From patchwork Thu Jun 2 02:30:41 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 8731 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6D480CCA47A for ; Thu, 2 Jun 2022 02:31:27 +0000 (UTC) Received: from mail-pl1-f172.google.com (mail-pl1-f172.google.com [209.85.214.172]) by mx.groups.io with SMTP id smtpd.web08.2148.1654137078412531584 for ; Wed, 01 Jun 2022 19:31:18 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=NpUSDVIF; spf=softfail (domain: sakoman.com, ip: 209.85.214.172, mailfrom: steve@sakoman.com) Received: by mail-pl1-f172.google.com with SMTP id n18so3366353plg.5 for ; Wed, 01 Jun 2022 19:31:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=ZIXJdjotCneRjS/RHkPrl2DCNSIz/+WZ0B8LnDUV2hE=; b=NpUSDVIFL0xqIX+rLL1fJdPb+8NMld9G5ka6flYBM3bcJr6+9W9PoH0t0pVZDLGbNu cfLqKEb7DKg6DpiajSdftRjQw2sPMij+Sv04J/0GHOs/PMA1oL6WrJh3z4VOsbYFuTKX tJjzrbDIj9t2UV5lLdHZwtk3rOKRK9inq4/LCoGJKVoccDDD2umvj3S91kJSpqNv1525 kX9gzg5zIDdWJbAjTo9O2Ijg/lW7vuFt29aFk8x1bv2mr4WfTwD9bzIQSjeY/hCe5ikV rQIAdkIifHaPp8nlALrl8Wz5i80EFC9qLC6dH++3oOzrQLVhTrLBQ7J5FSeu89Y74P5h HuEg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ZIXJdjotCneRjS/RHkPrl2DCNSIz/+WZ0B8LnDUV2hE=; b=iHQsGOQhCVVV8GW5k8aALKbU1xxtT8Kof6WPQdNit0XkvAXE32X0LT4ITe9/Sfu/PG vaGmodMv0LUFga1YdJI1ZFGjATachrdl+Mtc7mf8u7VSxxTNjoo89A297qjoBdW6Ayp0 k/zMX8OLQKscwIkhgV/9zSfA1+T4f/pQngj4oQVKEJ8uZr7E8ogTquZouTmv2ANsjS7n ceTHb7zOKgGXSWRUnu1IXQSpnRp1uonZ70vpbMEhblyjnxweuQ8+PlytaXitOHLG5wjT C4nAFEhBH3M/9pz1NJ27kY/3peOYRw4m7LUyBXxt+8mhvp/We1qWHT1URG5QQNAF9sid F+4Q== X-Gm-Message-State: AOAM533jsk7iNGhDiexHwFIRIftODNPMaG2OJYAohdl9aTQ6Fd3JhdEe vg6uvL9Jonz0PQ87rwbYZazCSE+BiahCM0vo X-Google-Smtp-Source: ABdhPJwHgSb4j49jh3P4lK9PfZxy+JxDqiZUJ0UIXnNo3Tmy6myxEYIhyBEy4/kSdAnEorbSk9ev1g== X-Received: by 2002:a17:902:9043:b0:14f:aa08:8497 with SMTP id w3-20020a170902904300b0014faa088497mr2491595plz.109.1654137077365; Wed, 01 Jun 2022 19:31:17 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id j23-20020a63ec17000000b003fc37053c82sm1990447pgh.12.2022.06.01.19.31.16 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Jun 2022 19:31:16 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 01/11] ruby: Upgrade ruby to 2.7.6 for security fix Date: Wed, 1 Jun 2022 16:30:41 -1000 Message-Id: <4514b1b8cacb92b1790b636b111c071190b2e4b2.1654136888.git.steve@sakoman.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 02 Jun 2022 02:31:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/166449 From: Ranjitsinh Rathod Upgrade ruby to 2.7.6 Link: https://www.ruby-lang.org/en/news/2022/04/12/ruby-2-7-6-released/ This includes CVE-2022-28739 security fix Signed-off-by: Ranjitsinh Rathod Signed-off-by: Ranjitsinh Rathod Signed-off-by: Steve Sakoman --- meta/recipes-devtools/ruby/{ruby_2.7.5.bb => ruby_2.7.6.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta/recipes-devtools/ruby/{ruby_2.7.5.bb => ruby_2.7.6.bb} (95%) diff --git a/meta/recipes-devtools/ruby/ruby_2.7.5.bb b/meta/recipes-devtools/ruby/ruby_2.7.6.bb similarity index 95% rename from meta/recipes-devtools/ruby/ruby_2.7.5.bb rename to meta/recipes-devtools/ruby/ruby_2.7.6.bb index 44a2527ee7..658a17659a 100644 --- a/meta/recipes-devtools/ruby/ruby_2.7.5.bb +++ b/meta/recipes-devtools/ruby/ruby_2.7.6.bb @@ -9,8 +9,8 @@ SRC_URI += " \ file://0001-template-Makefile.in-do-not-write-host-cross-cc-item.patch \ " -SRC_URI[md5sum] = "ede247b56fb862f1f67f9471189b04d4" -SRC_URI[sha256sum] = "2755b900a21235b443bb16dadd9032f784d4a88f143d852bc5d154f22b8781f1" +SRC_URI[md5sum] = "f972fb0cce662966bec10d5c5f32d042" +SRC_URI[sha256sum] = "e7203b0cc09442ed2c08936d483f8ac140ec1c72e37bb5c401646b7866cb5d10" PACKAGECONFIG ??= "" PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}" From patchwork Thu Jun 2 02:30:42 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 8730 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 61895CCA473 for ; Thu, 2 Jun 2022 02:31:27 +0000 (UTC) Received: from mail-pj1-f43.google.com (mail-pj1-f43.google.com [209.85.216.43]) by mx.groups.io with SMTP id smtpd.web08.2149.1654137080707820637 for ; Wed, 01 Jun 2022 19:31:20 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=GPf7wNO/; spf=softfail (domain: sakoman.com, ip: 209.85.216.43, mailfrom: steve@sakoman.com) Received: by mail-pj1-f43.google.com with SMTP id o6-20020a17090a0a0600b001e2c6566046so8085818pjo.0 for ; Wed, 01 Jun 2022 19:31:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=+q/pOziGoNJDL9O2OpQrrUt59Lmf8xuQ962W23B364g=; b=GPf7wNO/SPrQiVMLTn9UpUZ85yysuSZL75QPImcufRXqLAcHPLINRI/loMEmmVeItJ kT6E/usdMAxFfrvQfEFXo6cYjI9lWlibqyozTc3KQ8zpfwVYLjYaz/jnnK6Ily9BHlqm aoUPAZLURZtGhW0aPNYdXLxixlrXCO5ib2EBauCTDuK6T7BS4zalljR44hewj8jpEsMh rhZ3HwoXJvHF2pgbIdSirEW9udJtUlCGUYBBy859dtdpZtRHQ3HCDYM1wE6RgLec6TZc gkIsrOuiz6u1vyqHg88REXeNa1ozLp4B3YKk0MjwKABCVZ1g7JmmLXjGfhq03sNFgN55 fySw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=+q/pOziGoNJDL9O2OpQrrUt59Lmf8xuQ962W23B364g=; b=UkZrmUXYshQFZa9nGOagzAX3OpUv3Nc2FtYud4EXHVmpVCOY15CiT5vSKdCITQYvaJ bPtuH+k2JMHsPZ8Bh6AUnt4gtdI28s++RhUOSjORFb/JP0K6S3Ri0kSlcR0ncdr/QNsk MIOgjlciZw2NOPlVhWelQipyygM1QqCwGohtLUAGins8wAaYk/zfqtdGdsuM6yfddaRr fyaMjVlWUxsiEHI3hH1RVJVsKp7zzMTSeCqqW7gBoW2kNeXFFAKrDSfQhkymegOEz22o d1ocEiRrh4TxHpe7x/q5ozdv94TV4Z2UESi2UClIiv/WxTvcDRinwCzyUykb/wlhqloO 0Oxw== X-Gm-Message-State: AOAM530c1UPx0+sNz+c3ALFwEPFpaTGU38CPOlECdAGQZe0urpoowUtC pU5F7j34sKt5bqmkyhEr7axs2ClJrt6uQXkq X-Google-Smtp-Source: ABdhPJyWW5ul4WVzqn4vR3XMMRmmYwxNvjX7BRIc6MTKiO7pdcHkNw4rFuKO0PXcHpke05eKHpaJJg== X-Received: by 2002:a17:903:244d:b0:166:3983:5569 with SMTP id l13-20020a170903244d00b0016639835569mr2492313pls.44.1654137079623; Wed, 01 Jun 2022 19:31:19 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id j23-20020a63ec17000000b003fc37053c82sm1990447pgh.12.2022.06.01.19.31.18 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Jun 2022 19:31:18 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 02/11] ruby: Whitelist CVE-2021-28966 as this affects Windows OS only Date: Wed, 1 Jun 2022 16:30:42 -1000 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 02 Jun 2022 02:31:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/166450 From: Ranjitsinh Rathod As per below debian link, CVE-2021-28966 affects Windows only Link: https://security-tracker.debian.org/tracker/CVE-2021-28966 Signed-off-by: Ranjitsinh Rathod Signed-off-by: Ranjitsinh Rathod Signed-off-by: Steve Sakoman --- meta/recipes-devtools/ruby/ruby_2.7.6.bb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/meta/recipes-devtools/ruby/ruby_2.7.6.bb b/meta/recipes-devtools/ruby/ruby_2.7.6.bb index 658a17659a..3af321a83e 100644 --- a/meta/recipes-devtools/ruby/ruby_2.7.6.bb +++ b/meta/recipes-devtools/ruby/ruby_2.7.6.bb @@ -12,6 +12,10 @@ SRC_URI += " \ SRC_URI[md5sum] = "f972fb0cce662966bec10d5c5f32d042" SRC_URI[sha256sum] = "e7203b0cc09442ed2c08936d483f8ac140ec1c72e37bb5c401646b7866cb5d10" +# CVE-2021-28966 is Windows specific and not affects Linux OS +# https://security-tracker.debian.org/tracker/CVE-2021-28966 +CVE_CHECK_WHITELIST += "CVE-2021-28966" + PACKAGECONFIG ??