rsyslog: update from 8.22 to 8.29

Drop two patches: CVE-2017-12588.patch 0001-core-bugfix-segfault-after-configuration-errors.patch since they are included in 8.29. Update the testbench configuration flags. Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
author: Randy MacLeod <randy.macleod@windriver.com> 2017-09-15 11:23:25 -0400
committer: Martin Jansa <Martin.Jansa@gmail.com> 2017-09-22 22:50:40 +0000
commit: cddeb4fbc4e7d9573ef9be77cafefdc5ff77e4fd (patch)
tree: 81e60bff6414ec9dfe9e4d0a8e9d366a1d788c04 /meta-oe
parent: 89fca8bbe2d3574d8b5732dd448b1caabb8563e2 (diff)
download: meta-openembedded-cddeb4fbc4e7d9573ef9be77cafefdc5ff77e4fd.tar.gz
3 files changed, 3 insertions, 135 deletions
diff --git a/meta-oe/recipes-extended/rsyslog/rsyslog/0001-core-bugfix-segfault-after-configuration-errors.patch b/meta-oe/recipes-extended/rsyslog/rsyslog/0001-core-bugfix-segfault-after-configuration-errors.patch
deleted file mode 100644
index 189ca654a..000000000
--- a/meta-oe/recipes-extended/rsyslog/rsyslog/0001-core-bugfix-segfault-after-configuration-errors.patch
+++ /dev/null
@@ -1,90 +0,0 @@
-From 6d258339802cb9f13d8a4a157a4b74eccb902d8f Mon Sep 17 00:00:00 2001
-From: Rainer Gerhards <rgerhards@adiscon.com>
-Date: Mon, 17 Jul 2017 15:36:32 +0200
-Subject: [PATCH] core bugfix: segfault after configuration errors
-rsyslog will segfault on startup if
-a) the local machine's hostname is set to a non-FQDN name
-b) the getaddrinfo() system call fails
-This scenario is higly unlikely, but may exist especially with
-provisioned VMs which may not properly be able to do name queries
-on startup (seen for example on AWS).
-This patch fixes the situation and also provides more robustness
-for very early startup error messages when some of the error-reporting
-subsystem is not yet properly initialized. Note that under these
-circumstances, errors may only show up on stderr.
-Upstream status: Backport
-closes https://github.com/rsyslog/rsyslog/issues/1573
-Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
---
- runtime/prop.c   |  6 ++++++
- tools/rsyslogd.c | 17 +++++++++--------
- 2 files changed, 15 insertions(+), 8 deletions(-)
-diff --git a/runtime/prop.c b/runtime/prop.c
-index e5b4693..cb93285 100644
--- a/runtime/prop.c
-+++ b/runtime/prop.c
-@@ -133,7 +133,13 @@ propConstructFinalize(prop_t __attribute__((unused)) *pThis)
-  */
- static rsRetVal AddRef(prop_t *pThis)
- {
-+       if(pThis == NULL)  {
-+               DBGPRINTF("prop/AddRef is passed a NULL ptr - ignoring it "
-+                       "- further problems may occur\n");
-+               FINALIZE;
-+       }
-        ATOMIC_INC(&pThis->iRefCount, &pThis->mutRefCount);
-+finalize_it:
-        return RS_RET_OK;
- }
- 
-diff --git a/tools/rsyslogd.c b/tools/rsyslogd.c
-index 759d293..6aa1487 100644
--- a/tools/rsyslogd.c
-+++ b/tools/rsyslogd.c
-@@ -808,9 +808,11 @@ logmsgInternal(int iErr, const syslog_pri_t pri, const uchar *const msg, int fla
-         * permits us to process unmodified config files which otherwise contain a
-         * supressor statement.
