diff options
author | Alexandru Avadanii <Alexandru.Avadanii@enea.com> | 2021-07-14 22:45:54 +0200 |
---|---|---|
committer | Alexandru Avadanii <Alexandru.Avadanii@enea.com> | 2021-07-14 22:49:25 +0200 |
commit | 60907fc1e293c5901264c8770b5686715bb601dc (patch) | |
tree | 1bf5b8ec46e25f8cbc3c458f0a8e68efca89fb33 | |
parent | c945b6bb7ae84da75ca46b028bb85621301d007b (diff) | |
parent | d9a38f39a387a6bb226bd5c463dda88d5ae15f2c (diff) | |
download | meta-nfv-access-common-60907fc1e293c5901264c8770b5686715bb601dc.tar.gz |
Merge branch 'feature_CPDX-3405'
Change-Id: I78b76278d9cccbd211419b1045e39a2d13b3b744
-rw-r--r-- | conf/layer.conf | 2 | ||||
-rw-r--r-- | recipes-core/systemd/systemd/CVE-2017-15908.patch | 44 | ||||
-rw-r--r-- | recipes-core/systemd/systemd_%.bbappend | 5 | ||||
-rw-r--r-- | recipes-enea/bitcalc/bitcalc_1.0.bb | 8 | ||||
-rw-r--r-- | recipes-enea/count-ticks/count-ticks_1.1.bb | 6 | ||||
-rw-r--r-- | recipes-enea/partrt/partrt_1.1.bb | 11 | ||||
-rw-r--r-- | recipes-extended/shadow/shadow/CVE-2016-6252.patch | 48 | ||||
-rw-r--r-- | recipes-extended/shadow/shadow_%.bbappend | 5 |
8 files changed, 14 insertions, 115 deletions
diff --git a/conf/layer.conf b/conf/layer.conf index 56cd735..f6ef054 100644 --- a/conf/layer.conf +++ b/conf/layer.conf | |||
@@ -10,3 +10,5 @@ BBFILES += "${LAYERDIR}/recipes-*/*/*.bb \ | |||
10 | BBFILE_COLLECTIONS += "nfv-access-common" | 10 | BBFILE_COLLECTIONS += "nfv-access-common" |
11 | BBFILE_PATTERN_nfv-access-common = "^${LAYERDIR}/" | 11 | BBFILE_PATTERN_nfv-access-common = "^${LAYERDIR}/" |
12 | BBFILE_PRIORITY_nfv-access-common = "5" | 12 | BBFILE_PRIORITY_nfv-access-common = "5" |
13 | |||
14 | LAYERSERIES_COMPAT_nfv-access-common = "hardknott" | ||
diff --git a/recipes-core/systemd/systemd/CVE-2017-15908.patch b/recipes-core/systemd/systemd/CVE-2017-15908.patch deleted file mode 100644 index 6851243..0000000 --- a/recipes-core/systemd/systemd/CVE-2017-15908.patch +++ /dev/null | |||
@@ -1,44 +0,0 @@ | |||
1 | From 9f939335a07085aa9a9663efd1dca06ef6405d62 Mon Sep 17 00:00:00 2001 | ||
2 | From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl> | ||
3 | Date: Wed, 25 Oct 2017 11:19:19 +0200 | ||
4 | Subject: [PATCH] resolved: fix loop on packets with pseudo dns types | ||
5 | |||
6 | Reported by Karim Hossen & Thomas Imbert from Sogeti ESEC R&D. | ||
7 | |||
8 | Upstream-Status: Backport | ||
9 | CVE: CVE-2017-15908 | ||
10 | |||
11 | Upstream patch: | ||
12 | https://github.com/systemd/systemd/commit/8aeadf3052a2130b88d5bccf5439890e1034f28d | ||
13 | |||
14 | https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/172535 | ||
15 | |||
16 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
17 | --- | ||
18 | src/resolve/resolved-dns-packet.c | 6 +----- | ||
19 | 1 file changed, 1 insertion(+), 5 deletions(-) | ||
20 | |||
21 | diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c | ||
22 | index e2f227bfc64..35f4d0689b2 100644 | ||
23 | --- a/src/resolve/resolved-dns-packet.c | ||
24 | +++ b/src/resolve/resolved-dns-packet.c | ||
25 | @@ -1514,7 +1514,7 @@ static int dns_packet_read_type_window(DnsPacket *p, Bitmap **types, size_t *sta | ||
26 | |||
27 | found = true; | ||
28 | |||
29 | - while (bitmask) { | ||
30 | + for (; bitmask; bit++, bitmask >>= 1) | ||
