/0.1.53 \ crate://crates.io/iana-time-zone-haiku/0.1.2 \ - crate://crates.io/indicatif/0.17.3 \ + crate://crates.io/indexmap/2.2.6 \ + crate://crates.io/indicatif/0.17.8 \ crate://crates.io/inotify/0.9.6 \ crate://crates.io/inotify-sys/0.1.5 \ + crate://crates.io/instant/0.1.12 \ crate://crates.io/io-lifetimes/1.0.11 \ crate://crates.io/itertools/0.12.1 \ + crate://crates.io/itertools/0.13.0 \ crate://crates.io/itoa/1.0.4 \ crate://crates.io/js-sys/0.3.64 \ crate://crates.io/keccak/0.1.4 \ @@ -119,39 +132,41 @@ SRC_URI += " \ crate://crates.io/kqueue-sys/1.0.3 \ crate://crates.io/lazy_static/1.4.0 \ crate://crates.io/lazycell/1.3.0 \ - crate://crates.io/libc/0.2.153 \ + crate://crates.io/libc/0.2.155 \ crate://crates.io/libloading/0.7.4 \ crate://crates.io/libm/0.2.7 \ crate://crates.io/linux-raw-sys/0.3.8 \ crate://crates.io/linux-raw-sys/0.4.12 \ crate://crates.io/lock_api/0.4.9 \ crate://crates.io/log/0.4.20 \ + crate://crates.io/lru/0.12.3 \ crate://crates.io/lscolors/0.16.0 \ - crate://crates.io/match_cfg/0.1.0 \ crate://crates.io/md-5/0.10.6 \ - crate://crates.io/memchr/2.7.1 \ - crate://crates.io/memmap2/0.9.0 \ + crate://crates.io/memchr/2.7.4 \ + crate://crates.io/memmap2/0.9.4 \ crate://crates.io/minimal-lexical/0.2.1 \ - crate://crates.io/miniz_oxide/0.5.4 \ + crate://crates.io/miniz_oxide/0.7.2 \ crate://crates.io/mio/0.8.11 \ crate://crates.io/nix/0.28.0 \ crate://crates.io/nom/7.1.3 \ crate://crates.io/notify/6.0.1 \ crate://crates.io/nu-ansi-term/0.49.0 \ - crate://crates.io/num-bigint/0.4.4 \ - crate://crates.io/num-integer/0.1.45 \ - crate://crates.io/num-traits/0.2.18 \ + crate://crates.io/num-bigint/0.4.5 \ + crate://crates.io/num-conv/0.1.0 \ + crate://crates.io/num-integer/0.1.46 \ + crate://crates.io/num-modular/0.5.1 \ + crate://crates.io/num-prime/0.4.4 \ + crate://crates.io/num-traits/0.2.19 \ crate://crates.io/num_threads/0.1.6 \ crate://crates.io/number_prefix/0.4.0 \ crate://crates.io/once_cell/1.19.0 \ crate://crates.io/onig/6.4.0 \ crate://crates.io/onig_sys/69.8.1 \ - crate://crates.io/ordered-multimap/0.6.0 \ + crate://crates.io/ordered-multimap/0.7.3 \ crate://crates.io/os_display/0.1.3 \ crate://crates.io/parking_lot/0.12.1 \ crate://crates.io/parking_lot_core/0.9.9 \ - crate://crates.io/parse_datetime/0.5.0 \ - crate://crates.io/peeking_take_while/0.1.2 \ + crate://crates.io/parse_datetime/0.6.0 \ crate://crates.io/phf/0.11.2 \ crate://crates.io/phf_codegen/0.11.2 \ crate://crates.io/phf_generator/0.11.1 \ @@ -159,82 +174,91 @@ SRC_URI += " \ crate://crates.io/pin-project-lite/0.2.9 \ crate://crates.io/pin-utils/0.1.0 \ crate://crates.io/pkg-config/0.3.26 \ - crate://crates.io/platform-info/2.0.2 \ - crate://crates.io/portable-atomic/0.3.15 \ + crate://crates.io/platform-info/2.0.3 \ + crate://crates.io/portable-atomic/1.6.0 \ + crate://crates.io/powerfmt/0.2.0 \ crate://crates.io/ppv-lite86/0.2.17 \ crate://crates.io/pretty_assertions/1.4.0 \ - crate://crates.io/proc-macro2/1.0.63 \ + crate://crates.io/prettyplease/0.2.19 \ + crate://crates.io/proc-macro-crate/3.1.0 \ + crate://crates.io/proc-macro2/1.0.86 \ crate://crates.io/procfs/0.16.0 \ crate://crates.io/procfs-core/0.16.0 \ crate://crates.io/quick-error/2.0.1 \ crate://crates.io/quickcheck/1.0.3 \ - crate://crates.io/quote/1.0.29 \ + crate://crates.io/quote/1.0.36 \ + crate://crates.io/radium/0.7.0 \ crate://crates.io/rand/0.8.5 \ crate://crates.io/rand_chacha/0.3.1 \ crate://crates.io/rand_core/0.6.4 \ crate://crates.io/rand_pcg/0.3.1 \ - crate://crates.io/rayon/1.9.0 \ + crate://crates.io/rayon/1.10.0 \ crate://crates.io/rayon-core/1.12.1 \ crate://crates.io/redox_syscall/0.4.1 \ - crate://crates.io/redox_syscall/0.5.0 \ + crate://crates.io/redox_syscall/0.5.2 \ crate://crates.io/reference-counted-singleton/0.1.2 \ - crate://crates.io/regex/1.10.4 \ + crate://crates.io/regex/1.10.5 \ crate://crates.io/regex-automata/0.4.4 \ crate://crates.io/regex-syntax/0.8.2 \ crate://crates.io/relative-path/1.8.0 \ crate://crates.io/rlimit/0.10.1 \ crate://crates.io/roff/0.2.1 \ - crate://crates.io/rstest/0.18.2 \ - crate://crates.io/rstest_macros/0.18.2 \ - crate://crates.io/rust-ini/0.19.0 \ + crate://crates.io/rstest/0.21.0 \ + crate://crates.io/rstest_macros/0.21.0 \ + crate://crates.io/rust-ini/0.21.0 \ crate://crates.io/rustc-hash/1.1.0 \ crate://crates.io/rustc_version/0.4.0 \ crate://crates.io/rustix/0.37.26 \ crate://crates.io/rustix/0.38.31 \ crate://crates.io/same-file/1.0.6 \ crate://crates.io/scopeguard/1.2.0 \ - crate://crates.io/self_cell/1.0.3 \ - crate://crates.io/selinux/0.4.0 \ - crate://crates.io/selinux-sys/0.6.2 \ + crate://crates.io/self_cell/1.0.4 \ + crate://crates.io/selinux/0.4.4 \ + crate://crates.io/selinux-sys/0.6.9 \ crate://crates.io/semver/1.0.14 \ - crate://crates.io/serde/1.0.193 \ - crate://crates.io/serde_derive/1.0.193 \ + crate://crates.io/serde/1.0.203 \ + crate://crates.io/serde-big-array/0.5.1 \ + crate://crates.io/serde_derive/1.0.203 \ crate://crates.io/sha1/0.10.6 \ crate://crates.io/sha2/0.10.8 \ crate://crates.io/sha3/0.10.8 \ crate://crates.io/shlex/1.3.0 \ crate://crates.io/signal-hook/0.3.17 \ crate://crates.io/signal-hook-mio/0.2.3 \ - crate://crates.io/signal-hook-registry/1.4.0 \ + crate://crates.io/signal-hook-registry/1.4.1 \ crate://crates.io/siphasher/0.3.10 \ crate://crates.io/slab/0.4.7 \ crate://crates.io/sm3/0.4.2 \ - crate://crates.io/smallvec/1.13.1 \ + crate://crates.io/smallvec/1.13.2 \ crate://crates.io/smawk/0.3.1 \ crate://crates.io/socket2/0.5.3 \ crate://crates.io/strsim/0.10.0 \ crate://crates.io/syn/1.0.109 \ - crate://crates.io/syn/2.0.32 \ + crate://crates.io/syn/2.0.60 \ + crate://crates.io/tap/1.0.1 \ crate://crates.io/tempfile/3.10.1 \ crate://crates.io/terminal_size/0.2.6 \ crate://crates.io/terminal_size/0.3.0 \ crate://crates.io/textwrap/0.16.1 \ - crate://crates.io/thiserror/1.0.37 \ - crate://crates.io/thiserror-impl/1.0.37 \ - crate://crates.io/time/0.3.20 \ - crate://crates.io/time-core/0.1.0 \ - crate://crates.io/time-macros/0.2.8 \ + crate://crates.io/thiserror/1.0.61 \ + crate://crates.io/thiserror-impl/1.0.61 \ + crate://crates.io/time/0.3.36 \ + crate://crates.io/time-core/0.1.2 \ + crate://crates.io/time-macros/0.2.18 \ crate://crates.io/tiny-keccak/2.0.2 \ + crate://crates.io/toml_datetime/0.6.6 \ + crate://crates.io/toml_edit/0.21.1 \ + crate://crates.io/trim-in-place/0.1.7 \ crate://crates.io/typenum/1.15.0 \ crate://crates.io/unicode-ident/1.0.5 \ crate://crates.io/unicode-linebreak/0.1.5 \ crate://crates.io/unicode-segmentation/1.11.0 \ - crate://crates.io/unicode-width/0.1.11 \ + crate://crates.io/unicode-width/0.1.12 \ crate://crates.io/unicode-xid/0.2.4 \ - crate://crates.io/unindent/0.2.1 \ + crate://crates.io/unindent/0.2.3 \ crate://crates.io/utf8parse/0.2.1 \ crate://crates.io/uuid/1.7.0 \ - crate://crates.io/uutils_term_grid/0.3.0 \ + crate://crates.io/uutils_term_grid/0.6.0 \ crate://crates.io/version_check/0.9.4 \ crate://crates.io/walkdir/2.5.0 \ crate://crates.io/wasi/0.11.0+wasi-snapshot-preview1 \ @@ -247,8 +271,10 @@ SRC_URI += " \ crate://crates.io/wild/2.2.1 \ crate://crates.io/winapi/0.3.9 \ crate://crates.io/winapi-i686-pc-windows-gnu/0.4.0 \ - crate://crates.io/winapi-util/0.1.6 \ + crate://crates.io/winapi-util/0.1.8 \ crate://crates.io/winapi-x86_64-pc-windows-gnu/0.4.0 \ + crate://crates.io/windows/0.52.0 \ + crate://crates.io/windows-core/0.52.0 \ crate://crates.io/windows-sys/0.45.0 \ crate://crates.io/windows-sys/0.48.0 \ crate://crates.io/windows-sys/0.52.0 \ @@ -276,41 +302,51 @@ SRC_URI += " \ crate://crates.io/windows_x86_64_msvc/0.42.2 \ crate://crates.io/windows_x86_64_msvc/0.48.0 \ crate://crates.io/windows_x86_64_msvc/0.52.0 \ + crate://crates.io/winnow/0.5.40 \ + crate://crates.io/wyz/0.5.1 \ crate://crates.io/xattr/1.3.1 \ crate://crates.io/yansi/0.5.1 \ crate://crates.io/z85/3.0.5 \ - crate://crates.io/zip/0.6.6 \ + crate://crates.io/zerocopy/0.7.33 \ + crate://crates.io/zerocopy-derive/0.7.33 \ + crate://crates.io/zip/1.3.0 \ " SRC_URI[adler-1.0.2.sha256sum] = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" +SRC_URI[ahash-0.8.11.sha256sum] = "e89da841a80418a9b391ebaea17f5c112ffaaa96f621d2c285b5174da76b9011" SRC_URI[aho-corasick-1.0.4.sha256sum] = "6748e8def348ed4d14996fa801f4122cd763fff530258cdc03f64b25f89d3a5a" +SRC_URI[allocator-api2-0.2.18.sha256sum] = "5c6cb57a04249c6480766f7f7cef5467412af1490f8d1e243141daddada3264f" SRC_URI[android-tzdata-0.1.1.sha256sum] = "e999941b234f3131b00bc13c22d06e8c5ff726d1b6318ac7eb276997bbb4fef0" SRC_URI[android_system_properties-0.1.5.sha256sum] = "819e7219dbd41043ac279b19830f2efc897156490d7fd6ea916720117ee66311" +SRC_URI[ansi-width-0.1.0.sha256sum] = "219e3ce6f2611d83b51ec2098a12702112c29e57203a6b0a0929b2cddb486608" SRC_URI[anstream-0.5.0.sha256sum] = "b1f58811cfac344940f1a400b6e6231ce35171f614f26439e80f8c1465c5cc0c" SRC_URI[anstyle-1.0.0.sha256sum] = "41ed9a86bf92ae6580e0a31281f65a1b1d867c0cc68d5346e2ae128dddfa6a7d" SRC_URI[anstyle-parse-0.2.0.sha256sum] = "e765fd216e48e067936442276d1d57399e37bce53c264d6fefbe298080cb57ee" SRC_URI[anstyle-query-1.0.0.sha256sum] = "5ca11d4be1bab0c8bc8734a9aa7bf4ee8316d462a08c6ac5052f888fef5b494b" SRC_URI[anstyle-wincon-2.1.0.sha256sum] = "58f54d10c6dfa51283a066ceab3ec1ab78d13fae00aa49243a45e4571fb79dfd" +SRC_URI[arbitrary-1.3.2.sha256sum] = "7d5a26814d8dcb93b0e5a0ff3c6d80a8843bafb21b39e8e18a6f05471870e110" SRC_URI[arrayref-0.3.6.sha256sum] = "a4c527152e37cf757a3f78aae5a06fbeefdb07ccc535c980a3208ee3060dd544" SRC_URI[arrayvec-0.7.4.sha256sum] = "96d30a06541fbafbc7f82ed10c06164cfbd2c401138f6addd8404629c4b16711" SRC_URI[autocfg-1.1.0.sha256sum] = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" -SRC_URI[bigdecimal-0.4.0.sha256sum] = "5274a6b6e0ee020148397245b973e30163b7bffbc6d473613f850cb99888581e" +SRC_URI[bigdecimal-0.4.5.sha256sum] = "51d712318a27c7150326677b321a5fa91b55f6d9034ffd67f20319e147d40cee" SRC_URI[binary-heap-plus-0.5.0.sha256sum] = "e4551d8382e911ecc0d0f0ffb602777988669be09447d536ff4388d1def11296" -SRC_URI[bindgen-0.63.0.sha256sum] = "36d860121800b2a9a94f9b5604b332d5cffb234ce17609ea479d723dbc9d3885" +SRC_URI[bincode-1.3.3.sha256sum] = "b1f45e9417d87227c7a56d22e471c6206462cba514c7590c09aff4cf6d1ddcad" +SRC_URI[bindgen-0.69.4.sha256sum] = "a00dc851838a2120612785d195287475a3ac45514741da670b735818822129a0" SRC_URI[bitflags-1.3.2.sha256sum] = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" -SRC_URI[bitflags-2.4.2.sha256sum] = "ed570934406eb16438a4e976b1b4500774099c13b8cb96eec99f620f05090ddf" +SRC_URI[bitflags-2.5.0.sha256sum] = "cf4b9d6a944f767f8e5e0db018570623c85f3d925ac718db4e06d0187adb21c1" +SRC_URI[bitvec-1.0.1.sha256sum] = "1bc2832c24239b0141d5674bb9174f9d68a8b5b3f2753311927c172ca46f7e9c" SRC_URI[blake2b_simd-1.0.2.sha256sum] = "23285ad32269793932e830392f2fe2f83e26488fd3ec778883a93c8323735780" SRC_URI[blake3-1.5.1.sha256sum] = "30cca6d3674597c30ddf2c587bf8d9d65c9a84d2326d941cc79c9842dfe0ef52" SRC_URI[block-buffer-0.10.3.sha256sum] = "69cce20737498f97b993470a6e536b8523f0af7892a4f928cceb1ac5e52ebe7e" SRC_URI[bstr-1.9.1.sha256sum] = "05efc5cfd9110c8416e471df0e96702d58690178e206e61b7173706673c93706" SRC_URI[bumpalo-3.11.1.sha256sum] = "572f695136211188308f16ad2ca5c851a712c464060ae6974944458eb83880ba" -SRC_URI[bytecount-0.6.7.sha256sum] = "e1e5f035d16fc623ae5f74981db80a439803888314e3a555fd6f04acd51a3205" +SRC_URI[bytecount-0.6.8.sha256sum] = "5ce89b21cab1437276d2650d57e971f9d548a2d9037cc231abdc0562b97498ce" SRC_URI[byteorder-1.5.0.sha256sum] = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b" SRC_URI[cc-1.0.79.sha256sum] = "50d30906286121d95be3d479533b458f87493b30a4b5f79a607db8f5d11aa91f" SRC_URI[cexpr-0.6.0.sha256sum] = "6fac387a98bb7c37292057cffc56d62ecb629900026402633ae9160df93a8766" SRC_URI[cfg-if-1.0.0.sha256sum] = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" SRC_URI[cfg_aliases-0.1.1.sha256sum] = "fd16c4719339c4530435d38e511904438d07cce7950afa3718a84ac36c10e89e" -SRC_URI[chrono-0.4.35.sha256sum] = "8eaf5903dcbc0a39312feb77df2ff4c76387d591b9fc7b04a238dcf8bb62639a" +SRC_URI[chrono-0.4.38.sha256sum] = "a21f936df1771bf62b77f047b726c4625ff2e8aa607c01ec06e5a05bd8463401" SRC_URI[clang-sys-1.4.0.sha256sum] = "fa2e27ae6ab525c3d369ded447057bca5438d86dc3a68f6faafb8269ba82ebf3" SRC_URI[clap-4.4.2.sha256sum] = "6a13b88d2c62ff462f88e4a121f17a82c1af05693a2f192b5c38d14de73c19f6" SRC_URI[clap_builder-4.4.2.sha256sum] = "2bb9faaa7c2ef94b2743a21f5a29e6f0010dff4caa69ac8e9d6cf8b6fa74da08" @@ -323,7 +359,6 @@ SRC_URI[console-0.15.8.sha256sum] = "0e1f83fc076bd6dd27517eacdf25fef6c4dfe5f1d74 SRC_URI[const-random-0.1.16.sha256sum] = "11df32a13d7892ec42d51d3d175faba5211ffe13ed25d4fb348ac9e9ce835593" SRC_URI[const-random-macro-0.1.16.sha256sum] = "f9d839f2a20b0aee515dc581a6172f2321f96cab76c1a38a4c584a194955390e" SRC_URI[constant_time_eq-0.3.0.sha256sum] = "f7144d30dcf0fafbce74250a3963025d8d52177934239851c917d29f1df280c2" -SRC_URI[conv-0.3.3.sha256sum] = "78ff10625fd0ac447827aa30ea8b861fead473bb60aeb73af6c1c58caf0d1299" SRC_URI[core-foundation-sys-0.8.3.sha256sum] = "5827cebf4670468b8772dd191856768aedcb1b0278a04f989f7766351917b9dc" SRC_URI[coz-0.1.3.sha256sum] = "cef55b3fe2f5477d59e12bc792e8b3c95a25bd099eadcfae006ecea136de76e2" SRC_URI[cpp-0.5.9.sha256sum] = "bfa65869ef853e45c60e9828aa08cdd1398cb6e13f3911d9cb2a079b144fcd64" @@ -331,40 +366,45 @@ SRC_URI[cpp_build-0.5.9.sha256sum] = "0e361fae2caf9758164b24da3eedd7f7d7451be30d SRC_URI[cpp_common-0.5.9.sha256sum] = "3e1a2532e4ed4ea13031c13bc7bc0dbca4aae32df48e9d77f0d1e743179f2ea1" SRC_URI[cpp_macros-0.5.9.sha256sum] = "47ec9cc90633446f779ef481a9ce5a0077107dd5b87016440448d908625a83fd" SRC_URI[cpufeatures-0.2.5.sha256sum] = "28d997bd5e24a5928dd43e46dc529867e207907fe0b239c3477d924f7f2ca320" -SRC_URI[crc32fast-1.3.2.sha256sum] = "b540bd8bc810d3885c6ea91e2018302f68baba2129ab3e88f32389ee9370880d" +SRC_URI[crc32fast-1.4.0.sha256sum] = "b3855a8a784b474f333699ef2bbca9db2c4a1f6d9088a90a2d25b1eb53111eaa" SRC_URI[crossbeam-channel-0.5.10.sha256sum] = "82a9b73a36529d9c47029b9fb3a6f0ea3cc916a261195352ba19e770fc1748b2" SRC_URI[crossbeam-deque-0.8.4.sha256sum] = "fca89a0e215bab21874660c67903c5f143333cab1da83d041c7ded6053774751" SRC_URI[crossbeam-epoch-0.9.17.sha256sum] = "0e3681d554572a651dda4186cd47240627c3d0114d45a95f6ad27f2f22e7548d" -SRC_URI[crossbeam-utils-0.8.18.sha256sum] = "c3a430a770ebd84726f584a90ee7f020d28db52c6d02138900f22341f866d39c" +SRC_URI[crossbeam-utils-0.8.19.sha256sum] = "248e3bacc7dc6baa3b21e405ee045c3047101a49145e7e9eca583ab4c2ca5345" SRC_URI[crossterm-0.27.0.sha256sum] = "f476fe445d41c9e991fd07515a6f463074b782242ccf4a5b7b1d1012e70824df" SRC_URI[crossterm_winapi-0.9.1.sha256sum] = "acdd7c62a3665c7f6830a51635d9ac9b23ed385797f70a83bb8bafe9c572ab2b" SRC_URI[crunchy-0.2.2.sha256sum] = "7a81dae078cea95a014a339291cec439d2f232ebe854a9d672b796c6afafa9b7" SRC_URI[crypto-common-0.1.6.sha256sum] = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" SRC_URI[ctrlc-3.4.4.sha256sum] = "672465ae37dc1bc6380a6547a8883d5dd397b0f1faaad4f265726cc7042a5345" -SRC_URI[custom_derive-0.1.7.sha256sum] = "ef8ae57c4978a2acd8b869ce6b9ca1dfe817bff704c220209fdef2c0b75a01b9" -SRC_URI[data-encoding-2.5.0.sha256sum] = "7e962a19be5cfc3f3bf6dd8f61eb50107f356ad6270fbb3ed41476571db78be5" -SRC_URI[data-encoding-macro-0.1.14.sha256sum] = "20c01c06f5f429efdf2bae21eb67c28b3df3cf85b7dd2d8ef09c0838dac5d33e" -SRC_URI[data-encoding-macro-internal-0.1.12.sha256sum] = "0047d07f2c89b17dd631c80450d69841a6b5d7fb17278cbc43d7e4cfcf2576f3" +SRC_URI[data-encoding-2.6.0.sha256sum] = "e8566979429cf69b49a5c740c60791108e86440e8be149bbea4fe54d2c32d6e2" +SRC_URI[data-encoding-macro-0.1.15.sha256sum] = "f1559b6cba622276d6d63706db152618eeb15b89b3e4041446b05876e352e639" +SRC_URI[data-encoding-macro-internal-0.1.13.sha256sum] = "332d754c0af53bc87c108fed664d121ecf59207ec4196041f04d6ab9002ad33f" +SRC_URI[deranged-0.3.11.sha256sum] = "b42b6fa04a440b495c8b04d0e71b707c585f83cb9cb28cf8cd0d976c315e31b4" +SRC_URI[derive_arbitrary-1.3.2.sha256sum] = "67e77553c4162a157adbf834ebae5b415acbecbeafc7a74b0e886657506a7611" SRC_URI[diff-0.1.13.sha256sum] = "56254986775e3233ffa9c4d7d3faaf6d36a2c09d30b20687e9f88bc8bafc16c8" SRC_URI[digest-0.10.7.sha256sum] = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" +SRC_URI[displaydoc-0.2.4.sha256sum] = "487585f4d0c6655fe74905e2504d8ad6908e4db67f744eb140876906c2f3175d" SRC_URI[dlv-list-0.5.0.sha256sum] = "d529fd73d344663edfd598ccb3f344e46034db51ebd103518eae34338248ad73" SRC_URI[dns-lookup-2.0.4.sha256sum] = "e5766087c2235fec47fafa4cfecc81e494ee679d0fd4a59887ea0919bfb0e4fc" SRC_URI[dunce-1.0.4.sha256sum] = "56ce8c6da7551ec6c462cbaf3bfbc75131ebbfa1c944aeaa9dab51ca1c5f0c3b" SRC_URI[either-1.8.0.sha256sum] = "90e5c1c8368803113bf0c9584fc495a58b86dc8a29edbf8fe877d21d9507e797" SRC_URI[encode_unicode-0.3.6.sha256sum] = "a357d28ed41a50f9c765dbfe56cbc04a64e53e5fc58ba79fbc34c10ef3df831f" SRC_URI[env_logger-0.8.4.sha256sum] = "a19187fea3ac7e84da7dacf48de0c45d63c6a76f9490dae389aead16c243fce3" +SRC_URI[equivalent-1.0.1.sha256sum] = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5" SRC_URI[errno-0.3.8.sha256sum] = "a258e46cdc063eb8519c00b9fc845fc47bcfca4130e2f08e88665ceda8474245" SRC_URI[exacl-0.12.0.sha256sum] = "22be12de19decddab85d09f251ec8363f060ccb22ec9c81bc157c0c8433946d8" SRC_URI[fastrand-2.0.1.sha256sum] = "25cbce373ec4653f1a01a31e8a5e5ec0c622dc27ff9c4e6606eefef5cbbed4a5" SRC_URI[file_diff-1.0.0.sha256sum] = "31a7a908b8f32538a2143e59a6e4e2508988832d5d4d6f7c156b3cbc762643a5" +SRC_URI[filedescriptor-0.8.2.sha256sum] = "7199d965852c3bac31f779ef99cbb4537f80e952e2d6aa0ffeb30cce00f4f46e" SRC_URI[filetime-0.2.23.sha256sum] = "1ee447700ac8aa0b2f2bd7bc4462ad686ba06baa6727ac149a2d6277f0d240fd" -SRC_URI[flate2-1.0.24.sha256sum] = "f82b0f4c27ad9f8bfd1f3208d882da2b09c301bc1c828fd3a00d0216d2fbbff6" +SRC_URI[flate2-1.0.28.sha256sum] = "46303f565772937ffe1d394a4fac6f411c6013172fadde9dcdb1e147a086940e" SRC_URI[fnv-1.0.7.sha256sum] = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" SRC_URI[fs_extra-1.3.0.sha256sum] = "42703706b716c37f96a77aea830392ad231f44c9e9a67872fa5548707e11b11c" SRC_URI[fsevent-sys-4.1.0.sha256sum] = "76ee7a02da4d231650c7cea31349b889be2f45ddb3ef3032d2ec8185f6313fd2" -SRC_URI[fts-sys-0.2.4.sha256sum] = "9a66c0a21e344f20c87b4ca12643cf4f40a7018f132c98d344e989b959f49dd1" +SRC_URI[fts-sys-0.2.9.sha256sum] = "4e184d5f593d19793f26afb6f9a58d25f0bc755c4e48890ffcba6db416153ebb" SRC_URI[fundu-2.0.0.sha256sum] = "6c04cb831a8dccadfe3774b07cba4574a1ec24974d761510e65d8a543c2d7cb4" SRC_URI[fundu-core-0.3.0.sha256sum] = "76a889e633afd839fb5b04fe53adfd588cefe518e71ec8d3c929698c6daf2acd" +SRC_URI[funty-2.0.0.sha256sum] = "e6d5a32815ae3f33302d95fdcb2ce17862f8c65363dcfd29360480ba1001fc9c" SRC_URI[futures-0.3.28.sha256sum] = "23342abe12aba583913b2e62f22225ff9c950774065e4bfb61a19cd9770fec40" SRC_URI[futures-channel-0.3.28.sha256sum] = "955518d47e09b25bbebc7a18df10b81f0c766eaf4c4f1cccef2fca5f2a4fb5f2" SRC_URI[futures-core-0.3.28.sha256sum] = "4bca583b7e26f571124fe5b7561d49cb2868d79116cfa0eefce955557c6fee8c" @@ -379,19 +419,22 @@ SRC_URI[gcd-2.3.0.sha256sum] = "1d758ba1b47b00caf47f24925c0074ecb20d6dfcffe7f6d5 SRC_URI[generic-array-0.14.6.sha256sum] = "bff49e947297f3312447abdca79f45f4738097cc82b06e72054d2223f601f1b9" SRC_URI[getrandom-0.2.9.sha256sum] = "c85e1d9ab2eadba7e5040d4e09cbd6d072b76a557ad64e797c2cb9d4da21d7e4" SRC_URI[glob-0.3.1.sha256sum] = "d2fabcfbdc87f4758337ca535fb41a6d701b65693ce38287d856d1674551ec9b" -SRC_URI[half-2.4.0.sha256sum] = "b5eceaaeec696539ddaf7b333340f1af35a5aa87ae3e4f3ead0532f72affab2e" -SRC_URI[hashbrown-0.13.2.sha256sum] = "43a3c133739dddd0d2990f9a4bdf8eb4b21ef50e4851ca85ab661199821d510e" +SRC_URI[half-2.4.1.sha256sum] = "6dd08c532ae367adf81c312a4580bc67f1d0fe8bc9c460520283f4c0ff277888" +SRC_URI[hashbrown-0.14.3.sha256sum] = "290f1a1d9242c78d09ce40a5e87e7554ee637af1351968159f4952f028f75604" SRC_URI[hermit-abi-0.3.2.sha256sum] = "443144c8cdadd93ebf52ddb4056d257f5b52c04d3c804e657d19eb73fc33668b" SRC_URI[hex-0.4.3.sha256sum] = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" SRC_URI[hex-literal-0.4.1.sha256sum] = "6fe2267d4ed49bc07b63801559be28c718ea06c4738b7a03c94df7386d2cde46" -SRC_URI[hostname-0.3.1.sha256sum] = "3c731c3e10504cc8ed35cfe2f1db4c9274c3d35fa486e3b31df46f068ef3e867" +SRC_URI[hostname-0.4.0.sha256sum] = "f9c7c7c8ac16c798734b8a24560c1362120597c40d5e1459f09498f8f6c8f2ba" SRC_URI[iana-time-zone-0.1.53.sha256sum] = "64c122667b287044802d6ce17ee2ddf13207ed924c712de9a66a5814d5b64765" SRC_URI[iana-time-zone-haiku-0.1.2.sha256sum] = "f31827a206f56af32e590ba56d5d2d085f558508192593743f16b2306495269f" -SRC_URI[indicatif-0.17.3.sha256sum] = "cef509aa9bc73864d6756f0d34d35504af3cf0844373afe9b8669a5b8005a729" +SRC_URI[indexmap-2.2.6.sha256sum] = "168fb715dda47215e360912c096649d23d58bf392ac62f73919e831745e40f26" +SRC_URI[indicatif-0.17.8.sha256sum] = "763a5a8f45087d6bcea4222e7b72c291a054edf80e4ef6efd2a4979878c7bea3" SRC_URI[inotify-0.9.6.sha256sum] = "f8069d3ec154eb856955c1c0fbffefbf5f3c40a104ec912d4797314c1801abff" SRC_URI[inotify-sys-0.1.5.sha256sum] = "e05c02b5e89bff3b946cedeca278abc628fe811e604f027c45a8aa3cf793d0eb" +SRC_URI[instant-0.1.12.sha256sum] = "7a5bbe824c507c5da5956355e86a746d82e0e1464f65d862cc5e71da70e94b2c" SRC_URI[io-lifetimes-1.0.11.sha256sum] = "eae7b9aee968036d54dce06cebaefd919e4472e753296daccd6d344e3e2df0c2" SRC_URI[itertools-0.12.1.sha256sum] = "ba291022dbbd398a455acf126c1e341954079855bc60dfdda641363bd6922569" +SRC_URI[itertools-0.13.0.sha256sum] = "413ee7dfc52ee1a4949ceeb7dbc8a33f2d6c088194d9f922fb8318faf1f01186" SRC_URI[itoa-1.0.4.sha256sum] = "4217ad341ebadf8d8e724e264f13e593e0648f5b3e94b3896a5df283be015ecc" SRC_URI[js-sys-0.3.64.sha256sum] = "c5f195fe497f702db0f318b07fdd68edb16955aed830df8363d837542f8f935a" SRC_URI[keccak-0.1.4.sha256sum] = "8f6d5ed8676d904364de097082f4e7d240b571b67989ced0240f08b7f966f940" @@ -399,39 +442,41 @@ SRC_URI[kqueue-1.0.7.sha256sum] = "2c8fc60ba15bf51257aa9807a48a61013db043fcf3a78 SRC_URI[kqueue-sys-1.0.3.sha256sum] = "8367585489f01bc55dd27404dcf56b95e6da061a256a666ab23be9ba96a2e587" SRC_URI[lazy_static-1.4.0.sha256sum] = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" SRC_URI[lazycell-1.3.0.sha256sum] = "830d08ce1d1d941e6b30645f1a0eb5643013d835ce3779a5fc208261dbe10f55" -SRC_URI[libc-0.2.153.sha256sum] = "9c198f91728a82281a64e1f4f9eeb25d82cb32a5de251c6bd1b5154d63a8e7bd" +SRC_URI[libc-0.2.155.sha256sum] = "97b3888a4aecf77e811145cadf6eef5901f4782c53886191b2f693f24761847c" SRC_URI[libloading-0.7.4.sha256sum] = "b67380fd3b2fbe7527a606e18729d21c6f3951633d0500574c4dc22d2d638b9f" SRC_URI[libm-0.2.7.sha256sum] = "f7012b1bbb0719e1097c47611d3898568c546d597c2e74d66f6087edd5233ff4" SRC_URI[linux-raw-sys-0.3.8.sha256sum] = "ef53942eb7bf7ff43a617b3e2c1c4a5ecf5944a7c1bc12d7ee39bbb15e5c1519" SRC_URI[linux-raw-sys-0.4.12.sha256sum] = "c4cd1a83af159aa67994778be9070f0ae1bd732942279cabb14f86f986a21456" SRC_URI[lock_api-0.4.9.sha256sum] = "435011366fe56583b16cf956f9df0095b405b82d76425bc8981c0e22e60ec4df" SRC_URI[log-0.4.20.sha256sum] = "b5e6163cb8c49088c2c36f57875e58ccd8c87c7427f7fbd50ea6710b2f3f2e8f" +SRC_URI[lru-0.12.3.sha256sum] = "d3262e75e648fce39813cb56ac41f3c3e3f65217ebf3844d818d1f9398cfb0dc" SRC_URI[lscolors-0.16.0.sha256sum] = "ab0b209ec3976527806024406fe765474b9a1750a0ed4b8f0372364741f50e7b" -SRC_URI[match_cfg-0.1.0.sha256sum] = "ffbee8634e0d45d258acb448e7eaab3fce7a0a467395d4d9f228e3c1f01fb2e4" SRC_URI[md-5-0.10.6.sha256sum] = "d89e7ee0cfbedfc4da3340218492196241d89eefb6dab27de5df917a6d2e78cf" -SRC_URI[memchr-2.7.1.sha256sum] = "523dc4f511e55ab87b694dc30d0f820d60906ef06413f93d4d7a1385599cc149" -SRC_URI[memmap2-0.9.0.sha256sum] = "deaba38d7abf1d4cca21cc89e932e542ba2b9258664d2a9ef0e61512039c9375" +SRC_URI[memchr-2.7.4.sha256sum] = "78ca9ab1a0babb1e7d5695e3530886289c18cf2f87ec19a575a0abdce112e3a3" +SRC_URI[memmap2-0.9.4.sha256sum] = "fe751422e4a8caa417e13c3ea66452215d7d63e19e604f4980461212f3ae1322" SRC_URI[minimal-lexical-0.2.1.sha256sum] = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" -SRC_URI[miniz_oxide-0.5.4.sha256sum] = "96590ba8f175222643a85693f33d26e9c8a015f599c216509b1a6894af675d34" +SRC_URI[miniz_oxide-0.7.2.sha256sum] = "9d811f3e15f28568be3407c8e7fdb6514c1cda3cb30683f15b6a1a1dc4ea14a7" SRC_URI[mio-0.8.11.sha256sum] = "a4a650543ca06a924e8b371db273b2756685faae30f8487da1b56505a8f78b0c" SRC_URI[nix-0.28.0.sha256sum] = "ab2156c4fce2f8df6c499cc1c763e4394b7482525bf2a9701c9d79d215f519e4" SRC_URI[nom-7.1.3.sha256sum] = "d273983c5a657a70a3e8f2a01329822f3b8c8172b73826411a55751e404a0a4a" SRC_URI[notify-6.0.1.sha256sum] = "5738a2795d57ea20abec2d6d76c6081186709c0024187cd5977265eda6598b51" SRC_URI[nu-ansi-term-0.49.0.sha256sum] = "c073d3c1930d0751774acf49e66653acecb416c3a54c6ec095a9b11caddb5a68" -SRC_URI[num-bigint-0.4.4.sha256sum] = "608e7659b5c3d7cba262d894801b9ec9d00de989e8a82bd4bef91d08da45cdc0" -SRC_URI[num-integer-0.1.45.sha256sum] = "225d3389fb3509a24c93f5c29eb6bde2586b98d9f016636dff58d7c6f7569cd9" -SRC_URI[num-traits-0.2.18.sha256sum] = "da0df0e5185db44f69b44f26786fe401b6c293d1907744beaa7fa62b2e5a517a" +SRC_URI[num-bigint-0.4.5.sha256sum] = "c165a9ab64cf766f73521c0dd2cfdff64f488b8f0b3e621face3462d3db536d7" +SRC_URI[num-conv-0.1.0.sha256sum] = "51d515d32fb182ee37cda2ccdcb92950d6a3c2893aa280e540671c2cd0f3b1d9" +SRC_URI[num-integer-0.1.46.sha256sum] = "7969661fd2958a5cb096e56c8e1ad0444ac2bbcd0061bd28660485a44879858f" +SRC_URI[num-modular-0.5.1.sha256sum] = "64a5fe11d4135c3bcdf3a95b18b194afa9608a5f6ff034f5d857bc9a27fb0119" +SRC_URI[num-prime-0.4.4.sha256sum] = "e238432a7881ec7164503ccc516c014bf009be7984cde1ba56837862543bdec3" +SRC_URI[num-traits-0.2.19.sha256sum] = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841" SRC_URI[num_threads-0.1.6.sha256sum] = "2819ce041d2ee131036f4fc9d6ae7ae125a3a40e97ba64d04fe799ad9dabbb44" SRC_URI[number_prefix-0.4.0.sha256sum] = "830b246a0e5f20af87141b25c173cd1b609bd7779a4617d6ec582abaf90870f3" SRC_URI[once_cell-1.19.0.sha256sum] = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92" SRC_URI[onig-6.4.0.sha256sum] = "8c4b31c8722ad9171c6d77d3557db078cab2bd50afcc9d09c8b315c59df8ca4f" SRC_URI[onig_sys-69.8.1.sha256sum] = "7b829e3d7e9cc74c7e315ee8edb185bf4190da5acde74afd7fc59c35b1f086e7" -SRC_URI[ordered-multimap-0.6.0.sha256sum] = "4ed8acf08e98e744e5384c8bc63ceb0364e68a6854187221c18df61c4797690e" +SRC_URI[ordered-multimap-0.7.3.sha256sum] = "49203cdcae0030493bad186b28da2fa25645fa276a51b6fec8010d281e02ef79" SRC_URI[os_display-0.1.3.sha256sum] = "7a6229bad892b46b0dcfaaeb18ad0d2e56400f5aaea05b768bde96e73676cf75" SRC_URI[parking_lot-0.12.1.sha256sum] = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f" SRC_URI[parking_lot_core-0.9.9.sha256sum] = "4c42a9226546d68acdd9c0a280d17ce19bfe27a46bf68784e4066115788d008e" -SRC_URI[parse_datetime-0.5.0.sha256sum] = "3bbf4e25b13841080e018a1e666358adfe5e39b6d353f986ca5091c210b586a1" -SRC_URI[peeking_take_while-0.1.2.sha256sum] = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099" +SRC_URI[parse_datetime-0.6.0.sha256sum] = "a8720474e3dd4af20cea8716703498b9f3b690f318fa9d9d9e2e38eaf44b96d0" SRC_URI[phf-0.11.2.sha256sum] = "ade2d8b8f33c7333b51bcf0428d37e217e9f32192ae4772156f65063b8ce03dc" SRC_URI[phf_codegen-0.11.2.sha256sum] = "e8d39688d359e6b34654d328e262234662d16cc0f60ec8dcbe5e718709342a5a" SRC_URI[phf_generator-0.11.1.sha256sum] = "b1181c94580fa345f50f19d738aaa39c0ed30a600d95cb2d3e23f94266f14fbf" @@ -439,82 +484,91 @@ SRC_URI[phf_shared-0.11.2.sha256sum] = "90fcb95eef784c2ac79119d1dd819e162b5da872 