-         */
-       if(((Debug == DEBUG_FULL || !doFork) && ourConf->globals.bErrMsgToStderr) || iConfigVerify) {
-+       int emit_to_stderr = (ourConf == NULL) ? 1 : ourConf->globals.bErrMsgToStderr;
-+       if(((Debug == DEBUG_FULL || !doFork) && emit_to_stderr) || iConfigVerify) {
-                if(pri2sev(pri) == LOG_ERR)
-                       fprintf(stderr, "rsyslogd: %s\n", (bufModMsg == NULL) ? (char*)msg : bufModMsg);
-+                       fprintf(stderr, "rsyslogd: %s\n",
-+                               (bufModMsg == NULL) ? (char*)msg : bufModMsg);
-        }
- 
- finalize_it:
-@@ -1115,18 +1117,17 @@ initAll(int argc, char **argv)
- 
-        /* doing some core initializations */
- 
-       /* get our host and domain names - we need to do this early as we may emit
-        * error log messages, which need the correct hostname. -- rgerhards, 2008-04-04
-        */
-       queryLocalHostname();
-
-       /* initialize the objects */
-        if((iRet = modInitIminternal()) != RS_RET_OK) {
-                fprintf(stderr, "fatal error: could not initialize errbuf object (error code %d).\n",
-                        iRet);
-                exit(1); /* "good" exit, leaving at init for fatal error */
-        }
- 
-+       /* get our host and domain names - we need to do this early as we may emit
-+        * error log messages, which need the correct hostname. -- rgerhards, 2008-04-04
-+        * But we need to have imInternal up first!
-+        */
-+       queryLocalHostname();
- 
-        /* END core initializations - we now come back to carrying out command line options*/
- 
-- 
-2.10.2
diff --git a/meta-oe/recipes-extended/rsyslog/rsyslog/CVE-2017-12588.patch b/meta-oe/recipes-extended/rsyslog/rsyslog/CVE-2017-12588.patch
deleted file mode 100644
index 73c33109f..000000000
--- a/meta-oe/recipes-extended/rsyslog/rsyslog/CVE-2017-12588.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 6bc4aa975a83abed43d734299ce76cd9e1a14aec Mon Sep 17 00:00:00 2001
-From: Thomas Deutschmann <whissi@whissi.de>
-Date: Wed, 17 May 2017 23:05:24 +0200
-Subject: [PATCH] imzmq3: Fix building with -Werror=format-security
-Reference: https://nvd.nist.gov/vuln/detail/CVE-2017-12588
-CVE: 2017-12588
-Upstream-Status: Backport
-Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
- contrib/imzmq3/imzmq3.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-diff --git a/contrib/imzmq3/imzmq3.c b/contrib/imzmq3/imzmq3.c
-index 9ca17871..d32dcbc2 100644
--- a/contrib/imzmq3/imzmq3.c
-+++ b/contrib/imzmq3/imzmq3.c
-@@ -403,7 +403,7 @@ static rsRetVal createSocket(instanceConf_t* info, void** sock) {
- 
-     /* Do the bind/connect... */
-     if (info->action==ACTION_CONNECT) {
-        rv = zsocket_connect(*sock, info->description);
-+        rv = zsocket_connect(*sock, "%s", info->description);
-         if (rv == -1) {
-             errmsg.LogError(0,
-                             RS_RET_INVALID_PARAMS,
-@@ -413,7 +413,7 @@ static rsRetVal createSocket(instanceConf_t* info, void** sock) {
-         }
-         DBGPRINTF("imzmq3: connect for %s successful\n",info->description);
-     } else {
-        rv = zsocket_bind(*sock, info->description);
-+        rv = zsocket_bind(*sock, "%s", info->description);
-         if (rv == -1) {
-             errmsg.LogError(0,
