apr: update 1.7.0 -> 1.7.2

Changes for APR 1.7.2

  *) Correct a packaging issue in 1.7.1. The contents of the release were
     correct, but the top level directory was misnamed.

Changes for APR 1.7.1

  *) SECURITY: CVE-2022-24963 (cve.mitre.org)
     Integer Overflow or Wraparound vulnerability in apr_encode functions of
     Apache Portable Runtime (APR) allows an attacker to write beyond bounds
     of a buffer.

  *) SECURITY: CVE-2022-28331 (cve.mitre.org)
     On Windows, Apache Portable Runtime 1.7.0 and earlier may write beyond
     the end of a stack based buffer in apr_socket_sendv(). This is a result
     of integer overflow.

  *) SECURITY: CVE-2021-35940 (cve.mitre.org)
     Restore fix for out-of-bounds array dereference in apr_time_exp*() functions.
     (This issue was addressed as CVE-2017-12613 in APR 1.6.3 and
     later 1.6.x releases, but was missing in 1.7.0.)  [Stefan Sperling]

  *) configure: Fix various build issues for compilers enforcing
     strict C99 compliance.  PR 66396, 66408, 66426.
     [Florian Weimer <fweimer redhat.com>, Sam James <sam gentoo.org>]

  *) apr_atomic_read64(): Fix non-atomic read on 32-bit Windows [Ivan Zhakov]

  *) configure: Prefer posix name-based shared memory over SysV IPC.
     [Jim Jagielski]

  *) configure: Add --disable-sctp argument to forcibly disable SCTP
     support, or --enable-sctp which fails if SCTP support is not
     detected.  [Lubos Uhliarik <luhliari redhat.com>, Joe Orton]

  *) Fix handle leak in the Win32 apr_uid_current implementation.
     PR 61165. [Ivan Zhakov]

  *) Add error handling for lseek() failures in apr_file_write() and
     apr_file_writev().  [Joe Orton]

  *) Don't silently set APR_FOPEN_NOCLEANUP for apr_file_mktemp() created file
     to avoid a fd and inode leak when/if later passed to apr_file_setaside().
     [Yann Ylavic]

  *) APR's configure script uses AC_TRY_RUN to detect whether the return type
     of strerror_r is int. When cross-compiling this defaults to no.

     This commit adds an AC_CACHE_CHECK so users who cross-compile APR may
     influence the outcome with a configure variable. [Sebastian Kemper
     <sebastian_ml gmx net>]

  *) Add a cache check with which users who cross-compile APR
     can influence the outcome of the /dev/zero test by setting the variable
     ac_cv_mmap__dev_zero=yes [Sebastian Kemper <sebastian_ml gmx net>]

  *) Trick autoconf into printing the correct default prefix in the help.
     [Stefan Fritsch]

  *) Don't try to use PROC_PTHREAD by default when cross compiling.
     [Yann Ylavic]

  *) Add the ability to cross compile APR. [Graham Leggett]

  *) While cross-compiling, the tools/gen_test_char could not
     be executed at build time, use AX_PROG_CC_FOR_BUILD to
     build native tools/gen_test_char

     Support explicit libtool by variable assigning before buildcheck.sh,
     it is helpful for cross-compiling (such as libtool=aarch64-linux-libtool)
     [Hongxu Jia <hongxu.jia windriver.com>]

  *) Avoid an overflow on 32 bit platforms. [René Hjortskov Nielsen
     <r... hjortskov.dk>]

  *) Use AC_CHECK_SIZEOF, so as to support cross compiling. PR 56053.
     [Mike Frysinger <vapier gentoo.org>]

  *) Add --tag=CC to libtool invocations. PR 62640. [Michael Osipov]

  *) apr_pools: Fix pool debugging output so that creation events are
     always emitted before allocation events and subpool destruction
     events are emitted on pool clear/destroy for proper accounting.
     [Brane Čibej]

  *) apr_socket_listen: Allow larger listen backlog values on Windows 8+.
     [Evgeny Kotkov <evgeny.kotkov visualsvn.com>]

  *) Fixed: apr_get_oslevel() was returning APR_WIN_XP on Windows 10

  *) Fix attempt to free invalid memory on exit when apr_app is used
     on Windows. [Ivan Zhakov]

  *) Fix double free on exit when apr_app is used on Windows. [Ivan Zhakov]

  *) Fix a regression in apr_stat() for root path on Windows. [Ivan Zhakov]

Dropped patches have all been merged, addressed separately or are backports.