SRC_URI[pin-project-lite-0.2.9.sha256sum] = "e0a7ae3ac2f1173085d398531c705756c94a4c56843785df85a60c1a0afac116" SRC_URI[pin-utils-0.1.0.sha256sum] = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" SRC_URI[pkg-config-0.3.26.sha256sum] = "6ac9a59f73473f1b8d852421e59e64809f025994837ef743615c6d0c5b305160" -SRC_URI[platform-info-2.0.2.sha256sum] = "d6259c4860e53bf665016f1b2f46a8859cadfa717581dc9d597ae4069de6300f" -SRC_URI[portable-atomic-0.3.15.sha256sum] = "15eb2c6e362923af47e13c23ca5afb859e83d54452c55b0b9ac763b8f7c1ac16" +SRC_URI[platform-info-2.0.3.sha256sum] = "d5ff316b9c4642feda973c18f0decd6c8b0919d4722566f6e4337cce0dd88217" +SRC_URI[portable-atomic-1.6.0.sha256sum] = "7170ef9988bc169ba16dd36a7fa041e5c4cbeb6a35b76d4c03daded371eae7c0" +SRC_URI[powerfmt-0.2.0.sha256sum] = "439ee305def115ba05938db6eb1644ff94165c5ab5e9420d1c1bcedbba909391" SRC_URI[ppv-lite86-0.2.17.sha256sum] = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de" SRC_URI[pretty_assertions-1.4.0.sha256sum] = "af7cee1a6c8a5b9208b3cb1061f10c0cb689087b3d8ce85fb9d2dd7a29b6ba66" -SRC_URI[proc-macro2-1.0.63.sha256sum] = "7b368fba921b0dce7e60f5e04ec15e565b3303972b42bcfde1d0713b881959eb" +SRC_URI[prettyplease-0.2.19.sha256sum] = "5ac2cf0f2e4f42b49f5ffd07dae8d746508ef7526c13940e5f524012ae6c6550" +SRC_URI[proc-macro-crate-3.1.0.sha256sum] = "6d37c51ca738a55da99dc0c4a34860fd675453b8b36209178c2249bb13651284" +SRC_URI[proc-macro2-1.0.86.sha256sum] = "5e719e8df665df0d1c8fbfd238015744736151d4445ec0836b8e628aae103b77" SRC_URI[procfs-0.16.0.sha256sum] = "731e0d9356b0c25f16f33b5be79b1c57b562f141ebfcdb0ad8ac2c13a24293b4" SRC_URI[procfs-core-0.16.0.sha256sum] = "2d3554923a69f4ce04c4a754260c338f505ce22642d3830e049a399fc2059a29" SRC_URI[quick-error-2.0.1.sha256sum] = "a993555f31e5a609f617c12db6250dedcac1b0a85076912c436e6fc9b2c8e6a3" SRC_URI[quickcheck-1.0.3.sha256sum] = "588f6378e4dd99458b60ec275b4477add41ce4fa9f64dcba6f15adccb19b50d6" -SRC_URI[quote-1.0.29.sha256sum] = "573015e8ab27661678357f27dc26460738fd2b6c86e46f386fde94cb5d913105" +SRC_URI[quote-1.0.36.sha256sum] = "0fa76aaf39101c457836aec0ce2316dbdc3ab723cdda1c6bd4e6ad4208acaca7" +SRC_URI[radium-0.7.0.sha256sum] = "dc33ff2d4973d518d823d61aa239014831e521c75da58e3df4840d3f47749d09" SRC_URI[rand-0.8.5.sha256sum] = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" SRC_URI[rand_chacha-0.3.1.sha256sum] = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" SRC_URI[rand_core-0.6.4.sha256sum] = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" SRC_URI[rand_pcg-0.3.1.sha256sum] = "59cad018caf63deb318e5a4586d99a24424a364f40f1e5778c29aca23f4fc73e" -SRC_URI[rayon-1.9.0.sha256sum] = "e4963ed1bc86e4f3ee217022bd855b297cef07fb9eac5dfa1f788b220b49b3bd" +SRC_URI[rayon-1.10.0.sha256sum] = "b418a60154510ca1a002a752ca9714984e21e4241e804d32555251faf8b78ffa" SRC_URI[rayon-core-1.12.1.sha256sum] = "1465873a3dfdaa8ae7cb14b4383657caab0b3e8a0aa9ae8e04b044854c8dfce2" SRC_URI[redox_syscall-0.4.1.sha256sum] = "4722d768eff46b75989dd134e5c353f0d6296e5aaa3132e776cbdb56be7731aa" -SRC_URI[redox_syscall-0.5.0.sha256sum] = "13c178f952cc7eac391f3124bd9851d1ac0bdbc4c9de2d892ccd5f0d8b160e96" +SRC_URI[redox_syscall-0.5.2.sha256sum] = "c82cf8cff14456045f55ec4241383baeff27af886adb72ffb2162f99911de0fd" SRC_URI[reference-counted-singleton-0.1.2.sha256sum] = "f1bfbf25d7eb88ddcbb1ec3d755d0634da8f7657b2cb8b74089121409ab8228f" -SRC_URI[regex-1.10.4.sha256sum] = "c117dbdfde9c8308975b6a18d71f3f385c89461f7b3fb054288ecf2a2058ba4c" +SRC_URI[regex-1.10.5.sha256sum] = "b91213439dad192326a0d7c6ee3955910425f441d7038e0d6933b0aec5c4517f" SRC_URI[regex-automata-0.4.4.sha256sum] = "3b7fa1134405e2ec9353fd416b17f8dacd46c473d7d3fd1cf202706a14eb792a" SRC_URI[regex-syntax-0.8.2.sha256sum] = "c08c74e62047bb2de4ff487b251e4a92e24f48745648451635cec7d591162d9f" SRC_URI[relative-path-1.8.0.sha256sum] = "4bf2521270932c3c7bed1a59151222bd7643c79310f2916f01925e1e16255698" SRC_URI[rlimit-0.10.1.sha256sum] = "3560f70f30a0f16d11d01ed078a07740fe6b489667abc7c7b029155d9f21c3d8" SRC_URI[roff-0.2.1.sha256sum] = "b833d8d034ea094b1ea68aa6d5c740e0d04bad9d16568d08ba6f76823a114316" -SRC_URI[rstest-0.18.2.sha256sum] = "97eeab2f3c0a199bc4be135c36c924b6590b88c377d416494288c14f2db30199" -SRC_URI[rstest_macros-0.18.2.sha256sum] = "d428f8247852f894ee1be110b375111b586d4fa431f6c46e64ba5a0dcccbe605" -SRC_URI[rust-ini-0.19.0.sha256sum] = "7e2a3bcec1f113553ef1c88aae6c020a369d03d55b58de9869a0908930385091" +SRC_URI[rstest-0.21.0.sha256sum] = "9afd55a67069d6e434a95161415f5beeada95a01c7b815508a82dcb0e1593682" +SRC_URI[rstest_macros-0.21.0.sha256sum] = "4165dfae59a39dd41d8dec720d3cbfbc71f69744efb480a3920f5d4e0cc6798d" +SRC_URI[rust-ini-0.21.0.sha256sum] = "0d625ed57d8f49af6cfa514c42e1a71fadcff60eb0b1c517ff82fe41aa025b41" SRC_URI[rustc-hash-1.1.0.sha256sum] = "08d43f7aa6b08d49f382cde6a7982047c3426db949b1424bc4b7ec9ae12c6ce2" SRC_URI[rustc_version-0.4.0.sha256sum] = "bfa0f585226d2e68097d4f95d113b15b83a82e819ab25717ec0590d9584ef366" SRC_URI[rustix-0.37.26.sha256sum] = "84f3f8f960ed3b5a59055428714943298bf3fa2d4a1d53135084e0544829d995" SRC_URI[rustix-0.38.31.sha256sum] = "6ea3e1a662af26cd7a3ba09c0297a31af215563ecf42817c98df621387f4e949" SRC_URI[same-file-1.0.6.sha256sum] = "93fc1dc3aaa9bfed95e02e6eadabb4baf7e3078b0bd1b4d7b6b0b68378900502" SRC_URI[scopeguard-1.2.0.sha256sum] = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" -SRC_URI[self_cell-1.0.3.sha256sum] = "58bf37232d3bb9a2c4e641ca2a11d83b5062066f88df7fed36c28772046d65ba" -SRC_URI[selinux-0.4.0.sha256sum] = "a00576725d21b588213fbd4af84cd7e4cc4304e8e9bd6c0f5a1498a3e2ca6a51" -SRC_URI[selinux-sys-0.6.2.sha256sum] = "806d381649bb85347189d2350728817418138d11d738e2482cb644ec7f3c755d" +SRC_URI[self_cell-1.0.4.sha256sum] = "d369a96f978623eb3dc28807c4852d6cc617fed53da5d3c400feff1ef34a714a" +SRC_URI[selinux-0.4.4.sha256sum] = "53371b1e9bbbfffd65e5ac3c895c786ec35b7695bdc4a67a8b08c29c8d057e0b" +SRC_URI[selinux-sys-0.6.9.sha256sum] = "89d45498373dc17ec8ebb72e1fd320c015647b0157fc81dddf678e2e00205fec" SRC_URI[semver-1.0.14.sha256sum] = "e25dfac463d778e353db5be2449d1cce89bd6fd23c9f1ea21310ce6e5a1b29c4" -SRC_URI[serde-1.0.193.sha256sum] = "25dd9975e68d0cb5aa1120c288333fc98731bd1dd12f561e468ea4728c042b89" -SRC_URI[serde_derive-1.0.193.sha256sum] = "43576ca501357b9b071ac53cdc7da8ef0cbd9493d8df094cd821777ea6e894d3" +SRC_URI[serde-1.0.203.sha256sum] = "7253ab4de971e72fb7be983802300c30b5a7f0c2e56fab8abfc6a214307c0094" +SRC_URI[serde-big-array-0.5.1.sha256sum] = "11fc7cc2c76d73e0f27ee52abbd64eec84d46f370c88371120433196934e4b7f" +SRC_URI[serde_derive-1.0.203.sha256sum] = "500cbc0ebeb6f46627f50f3f5811ccf6bf00643be300b4c3eabc0ef55dc5b5ba" SRC_URI[sha1-0.10.6.sha256sum] = "e3bf829a2d51ab4a5ddf1352d8470c140cadc8301b2ae1789db023f01cedd6ba" SRC_URI[sha2-0.10.8.sha256sum] = "793db75ad2bcafc3ffa7c68b215fee268f537982cd901d132f89c6343f3a3dc8" SRC_URI[sha3-0.10.8.sha256sum] = "75872d278a8f37ef87fa0ddbda7802605cb18344497949862c0d4dcb291eba60" SRC_URI[shlex-1.3.0.sha256sum] = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64" SRC_URI[signal-hook-0.3.17.sha256sum] = "8621587d4798caf8eb44879d42e56b9a93ea5dcd315a6487c357130095b62801" SRC_URI[signal-hook-mio-0.2.3.sha256sum] = "29ad2e15f37ec9a6cc544097b78a1ec90001e9f71b81338ca39f430adaca99af" -SRC_URI[signal-hook-registry-1.4.0.sha256sum] = "e51e73328dc4ac0c7ccbda3a494dfa03df1de2f46018127f60c693f2648455b0" +SRC_URI[signal-hook-registry-1.4.1.sha256sum] = "d8229b473baa5980ac72ef434c4415e70c4b5e71b423043adb4ba059f89c99a1" SRC_URI[siphasher-0.3.10.sha256sum] = "7bd3e3206899af3f8b12af284fafc038cc1dc2b41d1b89dd17297221c5d225de" SRC_URI[slab-0.4.7.sha256sum] = "4614a76b2a8be0058caa9dbbaf66d988527d86d003c11a94fbd335d7661edcef" SRC_URI[sm3-0.4.2.sha256sum] = "ebb9a3b702d0a7e33bc4d85a14456633d2b165c2ad839c5fd9a8417c1ab15860" -SRC_URI[smallvec-1.13.1.sha256sum] = "e6ecd384b10a64542d77071bd64bd7b231f4ed5940fba55e98c3de13824cf3d7" +SRC_URI[smallvec-1.13.2.sha256sum] = "3c5e1a9a646d36c3599cd173a41282daf47c44583ad367b8e6837255952e5c67" SRC_URI[smawk-0.3.1.sha256sum] = "f67ad224767faa3c7d8b6d91985b78e70a1324408abcb1cfcc2be4c06bc06043" SRC_URI[socket2-0.5.3.sha256sum] = "2538b18701741680e0322a2302176d3253a35388e2e62f172f64f4f16605f877" SRC_URI[strsim-0.10.0.sha256sum] = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623" SRC_URI[syn-1.0.109.sha256sum] = "72b64191b275b66ffe2469e8af2c1cfe3bafa67b529ead792a6d0160888b4237" -SRC_URI[syn-2.0.32.sha256sum] = "239814284fd6f1a4ffe4ca893952cdd93c224b6a1571c9a9eadd670295c0c9e2" +SRC_URI[syn-2.0.60.sha256sum] = "909518bc7b1c9b779f1bbf07f2929d35af9f0f37e47c6e9ef7f9dddc1e1821f3" +SRC_URI[tap-1.0.1.sha256sum] = "55937e1799185b12863d447f42597ed69d9928686b8d88a1df17376a097d8369" SRC_URI[tempfile-3.10.1.sha256sum] = "85b77fafb263dd9d05cbeac119526425676db3784113aa9295c88498cbf8bff1" SRC_URI[terminal_size-0.2.6.sha256sum] = "8e6bf6f19e9f8ed8d4048dc22981458ebcf406d67e94cd422e5ecd73d63b3237" SRC_URI[terminal_size-0.3.0.sha256sum] = "21bebf2b7c9e0a515f6e0f8c51dc0f8e4696391e6f1ff30379559f8365fb0df7" SRC_URI[textwrap-0.16.1.sha256sum] = "23d434d3f8967a09480fb04132ebe0a3e088c173e6d0ee7897abbdf4eab0f8b9" -SRC_URI[thiserror-1.0.37.sha256sum] = "10deb33631e3c9018b9baf9dcbbc4f737320d2b576bac10f6aefa048fa407e3e" -SRC_URI[thiserror-impl-1.0.37.sha256sum] = "982d17546b47146b28f7c22e3d08465f6b8903d0ea13c1660d9d84a6e7adcdbb" -SRC_URI[time-0.3.20.sha256sum] = "cd0cbfecb4d19b5ea75bb31ad904eb5b9fa13f21079c3b92017ebdf4999a5890" -SRC_URI[time-core-0.1.0.sha256sum] = "2e153e1f1acaef8acc537e68b44906d2db6436e2b35ac2c6b42640fff91f00fd" -SRC_URI[time-macros-0.2.8.sha256sum] = "fd80a657e71da814b8e5d60d3374fc6d35045062245d80224748ae522dd76f36" +SRC_URI[thiserror-1.0.61.sha256sum] = "c546c80d6be4bc6a00c0f01730c08df82eaa7a7a61f11d656526506112cc1709" +SRC_URI[thiserror-impl-1.0.61.sha256sum] = "46c3384250002a6d5af4d114f2845d37b57521033f30d5c3f46c4d70e1197533" +SRC_URI[time-0.3.36.sha256sum] = "5dfd88e563464686c916c7e46e623e520ddc6d79fa6641390f2e3fa86e83e885" +SRC_URI[time-core-0.1.2.sha256sum] = "ef927ca75afb808a4d64dd374f00a2adf8d0fcff8e7b184af886c3c87ec4a3f3" +SRC_URI[time-macros-0.2.18.sha256sum] = "3f252a68540fde3a3877aeea552b832b40ab9a69e318efd078774a01ddee1ccf" SRC_URI[tiny-keccak-2.0.2.sha256sum] = "2c9d3793400a45f954c52e73d068316d76b6f4e36977e3fcebb13a2721e80237" +SRC_URI[toml_datetime-0.6.6.sha256sum] = "4badfd56924ae69bcc9039335b2e017639ce3f9b001c393c1b2d1ef846ce2cbf" +SRC_URI[toml_edit-0.21.1.sha256sum] = "6a8534fd7f78b5405e860340ad6575217ce99f38d4d5c8f2442cb5ecb50090e1" +SRC_URI[trim-in-place-0.1.7.sha256sum] = "343e926fc669bc8cde4fa3129ab681c63671bae288b1f1081ceee6d9d37904fc" SRC_URI[typenum-1.15.0.sha256sum] = "dcf81ac59edc17cc8697ff311e8f5ef2d99fcbd9817b34cec66f90b6c3dfd987" SRC_URI[unicode-ident-1.0.5.sha256sum] = "6ceab39d59e4c9499d4e5a8ee0e2735b891bb7308ac83dfb4e80cad195c9f6f3" SRC_URI[unicode-linebreak-0.1.5.sha256sum] = "3b09c83c3c29d37506a3e260c08c03743a6bb66a9cd432c6934ab501a190571f" SRC_URI[unicode-segmentation-1.11.0.sha256sum] = "d4c87d22b6e3f4a18d4d40ef354e97c90fcb14dd91d7dc0aa9d8a1172ebf7202" -SRC_URI[unicode-width-0.1.11.sha256sum] = "e51733f11c9c4f72aa0c160008246859e340b00807569a0da0e7a1079b27ba85" +SRC_URI[unicode-width-0.1.12.sha256sum] = "68f5e5f3158ecfd4b8ff6fe086db7c8467a2dfdac97fe420f2b7c4aa97af66d6" SRC_URI[unicode-xid-0.2.4.sha256sum] = "f962df74c8c05a667b5ee8bcf162993134c104e96440b663c8daa176dc772d8c" -SRC_URI[unindent-0.2.1.sha256sum] = "5aa30f5ea51ff7edfc797c6d3f9ec8cbd8cfedef5371766b7181d33977f4814f" +SRC_URI[unindent-0.2.3.sha256sum] = "c7de7d73e1754487cb58364ee906a499937a0dfabd86bcb980fa99ec8c8fa2ce" SRC_URI[utf8parse-0.2.1.sha256sum] = "711b9620af191e0cdc7468a8d14e709c3dcdb115b36f838e601583af800a370a" SRC_URI[uuid-1.7.0.sha256sum] = "f00cc9702ca12d3c81455259621e676d0f7251cec66a21e98fe2e9a37db93b2a" -SRC_URI[uutils_term_grid-0.3.0.sha256sum] = "b389452a568698688dda38802068378a16c15c4af9b153cdd99b65391292bbc7" +SRC_URI[uutils_term_grid-0.6.0.sha256sum] = "f89defb4adb4ba5703a57abc879f96ddd6263a444cacc446db90bf2617f141fb" SRC_URI[version_check-0.9.4.sha256sum] = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" SRC_URI[walkdir-2.5.0.sha256sum] = "29790946404f91d9c5d06f9874efddea1dc06c5efe94541a7d6863108e3a5e4b" SRC_URI[wasi-0.11.0+wasi-snapshot-preview1.sha256sum] = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" @@ -527,8 +581,10 @@ SRC_URI[which-4.3.0.sha256sum] = "1c831fbbee9e129a8cf93e7747a82da9d95ba8e16621ca SRC_URI[wild-2.2.1.sha256sum] = "a3131afc8c575281e1e80f36ed6a092aa502c08b18ed7524e86fbbb12bb410e1" SRC_URI[winapi-0.3.9.sha256sum] = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" SRC_URI[winapi-i686-pc-windows-gnu-0.4.0.sha256sum] = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" -SRC_URI[winapi-util-0.1.6.sha256sum] = "f29e6f9198ba0d26b4c9f07dbe6f9ed633e1f3d5b8b414090084349e46a52596" +SRC_URI[winapi-util-0.1.8.sha256sum] = "4d4cc384e1e73b93bafa6fb4f1df8c41695c8a91cf9c4c64358067d15a7b6c6b" SRC_URI[winapi-x86_64-pc-windows-gnu-0.4.0.sha256sum] = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" +SRC_URI[windows-0.52.0.sha256sum] = "e48a53791691ab099e5e2ad123536d0fff50652600abaf43bbf952894110d0be" +SRC_URI[windows-core-0.52.0.sha256sum] = "33ab640c8d7e35bf8ba19b884ba838ceb4fba93a4e8c65a9059d08afcfc683d9" SRC_URI[windows-sys-0.45.0.sha256sum] = "75283be5efb2831d37ea142365f009c02ec203cd29a3ebecbc093d52315b66d0" SRC_URI[windows-sys-0.48.0.sha256sum] = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" SRC_URI[windows-sys-0.52.0.sha256sum] = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d" @@ -556,7 +612,11 @@ SRC_URI[windows_x86_64_gnullvm-0.52.0.sha256sum] = "1a657e1e9d3f514745a572a6846d SRC_URI[windows_x86_64_msvc-0.42.2.sha256sum] = "9aec5da331524158c6d1a4ac0ab1541149c0b9505fde06423b02f5ef0106b9f0" SRC_URI[windows_x86_64_msvc-0.48.0.sha256sum] = "1a515f5799fe4961cb532f983ce2b23082366b898e52ffbce459c86f67c8378a" SRC_URI[windows_x86_64_msvc-0.52.0.sha256sum] = "dff9641d1cd4be8d1a070daf9e3773c5f67e78b4d9d42263020c057706765c04" +SRC_URI[winnow-0.5.40.sha256sum] = "f593a95398737aeed53e489c785df13f3618e41dbcd6718c6addbf1395aa6876" +SRC_URI[wyz-0.5.1.sha256sum] = "05f360fc0b24296329c78fda852a1e9ae82de9cf7b27dae4b7f62f118f77b9ed" SRC_URI[xattr-1.3.1.sha256sum] = "8da84f1a25939b27f6820d92aed108f83ff920fdf11a7b19366c27c4cda81d4f" SRC_URI[yansi-0.5.1.sha256sum] = "09041cd90cf85f7f8b2df60c646f853b7f535ce68f85244eb6731cf89fa498ec" SRC_URI[z85-3.0.5.sha256sum] = "2a599daf1b507819c1121f0bf87fa37eb19daac6aff3aefefd4e6e2e0f2020fc" -SRC_URI[zip-0.6.6.sha256sum] = "760394e246e4c28189f19d488c058bf16f564016aefac5d32bb1f3b51d5e9261" +SRC_URI[zerocopy-0.7.33.sha256sum] = "087eca3c1eaf8c47b94d02790dd086cd594b912d2043d4de4bfdd466b3befb7c" +SRC_URI[zerocopy-derive-0.7.33.sha256sum] = "6f4b6c273f496d8fd4eaf18853e6b448760225dc030ff2c485a786859aea6393" +SRC_URI[zip-1.3.0.sha256sum] = "f1f4a27345eb6f7aa7bd015ba7eb4175fa4e1b462a29874b779e0bbcf96c6ac7" diff --git a/meta-oe/recipes-core/uutils-coreutils/uutils-coreutils_0.0.25.bb b/meta-oe/recipes-core/uutils-coreutils/uutils-coreutils_0.0.27.bb index 61f2dc2987..ea0eb061fa 100644 --- a/meta-oe/recipes-core/uutils-coreutils/uutils-coreutils_0.0.25.bb +++ b/meta-oe/recipes-core/uutils-coreutils/uutils-coreutils_0.0.27.bb @@ -13,7 +13,7 @@ SRC_URI += "git://github.com/uutils/coreutils.git;protocol=https;branch=main" # so src/uucore/src/lib/features.rs disables utmpx when targetting musl. COMPATIBLE_HOST:libc-musl = "null" -SRCREV = "68c77b4bd129bdc12d03cc74fe0f817d2df75894" +SRCREV = "9b11753e7cb06b0f76f4221fc237019c0a86f8f5" S = "${WORKDIR}/git" require ${BPN}-crates.inc diff --git a/meta-oe/recipes-dbs/mysql/mariadb.inc b/meta-oe/recipes-dbs/mysql/mariadb.inc index 33da32fb28..124a49ff96 100644 --- a/meta-oe/recipes-dbs/mysql/mariadb.inc +++ b/meta-oe/recipes-dbs/mysql/mariadb.inc @@ -25,6 +25,7 @@ SRC_URI = "https://archive.mariadb.org/${BP}/source/${BP}.tar.gz \ file://0001-Add-missing-includes-cstdint-and-cstdio.patch \ file://0001-Remove-the-compile_time_assert-lines.patch \ file://0001-MDEV-33439-Fix-build-with-libxml2-2.12.patch \ + file://0001-RISC-V-use-RDTIME-instead-of-RDCYCLE.patch \ " SRC_URI:append:libc-musl = " file://ppc-remove-glibc-dep.patch" SRC_URI[sha256sum] = "5239a245ed90517e96396605cd01ccd8f73cd7442d1b3076b6ffe258110e5157" diff --git a/meta-oe/recipes-dbs/mysql/mariadb/0001-RISC-V-use-RDTIME-instead-of-RDCYCLE.patch b/meta-oe/recipes-dbs/mysql/mariadb/0001-RISC-V-use-RDTIME-instead-of-RDCYCLE.patch new file mode 100644 index 0000000000..25a2c399cc --- /dev/null +++ b/meta-oe/recipes-dbs/mysql/mariadb/0001-RISC-V-use-RDTIME-instead-of-RDCYCLE.patch @@ -0,0 +1,66 @@ +From 342f0dd9b4f9fc49dcb589cd98933ea330de55d8 Mon Sep 17 00:00:00 2001 +From: Aurelien Jarno <aurelien@aurel32.net> +Date: Thu, 4 Jan 2024 11:30:34 +0100 +Subject: [PATCH] RISC-V: use RDTIME instead of RDCYCLE + +Starting with Linux 6.6 [1], RDCYCLE is a privileged instruction on +RISC-V and can't be used directly from userland. There is a sysctl +option to change that as a transition period, but it will eventually +disappear. + +Use RDTIME instead, which while less accurate has the advantage of being +synchronized between CPU (and thus monotonic) and of constant frequency. + +[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc4c07c89aada16229084eeb93895c95b7eabaa3 + +Upstream-Status: Backport [https://github.com/MariaDB/server/commit/656f8867720efc1b4dd0969319f35a3e1a2a005e] +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + include/my_rdtsc.h | 12 ++++++------ + 1 file changed, 6 insertions(+), 6 deletions(-) + +diff --git a/include/my_rdtsc.h b/include/my_rdtsc.h +index 8b9b0046bc0..21e44847d9a 100644 +--- a/include/my_rdtsc.h ++++ b/include/my_rdtsc.h +@@ -111,7 +111,7 @@ C_MODE_START + On AARCH64, we use the generic timer base register. We override clang + implementation for aarch64 as it access a PMU register which is not + guaranteed to be active. +- On RISC-V, we use the rdcycle instruction to read from mcycle register. ++ On RISC-V, we use the rdtime instruction to read from mtime register. + + Sadly, we have nothing for the Digital Alpha, MIPS, Motorola m68k, + HP PA-RISC or other non-mainstream (or obsolete) processors. +@@ -211,15 +211,15 @@ static inline ulonglong my_timer_cycles(void) + } + #elif defined(__riscv) + #define MY_TIMER_ROUTINE_CYCLES MY_TIMER_ROUTINE_RISCV +- /* Use RDCYCLE (and RDCYCLEH on riscv32) */ ++ /* Use RDTIME (and RDTIMEH on riscv32) */ + { + # if __riscv_xlen == 32 + ulong result_lo, result_hi0, result_hi1; + /* Implemented in assembly because Clang insisted on branching. */ + __asm __volatile__( +- "rdcycleh %0\n" +- "rdcycle %1\n" +- "rdcycleh %2\n" ++ "rdtimeh %0\n" ++ "rdtime %1\n" ++ "rdtimeh %2\n" + "sub %0, %0, %2\n" + "seqz %0, %0\n" + "sub %0, zero, %0\n" +@@ -228,7 +228,7 @@ static inline ulonglong my_timer_cycles(void) + return (static_cast<ulonglong>(result_hi1) << 32) | result_lo; + # else + ulonglong result; +- __asm __volatile__("rdcycle %0" : "=r"(result)); ++ __asm __volatile__("rdtime %0" : "=r"(result)); + return result; + } + # endif +-- +2.25.1 + diff --git a/meta-oe/recipes-dbs/postgresql/files/0003-configure.ac-bypass-autoconf-2.69-version-check.patch b/meta-oe/recipes-dbs/postgresql/files/0003-configure.ac-bypass-autoconf-2.69-version-check.patch index d76d1991b6..342aeba85e 100644 --- a/meta-oe/recipes-dbs/postgresql/files/0003-configure.ac-bypass-autoconf-2.69-version-check.patch +++ b/meta-oe/recipes-dbs/postgresql/files/0003-configure.ac-bypass-autoconf-2.69-version-check.patch @@ -13,12 +13,12 @@ Signed-off-by: Yi Fan Yu <yifan.yu@windriver.com> 1 file changed, 4 deletions(-) diff --git a/configure.ac b/configure.ac -index 401ce30..27f382d 100644 +index 65715a4..4ad6340 100644 --- a/configure.ac +++ b/configure.ac @@ -19,10 +19,6 @@ m4_pattern_forbid(^PGAC_)dnl to catch undefined macros - AC_INIT([PostgreSQL], [16.2], [pgsql-bugs@lists.postgresql.org], [], [https://www.postgresql.org/]) + AC_INIT([PostgreSQL], [16.4], [pgsql-bugs@lists.postgresql.org], [], [https://www.postgresql.org/]) -m4_if(m4_defn([m4_PACKAGE_VERSION]), [2.69], [], [m4_fatal([Autoconf version 2.69 is required. -Untested combinations of 'autoconf' and PostgreSQL versions are not @@ -28,5 +28,5 @@ index 401ce30..27f382d 100644 AC_CONFIG_SRCDIR([src/backend/access/common/heaptuple.c]) AC_CONFIG_AUX_DIR(config) -- -2.25.1 +2.34.1 diff --git a/meta-oe/recipes-dbs/postgresql/files/not-check-libperl.patch b/meta-oe/recipes-dbs/postgresql/files/not-check-libperl.patch index fa46912eef..1f735f322b 100644 --- a/meta-oe/recipes-dbs/postgresql/files/not-check-libperl.patch +++ b/meta-oe/recipes-dbs/postgresql/files/not-check-libperl.patch @@ -23,7 +23,7 @@ diff --git a/configure.ac b/configure.ac index fba79ee..7170f26 100644 --- a/configure.ac +++ b/configure.ac -@@ -2261,7 +2261,7 @@ Use --without-tcl to disable building PL/Tcl.]) +@@ -2297,7 +2297,7 @@ Use --without-tcl to disable building PL/Tcl.]) fi # check for <perl.h> diff --git a/meta-oe/recipes-dbs/postgresql/postgresql.inc b/meta-oe/recipes-dbs/postgresql/postgresql.inc index e29a5bef77..5e0c0edf5e 100644 --- a/meta-oe/recipes-dbs/postgresql/postgresql.inc +++ b/meta-oe/recipes-dbs/postgresql/postgresql.inc @@ -19,7 +19,7 @@ DESCRIPTION = "\ " HOMEPAGE = "http://www.postgresql.com" LICENSE = "0BSD" -DEPENDS = "libnsl2 readline tzcode-native" +DEPENDS = "libnsl2 readline tzcode-native perl" ARM_INSTRUCTION_SET = "arm" @@ -37,7 +37,7 @@ LEAD_SONAME = "libpq.so" export LDFLAGS_SL = "${LDFLAGS}" export LDFLAGS_EX_BE = "-Wl,--export-dynamic" -inherit autotools pkgconfig perlnative python3native python3targetconfig useradd update-rc.d systemd gettext cpan-base multilib_header +inherit autotools pkgconfig perlnative python3native python3targetconfig useradd update-rc.d systemd gettext perl-version multilib_header CFLAGS += "-I${STAGING_INCDIR}/${PYTHON_DIR} -I${STAGING_INCDIR}/tcl8.6" @@ -122,6 +122,12 @@ python populate_packages:prepend() { } +# Same as the function in cpan-base.bbclass (but without the perl RDEPENDS) +def is_target(d): + if not bb.data.inherits_class('native', d): + return "yes" + return "no" + # This will make native perl use target settings (for include dirs etc.) export PERLCONFIGTARGET = "${@is_target(d)}" export PERL_ARCHLIB = "${STAGING_LIBDIR}${PERL_OWN_DIR}/perl5/${@get_perl_version(d)}/${@get_perl_arch(d)}" diff --git a/meta-oe/recipes-dbs/postgresql/postgresql_16.2.bb b/meta-oe/recipes-dbs/postgresql/postgresql_16.4.bb index 31f83a564b..1a47369e4d 100644 --- a/meta-oe/recipes-dbs/postgresql/postgresql_16.2.bb +++ b/meta-oe/recipes-dbs/postgresql/postgresql_16.4.bb @@ -11,6 +11,6 @@ SRC_URI += "\ file://0005-postgresql-fix-ptest-failure-of-sysviews.patch \ " -SRC_URI[sha256sum] = "446e88294dbc2c9085ab4b7061a646fa604b4bec03521d5ea671c2e5ad9b2952" +SRC_URI[sha256sum] = "971766d645aa73e93b9ef4e3be44201b4f45b5477095b049125403f9f3386d6f" CVE_STATUS[CVE-2017-8806] = "not-applicable-config: Ddoesn't apply to out configuration of postgresql so we can safely ignore it." diff --git a/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp/0004-PR-1644-unscaledcycleclock-remove-RISC-V-support.patch b/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp/0004-PR-1644-unscaledcycleclock-remove-RISC-V-support.patch new file mode 100644 index 0000000000..461df7a608 --- /dev/null +++ b/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp/0004-PR-1644-unscaledcycleclock-remove-RISC-V-support.patch @@ -0,0 +1,82 @@ +From 7335a36d0b5c1c597566f9aa3f458a5b6817c3b4 Mon Sep 17 00:00:00 2001 +From: aurel32 <aurelien@aurel32.net> +Date: Fri, 22 Mar 2024 14:21:13 -0700 +Subject: [PATCH] PR #1644: unscaledcycleclock: remove RISC-V support + +Imported from GitHub PR https://github.com/abseil/abseil-cpp/pull/1644 + +Starting with Linux 6.6 [1], RDCYCLE is a privileged instruction on RISC-V and can't be used directly from userland. There is a sysctl option to change that as a transition period, but it will eventually disappear. + +The RDTIME instruction is another less accurate alternative, however its frequency varies from board to board, and there is currently now way to get its frequency from userland [2]. + +Therefore this patch just removes the code for unscaledcycleclock on RISC-V. Without processor specific implementation, abseil relies on std::chrono::steady_clock::now().time_since_epoch() which is basically a wrapper around clock_gettime (CLOCK_MONOTONIC), which in turns use __vdso_clock_gettime(). On RISC-V this VDSO is just a wrapper around RDTIME correctly scaled to use nanoseconds units. + +This fixes the testsuite on riscv64, tested on a VisionFive 2 board. + +[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc4c07c89aada16229084eeb93895c95b7eabaa3 +[2] https://github.com/abseil/abseil-cpp/pull/1631 +Merge 43356a2548cfde76e164d446cb69004b488c6a71 into 76f8011beabdaee872b5fde7546e02407b220cb1 + +Merging this change closes #1644 + +COPYBARA_INTEGRATE_REVIEW=https://github.com/abseil/abseil-cpp/pull/1644 from aurel32:rv64-no-unscaledcycleclock 43356a2548cfde76e164d446cb69004b488c6a71 +PiperOrigin-RevId: 618286262 +Change-Id: Ie4120a727e7d0bb185df6e06ea145c780ebe6652 + +Upstream-Status: Backport [https://github.com/abseil/abseil-cpp/commit/7335a36d] +[Adapted to apply on top of meta-oe's patch stack] +Signed-off-by: Scott Murray <scott.murray@konsulko.com> +--- + absl/base/internal/unscaledcycleclock.cc | 12 ------------ + absl/base/internal/unscaledcycleclock_config.h | 5 ++--- + 2 files changed, 2 insertions(+), 15 deletions(-) + +diff --git a/absl/base/internal/unscaledcycleclock.cc b/absl/base/internal/unscaledcycleclock.cc +index f11fecb3..103b4f6a 100644 +--- a/absl/base/internal/unscaledcycleclock.cc ++++ b/absl/base/internal/unscaledcycleclock.cc +@@ -121,18 +121,6 @@ double UnscaledCycleClock::Frequency() { + return aarch64_timer_frequency; + } + +-#elif defined(__riscv) +- +-int64_t UnscaledCycleClock::Now() { +- int64_t virtual_timer_value; +- asm volatile("rdcycle %0" : "=r"(virtual_timer_value)); +- return virtual_timer_value; +-} +- +-double UnscaledCycleClock::Frequency() { +- return base_internal::NominalCPUFrequency(); +-} +- + #elif defined(_M_IX86) || defined(_M_X64) + + #pragma intrinsic(__rdtsc) +diff --git a/absl/base/internal/unscaledcycleclock_config.h b/absl/base/internal/unscaledcycleclock_config.h +index 5e232c1a..83552fc5 100644 +--- a/absl/base/internal/unscaledcycleclock_config.h ++++ b/absl/base/internal/unscaledcycleclock_config.h +@@ -22,7 +22,6 @@ + // The following platforms have an implementation of a hardware counter. + #if defined(__i386__) || defined(__x86_64__) || defined(__aarch64__) || \ + ((defined(__powerpc__) || defined(__ppc__)) && defined(__GLIBC__)) || \ +- defined(__riscv) || \ + defined(_M_IX86) || (defined(_M_X64) && !defined(_M_ARM64EC)) + #define ABSL_HAVE_UNSCALED_CYCLECLOCK_IMPLEMENTATION 1 + #else +@@ -54,8 +53,8 @@ + #if ABSL_USE_UNSCALED_CYCLECLOCK + // This macro can be used to test if UnscaledCycleClock::Frequency() + // is NominalCPUFrequency() on a particular platform. +-#if (defined(__i386__) || defined(__x86_64__) || defined(__riscv) || \ +- defined(_M_IX86) || defined(_M_X64)) ++#if (defined(__i386__) || defined(__x86_64__) || defined(_M_IX86) || \ ++ defined(_M_X64)) + #define ABSL_INTERNAL_UNSCALED_CYCLECLOCK_FREQUENCY_IS_CPU_FREQUENCY + #endif + #endif +-- +2.44.0 + diff --git a/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp_20240116.2.bb b/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp_20240116.2.bb index 2aef973910..87ab239311 100644 --- a/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp_20240116.2.bb +++ b/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp_20240116.2.bb @@ -14,6 +14,7 @@ SRC_URI = "git://github.com/abseil/abseil-cpp;branch=${BRANCH};protocol=https \ file://0002-Remove-maes-option-from-cross-compilation.patch \ file://abseil-ppc-fixes.patch \ file://0003-Remove-neon-option-from-cross-compilation.patch \ + file://0004-PR-1644-unscaledcycleclock-remove-RISC-V-support.patch \ " S = "${WORKDIR}/git" diff --git a/meta-oe/recipes-devtools/cjson/cjson_1.7.17.bb b/meta-oe/recipes-devtools/cjson/cjson_1.7.18.bb index 6c8934b342..bdeab3055c 100644 --- a/meta-oe/recipes-devtools/cjson/cjson_1.7.17.bb +++ b/meta-oe/recipes-devtools/cjson/cjson_1.7.18.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=218947f77e8cb8e2fa02918dc41c50d0" SRC_URI = "git://github.com/DaveGamble/cJSON.git;branch=master;protocol=https \ file://run-ptest \ " -SRCREV = "87d8f0961a01bf09bef98ff89bae9fdec42181ee" +SRCREV = "acc76239bee01d8e9c858ae2cab296704e52d916" S = "${WORKDIR}/git" @@ -24,6 +24,11 @@ do_install_ptest() { sed s#${B}#${PTEST_PATH}# ${B}/CTestTestfile.cmake > ${D}${PTEST_PATH}/CTestTestfile.cmake sed s#${B}#${PTEST_PATH}# ${B}/tests/CTestTestfile.cmake > ${D}${PTEST_PATH}/tests/CTestTestfile.cmake sed s#${B}#${PTEST_PATH}# ${B}/fuzzing/CTestTestfile.cmake > ${D}${PTEST_PATH}/fuzzing/CTestTestfile.cmake + # The cmake files also contain full paths to original CMakeLists.txt file in _BACKTRACE_TRIPLES property; + # these are not needed for successful ptests as we don't install the CMakeLists.txt files anyway. + sed -i s#${S}#${PTEST_PATH}#g ${D}${PTEST_PATH}/CTestTestfile.cmake + sed -i s#${S}#${PTEST_PATH}#g ${D}${PTEST_PATH}/tests/CTestTestfile.cmake + sed -i s#${S}#${PTEST_PATH}#g ${D}${PTEST_PATH}/fuzzing/CTestTestfile.cmake # install test artifacts install ${B}/cJSON_test ${D}${PTEST_PATH} install ${B}/tests/cjson_add ${B}/tests/*_tests ${B}/tests/parse_* ${B}/tests/print_* ${B}/tests/readme_examples ${D}${PTEST_PATH}/tests/ diff --git a/meta-oe/recipes-devtools/flatbuffers/flatbuffers.bb b/meta-oe/recipes-devtools/flatbuffers/flatbuffers.bb index 183554e2c8..3103fd0091 100644 --- a/meta-oe/recipes-devtools/flatbuffers/flatbuffers.bb +++ b/meta-oe/recipes-devtools/flatbuffers/flatbuffers.bb @@ -23,6 +23,11 @@ EXTRA_OECMAKE:append:class-target = " -DFLATBUFFERS_FLATC_EXECUTABLE=${STAGING_B inherit cmake python3native +rm_flatc_cmaketarget_for_target() { + rm -f "${SYSROOT_DESTDIR}/${libdir}/cmake/flatbuffers/FlatcTargets.cmake" +} +SYSROOT_PREPROCESS_FUNCS:class-target += "rm_flatc_cmaketarget_for_target" + FILES:${PN}-compiler = "${bindir}" BBCLASSEXTEND = "native nativesdk" diff --git a/meta-oe/recipes-devtools/flatbuffers/python3-flatbuffers.bb b/meta-oe/recipes-devtools/flatbuffers/python3-flatbuffers.bb index 5d3c73fd9a..1fab013580 100644 --- a/meta-oe/recipes-devtools/flatbuffers/python3-flatbuffers.bb +++ b/meta-oe/recipes-devtools/flatbuffers/python3-flatbuffers.bb @@ -12,4 +12,4 @@ RDEPENDS:${PN} = "flatbuffers" inherit setuptools3 -BBCLASSEXTEND = "native" +BBCLASSEXTEND = "native nativesdk" diff --git a/meta-oe/recipes-devtools/giflib/giflib/0001-Makefile-fix-typo-in-soname-argument.patch b/meta-oe/recipes-devtools/giflib/giflib/0001-Makefile-fix-typo-in-soname-argument.patch new file mode 100644 index 0000000000..dc87ed60b9 --- /dev/null +++ b/meta-oe/recipes-devtools/giflib/giflib/0001-Makefile-fix-typo-in-soname-argument.patch @@ -0,0 +1,34 @@ +From 7f0cd4b6b56183b0afbefd01425e5ebd2b8733b4 Mon Sep 17 00:00:00 2001 +From: Martin Jansa <martin.jansa@gmail.com> +Date: Mon, 8 Jul 2024 13:18:11 +0200 +Subject: [PATCH] Makefile: fix typo in soname argument + +* introduced in: + https://sourceforge.net/p/giflib/code/ci/b65c7ac2905c0842e7977a7b51d83af4486ca7b8/ + there is no LIBUTILMAJOR variable only LIBUTILSOMAJOR leading to: + + ld: fatal error: -soname: must take a non-empty argument + collect2: error: ld returned 1 exit status + + with some linkers like GOLD + +Signed-off-by: Martin Jansa <martin.jansa@gmail.com> +--- +Upstream-Status: Submitted [https://sourceforge.net/p/giflib/code/merge-requests/17/] + + Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Makefile b/Makefile +index 87966a9..41b149e 100644 +--- a/Makefile ++++ b/Makefile +@@ -109,7 +109,7 @@ $(LIBUTILSO): $(UOBJECTS) $(UHEADERS) + ifeq ($(UNAME), Darwin) + $(CC) $(CFLAGS) -dynamiclib -current_version $(LIBVER) $(OBJECTS) -o $(LIBUTILSO) + else +- $(CC) $(CFLAGS) -shared $(LDFLAGS) -Wl,-soname -Wl,$(LIBUTILMAJOR) -o $(LIBUTILSO) $(UOBJECTS) ++ $(CC) $(CFLAGS) -shared $(LDFLAGS) -Wl,-soname -Wl,$(LIBUTILSOMAJOR) -o $(LIBUTILSO) $(UOBJECTS) + endif + + libutil.a: $(UOBJECTS) $(UHEADERS) diff --git a/meta-oe/recipes-devtools/giflib/giflib_5.2.1.bb b/meta-oe/recipes-devtools/giflib/giflib_5.2.2.bb index 79afe9a70f..aa47f93095 100644 --- a/meta-oe/recipes-devtools/giflib/giflib_5.2.1.bb +++ b/meta-oe/recipes-devtools/giflib/giflib_5.2.2.bb @@ -7,8 +7,13 @@ CVE_PRODUCT = "giflib_project:giflib" DEPENDS = "xmlto-native" -SRC_URI = "${SOURCEFORGE_MIRROR}/giflib/${BP}.tar.gz" -SRC_URI[sha256sum] = "31da5562f44c5f15d63340a09a4fd62b48c45620cd302f77a6d9acf0077879bd" +SRC_URI = "${SOURCEFORGE_MIRROR}/giflib/${BP}.tar.gz \ + https://sourceforge.net/p/giflib/code/ci/d54b45b0240d455bbaedee4be5203d2703e59967/tree/doc/giflib-logo.gif?format=raw;subdir=${BP}/doc;name=logo;downloadfilename=giflib-logo.gif \ + file://0001-Makefile-fix-typo-in-soname-argument.patch \ +" + +SRC_URI[logo.sha256sum] = "1a54383986adad1521d00e003b4c482c27e8bc60690be944a1f3319c75abc2c9" +SRC_URI[sha256sum] = "be7ffbd057cadebe2aa144542fd90c6838c6a083b5e8a9048b8ee3b66b29d5fb" do_install() { # using autotools's default will end up in /usr/local diff --git a/meta-oe/recipes-devtools/jemalloc/jemalloc_5.3.0.bb b/meta-oe/recipes-devtools/jemalloc/jemalloc_5.3.0.bb index 7e0272f898..cc21c8beae 100644 --- a/meta-oe/recipes-devtools/jemalloc/jemalloc_5.3.0.bb +++ b/meta-oe/recipes-devtools/jemalloc/jemalloc_5.3.0.bb @@ -17,6 +17,8 @@ SRC_URI = "git://github.com/jemalloc/jemalloc.git;branch=dev;protocol=https \ file://run-ptest \ " SRCREV = "630434bb0ac619f7beec927569782d924c459385" +PV_LONG := "${PV}-171-g${SRCREV}" +PV .= "+git" S = "${WORKDIR}/git" @@ -27,7 +29,7 @@ EXTRA_AUTORECONF += "--exclude=autoheader" EXTRA_OECONF:append:libc-musl = " --with-jemalloc-prefix=je_" # For some reason VERSION file populated only in tarball distribution. # Adding jemalloc version since this recipe is using source code from git tag -EXTRA_OECONF:append = " --with-version=${PV}-0-g${SRCREV} --enable-xmalloc" +EXTRA_OECONF:append = " --with-version=${PV_LONG} --enable-xmalloc" do_install:append() { sed -i -e 's@${STAGING_DIR_HOST}@@g' \ diff --git a/meta-oe/recipes-devtools/jsonrpc/jsonrpc_1.4.1.bb b/meta-oe/recipes-devtools/jsonrpc/jsonrpc_1.4.1.bb index 544922f05d..f0c60e5a86 100644 --- a/meta-oe/recipes-devtools/jsonrpc/jsonrpc_1.4.1.bb +++ b/meta-oe/recipes-devtools/jsonrpc/jsonrpc_1.4.1.bb @@ -25,4 +25,8 @@ EXTRA_OECMAKE += "-DCOMPILE_TESTS=NO -DCOMPILE_STUBGEN=NO -DCOMPILE_EXAMPLES=NO -DCMAKE_LIBRARY_PATH=${libdir} \ " +do_install:append() { + sed -i -e 's#${RECIPE_SYSROOT}##g' ${D}${libdir}/libjson-rpc-cpp/cmake/libjson-rpc-cppTargets.cmake +} + FILES:${PN}-dev += "${libdir}/libjson-rpc-cpp/cmake" diff --git a/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-20.12/oe-npm-cache b/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-20.12/oe-npm-cache index f596207648..eb0f143eae 100755 --- a/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-20.12/oe-npm-cache +++ b/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-20.12/oe-npm-cache @@ -30,7 +30,7 @@ const xlate = { time: Date.now(), url: key, reqHeaders: { - 'accept': 'application/vnd.npm.install-v1+json; q=1.0, application/json; q=0.8, */*', + 'accept': 'application/json', }, resHeaders: { "content-type": "application/json", diff --git a/meta-oe/recipes-devtools/perl/libdbd-mysql-perl/0001-Makefile.PL-avoid-running-assert_lib-at-configure.patch b/meta-oe/recipes-devtools/perl/libdbd-mysql-perl/0001-Makefile.PL-avoid-running-assert_lib-at-configure.patch new file mode 100644 index 0000000000..2e010931d6 --- /dev/null +++ b/meta-oe/recipes-devtools/perl/libdbd-mysql-perl/0001-Makefile.PL-avoid-running-assert_lib-at-configure.patch @@ -0,0 +1,40 @@ +From 577cdd6a571cfed506ec902b9021e60a2b854e4a Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Sun, 7 Jul 2024 22:32:30 -0700 +Subject: [PATCH] Makefile.PL: avoid running assert_lib at configure + +The assert_lib will run the generated binary. When cross compiling, +e.g., for qemuarm64, we'll see error like below: + + /usr/lib64/ld-linux-aarch64.so.1: No such file or directory + +We should just skip library checking, because in OE, if these libs are +not available, the do_compile process will fail anyway. + +Upstream-Status: Inappropriate [OE Specific] + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + Makefile.PL | 6 +----- + 1 file changed, 1 insertion(+), 5 deletions(-) + +diff --git a/Makefile.PL b/Makefile.PL +index a1b38f6..939cadc 100644 +--- a/Makefile.PL ++++ b/Makefile.PL +@@ -206,11 +206,7 @@ To change these settings, see 'perl Makefile.PL --help' and + MSG + + print "Checking if libs are available for compiling...