31 | if (bitmap[i] & bitmask) { | ||
32 | uint16_t n; | ||
33 | |||
34 | @@ -1528,10 +1528,6 @@ static int dns_packet_read_type_window(DnsPacket *p, Bitmap **types, size_t *sta | ||
35 | if (r < 0) | ||
36 | return r; | ||
37 | } | ||
38 | - | ||
39 | - bit++; | ||
40 | - bitmask >>= 1; | ||
41 | - } | ||
42 | } | ||
43 | |||
44 | if (!found) | ||
diff --git a/recipes-core/systemd/systemd_%.bbappend b/recipes-core/systemd/systemd_%.bbappend deleted file mode 100644 index 4fe658a..0000000 --- a/recipes-core/systemd/systemd_%.bbappend +++ /dev/null | |||
@@ -1,5 +0,0 @@ | |||
1 | # look for files in the layer first | ||
2 | FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" | ||
3 | |||
4 | SRC_URI += "file://CVE-2017-15908.patch \ | ||
5 | " | ||
diff --git a/recipes-enea/bitcalc/bitcalc_1.0.bb b/recipes-enea/bitcalc/bitcalc_1.0.bb index f5a0aad..a3aed89 100644 --- a/recipes-enea/bitcalc/bitcalc_1.0.bb +++ b/recipes-enea/bitcalc/bitcalc_1.0.bb | |||
@@ -19,10 +19,14 @@ SRC_URI = "git://github.com/OpenEneaLinux/rt-tools.git;branch=master \ | |||
19 | DEPENDS_remove_aarch64 = "gcc-sanitizers" | 19 | DEPENDS_remove_aarch64 = "gcc-sanitizers" |
20 | SRC_URI_append_aarch64 = "file://0001-bitcalc-disable-gcc-address-sanitizer.patch" | 20 | SRC_URI_append_aarch64 = "file://0001-bitcalc-disable-gcc-address-sanitizer.patch" |
21 | 21 | ||
22 | SRCREV = "9d4d1ce26b58ada516466c30e53c75c2961d6f0a" | 22 | SRCREV = "b46c72324c19cf74730ad562fc3f050d31018034" |
23 | 23 | ||
24 | S = "${WORKDIR}/git" | 24 | S = "${WORKDIR}/git" |
25 | 25 | ||
26 | EXTRA_OEMAKE += "'DESTDIR=${D}/usr/bin'" | 26 | EXTRA_OEMAKE += "'DESTDIR=${D}${bindir}'" |
27 | 27 | ||
28 | inherit pkgconfig cmake | 28 | inherit pkgconfig cmake |
29 | |||
30 | do_install() { | ||
31 | install -m 0755 -D ${B}/bitcalc/src/bitcalc ${D}${bindir}/bitcalc | ||
32 | } | ||
diff --git a/recipes-enea/count-ticks/count-ticks_1.1.bb b/recipes-enea/count-ticks/count-ticks_1.1.bb index a33a0f9..6f60357 100644 --- a/recipes-enea/count-ticks/count-ticks_1.1.bb +++ b/recipes-enea/count-ticks/count-ticks_1.1.bb | |||
@@ -12,14 +12,12 @@ SRC_URI = "git://github.com/OpenEneaLinux/rt-tools.git;branch=master \ | |||
12 | file://run-ptest \ | 12 | file://run-ptest \ |
13 | " | 13 | " |
14 | 14 | ||
15 | SRCREV = "9d4d1ce26b58ada516466c30e53c75c2961d6f0a" | 15 | SRCREV = "b46c72324c19cf74730ad562fc3f050d31018034" |
16 | 16 | ||
17 | inherit ptest | 17 | inherit ptest |
18 | 18 | ||
19 | S = "${WORKDIR}/git" | 19 | S = "${WORKDIR}/git" |
20 | 20 | ||
21 | FILES_${PN} += "/bin/*" | ||
22 | |||
23 | do_install() { | 21 | do_install() { |
24 | install -D ${S}/count_ticks/count_ticks ${D}/usr/bin/count_ticks | 22 | install -m 0755 -D ${S}/count_ticks/count_ticks ${D}${bindir}/count_ticks |
25 | } | 23 | } |
diff --git a/recipes-enea/partrt/partrt_1.1.bb b/recipes-enea/partrt/partrt_1.1.bb index 5c22e4a..8d0ca6c 100644 --- a/recipes-enea/partrt/partrt_1.1.bb +++ b/recipes-enea/partrt/partrt_1.1.bb | |||
@@ -4,24 +4,21 @@ SECTION = "utils" | |||
4 | LICENSE = "BSD" | 4 | LICENSE = "BSD" |
5 | LIC_FILES_CHKSUM = "file://LICENSE;md5=b52bab7a403562f36be803f11489f1a4" | 5 | LIC_FILES_CHKSUM = "file://LICENSE;md5=b52bab7a403562f36be803f11489f1a4" |
6 | 6 | ||
7 | RDEPENDS_${PN} = "bash" | 7 | RDEPENDS_${PN} = "bash bitcalc" |
8 | RDEPENDS_${PN}-ptest += "python" | 8 | RDEPENDS_${PN}-ptest += "python3" |
9 | 9 | ||
10 | SRC_URI = "git://github.com/OpenEneaLinux/rt-tools.git;branch=master \ | 10 | SRC_URI = "git://github.com/OpenEneaLinux/rt-tools.git;branch=master \ |
11 | file://run-ptest \ | 11 | file://run-ptest \ |
12 | " | 12 | " |
13 | 13 | ||
14 | SRCREV = "9d4d1ce26b58ada516466c30e53c75c2961d6f0a" | 14 | SRCREV = "b46c72324c19cf74730ad562fc3f050d31018034" |
15 | 15 | ||
16 | inherit ptest | 16 | inherit ptest |
17 | 17 | ||
18 | S = "${WORKDIR}/git" | 18 | S = "${WORKDIR}/git" |
19 | 19 | ||
20 | FILES_${PN} += "/bin/*" | ||
21 | |||
22 | do_install() { | 20 | do_install() { |
23 | install -d ${D}/usr/bin | 21 | install -m 0755 -D ${S}/partrt/partrt ${D}${bindir}/partrt |
24 | install ${S}/partrt/partrt ${D}/usr/bin | ||
25 | } | 22 | } |
26 | 23 | ||
27 | do_install_ptest() { | 24 | do_install_ptest() { |
diff --git a/recipes-extended/shadow/shadow/CVE-2016-6252.patch b/recipes-extended/shadow/shadow/CVE-2016-6252.patch deleted file mode 100644 index 6e05584..0000000 --- a/recipes-extended/shadow/shadow/CVE-2016-6252.patch +++ /dev/null | |||
@@ -1,48 +0,0 @@ | |||
1 | From 1d5a926cc2d6078d23a96222b1ef3e558724dad1 Mon Sep 17 00:00:00 2001 | ||
2 | From: Sebastian Krahmer <krahmer@suse.com> | ||
3 | Date: Wed, 3 Aug 2016 11:51:07 -0500 | ||
4 | Subject: [PATCH] Simplify getulong | ||
5 | |||
6 | Use strtoul to read an unsigned long, rather than reading | ||
7 | a signed long long and casting it. | ||
8 | |||
9 | https://bugzilla.suse.com/show_bug.cgi?id=979282 | ||
10 | |||
11 | CVE: CVE-2016-6252 | ||
12 | Upstream-Status: Backport [https://github.com/shadow-maint/shadow/commit/1d5a926cc2d6078d23a96222b1ef3e558724dad1] | ||
13 | |||
14 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
15 | --- | ||
16 | lib/getulong.c | 9 +++------ | ||
17 | 1 file changed, 3 insertions(+), 6 deletions(-) | ||
18 | |||
19 | diff --git a/lib/getulong.c b/lib/getulong.c | ||
20 | index 61579cae..08d2c1a8 100644 | ||
21 | --- a/lib/getulong.c | ||
22 | +++ b/lib/getulong.c | ||
23 | @@ -44,22 +44,19 @@ | ||
24 | */ | ||
25 | int getulong (const char *numstr, /*@out@*/unsigned long int *result) | ||
26 | { | ||
27 | - long long int val; | ||
28 | + unsigned long int val; | ||
29 | char *endptr; | ||
30 | |||
31 | errno = 0; | ||
32 | - val = strtoll (numstr, &endptr, 0); | ||
33 | + val = strtoul (numstr, &endptr, 0); | ||
34 | if ( ('\0' == *numstr) | ||
35 | || ('\0' != *endptr) | ||
36 | || (ERANGE == errno) | ||
37 | - /*@+ignoresigns@*/ | ||
38 | - || (val != (unsigned long int)val) | ||
39 | - /*@=ignoresigns@*/ | ||
40 | ) { | ||
41 | return 0; | ||
42 | } | ||
43 | |||
44 | - *result = (unsigned long int)val; | ||
45 | + *result = val; | ||
46 | return 1; | ||
47 | } | ||
48 | |||
diff --git a/recipes-extended/shadow/shadow_%.bbappend b/recipes-extended/shadow/shadow_%.bbappend deleted file mode 100644 index 4f04479..0000000 --- a/recipes-extended/shadow/shadow_%.bbappend +++ /dev/null | |||
@@ -1,5 +0,0 @@ | |||
1 | # look for files in the layer first | ||
2 | FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" | ||
3 | |||
4 | SRC_URI += "file://CVE-2016-6252.patch \ | ||
5 | " | ||