= "" PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}" From patchwork Thu Jun 2 02:30:43 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 8729 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 60D2BC43334 for ; Thu, 2 Jun 2022 02:31:27 +0000 (UTC) Received: from mail-pl1-f179.google.com (mail-pl1-f179.google.com [209.85.214.179]) by mx.groups.io with SMTP id smtpd.web12.2084.1654137083156180706 for ; Wed, 01 Jun 2022 19:31:23 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=s8CbTv9c; spf=softfail (domain: sakoman.com, ip: 209.85.214.179, mailfrom: steve@sakoman.com) Received: by mail-pl1-f179.google.com with SMTP id c2so3375930plh.2 for ; Wed, 01 Jun 2022 19:31:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=+ZzGOie3/MYDveRH4mArPYXg8uZmtxUisFn1lawZztI=; b=s8CbTv9c1D5PQQjYz7eOzMhQ6fAfXh2ebZBbeLDF2+pE/tCNlIsJADvcvoHkbyQK5s /zG8TODUCwgaTKs9lrk/HDo0ti81tKwezogOtz0iIEcuEU1RzoND7YYtYpdnGTu4zyY4 NxN+l+Te3I78dl2E89AzpAcYrE5dA7QTcrsLnHc2falhsOjX2RwL5+Ovq0Y2290zoVEb GiYnJnz0Sxd2RBQ1ZBvsCqmlBdOqc3hv6vYgQom1oGW5SypFipWYmyJ0erFDe5WEkRXi GegmY2JytpGjkhm9Gb46cCt+EYIEq3KNvF5i6/benfN5do7tIbmjG2W8qrl9Xm+iwknD WlXg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=+ZzGOie3/MYDveRH4mArPYXg8uZmtxUisFn1lawZztI=; b=Mhr5vtvtNHGkACM8UPGsgPzz9r3LrHeTrPUuVYHTCBrX7J/DdEOx4VQsXGLbHFMUsw 6LGwK/KtHVx+lTpm8rr1p7L9LCYUoeH6qqyT81vhnIT3OH51GR7rHnNrqjfVXNM92n15 ++ocRdq0fFa0SQeEI9rnnJepKEg9oqs5Lji0QRKBoLXSyLaMkWilhZpGqMaok1V5NKuG +0JyOF9npqGwxYFOzcezteO7jJJhbTEY3+HNJ7pDBUvp8wAmF3BET/1ak1SgL2A5KCuz UffIqcVKyw4VbxZ5rRyO3rbgZIbThG5BBQ1Fwd9pINbYPzcs54+yZARyLUYiXZV9pZ2M KYug== X-Gm-Message-State: AOAM532o6httLM8cAwTdLwuvG3ayJUDi8SvAbzPD1jEv9L7yNK0nvD51 NS19DXl/l0TDx72+DdzaxCg6qKHFaDh03oSW X-Google-Smtp-Source: ABdhPJz0qg3fQDUkY7mVbwdtZCGOCPAYlnuosZku827fhcJqIHDPTYhOSeRLLOZA/p0kmfYJv1ujDw== X-Received: by 2002:a17:902:bf45:b0:15c:df47:3d6 with SMTP id u5-20020a170902bf4500b0015cdf4703d6mr2463083pls.58.1654137081919; Wed, 01 Jun 2022 19:31:21 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id j23-20020a63ec17000000b003fc37053c82sm1990447pgh.12.2022.06.01.19.31.20 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Jun 2022 19:31:21 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 03/11] libsdl2: Add fix for CVE-2021-33657 Date: Wed, 1 Jun 2022 16:30:43 -1000 Message-Id: <1cc84e4c51c9afaa5dcb5011e6511496e00d2c8a.1654136888.git.steve@sakoman.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 02 Jun 2022 02:31:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/166451 From: Ranjitsinh Rathod Add patch to fix CVE-2021-33657 issue for libsdl2 Link: https://security-tracker.debian.org/tracker/CVE-2021-33657 Signed-off-by: Ranjitsinh Rathod Signed-off-by: Ranjitsinh Rathod Signed-off-by: Steve Sakoman --- .../libsdl2/libsdl2/CVE-2021-33657.patch | 38 +++++++++++++++++++ .../libsdl2/libsdl2_2.0.12.bb | 1 + 2 files changed, 39 insertions(+) create mode 100644 meta/recipes-graphics/libsdl2/libsdl2/CVE-2021-33657.patch diff --git a/meta/recipes-graphics/libsdl2/libsdl2/CVE-2021-33657.patch b/meta/recipes-graphics/libsdl2/libsdl2/CVE-2021-33657.patch new file mode 100644 index 0000000000..a4ed7ab8e6 --- /dev/null +++ b/meta/recipes-graphics/libsdl2/libsdl2/CVE-2021-33657.patch @@ -0,0 +1,38 @@ +From 8c91cf7dba5193f5ce12d06db1336515851c9ee9 Mon Sep 17 00:00:00 2001 +From: Sam Lantinga +Date: Tue, 30 Nov 2021 12:36:46 -0800 +Subject: [PATCH] Always create a full 256-entry map in case color values are + out of range + +Fixes https://github.com/libsdl-org/SDL/issues/5042 + +CVE: CVE-2021-33657 +Upstream-Status: Backport [https://github.com/libsdl-org/SDL/commit/8c91cf7dba5193f5ce12d06db1336515851c9ee9.patch] +Signed-off-by: Ranjitsinh Rathod + +--- + src/video/SDL_pixels.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/video/SDL_pixels.c b/src/video/SDL_pixels.c +index ac04533c5d5..9bb02f771d0 100644 +--- a/src/video/SDL_pixels.c ++++ b/src/video/SDL_pixels.c +@@ -947,7 +947,7 @@ Map1to1(SDL_Palette * src, SDL_Palette * dst, int *identical) + } + *identical = 0; + } +- map = (Uint8 *) SDL_malloc(src->ncolors); ++ map = (Uint8 *) SDL_calloc(256, sizeof(Uint8)); + if (map == NULL) { + SDL_OutOfMemory(); + return (NULL); +@@ -971,7 +971,7 @@ Map1toN(SDL_PixelFormat * src, Uint8 Rmod, Uint8 Gmod, Uint8 Bmod, Uint8 Amod, + SDL_Palette *pal = src->palette; + + bpp = ((dst->BytesPerPixel == 3) ? 4 : dst->BytesPerPixel); +- map = (Uint8 *) SDL_malloc(pal->ncolors * bpp); ++ map = (Uint8 *) SDL_calloc(256, bpp); + if (map == NULL) { + SDL_OutOfMemory(); + return (NULL); diff --git a/meta/recipes-graphics/libsdl2/libsdl2_2.0.12.bb b/meta/recipes-graphics/libsdl2/libsdl2_2.0.12.bb index 8e77c18f2d..44d36fca22 100644 --- a/meta/recipes-graphics/libsdl2/libsdl2_2.0.12.bb +++ b/meta/recipes-graphics/libsdl2/libsdl2_2.0.12.bb @@ -21,6 +21,7 @@ SRC_URI = "http://www.libsdl.org/release/SDL2-${PV}.tar.gz \ file://directfb-spurious-curly-brace-missing-e.patch \ file://directfb-renderfillrect-fix.patch \ file://CVE-2020-14409-14410.patch \ + file://CVE-2021-33657.patch \ " S = "${WORKDIR}/SDL2-${PV}" From patchwork Thu Jun 2 02:30:44 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 8728 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5ED48C433EF for ; Thu, 2 Jun 2022 02:31:27 +0000 (UTC) Received: from mail-pg1-f179.google.com (mail-pg1-f179.google.com [209.85.215.179]) by mx.groups.io with SMTP id smtpd.web09.2154.1654137085621337047 for ; Wed, 01 Jun 2022 19:31:25 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=BReDtikE; spf=softfail (domain: sakoman.com, ip: 209.85.215.179, mailfrom: steve@sakoman.com) Received: by mail-pg1-f179.google.com with SMTP id d129so3536308pgc.9 for ; Wed, 01 Jun 2022 19:31:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=piQylXKEF/pxGqjWS+j4nHrsEz6dMIosI+45ppmV7HI=; b=BReDtikEXcBat2q+buPC75riEeG5kgquMnEdfem6vtWnFVc4rZGzXx5dC08dJYz+wa 4EIBntLTu+7EygD3f6K6R70G54QLFa6zHJ9MG+CzTrPj2AzCe21lNFXNACLjk211fXwK cbnW+ZLzyTsnN/ZKqRrGLqqi9gmVoA36BRczLJP7OdWktCk8TrYz8x7PPeWc5dEGj3In BZVND+TkNaO/f1QzLE5J4xJBRa0+wQd3CgSiFgMBJ5+WzZRNoCistyYst89q6ioG3xZI S7MIuBu7wHO/JLmmogIG2l+AHcmuPXjukylkqJDUxajqDfvZJjU5wvtQNmBeYs50u3cd n6Aw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=piQylXKEF/pxGqjWS+j4nHrsEz6dMIosI+45ppmV7HI=; b=11QP7n/9dKvsdVlUwXneZTS4Nixk5kIE0AfYwvYDv3lKwsoxuBurF2Wefe15qD88CH jH+1kYKPBRmIuQlds1iIIQh9+KV8Kx8tJoabvY6f10Jz3bSmh3Ill4C1rGTXhTmrMFEV 8cc6ykrRz5BwZTVJe5LloUj6xQ50svEdHvr2hEp6nXY5zyvm4K+Pz1O/T7v06OYoZOT1 2mWGXWMMfqQFnPBVmNFpTuAIAX5jTot9ye1XgFey0skuGe8fRuAZTML1W2Spt1lu79EQ FkXHYOSj/UFJiOr387ZV4d5MW2hW3vGdXKoMlAn3fyXGfgBhWRnviGz1FRh1TXebTSOp sOgQ== X-Gm-Message-State: AOAM533A1hD21oYk9zUfSQLHYsJNPsaXXHOoeo/Uvn0yP0wj5rMee5Zy sFk30kL1xqKE3KMFwiRE6MJsbCBONeNAbgxk X-Google-Smtp-Source: ABdhPJzrkF2wDg1JImVxkKTjujx9Pv1ld3m02QIoal2ikX9+9XA8BAO+9cJaujaWhMXHa7L4qrEn0g== X-Received: by 2002:a05:6a00:cc:b0:518:1348:8dc2 with SMTP id e12-20020a056a0000cc00b0051813488dc2mr2685130pfj.52.1654137084343; Wed, 01 Jun 2022 19:31:24 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id j23-20020a63ec17000000b003fc37053c82sm1990447pgh.12.2022.06.01.19.31.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Jun 2022 19:31:23 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 04/11] ffmpeg: Fix for CVE-2022-1475 Date: Wed, 1 Jun 2022 16:30:44 -1000 Message-Id: <2a97ba89f236b751b333622fbbc14180e9b72245.1654136888.git.steve@sakoman.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 02 Jun 2022 02:31:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/166452 From: Virendra Thakur Add patch to fix CVE-2022-1475 Signed-off-by: Virendra Thakur Signed-off-by: Steve Sakoman --- .../ffmpeg/ffmpeg/CVE-2022-1475.patch | 36 +++++++++++++++++++ .../recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb | 1 + 2 files changed, 37 insertions(+) create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-1475.patch diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-1475.