\n"; +- +-assert_lib( +- LIBS => ($opt->{'embedded'} ? $opt->{'embedded'} : $opt->{libs}), +-); +- ++print "Skip checking libs at configure stage as we are cross compiling.\n"; + print "Looks good.\n\n"; + + sleep 1; +-- +2.25.1 + diff --git a/meta-oe/recipes-devtools/perl/libdbd-mysql-perl_4.050.bb b/meta-oe/recipes-devtools/perl/libdbd-mysql-perl_4.050.bb index fc505fe1e8..99a9fcf628 100644 --- a/meta-oe/recipes-devtools/perl/libdbd-mysql-perl_4.050.bb +++ b/meta-oe/recipes-devtools/perl/libdbd-mysql-perl_4.050.bb @@ -15,7 +15,9 @@ DEPENDS += "libdev-checklib-perl-native libdbi-perl-native libmysqlclient" LIC_FILES_CHKSUM = "file://LICENSE;md5=d0a06964340e5c0cde88b7af611f755c" SRCREV = "9b5b70ea372f49fe9bc9e592dae3870596d1e3d6" -SRC_URI = "git://github.com/perl5-dbi/DBD-mysql.git;protocol=https;branch=master" +SRC_URI = "git://github.com/perl5-dbi/DBD-mysql.git;protocol=https;branch=master \ + file://0001-Makefile.PL-avoid-running-assert_lib-at-configure.patch \ + " S = "${WORKDIR}/git" diff --git a/meta-oe/recipes-devtools/php/php/0001-ext-opcache-config.m4-enable-opcache.patch b/meta-oe/recipes-devtools/php/php/0001-ext-opcache-config.m4-enable-opcache.patch index a967d64120..c743697469 100644 --- a/meta-oe/recipes-devtools/php/php/0001-ext-opcache-config.m4-enable-opcache.patch +++ b/meta-oe/recipes-devtools/php/php/0001-ext-opcache-config.m4-enable-opcache.patch @@ -1,6 +1,6 @@ -From ca9b419f2c146061f73ee045cb0a069c18b40cd0 Mon Sep 17 00:00:00 2001 -From: Mingli Yu <mingli.yu@windriver.com> -Date: Wed, 15 Dec 2021 14:00:08 +0800 +From 889583912ddd7abc628f2703892ec4884db6419a Mon Sep 17 00:00:00 2001 +From: Soumya Sambu <soumya.sambu@windriver.com> +Date: Tue, 7 May 2024 08:39:16 +0000 Subject: [PATCH 01/11] ext/opcache/config.m4: enable opcache We can't use AC_TRY_RUN to run programs in a cross compile @@ -20,15 +20,18 @@ Signed-off-by: Claude Bing <cbing@cybernetics.com> update patch to version 8.1.0 Signed-off-by: Mingli Yu <mingli.yu@windriver.com> + +update patch to version 8.2.18 +Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> --- ext/opcache/config.m4 | 204 ++---------------------------------------- 1 file changed, 8 insertions(+), 196 deletions(-) diff --git a/ext/opcache/config.m4 b/ext/opcache/config.m4 -index 2a83fa2..9471b5d 100644 +index 6bf07ad3..5d645b86 100644 --- a/ext/opcache/config.m4 +++ b/ext/opcache/config.m4 -@@ -108,209 +108,21 @@ if test "$PHP_OPCACHE" != "no"; then +@@ -113,209 +113,21 @@ if test "$PHP_OPCACHE" != "no"; then AC_CHECK_FUNCS([mprotect]) AC_MSG_CHECKING(for sysvipc shared memory support) @@ -40,7 +43,7 @@ index 2a83fa2..9471b5d 100644 -#include <unistd.h> -#include <string.h> - --int main() { +-int main(void) { - pid_t pid; - int status; - int ipc_id; @@ -121,7 +124,7 @@ index 2a83fa2..9471b5d 100644 -# define MAP_FAILED ((void*)-1) -#endif - --int main() { +-int main(void) { - pid_t pid; - int status; - char *shm; @@ -185,7 +188,7 @@ index 2a83fa2..9471b5d 100644 -# define MAP_FAILED ((void*)-1) -#endif - --int main() { +-int main(void) { - pid_t pid; - int status; - int fd; @@ -247,5 +250,5 @@ index 2a83fa2..9471b5d 100644 PHP_NEW_EXTENSION(opcache, ZendAccelerator.c \ -- -2.17.1 +2.40.0 diff --git a/meta-oe/recipes-devtools/php/php_8.2.16.bb b/meta-oe/recipes-devtools/php/php_8.2.20.bb index 1cb378fb94..f807f67a23 100644 --- a/meta-oe/recipes-devtools/php/php_8.2.16.bb +++ b/meta-oe/recipes-devtools/php/php_8.2.20.bb @@ -34,7 +34,7 @@ SRC_URI:append:class-target = " \ " S = "${WORKDIR}/php-${PV}" -SRC_URI[sha256sum] = "2658c1b8935ab6b53a7f209354602761ab07066e66920bc472b8815fd1b43f71" +SRC_URI[sha256sum] = "5dec6fa61c7b9c47aa1d76666be651f2642ed2bcf6cd8638c57e3571ce2aac61" CVE_STATUS_GROUPS += "CVE_STATUS_PHP" CVE_STATUS_PHP[status] = "fixed-version: The name of this product is exactly the same as github.com/emlog/emlog. CVE can be safely ignored." diff --git a/meta-oe/recipes-devtools/xerces-c/xerces-c/0001-aclocal.m4-don-t-use-full-path-of-with_curl-in-xerce.patch b/meta-oe/recipes-devtools/xerces-c/xerces-c/0001-aclocal.m4-don-t-use-full-path-of-with_curl-in-xerce.patch new file mode 100644 index 0000000000..2ad7beb51c --- /dev/null +++ b/meta-oe/recipes-devtools/xerces-c/xerces-c/0001-aclocal.m4-don-t-use-full-path-of-with_curl-in-xerce.patch @@ -0,0 +1,58 @@ +From d001f12d428f7adaeaadee5263a22c797c99d67b Mon Sep 17 00:00:00 2001 +From: Martin Jansa <martin.jansa@gmail.com> +Date: Fri, 30 Aug 2024 11:42:27 +0200 +Subject: [PATCH] aclocal.m4: don't use full path of $with_curl in xerces-c.pc + +* fixes: + ERROR: QA Issue: File /usr/lib32/pkgconfig/xerces-c.pc in package lib32-libxerces-c-dev contains reference to TMPDIR [buildpaths] + +* xerces-c was blacklisted due to tmpdir since 2016: + https://git.openembedded.org/meta-openembedded/commit/?id=1af196e42c811947bb483df30bfce758adee83d1 + +* then sed call: + sed -i -e 's:-L${STAGING_DIR}/lib:-L\$\{libdir\}:g' ${B}/xerces-c.pc + was added to do_install:append and blacklist dropped in: + https://git.openembedded.org/meta-openembedded/commit/?id=87b9efff79e62f569525e4760adc594d0d9ac476 + +* sed call was adjusted in: + https://git.openembedded.org/meta-openembedded/commit/?id=87c9e9537dc43468a6aaf706853b784ce6de14e0 + sed -i s:-L${STAGING_LIBDIR}::g ${B}/xerces-c.pc + +* but it was still failing in some cases, e.g. with multilib where libdir is /usr/lib64, so the sed call is: + sed -i s:-L{WORKDIR}/recipe-sysroot/usr/lib64::g ${WORKDIR}/build/xerces-c.pc + but the actual xerces-c.pc file still has: + + Libs: -L${libdir} -lxerces-c + Libs.private: -L${WORKDIR}/recipe-sysroot/usr/lib -lcurl + + because this aclocal was always hardcoding "lib" (appended to --with-curl + value which is passed together with ${prefix}) and not respecting the libdir value: + PACKAGECONFIG[curl] = "--with-curl=${STAGING_DIR_TARGET}${prefix},--with-curl=no,curl" + PACKAGECONFIG[icu] = "--with-icu=${STAGING_DIR_TARGET}${prefix},--with-icu=no,icu" + +* xerces-c supports CMake since 2017: + https://github.com/apache/xerces-c/commit/2606b2924c3e2bf0cf50f72b79378721b6bcf04e + switching from autotools to CMake would probably resolve some of this as well + +Signed-off-by: Martin Jansa <martin.jansa@gmail.com> +--- +Upstream-Status: Pending [It would be better to just switch to CMake] + + m4/xerces_curl_prefix.m4 | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/m4/xerces_curl_prefix.m4 b/m4/xerces_curl_prefix.m4 +index d1d015c..7928bdc 100644 +--- a/m4/xerces_curl_prefix.m4 ++++ b/m4/xerces_curl_prefix.m4 +@@ -39,8 +39,8 @@ AC_DEFUN([XERCES_CURL_PREFIX], + curl_libs=`$curl_config --libs` + else + if test -n "$with_curl"; then +- curl_flags="-I$with_curl/include" +- curl_libs="-L$with_curl/lib -lcurl" ++ curl_flags="" ++ curl_libs="-lcurl" + else + # Default compiler paths. + # diff --git a/meta-oe/recipes-devtools/xerces-c/xerces-c_3.2.5.bb b/meta-oe/recipes-devtools/xerces-c/xerces-c_3.2.5.bb index 1643af2546..9fd7e8fbab 100644 --- a/meta-oe/recipes-devtools/xerces-c/xerces-c_3.2.5.bb +++ b/meta-oe/recipes-devtools/xerces-c/xerces-c_3.2.5.bb @@ -9,7 +9,9 @@ SECTION = "libs" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" -SRC_URI = "http://archive.apache.org/dist/xerces/c/3/sources/${BP}.tar.bz2" +SRC_URI = "http://archive.apache.org/dist/xerces/c/3/sources/${BP}.tar.bz2 \ + file://0001-aclocal.m4-don-t-use-full-path-of-with_curl-in-xerce.patch \ +" SRC_URI[sha256sum] = "1db4028c9b7f1f778efbf4a9462d65e13f9938f2c22f9e9994e12c49ba97e252" inherit autotools @@ -18,10 +20,6 @@ PACKAGECONFIG ??= "curl icu" PACKAGECONFIG[curl] = "--with-curl=${STAGING_DIR_TARGET}${prefix},--with-curl=no,curl" PACKAGECONFIG[icu] = "--with-icu=${STAGING_DIR_TARGET}${prefix},--with-icu=no,icu" -do_install:prepend () { - sed -i s:-L${STAGING_LIBDIR}::g ${B}/xerces-c.pc -} - PACKAGES = "libxerces-c \ libxerces-c-dev \ xerces-c-samples \ diff --git a/meta-oe/recipes-extended/etcd/etcd-cpp-apiv3_0.15.3.bb b/meta-oe/recipes-extended/etcd/etcd-cpp-apiv3_0.15.3.bb index 401d53c79c..e6fe8af890 100644 --- a/meta-oe/recipes-extended/etcd/etcd-cpp-apiv3_0.15.3.bb +++ b/meta-oe/recipes-extended/etcd/etcd-cpp-apiv3_0.15.3.bb @@ -19,5 +19,9 @@ S = "${WORKDIR}/git" EXTRA_OECONF += "-DCPPREST_EXCLUDE_WEBSOCKETS=ON" +do_install:append() { + sed -i -e 's#${RECIPE_SYSROOT}##g' ${D}${libdir}/cmake/etcd-cpp-api/etcd-targets.cmake +} + SOLIBS = ".so" FILES_SOLIBSDEV = "" diff --git a/meta-oe/recipes-extended/flatpak/flatpak/0001-meson.build-require-for-native-wayland-scanner.patch b/meta-oe/recipes-extended/flatpak/flatpak/0001-meson.build-require-for-native-wayland-scanner.patch deleted file mode 100644 index b076a3fffd..0000000000 --- a/meta-oe/recipes-extended/flatpak/flatpak/0001-meson.build-require-for-native-wayland-scanner.patch +++ /dev/null @@ -1,28 +0,0 @@ -From ced2e933cf647874da4baff002e0987b9bfe5fac Mon Sep 17 00:00:00 2001 -From: Markus Volk <f_l_k@t-online.de> -Date: Sat, 18 Nov 2023 15:07:49 +0100 -Subject: [PATCH] meson.build: require for native wayland-scanner - -Signed-off-by: Markus Volk <f_l_k@t-online.de> - -Upstream-Status: Submitted [https://github.com/flatpak/flatpak/pull/5596] ---- - meson.build | 4 ++-- - 1 file changed, 1 insertions(+), 1 deletions(-) - -diff --git a/meson.build b/meson.build -index f4e5b3a3..5d2f9eba 100644 ---- a/meson.build -+++ b/meson.build -@@ -207,7 +207,7 @@ gtkdoc_dep = dependency('gtk-doc', required : get_option('gtkdoc')) - build_gtk_doc = gtkdoc_dep.found() - - wayland_client = dependency('wayland-client', required : get_option('wayland_security_context')) --wayland_scanner = dependency('wayland-scanner', version : '>= 1.15', required : get_option('wayland_security_context')) -+wayland_scanner = dependency('wayland-scanner', version : '>= 1.15', required : get_option('wayland_security_context'), native : true) - wayland_protocols = dependency('wayland-protocols', version : '>= 1.32', required : get_option('wayland_security_context')) - build_wayland_security_context = wayland_client.found() and wayland_scanner.found() and wayland_protocols.found() - --- -2.42.0 - diff --git a/meta-oe/recipes-extended/flatpak/flatpak/0001-meson.build-require-native-gtkdoc.patch b/meta-oe/recipes-extended/flatpak/flatpak/0001-meson.build-require-native-gtkdoc.patch deleted file mode 100644 index 77b60ec98c..0000000000 --- a/meta-oe/recipes-extended/flatpak/flatpak/0001-meson.build-require-native-gtkdoc.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 49737b1e4a74c77a8cd7ae727974d68503da087f Mon Sep 17 00:00:00 2001 -From: Markus Volk <f_l_k@t-online.de> -Date: Fri, 12 Jan 2024 13:52:08 +0100 -Subject: [PATCH] meson.build: require native gtkdoc - -this fixes: -| Run-time dependency gtk-doc found: NO (tried pkgconfig) -| -| ../git/meson.build:206:13: ERROR: Dependency "gtk-doc" not found, tried pkgconfig - -Upstream-Status: Submitted [https://github.com/flatpak/flatpak/pull/5650/commits/e5de3e46b917f830d7f81e9db6ed2a9b7d7db942] - -Signed-off-by: Markus Volk <f_l_k@t-online.de> ---- - meson.build | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/meson.build b/meson.build -index f7f9372d..dccc3eb4 100644 ---- a/meson.build -+++ b/meson.build -@@ -203,7 +203,7 @@ appstream_dep = dependency('appstream', version : '>=0.12.0') - gdk_pixbuf_dep = dependency('gdk-pixbuf-2.0') - libseccomp_dep = dependency('libseccomp', required : get_option('seccomp')) - gir_dep = dependency('gobject-introspection-1.0', version : '>=1.40.0', required : get_option('gir')) --gtkdoc_dep = dependency('gtk-doc', required : get_option('gtkdoc')) -+gtkdoc_dep = dependency('gtk-doc', required : get_option('gtkdoc'), native : true) - build_gtk_doc = gtkdoc_dep.found() - - wayland_client = dependency('wayland-client', required : get_option('wayland_security_context')) --- -2.43.0 - diff --git a/meta-oe/recipes-extended/flatpak/flatpak_1.15.6.bb b/meta-oe/recipes-extended/flatpak/flatpak_1.15.8.bb index 97e57c13d5..8719d3ef03 100644 --- a/meta-oe/recipes-extended/flatpak/flatpak_1.15.6.bb +++ b/meta-oe/recipes-extended/flatpak/flatpak_1.15.8.bb @@ -6,11 +6,9 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" SRC_URI = " \ gitsm://github.com/flatpak/flatpak;protocol=https;branch=main \ file://0001-flatpak-pc-add-pc_sysrootdir.patch \ - file://0001-meson.build-require-for-native-wayland-scanner.patch \ - file://0001-meson.build-require-native-gtkdoc.patch \ " -SRCREV = "27b11b93c2a80a91c9461bc6c7f5e9a201406041" +SRCREV = "925c80f913d69e7ca424428823e1431c4ffb0deb" S = "${WORKDIR}/git" @@ -66,6 +64,8 @@ PACKAGECONFIG ?= " \ ${@bb.utils.contains('DISTRO_FEATURES', 'wayland', 'wayland-security-context', '', d)} \ " +EXTRA_OEMESON = "-Dsystem_fusermount=${bindir}/fusermount3" + FILES:${PN} += "${libdir} ${datadir}" USERADD_PACKAGES = "${PN}" diff --git a/meta-oe/recipes-extended/hiredis/hiredis/run-ptest b/meta-oe/recipes-extended/hiredis/hiredis/run-ptest index 59b747dbd8..8b352c3401 100644 --- a/meta-oe/recipes-extended/hiredis/hiredis/run-ptest +++ b/meta-oe/recipes-extended/hiredis/hiredis/run-ptest @@ -1,3 +1,18 @@ #!/bin/sh -TEST_SSL=0 TEST_ASYNC=0 ./test.sh +TEST_SSL=0 TEST_ASYNC=0 ./test.sh | sed -e 's/PASSED/PASS/g' -e 's/FAILED/FAIL/g' -e 's/SKIPPED/SKIP/g' | awk ' +{ + gsub(/\x1B\[[0-9;]*m/, "") + if ($NF == "PASS" || $NF == "FAIL" || $NF == "SKIP") { + printf "%s: %s\n", $NF, $0 + } else { + print + } +}' | awk '{ + if ($NF == "PASS" || $NF == "FAIL" || $NF == "SKIP") { + $NF = "" + print $0 + } else { + print + } +}' | awk '{gsub(/:/,"",$NF)}1' diff --git a/meta-oe/recipes-extended/libdeflate/libdeflate/0001-lib-arm-don-t-use-explicit-armv8.2-a-on-gcc-13.2-and.patch b/meta-oe/recipes-extended/libdeflate/libdeflate/0001-lib-arm-don-t-use-explicit-armv8.2-a-on-gcc-13.2-and.patch new file mode 100644 index 0000000000..e87972af27 --- /dev/null +++ b/meta-oe/recipes-extended/libdeflate/libdeflate/0001-lib-arm-don-t-use-explicit-armv8.2-a-on-gcc-13.2-and.patch @@ -0,0 +1,57 @@ +From 684ebc7f8eb44558219d4b5be52add1250b3c0ca Mon Sep 17 00:00:00 2001 +From: Eric Biggers <ebiggers@google.com> +Date: Tue, 30 Apr 2024 11:27:55 -0700 +Subject: [PATCH] lib/arm: don't use explicit armv8.2-a on gcc 13.2 and later + +Resolves https://github.com/ebiggers/libdeflate/issues/369 +--- +Upstream-Status: Backport [https://github.com/ebiggers/libdeflate/pull/370] + + lib/arm/adler32_impl.h | 10 ++++++---- + lib/arm/crc32_impl.h | 10 ++++++---- + 2 files changed, 12 insertions(+), 8 deletions(-) + +diff --git a/lib/arm/adler32_impl.h b/lib/arm/adler32_impl.h +index 6453b8e..6144afb 100644 +--- a/lib/arm/adler32_impl.h ++++ b/lib/arm/adler32_impl.h +@@ -214,11 +214,13 @@ adler32_arm_neon(u32 adler, const u8 *p, size_t len) + # ifdef __clang__ + # define ATTRIBUTES _target_attribute("dotprod") + /* +- * With gcc, arch=armv8.2-a is needed for dotprod intrinsics, unless the +- * default target is armv8.3-a or later in which case it must be omitted. +- * armv8.3-a or later can be detected by checking for __ARM_FEATURE_JCVT. ++ * With gcc 13.1 and earlier (before gcc commit 73d3bc348190 or 9aac37ab8a7b, ++ * "aarch64: Remove architecture dependencies from intrinsics"), ++ * arch=armv8.2-a is needed for the dotprod intrinsics, unless the default ++ * target is armv8.3-a or later in which case it must be omitted. armv8.3-a ++ * or later can be detected by checking for __ARM_FEATURE_JCVT. + */ +-# elif defined(__ARM_FEATURE_JCVT) ++# elif GCC_PREREQ(13, 2) || defined(__ARM_FEATURE_JCVT) + # define ATTRIBUTES _target_attribute("+dotprod") + # else + # define ATTRIBUTES _target_attribute("arch=armv8.2-a+dotprod") +diff --git a/lib/arm/crc32_impl.h b/lib/arm/crc32_impl.h +index 3c4bec7..5363041 100644 +--- a/lib/arm/crc32_impl.h ++++ b/lib/arm/crc32_impl.h +@@ -551,11 +551,13 @@ crc32_arm_pmullx4(u32 crc, const u8 *p, size_t len) + # ifdef __clang__ + # define ATTRIBUTES _target_attribute("aes,crc,sha3") + /* +- * With gcc, arch=armv8.2-a is needed for the sha3 intrinsics, unless the +- * default target is armv8.3-a or later in which case it must be omitted. +- * armv8.3-a or later can be detected by checking for __ARM_FEATURE_JCVT. ++ * With gcc 13.1 and earlier (before gcc commit 73d3bc348190 or 9aac37ab8a7b, ++ * "aarch64: Remove architecture dependencies from intrinsics"), ++ * arch=armv8.2-a is needed for the sha3 intrinsics, unless the default ++ * target is armv8.3-a or later in which case it must be omitted. armv8.3-a ++ * or later can be detected by checking for __ARM_FEATURE_JCVT. + */ +-# elif defined(__ARM_FEATURE_JCVT) ++# elif GCC_PREREQ(13, 2) || defined(__ARM_FEATURE_JCVT) + # define ATTRIBUTES _target_attribute("+crypto,+crc,+sha3") + # else + # define ATTRIBUTES _target_attribute("arch=armv8.2-a+crypto+crc+sha3") diff --git a/meta-oe/recipes-extended/libdeflate/libdeflate_1.20.bb b/meta-oe/recipes-extended/libdeflate/libdeflate_1.20.bb index f0a966f2b4..e3de8aca62 100644 --- a/meta-oe/recipes-extended/libdeflate/libdeflate_1.20.bb +++ b/meta-oe/recipes-extended/libdeflate/libdeflate_1.20.bb @@ -6,10 +6,11 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=7b6977026437092191e9da699ed9f780" DEPENDS += "gzip zlib" -SRC_URI = "git://github.com/ebiggers/libdeflate.git;protocol=https;branch=master" +SRC_URI = "git://github.com/ebiggers/libdeflate.git;protocol=https;branch=master \ + file://0001-lib-arm-don-t-use-explicit-armv8.2-a-on-gcc-13.2-and.patch \ +" S = "${WORKDIR}/git" SRCREV = "275aa5141db6eda3587214e0f1d3a134768f557d" inherit cmake pkgconfig - diff --git a/meta-oe/recipes-extended/polkit/polkit_124.bb b/meta-oe/recipes-extended/polkit/polkit_124.bb index 9e2eb05c62..a597b40ee3 100644 --- a/meta-oe/recipes-extended/polkit/polkit_124.bb +++ b/meta-oe/recipes-extended/polkit/polkit_124.bb @@ -1,10 +1,11 @@ -SUMMARY = "PolicyKit Authorization Framework" +SUMMARY = "Polkit Authorization Framework" DESCRIPTION = "The polkit package is an application-level toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes." HOMEPAGE = "http://www.freedesktop.org/wiki/Software/polkit" LICENSE = "LGPL-2.0-or-later" LIC_FILES_CHKSUM = "file://COPYING;md5=155db86cdbafa7532b41f390409283eb" +BUGTRACKER = "https://github.com/polkit-org/polkit/issues" -SRC_URI = "git://gitlab.freedesktop.org/polkit/polkit.git;protocol=https;branch=master" +SRC_URI = "git://github.com/polkit-org/polkit.git;protocol=https;branch=main" S = "${WORKDIR}/git" SRCREV = "82f0924dc0eb23b9df68e88dbaf9e07c81940a5a" diff --git a/meta-oe/recipes-extended/rrdtool/rrdtool_1.8.0.bb b/meta-oe/recipes-extended/rrdtool/rrdtool_1.8.0.bb index cbe1af2854..5afb3f2f44 100644 --- a/meta-oe/recipes-extended/rrdtool/rrdtool_1.8.0.bb +++ b/meta-oe/recipes-extended/rrdtool/rrdtool_1.8.0.bb @@ -103,6 +103,11 @@ do_configure() { ${B}/examples/*.pl } +do_install:append:class-native() { + # Replace the shebang line in cgi-demo.cgi + sed -i '1s|^.*$|#!/usr/bin/env rrdcgi|' ${D}${datadir}/rrdtool/examples/cgi-demo.cgi +} + PACKAGES =+ "${PN}-perl ${PN}-python" PACKAGES =+ "rrdcached" diff --git a/meta-oe/recipes-extended/tipcutils/tipcutils/tipcutils.conf b/meta-oe/recipes-extended/tipcutils/tipcutils/tipcutils.conf new file mode 100644 index 0000000000..39ed83d6af --- /dev/null +++ b/meta-oe/recipes-extended/tipcutils/tipcutils/tipcutils.conf @@ -0,0 +1 @@ +tipc diff --git a/meta-oe/recipes-extended/tipcutils/tipcutils_git.bb b/meta-oe/recipes-extended/tipcutils/tipcutils_git.bb index 596aa260e7..580d03cbb5 100644 --- a/meta-oe/recipes-extended/tipcutils/tipcutils_git.bb +++ b/meta-oe/recipes-extended/tipcutils/tipcutils_git.bb @@ -3,6 +3,7 @@ LICENSE = "GPL-2.0-only" LIC_FILES_CHKSUM = "file://tipclog/tipc.h;endline=35;md5=985b6ea8735818511d276c1b466cce98" SRC_URI = "git://git.code.sf.net/p/tipc/tipcutils;branch=master \ + file://tipcutils.conf \ file://0001-include-sys-select.h-for-FD_-definitions.patch \ file://0002-replace-non-standard-uint-with-unsigned-int.patch \ file://0001-multicast_blast-tipcc-Fix-struct-type-for-TIPC_GROUP.patch \ @@ -11,7 +12,7 @@ SRC_URI = "git://git.code.sf.net/p/tipc/tipcutils;branch=master \ SRCREV = "7ab2211b87414ba240b0b2e4af219c1057c9cf9a" PV = "2.2.0+git" -inherit autotools pkgconfig +inherit autotools pkgconfig systemd DEPENDS += "libdaemon" @@ -41,8 +42,16 @@ do_install:append() { install -d ${D}${sysconfdir} cp -R --no-dereference --preserve=mode,links -v ${S}/scripts/etc/* ${D}${sysconfdir}/ chown -R root:root ${D}${sysconfdir} + + # Install systemd related configuration file + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}${sysconfdir}/modules-load.d + install -m 0644 ${WORKDIR}/tipcutils.conf ${D}${sysconfdir}/modules-load.d + fi } +SYSTEMD_SERVICE:${PN} = "" + PACKAGES += "${PN}-demos" FILES:${PN}-dbg += "/opt/tipcutils/demos/*/.debug /opt/tipcutils/ptts/.debug" FILES:${PN}-demos = "/opt/tipcutils/*" diff --git a/meta-oe/recipes-gnome/gtk+/gtk+/CVE-2024-6655.patch b/meta-oe/recipes-gnome/gtk+/gtk+/CVE-2024-6655.patch new file mode 100644 index 0000000000..dfa54f2f31 --- /dev/null +++ b/meta-oe/recipes-gnome/gtk+/gtk+/CVE-2024-6655.patch @@ -0,0 +1,40 @@ +From 3bbf0b6176d42836d23c36a6ac410e807ec0a7a7 Mon Sep 17 00:00:00 2001 +From: Matthias Clasen <mclasen@redhat.com> +Date: Sat, 15 Jun 2024 14:18:01 -0400 +Subject: [PATCH] Stop looking for modules in cwd + +This is just not a good idea. It is surprising, and can be misused. + +Fixes: #6786 + +CVE: CVE-2024-6655 + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/gtk/-/commit/3bbf0b6176d42836d23c36a6ac410e807ec0a7a7] + +Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> +--- + gtk/gtkmodules.c | 9 ++------- + 1 file changed, 2 insertions(+), 7 deletions(-) + +diff --git a/gtk/gtkmodules.c b/gtk/gtkmodules.c +index e09b583..e75810c 100644 +--- a/gtk/gtkmodules.c ++++ b/gtk/gtkmodules.c +@@ -225,13 +225,8 @@ find_module (const gchar *name) + gchar *module_name; + + module_name = _gtk_find_module (name, "modules"); +- if (!module_name) +- { +- /* As last resort, try loading without an absolute path (using system +- * library path) +- */ +- module_name = g_module_build_path (NULL, name); +- } ++ if (module_name == NULL) ++ return NULL; + + module = g_module_open (module_name, G_MODULE_BIND_LOCAL | G_MODULE_BIND_LAZY); + +-- +2.40.0 diff --git a/meta-oe/recipes-gnome/gtk+/gtk+_2.24.33.bb b/meta-oe/recipes-gnome/gtk+/gtk+_2.24.33.bb index 5eac641cf3..8b9f6723dd 100644 --- a/meta-oe/recipes-gnome/gtk+/gtk+_2.24.33.bb +++ b/meta-oe/recipes-gnome/gtk+/gtk+_2.24.33.bb @@ -11,6 +11,7 @@ SRC_URI = "http://ftp.gnome.org/pub/gnome/sources/gtk+/2.24/gtk+-${PV}.tar.xz \ file://strict-prototypes.patch \ file://0001-Do-not-look-into-HOME-when-looking-for-gtk-modules.patch \ file://0001-Fix-signature-of-create_menu-function.patch \ + file://CVE-2024-6655.patch \ " SRC_URI[sha256sum] = "ac2ac757f5942d318a311a54b0c80b5ef295f299c2a73c632f6bfb1ff49cc6da" diff --git a/meta-oe/recipes-gnome/libjcat/libjcat_0.2.1.bb b/meta-oe/recipes-gnome/libjcat/libjcat_0.2.1.bb index 2d95e14447..7dc88d7279 100644 --- a/meta-oe/recipes-gnome/libjcat/libjcat_0.2.1.bb +++ b/meta-oe/recipes-gnome/libjcat/libjcat_0.2.1.bb @@ -32,3 +32,5 @@ GTKDOC_MESON_OPTION = "gtkdoc" RDEPENDS:${PN}:class-target = "\ ${@bb.utils.contains('PACKAGECONFIG', 'gpg', 'gnupg', '', d)} \ " + +INSANE_SKIP:${PN}-ptest += "buildpaths" diff --git a/meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-0001.patch b/meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-0001.patch new file mode 100644 index 0000000000..7b177370df --- /dev/null +++ b/meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-0001.patch @@ -0,0 +1,37 @@ +From 361f274ca901c3c476697a6404662d95f4dd43cb Mon Sep 17 00:00:00 2001 +From: Matthew Fernandez <matthew.fernandez@gmail.com> +Date: Wed, 24 Jul 2024 13:19:03 +0800 +Subject: [PATCH] gvc gvconfig_plugin_install_from_config: more tightly scope + 'gv_api' + +CVE: CVE-2023-46045 +Upstream-Status: Backport [https://gitlab.com/graphviz/graphviz/-/commit/361f274ca901c3c476697a6404662d95f4dd43cb] + +Signed-off-by: Yogita Urade <yogita.urade@windriver.com> +--- + lib/gvc/gvconfig.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/lib/gvc/gvconfig.c b/lib/gvc/gvconfig.c +index d03de09..2f31b98 100644 +--- a/lib/gvc/gvconfig.c ++++ b/lib/gvc/gvconfig.c +@@ -174,7 +174,6 @@ static int gvconfig_plugin_install_from_config(GVC_t * gvc, char *s) + { + char *package_path, *name, *api; + const char *type; +- api_t gv_api; + int quality; + int nest = 0; + gvplugin_package_t *package; +@@ -189,7 +188,7 @@ static int gvconfig_plugin_install_from_config(GVC_t * gvc, char *s) + package = gvplugin_package_record(gvc, package_path, name); + do { + api = token(&nest, &s); +- gv_api = gvplugin_api(api); ++ const api_t gv_api = gvplugin_api(api); + do { + if (nest == 2) { + type = token(&nest, &s); +-- +2.25.1 diff --git a/meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-0002.patch b/meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-0002.patch new file mode 100644 index 0000000000..fbab10bb31 --- /dev/null +++ b/meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-0002.patch @@ -0,0 +1,38 @@ +From 3f31704cafd7da3e86bb2861accf5e90c973e62a Mon Sep 17 00:00:00 2001 +From: Matthew Fernandez <matthew.fernandez@gmail.com> +Date: Wed, 24 Jul 2024 13:39:39 +0800 +Subject: [PATCH] gvc gvconfig_plugin_install_from_config: more tightly scope + 'api' + +CVE: CVE-2023-46045 +Upstream-Status: Backport [https://gitlab.com/graphviz/graphviz/-/commit/3f31704cafd7da3e86bb2861accf5e90c973e62a] + +Signed-off-by: Yogita Urade <yogita.urade@windriver.com> +--- + lib/gvc/gvconfig.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/lib/gvc/gvconfig.c b/lib/gvc/gvconfig.c +index 2f31b98..ea0d81b 100644 +--- a/lib/gvc/gvconfig.c ++++ b/lib/gvc/gvconfig.c +@@ -172,7 +172,7 @@ static char *token(int *nest, char **tokens) + + static int gvconfig_plugin_install_from_config(GVC_t * gvc, char *s) + { +- char *package_path, *name, *api; ++ char *package_path, *name; + const char *type; + int quality; + int nest = 0; +@@ -187,7 +187,7 @@ static int gvconfig_plugin_install_from_config(GVC_t * gvc, char *s) + name = "x"; + package = gvplugin_package_record(gvc, package_path, name); + do { +- api = token(&nest, &s); ++ const char *api = token(&nest, &s); + const api_t gv_api = gvplugin_api(api); + do { + if (nest == 2) { +-- +2.25.1 diff --git a/meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-0003.patch b/meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-0003.patch new file mode 100644 index 0000000000..372f44efee --- /dev/null +++ b/meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-0003.patch @@ -0,0 +1,33 @@ +From a95f977f5d809915ec4b14836d2b5b7f5e74881e Mon Sep 17 00:00:00 2001 +From: Matthew Fernandez <matthew.fernandez@gmail.com> +Date: Wed, 24 Jul 2024 15:02:06 +0800 +Subject: [PATCH] gvc: detect plugin installation failure and display an error + +Gitlab: fixes #2441 +Reported-by: GJDuck + +CVE: CVE-2023-46045 +Upstream-Status: Backport [https://gitlab.com/graphviz/graphviz/-/commit/a95f977f5d809915ec4b14836d2b5b7f5e74881e] + +Signed-off-by: Yogita Urade <yogita.urade@windriver.com> +--- + lib/gvc/gvconfig.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/lib/gvc/gvconfig.c b/lib/gvc/gvconfig.c +index ea0d81b..1eccc70 100644 +--- a/lib/gvc/gvconfig.c ++++ b/lib/gvc/gvconfig.c +@@ -189,6 +189,10 @@ static int gvconfig_plugin_install_from_config(GVC_t * gvc, char *s) + do { + const char *api = token(&nest, &s); + const api_t gv_api = gvplugin_api(api); ++ if (gv_api == (api_t)-1) { ++ agerr(AGERR, "config error: %s %s not found\n", package_path, api); ++ return 0; ++ } + do { + if (nest == 2) { + type = token(&nest, &s); +-- +2.25.1 diff --git a/meta-oe/recipes-graphics/graphviz/graphviz_8.1.0.bb b/meta-oe/recipes-graphics/graphviz/graphviz_8.1.0.bb index 2700142e5d..b3f02148be 100644 --- a/meta-oe/recipes-graphics/graphviz/graphviz_8.1.0.bb +++ b/meta-oe/recipes-graphics/graphviz/graphviz_8.1.0.bb @@ -20,6 +20,9 @@ inherit autotools-brokensep pkgconfig gettext qemu SRC_URI = "https://gitlab.com/api/v4/projects/4207231/packages/generic/${BPN}-releases/${PV}/${BP}.tar.xz \ file://0001-Autotools-fix-do-not-put-prefix-based-paths-in-compi.patch \ + file://CVE-2023-46045-0001.patch \ + file://CVE-2023-46045-0002.patch \ + file://CVE-2023-46045-0003.patch \ " # Use native mkdefs SRC_URI:append:class-target = "\ diff --git a/meta-oe/recipes-graphics/openbox/files/0001-Fix-list-traversal-issue-in-client_calc_layer.patch b/meta-oe/recipes-graphics/openbox/files/0001-Fix-list-traversal-issue-in-client_calc_layer.patch new file mode 100644 index 0000000000..8bc2b80f68 --- /dev/null +++ b/meta-oe/recipes-graphics/openbox/files/0001-Fix-list-traversal-issue-in-client_calc_layer.patch @@ -0,0 +1,56 @@ +From d41128e5a1002af41c976c8860f8299cfcd3cd72 Mon Sep 17 00:00:00 2001 +From: pldubouilh <pldubouilh@gmail.com> +Date: Fri, 17 Mar 2023 18:23:47 +0100 +Subject: [PATCH] Fix list traversal issue in client_calc_layer + +The calls to client_calc_layer_internal can modify stacking_list, which +can cause us to follow dangling ->next pointers (either by the pointer +itself already being freed, or it pointing to a freed area). Avoid this +by copying the list first, the goal is to visit every client in the list +once so this should be fine. + +Upstream-Status: Backport [http://git.openbox.org/?p=mikachu/openbox.git;a=commit;h=d41128e5a1002af41c976c8860f8299cfcd3cd72] +Signed-off-by: Alexandre Videgrain <alexandre.videgrain@smile.fr> +--- + openbox/client.