(From OE-Core rev: 013633b9f4b7dff2616c6d2e59e4d8118e3ce51f)

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3ffae93f24bb1e3954b232099153fd059cfd7daf)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
(cherry picked from commit a308e10ef4ad9e097b025f009866eae178259781)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

1 files changed, 0 insertions, 76 deletions

diff --git a/meta/recipes-support/apr/apr/0006-apr-fix-off_t-size-doesn-t-match-in-glibc-when-cross.patch b/meta/recipes-support/apr/apr/0006-apr-fix-off_t-size-doesn-t-match-in-glibc-when-cross.patch
deleted file mode 100644
index d1a2ebe881..0000000000
--- a/meta/recipes-support/apr/apr/0006-apr-fix-off_t-size-doesn-t-match-in-glibc-when-cross.patch
+++ /dev/null
@@ -1,76 +0,0 @@
-From 49661ea3858cf8494926cccf57d3e8c6dcb47117 Mon Sep 17 00:00:00 2001
-From: Dengke Du <dengke.du@windriver.com>
-Date: Wed, 14 Dec 2016 18:13:08 +0800
-Subject: [PATCH] apr: fix off_t size doesn't match in glibc when cross
- compiling
-
-In configure.in, it contains the following:
-
-        APR_CHECK_SIZEOF_EXTENDED([#include <sys/types.h>], off_t, 8)
-
-the macro "APR_CHECK_SIZEOF_EXTENDED" was defined in build/apr_common.m4,
-it use the "AC_TRY_RUN" macro, this macro let the off_t to 8, when cross
-compiling enable.
-
-So it was hardcoded for cross compiling, we should detect it dynamic based on
-the sysroot's glibc. We change it to the following:
-
-        AC_CHECK_SIZEOF(off_t)
-
-The same for the following hardcoded types for cross compiling:
-
-        pid_t   8
-        ssize_t 8
-        size_t  8
-        off_t   8
-
-Change the above correspondingly.
-
-Signed-off-by: Dengke Du <dengke.du@windriver.com>
-
-Upstream-Status: Pending
-
----
- configure.in | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/configure.in b/configure.in
-index 27b8539..fb408d1 100644
---- a/configure.in
-+++ b/configure.in
-@@ -1801,7 +1801,7 @@ else
-     socklen_t_value="int"
- fi
- 
--APR_CHECK_SIZEOF_EXTENDED([#include <sys/types.h>], pid_t, 8)
-+AC_CHECK_SIZEOF(pid_t)
- 
- if test "$ac_cv_sizeof_pid_t" = "$ac_cv_sizeof_short"; then
-     pid_t_fmt='#define APR_PID_T_FMT "hd"'
-@@ -1873,7 +1873,7 @@ APR_CHECK_TYPES_FMT_COMPATIBLE(size_t, unsigned long, lu, [size_t_fmt="lu"], [
- APR_CHECK_TYPES_FMT_COMPATIBLE(size_t, unsigned int, u, [size_t_fmt="u"])
- ])
- 
--APR_CHECK_SIZEOF_EXTENDED([#include <sys/types.h>], ssize_t, 8)
-+AC_CHECK_SIZEOF(ssize_t)
- 
- dnl the else cases below should no longer occur;
- AC_MSG_CHECKING([which format to use for apr_ssize_t])
-@@ -1891,7 +1891,7 @@ fi
- 
- ssize_t_fmt="#define APR_SSIZE_T_FMT \"$ssize_t_fmt\""
- 
--APR_CHECK_SIZEOF_EXTENDED([#include <stddef.h>], size_t, 8)
-+AC_CHECK_SIZEOF(size_t)
- 
- # else cases below should no longer occur;
- AC_MSG_CHECKING([which format to use for apr_size_t])
-@@ -1909,7 +1909,7 @@ fi
- 
- size_t_fmt="#define APR_SIZE_T_FMT \"$size_t_fmt\""
- 
--APR_CHECK_SIZEOF_EXTENDED([#include <sys/types.h>], off_t, 8)
-+AC_CHECK_SIZEOF(off_t)
- 
- if test "${ac_cv_sizeof_off_t}${apr_cv_use_lfs64}" = "4yes"; then
-     # Enable LFS