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-1475.patch new file mode 100644 index 0000000000..bd8a08a216 --- /dev/null +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-1475.patch @@ -0,0 +1,36 @@ +From: Michael Niedermayer +Date: Sun, 27 Feb 2022 14:43:04 +0100 +Subject: [PATCH] avcodec/g729_parser: Check channels + +Fixes: signed integer overflow: 10 * 808464428 cannot be represented in type 'int' +Fixes: assertion failure +Fixes: ticket9651 + +Reviewed-by: Paul B Mahol +Signed-off-by: Michael Niedermayer +(cherry picked from commit 757da974b21833529cc41bdcc9684c29660cdfa8) +Signed-off-by: Michael Niedermayer + +CVE: CVE-2022-1475 +Upstream-Status: Backport [https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=e9e2ddbc6c78cc18b76093617f82c920e58a8d1f] +Comment: Patch is refreshed as per ffmpeg codebase +Signed-off-by: Virendra Thakur + +--- + libavcodec/g729_parser.c | 3 +++ + 1 file changed, 3 insertions(+) + +Index: ffmpeg-4.2.2/libavcodec/g729_parser.c +=================================================================== +--- a/libavcodec/g729_parser.c ++++ b/libavcodec/g729_parser.c +@@ -48,6 +48,9 @@ static int g729_parse(AVCodecParserConte + av_assert1(avctx->codec_id == AV_CODEC_ID_G729); + /* FIXME: replace this heuristic block_size with more precise estimate */ + s->block_size = (avctx->bit_rate < 8000) ? G729D_6K4_BLOCK_SIZE : G729_8K_BLOCK_SIZE; ++ // channels > 2 is invalid, we pass the packet on unchanged ++ if (avctx->channels > 2) ++ s->block_size = 0; + s->block_size *= avctx->channels; + s->duration = avctx->frame_size; + } diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb index 1d6f2e528b..cbfdbf0563 100644 --- a/meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb @@ -29,6 +29,7 @@ SRC_URI = "https://www.ffmpeg.org/releases/${BP}.tar.xz \ file://0001-libavutil-include-assembly-with-full-path-from-sourc.patch \ file://CVE-2021-3566.patch \ file://CVE-2021-38291.patch \ + file://CVE-2022-1475.patch \ " SRC_URI[md5sum] = "348956fc2faa57a2f79bbb84ded9fbc3" SRC_URI[sha256sum] = "cb754255ab0ee2ea5f66f8850e1bd6ad5cac1cd855d0a2f4990fb8c668b0d29c" From patchwork Thu Jun 2 02:30:45 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 8733 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5F44FC433EF for ; Thu, 2 Jun 2022 02:31:37 +0000 (UTC) Received: from mail-pf1-f179.google.com (mail-pf1-f179.google.com [209.85.210.179]) by mx.groups.io with SMTP id smtpd.web10.2146.1654137088223444826 for ; Wed, 01 Jun 2022 19:31:28 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=rxTpScyC; spf=softfail (domain: sakoman.com, ip: 209.85.210.179, mailfrom: steve@sakoman.com) Received: by mail-pf1-f179.google.com with SMTP id y189so3535812pfy.10 for ; Wed, 01 Jun 2022 19:31:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=RyWHIyXAa5PuKYDr1V8RwTrjVoPAibWxI8h+jcvGkXY=; b=rxTpScyCTyirfJZsaZwuw8czqsaX7HcxcDDVU4kNXWFGRlZ2jSLdHqYZKHrQh0yiz2 Ozn5NV1ltcBSTMTb5y78X2lEKXXsjl8+9D4vHTlfeDgDIVawen24k5pFd3+KB266afxZ 2sToJk1yRX255H03x8aCdapuLt1SAOKN1xyM+DJeSbZIoGaLjFYchb1vPo8ykud5n0QV RcjNQumZfdlWVobxYn+B4m0MARFYAUI4ot/2DXBeRuanf89k5VcRAz9OcYz6+dqMLdLE wZWeTqd0dylFoqrMhLdJFNh0zKfU8Q9FsZymHPFce3CF4mKn9G+/RTUZRVFiYAyxyc1m KlTw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=RyWHIyXAa5PuKYDr1V8RwTrjVoPAibWxI8h+jcvGkXY=; b=fAXz4QjgbCwwrqVrBbTCte1BCfEHerGgFoE2HLWNND6G4ZvbLVvogMtpY64WkBhJIX 0jUmGd0vK8lmgw9aYG3gOATI7Ls/KVcctiB/DYlFJOJ3JCD2jXTTkBydvkj2vhpFPWTi SNieABlGri7UCF8MEiNeRkdZnHvISI8Nbp/rj7U3fRz2H52qGAle9V5RFdOcSAud/4I+ uFshxsNMAgCaf3ZH/RMRNU0IEZKJ+7TbFtX0/Hp2OqFyR3gbazUd7V6wfFAy4Ml8Kg4A aptexejfBgaJmNGuAvGCUpf/aaAjwKGAr0DPAM8VrvZKWbf7fCgdHFcJT72EihKCgBfo WNFw== X-Gm-Message-State: AOAM533g0RZvLZ6CPTrWTVZosBU0Yt5DmlJ9Zt/GS75TtSjc6amQX6BG E9PLjNrJlYqM8RbZNDHzeDuSY6LGTiq4zNZE X-Google-Smtp-Source: ABdhPJxvMUd3/Gql1AFNif9KZBVfnoY1gAh0vpghXXz4id611wrEXXLJ7blRl4k1Mytw6feuNVpXgw== X-Received: by 2002:a63:f455:0:b0:3fc:e1c1:bf10 with SMTP id p21-20020a63f455000000b003fce1c1bf10mr485617pgk.467.1654137086941; Wed, 01 Jun 2022 19:31:26 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id j23-20020a63ec17000000b003fc37053c82sm1990447pgh.12.2022.06.01.19.31.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Jun 2022 19:31:26 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 05/11] ncurses: Fix CVE-2022-29458 Date: Wed, 1 Jun 2022 16:30:45 -1000 Message-Id: <2287d591cf32f5580ea6679805d04c3a5146ecd5.1654136888.git.steve@sakoman.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 02 Jun 2022 02:31:37 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/166453 From: Dan Tran ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library. Backported from the link below, extracting only the relevant changes. https://github.com/ThomasDickey/ncurses-snapshots/commit/9d1d651878d4bf0695872a64cc65ba0acb825f36 Signed-off-by: Gustavo Lima Chaves Signed-off-by: Dan Tran Signed-off-by: Steve Sakoman --- .../ncurses/files/CVE-2022-29458.patch | 135 ++++++++++++++++++ meta/recipes-core/ncurses/ncurses_6.2.bb | 1 + 2 files changed, 136 insertions(+) create mode 100644 meta/recipes-core/ncurses/files/CVE-2022-29458.patch diff --git a/meta/recipes-core/ncurses/files/CVE-2022-29458.patch b/meta/recipes-core/ncurses/files/CVE-2022-29458.patch new file mode 100644 index 0000000000..eb1b7c96f9 --- /dev/null +++ b/meta/recipes-core/ncurses/files/CVE-2022-29458.patch @@ -0,0 +1,135 @@ +From 5f40697e37e195069f55528fc7a1d77e619ad104 Mon Sep 17 00:00:00 2001 +From: Dan Tran +Date: Fri, 13 May 2022 13:28:41 -0700 +Subject: [PATCH] ncurses 6.3 before patch 20220416 has an out-of-bounds read + and segmentation violation in convert_strings in tinfo/read_entry.c in the + terminfo library. + +CVE: CVE-2022-29458 +Upstream-Status: Backport +[https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009870] + +Signed-off-by: Gustavo Lima Chaves +Signed-off-by: Dan Tran +--- + ncurses/tinfo/alloc_entry.c | 14 ++++++-------- + ncurses/tinfo/read_entry.c | 25 +++++++++++++++++++------ + 2 files changed, 25 insertions(+), 14 deletions(-) + +diff --git a/ncurses/tinfo/alloc_entry.c b/ncurses/tinfo/alloc_entry.c +index 4bf7d6c8..b49ad6aa 100644 +--- a/ncurses/tinfo/alloc_entry.c ++++ b/ncurses/tinfo/alloc_entry.c +@@ -48,13 +48,11 @@ + + #include + +-MODULE_ID("$Id: alloc_entry.c,v 1.64 2020/02/02 23:34:34 tom Exp $") ++MODULE_ID("$Id: alloc_entry.c,v 1.69 2022/04/16 22:46:53 tom Exp $") + + #define ABSENT_OFFSET -1 + #define CANCELLED_OFFSET -2 + +-#define MAX_STRTAB 4096 /* documented maximum entry size */ +- + static char *stringbuf; /* buffer for string capabilities */ + static size_t next_free; /* next free character in stringbuf */ + +@@ -71,8 +69,8 @@ _nc_init_entry(ENTRY * const tp) + } + #endif + +- if (stringbuf == 0) +- TYPE_MALLOC(char, (size_t) MAX_STRTAB, stringbuf); ++ if (stringbuf == NULL) ++ TYPE_MALLOC(char, (size_t) MAX_ENTRY_SIZE, stringbuf); + + next_free = 0; + +@@ -108,11 +106,11 @@ _nc_save_str(const char *const string) + * Cheat a little by making an empty string point to the end of the + * previous string. + */ +- if (next_free < MAX_STRTAB) { ++ if (next_free < MAX_ENTRY_SIZE) { + result = (stringbuf + next_free - 1); + } +- } else if (next_free + len < MAX_STRTAB) { +- _nc_STRCPY(&stringbuf[next_free], string, MAX_STRTAB); ++ } else if (next_free + len < MAX_ENTRY_SIZE) { ++ _nc_STRCPY(&stringbuf[next_free], string, MAX_ENTRY_SIZE); + DEBUG(7, ("Saved string %s", _nc_visbuf(string))); + DEBUG(7, ("at location %d", (int) next_free)); + next_free += len; +diff --git a/ncurses/tinfo/read_entry.c b/ncurses/tinfo/read_entry.c +index 5b570b0f..23c2cebc 100644 +--- a/ncurses/tinfo/read_entry.c ++++ b/ncurses/tinfo/read_entry.c +@@ -1,5 +1,5 @@ + /**************************************************************************** +- * Copyright 2018-2019,2020 Thomas E. Dickey * ++ * Copyright 2018-2021,2022 Thomas E. Dickey * + * Copyright 1998-2016,2017 Free Software Foundation, Inc. * + * * + * Permission is hereby granted, free of charge, to any person obtaining a * +@@ -42,7 +42,7 @@ + + #include + +-MODULE_ID("$Id: read_entry.c,v 1.157 2020/02/02 23:34:34 tom Exp $") ++MODULE_ID("$Id: read_entry.c,v 1.162 2022/04/16 21:00:00 tom Exp $") + + #define TYPE_CALLOC(type,elts) typeCalloc(type, (unsigned)(elts)) + +@@ -145,6 +145,7 @@ convert_strings(char *buf, char **Strings, int count, int size, char *table) + { + int i; + char *p; ++ bool corrupt = FALSE; + + for (i = 0; i < count; i++) { + if (IS_NEG1(buf + 2 * i)) { +@@ -154,8 +155,20 @@ convert_strings(char *buf, char **Strings, int count, int size, char *table) + } else if (MyNumber(buf + 2 * i) > size) { + Strings[i] = ABSENT_STRING; + } else { +- Strings[i] = (MyNumber(buf + 2 * i) + table); +- TR(TRACE_DATABASE, ("Strings[%d] = %s", i, _nc_visbuf(Strings[i]))); ++ int nn = MyNumber(buf + 2 * i); ++ if (nn >= 0 && nn < size) { ++ Strings[i] = (nn + table); ++ TR(TRACE_DATABASE, ("Strings[%d] = %s", i, ++ _nc_visbuf(Strings[i]))); ++ } else { ++ if (!corrupt) { ++ corrupt = TRUE; ++ TR(TRACE_DATABASE, ++ ("ignore out-of-range index %d to Strings[]", nn)); ++ _nc_warning("corrupt data found in convert_strings"); ++ } ++ Strings[i] = ABSENT_STRING; ++ } + } + + /* make sure all strings are NUL terminated */ +@@ -776,7 +789,7 @@ _nc_read_tic_entry(char *filename, + * looking for compiled (binary) terminfo data. + * + * cgetent uses a two-level lookup. On the first it uses the given +- * name to return a record containing only the aliases for an entry. ++ * name to return a record containing only the aliases for an entry. + * On the second (using that list of aliases as a key), it returns the + * content of the terminal description. We expect second lookup to + * return data beginning with the same set of aliases. +@@ -833,7 +846,7 @@ _nc_read_tic_entry(char *filename, + #endif /* NCURSES_USE_DATABASE */ + + /* +- * Find and read the compiled entry for a given terminal type, if it exists. ++ * Find and read the compiled entry for a given terminal type, if it exists. + * We take pains here to make sure no combination of environment variables and + * terminal type name can be used to overrun the file buffer. + */ +-- +2.36.1 + diff --git a/meta/recipes-core/ncurses/ncurses_6.2.bb b/meta/recipes-core/ncurses/ncurses_6.2.bb index 700464f70b..451bfbcb5d 100644 --- a/meta/recipes-core/ncurses/ncurses_6.2.bb +++ b/meta/recipes-core/ncurses/ncurses_6.2.bb @@ -4,6 +4,7 @@ SRC_URI += "file://0001-tic-hang.patch \ file://0002-configure-reproducible.patch \ file://0003-gen-pkgconfig.in-Do-not-include-LDFLAGS-in-generated.patch \ file://CVE-2021-39537.patch \ + file://CVE-2022-29458.patch \ " # commit id corresponds to the revision in package version SRCREV = "a669013cd5e9d6434e5301348ea51baf306c93c4" From patchwork Thu Jun 2 02:30:46 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 8735 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 664BACCA477 for ; Thu, 2 Jun 2022 02:31:37 +0000 (UTC) Received: from mail-pl1-f182.google.com (mail-pl1-f182.google.com [209.85.214.182]) by mx.groups.io with SMTP id smtpd.web11.2178.1654137090596647185 for ; Wed, 01 Jun 2022 19:31:30 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=8AjYUoXY; spf=softfail (domain: sakoman.com, ip: 209.85.214.182, mailfrom: steve@sakoman.com) Received: by mail-pl1-f182.google.com with SMTP id q18so3337741pln.12 for ; Wed, 01 Jun 2022 19:31:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=6L0ffaRErn2iKon+CoBsSSxUIP41T0phCvHCTEyfVOM=; b=8AjYUoXYZoKPBdqk+Y67NBbImzWA3ZdP90RXSR4nSO1J6DvbGNg+u7apQvVCWIHbYl CnFoGniNwjhA+JZvZCmziAZ+g8Dl83IikbwzV7IipPkSnHX4vLu+TyAdKAaRo3XbrZO/ vo2VfdizrIi2u2b0GA1Aw78uzMEk3lZQvhfk5sTzRSN1O6zP5xjkRYfMofpsMTMm5AtR 0RxTvqExskoXkwHmxy9xBOb7vs5aF1bghEbLy5+W87IG1t4rslKUB436rnl37LjfHjDW /1h3dZmhv5ln1VfSNL5Xv2rW6DH/2TuUEdbmwPPLiEYLpPMB/FVuv53bO6KNriEVYUSZ Q+eQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=6L0ffaRErn2iKon+CoBsSSxUIP41T0phCvHCTEyfVOM=; b=prLlUx2K6k3Z8+DCWrODt8Eec3c9ytP0XWmDLhbZeCe8vMZmTyhfbrC8ethKCsEmea ppTGD66mQtj/FDYlfUmiUXNuwuNCq+c8rxYEWbnmWeK055kfL3MEumLb4s/LVpVklfye Tzl3eQtv1dGA6MuwginM6i0ZlrX/S0y7x8bJqGzRWuv+2F/jLYUJGBvSnSQwfk3e+1g7 Rm+HD1tisyVy62P8DAnktoaXtI+D4tK/Azho8n9Mr8118zzGwXx2yxTwhOEuIILWVdaq +Sa70XLhNt1ACqzm0iRtcTfXlc/EoMSgTj0RmTMRDGvV2hwHe1aLya2AiGVegSft8jy8 tZng== X-Gm-Message-State: AOAM531V2oAS7NVOO32FEKcw1cloi+v+4nX24Od32fNWv/1F7P0FB8wb uv2v3teBZ8MfpXn4fShe1nrmzB2tfsj47Hih X-Google-Smtp-Source: ABdhPJx1PLtP8Q2xrpCBqzJUHhc8DS9UOuCLjLUfao/SbOT8TFWmcDJoradUIxhbinMb2DIj+DdpSg== X-Received: by 2002:a17:90b:1646:b0:1e3:15ef:2871 with SMTP id il6-20020a17090b164600b001e315ef2871mr17348902pjb.105.1654137089329; Wed, 01 Jun 2022 19:31:29 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id j23-20020a63ec17000000b003fc37053c82sm1990447pgh.12.2022.06.01.19.31.28 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Jun 2022 19:31:28 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 06/11] libxml2: Fix CVE-2022-29824 for libxml2 Date: Wed, 1 Jun 2022 16:30:46 -1000 Message-Id: <096ca5fa8cc4672e5e9b25dffe81b176b252d570.1654136888.git.steve@sakoman.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 02 Jun 2022 02:31:37 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/166454 From: Riyaz Add patch for CVE issue: CVE-2022-29824 CVE-2022-29824 Link: [https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab] Dependent patch: [https://gitlab.gnome.org/GNOME/libxml2/-/commit/b07251215ef48c70c6e56f7351406c47cfca4d5b] Signed-off-by: Riyaz Signed-off-by: Steve Sakoman --- .../libxml2/CVE-2022-29824-dependent.patch | 53 +++ .../libxml/libxml2/CVE-2022-29824.patch | 348 ++++++++++++++++++ meta/recipes-core/libxml/libxml2_2.9.10.bb | 2 + 3 files changed, 403 insertions(+) create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2022-29824-dependent.patch create mode 100644 meta/recipes-core/libxml/libxml2/CVE-2022-29824.patch diff --git a/meta/recipes-core/libxml/libxml2/CVE-2022-29824-dependent.patch b/meta/recipes-core/libxml/libxml2/CVE-2022-29824-dependent.patch new file mode 100644 index 0000000000..63d613cc21 --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/CVE-2022-29824-dependent.patch @@ -0,0 +1,53 @@ +From b07251215ef48c70c6e56f7351406c47cfca4d5b Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Fri, 10 Jan 2020 15:55:07 +0100 +Subject: [PATCH] Fix integer overflow in xmlBufferResize + +Found by OSS-Fuzz. + +CVE: CVE-2022-29824 + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/b07251215ef48c70c6e56f7351406c47cfca4d5b] + +Signed-off-by: Riyaz Ahmed Khan + +--- + tree.