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +diff --git a/openbox/client.c b/openbox/client.c +index 7168b240..b8264587 100644 +--- a/openbox/client.c ++++ b/openbox/client.c +@@ -2742,9 +2742,12 @@ static void client_calc_layer_internal(ObClient *self) + void client_calc_layer(ObClient *self) + { + GList *it; ++ /* the client_calc_layer_internal calls below modify stacking_list, ++ so we have to make a copy to iterate over */ ++ GList *list = g_list_copy(stacking_list); + + /* skip over stuff above fullscreen layer */ +- for (it = stacking_list; it; it = g_list_next(it)) ++ for (it = list; it; it = g_list_next(it)) + if (window_layer(it->data) <= OB_STACKING_LAYER_FULLSCREEN) break; + + /* find the windows in the fullscreen layer, and mark them not-visited */ +@@ -2757,7 +2760,7 @@ void client_calc_layer(ObClient *self) + client_calc_layer_internal(self); + + /* skip over stuff above fullscreen layer */ +- for (it = stacking_list; it; it = g_list_next(it)) ++ for (it = list; it; it = g_list_next(it)) + if (window_layer(it->data) <= OB_STACKING_LAYER_FULLSCREEN) break; + + /* now recalc any windows in the fullscreen layer which have not +@@ -2768,6 +2771,8 @@ void client_calc_layer(ObClient *self) + !WINDOW_AS_CLIENT(it->data)->visited) + client_calc_layer_internal(it->data); + } ++ ++ g_list_free(it); + } + + gboolean client_should_show(ObClient *self) +-- +2.34.1 + diff --git a/meta-oe/recipes-graphics/openbox/openbox_3.6.1.bb b/meta-oe/recipes-graphics/openbox/openbox_3.6.1.bb index 9a15077316..1851a84b97 100644 --- a/meta-oe/recipes-graphics/openbox/openbox_3.6.1.bb +++ b/meta-oe/recipes-graphics/openbox/openbox_3.6.1.bb @@ -8,6 +8,7 @@ SRC_URI = " \ http://icculus.org/openbox/releases/openbox-${PV}.tar.gz \ file://0001-Makefile.am-avoid-race-when-creating-autostart-direc.patch \ file://0001-openbox-xdg-autostart-convert-to-python3.patch \ + file://0001-Fix-list-traversal-issue-in-client_calc_layer.patch \ " SRC_URI[md5sum] = "b72794996c6a3ad94634727b95f9d204" diff --git a/meta-oe/recipes-graphics/vk-gl-cts/vulkan-cts_1.3.7.3.bb b/meta-oe/recipes-graphics/vk-gl-cts/vulkan-cts_1.3.7.3.bb index 1008a5fd42..7492fe9aa4 100644 --- a/meta-oe/recipes-graphics/vk-gl-cts/vulkan-cts_1.3.7.3.bb +++ b/meta-oe/recipes-graphics/vk-gl-cts/vulkan-cts_1.3.7.3.bb @@ -23,6 +23,9 @@ SRC_URI += "file://0001-cmake-Define-WAYLAND_SCANNER-and-WAYLAND_PROTOCOLS_D.pat TOOLCHAIN = "gcc" +# Workaround an optimization bug that breaks createMeshShaderMiscTestsEXT +OECMAKE_CXX_FLAGS:remove:toolchain-gcc = "-O2" + S = "${WORKDIR}/git" REQUIRED_DISTRO_FEATURES = "vulkan" diff --git a/meta-oe/recipes-kernel/bpftool/bpftool.bb b/meta-oe/recipes-kernel/bpftool/bpftool.bb index b22334fe90..8bddde9451 100644 --- a/meta-oe/recipes-kernel/bpftool/bpftool.bb +++ b/meta-oe/recipes-kernel/bpftool/bpftool.bb @@ -26,7 +26,7 @@ SECURITY_CFLAGS = "" do_configure[depends] += "virtual/kernel:do_shared_workdir" -COMPATIBLE_HOST = "(x86_64|aarch64).*-linux" +COMPATIBLE_HOST = "(x86_64|aarch64|riscv64).*-linux" COMPATIBLE_HOST:libc-musl = 'null' do_compile() { diff --git a/meta-oe/recipes-multimedia/pulseaudio/pavucontrol_5.0.bb b/meta-oe/recipes-multimedia/pulseaudio/pavucontrol_5.0.bb index 012fc3a94d..29500bdb94 100644 --- a/meta-oe/recipes-multimedia/pulseaudio/pavucontrol_5.0.bb +++ b/meta-oe/recipes-multimedia/pulseaudio/pavucontrol_5.0.bb @@ -14,7 +14,7 @@ inherit autotools features_check perlnative pkgconfig ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" -SRC_URI = "http://freedesktop.org/software/pulseaudio/${BPN}/${BP}.tar.xz" +SRC_URI = "http://www.freedesktop.org/software/pulseaudio/${BPN}/${BP}.tar.xz" SRC_URI:append = " ${@bb.utils.contains('DISTRO_FEATURES', 'wayland', 'file://0001-pavucontrol-remove-canberra-gtk-support.patch', '', d)}" SRC_URI[sha256sum] = "ce2b72c3b5f1a70ad0df19dd81750f9455bd20870d1d3a36d20536af2e8f4e7a" diff --git a/meta-oe/recipes-multimedia/v4l2apps/v4l-utils/0001-media-ctl-Install-media-ctl-header-and-library-files.patch b/meta-oe/recipes-multimedia/v4l2apps/v4l-utils/0001-media-ctl-Install-media-ctl-header-and-library-files.patch new file mode 100644 index 0000000000..6c946d8c48 --- /dev/null +++ b/meta-oe/recipes-multimedia/v4l2apps/v4l-utils/0001-media-ctl-Install-media-ctl-header-and-library-files.patch @@ -0,0 +1,78 @@ +From 3867fcfa4389c7fa271705f1fd1d4bfb74bc1bd1 Mon Sep 17 00:00:00 2001 +From: Neel Gandhi <neel.gandhi@amd.com> +Date: Wed, 5 Jun 2024 13:51:36 +0530 +Subject: [PATCH] media-ctl: Install media-ctl header and library files + +Install mediactl and v4l2subdev header and library +files, which may be required by 3rd party applications +to populate and control v4l2subdev device node tree + +Install of these files was removed in upstream commit +0911dce53b08b0df3066be2c75f67e8a314d8729. + +Upstream-Status: Denied + +v4l-utils maintainers do not promise a stable API for this library, and +do not currently have the time to do so. So exporting the API in this +way is fine, as long as we understand that it will change and users of +the API will need to adapt over time. + +Signed-off-by: Neel Gandhi <neel.gandhi@amd.com> +Signed-off-by: Mark Hatle <mark.hatle@amd.com> +--- + utils/media-ctl/meson.build | 28 +++++++++++++++++++++------- + 1 file changed, 21 insertions(+), 7 deletions(-) + +diff --git a/utils/media-ctl/meson.build b/utils/media-ctl/meson.build +index 3a7b0c9a..40669b4c 100644 +--- a/utils/media-ctl/meson.build ++++ b/utils/media-ctl/meson.build +@@ -3,14 +3,24 @@ libmediactl_sources = files( + 'mediactl-priv.h', + ) + ++libmediactl_api = files( ++ 'mediactl.h', ++ 'v4l2subdev.h', ++) ++ ++install_headers(libmediactl_api, subdir: 'mediactl') ++ + libmediactl_deps = [ + dep_libudev, + ] + +-libmediactl = static_library('mediactl', +- libmediactl_sources, +- dependencies : libmediactl_deps, +- include_directories : v4l2_utils_incdir) ++libmediactl = library('mediactl', ++ libmediactl_sources, ++ soversion: '0', ++ version: '0.0.0', ++ install : true, ++ dependencies : libmediactl_deps, ++ include_directories : v4l2_utils_incdir) + + dep_libmediactl = declare_dependency(link_with : libmediactl) + +@@ -18,9 +28,13 @@ libv4l2subdev_sources = files('libv4l2subdev.c') + libv4l2subdev_sources += media_bus_format_names_h + libv4l2subdev_sources += media_bus_format_codes_h + +-libv4l2subdev = static_library('v4l2subdev', +- libv4l2subdev_sources, +- include_directories : v4l2_utils_incdir) ++libv4l2subdev = library('v4l2subdev', ++ libv4l2subdev_sources, ++ soversion: '0', ++ version: '0.0.0', ++ install : true, ++ dependencies : dep_libmediactl, ++ include_directories : v4l2_utils_incdir) + + dep_libv4l2subdev = declare_dependency(link_with : libv4l2subdev) + +-- +2.34.1 + diff --git a/meta-oe/recipes-multimedia/v4l2apps/v4l-utils_1.26.1.bb b/meta-oe/recipes-multimedia/v4l2apps/v4l-utils_1.26.1.bb index 52759ef18e..eb38d97132 100644 --- a/meta-oe/recipes-multimedia/v4l2apps/v4l-utils_1.26.1.bb +++ b/meta-oe/recipes-multimedia/v4l2apps/v4l-utils_1.26.1.bb @@ -28,6 +28,7 @@ PACKAGECONFIG[v4l2-tracer] = ",-Dv4l2-tracer=disabled,json-c" SRC_URI = "\ git://git.linuxtv.org/v4l-utils.git;protocol=https;branch=stable-1.26 \ file://0001-keytable-meson-Restrict-the-installation-of-50-rc_ke.patch \ + file://0001-media-ctl-Install-media-ctl-header-and-library-files.patch \ " SRCREV = "4aee01a027923cab1e40969f56f8ba58d3e6c0d1" diff --git a/meta-oe/recipes-support/c-ares/c-ares_1.27.0.bb b/meta-oe/recipes-support/c-ares/c-ares_1.27.0.bb index 2d91ac1731..f6de281058 100644 --- a/meta-oe/recipes-support/c-ares/c-ares_1.27.0.bb +++ b/meta-oe/recipes-support/c-ares/c-ares_1.27.0.bb @@ -5,7 +5,7 @@ SECTION = "libs" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.md;md5=fdbc58a6da11a9f68aa73c453818decc" -SRC_URI = "https://c-ares.org/download/${BPN}-${PV}.tar.gz \ +SRC_URI = "https://github.com/c-ares/c-ares/releases/download/cares-1_27_0/${BPN}-${PV}.tar.gz \ file://run-ptest" SRC_URI[sha256sum] = "0a72be66959955c43e2af2fbd03418e82a2bd5464604ec9a62147e37aceb420b" diff --git a/meta-oe/recipes-support/exiv2/exiv2_0.28.0.bb b/meta-oe/recipes-support/exiv2/exiv2_0.28.0.bb deleted file mode 100644 index 958810cf7a..0000000000 --- a/meta-oe/recipes-support/exiv2/exiv2_0.28.0.bb +++ /dev/null @@ -1,19 +0,0 @@ -SUMMARY = "Exif, Iptc and XMP metadata manipulation library and tools" -LICENSE = "GPL-2.0-only" -LIC_FILES_CHKSUM = "file://COPYING;md5=625f055f41728f84a8d7938acc35bdc2" - -DEPENDS = "zlib expat brotli libinih" - -SRC_URI = "https://github.com/Exiv2/${BPN}/releases/download/v${PV}/${BP}-Source.tar.gz" -SRC_URI[sha256sum] = "89af3b5ef7277753ef7a7b5374ae017c6b9e304db3b688f1948e73e103491f3d" -# Once patch is obsolete (project should be aware due to PRs), dos2unix can be removed either -# inherit dos2unix -S = "${WORKDIR}/${BP}-Source" - -inherit cmake gettext - -do_install:append:class-target() { - # reproducibility: remove build host path - sed -i ${D}${libdir}/cmake/exiv2/exiv2Config.cmake \ - -e 's:${STAGING_DIR_HOST}::g' -} diff --git a/meta-oe/recipes-support/exiv2/exiv2_0.28.3.bb b/meta-oe/recipes-support/exiv2/exiv2_0.28.3.bb new file mode 100644 index 0000000000..3e33ab7953 --- /dev/null +++ b/meta-oe/recipes-support/exiv2/exiv2_0.28.3.bb @@ -0,0 +1,11 @@ +SUMMARY = "Exif, Iptc and XMP metadata manipulation library and tools" +LICENSE = "GPL-2.0-only" +LIC_FILES_CHKSUM = "file://COPYING;md5=625f055f41728f84a8d7938acc35bdc2" + +DEPENDS = "zlib expat brotli libinih" + +SRC_URI = "git://github.com/Exiv2/exiv2.git;protocol=https;branch=0.28.x" +SRCREV = "a6a79ef064f131ffd03c110acce2d3edb84ffa2e" +S = "${WORKDIR}/git" + +inherit cmake gettext diff --git a/meta-oe/recipes-support/gpm/gpm_git.bb b/meta-oe/recipes-support/gpm/gpm_git.bb index 31503e9c62..1a96bea099 100644 --- a/meta-oe/recipes-support/gpm/gpm_git.bb +++ b/meta-oe/recipes-support/gpm/gpm_git.bb @@ -24,6 +24,10 @@ inherit autotools-brokensep update-rc.d systemd texinfo INITSCRIPT_NAME = "gpm" INITSCRIPT_PARAMS = "defaults" +# Avoid line statements with bison/yacc +# ERROR: lib32-gpm-1.99.7+gite82d1a653ca94aa4ed12441424da6ce780b1e530-r0 do_package_qa: QA Issue: File /usr/src/debug/lib32-gpm/1.99.7+gite82d1a653ca94aa4ed12441424da6ce780b1e530/src/prog/gpm-root.c in package lib32-gpm-src contains reference to TMPDIR [buildpaths] +EXTRA_OEMAKE = "YFLAGS='-l'" + do_configure:prepend() { (cd ${S};./autogen.sh;cd -) } diff --git a/meta-oe/recipes-support/hdf5/files/0001-cmake-remove-build-flags.patch b/meta-oe/recipes-support/hdf5/files/0001-cmake-remove-build-flags.patch index 68d9c3a3cf..0d016ccb4c 100644 --- a/meta-oe/recipes-support/hdf5/files/0001-cmake-remove-build-flags.patch +++ b/meta-oe/recipes-support/hdf5/files/0001-cmake-remove-build-flags.patch @@ -1,6 +1,6 @@ -From 4fa437782261c0da785d4574ad3a03700f624e66 Mon Sep 17 00:00:00 2001 +From 9f5afd99cce93e68996deb2b5fa7c32737d279fe Mon Sep 17 00:00:00 2001 From: Mingli Yu <mingli.yu@windriver.com> -Date: Tue, 19 Sep 2023 02:56:09 +0000 +Date: Tue, 16 Jul 2024 17:54:29 +0800 Subject: [PATCH] cmake: remove build flags Don't generate the build host related info and reemove the build flags @@ -11,11 +11,10 @@ Upstream-Status: Inappropriate [oe specific] Signed-off-by: Mingli Yu <mingli.yu@windriver.com> --- config/cmake/libhdf5.settings.cmake.in | 18 +++++++++--------- - src/H5make_libsettings.c | 17 ----------------- - 2 files changed, 9 insertions(+), 26 deletions(-) + 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/config/cmake/libhdf5.settings.cmake.in b/config/cmake/libhdf5.settings.cmake.in -index f60f0de..f4433c0 100644 +index deb07ed..6f255c4 100644 --- a/config/cmake/libhdf5.settings.cmake.in +++ b/config/cmake/libhdf5.settings.cmake.in @@ -23,23 +23,23 @@ Linking Options: @@ -28,7 +27,7 @@ index f60f0de..f4433c0 100644 AM_LDFLAGS: @AM_LDFLAGS@ Extra libraries: @LINK_LIBS@ - Archiver: @CMAKE_AR@ -- AR_FLAGS: +- AR_FLAGS: - Ranlib: @CMAKE_RANLIB@ + Archiver: + AR_FLAGS: @@ -63,34 +62,6 @@ index f60f0de..f4433c0 100644 H5 C++ Flags: @HDF5_CMAKE_CXX_FLAGS@ AM C++ Flags: @AM_CXXFLAGS@ Shared C++ Library: @H5_ENABLE_SHARED_LIB@ -diff --git a/src/H5make_libsettings.c b/src/H5make_libsettings.c -index 2661288..7c0f84f 100644 ---- a/src/H5make_libsettings.c -+++ b/src/H5make_libsettings.c -@@ -205,23 +205,6 @@ information about the library build configuration\n"; - fprintf(rawoutstream, "/* Generated automatically by H5make_libsettings -- do not edit */\n\n\n"); - fputs(FileHeader, rawoutstream); /*the copyright notice--see top of this file */ - -- fprintf(rawoutstream, " *\n * Created:\t\t%s %2d, %4d\n", month_name[tm->tm_mon], tm->tm_mday, -- 1900 + tm->tm_year); -- if (pwd || real_name[0] || host_name[0]) { -- fprintf(rawoutstream, " *\t\t\t"); -- if (real_name[0]) -- fprintf(rawoutstream, "%s <", real_name); --#ifdef H5_HAVE_GETPWUID -- if (pwd) -- fputs(pwd->pw_name, rawoutstream); --#endif -- if (host_name[0]) -- fprintf(rawoutstream, "@%s", host_name); -- if (real_name[0]) -- fprintf(rawoutstream, ">"); -- fputc('\n', rawoutstream); -- } -- - fprintf(rawoutstream, " *\n * Purpose:\t\t"); - - for (s = purpose; *s; s++) { -- -2.35.5 +2.25.1 diff --git a/meta-oe/recipes-support/hdf5/hdf5_1.14.2.bb b/meta-oe/recipes-support/hdf5/hdf5_1.14.4-3.bb index b8a81bb0b7..f34e5f183d 100644 --- a/meta-oe/recipes-support/hdf5/hdf5_1.14.2.bb +++ b/meta-oe/recipes-support/hdf5/hdf5_1.14.4-3.bb @@ -5,18 +5,18 @@ HOMEPAGE = "https://www.hdfgroup.org/" SECTION = "libs" LICENSE = "HDF5" -LIC_FILES_CHKSUM = "file://COPYING;md5=9ba0f3d878ab6c2403c86e9b0362d998" +LIC_FILES_CHKSUM = "file://COPYING;md5=adebb1ecf1b3b80c13359e18ef67301e" inherit cmake siteinfo qemu multilib_header multilib_script DEPENDS += "qemu-native zlib" SRC_URI = " \ - https://support.hdfgroup.org/ftp/HDF5/releases/hdf5-1.14/hdf5-${PV}/src/${BPN}-${PV}.tar.bz2 \ + https://support.hdfgroup.org/ftp/HDF5/releases/hdf5-1.14/hdf5-1.14.4/src/${BPN}-${PV}.tar.gz \ file://0002-Remove-suffix-shared-from-shared-library-name.patch \ file://0001-cmake-remove-build-flags.patch \ " -SRC_URI[sha256sum] = "ea3c5e257ef322af5e77fc1e52ead3ad6bf3bb4ac06480dd17ee3900d7a24cfb" +SRC_URI[sha256sum] = "019ac451d9e1cf89c0482ba2a06f07a46166caf23f60fea5ef3c37724a318e03" FILES:${PN} += "${libdir}/libhdf5.settings ${datadir}/*" @@ -44,10 +44,13 @@ MULTILIB_SCRIPTS += "${PN}:${bindir}/h5cc \ ${PN}:${bindir}/h5hlcc \ " +do_configure:append() { + sed -i -e 's|${WORKDIR}||g' ${B}/src/libhdf5.settings + sed -i -e 's|${WORKDIR}||g' ${B}/src/H5build_settings.c +} + do_install:append() { # Used for generating config files on target - install -m 755 ${B}/bin/H5detect ${D}${bindir} - install -m 755 ${B}/bin/H5make_libsettings ${D}${bindir} oe_multilib_header H5pubconf.h # remove the buildpath sed -i -e 's|${RECIPE_SYSROOT}||g' ${D}${libdir}/pkgconfig/hdf5.pc diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1.bb index 6ab8a61b9b..5407c4e400 100644 --- a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1.bb +++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1.bb @@ -99,3 +99,73 @@ ALTERNATIVE_LINK_NAME[montage.1] = "${mandir}/man1/montage.1" ALTERNATIVE_TARGET[montage.1] = "${mandir}/man1/montage.im7.1" ALTERNATIVE_LINK_NAME[stream.1] = "${mandir}/man1/stream.1" ALTERNATIVE_TARGET[stream.1] = "${mandir}/man1/stream.im7.1" + +CVE_STATUS[CVE-2007-1667] = "cpe-incorrect: CVE should not include a CPE for imagemagick" +CVE_STATUS[CVE-2014-9804] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9805] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9806] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9807] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9808] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9809] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9810] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9811] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9812] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9813] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9814] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9815] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9816] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9817] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9818] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9819] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9820] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9821] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9822] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9823] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9824] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9825] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9826] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9827] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9828] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9829] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9830] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9831] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9848] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9852] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9853] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9854] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2014-9907] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-10062] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 7.0.1-10" +CVE_STATUS[CVE-2016-10144] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.7-1" +CVE_STATUS[CVE-2016-10145] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.7-1" +CVE_STATUS[CVE-2016-10146] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.6-8" +CVE_STATUS[CVE-2016-5118] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 7.0.1-7" +CVE_STATUS[CVE-2016-7513] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7514] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 7.0.1-0" +CVE_STATUS[CVE-2016-7515] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7516] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7517] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7518] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7519] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7520] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7521] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7522] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7523] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7524] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7525] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7526] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7527] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7528] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7529] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7530] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7531] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 7.0.1-0" +CVE_STATUS[CVE-2016-7532] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7533] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7534] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7535] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7536] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7537] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2016-7538] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 6.9.4-0" +CVE_STATUS[CVE-2017-5506] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 7.0.4-4" +CVE_STATUS[CVE-2017-5509] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 7.0.4-4" +CVE_STATUS[CVE-2017-5510] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 7.0.4-4" +CVE_STATUS[CVE-2017-5511] = "cpe-incorrect: The current version (7.1.1) is not affected by the CVE which affects versions at least earlier than 7.0.4-3" diff --git a/meta-oe/recipes-support/libatasmart/libatasmart_0.19.bb b/meta-oe/recipes-support/libatasmart/libatasmart_0.19.bb index f747ecbf72..59b26d821e 100644 --- a/meta-oe/recipes-support/libatasmart/libatasmart_0.19.bb +++ b/meta-oe/recipes-support/libatasmart/libatasmart_0.19.bb @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://LGPL;md5=2d5025d4aa3495befef8f17206a5b0a1" DEPENDS = "udev" SRCREV = "de6258940960443038b4c1651dfda3620075e870" -SRC_URI = "git://git.0pointer.de/libatasmart.git;branch=master \ +SRC_URI = "git://git.0pointer.net/libatasmart.git;protocol=https;branch=master \ file://0001-Makefile.am-add-CFLAGS-and-LDFLAGS-definiton.patch \ " diff --git a/meta-oe/recipes-support/libfido2/libfido2_1.14.0.bb b/meta-oe/recipes-support/libfido2/libfido2_1.14.0.bb index 08d3f4e84d..d453d0ab97 100644 --- a/meta-oe/recipes-support/libfido2/libfido2_1.14.0.bb +++ b/meta-oe/recipes-support/libfido2/libfido2_1.14.0.bb @@ -21,5 +21,3 @@ EXTRA_OECMAKE = "-DUDEV_RULES_DIR=${nonarch_base_libdir}/udev/rules.d -DBUILD_EX PACKAGE_BEFORE_PN = "${PN}-tools" FILES:${PN}-tools = "${bindir}/fido2-*" - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta-oe/recipes-support/libgpiod/libgpiod_2.1.1.bb b/meta-oe/recipes-support/libgpiod/libgpiod_2.1.2.bb index 4c13d67eba..6e4fbd2a3b 100644 --- a/meta-oe/recipes-support/libgpiod/libgpiod_2.1.1.bb +++ b/meta-oe/recipes-support/libgpiod/libgpiod_2.1.2.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = " \ FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}-2.x:" -SRC_URI[sha256sum] = "b21913f469d3135680d5516f00fdf9f81d5e564e19ffb690927ea7f1d7e312cb" +SRC_URI[sha256sum] = "7a148a5a7d1c97a1abb40474b9a392b6edd7a42fe077dfd7ff42cfba24308548" # Enable all project features for ptest PACKAGECONFIG[tests] = "--enable-tests --enable-tools --enable-bindings-cxx --enable-gpioset-interactive,--disable-tests,kmod util-linux glib-2.0 catch2 libedit" diff --git a/meta-oe/recipes-support/libjs/libjs-jquery-icheck_1.0.3.bb b/meta-oe/recipes-support/libjs/libjs-jquery-icheck_1.0.3.bb index 31c3534b88..63dfc6fa78 100644 --- a/meta-oe/recipes-support/libjs/libjs-jquery-icheck_1.0.3.bb +++ b/meta-oe/recipes-support/libjs/libjs-jquery-icheck_1.0.3.bb @@ -3,7 +3,7 @@ SECTION = "console/network" HOMEPAGE = "http://fronteed.com/iCheck" LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://icheck.js;start_line=1;end_line=8;md5=404078d7de9f05ed64d364274f790055" +LIC_FILES_CHKSUM = "file://icheck.js;beginline=6;endline=7;md5=ea25eee37fc3b14403e215bfe13564bc" SRC_URI = "git://github.com/fronteed/icheck.git;protocol=https;branch=${PV}" diff --git a/meta-oe/recipes-support/log4cpp/log4cpp_1.1.4.bb b/meta-oe/recipes-support/log4cpp/log4cpp_1.1.4.bb index 729857eb62..a8b9b9a019 100644 --- a/meta-oe/recipes-support/log4cpp/log4cpp_1.1.4.bb +++ b/meta-oe/recipes-support/log4cpp/log4cpp_1.1.4.bb @@ -20,3 +20,7 @@ EXTRA_OECONF = "\ " CXXFLAGS += "-std=c++14" + +do_install:append() { + sed -i -e 's|${DEBUG_PREFIX_MAP}||g; s|--sysroot=${STAGING_DIR_TARGET}||g' ${D}${bindir}/log4cpp-config +} diff --git a/meta-oe/recipes-support/lvm2/libdevmapper_2.03.22.bb b/meta-oe/recipes-support/lvm2/libdevmapper_2.03.22.bb index be558ce1d2..3b4439c3ae 100644 --- a/meta-oe/recipes-support/lvm2/libdevmapper_2.03.22.bb +++ b/meta-oe/recipes-support/lvm2/libdevmapper_2.03.22.bb @@ -5,6 +5,8 @@ require lvm2.inc DEPENDS += "autoconf-archive-native" +inherit nopackages + TARGET_CC_ARCH += "${LDFLAGS}" do_install() { diff --git a/meta-oe/recipes-support/nano/files/CVE-2024-5742.patch b/meta-oe/recipes-support/nano/files/CVE-2024-5742.patch new file mode 100644 index 0000000000..f29b73c539 --- /dev/null +++ b/meta-oe/recipes-support/nano/files/CVE-2024-5742.patch @@ -0,0 +1,101 @@ +From aad1439553de8ce0ef8815a65ac0732dc804507b Mon Sep 17 00:00:00 2001 +From: Benno Schulenberg <bensberg@telfort.nl> +Date: Sun, 28 Apr 2024 10:51:52 +0200 +Subject: [PATCH] files: run `chmod` and `chown` on the descriptor, not on the + filename + +This closes a window of opportunity where the emergency file could be +replaced by a malicious symlink. + +The issue was reported by `MartinJM` and `InvisibleMeerkat`. + +Problem existed since version 2.2.0, commit 123110c5, when chmodding +and chowning of the emergency .save file was added. + +Upstream-Status: Backport from [https://git.savannah.gnu.org/cgit/nano.git/commit/?id=5e7a3c2e7e118c7f12d5dfda9f9140f638976aa2] +CVE: CVE-2024-5742 +Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> +--- + src/definitions.h | 2 +- + src/files.c | 13 ++++++++++++- + src/nano.c | 12 +----------- + 3 files changed, 14 insertions(+), 13 deletions(-) + +diff --git a/src/definitions.h b/src/definitions.h +index 288f1ff..04614a3 100644 +--- a/src/definitions.h ++++ b/src/definitions.h +@@ -283,7 +283,7 @@ typedef enum { + } message_type; + + typedef enum { +- OVERWRITE, APPEND, PREPEND ++ OVERWRITE, APPEND, PREPEND, EMERGENCY + } kind_of_writing_type; + + typedef enum { +diff --git a/src/files.c b/src/files.c +index c6eadc1..88397d3 100644 +--- a/src/files.c ++++ b/src/files.c +@@ -1760,6 +1760,8 @@ bool write_file(const char *name, FILE *thefile, bool normal, + #endif + char *realname = real_dir_from_tilde(name); + /* The filename after tilde expansion. */ ++ int fd = 0; ++ /* The descriptor that is assigned when opening the file. */ + char *tempname = NULL; + /* The name of the temporary file we use when prepending. */ + linestruct *line = openfile->filetop; +@@ -1843,7 +1845,6 @@ bool write_file(const char *name, FILE *thefile, bool normal, + * For an emergency file, access is restricted to just the owner. */ + if (thefile == NULL) { + mode_t permissions = (normal ? RW_FOR_ALL : S_IRUSR|S_IWUSR); +- int fd; + + #ifndef NANO_TINY + block_sigwinch(TRUE); +@@ -1969,6 +1970,16 @@ bool write_file(const char *name, FILE *thefile, bool normal, + } + #endif + ++#if !defined(NANO_TINY) && defined(HAVE_CHMOD) && defined(HAVE_CHOWN) ++ /* Change permissions and owner of an emergency save file to the values ++ * of the original file, but ignore any failure as we are in a hurry. */ ++ if (method == EMERGENCY && fd && openfile->statinfo) { ++ IGNORE_CALL_RESULT(fchmod(fd, openfile->statinfo->st_mode)); ++ IGNORE_CALL_RESULT(fchown(fd, openfile->statinfo->st_uid, ++ openfile->statinfo->st_gid)); ++ } ++#endif ++ + if (fclose(thefile) != 0) { + statusline(ALERT, _("Error writing %s: %s"), realname, strerror(errno)); + +diff --git a/src/nano.c b/src/nano.c +index c6db6dd..c8e5265 100644 +--- a/src/nano.c ++++ b/src/nano.c +@@ -337,18 +337,8 @@ void emergency_save(const char *filename) + + if (*targetname == '\0') + fprintf(stderr, _("\nToo many .save files\n")); +- else if (write_file(targetname, NULL, SPECIAL, OVERWRITE, NONOTES)) { ++ else if (write_file(targetname, NULL, SPECIAL, EMERGENCY, NONOTES)) + fprintf(stderr, _("\nBuffer written to %s\n"), targetname); +-#if !defined(NANO_TINY) && defined(HAVE_CHMOD) && defined(HAVE_CHOWN) +- /* Try to chmod/chown the saved file to the values of the original file, +- * but ignore any failure as we are in a hurry to get out. */ +- if (openfile->statinfo) { +- IGNORE_CALL_RESULT(chmod(targetname, openfile->statinfo->st_mode)); +- IGNORE_CALL_RESULT(chown(targetname, openfile->statinfo->st_uid, +- openfile->statinfo->st_gid)); +- } +-#endif +- } + + free(targetname); + free(plainname); +-- +2.44.0 + diff --git a/meta-oe/recipes-support/nano/nano_7.2.bb b/meta-oe/recipes-support/nano/nano_7.2.bb index 0642287c98..73d46949d9 100644 --- a/meta-oe/recipes-support/nano/nano_7.2.bb +++ b/meta-oe/recipes-support/nano/nano_7.2.bb @@ -12,7 +12,9 @@ RDEPENDS:${PN} = "ncurses-terminfo-base" PV_MAJOR = "${@d.getVar('PV').split('.')[0]}" -SRC_URI = "https://nano-editor.org/dist/v${PV_MAJOR}/nano-${PV}.tar.xz" +SRC_URI = "https://nano-editor.org/dist/v${PV_MAJOR}/nano-${PV}.tar.xz \ + file://CVE-2024-5742.patch \ + " SRC_URI[sha256sum] = "86f3442768bd2873cec693f83cdf80b4b444ad3cc14760b74361474fc87a4526" UPSTREAM_CHECK_URI = "https://ftp.gnu.org/gnu/nano" diff --git a/meta-oe/recipes-support/poppler/poppler/CVE-2024-6239-0001.patch b/meta-oe/recipes-support/poppler/poppler/CVE-2024-6239-0001.patch new file mode 100644 index 0000000000..9994ce785b --- /dev/null +++ b/meta-oe/recipes-support/poppler/poppler/CVE-2024-6239-0001.patch @@ -0,0 +1,1275 @@ +From fc1c711cb5f769546c6b31cc688bf0ee7f0c1dbc Mon Sep 17 00:00:00 2001 +From: Sune Vuorela <sune@vuorela.dk> +Date: Thu, 1 Feb 2024 19:11:03 +0000 +Subject: [PATCH] More unicode vectors; fewer raw pointers + +CVE: CVE-2024-6239 +Upstream-Status: Backport [https://gitlab.freedesktop.org/poppler/poppler/-/commit/fc1c711cb5f769546c6b31cc688bf0ee7f0c1dbc] + +Signed-off-by: Yogita Urade <yogita.urade@windriver.com> +--- + cpp/poppler-toc.cpp | 5 +- + glib/poppler-document.cc | 3 +- + poppler/CharCodeToUnicode.cc | 113 +++++++++------------------ + poppler/CharCodeToUnicode.h | 12 ++- + poppler/DateInfo.cc | 10 +-- + poppler/JSInfo.cc | 9 +-- + poppler/Outline.cc | 12 +-- + poppler/Outline.h | 7 +- + poppler/TextOutputDev.cc | 8 +- + poppler/UTF.cc | 78 ++++++++---------- + poppler/UTF.h | 11 ++- + qt5/src/poppler-outline.cc | 2 +- + qt5/src/poppler-private.cc | 13 ++- + qt5/src/poppler-private.h | 1 + + qt5/tests/check_internal_outline.cpp | 6 +- + qt5/tests/check_utf_conversion.cpp | 24 +++--- + qt6/src/poppler-outline.cc | 2 +- + qt6/src/poppler-private.cc | 5 ++ + qt6/src/poppler-private.h | 1 + + qt6/tests/check_internal_outline.cpp | 6 +- + qt6/tests/check_utf_conversion.cpp | 24 +++--- + utils/HtmlFonts.cc | 4 +- + utils/HtmlFonts.h | 2 +- + utils/HtmlOutputDev.cc | 38 ++++----- + utils/HtmlOutputDev.h | 2 +- + utils/pdfinfo.cc | 8 +- + utils/pdfsig.cc | 8 +- + utils/pdftohtml.cc | 25 +++--- + 28 files changed, 183 insertions(+), 256 deletions(-) + +diff --git a/cpp/poppler-toc.cpp b/cpp/poppler-toc.cpp +index c79abde..ed3a983 100644 +--- a/cpp/poppler-toc.cpp ++++ b/cpp/poppler-toc.cpp +@@ -61,9 +61,8 @@ toc_item_private::~toc_item_private() + + void toc_item_private::load(const OutlineItem *item) + { +- const Unicode *title_unicode = item->getTitle(); +- const int title_length = item->getTitleLength(); +- title = detail::unicode_to_ustring(title_unicode, title_length); ++ const std::vector<Unicode> &title_unicode = item->getTitle(); ++ title = detail::unicode_to_ustring(title_unicode.data(), title_unicode.size()); + is_open = item->isOpen(); + } + +diff --git a/glib/poppler-document.cc b/glib/poppler-document.cc +index 7505a6f..fdfefdc 100644 +--- a/glib/poppler-document.cc ++++ b/glib/poppler-document.cc +@@ -2772,7 +2772,8 @@ PopplerAction *poppler_index_iter_get_action(PopplerIndexIter *iter) + item = (*iter->items)[iter->index]; + link_action = item->getAction(); + +- title = unicode_to_char(item->getTitle(), item->getTitleLength()); ++ const std::vector<Unicode> &itemTitle = item->getTitle(); ++ title = unicode_to_char(itemTitle.data(), itemTitle.size()); + + action = _poppler_action_new(iter->document, link_action, title); + g_free(title); +diff --git a/poppler/CharCodeToUnicode.cc b/poppler/CharCodeToUnicode.cc +index cd00937..d9ef019 100644 +--- a/poppler/CharCodeToUnicode.cc ++++ b/poppler/CharCodeToUnicode.cc +@@ -38,6 +38,7 @@ + + #include <cstdio> + #include <cstring> ++#include <functional> + #include "goo/glibc.h" + #include "goo/gmem.h" + #include "goo/gfile.h" +@@ -51,13 +52,6 @@ + + //------------------------------------------------------------------------ + +-struct CharCodeToUnicodeString +-{ +- CharCode c; +- Unicode *u; +- int len; +-}; +- + //------------------------------------------------------------------------ + + static int getCharFromString(void *data) +@@ -162,7 +156,7 @@ CharCodeToUnicode *CharCodeToUnicode::parseCIDToUnicode(const char *fileName, co + } + fclose(f); + +- ctu = new CharCodeToUnicode(collection->toStr(), mapA, mapLenA, true, nullptr, 0, 0); ++ ctu = new CharCodeToUnicode(collection->toStr(), mapA, mapLenA, true, {}); + gfree(mapA); + return ctu; + } +@@ -171,8 +165,7 @@ CharCodeToUnicode *CharCodeToUnicode::parseUnicodeToUnicode(const GooString *fil + { + FILE *f; + Unicode *mapA; +- CharCodeToUnicodeString *sMapA; +- CharCode size, oldSize, len, sMapSizeA, sMapLenA; ++ CharCode size, oldSize, len; + char buf[256]; + char *tok; + Unicode u0; +@@ -192,8 +185,7 @@ CharCodeToUnicode *CharCodeToUnicode::parseUnicodeToUnicode(const GooString *fil + mapA = (Unicode *)gmallocn(size, sizeof(Unicode)); + memset(mapA, 0, size * sizeof(Unicode)); + len = 0; +- sMapA = nullptr; +- sMapSizeA = sMapLenA = 0; ++ std::vector<CharCodeToUnicodeString> sMapA; + + line = 0; + while (getLine(buf, sizeof(buf), f)) { +@@ -230,17 +222,12 @@ CharCodeToUnicode *CharCodeToUnicode::parseUnicodeToUnicode(const GooString *fil + mapA[u0] = uBuf[0]; + } else { + mapA[u0] = 0; +- if (sMapLenA == sMapSizeA) { +- sMapSizeA += 16; +- sMapA = (CharCodeToUnicodeString *)greallocn(sMapA, sMapSizeA, sizeof(CharCodeToUnicodeString)); +- } +- sMapA[sMapLenA].c = u0; +- sMapA[sMapLenA].u = (Unicode *)gmallocn(n, sizeof(Unicode)); ++ std::vector<Unicode> u; ++ u.reserve(n); + for (i = 0; i < n; ++i) { +- sMapA[sMapLenA].u[i] = uBuf[i]; ++ u.push_back(uBuf[i]); + } +- sMapA[sMapLenA].len = n; +- ++sMapLenA; ++ sMapA.push_back({ u0, std::move(u) }); + } + if (u0 >= len) { + len = u0 + 1; +@@ -248,7 +235,7 @@ CharCodeToUnicode *CharCodeToUnicode::parseUnicodeToUnicode(const GooString *fil + } + fclose(f); + +- ctu = new CharCodeToUnicode(fileName->toStr(), mapA, len, true, sMapA, sMapLenA, sMapSizeA); ++ ctu = new CharCodeToUnicode(fileName->toStr(), mapA, len, true, std::move(sMapA)); + gfree(mapA); + gfree(uBuf); + return ctu; +@@ -256,7 +243,7 @@ CharCodeToUnicode *CharCodeToUnicode::parseUnicodeToUnicode(const GooString *fil + + CharCodeToUnicode *CharCodeToUnicode::make8BitToUnicode(Unicode *toUnicode) + { +- return new CharCodeToUnicode({}, toUnicode, 256, true, nullptr, 0, 0); ++ return new CharCodeToUnicode({}, toUnicode, 256, true, {}); + } + + CharCodeToUnicode *CharCodeToUnicode::parseCMap(const GooString *buf, int nBits) +@@ -512,25 +499,18 @@ void CharCodeToUnicode::addMapping(CharCode code, char *uStr, int n, int offset) + map[code] = 0xfffd; + } + } else { +- if (sMapLen >= sMapSize) { +- sMapSize = sMapSize + 16; +- sMap = (CharCodeToUnicodeString *)greallocn(sMap, sMapSize, sizeof(CharCodeToUnicodeString)); +- } + map[code] = 0; +- sMap[sMapLen].c = code; + int utf16Len = n / 4; +- Unicode *utf16 = (Unicode *)gmallocn(utf16Len, sizeof(Unicode)); ++ std::vector<Unicode> utf16(utf16Len); ++ utf16.resize(utf16Len); + for (j = 0; j < utf16Len; ++j) { + if (!parseHex(uStr + j * 4, 4, &utf16[j])) { +- gfree(utf16); + error(errSyntaxWarning, -1, "Illegal entry in ToUnicode CMap"); + return; + } + } + utf16[utf16Len - 1] += offset; +- sMap[sMapLen].len = UTF16toUCS4(utf16, utf16Len, &sMap[sMapLen].u); +- gfree(utf16); +- ++sMapLen; ++ sMap.push_back({ code, UTF16toUCS4(utf16.data(), utf16.size()) }); + } + } + +@@ -561,8 +541,6 @@ CharCodeToUnicode::CharCodeToUnicode() + { + map = nullptr; + mapLen = 0; +- sMap = nullptr; +- sMapLen = sMapSize = 0; + refCnt = 1; + isIdentity = false; + } +@@ -576,13 +554,11 @@ CharCodeToUnicode::CharCodeToUnicode(const std::optional<std::string> &tagA) : t + for (i = 0; i < mapLen; ++i) { + map[i] = 0; + } +- sMap = nullptr; +- sMapLen = sMapSize = 0; + refCnt = 1; + isIdentity = false; + } + +-CharCodeToUnicode::CharCodeToUnicode(const std::optional<std::string> &tagA, Unicode *mapA, CharCode mapLenA, bool copyMap, CharCodeToUnicodeString *sMapA, int sMapLenA, int sMapSizeA) : tag(tagA) ++CharCodeToUnicode::CharCodeToUnicode(const std::optional<std::string> &tagA, Unicode *mapA, CharCode mapLenA, bool copyMap, std::vector<CharCodeToUnicodeString> &&sMapA) : tag(tagA) + { + mapLen = mapLenA; + if (copyMap) { +@@ -591,9 +567,7 @@ CharCodeToUnicode::CharCodeToUnicode(const std::optional<std::string> &tagA, Uni + } else { + map = mapA; + } +- sMap = sMapA; +- sMapLen = sMapLenA; +- sMapSize = sMapSizeA; ++ sMap = std::move(sMapA); + refCnt = 1; + isIdentity = false; + } +@@ -601,12 +575,6 @@ CharCodeToUnicode::CharCodeToUnicode(const std::optional<std::string> &tagA, Uni + CharCodeToUnicode::~CharCodeToUnicode() + { + gfree(map); +- if (sMap) { +- for (int i = 0; i < sMapLen; ++i) { +- gfree(sMap[i].u); +- } +- gfree(sMap); +- } + } + + void CharCodeToUnicode::incRefCnt() +@@ -628,7 +596,8 @@ bool CharCodeToUnicode::match(const GooString *tagA) + + void CharCodeToUnicode::setMapping(CharCode c, Unicode *u, int len) + { +- int i, j; ++ size_t i; ++ int j; + + if (!map || isIdentity) { + return; +@@ -636,28 +605,26 @@ void CharCodeToUnicode::setMapping(CharCode c, Unicode *u, int len) + if (len == 1) { + map[c] = u[0]; + } else { +- for (i = 0; i < sMapLen; ++i) { ++ std::optional<std::reference_wrapper<CharCodeToUnicodeString>> element; ++ for (i = 0; i < sMap.size(); ++i) { + if (sMap[i].c == c) { +- gfree(sMap[i].u); ++ sMap[i].u.clear(); ++ element = std::ref(sMap[i]); + break; + } + } +- if (i == sMapLen) { +- if (sMapLen == sMapSize) { +- sMapSize += 8; +- sMap = (CharCodeToUnicodeString *)greallocn(sMap, sMapSize, sizeof(CharCodeToUnicodeString)); +- } +- ++sMapLen; ++ if (!element) { ++ sMap.emplace_back(CharCodeToUnicodeString { c, {} }); ++ element = std::ref(sMap.back()); + } + map[c] = 0; +- sMap[i].c = c; +- sMap[i].len = len; +- sMap[i].u = (Unicode *)gmallocn(len, sizeof(Unicode)); ++ element->get().c = c; ++ element->get().u.reserve(len); + for (j = 0; j < len; ++j) { + if (UnicodeIsValid(u[j])) { +- sMap[i].u[j] = u[j]; ++ element->get().u.push_back(u[j]); + } else { +- sMap[i].u[j] = 0xfffd; ++ element->get().u.push_back(0xfffd); + } + } + } +@@ -665,8 +632,6 @@ void CharCodeToUnicode::setMapping(CharCode c, Unicode *u, int len) + + int CharCodeToUnicode::mapToUnicode(CharCode c, Unicode const **u) const + { +- int i; +- + if (isIdentity) { + map[0] = (Unicode)c; + *u = map; +@@ -679,10 +644,10 @@ int CharCodeToUnicode::mapToUnicode(CharCode c, Unicode const **u) const + *u = &map[c]; + return 1; + } +- for (i = sMapLen - 1; i >= 0; --i) { // in reverse so CMap takes precedence +- if (sMap[i].c == c) { +- *u = sMap[i].u; +- return sMap[i].len; ++ for (auto i = sMap.size(); i > 0; --i) { // in reverse so CMap takes precedence ++ if (sMap[i - 1].c == c) { ++ *u = sMap[i - 1].u.data(); ++ return sMap[i - 1].u.size(); + } + } + return 0; +@@ -704,24 +669,24 @@ int CharCodeToUnicode::mapToCharCode(const Unicode *u, CharCode *c, int usize) c + } + *c = 'x'; + } else { +- int i, j; ++ size_t j; + // for each entry in the sMap +- for (i = 0; i < sMapLen; i++) { ++ for (const auto &element : sMap) { + // if the entry's unicode length isn't the same are usize, the strings + // are obviously different +- if (sMap[i].len != usize) { ++ if (element.u.size() != size_t(usize)) { + continue; + } + // compare the string char by char +- for (j = 0; j < sMap[i].len; j++) { +- if (sMap[i].u[j] != u[j]) { ++ for (j = 0; j < element.u.size(); j++) { ++ if (element.u[j] != u[j]) { + break; + } + } + + // we have the same strings +- if (j == sMap[i].len) { +- *c = sMap[i].c; ++ if (j == element.u.size()) { ++ *c = element.c; + return 1; + } + } +diff --git a/poppler/CharCodeToUnicode.h b/poppler/CharCodeToUnicode.h +index 596d44d..9aa2571 100644 +--- a/poppler/CharCodeToUnicode.h ++++ b/poppler/CharCodeToUnicode.h +@@ -33,11 +33,11 @@ + + #include <atomic> + #include <optional> ++#include <vector> + + #include "poppler-config.h" + #include "CharTypes.h" + +-struct CharCodeToUnicodeString; + class GooString; + + //------------------------------------------------------------------------ +@@ -100,18 +100,22 @@ public: + CharCode getLength() const { return mapLen; } + + private: ++ struct CharCodeToUnicodeString ++ { ++ CharCode c; ++ std::vector<Unicode> u; ++ }; + bool parseCMap1(int (*getCharFunc)(void *), void *data, int nBits); + void addMapping(CharCode code, char *uStr, int n, int offset); + void addMappingInt(CharCode code, Unicode u); + CharCodeToUnicode(); + explicit CharCodeToUnicode(const std::optional<std::string> &tagA); +- CharCodeToUnicode(const std::optional<std::string> &tagA, Unicode *mapA, CharCode mapLenA, bool copyMap, CharCodeToUnicodeString *sMapA, int sMapLenA, int sMapSizeA); ++ CharCodeToUnicode(const std::optional<std::string> &tagA, Unicode *mapA, CharCode mapLenA, bool copyMap, std::vector<CharCodeToUnicodeString> &&sMapA); + + const std::optional<std::string> tag; + Unicode *map; + CharCode mapLen; +- CharCodeToUnicodeString *sMap; +- int sMapLen, sMapSize; ++ std::vector<CharCodeToUnicodeString> sMap; + std::atomic_int refCnt; + bool isIdentity; + }; +diff --git a/poppler/DateInfo.cc b/poppler/DateInfo.cc +index cdba4ab..28474de 100644 +--- a/poppler/DateInfo.cc ++++ b/poppler/DateInfo.cc +@@ -36,16 +36,14 @@ + /* See PDF Reference 1.3, Section 3.8.2 for PDF Date representation */ + bool parseDateString(const GooString *date, int *year, int *month, int *day, int *hour, int *minute, int *second, char *tz, int *tzHour, int *tzMinute) + { +- Unicode *u; +- int len = TextStringToUCS4(date->toStr(), &u); ++ std::vector<Unicode> u = TextStringToUCS4(date->toStr()); + GooString s; +- for (int i = 0; i < len; i++) { ++ for (auto &c : u) { + // Ignore any non ASCII characters +- if (u[i] < 128) { +- s.append(u[i]); ++ if (c < 128) { ++ s.append(c); + } + } +- gfree(u); + const char *dateString = s.c_str(); + + if (strlen(dateString) < 2) { +diff --git a/poppler/JSInfo.cc b/poppler/JSInfo.cc +index 29fa707..eaef33e 100644 +--- a/poppler/JSInfo.cc ++++ b/poppler/JSInfo.cc +@@ -38,20 +38,17 @@ JSInfo::~JSInfo() { } + + void JSInfo::printJS(const GooString *js) + { +- Unicode *u = nullptr; + char buf[8]; +- int i, n, len; + + if (!js || !js->c_str()) { + return; + } + +- len = TextStringToUCS4(js->toStr(), &u); +- for (i = 0; i < len; i++) { +- n = uniMap->mapUnicode(u[i], buf, sizeof(buf)); ++ std::vector<Unicode> u = TextStringToUCS4(js->toStr()); ++ for (auto &c : u) { ++ int n = uniMap->mapUnicode(c, buf, sizeof(buf)); + fwrite(buf, 1, n, file); + } +- gfree(u); + } + + void JSInfo::scanLinkAction(LinkAction *link, const char *action) +diff --git a/poppler/Outline.cc b/poppler/Outline.cc +index 4c68be9..086c104 100644 +--- a/poppler/Outline.cc ++++ b/poppler/Outline.cc +@@ -407,15 +407,12 @@ OutlineItem::OutlineItem(const Dict *dict, Ref refA, OutlineItem *parentA, XRef + parent = parentA; + xref = xrefA; + doc = docA; +- title = nullptr; + kids = nullptr; + + obj1 = dict->lookup("Title"); + if (obj1.isString()) { + const GooString *s = obj1.getString(); +- titleLen = TextStringToUCS4(s->toStr(), &title); +- } else { +- titleLen = 0; ++ title = TextStringToUCS4(s->toStr()); + } + + obj1 = dict->lookup("Dest"); +@@ -446,9 +443,6 @@ OutlineItem::~OutlineItem() + delete kids; + kids = nullptr; + } +- if (title) { +- gfree(title); +- } + } + + std::vector<OutlineItem *> *OutlineItem::readItemList(OutlineItem *parent, const Object *firstItemRef, XRef *xrefA, PDFDoc *docA) +@@ -494,11 +488,9 @@ void OutlineItem::open() + + void OutlineItem::setTitle(const std::string &titleA) + { +- gfree(title); +- + Object dict = xref->fetch(ref); + GooString *g = new GooString(titleA); +- titleLen = TextStringToUCS4(g->toStr(), &title); ++ title = TextStringToUCS4(g->toStr()); + dict.dictSet("Title", Object(g)); + xref->setModifiedObject(&dict, ref); + } +diff --git a/poppler/Outline.h b/poppler/Outline.h +index a301604..af431f6 100644 +--- a/poppler/Outline.h ++++ b/poppler/Outline.h +@@ -27,6 +27,7 @@ + #define OUTLINE_H + + #include <memory> ++#include <vector> + #include "Object.h" + #include "CharTypes.h" + #include "poppler_private_export.h" +@@ -91,9 +92,8 @@ public: + OutlineItem(const OutlineItem &) = delete; + OutlineItem &operator=(const OutlineItem &) = delete; + static std::vector<OutlineItem *> *readItemList(OutlineItem *parent, const Object *firstItemRef, XRef *xrefA, PDFDoc *docA); +- const Unicode *getTitle() const { return title; } ++ const std::vector<Unicode> &getTitle() const { return title; } + void setTitle(const std::string &titleA); +- int getTitleLength() const { return titleLen; } + bool setPageDest(int i); + // OutlineItem keeps the ownership of the action + const LinkAction *getAction() const { return action.get(); } +@@ -112,8 +112,7 @@ private: + OutlineItem *parent; + PDFDoc *doc; + XRef *xref; +- Unicode *title; +- int titleLen; ++ std::vector<Unicode> title; + std::unique_ptr<LinkAction> action; + bool startsOpen; + std::vector<OutlineItem *> *kids; // nullptr if this item is closed or has no kids +diff --git a/poppler/TextOutputDev.cc b/poppler/TextOutputDev.cc +index 06fc307..ee11fcb 100644 +--- a/poppler/TextOutputDev.cc ++++ b/poppler/TextOutputDev.cc +@@ -5668,15 +5668,11 @@ void ActualText::end(const GfxState *state) + // extents of all the glyphs inside the span + + if (actualTextNBytes) { +- Unicode *uni = nullptr; +- int length; +- + // now that we have the position info for all of the text inside + // the marked content span, we feed the "ActualText" back through + // text->addChar() +- length = TextStringToUCS4(actualText->toStr(), &uni); +- text->addChar(state, actualTextX0, actualTextY0, actualTextX1 - actualTextX0, actualTextY1 - actualTextY0, 0, actualTextNBytes, uni, length); +- gfree(uni); ++ std::vector<Unicode> uni = TextStringToUCS4(actualText->toStr()); ++ text->addChar(state, actualTextX0, actualTextY0, actualTextX1 - actualTextX0, actualTextY1 - actualTextY0, 0, actualTextNBytes, uni.data(), uni.size()); + } + + delete actualText; +diff --git a/poppler/UTF.cc b/poppler/UTF.cc +index 9b1bf95..eb542eb 100644 +--- a/poppler/UTF.cc ++++ b/poppler/UTF.cc +@@ -42,65 +42,52 @@ bool UnicodeIsValid(Unicode ucs4) + return (ucs4 < 0x110000) && ((ucs4 & 0xfffff800) != 0xd800) && (ucs4 < 0xfdd0 || ucs4 > 0xfdef) && ((ucs4 & 0xfffe) != 0xfffe); + } + +-int UTF16toUCS4(const Unicode *utf16, int utf16Len, Unicode **ucs4_out) ++std::vector<Unicode> UTF16toUCS4(const Unicode *utf16, int utf16Len) + { +- int i, n, len; +- Unicode *u; +- + // count characters +- len = 0; +- for (i = 0; i < utf16Len; i++) { ++ int len = 0; ++ for (int i = 0; i < utf16Len; i++) { + if (utf16[i] >= 0xd800 && utf16[i] < 0xdc00 && i + 1 < utf16Len && utf16[i + 1] >= 0xdc00 && utf16[i + 1] < 0xe000) { + i++; /* surrogate pair */ + } + len++; + } +- if (ucs4_out == nullptr) { +- return len; +- } +- +- u = (Unicode *)gmallocn(len, sizeof(Unicode)); +- n = 0; ++ std::vector<Unicode> u; ++ u.reserve(len); + // convert string +- for (i = 0; i < utf16Len; i++) { ++ for (int i = 0; i < utf16Len; i++) { + if (utf16[i] >= 0xd800 && utf16[i] < 0xdc00) { /* surrogate pair */ + if (i + 1 < utf16Len && utf16[i + 1] >= 0xdc00 && utf16[i + 1] < 0xe000) { + /* next code is a low surrogate */ +- u[n] = (((utf16[i] & 0x3ff) << 10) | (utf16[i + 1] & 0x3ff)) + 0x10000; ++ u.push_back((((utf16[i] & 0x3ff) << 10) | (utf16[i + 1] & 0x3ff)) + 0x10000); + ++i; + } else { + /* missing low surrogate + replace it with REPLACEMENT CHARACTER (U+FFFD) */ +- u[n] = 0xfffd; ++ u.push_back(0xfffd); + } + } else if (utf16[i] >= 0xdc00 && utf16[i] < 0xe000) { + /* invalid low surrogate + replace it with REPLACEMENT CHARACTER (U+FFFD) */ +- u[n] = 0xfffd; ++ u.push_back(0xfffd); + } else { +- u[n] = utf16[i]; ++ u.push_back(utf16[i]); + } +- if (!UnicodeIsValid(u[n])) { +- u[n] = 0xfffd; ++ if (!UnicodeIsValid(u.back())) { ++ u.back() = 0xfffd; + } +- n++; + } +- *ucs4_out = u; +- return len; ++ return u; + } + +-int TextStringToUCS4(const std::string &textStr, Unicode **ucs4) ++std::vector<Unicode> TextStringToUCS4(const std::string &textStr) + { +- int i, len; +- const char *s; +- Unicode *u; + bool isUnicode, isUnicodeLE; + +- len = textStr.size(); +- s = textStr.c_str(); ++ int len = textStr.size(); ++ const std::string &s = textStr; + if (len == 0) { +- *ucs4 = nullptr; +- return 0; ++ return {}; + } + + if (GooString::hasUnicodeMarker(textStr)) { +@@ -115,30 +102,30 @@ int TextStringToUCS4(const std::string &textStr, Unicode **ucs4) + } + + if (isUnicode || isUnicodeLE) { +- Unicode *utf16; + len = len / 2 - 1; + if (len > 0) { +- utf16 = new Unicode[len]; +- for (i = 0; i < len; i++) { ++ std::vector<Unicode> utf16; ++ utf16.reserve(len); ++ for (int i = 0; i < len; i++) { + if (isUnicode) { +- utf16[i] = (s[2 + i * 2] & 0xff) << 8 | (s[3 + i * 2] & 0xff); ++ utf16.push_back((s[2 + i * 2] & 0xff) << 8 | (s[3 + i * 2] & 0xff)); + } else { // UnicodeLE +- utf16[i] = (s[3 + i * 2] & 0xff) << 8 | (s[2 + i * 2] & 0xff); ++ utf16.push_back((s[3 + i * 2] & 0xff) << 8 | (s[2 + i * 2] & 0xff)); + } + } +- len = UTF16toUCS4(utf16, len, &u); +- delete[] utf16; ++ return UTF16toUCS4(utf16.data(), utf16.size()); ++ + } else { +- u = nullptr; ++ return {}; + } + } else { +- u = (Unicode *)gmallocn(len, sizeof(Unicode)); +- for (i = 0; i < len; i++) { +- u[i] = pdfDocEncoding[s[i] & 0xff]; ++ std::vector<Unicode> u; ++ u.reserve(len); ++ for (int i = 0; i < len; i++) { ++ u.push_back(pdfDocEncoding[s[i] & 0xff]); + } ++ return u; + } +- *ucs4 = u; +- return len; + } + + bool UnicodeIsWhitespace(Unicode ucs4) +@@ -549,7 +536,10 @@ void unicodeToAscii7(const Unicode *in, int len, Unicode **ucs4_out, int *out_le + } + } + +- *out_len = TextStringToUCS4(str, ucs4_out); ++ std::vector<Unicode> ucs4 = TextStringToUCS4(str); ++ *out_len = ucs4.size(); ++ *ucs4_out = (Unicode *)gmallocn(ucs4.size(), sizeof(Unicode)); ++ memcpy(*ucs4_out, ucs4.data(), ucs4.size() * sizeof(Unicode)); + + if (indices) { + idx[k] = in_idx[len]; +diff --git a/poppler/UTF.h b/poppler/UTF.h +index 626c686..bfc5f65 100644 +--- a/poppler/UTF.h ++++ b/poppler/UTF.h +@@ -19,6 +19,7 @@ + #include <cstdint> + #include <climits> + #include <memory> ++#include <vector> + + #include "goo/GooString.h" + #include "CharTypes.h" +@@ -27,16 +28,14 @@ + // Convert a UTF-16 string to a UCS-4 + // utf16 - utf16 bytes + // utf16_len - number of UTF-16 characters +-// ucs4_out - if not NULL, allocates and returns UCS-4 string. Free with gfree. + // returns number of UCS-4 characters +-int UTF16toUCS4(const Unicode *utf16, int utf16Len, Unicode **ucs4_out); ++std::vector<Unicode> UTF16toUCS4(const Unicode *utf16, int utf16Len); + + // Convert a PDF Text String to UCS-4 + // s - PDF text string +-// ucs4 - if the number of UCS-4 characters is > 0, allocates and +-// returns UCS-4 string. Free with gfree. +-// returns number of UCS-4 characters +-int POPPLER_PRIVATE_EXPORT TextStringToUCS4(const std::string &textStr, Unicode **ucs4); ++// returns UCS-4 characters ++// Convert a PDF text string to UCS-4 ++std::vector<Unicode> POPPLER_PRIVATE_EXPORT TextStringToUCS4(const std::string &textStr); + + // check if UCS-4 character is valid + bool UnicodeIsValid(Unicode ucs4); +diff --git a/qt5/src/poppler-outline.cc b/qt5/src/poppler-outline.cc +index 5ff7e37..2f6ef2d 100644 +--- a/qt5/src/poppler-outline.cc ++++ b/qt5/src/poppler-outline.cc +@@ -78,7 +78,7 @@ QString OutlineItem::name() const + + if (name.isEmpty()) { + if (const ::OutlineItem *data = m_data->data) { +- name = unicodeToQString(data->getTitle(), data->getTitleLength()); ++ name = unicodeToQString(data->getTitle()); + } + } + +diff --git a/qt5/src/poppler-private.cc b/qt5/src/poppler-private.cc +index 228d8e8..54df79f 100644 +--- a/qt5/src/poppler-private.cc ++++ b/qt5/src/poppler-private.cc +@@ -94,6 +94,11 @@ QString unicodeToQString(const Unicode *u, int len) + return QString::fromUtf8(convertedStr.c_str(), convertedStr.getLength()); + } + ++QString unicodeToQString(const std::vector<Unicode> &u) ++{ ++ return unicodeToQString(u.data(), u.size()); ++} ++ + QString UnicodeParsedString(const GooString *s1) + { + return (s1) ? UnicodeParsedString(s1->toStr()) : QString(); +@@ -266,13 +271,7 @@ void DocumentData::addTocChildren(QDomDocument *docSyn, QDomNode *parent, const + // iterate over every object in 'items' + + // 1. create element using outlineItem's title as tagName +- QString name; +- const Unicode *uniChar = outlineItem->getTitle(); +- int titleLength = outlineItem->getTitleLength(); +- name = unicodeToQString(uniChar, titleLength); +- if (name.isEmpty()) { +- continue; +- } ++ QString name = unicodeToQString(outlineItem->getTitle()); + + QDomElement item = docSyn->createElement(name); + parent->appendChild(item); +diff --git a/qt5/src/poppler-private.h b/qt5/src/poppler-private.h +index 39dfb6b..bba5bd7 100644 +--- a/qt5/src/poppler-private.h ++++ b/qt5/src/poppler-private.h +@@ -73,6 +73,7 @@ namespace Poppler { + + /* borrowed from kpdf */ + POPPLER_QT5_EXPORT QString unicodeToQString(const Unicode *u, int len); ++POPPLER_QT5_EXPORT QString unicodeToQString(const std::vector<Unicode> &u); + + POPPLER_QT5_EXPORT QString UnicodeParsedString(const GooString *s1); + +diff --git a/qt5/tests/check_internal_outline.cpp b/qt5/tests/check_internal_outline.cpp +index c12b604..5db6bf4 100644 +--- a/qt5/tests/check_internal_outline.cpp ++++ b/qt5/tests/check_internal_outline.cpp +@@ -56,10 +56,10 @@ void TestInternalOutline::testCreateOutline() + + static std::string getTitle(const OutlineItem *item) + { +- const Unicode *u = item->getTitle(); ++ std::vector<Unicode> u = item->getTitle(); + std::string s; +- for (int i = 0; i < item->getTitleLength(); i++) { +- s.append(1, (char)u[i]); ++ for (auto &c : u) { ++ s.append(1, (char)(c)); + } + return s; + } +diff --git a/qt5/tests/check_utf_conversion.cpp b/qt5/tests/check_utf_conversion.cpp +index 73c684e..b00f080 100644 +--- a/qt5/tests/check_utf_conversion.cpp ++++ b/qt5/tests/check_utf_conversion.cpp +@@ -133,16 +133,13 @@ void TestUTFConversion::testUnicodeToAscii7() + // malloc() always returns 8-byte aligned memory addresses. + GooString *goo = Poppler::QStringToUnicodeGooString(QString::fromUtf8("®©©©©©©©©©©©©©©©©©©©©")); // clazy:exclude=qstring-allocations + +- Unicode *in; +- const int in_len = TextStringToUCS4(goo->toStr(), &in); ++ const std::vector<Unicode> in = TextStringToUCS4(goo->toStr()); + + delete goo; + + int in_norm_len; + int *in_norm_idx; +- Unicode *in_norm = unicodeNormalizeNFKC(in, in_len, &in_norm_len, &in_norm_idx, true); +- +- free(in); ++ Unicode *in_norm = unicodeNormalizeNFKC(in.data(), in.size(), &in_norm_len, &in_norm_idx, true); + + Unicode *out; + int out_len; +@@ -174,25 +171,24 @@ void TestUTFConversion::testUnicodeLittleEndian() + // Let's assert both GooString's are different + QVERIFY(GooUTF16LE != GooUTF16BE); + +- Unicode *UCS4fromLE, *UCS4fromBE; +- const int len1 = TextStringToUCS4(GooUTF16LE, &UCS4fromLE); +- const int len2 = TextStringToUCS4(GooUTF16BE, &UCS4fromBE); ++ const std::vector<Unicode> UCS4fromLE = TextStringToUCS4(GooUTF16LE); ++ const std::vector<Unicode> UCS4fromBE = TextStringToUCS4(GooUTF16BE); + + // len is 4 because TextStringToUCS4() removes the two leading Byte Order Mark (BOM) code points +- QCOMPARE(len1, len2); +- QCOMPARE(len1, 4); ++ QCOMPARE(UCS4fromLE.size(), UCS4fromBE.size()); ++ QCOMPARE(UCS4fromLE.size(), 4); + + // Check that now after conversion, UCS4fromLE and UCS4fromBE are now the same +- for (int i = 0; i < len1; i++) { ++ for (size_t i = 0; i < UCS4fromLE.size(); i++) { + QCOMPARE(UCS4fromLE[i], UCS4fromBE[i]); + } + + const QString expected = QString::fromUtf8("HI!☑"); // clazy:exclude=qstring-allocations + + // Do some final verifications, checking the strings to be "HI!" +- QVERIFY(*UCS4fromLE == *UCS4fromBE); +- QVERIFY(compare(UCS4fromLE, expected.utf16(), len1)); +- QVERIFY(compare(UCS4fromBE, expected.utf16(), len1)); ++ QVERIFY(UCS4fromLE == UCS4fromBE); ++ QVERIFY(compare(UCS4fromLE.data(), expected.utf16(), UCS4fromLE.size())); ++ QVERIFY(compare(UCS4fromBE.data(), expected.utf16(), UCS4fromLE.size())); + } + + QTEST_GUILESS_MAIN(TestUTFConversion) +diff --git a/qt6/src/poppler-outline.cc b/qt6/src/poppler-outline.cc +index f5ba2a9..2bc0d30 100644 +--- a/qt6/src/poppler-outline.cc ++++ b/qt6/src/poppler-outline.cc +@@ -78,7 +78,7 @@ QString OutlineItem::name() const + + if (name.isEmpty()) { + if (const ::OutlineItem *data = m_data->data) { +- name = unicodeToQString(data->getTitle(), data->getTitleLength()); ++ name = unicodeToQString(data->getTitle()); + } + } + +diff --git a/qt6/src/poppler-private.cc b/qt6/src/poppler-private.cc +index 91d1725..2cb2396 100644 +--- a/qt6/src/poppler-private.cc ++++ b/qt6/src/poppler-private.cc +@@ -94,6 +94,11 @@ QString unicodeToQString(const Unicode *u, int len) + return QString::fromUtf8(convertedStr.c_str(), convertedStr.getLength()); + } + ++QString unicodeToQString(const std::vector<Unicode> &u) ++{ ++ return unicodeToQString(u.data(), u.size()); ++} ++ + QString UnicodeParsedString(const GooString *s1) + { + return (s1) ? UnicodeParsedString(s1->toStr()) : QString(); +diff --git a/qt6/src/poppler-private.h b/qt6/src/poppler-private.h +index d1f7335..a3117a6 100644 +--- a/qt6/src/poppler-private.h ++++ b/qt6/src/poppler-private.h +@@ -72,6 +72,7 @@ namespace Poppler { + + /* borrowed from kpdf */ + POPPLER_QT6_EXPORT QString unicodeToQString(const Unicode *u, int len); ++POPPLER_QT6_EXPORT QString unicodeToQString(const std::vector<Unicode> &u); + + POPPLER_QT6_EXPORT QString UnicodeParsedString(const GooString *s1); + +diff --git a/qt6/tests/check_internal_outline.cpp b/qt6/tests/check_internal_outline.cpp +index c12b604..d23e773 100644 +--- a/qt6/tests/check_internal_outline.cpp ++++ b/qt6/tests/check_internal_outline.cpp +@@ -56,10 +56,10 @@ void TestInternalOutline::testCreateOutline() + + static std::string getTitle(const OutlineItem *item) + { +- const Unicode *u = item->getTitle(); ++ const std::vector<Unicode> &u = item->getTitle(); + std::string s; +- for (int i = 0; i < item->getTitleLength(); i++) { +- s.append(1, (char)u[i]); ++ for (const auto &c : u) { ++ s.append(1, (char)(c)); + } + return s; + } +diff --git a/qt6/tests/check_utf_conversion.cpp b/qt6/tests/check_utf_conversion.cpp +index 2cac758..e7f35ea 100644 +--- a/qt6/tests/check_utf_conversion.cpp ++++ b/qt6/tests/check_utf_conversion.cpp +@@ -131,16 +131,13 @@ void TestUTFConversion::testUnicodeToAscii7() + // malloc() always returns 8-byte aligned memory addresses. + GooString *goo = Poppler::QStringToUnicodeGooString(QString::fromUtf8("®©©©©©©©©©©©©©©©©©©©©")); // clazy:exclude=qstring-allocations + +- Unicode *in; +- const int in_len = TextStringToUCS4(goo->toStr(), &in); ++ const std::vector<Unicode> in = TextStringToUCS4(goo->toStr()); + + delete goo; + + int in_norm_len; + int *in_norm_idx; +- Unicode *in_norm = unicodeNormalizeNFKC(in, in_len, &in_norm_len, &in_norm_idx, true); +- +- free(in); ++ Unicode *in_norm = unicodeNormalizeNFKC(in.data(), in.size(), &in_norm_len, &in_norm_idx, true); + + Unicode *out; + int out_len; +@@ -172,25 +169,24 @@ void TestUTFConversion::testUnicodeLittleEndian() + // Let's assert both GooString's are different + QVERIFY(GooUTF16LE != GooUTF16BE); + +- Unicode *UCS4fromLE, *UCS4fromBE; +- const int len1 = TextStringToUCS4(GooUTF16LE, &UCS4fromLE); +- const int len2 = TextStringToUCS4(GooUTF16BE, &UCS4fromBE); ++ const std::vector<Unicode> UCS4fromLE = TextStringToUCS4(GooUTF16LE); ++ const std::vector<Unicode> UCS4fromBE = TextStringToUCS4(GooUTF16BE); + + // len is 4 because TextStringToUCS4() removes the two leading Byte Order Mark (BOM) code points +- QCOMPARE(len1, len2); +- QCOMPARE(len1, 4); ++ QCOMPARE(UCS4fromLE.size(), UCS4fromBE.size()); ++ QCOMPARE(UCS4fromLE.size(), 4); + + // Check that now after conversion, UCS4fromLE and UCS4fromBE are now the same +- for (int i = 0; i < len1; i++) { ++ for (size_t i = 0; i < UCS4fromLE.size(); i++) { + QCOMPARE(UCS4fromLE[i], UCS4fromBE[i]); + } + + const QString expected = QStringLiteral("HI!☑"); + + // Do some final verifications, checking the strings to be "HI!" +- QVERIFY(*UCS4fromLE == *UCS4fromBE); +- QVERIFY(compare(UCS4fromLE, expected.utf16(), len1)); +- QVERIFY(compare(UCS4fromBE, expected.utf16(), len1)); ++ QVERIFY(UCS4fromLE == UCS4fromBE); ++ QVERIFY(compare(UCS4fromLE.data(), expected.utf16(), UCS4fromLE.size())); ++ QVERIFY(compare(UCS4fromBE.data(), expected.utf16(), UCS4fromBE.size())); + } + + QTEST_GUILESS_MAIN(TestUTFConversion) +diff --git a/utils/HtmlFonts.cc b/utils/HtmlFonts.cc +index ca7d4a4..9f25621 100644 +--- a/utils/HtmlFonts.cc ++++ b/utils/HtmlFonts.cc +@@ -230,9 +230,9 @@ GooString *HtmlFont::getFullName() + } + + // this method if plain wrong todo +-GooString *HtmlFont::HtmlFilter(const Unicode *u, int uLen) ++std::unique_ptr<GooString> HtmlFont::HtmlFilter(const Unicode *u, int uLen) + { +- GooString *tmp = new GooString(); ++ auto tmp = std::make_unique<GooString>(); + const UnicodeMap *uMap; + char buf[8]; + int n; +diff --git a/utils/HtmlFonts.h b/utils/HtmlFonts.h +index ca4ae54..74cdca0 100644 +--- a/utils/HtmlFonts.h ++++ b/utils/HtmlFonts.h +@@ -104,7 +104,7 @@ public: + } + const double *getRotMat() const { return rotSkewMat; } + GooString *getFontName(); +- static GooString *HtmlFilter(const Unicode *u, int uLen); // char* s); ++ static std::unique_ptr<GooString> HtmlFilter(const Unicode *u, int uLen); // char* s); + bool isEqual(const HtmlFont &x) const; + bool isEqualIgnoreBold(const HtmlFont &x) const; + void print() const { printf("font: %s (%s) %d %s%s\n", FontName->c_str(), familyName.c_str(), size, bold ? "bold " : "", italic ? "italic " : ""); }; +diff --git a/utils/HtmlOutputDev.cc b/utils/HtmlOutputDev.cc +index 2611e06..b45a5ff 100644 +--- a/utils/HtmlOutputDev.cc ++++ b/utils/HtmlOutputDev.cc +@@ -124,11 +124,11 @@ static bool debug = false; + + #if 0 + static GooString* Dirname(GooString* str){ +- ++ + char *p=str->c_str(); + int len=str->getLength(); + for (int i=len-1;i>=0;i--) +- if (*(p+i)==SLASH) ++ if (*(p+i)==SLASH) + return new GooString(p,i+1); + return new GooString(); + } +@@ -219,14 +219,13 @@ HtmlString::HtmlString(GfxState *state, double fontSize, HtmlFontAccu *_fonts) : + len = size = 0; + yxNext = nullptr; + xyNext = nullptr; +- htext = new GooString(); ++ htext = std::make_unique<GooString>(); + dir = textDirUnknown; + } + + HtmlString::~HtmlString() + { + gfree(text); +- delete htext; + gfree(xRight); + } + +@@ -345,7 +344,6 @@ void HtmlPage::beginString(GfxState *state, const GooString *s) + void HtmlPage::conv() + { + for (HtmlString *tmp = yxStrings; tmp; tmp = tmp->yxNext) { +- delete tmp->htext; + tmp->htext = HtmlFont::HtmlFilter(tmp->text, tmp->len); + + size_t linkIndex = 0; +@@ -641,7 +639,7 @@ void HtmlPage::coalesce() + bool finish_a = switch_links && hlink1 != nullptr; + bool finish_italic = hfont1->isItalic() && (!hfont2->isItalic() || finish_a); + bool finish_bold = hfont1->isBold() && (!hfont2->isBold() || finish_a || finish_italic); +- CloseTags(str1->htext, finish_a, finish_italic, finish_bold); ++ CloseTags(str1->htext.get(), finish_a, finish_italic, finish_bold); + if (switch_links && hlink2 != nullptr) { + GooString *ls = hlink2->getLinkStart(); + str1->htext->append(ls); +@@ -654,7 +652,7 @@ void HtmlPage::coalesce() + str1->htext->append("<b>", 3); + } + +- str1->htext->append(str2->htext); ++ str1->htext->append(str2->htext.get()); + // str1 now contains href for link of str2 (if it is defined) + str1->link = str2->link; + hfont1 = hfont2; +@@ -671,7 +669,7 @@ void HtmlPage::coalesce() + bool finish_a = str1->getLink() != nullptr; + bool finish_bold = hfont1->isBold(); + bool finish_italic = hfont1->isItalic(); +- CloseTags(str1->htext, finish_a, finish_italic, finish_bold); ++ CloseTags(str1->htext.get(), finish_a, finish_italic, finish_bold); + + str1->xMin = curX; + str1->yMin = curY; +@@ -698,14 +696,14 @@ void HtmlPage::coalesce() + bool finish_bold = hfont1->isBold(); + bool finish_italic = hfont1->isItalic(); + bool finish_a = str1->getLink() != nullptr; +- CloseTags(str1->htext, finish_a, finish_italic, finish_bold); ++ CloseTags(str1->htext.get(), finish_a, finish_italic, finish_bold); + + #if 0 //~ for debugging + for (str1 = yxStrings; str1; str1 = str1->yxNext) { + printf("x=%3d..%3d y=%3d..%3d size=%2d ", + (int)str1->xMin, (int)str1->xMax, (int)str1->yMin, (int)str1->yMax, + (int)(str1->yMax - str1->yMin)); +- printf("'%s'\n", str1->htext->c_str()); ++ printf("'%s'\n", str1->htext->c_str()); + } + printf("\n------------------------------------------------------------\n\n"); + #endif +@@ -1225,10 +1223,10 @@ void HtmlOutputDev::startPage(int pageNumA, GfxState *state, XRef *xref) + exit(1); + } + delete fname; +- // if(state->getRotation()!