-                             RS_RET_INVALID_PARAMS,
-- 
-2.13.0
diff --git a/meta-oe/recipes-extended/rsyslog/rsyslog_8.22.0.bb b/meta-oe/recipes-extended/rsyslog/rsyslog_8.29.0.bb
index 597a0c8dc..7056e1c6a 100644
--- a/meta-oe/recipes-extended/rsyslog/rsyslog_8.22.0.bb
+++ b/meta-oe/recipes-extended/rsyslog/rsyslog_8.29.0.bb
@@ -24,8 +24,6 @@ SRC_URI = "http://www.rsyslog.com/download/files/download/rsyslog/${BPN}-${PV}.t
           file://use-pkgconfig-to-check-libgcrypt.patch \
           file://run-ptest \
           file://rsyslog-fix-ptest-not-finish.patch \
-           file://CVE-2017-12588.patch \
-           file://0001-core-bugfix-segfault-after-configuration-errors.patch \
 "
 SRC_URI_append_libc-musl = " \
@@ -33,8 +31,8 @@ SRC_URI_append_libc-musl = " \
    file://0001-Include-sys-time-h.patch \
 "
-SRC_URI[md5sum] = "ad0f25f429aa2daa326732950a5eeb6c"
+SRC_URI[md5sum] = "3805617f65a4b4bea34606487a5255a0"
-SRC_URI[sha256sum] = "06e2884181333dccecceaca82827ae24ca7a258b4fbf7b1e07a80d4caae640ca"
+SRC_URI[sha256sum] = "220ba30b5afb0f3ddb328613fea7aa3966b01e4d0c52d6de9ab27b0858f19738"
 inherit autotools pkgconfig systemd update-rc.d ptest
@@ -57,7 +55,7 @@ PACKAGECONFIG[klog] = "--enable-klog,--disable-klog,,"
 PACKAGECONFIG[regexp] = "--enable-regexp,--disable-regexp,,"
 PACKAGECONFIG[uuid] = "--enable-uuid,--disable-uuid,util-linux,"
 PACKAGECONFIG[libgcrypt] = "--enable-libgcrypt,--disable-libgcrypt,libgcrypt,"
-PACKAGECONFIG[testbench] = "--enable-testbench,--disable-testbench,,"
+PACKAGECONFIG[testbench] = "--enable-testbench --enable-omstdout,--disable-testbench --disable-omstdout,,"
 # default no in configure
 PACKAGECONFIG[debug] = "--enable-debug,--disable-debug,,"
author	Randy MacLeod <randy.macleod@windriver.com>	2017-09-15 11:23:25 -0400
committer	Martin Jansa <Martin.Jansa@gmail.com>	2017-09-22 22:50:40 +0000
commit	cddeb4fbc4e7d9573ef9be77cafefdc5ff77e4fd (patch)
tree	81e60bff6414ec9dfe9e4d0a8e9d366a1d788c04 /meta-oe
parent	89fca8bbe2d3574d8b5732dd448b1caabb8563e2 (diff)
download	meta-openembedded-cddeb4fbc4e7d9573ef9be77cafefdc5ff77e4fd.tar.gz

diff --git a/meta-oe/recipes-extended/rsyslog/rsyslog/0001-core-bugfix-segfault-after-configuration-errors.patch b/meta-oe/recipes-extended/rsyslog/rsyslog/0001-core-bugfix-segfault-after-configuration-errors.patch deleted file mode 100644 index 189ca654a..000000000 --- a/meta-oe/recipes-extended/rsyslog/rsyslog/0001-core-bugfix-segfault-after-configuration-errors.patch +++ /dev/null
@@ -1,90 +0,0 @@
1	From 6d258339802cb9f13d8a4a157a4b74eccb902d8f Mon Sep 17 00:00:00 2001
2	From: Rainer Gerhards <rgerhards@adiscon.com>
3	Date: Mon, 17 Jul 2017 15:36:32 +0200
4	Subject: [PATCH] core bugfix: segfault after configuration errors
5
6	rsyslog will segfault on startup if
7	a) the local machine's hostname is set to a non-FQDN name
8	b) the getaddrinfo() system call fails
9	This scenario is higly unlikely, but may exist especially with
10	provisioned VMs which may not properly be able to do name queries
11	on startup (seen for example on AWS).
12
13	This patch fixes the situation and also provides more robustness
14	for very early startup error messages when some of the error-reporting
15	subsystem is not yet properly initialized. Note that under these
16	circumstances, errors may only show up on stderr.