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +diff --git a/tree.c b/tree.c +index 0d7fc98c..f43f6de1 100644 +--- a/tree.c ++++ b/tree.c +@@ -7424,12 +7424,17 @@ xmlBufferResize(xmlBufferPtr buf, unsigned int size) + if (size < buf->size) + return 1; + ++ if (size > UINT_MAX - 10) { ++ xmlTreeErrMemory("growing buffer"); ++ return 0; ++ } ++ + /* figure out new size */ + switch (buf->alloc){ + case XML_BUFFER_ALLOC_IO: + case XML_BUFFER_ALLOC_DOUBLEIT: + /*take care of empty case*/ +- newSize = (buf->size ? buf->size*2 : size + 10); ++ newSize = (buf->size ? buf->size : size + 10); + while (size > newSize) { + if (newSize > UINT_MAX / 2) { + xmlTreeErrMemory("growing buffer"); +@@ -7445,7 +7450,7 @@ xmlBufferResize(xmlBufferPtr buf, unsigned int size) + if (buf->use < BASE_BUFFER_SIZE) + newSize = size; + else { +- newSize = buf->size * 2; ++ newSize = buf->size; + while (size > newSize) { + if (newSize > UINT_MAX / 2) { + xmlTreeErrMemory("growing buffer"); +-- +GitLab + + diff --git a/meta/recipes-core/libxml/libxml2/CVE-2022-29824.patch b/meta/recipes-core/libxml/libxml2/CVE-2022-29824.patch new file mode 100644 index 0000000000..ad7b87dbc6 --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/CVE-2022-29824.patch @@ -0,0 +1,348 @@ +From 2554a2408e09f13652049e5ffb0d26196b02ebab Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Tue, 8 Mar 2022 20:10:02 +0100 +Subject: [PATCH] [CVE-2022-29824] Fix integer overflows in xmlBuf and + xmlBuffer + +In several places, the code handling string buffers didn't check for +integer overflow or used wrong types for buffer sizes. This could +result in out-of-bounds writes or other memory errors when working on +large, multi-gigabyte buffers. + +Thanks to Felix Wilhelm for the report. + +CVE: CVE-2022-29824 + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/2554a2408e09f13652049e5ffb0d26196b02ebab] + +Signed-off-by: Riyaz Ahmed Khan + +--- + buf.c | 86 +++++++++++++++++++++++----------------------------------- + tree.c | 72 ++++++++++++++++++------------------------------ + 2 files changed, 61 insertions(+), 97 deletions(-) + +diff --git a/buf.c b/buf.c +index 24368d37..40a5ee06 100644 +--- a/buf.c ++++ b/buf.c +@@ -30,6 +30,10 @@ + #include /* for XML_MAX_TEXT_LENGTH */ + #include "buf.h" + ++#ifndef SIZE_MAX ++#define SIZE_MAX ((size_t) -1) ++#endif ++ + #define WITH_BUFFER_COMPAT + + /** +@@ -156,6 +160,8 @@ xmlBufPtr + xmlBufCreateSize(size_t size) { + xmlBufPtr ret; + ++ if (size == SIZE_MAX) ++ return(NULL); + ret = (xmlBufPtr) xmlMalloc(sizeof(xmlBuf)); + if (ret == NULL) { + xmlBufMemoryError(NULL, "creating buffer"); +@@ -166,8 +172,8 @@ xmlBufCreateSize(size_t size) { + ret->error = 0; + ret->buffer = NULL; + ret->alloc = xmlBufferAllocScheme; +- ret->size = (size ? size+2 : 0); /* +1 for ending null */ +- ret->compat_size = (int) ret->size; ++ ret->size = (size ? size + 1 : 0); /* +1 for ending null */ ++ ret->compat_size = (ret->size > INT_MAX ? INT_MAX : ret->size); + if (ret->size){ + ret->content = (xmlChar *) xmlMallocAtomic(ret->size * sizeof(xmlChar)); + if (ret->content == NULL) { +@@ -442,23 +448,17 @@ xmlBufGrowInternal(xmlBufPtr buf, size_t len) { + CHECK_COMPAT(buf) + + if (buf->alloc == XML_BUFFER_ALLOC_IMMUTABLE) return(0); +- if (buf->use + len < buf->size) ++ if (len < buf->size - buf->use) + return(buf->size - buf->use); ++ if (len > SIZE_MAX - buf->use) ++ return(0); + +- /* +- * Windows has a BIG problem on realloc timing, so we try to double +- * the buffer size (if that's enough) (bug 146697) +- * Apparently BSD too, and it's probably best for linux too +- * On an embedded system this may be something to change +- */ +-#if 1 +- if (buf->size > (size_t) len) +- size = buf->size * 2; +- else +- size = buf->use + len + 100; +-#else +- size = buf->use + len + 100; +-#endif ++ if (buf->size > (size_t) len) { ++ size = buf->size > SIZE_MAX / 2 ? SIZE_MAX : buf->size * 2; ++ } else { ++ size = buf->use + len; ++ size = size > SIZE_MAX - 100 ? SIZE_MAX : size + 100; ++ } + + if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) { + /* +@@ -744,7 +744,7 @@ xmlBufIsEmpty(const xmlBufPtr buf) + int + xmlBufResize(xmlBufPtr buf, size_t size) + { +- unsigned int newSize; ++ size_t newSize; + xmlChar* rebuf = NULL; + size_t start_buf; + +@@ -772,9 +772,13 @@ xmlBufResize(xmlBufPtr buf, size_t size) + case XML_BUFFER_ALLOC_IO: + case XML_BUFFER_ALLOC_DOUBLEIT: + /*take care of empty case*/ +- newSize = (buf->size ? buf->size*2 : size + 10); ++ if (buf->size == 0) { ++ newSize = (size > SIZE_MAX - 10 ? SIZE_MAX : size + 10); ++ } else { ++ newSize = buf->size; ++ } + while (size > newSize) { +- if (newSize > UINT_MAX / 2) { ++ if (newSize > SIZE_MAX / 2) { + xmlBufMemoryError(buf, "growing buffer"); + return 0; + } +@@ -782,15 +786,15 @@ xmlBufResize(xmlBufPtr buf, size_t size) + } + break; + case XML_BUFFER_ALLOC_EXACT: +- newSize = size+10; ++ newSize = (size > SIZE_MAX - 10 ? SIZE_MAX : size + 10); + break; + case XML_BUFFER_ALLOC_HYBRID: + if (buf->use < BASE_BUFFER_SIZE) + newSize = size; + else { +- newSize = buf->size * 2; ++ newSize = buf->size; + while (size > newSize) { +- if (newSize > UINT_MAX / 2) { ++ if (newSize > SIZE_MAX / 2) { + xmlBufMemoryError(buf, "growing buffer"); + return 0; + } +@@ -800,7 +804,7 @@ xmlBufResize(xmlBufPtr buf, size_t size) + break; + + default: +- newSize = size+10; ++ newSize = (size > SIZE_MAX - 10 ? SIZE_MAX : size + 10); + break; + } + +@@ -866,7 +870,7 @@ xmlBufResize(xmlBufPtr buf, size_t size) + */ + int + xmlBufAdd(xmlBufPtr buf, const xmlChar *str, int len) { +- unsigned int needSize; ++ size_t needSize; + + if ((str == NULL) || (buf == NULL) || (buf->error)) + return -1; +@@ -888,8 +892,10 @@ xmlBufAdd(xmlBufPtr buf, const xmlChar *str, int len) { + if (len < 0) return -1; + if (len == 0) return 0; + +- needSize = buf->use + len + 2; +- if (needSize > buf->size){ ++ if ((size_t) len >= buf->size - buf->use) { ++ if ((size_t) len >= SIZE_MAX - buf->use) ++ return(-1); ++ needSize = buf->use + len + 1; + if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) { + /* + * Used to provide parsing limits +@@ -1025,31 +1031,7 @@ xmlBufCat(xmlBufPtr buf, const xmlChar *str) { + */ + int + xmlBufCCat(xmlBufPtr buf, const char *str) { +- const char *cur; +- +- if ((buf == NULL) || (buf->error)) +- return(-1); +- CHECK_COMPAT(buf) +- if (buf->alloc == XML_BUFFER_ALLOC_IMMUTABLE) return -1; +- if (str == NULL) { +-#ifdef DEBUG_BUFFER +- xmlGenericError(xmlGenericErrorContext, +- "xmlBufCCat: str == NULL\n"); +-#endif +- return -1; +- } +- for (cur = str;*cur != 0;cur++) { +- if (buf->use + 10 >= buf->size) { +- if (!xmlBufResize(buf, buf->use+10)){ +- xmlBufMemoryError(buf, "growing buffer"); +- return XML_ERR_NO_MEMORY; +- } +- } +- buf->content[buf->use++] = *cur; +- } +- buf->content[buf->use] = 0; +- UPDATE_COMPAT(buf) +- return 0; ++ return xmlBufCat(buf, (const xmlChar *) str); + } + + /** +diff --git a/tree.c b/tree.c +index 9d94aa42..86afb7d6 100644 +--- a/tree.c ++++ b/tree.c +@@ -7104,6 +7104,8 @@ xmlBufferPtr + xmlBufferCreateSize(size_t size) { + xmlBufferPtr ret; + ++ if (size >= UINT_MAX) ++ return(NULL); + ret = (xmlBufferPtr) xmlMalloc(sizeof(xmlBuffer)); + if (ret == NULL) { + xmlTreeErrMemory("creating buffer"); +@@ -7111,7 +7113,7 @@ xmlBufferCreateSize(size_t size) { + } + ret->use = 0; + ret->alloc = xmlBufferAllocScheme; +- ret->size = (size ? size+2 : 0); /* +1 for ending null */ ++ ret->size = (size ? size + 1 : 0); /* +1 for ending null */ + if (ret->size){ + ret->content = (xmlChar *) xmlMallocAtomic(ret->size * sizeof(xmlChar)); + if (ret->content == NULL) { +@@ -7171,6 +7173,8 @@ xmlBufferCreateStatic(void *mem, size_t size) { + + if ((mem == NULL) || (size == 0)) + return(NULL); ++ if (size > UINT_MAX) ++ return(NULL); + + ret = (xmlBufferPtr) xmlMalloc(sizeof(xmlBuffer)); + if (ret == NULL) { +@@ -7318,28 +7322,23 @@ xmlBufferShrink(xmlBufferPtr buf, unsigned int len) { + */ + int + xmlBufferGrow(xmlBufferPtr buf, unsigned int len) { +- int size; ++ unsigned int size; + xmlChar *newbuf; + + if (buf == NULL) return(-1); + + if (buf->alloc == XML_BUFFER_ALLOC_IMMUTABLE) return(0); +- if (len + buf->use < buf->size) return(0); ++ if (len < buf->size - buf->use) ++ return(0); ++ if (len > UINT_MAX - buf->use) ++ return(-1); + +- /* +- * Windows has a BIG problem on realloc timing, so we try to double +- * the buffer size (if that's enough) (bug 146697) +- * Apparently BSD too, and it's probably best for linux too +- * On an embedded system this may be something to change +- */ +-#if 1 +- if (buf->size > len) +- size = buf->size * 2; +- else +- size = buf->use + len + 100; +-#else +- size = buf->use + len + 100; +-#endif ++ if (buf->size > (size_t) len) { ++ size = buf->size > UINT_MAX / 2 ? UINT_MAX : buf->size * 2; ++ } else { ++ size = buf->use + len; ++ size = size > UINT_MAX - 100 ? UINT_MAX : size + 100; ++ } + + if ((buf->alloc == XML_BUFFER_ALLOC_IO) && (buf->contentIO != NULL)) { + size_t start_buf = buf->content - buf->contentIO; +@@ -7466,7 +7465,10 @@ xmlBufferResize(xmlBufferPtr buf, unsigned int size) + case XML_BUFFER_ALLOC_IO: + case XML_BUFFER_ALLOC_DOUBLEIT: + /*take care of empty case*/ +- newSize = (buf->size ? buf->size : size + 10); ++ if (buf->size == 0) ++ newSize = (size > UINT_MAX - 10 ? UINT_MAX : size + 10); ++ else ++ newSize = buf->size; + while (size > newSize) { + if (newSize > UINT_MAX / 2) { + xmlTreeErrMemory("growing buffer"); +@@ -7476,7 +7478,7 @@ xmlBufferResize(xmlBufferPtr buf, unsigned int size) + } + break; + case XML_BUFFER_ALLOC_EXACT: +- newSize = size+10; ++ newSize = (size > UINT_MAX - 10 ? UINT_MAX : size + 10);; + break; + case XML_BUFFER_ALLOC_HYBRID: + if (buf->use < BASE_BUFFER_SIZE) +@@ -7494,7 +7496,7 @@ xmlBufferResize(xmlBufferPtr buf, unsigned int size) + break; + + default: +- newSize = size+10; ++ newSize = (size > UINT_MAX - 10 ? UINT_MAX : size + 10);; + break; + } + +@@ -7580,8 +7582,10 @@ xmlBufferAdd(xmlBufferPtr buf, const xmlChar *str, int len) { + if (len < 0) return -1; + if (len == 0) return 0; + +- needSize = buf->use + len + 2; +- if (needSize > buf->size){ ++ if ((unsigned) len >= buf->size - buf->use) { ++ if ((unsigned) len >= UINT_MAX - buf->use) ++ return XML_ERR_NO_MEMORY; ++ needSize = buf->use + len + 1; + if (!xmlBufferResize(buf, needSize)){ + xmlTreeErrMemory("growing buffer"); + return XML_ERR_NO_MEMORY; +@@ -7694,29 +7698,7 @@ xmlBufferCat(xmlBufferPtr buf, const xmlChar *str) { + */ + int + xmlBufferCCat(xmlBufferPtr buf, const char *str) { +- const char *cur; +- +- if (buf == NULL) +- return(-1); +- if (buf->alloc == XML_BUFFER_ALLOC_IMMUTABLE) return -1; +- if (str == NULL) { +-#ifdef DEBUG_BUFFER +- xmlGenericError(xmlGenericErrorContext, +- "xmlBufferCCat: str == NULL\n"); +-#endif +- return -1; +- } +- for (cur = str;*cur != 0;cur++) { +- if (buf->use + 10 >= buf->size) { +- if (!xmlBufferResize(buf, buf->use+10)){ +- xmlTreeErrMemory("growing buffer"); +- return XML_ERR_NO_MEMORY; +- } +- } +- buf->content[buf->use++] = *cur; +- } +- buf->content[buf->use] = 0; +- return 0; ++ return xmlBufferCat(buf, (const xmlChar *) str); + } + + /** +-- +GitLab + diff --git a/meta/recipes-core/libxml/libxml2_2.9.10.bb b/meta/recipes-core/libxml/libxml2_2.9.10.bb index c4bb8f29e0..b3ebf15751 100644 --- a/meta/recipes-core/libxml/libxml2_2.9.10.bb +++ b/meta/recipes-core/libxml/libxml2_2.9.10.bb @@ -30,6 +30,8 @@ SRC_URI += "http://www.w3.org/XML/Test/xmlts20080827.tar.gz;subdir=${BP};name=te file://CVE-2021-3541.patch \ file://CVE-2022-23308.patch \ file://CVE-2022-23308-fix-regression.patch \ + file://CVE-2022-29824-dependent.patch \ + file://CVE-2022-29824.patch \ " SRC_URI[archive.sha256sum] = "593b7b751dd18c2d6abcd0c4bcb29efc203d0b4373a6df98e3a455ea74ae2813" From patchwork Thu Jun 2 02:30:47 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 8734 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5A5FDCCA473 for ; Thu, 2 Jun 2022 02:31:37 +0000 (UTC) Received: from mail-pj1-f54.google.com (mail-pj1-f54.google.com [209.85.216.54]) by mx.groups.io with SMTP id smtpd.web09.2156.1654137092637237558 for ; Wed, 01 Jun 2022 19:31:32 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=gyeWteKF; spf=softfail (domain: sakoman.com, ip: 209.85.216.54, mailfrom: steve@sakoman.com) Received: by mail-pj1-f54.google.com with SMTP id n13-20020a17090a394d00b001e30a60f82dso8042755pjf.5 for ; Wed, 01 Jun 2022 19:31:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=gOfpiPAFqkaKAg5BUsR9grZdplXKXZSKXUXL2vIVFTM=; b=gyeWteKFN0q5IcBcuSy5Q/bRsqXwJdUcbgQRB2HFwHF9AfhTOMMLLqctWXR6FESIpu uT4RfAR7iZ+QIPLoBvU5GFAGVrdgBCJlXR3fv5dbh2O55ITXRBBzL4leN9tBL3dkZSlG a0OqHmMjt++P0MkoPNKEs9NGGRiHGLwwSwiBjFTAT5W3J78ydUg0obSyZ5vAraAB503C CroRHq7SIhyP7lzSKeW933WD5S82AXb6rjnoXU1bnB9gkBxeOf2hFHZF7xKkHU+C52dQ voTs6RbvB1vHrGjVgQomW12iwwuJkCcCYImeNpZRJguNpSFGdXagnUyvajCN8GCufDG0 I9nQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=gOfpiPAFqkaKAg5BUsR9grZdplXKXZSKXUXL2vIVFTM=; b=gW9gs57k27eV1Vr3PN1idYsDv/I7dgKljhBOjvLzeeax3M0gkBLtq3Ic7aCZpX6pBO eZEIWpvMcaZwU/xwKWSYbedY1W7b7/dS7JAWHI9gRBvhTLdiGCj7fdCd6vaAtyJs5sFh 55STgekuuGxYam7wgR7jbdAVrg7PSYB96MMkKneIJIcCoSgi4/HxwKuY+wcqt+acwdHC ox+wH8b2JDJZnJ0I6xswfNUbgQ+fWocIegdJDbDkQklQ9ZDuRNPUx3B+wynyr23oTMh5 cLwn3aCWSRd7hb9Gyw2iHGuiAqSJA9uVz4t1Mt5EZjFoPgOEVS6eEyWI0XXXR7B03caU z/mw== X-Gm-Message-State: AOAM531rpExjBqqcHS+TjTi6rs5+v9ECqxDVzGLwkm0fVndSGRWth63n LEMNvgO9pgItIAEAC5Gss68cDRy/CvUW3ldg X-Google-Smtp-Source: ABdhPJxWun+dxHWjcyQvIlU9QYwWSyL+0Ia5TZMfYHJrIOGVPoXpJ710PWjjYmOv1tW84gbBp1tkmw== X-Received: by 2002:a17:90b:503:b0:1e2:f129:5135 with SMTP id r3-20020a17090b050300b001e2f1295135mr2659059pjz.22.1654137091522; Wed, 01 Jun 2022 19:31:31 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id j23-20020a63ec17000000b003fc37053c82sm1990447pgh.12.2022.06.01.19.31.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Jun 2022 19:31:30 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 07/11] vim: Upgrade 8.2.4912 -> 8.2.5034 to fix 9 CVEs Date: Wed, 1 Jun 2022 16:30:47 -1000 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 02 Jun 2022 02:31:37 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/166455 From: Richard Purdie Address CVE-2022-1621, CVE-2022-1629, CVE-2022-1674, CVE-2022-1733, CVE-2022-1735 CVE-2022-1769, CVE-2022-1771, CVE-2022-1785, CVE-2022-1796 Signed-off-by: Richard Purdie (cherry picked from commit fafce97bd440150ac5c586b53b887ee70a5b66bd) Signed-off-by: Steve Sakoman --- meta/recipes-support/vim/vim.inc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc index 4b8f4d1dfb..9d918379b4 100644 --- a/meta/recipes-support/vim/vim.inc +++ b/meta/recipes-support/vim/vim.inc @@ -21,8 +21,8 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \ file://racefix.patch \ " -PV .= ".4912" -SRCREV = "a7583c42cd6b64fd276a5d7bb0db5ce7bfafa730" +PV .