=0) ++ // if(state->getRotation()!=0) + // fprintf(tin,"ROTATE=%d rotate %d neg %d neg translate\n",state->getRotation(),state->getX1(),-state->getY1()); +- // else +- fprintf(tin,"ROTATE=%d neg %d neg translate\n",state->getX1(),state->getY1()); ++ // else ++ fprintf(tin,"ROTATE=%d neg %d neg translate\n",state->getX1(),state->getY1()); + } + } + #endif +@@ -1723,10 +1721,11 @@ bool HtmlOutputDev::newHtmlOutlineLevel(FILE *output, const std::vector<OutlineI + fputs("<ul>\n", output); + + for (OutlineItem *item : *outlines) { +- GooString *titleStr = HtmlFont::HtmlFilter(item->getTitle(), item->getTitleLength()); ++ const auto &title = item->getTitle(); ++ std::unique_ptr<GooString> titleStr = HtmlFont::HtmlFilter(title.data(), title.size()); + + GooString *linkName = nullptr; +- ; ++ + const int itemPage = getOutlinePageNum(item); + if (itemPage > 0) { + /* complex simple +@@ -1753,12 +1752,13 @@ bool HtmlOutputDev::newHtmlOutlineLevel(FILE *output, const std::vector<OutlineI + if (linkName) { + fprintf(output, "<a href=\"%s\">", linkName->c_str()); + } +- fputs(titleStr->c_str(), output); ++ if (titleStr) { ++ fputs(titleStr->c_str(), output); ++ } + if (linkName) { + fputs("</a>", output); + delete linkName; + } +- delete titleStr; + atLeastOne = true; + + item->open(); +@@ -1778,14 +1778,14 @@ void HtmlOutputDev::newXmlOutlineLevel(FILE *output, const std::vector<OutlineIt + fputs("<outline>\n", output); + + for (OutlineItem *item : *outlines) { +- GooString *titleStr = HtmlFont::HtmlFilter(item->getTitle(), item->getTitleLength()); ++ const std::vector<Unicode> &title = item->getTitle(); ++ auto titleStr = HtmlFont::HtmlFilter(title.data(), title.size()); + const int itemPage = getOutlinePageNum(item); + if (itemPage > 0) { + fprintf(output, "<item page=\"%d\">%s</item>\n", itemPage, titleStr->c_str()); + } else { + fprintf(output, "<item>%s</item>\n", titleStr->c_str()); + } +- delete titleStr; + + item->open(); + if (item->hasKids() && item->getKids()) { +diff --git a/utils/HtmlOutputDev.h b/utils/HtmlOutputDev.h +index c7b08d1..e490eff 100644 +--- a/utils/HtmlOutputDev.h ++++ b/utils/HtmlOutputDev.h +@@ -95,7 +95,7 @@ private: + HtmlString *yxNext; // next string in y-major order + HtmlString *xyNext; // next string in x-major order + int fontpos; +- GooString *htext; ++ std::unique_ptr<GooString> htext; + int len; // length of text and xRight + int size; // size of text and xRight arrays + UnicodeTextDirection dir; // direction (left to right/right to left) +diff --git a/utils/pdfinfo.cc b/utils/pdfinfo.cc +index 1f4ca79..2057d22 100644 +--- a/utils/pdfinfo.cc ++++ b/utils/pdfinfo.cc +@@ -114,14 +114,12 @@ static const ArgDesc argDesc[] = { { "-f", argInt, &firstPage, 0, "first page to + + static void printTextString(const GooString *s, const UnicodeMap *uMap) + { +- Unicode *u; + char buf[8]; +- int len = TextStringToUCS4(s->toStr(), &u); +- for (int i = 0; i < len; i++) { +- int n = uMap->mapUnicode(u[i], buf, sizeof(buf)); ++ std::vector<Unicode> u = TextStringToUCS4(s->toStr()); ++ for (const auto &c : u) { ++ int n = uMap->mapUnicode(c, buf, sizeof(buf)); + fwrite(buf, 1, n, stdout); + } +- gfree(u); + } + + static void printUCS4String(const Unicode *u, int len, const UnicodeMap *uMap) +diff --git a/utils/pdfsig.cc b/utils/pdfsig.cc +index 490795f..e15a360 100644 +--- a/utils/pdfsig.cc ++++ b/utils/pdfsig.cc +@@ -224,16 +224,14 @@ static std::string TextStringToUTF8(const std::string &str) + { + const UnicodeMap *utf8Map = globalParams->getUtf8Map(); + +- Unicode *u; +- const int len = TextStringToUCS4(str, &u); ++ std::vector<Unicode> u = TextStringToUCS4(str); + + std::string convertedStr; +- for (int i = 0; i < len; ++i) { ++ for (auto &c : u) { + char buf[8]; +- const int n = utf8Map->mapUnicode(u[i], buf, sizeof(buf)); ++ const int n = utf8Map->mapUnicode(c, buf, sizeof(buf)); + convertedStr.append(buf, n); + } +- gfree(u); + + return convertedStr; + } +diff --git a/utils/pdftohtml.cc b/utils/pdftohtml.cc +index 97b141a..d7c0889 100644 +--- a/utils/pdftohtml.cc ++++ b/utils/pdftohtml.cc +@@ -99,7 +99,7 @@ static char ownerPassword[33] = ""; + static char userPassword[33] = ""; + static bool printVersion = false; + +-static GooString *getInfoString(Dict *infoDict, const char *key); ++static std::unique_ptr<GooString> getInfoString(Dict *infoDict, const char *key); + static GooString *getInfoDate(Dict *infoDict, const char *key); + + static char textEncName[128] = ""; +@@ -158,8 +158,11 @@ int main(int argc, char *argv[]) + { + std::unique_ptr<PDFDoc> doc; + GooString *fileName = nullptr; +- GooString *docTitle = nullptr; +- GooString *author = nullptr, *keywords = nullptr, *subject = nullptr, *date = nullptr; ++ std::unique_ptr<GooString> docTitle; ++ std::unique_ptr<GooString> author; ++ std::unique_ptr<GooString> keywords; ++ std::unique_ptr<GooString> subject; ++ GooString *date = nullptr; + GooString *htmlFileName = nullptr; + HtmlOutputDev *htmlOut = nullptr; + SplashOutputDev *splashOut = nullptr; +@@ -317,7 +320,7 @@ int main(int argc, char *argv[]) + } + } + if (!docTitle) { +- docTitle = new GooString(htmlFileName); ++ docTitle = std::make_unique<GooString>(htmlFileName); + } + + if (!singleHtml) { +@@ -330,16 +333,6 @@ int main(int argc, char *argv[]) + // write text file + htmlOut = new HtmlOutputDev(doc->getCatalog(), htmlFileName->c_str(), docTitle->c_str(), author ? author->c_str() : nullptr, keywords ? keywords->c_str() : nullptr, subject ? subject->c_str() : nullptr, date ? date->c_str() : nullptr, + rawOrder, firstPage, doOutline); +- delete docTitle; +- if (author) { +- delete author; +- } +- if (keywords) { +- delete keywords; +- } +- if (subject) { +- delete subject; +- } + if (date) { + delete date; + } +@@ -397,7 +390,7 @@ error: + return exit_status; + } + +-static GooString *getInfoString(Dict *infoDict, const char *key) ++static std::unique_ptr<GooString> getInfoString(Dict *infoDict, const char *key) + { + Object obj; + // Raw value as read from PDF (may be in pdfDocEncoding or UCS2) +@@ -406,7 +399,7 @@ static GooString *getInfoString(Dict *infoDict, const char *key) + Unicode *unicodeString; + int unicodeLength; + // Value HTML escaped and converted to desired encoding +- GooString *encodedString = nullptr; ++ std::unique_ptr<GooString> encodedString; + // Is rawString UCS2 (as opposed to pdfDocEncoding) + bool isUnicode; + +-- +2.40.0 + diff --git a/meta-oe/recipes-support/poppler/poppler/CVE-2024-6239-0002.patch b/meta-oe/recipes-support/poppler/poppler/CVE-2024-6239-0002.patch new file mode 100644 index 0000000000..cb9ef4237c --- /dev/null +++ b/meta-oe/recipes-support/poppler/poppler/CVE-2024-6239-0002.patch @@ -0,0 +1,111 @@ +From 0554731052d1a97745cb179ab0d45620589dd9c4 Mon Sep 17 00:00:00 2001 +From: Albert Astals Cid <aacid@kde.org> +Date: Fri, 17 Jun 2024 00:54:55 +0200 +Subject: [PATCH] pdfinfo: Fix crash in broken documents when using -dests + +CVE: CVE-2024-6239 +Upstream-Status: Backport [https://gitlab.freedesktop.org/poppler/poppler/-/commit/0554731052d1a97745cb179ab0d45620589dd9c4] + +Signed-off-by: Yogita Urade <yogita.urade@windriver.com> +--- + utils/pdfinfo.cc | 35 +++++++++++++++-------------------- + 1 file changed, 15 insertions(+), 20 deletions(-) + +diff --git a/utils/pdfinfo.cc b/utils/pdfinfo.cc +index 2057d22..5f96b41 100644 +--- a/utils/pdfinfo.cc ++++ b/utils/pdfinfo.cc +@@ -15,7 +15,7 @@ + // under GPL version 2 or later + // + // Copyright (C) 2006 Dom Lachowicz <cinamod@hotmail.com> +-// Copyright (C) 2007-2010, 2012, 2016-2022 Albert Astals Cid <aacid@kde.org> ++// Copyright (C) 2007-2010, 2012, 2016-2022, 2024 Albert Astals Cid <aacid@kde.org> + // Copyright (C) 2010 Hib Eris <hib@hiberis.nl> + // Copyright (C) 2011 Vittal Aithal <vittal.aithal@cognidox.com> + // Copyright (C) 2012, 2013, 2016-2018, 2021 Adrian Johnson <ajohnson@redneon.com> +@@ -112,16 +112,21 @@ static const ArgDesc argDesc[] = { { "-f", argInt, &firstPage, 0, "first page to + { "-?", argFlag, &printHelp, 0, "print usage information" }, + {} }; + +-static void printTextString(const GooString *s, const UnicodeMap *uMap) ++static void printStdTextString(const std::string &s, const UnicodeMap *uMap) + { + char buf[8]; +- std::vector<Unicode> u = TextStringToUCS4(s->toStr()); ++ const std::vector<Unicode> u = TextStringToUCS4(s); + for (const auto &c : u) { + int n = uMap->mapUnicode(c, buf, sizeof(buf)); + fwrite(buf, 1, n, stdout); + } + } + ++static void printTextString(const GooString *s, const UnicodeMap *uMap) ++{ ++ printStdTextString(s->toStr(), uMap); ++} ++ + static void printUCS4String(const Unicode *u, int len, const UnicodeMap *uMap) + { + char buf[8]; +@@ -293,11 +298,6 @@ static void printStruct(const StructElement *element, unsigned indent) + } + } + +-struct GooStringCompare +-{ +- bool operator()(GooString *lhs, GooString *rhs) const { return lhs->cmp(const_cast<GooString *>(rhs)) < 0; } +-}; +- + static void printLinkDest(const std::unique_ptr<LinkDest> &dest) + { + GooString s; +@@ -368,29 +368,25 @@ static void printLinkDest(const std::unique_ptr<LinkDest> &dest) + + static void printDestinations(PDFDoc *doc, const UnicodeMap *uMap) + { +- std::map<Ref, std::map<GooString *, std::unique_ptr<LinkDest>, GooStringCompare>> map; ++ std::map<Ref, std::map<std::string, std::unique_ptr<LinkDest>>> map; + + int numDests = doc->getCatalog()->numDestNameTree(); + for (int i = 0; i < numDests; i++) { +- GooString *name = new GooString(doc->getCatalog()->getDestNameTreeName(i)); ++ const GooString *name = doc->getCatalog()->getDestNameTreeName(i); + std::unique_ptr<LinkDest> dest = doc->getCatalog()->getDestNameTreeDest(i); +- if (dest && dest->isPageRef()) { ++ if (name && dest && dest->isPageRef()) { + Ref pageRef = dest->getPageRef(); +- map[pageRef].insert(std::make_pair(name, std::move(dest))); +- } else { +- delete name; ++ map[pageRef].insert(std::make_pair(name->toStr(), std::move(dest))); + } + } + + numDests = doc->getCatalog()->numDests(); + for (int i = 0; i < numDests; i++) { +- GooString *name = new GooString(doc->getCatalog()->getDestsName(i)); ++ const char *name = doc->getCatalog()->getDestsName(i); + std::unique_ptr<LinkDest> dest = doc->getCatalog()->getDestsDest(i); +- if (dest && dest->isPageRef()) { ++ if (name && dest && dest->isPageRef()) { + Ref pageRef = dest->getPageRef(); + map[pageRef].insert(std::make_pair(name, std::move(dest))); +- } else { +- delete name; + } + } + +@@ -404,9 +400,8 @@ static void printDestinations(PDFDoc *doc, const UnicodeMap *uMap) + printf("%4d ", i); + printLinkDest(it.second); + printf(" \""); +- printTextString(it.first, uMap); ++ printStdTextString(it.first, uMap); + printf("\"\n"); +- delete it.first; + } + } + } +-- +2.40.0 diff --git a/meta-oe/recipes-support/poppler/poppler_23.04.0.bb b/meta-oe/recipes-support/poppler/poppler_23.04.0.bb index f4411e1163..e57760d853 100644 --- a/meta-oe/recipes-support/poppler/poppler_23.04.0.bb +++ b/meta-oe/recipes-support/poppler/poppler_23.04.0.bb @@ -9,6 +9,8 @@ SRC_URI = "http://poppler.freedesktop.org/${BP}.tar.xz \ file://0001-cmake-Do-not-use-isystem.patch \ file://jpeg-stdio.patch \ file://CVE-2023-34872.patch \ + file://CVE-2024-6239-0001.patch \ + file://CVE-2024-6239-0002.patch \ " SRC_URI[sha256sum] = "b6d893dc7dcd4138b9e9df59a13c59695e50e80dc5c2cacee0674670693951a1" diff --git a/meta-oe/recipes-support/re2/re2_2024.03.01.bb b/meta-oe/recipes-support/re2/re2_2024.03.01.bb index 192fe265f1..76d6f0c7a9 100644 --- a/meta-oe/recipes-support/re2/re2_2024.03.01.bb +++ b/meta-oe/recipes-support/re2/re2_2024.03.01.bb @@ -16,9 +16,6 @@ DEPENDS = "abseil-cpp ${@bb.utils.contains('PTEST_ENABLED', '1', 'gtest googlebe inherit cmake ptest RDEPENDS:${PN}-ptest += "cmake sed" -RDEPENDS:${PN} += "abseil-cpp-dev" - -INSANE_SKIP:${PN} += "dev-deps" EXTRA_OECMAKE += " \ -DBUILD_SHARED_LIBS=ON \ @@ -35,10 +32,11 @@ do_install_ptest () { } # ignore .so in /usr/lib64 -FILES:${PN} = "${libdir}" +SOLIBS = ".so*" +FILES_SOLIBSDEV = "" INSANE_SKIP:${PN} += "dev-so" # Don't include so files in dev package -FILES:${PN}-dev = "${includedir} ${libdir}/cmake" +FILES:${PN}-dev = "${includedir} ${libdir}/cmake ${libdir}/pkgconfig" BBCLASSEXTEND = "native nativesdk" diff --git a/meta-oe/recipes-support/thin-provisioning-tools/thin-provisioning-tools_1.0.12.bb b/meta-oe/recipes-support/thin-provisioning-tools/thin-provisioning-tools_1.0.12.bb index 09b91f6b37..51b4b3dcc9 100644 --- a/meta-oe/recipes-support/thin-provisioning-tools/thin-provisioning-tools_1.0.12.bb +++ b/meta-oe/recipes-support/thin-provisioning-tools/thin-provisioning-tools_1.0.12.bb @@ -34,16 +34,18 @@ do_install:append() { thin_delta \ thin_dump \ thin_ls \ - thin_repair \ - thin_restore \ - thin_rmap \ thin_metadata_size \ thin_metadata_pack \ thin_metadata_unpack \ + thin_repair \ + thin_restore \ + thin_rmap \ + thin_shrink \ thin_trim \ era_check \ era_dump \ era_invalidate \ + era_repair \ era_restore; do ln -sf pdata_tools ${D}${sbindir}/$tool done diff --git a/meta-oe/recipes-support/tree/tree_2.1.1.bb b/meta-oe/recipes-support/tree/tree_2.1.1.bb index 0b61149609..1eaea6a22b 100644 --- a/meta-oe/recipes-support/tree/tree_2.1.1.bb +++ b/meta-oe/recipes-support/tree/tree_2.1.1.bb @@ -1,10 +1,10 @@ SUMMARY = "A recursive directory listing command" -HOMEPAGE = "http://mama.indstate.edu/users/ice/tree/" +HOMEPAGE = "https://oldmanprogrammer.net/source.php?dir=projects/tree" SECTION = "console/utils" LICENSE = "GPL-2.0-only" LIC_FILES_CHKSUM = "file://LICENSE;md5=393a5ca445f6965873eca0259a17f833" -SRC_URI = "http://mama.indstate.edu/users/ice/tree/src/${BP}.tgz" +SRC_URI = "https://oldmanprogrammer.net/tar/tree/${BP}.tgz" SRC_URI[sha256sum] = "d3c3d55f403af7c76556546325aa1eca90b918cbaaf6d3ab60a49d8367ab90d5" # tree's default CFLAGS for Linux diff --git a/meta-oe/recipes-support/unixodbc/files/CVE-2024-1013.patch b/meta-oe/recipes-support/unixodbc/files/CVE-2024-1013.patch new file mode 100644 index 0000000000..6884465452 --- /dev/null +++ b/meta-oe/recipes-support/unixodbc/files/CVE-2024-1013.patch @@ -0,0 +1,53 @@ +From 76beb0938ef14276123996bfd99df23b0c7f0982 Mon Sep 17 00:00:00 2001 +From: Soumya Sambu <soumya.sambu@windriver.com> +Date: Fri, 7 Jun 2024 11:10:46 +0000 +Subject: [PATCH] PostgreSQL driver: Fix incompatible pointer-to-integer types + +These result in out-of-bounds stack writes on 64-bit architectures +(caller has 4 bytes, callee writes 8 bytes), and seem to have gone +unnoticed on little-endian architectures (although big-endian +architectures must be broken). + +This change is required to avoid a build failure with GCC 14. + +CVE: CVE-2024-1013 + +Upstream-Status: Backport [https://github.com/lurcher/unixODBC/commit/45f501e1be2db6b017cc242c79bfb9de32b332a1] + +Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> +--- + Drivers/Postgre7.1/info.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/Drivers/Postgre7.1/info.c b/Drivers/Postgre7.1/info.c +index 63ac91f..2216ecd 100644 +--- a/Drivers/Postgre7.1/info.c ++++ b/Drivers/Postgre7.1/info.c +@@ -1779,14 +1779,14 @@ char *table_name; + char index_name[MAX_INFO_STRING]; + short fields_vector[8]; + char isunique[10], isclustered[10]; +-SDWORD index_name_len, fields_vector_len; ++SQLLEN index_name_len, fields_vector_len; + TupleNode *row; + int i; + HSTMT hcol_stmt; + StatementClass *col_stmt, *indx_stmt; + char column_name[MAX_INFO_STRING], relhasrules[MAX_INFO_STRING]; + char **column_names = 0; +-Int4 column_name_len; ++SQLLEN column_name_len; + int total_columns = 0; + char error = TRUE; + ConnInfo *ci; +@@ -2136,7 +2136,7 @@ HSTMT htbl_stmt; + StatementClass *tbl_stmt; + char tables_query[STD_STATEMENT_LEN]; + char attname[MAX_INFO_STRING]; +-SDWORD attname_len; ++SQLLEN attname_len; + char pktab[MAX_TABLE_LEN + 1]; + Int2 result_cols; + +-- +2.40.0 diff --git a/meta-oe/recipes-support/unixodbc/unixodbc_2.3.12.bb b/meta-oe/recipes-support/unixodbc/unixodbc_2.3.12.bb index 7819387c39..dfad833e0a 100644 --- a/meta-oe/recipes-support/unixodbc/unixodbc_2.3.12.bb +++ b/meta-oe/recipes-support/unixodbc/unixodbc_2.3.12.bb @@ -11,6 +11,7 @@ DEPENDS = "libtool readline" SRC_URI = "https://www.unixodbc.org/unixODBC-${PV}.tar.gz \ file://do-not-use-libltdl-source-directory.patch \ file://0001-exe-Makefile.am-add-CROSS_LAUNCHER-to-run-odbc_confi.patch \ + file://CVE-2024-1013.patch \ " SRC_URI[sha256sum] = "f210501445ce21bf607ba51ef8c125e10e22dffdffec377646462df5f01915ec" diff --git a/meta-oe/recipes-support/uriparser/uriparser_0.9.7.bb b/meta-oe/recipes-support/uriparser/uriparser_0.9.8.bb index 421263e62b..3d76190d39 100644 --- a/meta-oe/recipes-support/uriparser/uriparser_0.9.7.bb +++ b/meta-oe/recipes-support/uriparser/uriparser_0.9.8.bb @@ -5,7 +5,7 @@ LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://COPYING;md5=fcc5a53146c2401f4b4f6a3bdf3f0168" SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${BP}/${BP}.tar.gz" -SRC_URI[sha256sum] = "11553b2abd2b5728a6c88e35ab08e807d0a0f23c44920df937778ce8cc4d40ff" +SRC_URI[sha256sum] = "4cd0e4f93b477272fabceeb0202f269169fe6ec3044e10fac6acbcdf354bb080" inherit cmake github-releases diff --git a/meta-python/recipes-devtools/python/python3-cbor2_5.6.3.bb b/meta-python/recipes-devtools/python/python3-cbor2_5.6.3.bb index c9c98b6fb5..69573064bc 100644 --- a/meta-python/recipes-devtools/python/python3-cbor2_5.6.3.bb +++ b/meta-python/recipes-devtools/python/python3-cbor2_5.6.3.bb @@ -1,8 +1,8 @@ DESCRIPTION = "An implementation of RFC 7049 - Concise Binary Object Representation (CBOR)." DEPENDS +="python3-setuptools-scm-native" -LICENSE = "Apache-2.0" -LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=a79e64179819c7ce293372c059f1dbd8" SRC_URI[sha256sum] = "e6f0ae2751c2d333a960e0807c0611494eb1245631a167965acbc100509455d3" diff --git a/meta-python/recipes-devtools/python/python3-colorama_0.4.6.bb b/meta-python/recipes-devtools/python/python3-colorama_0.4.6.bb index 0f364c424d..3871244031 100644 --- a/meta-python/recipes-devtools/python/python3-colorama_0.4.6.bb +++ b/meta-python/recipes-devtools/python/python3-colorama_0.4.6.bb @@ -1,6 +1,6 @@ SUMMARY = "Cross-platform colored terminal text." HOMEPAGE = "https://github.com/tartley/colorama" -LICENSE = "BSD-2-Clause" +LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=b4936429a56a652b84c5c01280dcaa26" inherit pypi python_setuptools_build_meta diff --git a/meta-python/recipes-devtools/python/python3-crc32c_2.3.bb b/meta-python/recipes-devtools/python/python3-crc32c_2.3.bb index da756ea074..125a7ad877 100644 --- a/meta-python/recipes-devtools/python/python3-crc32c_2.3.bb +++ b/meta-python/recipes-devtools/python/python3-crc32c_2.3.bb @@ -1,7 +1,7 @@ SUMMARY = "A python package implementing the crc32c algorithmin hardware and software" HOMEPAGE = "https://github.com/ICRAR/crc32c" -LICENSE = "BSD-2-Clause & BSD-3-Clause & CRC32C-ADLER & LGPL-2.0-or-later" +LICENSE = "BSD-2-Clause & BSD-3-Clause & CRC32C-ADLER & LGPL-2.1-or-later" LIC_FILES_CHKSUM = " \ file://LICENSE;md5=4fbd65380cdd255951079008b364516c \ file://LICENSE.google-crc32c;md5=e9ed01b5e5ac9eae23fc2bb33701220c \ diff --git a/meta-python/recipes-devtools/python/python3-django_4.2.11.bb b/meta-python/recipes-devtools/python/python3-django_4.2.16.bb index 0642b7e7c3..9254e8b009 100644 --- a/meta-python/recipes-devtools/python/python3-django_4.2.11.bb +++ b/meta-python/recipes-devtools/python/python3-django_4.2.16.bb @@ -1,7 +1,7 @@ require python-django.inc inherit setuptools3 -SRC_URI[sha256sum] = "6e6ff3db2d8dd0c986b4eec8554c8e4f919b5c1ff62a5b4390c17aff2ed6e5c4" +SRC_URI[sha256sum] = "6f1616c2786c408ce86ab7e10f792b8f15742f7b7b7460243929cb371e7f1dad" RDEPENDS:${PN} += "\ python3-sqlparse \ @@ -10,5 +10,5 @@ RDEPENDS:${PN} += "\ # Set DEFAULT_PREFERENCE so that the LTS version of django is built by # default. To build the 4.x branch, -# PREFERRED_VERSION_python3-django = "4.2.11" can be added to local.conf +# PREFERRED_VERSION_python3-django = "4.2.16" can be added to local.conf DEFAULT_PREFERENCE = "-1" diff --git a/meta-python/recipes-devtools/python/python3-django_5.0.4.bb b/meta-python/recipes-devtools/python/python3-django_5.0.9.bb index 3139ed4682..60e9c592b0 100644 --- a/meta-python/recipes-devtools/python/python3-django_5.0.4.bb +++ b/meta-python/recipes-devtools/python/python3-django_5.0.9.bb @@ -1,7 +1,7 @@ require python-django.inc inherit setuptools3 -SRC_URI[sha256sum] = "4bd01a8c830bb77a8a3b0e7d8b25b887e536ad17a81ba2dce5476135c73312bd" +SRC_URI[sha256sum] = "6333870d342329b60174da3a60dbd302e533f3b0bb0971516750e974a99b5a39" RDEPENDS:${PN} += "\ python3-sqlparse \ diff --git a/meta-python/recipes-devtools/python/python3-email-validator_2.1.0.bb b/meta-python/recipes-devtools/python/python3-email-validator_2.1.1.bb index 7daf548cb1..746d56d18e 100644 --- a/meta-python/recipes-devtools/python/python3-email-validator_2.1.0.bb +++ b/meta-python/recipes-devtools/python/python3-email-validator_2.1.1.bb @@ -1,9 +1,9 @@ SUMMARY = "A robust email address syntax and deliverability validation library." SECTION = "devel/python" -LICENSE = "CC0-1.0" -LIC_FILES_CHKSUM = "file://LICENSE;md5=65d3616852dbf7b1a6d4b53b00626032" +LICENSE = "Unlicense" +LIC_FILES_CHKSUM = "file://LICENSE;md5=2890aee62bd2a4c3197e2059016a397e" -SRC_URI[sha256sum] = "5f511cca8856bb03251d6292ba59e7f98978aae13fa5823ddd8bf885c56a6260" +SRC_URI[sha256sum] = "200a70680ba08904be6d1eef729205cc0d687634399a5924d842533efb824b84" PYPI_PACKAGE = "email_validator" diff --git a/meta-python/recipes-devtools/python/python3-fann2_1.1.2.bb b/meta-python/recipes-devtools/python/python3-fann2_1.1.2.bb index 2fbc277139..2099d791dd 100644 --- a/meta-python/recipes-devtools/python/python3-fann2_1.1.2.bb +++ b/meta-python/recipes-devtools/python/python3-fann2_1.1.2.bb @@ -1,6 +1,6 @@ SUMMARY = "Python bindings for Fast Artificial Neural Networks 2.2.0 (FANN >= 2.2.0)" SECTION = "devel/python" -LICENSE = "LGPL-2.0-only" +LICENSE = "LGPL-2.1-only" LIC_FILES_CHKSUM = "file://LICENSE;md5=c73b943dc75f6f65e007c56ac6515c8f" SRC_URI[md5sum] = "0b85b418018746d63ed66b55465697a9" diff --git a/meta-python/recipes-devtools/python/python3-flask-cors/CVE-2024-6221.patch b/meta-python/recipes-devtools/python/python3-flask-cors/CVE-2024-6221.patch new file mode 100644 index 0000000000..9049b2ffe6 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-flask-cors/CVE-2024-6221.patch @@ -0,0 +1,110 @@ +From 7ae310c56ac30e0b94fb42129aa377bf633256ec Mon Sep 17 00:00:00 2001 +From: Adriano Sela Aviles <adriano.selaviles@gmail.com> +Date: Fri, 30 Aug 2024 12:14:31 -0400 +Subject: [PATCH] Backwards Compatible Fix for CVE-2024-6221 (#363) + +CVE: CVE-2024-6221 + +Upstream-Status: Backport [https://github.com/corydolphin/flask-cors/commit/7ae310c56ac30e0b94fb42129aa377bf633256ec] + +Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> +--- + docs/configuration.rst | 14 ++++++++++++++ + flask_cors/core.py | 8 +++++--- + flask_cors/extension.py | 16 ++++++++++++++++ + 3 files changed, 35 insertions(+), 3 deletions(-) + +diff --git a/docs/configuration.rst b/docs/configuration.rst +index 91282d3..c750cf4 100644 +--- a/docs/configuration.rst ++++ b/docs/configuration.rst +@@ -23,6 +23,19 @@ CORS_ALLOW_HEADERS (:py:class:`~typing.List` or :py:class:`str`) + Headers to accept from the client. + Headers in the :http:header:`Access-Control-Request-Headers` request header (usually part of the preflight OPTIONS request) matching headers in this list will be included in the :http:header:`Access-Control-Allow-Headers` response header. + ++CORS_ALLOW_PRIVATE_NETWORK (:py:class:`bool`) ++ If True, the response header :http:header:`Access-Control-Allow-Private-Network` ++ will be set with the value 'true' whenever the request header ++ :http:header:`Access-Control-Request-Private-Network` has a value 'true'. ++ ++ If False, the reponse header :http:header:`Access-Control-Allow-Private-Network` ++ will be set with the value 'false' whenever the request header ++ :http:header:`Access-Control-Request-Private-Network` has a value of 'true'. ++ ++ If the request header :http:header:`Access-Control-Request-Private-Network` is ++ not present or has a value other than 'true', the response header ++ :http:header:`Access-Control-Allow-Private-Network` will not be set. ++ + CORS_ALWAYS_SEND (:py:class:`bool`) + Usually, if a request doesn't include an :http:header:`Origin` header, the client did not request CORS. + This means we can ignore this request. +@@ -83,6 +96,7 @@ Default values + ~~~~~~~~~~~~~~ + + * CORS_ALLOW_HEADERS: "*" ++* CORS_ALLOW_PRIVATE_NETWORK: True + * CORS_ALWAYS_SEND: True + * CORS_AUTOMATIC_OPTIONS: True + * CORS_EXPOSE_HEADERS: None +diff --git a/flask_cors/core.py b/flask_cors/core.py +index 5358036..bd011f4 100644 +--- a/flask_cors/core.py ++++ b/flask_cors/core.py +@@ -36,7 +36,7 @@ CONFIG_OPTIONS = ['CORS_ORIGINS', 'CORS_METHODS', 'CORS_ALLOW_HEADERS', + 'CORS_MAX_AGE', 'CORS_SEND_WILDCARD', + 'CORS_AUTOMATIC_OPTIONS', 'CORS_VARY_HEADER', + 'CORS_RESOURCES', 'CORS_INTERCEPT_EXCEPTIONS', +- 'CORS_ALWAYS_SEND'] ++ 'CORS_ALWAYS_SEND', 'CORS_ALLOW_PRIVATE_NETWORK'] + # Attribute added to request object by decorator to indicate that CORS + # was evaluated, in case the decorator and extension are both applied + # to a view. +@@ -56,7 +56,8 @@ DEFAULT_OPTIONS = dict(origins='*', + vary_header=True, + resources=r'/*', + intercept_exceptions=True, +- always_send=True) ++ always_send=True, ++ allow_private_network=True) + + + def parse_resources(resources): +@@ -186,7 +187,8 @@ def get_cors_headers(options, request_headers, request_method): + + if ACL_REQUEST_HEADER_PRIVATE_NETWORK in request_headers \ + and request_headers.get(ACL_REQUEST_HEADER_PRIVATE_NETWORK) == 'true': +- headers[ACL_RESPONSE_PRIVATE_NETWORK] = 'true' ++ allow_private_network = 'true' if options.get('allow_private_network') else 'false' ++ headers[ACL_RESPONSE_PRIVATE_NETWORK] = allow_private_network + + # This is a preflight request + # http://www.w3.org/TR/cors/#resource-preflight-requests +diff --git a/flask_cors/extension.py b/flask_cors/extension.py +index c00cbff..694953f 100644 +--- a/flask_cors/extension.py ++++ b/flask_cors/extension.py +@@ -136,6 +136,22 @@ class CORS(object): + + Default : True + :type vary_header: bool ++ ++ :param allow_private_network: ++ If True, the response header `Access-Control-Allow-Private-Network` ++ will be set with the value 'true' whenever the request header ++ `Access-Control-Request-Private-Network` has a value 'true'. ++ ++ If False, the reponse header `Access-Control-Allow-Private-Network` ++ will be set with the value 'false' whenever the request header ++ `Access-Control-Request-Private-Network` has a value of 'true'. ++ ++ If the request header `Access-Control-Request-Private-Network` is ++ not present or has a value other than 'true', the response header ++ `Access-Control-Allow-Private-Network` will not be set. ++ ++ Default : True ++ :type allow_private_network: bool + """ + + def __init__(self, app=None, **kwargs): +-- +2.40.0 diff --git a/meta-python/recipes-devtools/python/python3-flask-cors_4.0.0.bb b/meta-python/recipes-devtools/python/python3-flask-cors_4.0.0.bb index 1d0d86b4e7..77b51c5515 100644 --- a/meta-python/recipes-devtools/python/python3-flask-cors_4.0.0.bb +++ b/meta-python/recipes-devtools/python/python3-flask-cors_4.0.0.bb @@ -9,6 +9,10 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=118fecaa576ab51c1520f95e98db61ce" PYPI_PACKAGE = "Flask-Cors" +SRC_URI += " \ + file://CVE-2024-6221.patch \ +" + SRC_URI[sha256sum] = "f268522fcb2f73e2ecdde1ef45e2fd5c71cc48fe03cffb4b441c6d1b40684eb0" inherit pypi setuptools3 diff --git a/meta-python/recipes-devtools/python/python3-googleapis-common-protos_1.63.0.bb b/meta-python/recipes-devtools/python/python3-googleapis-common-protos_1.63.0.bb index aee2337267..3c55294498 100644 --- a/meta-python/recipes-devtools/python/python3-googleapis-common-protos_1.63.0.bb +++ b/meta-python/recipes-devtools/python/python3-googleapis-common-protos_1.63.0.bb @@ -1,7 +1,7 @@ DESCRIPTION = "Common protobufs used in Google APIs" HOMEPAGE = "https://github.com/googleapis/python-api-common-protos" LICENSE = "Apache-2.0" -LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10" +LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" inherit pypi setuptools3 diff --git a/meta-python/recipes-devtools/python/python3-grpcio/0001-PR-1644-unscaledcycleclock-remove-RISC-V-support.patch b/meta-python/recipes-devtools/python/python3-grpcio/0001-PR-1644-unscaledcycleclock-remove-RISC-V-support.patch new file mode 100644 index 0000000000..82f15f88cd --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-grpcio/0001-PR-1644-unscaledcycleclock-remove-RISC-V-support.patch @@ -0,0 +1,82 @@ +From 7335a36d0b5c1c597566f9aa3f458a5b6817c3b4 Mon Sep 17 00:00:00 2001 +From: aurel32 <aurelien@aurel32.net> +Date: Fri, 22 Mar 2024 14:21:13 -0700 +Subject: [PATCH] PR #1644: unscaledcycleclock: remove RISC-V support + +Imported from GitHub PR https://github.com/abseil/abseil-cpp/pull/1644 + +Starting with Linux 6.6 [1], RDCYCLE is a privileged instruction on RISC-V and can't be used directly from userland. There is a sysctl option to change that as a transition period, but it will eventually disappear. + +The RDTIME instruction is another less accurate alternative, however its frequency varies from board to board, and there is currently now way to get its frequency from userland [2]. + +Therefore this patch just removes the code for unscaledcycleclock on RISC-V. Without processor specific implementation, abseil relies on std::chrono::steady_clock::now().time_since_epoch() which is basically a wrapper around clock_gettime (CLOCK_MONOTONIC), which in turns use __vdso_clock_gettime(). On RISC-V this VDSO is just a wrapper around RDTIME correctly scaled to use nanoseconds units. + +This fixes the testsuite on riscv64, tested on a VisionFive 2 board. + +[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc4c07c89aada16229084eeb93895c95b7eabaa3 +[2] https://github.com/abseil/abseil-cpp/pull/1631 +Merge 43356a2548cfde76e164d446cb69004b488c6a71 into 76f8011beabdaee872b5fde7546e02407b220cb1 + +Merging this change closes #1644 + +COPYBARA_INTEGRATE_REVIEW=https://github.com/abseil/abseil-cpp/pull/1644 from aurel32:rv64-no-unscaledcycleclock 43356a2548cfde76e164d446cb69004b488c6a71 +PiperOrigin-RevId: 618286262 +Change-Id: Ie4120a727e7d0bb185df6e06ea145c780ebe6652 + +Upstream-Status: Backport [https://github.com/abseil/abseil-cpp/commit/7335a36d] +[Adapted to apply on top of meta-oe's patch stack] +Signed-off-by: Scott Murray <scott.murray@konsulko.com> +--- + .../absl/base/internal/unscaledcycleclock.cc | 12 ------------ + .../absl/base/internal/unscaledcycleclock_config.h | 5 ++--- + 2 files changed, 2 insertions(+), 15 deletions(-) + +diff --git a/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc b/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +index f11fecb..103b4f6 100644 +--- a/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc ++++ b/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc +@@ -121,18 +121,6 @@ double UnscaledCycleClock::Frequency() { + return aarch64_timer_frequency; + } + +-#elif defined(__riscv) +- +-int64_t UnscaledCycleClock::Now() { +- int64_t virtual_timer_value; +- asm volatile("rdcycle %0" : "=r"(virtual_timer_value)); +- return virtual_timer_value; +-} +- +-double