17
18	Upstream status: Backport
19
20	closes https://github.com/rsyslog/rsyslog/issues/1573
21
22	Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
23	---
24	runtime/prop.c \| 6 ++++++
25	tools/rsyslogd.c \| 17 +++++++++--------
26	2 files changed, 15 insertions(+), 8 deletions(-)
27
28	diff --git a/runtime/prop.c b/runtime/prop.c
29	index e5b4693..cb93285 100644
30	--- a/runtime/prop.c
31	+++ b/runtime/prop.c
32	@@ -133,7 +133,13 @@ propConstructFinalize(prop_t __attribute__((unused)) *pThis)
33	*/
34	static rsRetVal AddRef(prop_t *pThis)
35	{
36	+ if(pThis == NULL) {
37	+ DBGPRINTF("prop/AddRef is passed a NULL ptr - ignoring it "
38	+ "- further problems may occur\n");
39	+ FINALIZE;
40	+ }
41	ATOMIC_INC(&pThis->iRefCount, &pThis->mutRefCount);
42	+finalize_it:
43	return RS_RET_OK;
44	}
45
46	diff --git a/tools/rsyslogd.c b/tools/rsyslogd.c
47	index 759d293..6aa1487 100644
48	--- a/tools/rsyslogd.c
49	+++ b/tools/rsyslogd.c
50	@@ -808,9 +808,11 @@ logmsgInternal(int iErr, const syslog_pri_t pri, const uchar *const msg, int fla
51	* permits us to process unmodified config files which otherwise contain a
52	* supressor statement.
53	*/
54	- if(((Debug == DEBUG_FULL \|\| !doFork) && ourConf->globals.bErrMsgToStderr) \|\| iConfigVerify) {
55	+ int emit_to_stderr = (ourConf == NULL) ? 1 : ourConf->globals.bErrMsgToStderr;
56	+ if(((Debug == DEBUG_FULL \|\| !doFork) && emit_to_stderr) \|\| iConfigVerify) {
57	if(pri2sev(pri) == LOG_ERR)
58	- fprintf(stderr, "rsyslogd: %s\n", (bufModMsg == NULL) ? (char*)msg : bufModMsg);
59	+ fprintf(stderr, "rsyslogd: %s\n",
60	+ (bufModMsg == NULL) ? (char*)msg : bufModMsg);
61	}
62
63	finalize_it:
64	@@ -1115,18 +1117,17 @@ initAll(int argc, char **argv)
65
66	/* doing some core initializations */
67
68	- /* get our host and domain names - we need to do this early as we may emit
69	- * error log messages, which need the correct hostname. -- rgerhards, 2008-04-04
70	- */
71	- queryLocalHostname();
72	-
73	- /* initialize the objects */
74	if((iRet = modInitIminternal()) != RS_RET_OK) {
75	fprintf(stderr, "fatal error: could not initialize errbuf object (error code %d).\n",
76	iRet);
77	exit(1); /* "good" exit, leaving at init for fatal error */
78	}
79
80	+ /* get our host and domain names - we need to do this early as we may emit
81	+ * error log messages, which need the correct hostname. -- rgerhards, 2008-04-04
82	+ * But we need to have imInternal up first!
83	+ */
84	+ queryLocalHostname();
85
86	/* END core initializations - we now come back to carrying out command line options*/
87
88	--
89	2.10.2
90


diff --git a/meta-oe/recipes-extended/rsyslog/rsyslog/CVE-2017-12588.patch b/meta-oe/recipes-extended/rsyslog/rsyslog/CVE-2017-12588.patch deleted file mode 100644 index 73c33109f..000000000 --- a/meta-oe/recipes-extended/rsyslog/rsyslog/CVE-2017-12588.patch +++ /dev/null
@@ -1,40 +0,0 @@
1	From 6bc4aa975a83abed43d734299ce76cd9e1a14aec Mon Sep 17 00:00:00 2001
2	From: Thomas Deutschmann <whissi@whissi.de>
3	Date: Wed, 17 May 2017 23:05:24 +0200
4	Subject: [PATCH] imzmq3: Fix building with -Werror=format-security
5
6	Reference: https://nvd.nist.gov/vuln/detail/CVE-2017-12588
7
8	CVE: 2017-12588
9
10	Upstream-Status: Backport