= ".5034" +SRCREV = "5a6ec10cc80ab02eeff644ab19b82312630ea855" # Remove when 8.3 is out UPSTREAM_VERSION_UNKNOWN = "1" From patchwork Thu Jun 2 02:30:48 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 8732 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5A5CFC43334 for ; Thu, 2 Jun 2022 02:31:37 +0000 (UTC) Received: from mail-pl1-f182.google.com (mail-pl1-f182.google.com [209.85.214.182]) by mx.groups.io with SMTP id smtpd.web08.2153.1654137094992361900 for ; Wed, 01 Jun 2022 19:31:35 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=txgLgxo6; spf=softfail (domain: sakoman.com, ip: 209.85.214.182, mailfrom: steve@sakoman.com) Received: by mail-pl1-f182.google.com with SMTP id s14so3357793plk.8 for ; Wed, 01 Jun 2022 19:31:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=MA1/dj0zdnL5JK6oWOpSNZiQvFz3qI6ZFM2gt4gE1Lo=; b=txgLgxo6MxRcCIfxlccI4l2vru3cCsbq/7roZdFXfnahgRh3JygqmxYwJ6uh9Ohsg9 bVMU7XKxNvZCf/1MvlZdpgj/NMDSSMDGj/12nNfoOh/hDAwN26rEMBEjSnUAChHHjOhU MaxuJZNjujzs3ifPW5eGdP/nkYxapkm1gLn26N07TrcQxauhC6IKXUqORQ51wJm0F5vp Bs3JPC0wNjq5Zm853mgbl3ng1u9DqSwsMZGigbtmhKArkKd/JhONiYsgRkZdReJyBDon qf9xHXkhOPZsjy/8UKOTM6CR3nfPExkKvtBYQp5lTlGYsdaAKZGPkici/Y6hOthG+WNa 4tOA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=MA1/dj0zdnL5JK6oWOpSNZiQvFz3qI6ZFM2gt4gE1Lo=; b=rqvxBNtCPHjtx5OqeUfZwfiNmInnAbncHoLDDPgZ+qKZ7zsTBzfl3XYPmHdxyWYQDV 4CWKYr0c7U3RaDFoxrhHzXiIUaTfjZHS68ioy8OubV+B5sEE9CBzOv3gc0fGR8gwSLf/ E9+b8DRjK65XwDqxoM+H7haJeE0KfZRFOu3fDpo4z/bFphy+Kq+tlUfRYG2sRzYf5zMJ FkoxLTG4vU+j2AibA9SAsVHkpqrb270P66/FXFpJb4rQrPQwOzJE8VQ0Tbqxke1hHCA1 nSBNZgyLZfD9n2cVDkDdIrt3StEef6LDFclVqhNBcDeZ+79ypqGQsOUWRKacefukEAap +XVw== X-Gm-Message-State: AOAM531gfZPT7kIuUER32pXvvRMFepOzGx/J3uhTN68G+vNW2InLOkt7 9OBwiGcDRx+Rla0s0EXh7n2FG4F43JrWRLrV X-Google-Smtp-Source: ABdhPJyPhys6wL1sH5todvf8rvaNtLccNoih5sJ5LAm0KnAw2iBuI1zh6xW1qcrdmBXISf88DsWedg== X-Received: by 2002:a17:903:181:b0:161:d61f:e891 with SMTP id z1-20020a170903018100b00161d61fe891mr2436241plg.153.1654137093828; Wed, 01 Jun 2022 19:31:33 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id j23-20020a63ec17000000b003fc37053c82sm1990447pgh.12.2022.06.01.19.31.32 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Jun 2022 19:31:33 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 08/11] cve-check.bbclass: Added do_populate_sdk[recrdeptask]. Date: Wed, 1 Jun 2022 16:30:48 -1000 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 02 Jun 2022 02:31:37 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/166456 From: leimaohui As product, sdk should do cve check as well as rootfs. Signed-off-by: Lei Maohui Signed-off-by: Luca Ceresoli (cherry picked from commit cc17753935c5f9e08aaa6c5886f059303147c07b) Signed-off-by: Steve Sakoman --- meta/classes/cve-check.bbclass | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 34c38bdf2d..f7ed2a6ae9 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -213,6 +213,7 @@ python cve_check_write_rootfs_manifest () { ROOTFS_POSTPROCESS_COMMAND_prepend = "${@'cve_check_write_rootfs_manifest; ' if d.getVar('CVE_CHECK_CREATE_MANIFEST') == '1' else ''}" do_rootfs[recrdeptask] += "${@'do_cve_check' if d.getVar('CVE_CHECK_CREATE_MANIFEST') == '1' else ''}" +do_populate_sdk[recrdeptask] += "${@'do_cve_check' if d.getVar('CVE_CHECK_CREATE_MANIFEST') == '1' else ''}" def get_patches_cves(d): """ From patchwork Thu Jun 2 02:30:49 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 14241 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org From: "Steve Sakoman" Subject: [OE-core][dunfell 09/11] cve-check: Add helper for symlink handling Date: Wed, 1 Jun 2022 16:30:49 -1000 Message-Id: <8a178a728f2318c55d5ecaef0ef9e0fd8ebc333b.1654136888.git.steve@sakoman.com> In-Reply-To: References: MIME-Version: 1.0 List-id: To: openembedded-core@lists.openembedded.org From: Ernst Sjöstrand Signed-off-by: Ernst Sjöstrand Signed-off-by: Luca Ceresoli Signed-off-by: Richard Purdie (cherry picked from commit 5046d54df2c3057be2afa4143a2833183fca0d67) Signed-off-by: Steve Sakoman --- meta/classes/cve-check.bbclass | 34 +++++++++++++--------------------- 1 file changed, 13 insertions(+), 21 deletions(-) diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index f7ed2a6ae9..3cae0e8eb2 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -75,6 +75,12 @@ CVE_CHECK_LAYER_INCLUDELIST ??= "" # set to "alphabetical" for version using single alphabetical character as increment release CVE_VERSION_SUFFIX ??= "" +def update_symlinks(target_path, link_path): + if link_path != target_path and os.path.exists(target_path): + if os.path.exists(os.path.realpath(link_path)): + os.remove(link_path) + os.symlink(os.path.basename(target_path), link_path) + def generate_json_report(d, out_path, link_path): if os.path.exists(d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")): import json @@ -94,10 +100,7 @@ def generate_json_report(d, out_path, link_path): with open(out_path, "w") as f: json.dump(summary, f, indent=2) - if link_path != out_path: - if os.path.exists(os.path.realpath(link_path)): - os.remove(link_path) - os.symlink(os.path.basename(out_path), link_path) + update_symlinks(out_path, link_path) python cve_save_summary_handler () { import shutil @@ -114,14 +117,9 @@ python cve_save_summary_handler () { if os.path.exists(cve_tmp_file): shutil.copyfile(cve_tmp_file, cve_summary_file) - - if cve_summary_file and os.path.exists(cve_summary_file): - cvefile_link = os.path.join(cvelogpath, cve_summary_name) - # if the paths are the same don't create the link - if cvefile_link != cve_summary_file: - if os.path.exists(os.path.realpath(cvefile_link)): - os.remove(cvefile_link) - os.symlink(os.path.basename(cve_summary_file), cvefile_link) + cvefile_link = os.path.join(cvelogpath, cve_summary_name) + update_symlinks(cve_summary_file, cvefile_link) + bb.plain("Complete CVE report summary created at: %s" % cvefile_link) if d.getVar("CVE_CHECK_FORMAT_JSON") == "1": json_summary_link_name = os.path.join(cvelogpath, d.getVar("CVE_CHECK_SUMMARY_FILE_NAME_JSON")) @@ -193,15 +191,9 @@ python cve_check_write_rootfs_manifest () { bb.utils.mkdirhier(os.path.dirname(manifest_name)) shutil.copyfile(cve_tmp_file, manifest_name) - if manifest_name and os.path.exists(manifest_name): - manifest_link = os.path.join(deploy_dir, "%s.cve" % link_name) - # if they are the same don't create the link - if manifest_link != manifest_name: - # If we already have another manifest, update symlinks - if os.path.exists(os.path.realpath(manifest_link)): - os.remove(manifest_link) - os.symlink(os.path.basename(manifest_name), manifest_link) - bb.plain("Image CVE report stored in: %s" % manifest_name) + manifest_link = os.path.join(deploy_dir, "%s.cve" % link_name) + update_symlinks(manifest_name, manifest_link) + bb.plain("Image CVE report stored in: %s" % manifest_name) if d.getVar("CVE_CHECK_FORMAT_JSON") == "1": link_path = os.path.join(deploy_dir, "%s.json" % link_name) From patchwork Thu Jun 2 02:30:50 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 14242 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org From: "Steve Sakoman" Subject: [OE-core][dunfell 10/11] cve-check: Only include installed packages for rootfs manifest Date: Wed, 1 Jun 2022 16:30:50 -1000 Message-Id: <2bacd7cc67b2f624885ce9c9c9e48950b359387d.1654136888.git.steve@sakoman.com> In-Reply-To: References: MIME-Version: 1.0 List-id: To: openembedded-core@lists.openembedded.org From: Ernst Sjöstrand Before this the rootfs manifest and the summary were identical. We should separate the summary