UnscaledCycleClock::Frequency() { +- return base_internal::NominalCPUFrequency(); +-} +- + #elif defined(_M_IX86) || defined(_M_X64) + + #pragma intrinsic(__rdtsc) +diff --git a/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock_config.h b/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock_config.h +index 5e232c1..83552fc 100644 +--- a/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock_config.h ++++ b/third_party/abseil-cpp/absl/base/internal/unscaledcycleclock_config.h +@@ -22,7 +22,6 @@ + // The following platforms have an implementation of a hardware counter. + #if defined(__i386__) || defined(__x86_64__) || defined(__aarch64__) || \ + ((defined(__powerpc__) || defined(__ppc__)) && defined(__GLIBC__)) || \ +- defined(__riscv) || \ + defined(_M_IX86) || (defined(_M_X64) && !defined(_M_ARM64EC)) + #define ABSL_HAVE_UNSCALED_CYCLECLOCK_IMPLEMENTATION 1 + #else +@@ -54,8 +53,8 @@ + #if ABSL_USE_UNSCALED_CYCLECLOCK + // This macro can be used to test if UnscaledCycleClock::Frequency() + // is NominalCPUFrequency() on a particular platform. +-#if (defined(__i386__) || defined(__x86_64__) || defined(__riscv) || \ +- defined(_M_IX86) || defined(_M_X64)) ++#if (defined(__i386__) || defined(__x86_64__) || defined(_M_IX86) || \ ++ defined(_M_X64)) + #define ABSL_INTERNAL_UNSCALED_CYCLECLOCK_FREQUENCY_IS_CPU_FREQUENCY + #endif + #endif +-- +2.44.0 + diff --git a/meta-python/recipes-devtools/python/python3-grpcio/0001-crypto-use-_Generic-only-if-defined-__cplusplus.patch b/meta-python/recipes-devtools/python/python3-grpcio/0001-crypto-use-_Generic-only-if-defined-__cplusplus.patch new file mode 100644 index 0000000000..d830d92284 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-grpcio/0001-crypto-use-_Generic-only-if-defined-__cplusplus.patch @@ -0,0 +1,74 @@ +From 3359a87a71307336100b84e66b69bad385cd3cfc Mon Sep 17 00:00:00 2001 +From: Martin Jansa <martin.jansa@gmail.com> +Date: Mon, 6 May 2024 01:36:39 +0200 +Subject: [PATCH] crypto: use _Generic only if !defined(__cplusplus) + +* fixes build with gcc-14 which has __builtin_addc and __builtin_subc + with gcc-13 it was already using the #else branch because of missing builtins + +* fixes + https://github.com/grpc/grpc/issues/35945 + +* _Generic was introduced in boringssl with: + https://boringssl.googlesource.com/boringssl/+/70ca6bc24be103dabd68e448cd3af29b929b771d%5E%21/#F4 + +* but e.g. third_party/boringssl-with-bazel/src/ssl/d1_both.cc includes + this internal.h and from the .cc extension gcc will process it as C++ + where _Generic isn't available, causing: + +In file included from third_party/boringssl-with-bazel/src/ssl/d1_both.cc:125: +third_party/boringssl-with-bazel/src/ssl/../crypto/internal.h: In function 'uint32_t CRYPTO_addc_u32(uint32_t, uint32_t, uint32_t, uint32_t*)': +third_party/boringssl-with-bazel/src/ssl/../crypto/internal.h:1159:7: error: expected primary-expression before 'unsigned' + 1159 | unsigned: __builtin_addc, \ + | ^~~~~~~~ +third_party/boringssl-with-bazel/src/ssl/../crypto/internal.h:1166:10: note: in expansion of macro 'CRYPTO_GENERIC_ADDC' + 1166 | return CRYPTO_GENERIC_ADDC(x, y, carry, out_carry); + | ^~~~~~~~~~~~~~~~~~~ +third_party/boringssl-with-bazel/src/ssl/../crypto/internal.h:1160:7: error: expected primary-expression before 'unsigned' + 1160 | unsigned long: __builtin_addcl, \ + | ^~~~~~~~ +third_party/boringssl-with-bazel/src/ssl/../crypto/internal.h:1166:10: note: in expansion of macro 'CRYPTO_GENERIC_ADDC' + 1166 | return CRYPTO_GENERIC_ADDC(x, y, carry, out_carry); + | ^~~~~~~~~~~~~~~~~~~ +third_party/boringssl-with-bazel/src/ssl/../crypto/internal.h:1161:7: error: expected primary-expression before 'unsigned' + 1161 | unsigned long long: __builtin_addcll))((x), (y), (carry), (out_carry)) + | ^~~~~~~~ +third_party/boringssl-with-bazel/src/ssl/../crypto/internal.h:1166:10: note: in expansion of macro 'CRYPTO_GENERIC_ADDC' + 1166 | return CRYPTO_GENERIC_ADDC(x, y, carry, out_carry); + | ^~~~~~~~~~~~~~~~~~~ +third_party/boringssl-with-bazel/src/ssl/../crypto/internal.h:1158:4: error: '_Generic' was not declared in this scope + 1158 | (_Generic((x), \ + | ^~~~~~~~ +third_party/boringssl-with-bazel/src/ssl/../crypto/internal.h:1166:10: note: in expansion of macro 'CRYPTO_GENERIC_ADDC' + 1166 | return CRYPTO_GENERIC_ADDC(x, y, carry, out_carry); + | ^~~~~~~~~~~~~~~~~~~ + +Signed-off-by: Martin Jansa <martin.jansa@gmail.com> +--- +Upstream-Status: Submitted [https://boringssl-review.googlesource.com/c/boringssl/+/68227 crypto: use _Generic only if !defined(__cplusplus)] + + crypto/internal.h | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/crypto/internal.h b/crypto/internal.h +index a77102d76..30d6826dd 100644 +--- a/crypto/internal.h ++++ b/crypto/internal.h +@@ -1176,7 +1176,7 @@ static inline uint64_t CRYPTO_rotr_u64(uint64_t value, int shift) { + + // CRYPTO_addc_* returns |x + y + carry|, and sets |*out_carry| to the carry + // bit. |carry| must be zero or one. +-#if OPENSSL_HAS_BUILTIN(__builtin_addc) ++#if OPENSSL_HAS_BUILTIN(__builtin_addc) && !defined(__cplusplus) + + #define CRYPTO_GENERIC_ADDC(x, y, carry, out_carry) \ + (_Generic((x), \ +@@ -1228,7 +1228,7 @@ static inline uint64_t CRYPTO_addc_u64(uint64_t x, uint64_t y, uint64_t carry, + + // CRYPTO_subc_* returns |x - y - borrow|, and sets |*out_borrow| to the borrow + // bit. |borrow| must be zero or one. +-#if OPENSSL_HAS_BUILTIN(__builtin_subc) ++#if OPENSSL_HAS_BUILTIN(__builtin_subc) && !defined(__cplusplus) + + #define CRYPTO_GENERIC_SUBC(x, y, borrow, out_borrow) \ + (_Generic((x), \ diff --git a/meta-python/recipes-devtools/python/python3-grpcio/0001-target.h-define-proper-macro-for-ppc-ppc64.patch b/meta-python/recipes-devtools/python/python3-grpcio/0001-target.h-define-proper-macro-for-ppc-ppc64.patch new file mode 100644 index 0000000000..0b512b1d00 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-grpcio/0001-target.h-define-proper-macro-for-ppc-ppc64.patch @@ -0,0 +1,37 @@ +From b3bca013007a4a66703573d243e433f22e1e6684 Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Wed, 15 May 2024 16:55:09 +0800 +Subject: [PATCH] target.h: define proper macro for ppc/ppc64 + +Fix error: +third_party/boringssl-with-bazel/src/include/openssl/target.h:74:2: error: #error "Unknown target CPU" +third_party/boringssl-with-bazel/src/include/openssl/bn.h:172:2: error: #error "Must define either OPENSSL_32_BIT or OPENSSL_64_BIT" +third_party/boringssl-with-bazel/src/include/openssl/bn.h:230:44: error: 'BN_ULONG' has not been declared + +BN_ULONG will be defined after set proper OPENSSL_32_BIT or OPENSSL_64_BIT + +Upstream-Status: Pending + +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + third_party/boringssl-with-bazel/src/include/openssl/target.h | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/third_party/boringssl-with-bazel/src/include/openssl/target.h b/third_party/boringssl-with-bazel/src/include/openssl/target.h +index 29b1dc6..d779813 100644 +--- a/third_party/boringssl-with-bazel/src/include/openssl/target.h ++++ b/third_party/boringssl-with-bazel/src/include/openssl/target.h +@@ -54,6 +54,10 @@ + #define OPENSSL_32_BIT + #elif defined(__myriad2__) + #define OPENSSL_32_BIT ++#elif defined(__PPC64__) ++#define OPENSSL_64_BIT ++#elif defined(__PPC__) ++#define OPENSSL_32_BIT + #else + // The list above enumerates the platforms that BoringSSL supports. For these + // platforms we keep a reasonable bar of not breaking them: automated test +-- +2.25.1 + diff --git a/meta-python/recipes-devtools/python/python3-grpcio_1.62.2.bb b/meta-python/recipes-devtools/python/python3-grpcio_1.62.2.bb index 3148f63761..59bfbf5538 100644 --- a/meta-python/recipes-devtools/python/python3-grpcio_1.62.2.bb +++ b/meta-python/recipes-devtools/python/python3-grpcio_1.62.2.bb @@ -9,6 +9,9 @@ DEPENDS += "python3-protobuf" SRC_URI += "file://0001-Include-missing-cstdint-header.patch \ file://abseil-ppc-fixes.patch \ file://0001-zlib-Include-unistd.h-for-open-close-C-APIs.patch \ + file://0001-crypto-use-_Generic-only-if-defined-__cplusplus.patch;patchdir=third_party/boringssl-with-bazel/src/ \ + file://0001-target.h-define-proper-macro-for-ppc-ppc64.patch \ + file://0001-PR-1644-unscaledcycleclock-remove-RISC-V-support.patch \ " SRC_URI[sha256sum] = "c77618071d96b7a8be2c10701a98537823b9c65ba256c0b9067e0594cdbd954d" diff --git a/meta-python/recipes-devtools/python/python3-haversine_2.8.1.bb b/meta-python/recipes-devtools/python/python3-haversine_2.8.1.bb index e45ae79860..5fd5ddd71c 100644 --- a/meta-python/recipes-devtools/python/python3-haversine_2.8.1.bb +++ b/meta-python/recipes-devtools/python/python3-haversine_2.8.1.bb @@ -1,6 +1,6 @@ SUMMARY = "Calculate the distance between 2 points on Earth" LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" +LIC_FILES_CHKSUM = "file://LICENSE;md5=20a52d2c688975e989fcbee3e6c8d1a1" SRC_URI[sha256sum] = "ab750caa0c8f2168bd7b00a429757a83a8393be1aa30f91c2becf6b523189e2a" diff --git a/meta-python/recipes-devtools/python/python3-libevdev_0.11.bb b/meta-python/recipes-devtools/python/python3-libevdev_0.11.bb index 27e336710c..5ad2a59951 100644 --- a/meta-python/recipes-devtools/python/python3-libevdev_0.11.bb +++ b/meta-python/recipes-devtools/python/python3-libevdev_0.11.bb @@ -3,7 +3,7 @@ HOMEPAGE = "https://gitlab.freedesktop.org/libevdev/python-libevdev" SECTION = "devel/python" LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" +LIC_FILES_CHKSUM = "file://COPYING;md5=d94c10c546b419eddc6296157ec40747" SRC_URI[md5sum] = "34b48098c1fba26de79a0d67a17a588a" SRC_URI[sha256sum] = "e9ca006a4df2488a60bd9a740011ee948d81904be2364f017e560169508f560f" diff --git a/meta-python/recipes-devtools/python/python3-lru-dict_1.3.0.bb b/meta-python/recipes-devtools/python/python3-lru-dict_1.3.0.bb index e9535fa6f1..51f3860b07 100644 --- a/meta-python/recipes-devtools/python/python3-lru-dict_1.3.0.bb +++ b/meta-python/recipes-devtools/python/python3-lru-dict_1.3.0.bb @@ -1,7 +1,7 @@ -SUMMARY = "A fixed size dict like container which evicts Least Recently Used (LRU) items once size limit is exceeded." +DESCRIPTION = "A fixed size dict like container which evicts Least Recently Used (LRU) items once size limit is exceeded." HOMEPAGE = "https://github.com/amitdev/lru-dict" SECTION = "devel/python" -LICENSE = "BSD-3-Clause" +LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=9d10a486ee04034fdef5162fd791f153" SRC_URI[sha256sum] = "54fd1966d6bd1fcde781596cb86068214edeebff1db13a2cea11079e3fd07b6b" diff --git a/meta-python/recipes-devtools/python/python3-mock_5.1.0.bb b/meta-python/recipes-devtools/python/python3-mock_5.1.0.bb index d9ecb9d4c8..1b89260e1b 100644 --- a/meta-python/recipes-devtools/python/python3-mock_5.1.0.bb +++ b/meta-python/recipes-devtools/python/python3-mock_5.1.0.bb @@ -1,7 +1,7 @@ DESCRIPTION = "A Python Mocking and Patching Library for Testing" HOMEPAGE = "https://pypi.python.org/pypi/mock" SECTION = "devel/python" -LICENSE = "Apache-2.0" +LICENSE = "BSD-2-Clause" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=de9dfbf780446b18aab11f00baaf5b7e" inherit pypi setuptools3 diff --git a/meta-python/recipes-devtools/python/python3-nmap_1.6.0.bb b/meta-python/recipes-devtools/python/python3-nmap_1.6.0.bb index 5fe9ab4e39..2293e3ddf8 100644 --- a/meta-python/recipes-devtools/python/python3-nmap_1.6.0.bb +++ b/meta-python/recipes-devtools/python/python3-nmap_1.6.0.bb @@ -1,8 +1,8 @@ DESCRIPTION = "python-nmap is a python library which helps in using nmap port scanner" HOMEPAGE = "https://www.nmmapper.com/" SECTION = "devel/python" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" +LICENSE = "GPL-3.0-only" +LIC_FILES_CHKSUM = "file://LICENSE;md5=1ebbd3e34237af26da5dc08a4e440464" DEPENDS += "python3-wheel-native" diff --git a/meta-python/recipes-devtools/python/python3-parse-type_0.6.2.bb b/meta-python/recipes-devtools/python/python3-parse-type_0.6.2.bb index a7d8cd86ce..57dfc5a508 100644 --- a/meta-python/recipes-devtools/python/python3-parse-type_0.6.2.bb +++ b/meta-python/recipes-devtools/python/python3-parse-type_0.6.2.bb @@ -1,6 +1,6 @@ SUMMARY = "Simplifies building parse types based on the parse module" HOMEPAGE = "https://github.com/jenisys/parse_type" -LICENSE = "BSD-3-Clause" +LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=2e469278ace89c246d52505acc39c3da" SRC_URI[sha256sum] = "79b1f2497060d0928bc46016793f1fca1057c4aacdf15ef876aa48d75a73a355" diff --git a/meta-python/recipes-devtools/python/python3-pillow_10.3.0.bb b/meta-python/recipes-devtools/python/python3-pillow_10.3.0.bb index debf488154..8b0bcf55dd 100644 --- a/meta-python/recipes-devtools/python/python3-pillow_10.3.0.bb +++ b/meta-python/recipes-devtools/python/python3-pillow_10.3.0.bb @@ -1,8 +1,8 @@ -SUMMARY = "Python Imaging Library (Fork). Pillow is the friendly PIL fork by Alex \ +DESCRIPTION = "Python Imaging Library (Fork). Pillow is the friendly PIL fork by Alex \ Clark and Contributors. PIL is the Python Imaging Library by Fredrik Lundh and \ Contributors." HOMEPAGE = "https://pillow.readthedocs.io" -LICENSE = "MIT" +LICENSE = "HPND" LIC_FILES_CHKSUM = "file://LICENSE;md5=c349a4b4b9ec2377a8fd6a7df87dbffe" SRC_URI = "git://github.com/python-pillow/Pillow.git;branch=main;protocol=https \ diff --git a/meta-python/recipes-devtools/python/python3-platformdirs_4.2.0.bb b/meta-python/recipes-devtools/python/python3-platformdirs_4.2.0.bb index 19c95b374a..c69c390b80 100644 --- a/meta-python/recipes-devtools/python/python3-platformdirs_4.2.0.bb +++ b/meta-python/recipes-devtools/python/python3-platformdirs_4.2.0.bb @@ -1,6 +1,6 @@ SUMMARY = "A small Python module for determining appropriate platform-specific dirs" HOMEPAGE = "https://github.com/platformdirs/platformdirs" -LICENSE = "BSD-3-Clause" +LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=ea4f5a41454746a9ed111e3d8723d17a" SRC_URI += " \ diff --git a/meta-python/recipes-devtools/python/python3-protobuf_4.25.3.bb b/meta-python/recipes-devtools/python/python3-protobuf_4.25.3.bb index b9b03badd0..c234ce5773 100644 --- a/meta-python/recipes-devtools/python/python3-protobuf_4.25.3.bb +++ b/meta-python/recipes-devtools/python/python3-protobuf_4.25.3.bb @@ -35,3 +35,11 @@ DISTUTILS_INSTALL_ARGS += "--cpp_implementation" do_compile:prepend:class-native () { export KOKORO_BUILD_NUMBER="1" } + +do_install:append () { + # Remove useless and problematic .pth file. python3-protobuf is installed in the standard + # location of site packages. No need for such .pth file. + # NOTE: do not drop this removal until the following issue in upstream cpython is resolved: + # https://github.com/python/cpython/issues/122220 + rm -f ${D}${PYTHON_SITEPACKAGES_DIR}/protobuf-*-nspkg.pth +} diff --git a/meta-python/recipes-devtools/python/python3-pycurl_7.45.2.bb b/meta-python/recipes-devtools/python/python3-pycurl_7.45.2.bb index a6863e21ff..10d3cd1027 100644 --- a/meta-python/recipes-devtools/python/python3-pycurl_7.45.2.bb +++ b/meta-python/recipes-devtools/python/python3-pycurl_7.45.2.bb @@ -7,7 +7,7 @@ be used to fetch objects identified by a URL from a Python program \ SECTION = "devel/python" HOMEPAGE = "http://pycurl.io/" -LICENSE = "LGPL-2.0-only | MIT" +LICENSE = "LGPL-2.1-only | MIT" LIC_FILES_CHKSUM = "file://COPYING-LGPL;md5=4fbd65380cdd255951079008b364516c \ file://COPYING-MIT;md5=be42e1b1e58c8d59c2901fd747bfc55d \ " diff --git a/meta-python/recipes-devtools/python/python3-pydantic-core-crates.inc b/meta-python/recipes-devtools/python/python3-pydantic-core-crates.inc index dd2027948c..c6b30bc677 100644 --- a/meta-python/recipes-devtools/python/python3-pydantic-core-crates.inc +++ b/meta-python/recipes-devtools/python/python3-pydantic-core-crates.inc @@ -2,31 +2,29 @@ # from Cargo.lock SRC_URI += " \ - crate://crates.io/ahash/0.8.7 \ + crate://crates.io/ahash/0.8.10 \ crate://crates.io/aho-corasick/1.0.2 \ - crate://crates.io/allocator-api2/0.2.16 \ crate://crates.io/autocfg/1.1.0 \ crate://crates.io/base64/0.21.7 \ crate://crates.io/bitflags/1.3.2 \ + crate://crates.io/bitvec/1.0.1 \ crate://crates.io/cc/1.0.79 \ crate://crates.io/cfg-if/1.0.0 \ - crate://crates.io/enum_dispatch/0.3.12 \ + crate://crates.io/enum_dispatch/0.3.13 \ crate://crates.io/equivalent/1.0.1 \ crate://crates.io/form_urlencoded/1.2.1 \ + crate://crates.io/funty/2.0.0 \ crate://crates.io/getrandom/0.2.10 \ crate://crates.io/hashbrown/0.14.3 \ crate://crates.io/heck/0.4.1 \ crate://crates.io/idna/0.5.0 \ - crate://crates.io/indexmap/2.0.0 \ + crate://crates.io/indexmap/2.2.2 \ crate://crates.io/indoc/2.0.4 \ crate://crates.io/itoa/1.0.8 \ - crate://crates.io/jiter/0.0.6 \ - crate://crates.io/lexical-core/0.8.5 \ + crate://crates.io/jiter/0.4.1 \ crate://crates.io/lexical-parse-float/0.8.5 \ crate://crates.io/lexical-parse-integer/0.8.6 \ crate://crates.io/lexical-util/0.8.5 \ - crate://crates.io/lexical-write-float/0.8.5 \ - crate://crates.io/lexical-write-integer/0.8.5 \ crate://crates.io/libc/0.2.147 \ crate://crates.io/lock_api/0.4.10 \ crate://crates.io/memchr/2.6.3 \ @@ -40,29 +38,32 @@ SRC_URI += " \ crate://crates.io/percent-encoding/2.3.1 \ crate://crates.io/portable-atomic/1.6.0 \ crate://crates.io/proc-macro2/1.0.76 \ - crate://crates.io/pyo3/0.20.3 \ - crate://crates.io/pyo3-build-config/0.20.3 \ - crate://crates.io/pyo3-ffi/0.20.3 \ - crate://crates.io/pyo3-macros/0.20.3 \ - crate://crates.io/pyo3-macros-backend/0.20.3 \ + crate://crates.io/pyo3/0.21.2 \ + crate://crates.io/pyo3-build-config/0.21.2 \ + crate://crates.io/pyo3-ffi/0.21.2 \ + crate://crates.io/pyo3-macros/0.21.2 \ + crate://crates.io/pyo3-macros-backend/0.21.2 \ crate://crates.io/python3-dll-a/0.2.9 \ crate://crates.io/quote/1.0.35 \ + crate://crates.io/radium/0.7.0 \ crate://crates.io/redox_syscall/0.3.5 \ - crate://crates.io/regex/1.10.2 \ - crate://crates.io/regex-automata/0.4.3 \ + crate://crates.io/regex/1.10.4 \ + crate://crates.io/regex-automata/0.4.5 \ crate://crates.io/regex-syntax/0.8.2 \ crate://crates.io/rustversion/1.0.13 \ crate://crates.io/ryu/1.0.14 \ crate://crates.io/scopeguard/1.1.0 \ - crate://crates.io/serde/1.0.195 \ - crate://crates.io/serde_derive/1.0.195 \ - crate://crates.io/serde_json/1.0.109 \ - crate://crates.io/smallvec/1.11.2 \ - crate://crates.io/speedate/0.13.0 \ + crate://crates.io/serde/1.0.203 \ + crate://crates.io/serde_derive/1.0.203 \ + crate://crates.io/serde_json/1.0.116 \ + crate://crates.io/smallvec/1.13.2 \ + crate://crates.io/speedate/0.14.0 \ crate://crates.io/static_assertions/1.1.0 \ crate://crates.io/strum/0.25.0 \ crate://crates.io/strum_macros/0.25.3 \ + crate://crates.io/strum_macros/0.26.1 \ crate://crates.io/syn/2.0.48 \ + crate://crates.io/tap/1.0.1 \ crate://crates.io/target-lexicon/0.12.9 \ crate://crates.io/tinyvec/1.6.0 \ crate://crates.io/tinyvec_macros/0.1.1 \ @@ -71,7 +72,7 @@ SRC_URI += " \ crate://crates.io/unicode-normalization/0.1.22 \ crate://crates.io/unindent/0.2.3 \ crate://crates.io/url/2.5.0 \ - crate://crates.io/uuid/1.6.1 \ + crate://crates.io/uuid/1.8.0 \ crate://crates.io/version_check/0.9.4 \ crate://crates.io/wasi/0.11.0+wasi-snapshot-preview1 \ crate://crates.io/windows-targets/0.48.1 \ @@ -82,35 +83,34 @@ SRC_URI += " \ crate://crates.io/windows_x86_64_gnu/0.48.0 \ crate://crates.io/windows_x86_64_gnullvm/0.48.0 \ crate://crates.io/windows_x86_64_msvc/0.48.0 \ + crate://crates.io/wyz/0.5.1 \ crate://crates.io/zerocopy/0.7.32 \ crate://crates.io/zerocopy-derive/0.7.32 \ " -SRC_URI[ahash-0.8.7.sha256sum] = "77c3a9648d43b9cd48db467b3f87fdd6e146bcc88ab0180006cef2179fe11d01" +SRC_URI[ahash-0.8.10.sha256sum] = "8b79b82693f705137f8fb9b37871d99e4f9a7df12b917eed79c3d3954830a60b" SRC_URI[aho-corasick-1.0.2.sha256sum] = "43f6cb1bf222025340178f382c426f13757b2960e89779dfcb319c32542a5a41" -SRC_URI[allocator-api2-0.2.16.sha256sum] = "0942ffc6dcaadf03badf6e6a2d0228460359d5e34b57ccdc720b7382dfbd5ec5" SRC_URI[autocfg-1.1.0.sha256sum] = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" SRC_URI[base64-0.21.7.sha256sum] = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567" SRC_URI[bitflags-1.3.2.sha256sum] = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" +SRC_URI[bitvec-1.0.1.sha256sum] = "1bc2832c24239b0141d5674bb9174f9d68a8b5b3f2753311927c172ca46f7e9c" SRC_URI[cc-1.0.79.sha256sum] = "50d30906286121d95be3d479533b458f87493b30a4b5f79a607db8f5d11aa91f" SRC_URI[cfg-if-1.0.0.sha256sum] = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" -SRC_URI[enum_dispatch-0.3.12.sha256sum] = "8f33313078bb8d4d05a2733a94ac4c2d8a0df9a2b84424ebf4f33bfc224a890e" +SRC_URI[enum_dispatch-0.3.13.sha256sum] = "aa18ce2bc66555b3218614519ac839ddb759a7d6720732f979ef8d13be147ecd" SRC_URI[equivalent-1.0.1.sha256sum] = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5" SRC_URI[form_urlencoded-1.2.1.sha256sum] = "e13624c2627564efccf4934284bdd98cbaa14e79b0b5a141218e507b3a823456" +SRC_URI[funty-2.0.0.sha256sum] = "e6d5a32815ae3f33302d95fdcb2ce17862f8c65363dcfd29360480ba1001fc9c" SRC_URI[getrandom-0.2.10.sha256sum] = "be4136b2a15dd319360be1c07d9933517ccf0be8f16bf62a3bee4f0d618df427" SRC_URI[hashbrown-0.14.3.sha256sum] = "290f1a1d9242c78d09ce40a5e87e7554ee637af1351968159f4952f028f75604" SRC_URI[heck-0.4.1.sha256sum] = "95505c38b4572b2d910cecb0281560f54b440a19336cbbcb27bf6ce6adc6f5a8" SRC_URI[idna-0.5.0.sha256sum] = "634d9b1461af396cad843f47fdba5597a4f9e6ddd4bfb6ff5d85028c25cb12f6" -SRC_URI[indexmap-2.0.0.sha256sum] = "d5477fe2230a79769d8dc68e0eabf5437907c0457a5614a9e8dddb67f65eb65d" +SRC_URI[indexmap-2.2.2.sha256sum] = "824b2ae422412366ba479e8111fd301f7b5faece8149317bb81925979a53f520" SRC_URI[indoc-2.0.4.sha256sum] = "1e186cfbae8084e513daff4240b4797e342f988cecda4fb6c939150f96315fd8" SRC_URI[itoa-1.0.8.sha256sum] = "62b02a5381cc465bd3041d84623d0fa3b66738b52b8e2fc3bab8ad63ab032f4a" -SRC_URI[jiter-0.0.6.sha256sum] = "87db066a99f69382be06d02313f8ce989996b53a04a8a70cfd1a6483a56227f7" -SRC_URI[lexical-core-0.8.5.sha256sum] = "2cde5de06e8d4c2faabc400238f9ae1c74d5412d03a7bd067645ccbc47070e46" +SRC_URI[jiter-0.4.1.sha256sum] = "abbbbe1bad457e3cd5503af716aedc735e849505a0d2172c55a753ae1b127458" SRC_URI[lexical-parse-float-0.8.5.sha256sum] = "683b3a5ebd0130b8fb52ba0bdc718cc56815b6a097e28ae5a6997d0ad17dc05f" SRC_URI[lexical-parse-integer-0.8.6.sha256sum] = "6d0994485ed0c312f6d965766754ea177d07f9c00c9b82a5ee62ed5b47945ee9" SRC_URI[lexical-util-0.8.5.sha256sum] = "5255b9ff16ff898710eb9eb63cb39248ea8a5bb036bea8085b1a767ff6c4e3fc" -SRC_URI[lexical-write-float-0.8.5.sha256sum] = "accabaa1c4581f05a3923d1b4cfd124c329352288b7b9da09e766b0668116862" -SRC_URI[lexical-write-integer-0.8.5.sha256sum] = "e1b6f3d1f4422866b68192d62f77bc5c700bee84f3069f2469d7bc8c77852446" SRC_URI[libc-0.2.147.sha256sum] = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" SRC_URI[lock_api-0.4.10.sha256sum] = "c1cc9717a20b1bb222f333e6a92fd32f7d8a18ddc5a3191a11af45dcbf4dcd16" SRC_URI[memchr-2.6.3.sha256sum] = "8f232d6ef707e1956a43342693d2a31e72989554d58299d7a88738cc95b0d35c" @@ -124,29 +124,32 @@ SRC_URI[parking_lot_core-0.9.8.sha256sum] = "93f00c865fe7cabf650081affecd3871070 SRC_URI[percent-encoding-2.3.1.sha256sum] = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e" SRC_URI[portable-atomic-1.6.0.sha256sum] = "7170ef9988bc169ba16dd36a7fa041e5c4cbeb6a35b76d4c03daded371eae7c0" SRC_URI[proc-macro2-1.0.76.sha256sum] = "95fc56cda0b5c3325f5fbbd7ff9fda9e02bb00bb3dac51252d2f1bfa1cb8cc8c" -SRC_URI[pyo3-0.20.3.sha256sum] = "53bdbb96d49157e65d45cc287af5f32ffadd5f4761438b527b055fb0d4bb8233" -SRC_URI[pyo3-build-config-0.20.3.sha256sum] = "deaa5745de3f5231ce10517a1f5dd97d53e5a2fd77aa6b5842292085831d48d7" -SRC_URI[pyo3-ffi-0.20.3.sha256sum] = "62b42531d03e08d4ef1f6e85a2ed422eb678b8cd62b762e53891c05faf0d4afa" -SRC_URI[pyo3-macros-0.20.3.sha256sum] = "7305c720fa01b8055ec95e484a6eca7a83c841267f0dd5280f0c8b8551d2c158" -SRC_URI[pyo3-macros-backend-0.20.3.sha256sum] = "7c7e9b68bb9c3149c5b0cade5d07f953d6d125eb4337723c4ccdb665f1f96185" +SRC_URI[pyo3-0.21.2.sha256sum] = "a5e00b96a521718e08e03b1a622f01c8a8deb50719335de3f60b3b3950f069d8" +SRC_URI[pyo3-build-config-0.21.2.sha256sum] = "7883df5835fafdad87c0d888b266c8ec0f4c9ca48a5bed6bbb592e8dedee1b50" +SRC_URI[pyo3-ffi-0.21.2.sha256sum] = "01be5843dc60b916ab4dad1dca6d20b9b4e6ddc8e15f50c47fe6d85f1fb97403" +SRC_URI[pyo3-macros-0.21.2.sha256sum] = "77b34069fc0682e11b31dbd10321cbf94808394c56fd996796ce45217dfac53c" +SRC_URI[pyo3-macros-backend-0.21.2.sha256sum] = "08260721f32db5e1a5beae69a55553f56b99bd0e1c3e6e0a5e8851a9d0f5a85c" SRC_URI[python3-dll-a-0.2.9.sha256sum] = "d5f07cd4412be8fa09a721d40007c483981bbe072cd6a21f2e83e04ec8f8343f" SRC_URI[quote-1.0.35.sha256sum] = "291ec9ab5efd934aaf503a6466c5d5251535d108ee747472c3977cc5acc868ef" +SRC_URI[radium-0.7.0.sha256sum] = "dc33ff2d4973d518d823d61aa239014831e521c75da58e3df4840d3f47749d09" SRC_URI[redox_syscall-0.3.5.sha256sum] = "567664f262709473930a4bf9e51bf2ebf3348f2e748ccc50dea20646858f8f29" -SRC_URI[regex-1.10.2.sha256sum] = "380b951a9c5e80ddfd6136919eef32310721aa4aacd4889a8d39124b026ab343" -SRC_URI[regex-automata-0.4.3.sha256sum] = "5f804c7828047e88b2d32e2d7fe5a105da8ee3264f01902f796c8e067dc2483f" +SRC_URI[regex-1.10.4.sha256sum] = "c117dbdfde9c8308975b6a18d71f3f385c89461f7b3fb054288ecf2a2058ba4c" +SRC_URI[regex-automata-0.4.5.sha256sum] = "5bb987efffd3c6d0d8f5f89510bb458559eab11e4f869acb20bf845e016259cd" SRC_URI[regex-syntax-0.8.2.sha256sum] = "c08c74e62047bb2de4ff487b251e4a92e24f48745648451635cec7d591162d9f" SRC_URI[rustversion-1.0.13.sha256sum] = "dc31bd9b61a32c31f9650d18add92aa83a49ba979c143eefd27fe7177b05bd5f" SRC_URI[ryu-1.0.14.sha256sum] = "fe232bdf6be8c8de797b22184ee71118d63780ea42ac85b61d1baa6d3b782ae9" SRC_URI[scopeguard-1.1.0.sha256sum] = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" -SRC_URI[serde-1.0.195.sha256sum] = "63261df402c67811e9ac6def069e4786148c4563f4b50fd4bf30aa370d626b02" -SRC_URI[serde_derive-1.0.195.sha256sum] = "46fe8f8603d81ba86327b23a2e9cdf49e1255fb94a4c5f297f6ee0547178ea2c" -SRC_URI[serde_json-1.0.109.sha256sum] = "cb0652c533506ad7a2e353cce269330d6afd8bdfb6d75e0ace5b35aacbd7b9e9" -SRC_URI[smallvec-1.11.2.sha256sum] = "4dccd0940a2dcdf68d092b8cbab7dc0ad8fa938bf95787e1b916b0e3d0e8e970" -SRC_URI[speedate-0.13.0.sha256sum] = "242f76c50fd18cbf098607090ade73a08d39cfd84ea835f3796a2c855223b19b" +SRC_URI[serde-1.0.203.sha256sum] = "7253ab4de971e72fb7be983802300c30b5a7f0c2e56fab8abfc6a214307c0094" +SRC_URI[serde_derive-1.0.203.sha256sum] = "500cbc0ebeb6f46627f50f3f5811ccf6bf00643be300b4c3eabc0ef55dc5b5ba" +SRC_URI[serde_json-1.0.116.sha256sum] = "3e17db7126d17feb94eb3fad46bf1a96b034e8aacbc2e775fe81505f8b0b2813" +SRC_URI[smallvec-1.13.2.sha256sum] = "3c5e1a9a646d36c3599cd173a41282daf47c44583ad367b8e6837255952e5c67" +SRC_URI[speedate-0.14.0.sha256sum] = "c323c4e6fece5a5a1a2a7f726d243144cce9fbcfe3ce4d9f3c6ede726a2bc780" SRC_URI[static_assertions-1.1.0.sha256sum] = "a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f" SRC_URI[strum-0.25.0.sha256sum] = "290d54ea6f91c969195bdbcd7442c8c2a2ba87da8bf60a7ee86a235d4bc1e125" SRC_URI[strum_macros-0.25.3.sha256sum] = "23dc1fa9ac9c169a78ba62f0b841814b7abae11bdd047b9c58f893439e309ea0" +SRC_URI[strum_macros-0.26.1.sha256sum] = "7a3417fc93d76740d974a01654a09777cb500428cc874ca9f45edfe0c4d4cd18" SRC_URI[syn-2.0.48.sha256sum] = "0f3531638e407dfc0814761abb7c00a5b54992b849452a0646b7f65c9f770f3f" +SRC_URI[tap-1.0.1.sha256sum] = "55937e1799185b12863d447f42597ed69d9928686b8d88a1df17376a097d8369" SRC_URI[target-lexicon-0.12.9.sha256sum] = "df8e77cb757a61f51b947ec4a7e3646efd825b73561db1c232a8ccb639e611a0" SRC_URI[tinyvec-1.6.0.sha256sum] = "87cc5ceb3875bb20c2890005a4e226a4651264a5c75edb2421b52861a0a0cb50" SRC_URI[tinyvec_macros-0.1.1.sha256sum] = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" @@ -155,7 +158,7 @@ SRC_URI[unicode-ident-1.0.10.sha256sum] = "22049a19f4a68748a168c0fc439f9516686aa SRC_URI[unicode-normalization-0.1.22.sha256sum] = "5c5713f0fc4b5db668a2ac63cdb7bb4469d8c9fed047b1d0292cc7b0ce2ba921" SRC_URI[unindent-0.2.3.sha256sum] = "c7de7d73e1754487cb58364ee906a499937a0dfabd86bcb980fa99ec8c8fa2ce" SRC_URI[url-2.5.0.sha256sum] = "31e6302e3bb753d46e83516cae55ae196fc0c309407cf11ab35cc51a4c2a4633" -SRC_URI[uuid-1.6.1.sha256sum] = "5e395fcf16a7a3d8127ec99782007af141946b4795001f876d54fb0d55978560" +SRC_URI[uuid-1.8.0.sha256sum] = "a183cf7feeba97b4dd1c0d46788634f6221d87fa961b305bed08c851829efcc0" SRC_URI[version_check-0.9.4.sha256sum] = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" SRC_URI[wasi-0.11.0+wasi-snapshot-preview1.sha256sum] = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" SRC_URI[windows-targets-0.48.1.sha256sum] = "05d4b17490f70499f20b9e791dcf6a299785ce8af4d709018206dc5b4953e95f" @@ -166,5 +169,6 @@ SRC_URI[windows_i686_msvc-0.48.0.sha256sum] = "4542c6e364ce21bf45d69fdd2a8e455fa SRC_URI[windows_x86_64_gnu-0.48.0.sha256sum] = "ca2b8a661f7628cbd23440e50b05d705db3686f894fc9580820623656af974b1" SRC_URI[windows_x86_64_gnullvm-0.48.0.sha256sum] = "7896dbc1f41e08872e9d5e8f8baa8fdd2677f29468c4e156210174edc7f7b953" SRC_URI[windows_x86_64_msvc-0.48.0.sha256sum] = "1a515f5799fe4961cb532f983ce2b23082366b898e52ffbce459c86f67c8378a" +SRC_URI[wyz-0.5.1.sha256sum] = "05f360fc0b24296329c78fda852a1e9ae82de9cf7b27dae4b7f62f118f77b9ed" SRC_URI[zerocopy-0.7.32.sha256sum] = "74d4d3961e53fa4c9a25a8637fc2bfaf2595b3d3ae34875568a5cf64787716be" SRC_URI[zerocopy-derive-0.7.32.sha256sum] = "9ce1b18ccd8e73a9321186f97e46f9f04b778851177567b1975109d26a08d2a6" diff --git a/meta-python/recipes-devtools/python/python3-pydantic-core/0001-Bumps-pyo3-https-github.com-pyo3-pyo3-from-0.20.2-to.patch b/meta-python/recipes-devtools/python/python3-pydantic-core/0001-Bumps-pyo3-https-github.com-pyo3-pyo3-from-0.20.2-to.patch deleted file mode 100644 index 32777e1d03..0000000000 --- a/meta-python/recipes-devtools/python/python3-pydantic-core/0001-Bumps-pyo3-https-github.com-pyo3-pyo3-from-0.20.2-to.patch +++ /dev/null @@ -1,126 +0,0 @@ -From a5690f973384bf8cbf4deb3b83d822b7aaefbdd8 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Tue, 27 Feb 2024 11:00:46 -0800 -Subject: [PATCH] Bumps [pyo3](https://github.com/pyo3/pyo3) from 0.20.2 to - 0.20.3. - -Upstream-Status: Pending -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - Cargo.lock | 26 +++++++++++++++++--------- - Cargo.toml | 2 +- - 2 files changed, 18 insertions(+), 10 deletions(-) - ---- a/Cargo.lock -+++ b/Cargo.lock -@@ -322,6 +322,12 @@ source = "registry+https://github.com/ru - checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e" - - [[package]] -+name = "portable-atomic" -+version = "1.6.0" -+source = "registry+https://github.com/rust-lang/crates.io-index" -+checksum = "7170ef9988bc169ba16dd36a7fa041e5c4cbeb6a35b76d4c03daded371eae7c0" -+ -+[[package]] - name = "proc-macro2" - version = "1.0.76" - source = "registry+https://github.com/rust-lang/crates.io-index" -@@ -357,9 +363,9 @@ dependencies = [ - - [[package]] - name = "pyo3" --version = "0.20.2" -+version = "0.20.3" - source = "registry+https://github.com/rust-lang/crates.io-index" --checksum = "9a89dc7a5850d0e983be1ec2a463a171d20990487c3cfcd68b5363f1ee3d6fe0" -+checksum = "53bdbb96d49157e65d45cc287af5f32ffadd5f4761438b527b055fb0d4bb8233" - dependencies = [ - "cfg-if", - "indoc", -@@ -367,6 +373,7 @@ dependencies = [ - "memoffset", - "num-bigint", - "parking_lot", -+ "portable-atomic", - "pyo3-build-config", - "pyo3-ffi", - "pyo3-macros", -@@ -375,9 +382,9 @@ dependencies = [ - - [[package]] - name = "pyo3-build-config" --version = "0.20.2" -+version = "0.20.3" - source = "registry+https://github.com/rust-lang/crates.io-index" --checksum = "07426f0d8fe5a601f26293f300afd1a7b1ed5e78b2a705870c5f30893c5163be" -+checksum = "deaa5745de3f5231ce10517a1f5dd97d53e5a2fd77aa6b5842292085831d48d7" - dependencies = [ - "once_cell", - "python3-dll-a", -@@ -386,9 +393,9 @@ dependencies = [ - - [[package]] - name = "pyo3-ffi" --version = "0.20.2" -+version = "0.20.3" - source = "registry+https://github.com/rust-lang/crates.io-index" --checksum = "dbb7dec17e17766b46bca4f1a4215a85006b4c2ecde122076c562dd058da6cf1" -+checksum = "62b42531d03e08d4ef1f6e85a2ed422eb678b8cd62b762e53891c05faf0d4afa" - dependencies = [ - "libc", - "pyo3-build-config", -@@ -396,9 +403,9 @@ dependencies = [ - - [[package]] - name = "pyo3-macros" --version = "0.20.2" -+version = "0.20.3" - source = "registry+https://github.com/rust-lang/crates.io-index" --checksum = "05f738b4e40d50b5711957f142878cfa0f28e054aa0ebdfc3fd137a843f74ed3" -+checksum = "7305c720fa01b8055ec95e484a6eca7a83c841267f0dd5280f0c8b8551d2c158" - dependencies = [ - "proc-macro2", - "pyo3-macros-backend", -@@ -408,12 +415,13 @@ dependencies = [ - - [[package]] - name = "pyo3-macros-backend" --version = "0.20.2" -+version = "0.20.3" - source = "registry+https://github.com/rust-lang/crates.io-index" --checksum = "0fc910d4851847827daf9d6cdd4a823fbdaab5b8818325c5e97a86da79e8881f" -+checksum = "7c7e9b68bb9c3149c5b0cade5d07f953d6d125eb4337723c4ccdb665f1f96185" - dependencies = [ - "heck", - "proc-macro2", -+ "pyo3-build-config", - "quote", - "syn", - ] ---- a/Cargo.toml -+++ b/Cargo.toml -@@ -26,7 +26,7 @@ include = [ - ] - - [dependencies] --pyo3 = { version = "0.20.2", features = ["generate-import-lib", "num-bigint"] } -+pyo3 = { version = "0.20.3", features = ["generate-import-lib", "num-bigint"] } - regex = "1.10.2" - strum = { version = "0.25.0", features = ["derive"] } - strum_macros = "0.25.3" -@@ -70,12 +70,12 @@ debug = true - strip = false - - [dev-dependencies] --pyo3 = { version = "0.20.2", features = ["auto-initialize"] } -+pyo3 = { version = "0.20.3", features = ["auto-initialize"] } - - [build-dependencies] - version_check = "0.9.4" - # used where logic has to be version/distribution specific, e.g. pypy --pyo3-build-config = { version = "0.20.2" } -+pyo3-build-config = { version = "0.20.3" } - - [lints.clippy] - dbg_macro = "warn" diff --git a/meta-python/recipes-devtools/python/python3-pydantic-core/0001-Set-rust-version-from-1.76-to-1.75-in-Cargo.toml.patch b/meta-python/recipes-devtools/python/python3-pydantic-core/0001-Set-rust-version-from-1.76-to-1.75-in-Cargo.toml.patch new file mode 100644 index 0000000000..c4e6f2f6ab --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-pydantic-core/0001-Set-rust-version-from-1.76-to-1.75-in-Cargo.toml.patch @@ -0,0 +1,29 @@ +From 6e1852228a2aa38cc76b9a968bba6b603efa5b28 Mon Sep 17 00:00:00 2001 +From: Frank de Brabander <debrabander@gmail.com> +Date: Thu, 25 Jul 2024 13:50:44 +0200 +Subject: [PATCH] Set rust version from 1.76 to 1.75 in Cargo.toml + +Current openembedded-core uses 1.75 and this packages doesn't actually +require a newer version. + +Upstream-Status: Inappropriate +--- + Cargo.toml | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Cargo.toml b/Cargo.toml +index 8f0ea44..10b277c 100644 +--- a/Cargo.toml ++++ b/Cargo.toml +@@ -24,7 +24,7 @@ include = [ + "!tests/.pytest_cache", + "!*.so", + ] +-rust-version = "1.76" ++rust-version = "1.75" + + [dependencies] + pyo3 = { version = "0.21.2", features = ["generate-import-lib", "num-bigint"] } +-- +2.39.2 + diff --git a/meta-python/recipes-devtools/python/python3-pydantic-core/0002-Dont-embed-RUSTFLAGS-in-final-binary.patch b/meta-python/recipes-devtools/python/python3-pydantic-core/0002-Dont-embed-RUSTFLAGS-in-final-binary.patch new file mode 100644 index 0000000000..1c195e294b --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-pydantic-core/0002-Dont-embed-RUSTFLAGS-in-final-binary.patch @@ -0,0 +1,47 @@ +From b3282b301096253a11b1f887f915d0a2a2183597 Mon Sep 17 00:00:00 2001 +From: Frank de Brabander <debrabander@gmail.com> +Date: Thu, 8 Aug 2024 08:04:48 +0200 +Subject: [PATCH] Dont embed RUSTFLAGS in final binary + +Upstream-Status: Backport [https://github.com/pydantic/pydantic-core/commit/e07c41b3bad75948201a2201387225694c2fb501] +--- + build.rs | 9 +++++++++ + src/lib.rs | 5 ++++- + 2 files changed, 13 insertions(+), 1 deletion(-) + +diff --git a/build.rs b/build.rs +index 7f59e1f..7fe6490 100644 +--- a/build.rs ++++ b/build.rs +@@ -35,6 +35,15 @@ fn main() { + if let Some(true) = version_check::supports_feature("coverage_attribute") { + println!("cargo:rustc-cfg=has_coverage_attribute"); + } ++ ++ if std::env::var("RUSTFLAGS") ++ .unwrap_or_default() ++ .contains("-Cprofile-use=") ++ { ++ println!("cargo:rustc-cfg=specified_profile_use"); ++ } ++ println!("cargo:rustc-check-cfg=cfg(specified_profile_use)"); ++ + generate_self_schema(); + println!("cargo:rustc-env=PROFILE={}", std::env::var("PROFILE").unwrap()); + } +diff --git a/src/lib.rs b/src/lib.rs +index d55e836..206a7a1 100644 +--- a/src/lib.rs ++++ b/src/lib.rs +@@ -111,7 +111,10 @@ pub fn build_info() -> String { + format!( + "profile={} pgo={}", + env!("PROFILE"), +- option_env!("RUSTFLAGS").unwrap_or("").contains("-Cprofile-use="), ++ // We use a `cfg!` here not `env!`/`option_env!` as those would ++ // embed `RUSTFLAGS` into the generated binary which causes problems ++ // with reproducable builds. ++ cfg!(specified_profile_use), + ) + } + diff --git a/meta-python/recipes-devtools/python/python3-pydantic-core_2.16.3.bb b/meta-python/recipes-devtools/python/python3-pydantic-core_2.18.4.bb index faa291ea6d..adaf4a62cb 100644 --- a/meta-python/recipes-devtools/python/python3-pydantic-core_2.16.3.bb +++ b/meta-python/recipes-devtools/python/python3-pydantic-core_2.18.4.bb @@ -8,8 +8,9 @@ HOMEPAGE = "https://github.com/pydantic/pydantic-core" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=ab599c188b4a314d2856b3a55030c75c" -SRC_URI += "file://0001-Bumps-pyo3-https-github.com-pyo3-pyo3-from-0.20.2-to.patch" -SRC_URI[sha256sum] = "1cac689f80a3abab2d3c0048b29eea5751114054f032a941a32de4c852c59cad" +SRC_URI += "file://0001-Set-rust-version-from-1.76-to-1.75-in-Cargo.toml.patch \ + file://0002-Dont-embed-RUSTFLAGS-in-final-binary.patch" +SRC_URI[sha256sum] = "ec3beeada09ff865c344ff3bc2f427f5e6c26401cc6113d77e372c3fdac73864" DEPENDS = "python3-maturin-native python3-typing-extensions" @@ -19,7 +20,10 @@ inherit pypi cargo-update-recipe-crates python_maturin PYPI_PACKAGE = "pydantic_core" -RDEPENDS:${PN} += "python3-typing-extensions" +RDEPENDS:${PN} += " \ + python3-compression \ + python3-typing-extensions \ +" INSANE_SKIP:${PN} = "already-stripped" @@ -33,6 +37,8 @@ RDEPENDS:${PN}-ptest += "\ python3-pytest-timeout \ python3-pytest-benchmark \ python3-unittest-automake-output \ + python3-zoneinfo \ + tzdata \ " do_install:append() { diff --git a/meta-python/recipes-devtools/python/python3-pydantic_2.7.0.bb b/meta-python/recipes-devtools/python/python3-pydantic_2.7.4.bb index 36ad83527d..04c9c91c0e 100644 --- a/meta-python/recipes-devtools/python/python3-pydantic_2.7.0.bb +++ b/meta-python/recipes-devtools/python/python3-pydantic_2.7.4.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=09280955509d1c4ca14bae02f21d49a6" inherit pypi python_hatchling -SRC_URI[sha256sum] = "b5ecdd42262ca2462e2624793551e80911a1e989f462910bb81aef974b4bb383" +SRC_URI[sha256sum] = "0c84efd9548d545f63ac0060c1e4d39bb9b14db8b3c0652338aecc07b5adec52" DEPENDS += "python3-hatch-fancy-pypi-readme-native" diff --git a/meta-python/recipes-devtools/python/python3-pytest-html_4.1.1.bb b/meta-python/recipes-devtools/python/python3-pytest-html_4.1.1.bb index 37478ee0ae..154ec255cb 100644 --- a/meta-python/recipes-devtools/python/python3-pytest-html_4.1.1.bb +++ b/meta-python/recipes-devtools/python/python3-pytest-html_4.1.1.bb @@ -15,7 +15,9 @@ DEPENDS += "\ " RDEPENDS:${PN} += " \ + python3-jinja2 \ python3-pytest \ + python3-pytest-metadata \ " BBCLASSEXTEND = "native nativesdk" diff --git a/meta-python/recipes-devtools/python/python3-pyyaml-include_1.3.2.bb b/meta-python/recipes-devtools/python/python3-pyyaml-include_1.3.2.bb index 3a5bd99a78..309d0ac596 100644 --- a/meta-python/recipes-devtools/python/python3-pyyaml-include_1.3.2.bb +++ b/meta-python/recipes-devtools/python/python3-pyyaml-include_1.3.2.bb @@ -26,4 +26,4 @@ RDEPENDS:${PN}-ptest += " \ python3-pytest \ python3-unittest-automake-output \ " - +BBCLASSEXTEND = "native nativesdk" diff --git a/meta-python/recipes-devtools/python/python3-sqlparse/CVE-2024-4340.patch b/meta-python/recipes-devtools/python/python3-sqlparse/CVE-2024-4340.patch new file mode 100644 index 0000000000..670904071a --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-sqlparse/CVE-2024-4340.patch @@ -0,0 +1,48 @@ +From b4a39d9850969b4e1d6940d32094ee0b42a2cf03 Mon Sep 17 00:00:00 2001 +From: Andi Albrecht <albrecht.andi@gmail.com> +Date: Sat, 13 Apr 2024 13:59:00 +0200 +Subject: [PATCH] Raise SQLParseError instead of RecursionError. + +CVE: CVE-2024-4340 + +Upstream-Status: Backport [https://github.com/andialbrecht/sqlparse/commit/b4a39d9850969b4e1d6940d32094ee0b42a2cf03] + +Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> +--- + sqlparse/sql.py | 14 +++++++++----- + 1 file changed, 9 insertions(+), 5 deletions(-) + +diff --git a/sqlparse/sql.py b/sqlparse/sql.py +index 1ccfbdb..2090621 100644 +--- a/sqlparse/sql.py ++++ b/sqlparse/sql.py +@@ -10,6 +10,7 @@ + import re + + from sqlparse import tokens as T ++from sqlparse.exceptions import SQLParseError + from sqlparse.utils import imt, remove_quotes + + +@@ -209,11 +210,14 @@ class TokenList(Token): + + This method is recursively called for all child tokens. + """ +- for token in self.tokens: +- if token.is_group: +- yield from token.flatten() +- else: +- yield token ++ try: ++ for token in self.tokens: ++ if token.is_group: ++ yield from token.flatten() ++ else: ++ yield token ++ except RecursionError as err: ++ raise SQLParseError('Maximum recursion depth exceeded') from err + + def get_sublists(self): + for token in self.tokens: +-- +2.25.1 diff --git a/meta-python/recipes-devtools/python/python3-sqlparse_0.4.4.bb b/meta-python/recipes-devtools/python/python3-sqlparse_0.4.4.bb index c04971ee8f..fa633026c8 100644 --- a/meta-python/recipes-devtools/python/python3-sqlparse_0.4.4.bb +++ b/meta-python/recipes-devtools/python/python3-sqlparse_0.4.4.bb @@ -5,6 +5,7 @@ LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=2b136f573f5386001ea3b7b9016222fc" SRC_URI += "file://0001-sqlparse-change-shebang-to-python3.patch \ + file://CVE-2024-4340.patch \ file://run-ptest \ " diff --git a/meta-python/recipes-devtools/python/python3-twisted/CVE-2024-41671-0001.patch b/meta-python/recipes-devtools/python/python3-twisted/CVE-2024-41671-0001.patch new file mode 100644 index 0000000000..1f6bf6bbfc --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-twisted/CVE-2024-41671-0001.patch @@ -0,0 +1,89 @@ +From 046a164f89a0f08d3239ecebd750360f8914df33 Mon Sep 17 00:00:00 2001 +From: Adi Roiban <adiroiban@gmail.com> +Date: Mon Jul 29 14:28:03 2024 +0100 +Subject: [PATCH] Merge commit from fork + +Added HTML output encoding the "URL" parameter of the "redirectTo" function + +CVE: CVE-2024-41671 + +Upstream-Status: Backport [https://github.com/twisted/twisted/commit/046a164f89a0f08d3239ecebd750360f8914df33] + +Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> +--- + src/twisted/web/_template_util.py | 2 +- + src/twisted/web/test/test_util.py | 39 ++++++++++++++++++++++++++++++- + 2 files changed, 39 insertions(+), 2 deletions(-) + +diff --git a/src/twisted/web/_template_util.py b/src/twisted/web/_template_util.py +index 230c33f..7266079 100644 +--- a/src/twisted/web/_template_util.py ++++ b/src/twisted/web/_template_util.py +@@ -92,7 +92,7 @@ def redirectTo(URL: bytes, request: IRequest) -> bytes: + </body> + </html> + """ % { +- b"url": URL ++ b"url": escape(URL.decode("utf-8")).encode("utf-8") + } + return content + +diff --git a/src/twisted/web/test/test_util.py b/src/twisted/web/test/test_util.py +index 1e76300..9847dcb 100644 +--- a/src/twisted/web/test/test_util.py ++++ b/src/twisted/web/test/test_util.py +@@ -5,7 +5,6 @@ + Tests for L{twisted.web.util}. + """ + +- + import gc + + from twisted.internet import defer +@@ -64,6 +63,44 @@ class RedirectToTests(TestCase): + targetURL = "http://target.example.com/4321" + self.assertRaises(TypeError, redirectTo, targetURL, request) + ++ def test_legitimateRedirect(self): ++ """ ++ Legitimate URLs are fully interpolated in the `redirectTo` response body without transformation ++ """ ++ request = DummyRequest([b""]) ++ html = redirectTo(b"https://twisted.org/", request) ++ expected = b""" ++<html> ++ <head> ++ <meta http-equiv=\"refresh\" content=\"0;URL=https://twisted.org/\"> ++ </head> ++ <body bgcolor=\"#FFFFFF\" text=\"#000000\"> ++ <a href=\"https://twisted.org/\">click here</a> ++ </body> ++</html> ++""" ++ self.assertEqual(html, expected) ++ ++ def test_maliciousRedirect(self): ++ """ ++ Malicious URLs are HTML-escaped before interpolating them in the `redirectTo` response body ++ """ ++ request = DummyRequest([b""]) ++ html = redirectTo( ++ b'https://twisted.org/"><script>alert(document.location)</script>', request ++ ) ++ expected = b""" ++<html> ++ <head> ++ <meta http-equiv=\"refresh\" content=\"0;URL=https://twisted.org/"><script>alert(document.location)</script>\"> ++ </head> ++ <body bgcolor=\"#FFFFFF\" text=\"#000000\"> ++ <a href=\"https://twisted.org/"><script>alert(document.location)</script>\">click here</a> ++ </body> ++</html> ++""" ++ self.assertEqual(html, expected) ++ + + class ParentRedirectTests(SynchronousTestCase): + """ +-- +2.40.0 diff --git a/meta-python/recipes-devtools/python/python3-twisted/CVE-2024-41671-0002.patch b/meta-python/recipes-devtools/python/python3-twisted/CVE-2024-41671-0002.patch new file mode 100644 index 0000000000..147c21d73d --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-twisted/CVE-2024-41671-0002.patch @@ -0,0 +1,251 @@ +From 4a930de12fb67e88fefcb8822104152f42b27abc Mon Sep 17 00:00:00 2001 +From: Adi Roiban <adiroiban@gmail.com> +Date: Mon Jul 29 14:27:23 2024 +0100 +Subject: [PATCH] Merge commit from fork + +Address GHSA-c8m8-j448-xjx7 + +CVE: CVE-2024-41671 + +Upstream-Status: Backport [https://github.com/twisted/twisted/commit/4a930de12fb67e88fefcb8822104152f42b27abc] + +Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> +--- + src/twisted/web/http.py | 21 +++-- + src/twisted/web/test/test_http.py | 122 ++++++++++++++++++++++++++---- + 2 files changed, 122 insertions(+), 21 deletions(-) + +diff --git a/src/twisted/web/http.py b/src/twisted/web/http.py +index 1c59838..3b784f5 100644 +--- a/src/twisted/web/http.py ++++ b/src/twisted/web/http.py +@@ -2000,16 +2000,21 @@ class _ChunkedTransferDecoder: + @returns: C{False}, as there is either insufficient data to continue, + or no data remains. + """ +- if ( +- self._receivedTrailerHeadersSize + len(self._buffer) +- > self._maxTrailerHeadersSize +- ): +- raise _MalformedChunkedDataError("Trailer headers data is too long.") +- + eolIndex = self._buffer.find(b"\r\n", self._start) + + if eolIndex == -1: + # Still no end of network line marker found. ++ # ++ # Check if we've run up against the trailer size limit: if the next ++ # read contains the terminating CRLF then we'll have this many bytes ++ # of trailers (including the CRLFs). ++ minTrailerSize = ( ++ self._receivedTrailerHeadersSize ++ + len(self._buffer) ++ + (1 if self._buffer.endswith(b"\r") else 2) ++ ) ++ if minTrailerSize > self._maxTrailerHeadersSize: ++ raise _MalformedChunkedDataError("Trailer headers data is too long.") + # Continue processing more data. + return False + +@@ -2019,6 +2024,8 @@ class _ChunkedTransferDecoder: + del self._buffer[0 : eolIndex + 2] + self._start = 0 + self._receivedTrailerHeadersSize += eolIndex + 2 ++ if self._receivedTrailerHeadersSize > self._maxTrailerHeadersSize: ++ raise _MalformedChunkedDataError("Trailer headers data is too long.") + return True + + # eolIndex in this part of code is equal to 0 +@@ -2342,8 +2349,8 @@ class HTTPChannel(basic.LineReceiver, policies.TimeoutMixin): + self.__header = line + + def _finishRequestBody(self, data): +- self.allContentReceived() + self._dataBuffer.append(data) ++ self.allContentReceived() + + def _maybeChooseTransferDecoder(self, header, data): + """ +diff --git a/src/twisted/web/test/test_http.py b/src/twisted/web/test/test_http.py +index 33d0a49..1130d31 100644 +--- a/src/twisted/web/test/test_http.py ++++ b/src/twisted/web/test/test_http.py +@@ -135,7 +135,7 @@ class DummyHTTPHandler(http.Request): + data = self.content.read() + length = self.getHeader(b"content-length") + if length is None: +- length = networkString(str(length)) ++ length = str(length).encode() + request = b"'''\n" + length + b"\n" + data + b"'''\n" + self.setResponseCode(200) + self.setHeader(b"Request", self.uri) +@@ -563,17 +563,23 @@ class HTTP0_9Tests(HTTP1_0Tests): + + class PipeliningBodyTests(unittest.TestCase, ResponseTestMixin): + """ +- Tests that multiple pipelined requests with bodies are correctly buffered. ++ Pipelined requests get buffered and executed in the order received, ++ not processed in parallel. + """ + + requests = ( + b"POST / HTTP/1.1\r\n" + b"Content-Length: 10\r\n" + b"\r\n" +- b"0123456789POST / HTTP/1.1\r\n" +- b"Content-Length: 10\r\n" +- b"\r\n" + b"0123456789" ++ # Chunk encoded request. ++ b"POST / HTTP/1.1\r\n" ++ b"Transfer-Encoding: chunked\r\n" ++ b"\r\n" ++ b"a\r\n" ++ b"0123456789\r\n" ++ b"0\r\n" ++ b"\r\n" + ) + + expectedResponses = [ +@@ -590,14 +596,16 @@ class PipeliningBodyTests(unittest.TestCase, ResponseTestMixin): + b"Request: /", + b"Command: POST", + b"Version: HTTP/1.1", +- b"Content-Length: 21", +- b"'''\n10\n0123456789'''\n", ++ b"Content-Length: 23", ++ b"'''\nNone\n0123456789'''\n", + ), + ] + +- def test_noPipelining(self): ++ def test_stepwiseTinyTube(self): + """ +- Test that pipelined requests get buffered, not processed in parallel. ++ Imitate a slow connection that delivers one byte at a time. ++ The request handler (L{DelayedHTTPHandler}) is puppeted to ++ step through the handling of each request. + """ + b = StringTransport() + a = http.HTTPChannel() +@@ -606,10 +614,9 @@ class PipeliningBodyTests(unittest.TestCase, ResponseTestMixin): + # one byte at a time, to stress it. + for byte in iterbytes(self.requests): + a.dataReceived(byte) +- value = b.value() + + # So far only one request should have been dispatched. +- self.assertEqual(value, b"") ++ self.assertEqual(b.value(), b"") + self.assertEqual(1, len(a.requests)) + + # Now, process each request one at a time. +@@ -618,8 +625,91 @@ class PipeliningBodyTests(unittest.TestCase, ResponseTestMixin): + request = a.requests[0].original + request.delayedProcess() + +- value = b.value() +- self.assertResponseEquals(value, self.expectedResponses) ++ self.assertResponseEquals(b.value(), self.expectedResponses) ++ ++ def test_stepwiseDumpTruck(self): ++ """ ++ Imitate a fast connection where several pipelined ++ requests arrive in a single read. The request handler ++ (L{DelayedHTTPHandler}) is puppeted to step through the ++ handling of each request. ++ """ ++ b = StringTransport() ++ a = http.HTTPChannel() ++ a.requestFactory = DelayedHTTPHandlerProxy ++ a.makeConnection(b) ++ ++ a.dataReceived(self.requests) ++ ++ # So far only one request should have been dispatched. ++ self.assertEqual(b.value(), b"") ++ self.assertEqual(1, len(a.requests)) ++ ++ # Now, process each request one at a time. ++ while a.requests: ++ self.assertEqual(1, len(a.requests)) ++ request = a.requests[0].original ++ request.delayedProcess() ++ ++ self.assertResponseEquals(b.value(), self.expectedResponses) ++ ++ def test_immediateTinyTube(self): ++ """ ++ Imitate a slow connection that delivers one byte at a time. ++ (L{DummyHTTPHandler}) immediately responds, but no more ++ than one ++ """ ++ b = StringTransport() ++ a = http.HTTPChannel() ++ a.requestFactory = DummyHTTPHandlerProxy # "sync" ++ a.makeConnection(b) ++ ++ # one byte at a time, to stress it. ++ for byte in iterbytes(self.requests): ++ a.dataReceived(byte) ++ # There is never more than one request dispatched at a time: ++ self.assertLessEqual(len(a.requests), 1) ++ ++ self.assertResponseEquals(b.value(), self.expectedResponses) ++ ++ def test_immediateDumpTruck(self): ++ """ ++ Imitate a fast connection where several pipelined ++ requests arrive in a single read. The request handler ++ (L{DummyHTTPHandler}) immediately responds. ++ This doesn't check the at-most-one pending request ++ invariant but exercises otherwise uncovered code paths. ++ See GHSA-c8m8-j448-xjx7. ++ """ ++ b = StringTransport() ++ a = http.HTTPChannel() ++ a.requestFactory = DummyHTTPHandlerProxy ++ a.makeConnection(b) ++ ++ # All bytes at once to ensure there's stuff to buffer. ++ a.dataReceived(self.requests) ++ ++ self.assertResponseEquals(b.value(), self.expectedResponses) ++ ++ def test_immediateABiggerTruck(self): ++ """ ++ Imitate a fast connection where a so many pipelined ++ requests arrive in a single read that backpressure is indicated. ++ The request handler (L{DummyHTTPHandler}) immediately responds. ++ This doesn't check the at-most-one pending request ++ invariant but exercises otherwise uncovered code paths. ++ See GHSA-c8m8-j448-xjx7. ++ @see: L{http.HTTPChannel._optimisticEagerReadSize} ++ """ ++ b = StringTransport() ++ a = http.HTTPChannel() ++ a.requestFactory = DummyHTTPHandlerProxy ++ a.makeConnection(b) ++ ++ overLimitCount = a._optimisticEagerReadSize // len(self.requests) * 10 ++ a.dataReceived(self.requests * overLimitCount) ++ ++ self.assertResponseEquals(b.value(), self.expectedResponses * overLimitCount) + + def test_pipeliningReadLimit(self): + """ +@@ -1522,7 +1612,11 @@ class ChunkedTransferEncodingTests(unittest.TestCase): + lambda b: None, # pragma: nocov + ) + p._maxTrailerHeadersSize = 10 +- p.dataReceived(b"3\r\nabc\r\n0\r\n0123456789") ++ # 9 bytes are received so far, in 2 packets. ++ # For now, all is ok. ++ p.dataReceived(b"3\r\nabc\r\n0\r\n01234567") ++ p.dataReceived(b"\r") ++ # Once the 10th byte is received, the processing fails. + self.assertRaises( + http._MalformedChunkedDataError, + p.dataReceived, +-- +2.40.0 diff --git a/meta-python/recipes-devtools/python/python3-twisted_24.3.0.bb b/meta-python/recipes-devtools/python/python3-twisted_24.3.0.bb index e5223ccd65..272aecb8b0 100644 --- a/meta-python/recipes-devtools/python/python3-twisted_24.3.0.bb +++ b/meta-python/recipes-devtools/python/python3-twisted_24.3.0.bb @@ -6,6 +6,11 @@ HOMEPAGE = "https://twisted.org" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=c1c5d2c2493b848f83864bdedd67bbf5" +SRC_URI += " \ + file://CVE-2024-41671-0001.patch \ + file://CVE-2024-41671-0002.patch \ +" + SRC_URI[sha256sum] = "6b38b6ece7296b5e122c9eb17da2eeab3d98a198f50ca9efd00fb03e5b4fd4ae" inherit pypi python_hatchling @@ -15,18 +20,16 @@ do_install:append() { find ${D} \( -name "*.bat" -o -name "*.c" -o -name "*.h" \) -exec rm -f {} \; } -PACKAGES += "\ +PACKAGES =+ "\ ${PN}-zsh \ ${PN}-test \ ${PN}-protocols \ ${PN}-conch \ ${PN}-mail \ ${PN}-names \ - ${PN}-news \ ${PN}-runner \ ${PN}-web \ ${PN}-words \ - ${PN}-flow \ ${PN}-pair \ ${PN}-core \ " @@ -66,11 +69,9 @@ RDEPENDS:${PN}-test = "${PN} python3-pyhamcrest" RDEPENDS:${PN}-conch = "${PN}-core ${PN}-protocols python3-bcrypt python3-cryptography python3-pickle" RDEPENDS:${PN}-mail = "${PN}-core ${PN}-protocols" RDEPENDS:${PN}-names = "${PN}-core" -RDEPENDS:${PN}-news = "${PN}-core ${PN}-protocols" RDEPENDS:${PN}-runner = "${PN}-core ${PN}-protocols" RDEPENDS:${PN}-web += "${PN}-core ${PN}-protocols" RDEPENDS:${PN}-words += "${PN}-core" -RDEPENDS:${PN}-flow += "${PN}-core" RDEPENDS:${PN}-pair += "${PN}-core" FILES:${PN}-test = " \ @@ -152,12 +153,6 @@ FILES:${PN}-names = " \ ${PYTHON_SITEPACKAGES_DIR}/twisted/names \ " -FILES:${PN}-news = " \ - ${PYTHON_SITEPACKAGES_DIR}/twisted/plugins/twisted_news.py* \ - ${PYTHON_SITEPACKAGES_DIR}/twisted/plugins/__pycache__/twisted_news*.pyc \ - ${PYTHON_SITEPACKAGES_DIR}/twisted/news \ -" - FILES:${PN}-runner = " \ ${PYTHON_SITEPACKAGES_DIR}/twisted/plugins/twisted_runner.py* \ ${PYTHON_SITEPACKAGES_DIR}/twisted/plugins/__pycache__/twisted_runner*.pyc \ @@ -176,15 +171,7 @@ FILES:${PN}-words = " \ ${PYTHON_SITEPACKAGES_DIR}/twisted/words \ " -FILES:${PN}-flow = " \ - ${PYTHON_SITEPACKAGES_DIR}/twisted/plugins/twisted_flow.py* \ - ${PYTHON_SITEPACKAGES_DIR}/twisted/plugins/__pycache__/twisted_flow*.pyc \ - ${PYTHON_SITEPACKAGES_DIR}/twisted/flow \ -" - FILES:${PN}-pair = " \ - ${PYTHON_SITEPACKAGES_DIR}/twisted/plugins/twisted_pair.py* \ - ${PYTHON_SITEPACKAGES_DIR}/twisted/plugins/__pycache__/twisted_pair*.pyc \ ${PYTHON_SITEPACKAGES_DIR}/twisted/pair \ " diff --git a/meta-python/recipes-devtools/python/python3-werkzeug_3.0.1.bb b/meta-python/recipes-devtools/python/python3-werkzeug_3.0.3.bb index f8d2769b41..e793430340 100644 --- a/meta-python/recipes-devtools/python/python3-werkzeug_3.0.1.bb +++ b/meta-python/recipes-devtools/python/python3-werkzeug_3.0.3.bb @@ -8,9 +8,9 @@ cookie handling, file uploads, a powerful URL routing system and a bunch \ of community contributed addon modules." HOMEPAGE = "https://werkzeug.palletsprojects.com" LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://LICENSE.rst;md5=5dc88300786f1c214c1e9827a5229462" +LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=5dc88300786f1c214c1e9827a5229462" -SRC_URI[sha256sum] = "507e811ecea72b18a404947aded4b3390e1db8f826b494d76550ef45bb3b1dcc" +SRC_URI[sha256sum] = "097e5bfda9f0aba8da6b8545146def481d06aa7d3266e7448e2cccf67dd8bd18" inherit pypi python_flit_core diff --git a/meta-python/recipes-devtools/python/python3-xlsxwriter_3.1.9.bb b/meta-python/recipes-devtools/python/python3-xlsxwriter_3.1.9.bb index ee7dab35cb..4e23feebbb 100644 --- a/meta-python/recipes-devtools/python/python3-xlsxwriter_3.1.9.bb +++ b/meta-python/recipes-devtools/python/python3-xlsxwriter_3.1.9.bb @@ -1,7 +1,7 @@ SUMMARY = "Python 2 and 3 compatibility library" HOMEPAGE = "https://xlsxwriter.readthedocs.io" SECTION = "devel/python" -LICENSE = "MIT" +LICENSE = "BSD-2-Clause" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=12d9fac1f0049be71ab5aa4a78da02b0" inherit pypi setuptools3 diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.62.bb index b96e8b4e17..dc6a1530ba 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb +++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.62.bb @@ -27,7 +27,7 @@ SRC_URI:append:class-target = " \ " LIC_FILES_CHKSUM = "file://LICENSE;md5=bddeddfac80b2c9a882241d008bb41c3" -SRC_URI[sha256sum] = "ec51501ec480284ff52f637258135d333230a7d229c3afa6f6c2f9040e321323" +SRC_URI[sha256sum] = "674188e7bf44ced82da8db522da946849e22080d73d16c93f7f4df89e25729ec" S = "${WORKDIR}/httpd-${PV}" diff --git a/meta-webserver/recipes-httpd/nginx/files/CVE-2024-7347-1.patch b/meta-webserver/recipes-httpd/nginx/files/CVE-2024-7347-1.patch new file mode 100644 index 0000000000..23723d63d4 --- /dev/null +++ b/meta-webserver/recipes-httpd/nginx/files/CVE-2024-7347-1.patch @@ -0,0 +1,34 @@ +From 88955b1044ef38315b77ad1a509d63631a790a0f Mon Sep 17 00:00:00 2001 +From: Roman Arutyunyan <arut@nginx.com> +Date: Mon, 12 Aug 2024 18:20:45 +0400 +Subject: [PATCH] Mp4: rejecting unordered chunks in stsc atom. + +Unordered chunks could result in trak->end_chunk smaller than trak->start_chunk +in ngx_http_mp4_crop_stsc_data(). Later in ngx_http_mp4_update_stco_atom() +this caused buffer overread while trying to calculate trak->end_offset. + +CVE: CVE-2024-7347 +Upstream-Status: Backport [https://github.com/nginx/nginx/commit/88955b1044ef38315b77ad1a509d63631a790a0f] +Signed-off-by: Ashish Sharma <asharma@mvista.com> + + src/http/modules/ngx_http_mp4_module.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/src/http/modules/ngx_http_mp4_module.c b/src/http/modules/ngx_http_mp4_module.c +index 1cd017c274..041ad263b5 100644 +--- a/src/http/modules/ngx_http_mp4_module.c ++++ b/src/http/modules/ngx_http_mp4_module.c +@@ -3156,6 +3156,13 @@ ngx_http_mp4_crop_stsc_data(ngx_http_mp4_file_t *mp4, + + next_chunk = ngx_mp4_get_32value(entry->chunk); + ++ if (next_chunk < chunk) { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "unordered mp4 stsc chunks in \"%s\"", ++ mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + ngx_log_debug5(NGX_LOG_DEBUG_HTTP, mp4->file.log, 0, + "sample:%uD, chunk:%uD, chunks:%uD, " + "samples:%uD, id:%uD", diff --git a/meta-webserver/recipes-httpd/nginx/files/CVE-2024-7347-2.patch b/meta-webserver/recipes-httpd/nginx/files/CVE-2024-7347-2.patch new file mode 100644 index 0000000000..5b8d08a1e1 --- /dev/null +++ b/meta-webserver/recipes-httpd/nginx/files/CVE-2024-7347-2.patch @@ -0,0 +1,52 @@ +From 7362d01658b61184108c21278443910da68f93b4 Mon Sep 17 00:00:00 2001 +From: Roman Arutyunyan <arut@nginx.com> +Date: Mon, 12 Aug 2024 18:20:43 +0400 +Subject: [PATCH] Mp4: fixed buffer underread while updating stsz atom. + +While cropping an stsc atom in ngx_http_mp4_crop_stsc_data(), a 32-bit integer +overflow could happen, which could result in incorrect seeking and a very large +value stored in "samples". This resulted in a large invalid value of +trak->end_chunk_samples. This value is further used to calculate the value of +trak->end_chunk_samples_size in ngx_http_mp4_update_stsz_atom(). While doing +this, a large invalid value of trak->end_chunk_samples could result in reading +memory before stsz atom start. This could potentially result in a segfault. + +CVE: CVE-2024-7347 +Upstream-Status: Backport [https://github.com/nginx/nginx/commit/7362d01658b61184108c21278443910da68f93b4] +Signed-off-by: Ashish Sharma <asharma@mvista.com> + + src/http/modules/ngx_http_mp4_module.c | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/src/http/modules/ngx_http_mp4_module.c b/src/http/modules/ngx_http_mp4_module.c +index 03175dea21..1cd017c274 100644 +--- a/src/http/modules/ngx_http_mp4_module.c ++++ b/src/http/modules/ngx_http_mp4_module.c +@@ -3099,7 +3099,8 @@ static ngx_int_t + ngx_http_mp4_crop_stsc_data(ngx_http_mp4_file_t *mp4, + ngx_http_mp4_trak_t *trak, ngx_uint_t start) + { +- uint32_t start_sample, chunk, samples, id, next_chunk, n, ++ uint64_t n; ++ uint32_t start_sample, chunk, samples, id, next_chunk, + prev_samples; + ngx_buf_t *data, *buf; + ngx_uint_t entries, target_chunk, chunk_samples; +@@ -3160,7 +3161,7 @@ ngx_http_mp4_crop_stsc_data(ngx_http_mp4_file_t *mp4, + "samples:%uD, id:%uD", + start_sample, chunk, next_chunk - chunk, samples, id); + +- n = (next_chunk - chunk) * samples; ++ n = (uint64_t) (next_chunk - chunk) * samples; + + if (start_sample < n) { + goto found; +@@ -3182,7 +3183,7 @@ ngx_http_mp4_crop_stsc_data(ngx_http_mp4_file_t *mp4, + "sample:%uD, chunk:%uD, chunks:%uD, samples:%uD", + start_sample, chunk, next_chunk - chunk, samples); + +- n = (next_chunk - chunk) * samples; ++ n = (uint64_t) (next_chunk - chunk) * samples; + + if (start_sample > n) { + ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, diff --git a/meta-webserver/recipes-httpd/nginx/nginx.inc b/meta-webserver/recipes-httpd/nginx/nginx.inc index 83ae90c40c..926db19443 100644 --- a/meta-webserver/recipes-httpd/nginx/nginx.inc +++ b/meta-webserver/recipes-httpd/nginx/nginx.inc @@ -23,6 +23,8 @@ SRC_URI = " \ file://nginx.service \ file://nginx-fix-pidfile.patch \ file://0001-configure-libxslt-conf.patch \ + file://CVE-2024-7347-1.patch \ + file://CVE-2024-7347-2.patch \ " inherit siteinfo update-rc.d useradd systemd |