11	Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
12	---
13	contrib/imzmq3/imzmq3.c \| 4 ++--
14	1 file changed, 2 insertions(+), 2 deletions(-)
15
16	diff --git a/contrib/imzmq3/imzmq3.c b/contrib/imzmq3/imzmq3.c
17	index 9ca17871..d32dcbc2 100644
18	--- a/contrib/imzmq3/imzmq3.c
19	+++ b/contrib/imzmq3/imzmq3.c
20	@@ -403,7 +403,7 @@ static rsRetVal createSocket(instanceConf_t* info, void** sock) {
21
22	/* Do the bind/connect... */
23	if (info->action==ACTION_CONNECT) {
24	- rv = zsocket_connect(*sock, info->description);
25	+ rv = zsocket_connect(*sock, "%s", info->description);
26	if (rv == -1) {
27	errmsg.LogError(0,
28	RS_RET_INVALID_PARAMS,
29	@@ -413,7 +413,7 @@ static rsRetVal createSocket(instanceConf_t* info, void** sock) {
30	}
31	DBGPRINTF("imzmq3: connect for %s successful\n",info->description);
32	} else {
33	- rv = zsocket_bind(*sock, info->description);
34	+ rv = zsocket_bind(*sock, "%s", info->description);
35	if (rv == -1) {
36	errmsg.LogError(0,
37	RS_RET_INVALID_PARAMS,
38	--
39	2.13.0
40


diff --git a/meta-oe/recipes-extended/rsyslog/rsyslog_8.22.0.bb b/meta-oe/recipes-extended/rsyslog/rsyslog_8.29.0.bb index 597a0c8dc..7056e1c6a 100644 --- a/meta-oe/recipes-extended/rsyslog/rsyslog_8.22.0.bb +++ b/meta-oe/recipes-extended/rsyslog/rsyslog_8.29.0.bb
@@ -24,8 +24,6 @@ SRC_URI = "http://www.rsyslog.com/download/files/download/rsyslog/${BPN}-${PV}.t
24	file://use-pkgconfig-to-check-libgcrypt.patch \	24	file://use-pkgconfig-to-check-libgcrypt.patch \
25	file://run-ptest \	25	file://run-ptest \
26	file://rsyslog-fix-ptest-not-finish.patch \	26	file://rsyslog-fix-ptest-not-finish.patch \
27	file://CVE-2017-12588.patch \
28	file://0001-core-bugfix-segfault-after-configuration-errors.patch \
29	"	27	"
30		28
31	SRC_URI_append_libc-musl = " \	29	SRC_URI_append_libc-musl = " \
@@ -33,8 +31,8 @@ SRC_URI_append_libc-musl = " \
33	file://0001-Include-sys-time-h.patch \	31	file://0001-Include-sys-time-h.patch \
34	"	32	"
35		33
36	SRC_URI[md5sum] = "ad0f25f429aa2daa326732950a5eeb6c"	34	SRC_URI[md5sum] = "3805617f65a4b4bea34606487a5255a0"
37	SRC_URI[sha256sum] = "06e2884181333dccecceaca82827ae24ca7a258b4fbf7b1e07a80d4caae640ca"	35	SRC_URI[sha256sum] = "220ba30b5afb0f3ddb328613fea7aa3966b01e4d0c52d6de9ab27b0858f19738"
38		36
39	inherit autotools pkgconfig systemd update-rc.d ptest	37	inherit autotools pkgconfig systemd update-rc.d ptest
40		38
@@ -57,7 +55,7 @@ PACKAGECONFIG[klog] = "--enable-klog,--disable-klog,,"
57	PACKAGECONFIG[regexp] = "--enable-regexp,--disable-regexp,,"	55	PACKAGECONFIG[regexp] = "--enable-regexp,--disable-regexp,,"
58	PACKAGECONFIG[uuid] = "--enable-uuid,--disable-uuid,util-linux,"	56	PACKAGECONFIG[uuid] = "--enable-uuid,--disable-uuid,util-linux,"
59	PACKAGECONFIG[libgcrypt] = "--enable-libgcrypt,--disable-libgcrypt,libgcrypt,"	57	PACKAGECONFIG[libgcrypt] = "--enable-libgcrypt,--disable-libgcrypt,libgcrypt,"
60	PACKAGECONFIG[testbench] = "--enable-testbench,--disable-testbench,,"	58	PACKAGECONFIG[testbench] = "--enable-testbench --enable-omstdout,--disable-testbench --disable-omstdout,,"
61		59
62	# default no in configure	60	# default no in configure
63	PACKAGECONFIG[debug] = "--enable-debug,--disable-debug,,"	61	PACKAGECONFIG[debug] = "--enable-debug,--disable-debug,,"