and rootfs manifest more clearly, now the summary is for all CVEs and the rootfs manifest is only for things in that image. This is even more useful if you build multiple images. Signed-off-by: Ernst Sjöstrand Signed-off-by: Luca Ceresoli Signed-off-by: Richard Purdie (cherry picked from commit 3b8cc6fc45f0ea5677729ee2b1819bdc7a441ab1) Signed-off-by: Steve Sakoman (cherry picked from commit 65498411d73e8008d5550c2d0a1148f990717587) Signed-off-by: Steve Sakoman --- meta/classes/cve-check.bbclass | 69 ++++++++++++++++++++++++++-------- 1 file changed, 54 insertions(+), 15 deletions(-) diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 3cae0e8eb2..29b276e491 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -171,6 +171,8 @@ python cve_check_write_rootfs_manifest () { """ import shutil + import json + from oe.rootfs import image_list_installed_packages from oe.cve_check import cve_check_merge_jsons if d.getVar("CVE_CHECK_COPY_FILES") == "1": @@ -181,26 +183,63 @@ python cve_check_write_rootfs_manifest () { if os.path.exists(deploy_file_json): bb.utils.remove(deploy_file_json) - if os.path.exists(d.getVar("CVE_CHECK_TMP_FILE")): - bb.note("Writing rootfs CVE manifest") - deploy_dir = d.getVar("DEPLOY_DIR_IMAGE") - link_name = d.getVar("IMAGE_LINK_NAME") + # Create a list of relevant recipies + recipies = set() + for pkg in list(image_list_installed_packages(d)): + pkg_info = os.path.join(d.getVar('PKGDATA_DIR'), + 'runtime-reverse', pkg) + pkg_data = oe.packagedata.read_pkgdatafile(pkg_info) + recipies.add(pkg_data["PN"]) + + bb.note("Writing rootfs CVE manifest") + deploy_dir = d.getVar("DEPLOY_DIR_IMAGE") + link_name = d.getVar("IMAGE_LINK_NAME") + + json_data = {"version":"1", "package": []} + text_data = "" + enable_json = d.getVar("CVE_CHECK_FORMAT_JSON") == "1" + enable_text = d.getVar("CVE_CHECK_FORMAT_TEXT") == "1" + + save_pn = d.getVar("PN") + + for pkg in recipies: + # To be able to use the CVE_CHECK_RECIPE_FILE variable we have to evaluate + # it with the different PN names set each time. + d.setVar("PN", pkg) + if enable_text: + pkgfilepath = d.getVar("CVE_CHECK_RECIPE_FILE") + if os.path.exists(pkgfilepath): + with open(pkgfilepath) as pfile: + text_data += pfile.read() + + if enable_json: + pkgfilepath = d.getVar("CVE_CHECK_RECIPE_FILE_JSON") + if os.path.exists(pkgfilepath): + with open(pkgfilepath) as j: + data = json.load(j) + cve_check_merge_jsons(json_data, data) + + d.setVar("PN", save_pn) + + if enable_text: + link_path = os.path.join(deploy_dir, "%s.cve" % link_name) manifest_name = d.getVar("CVE_CHECK_MANIFEST") - cve_tmp_file = d.getVar("CVE_CHECK_TMP_FILE") - bb.utils.mkdirhier(os.path.dirname(manifest_name)) - shutil.copyfile(cve_tmp_file, manifest_name) + with open(manifest_name, "w") as f: + f.write(text_data) - manifest_link = os.path.join(deploy_dir, "%s.cve" % link_name) - update_symlinks(manifest_name, manifest_link) + update_symlinks(manifest_name, link_path) bb.plain("Image CVE report stored in: %s" % manifest_name) - if d.getVar("CVE_CHECK_FORMAT_JSON") == "1": - link_path = os.path.join(deploy_dir, "%s.json" % link_name) - manifest_path = d.getVar("CVE_CHECK_MANIFEST_JSON") - bb.note("Generating JSON CVE manifest") - generate_json_report(d, manifest_path, link_path) - bb.plain("Image CVE JSON report stored in: %s" % link_path) + if enable_json: + link_path = os.path.join(deploy_dir, "%s.json" % link_name) + manifest_name = d.getVar("CVE_CHECK_MANIFEST_JSON") + + with open(manifest_name, "w") as f: + json.dump(json_data, f, indent=2) + + update_symlinks(manifest_name, link_path) + bb.plain("Image CVE JSON report stored in: %s" % manifest_name) } ROOTFS_POSTPROCESS_COMMAND_prepend = "${@'cve_check_write_rootfs_manifest; ' if d.getVar('CVE_CHECK_CREATE_MANIFEST') == '1' else ''}" From patchwork Thu Jun 2 02:30:51 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 8736 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 59647C433EF for ; Thu, 2 Jun 2022 02:31:47 +0000 (UTC) Received: from mail-pj1-f51.google.com (mail-pj1-f51.google.com [209.85.216.51]) by mx.groups.io with SMTP id smtpd.web08.2154.1654137103030425986 for ; Wed, 01 Jun 2022 19:31:43 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=yodj5UqJ; spf=softfail (domain: sakoman.com, ip: 209.85.216.51, mailfrom: steve@sakoman.com) Received: by mail-pj1-f51.google.com with SMTP id j7so3673303pjn.4 for ; Wed, 01 Jun 2022 19:31:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=8I9Bm9xGFY7HJYcAhs3pP9V49RHQJ6NNXyuz9Kd8+GI=; b=yodj5UqJPhTmH1nhR97mOXT1JCCFGLTIf9uFeSEMMgm032m5RjN/Ia2h+cl2L15ATF mA6DWmE42elTW23dT1+6WJQvVYH3gSTh73Jjx3Zzvy1i5mvbrkZhVtd/AMUphuWNuyku O/6rgqUhu5ltjozkFM6weh/dKJcO3YNKRxIxe8f1Ks1NdiopXIwCnS6/jBk6okSy2ayp vO5xmSymepXBjuuJRaQL7ujCqvjCq98S8/boQ4hLdEOnOD+XJgJITTO8dReWDObfKbMd C6KCXVsdcgXSqUy1aMT/qsdWld6oLWKxYuEU475ym9FG1k+KB+t6/jZMDCt9qCdHVZat 1NYw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=8I9Bm9xGFY7HJYcAhs3pP9V49RHQJ6NNXyuz9Kd8+GI=; b=Q7pSnf+8Oj8UwTNm+1qPrVjie8nxpNcY1HP1RNx/oLh51Wv5/u6uGGnwWmtCoYB1gk EqaPjafLpHhQb4V2BWQkziZ8jmY4GnvF13K4b6ErrdfQtsyt3BAE1zs8Oy30+d8xawPp yV3JjOZThfQflK2unKjDpHw585iWNhw7sIpKyfJBXMXng2aIpNgZWzwWE5Kyp0feA4sv QQa7dkFXgYm4Flw+Uu/IxM1d+SkTvsMVEqe0OXHxfrUiEaytbMt1inb1MaBwPs8b6LmS F7I/B6Bxj+qwZyCZvX89IM4GlGY3jpeLaM5XYVNP7WP26xlqiWvaxs2BiyX9xoVxC6iX AywA== X-Gm-Message-State: AOAM532UzNsTZF+EtWUakPIVJZRSDL7B7WIaBFHTZH1Dl4YC1TQGP9+B /GOrRD9am1HwrC3RCaeJ5k2SaanVLuae6Ri6 X-Google-Smtp-Source: ABdhPJzRgemRaJMkMI0Bu2Suf7FGS7gIMndSllgmgS7eMgLZedukIhf7xSmjVxMD3BZulfDWs+AaYA== X-Received: by 2002:a17:90b:1192:b0:1e2:da25:4095 with SMTP id gk18-20020a17090b119200b001e2da254095mr22815831pjb.240.1654137101956; Wed, 01 Jun 2022 19:31:41 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id j23-20020a63ec17000000b003fc37053c82sm1990447pgh.12.2022.06.01.19.31.40 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 01 Jun 2022 19:31:41 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 11/11] cve-check: Allow warnings to be disabled Date: Wed, 1 Jun 2022 16:30:51 -1000 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Thu, 02 Jun 2022 02:31:47 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/166459 From: Richard Purdie When running CVE checks in CI we're usually not interested in warnings on the console for any CVEs present. Add a configuration option CVE_CHECK_SHOW_WARNINGS to allow this to be disabled (it is left enabled by default). Signed-off-by: Richard Purdie (cherry picked from commit 1054d3366ba528f2ad52585cf951e508958c5c68) Signed-off-by: Steve Sakoman (cherry picked from commit 8fd6a9f521ea6b1e10c80fe33968943db30991ba) Signed-off-by: Steve Sakoman --- meta/classes/cve-check.bbclass | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 29b276e491..0111ec6ba8 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -48,6 +48,7 @@ CVE_CHECK_COPY_FILES ??= "1" CVE_CHECK_CREATE_MANIFEST ??= "1" CVE_CHECK_REPORT_PATCHED ??= "1" +CVE_CHECK_SHOW_WARNINGS ??= "1" # Provide text output CVE_CHECK_FORMAT_TEXT ??= "1" @@ -472,7 +473,7 @@ def cve_write_data_text(d, patched, unpatched, whitelisted, cve_data): write_string += "VECTOR: %s\n" % cve_data[cve]["vector"] write_string += "MORE INFORMATION: %s%s\n\n" % (nvd_link, cve) - if unpatched_cves: + if unpatched_cves and d.getVar("CVE_CHECK_SHOW_WARNINGS") == "1": bb.warn("Found unpatched CVE (%s), for more information check %s" % (" ".join(unpatched_cves),cve_file)) if write_string: