3 files changed, 1 insertions, 194 deletions
diff --git a/meta/recipes-extended/screen/screen/0001-configure-Add-needed-system-headers-in-checks.patch b/meta/recipes-extended/screen/screen/0001-configure-Add-needed-system-headers-in-checks.patch
deleted file mode 100644
index 80659942c7..0000000000
--- a/meta/recipes-extended/screen/screen/0001-configure-Add-needed-system-headers-in-checks.patch
+++ /dev/null
@@ -1,151 +0,0 @@
-From 4e102de2e6204c1d8e8be00bb5ffd4587e70350c Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Mon, 15 Aug 2022 10:35:53 -0700
-Subject: [PATCH] configure: Add needed system headers in checks
-Newer compilers throw warnings when a funciton is used with implicit
-declaration and enabling -Werror can silently fail these tests and
-result in wrong configure results. Therefore add the needed headers in
-the AC_TRY_LINK macros
-        * configure.ac: Add missing system headers in AC_TRY_LINK.
-Upstream-Status: Submitted [https://lists.gnu.org/archive/html/screen-devel/2022-08/msg00000.html]
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
- configure.ac | 57 +++++++++++++++++++++++++++++++++++++++-------------
- 1 file changed, 43 insertions(+), 14 deletions(-)
-diff --git a/configure.ac b/configure.ac
-index c0f02df..d308079 100644
--- a/configure.ac
-+++ b/configure.ac
-@@ -233,6 +233,7 @@ AC_CHECKING(BSD job jontrol)
- AC_TRY_LINK(
- [#include <sys/types.h>
- #include <sys/ioctl.h>
-+#include <unistd.h>
- ], [
- #ifdef POSIX
- tcsetpgrp(0, 0);
-@@ -250,12 +251,16 @@ dnl
- dnl    ****  setresuid(), setreuid(), seteuid()  ****
- dnl
- AC_CHECKING(setresuid)
-AC_TRY_LINK(,[
-setresuid(0, 0, 0);
-+AC_TRY_LINK([
-+#include <unistd.h>
-+],[
-+return setresuid(0, 0, 0);
- ], AC_DEFINE(HAVE_SETRESUID))
- AC_CHECKING(setreuid)
-AC_TRY_LINK(,[
-setreuid(0, 0);
-+AC_TRY_LINK([
-+#include <unistd.h>
-+],[
-+return setreuid(0, 0);
- ], AC_DEFINE(HAVE_SETREUID))
- dnl
- dnl seteuid() check:
-@@ -274,7 +279,9 @@ seteuid(0);
- 
- dnl execvpe
- AC_CHECKING(execvpe)
-AC_TRY_LINK(,[
-+AC_TRY_LINK([
-+    #include <unistd.h>
-+],[
-     execvpe(0, 0, 0);
- ], AC_DEFINE(HAVE_EXECVPE)
- CFLAGS="$CFLAGS -D_GNU_SOURCE")
-@@ -284,10 +291,18 @@ dnl    ****  select()  ****
- dnl
- 
- AC_CHECKING(select)
-AC_TRY_LINK(,[select(0, 0, 0, 0, 0);],, 
-+AC_TRY_LINK([
-+    #include <sys/select.h>
-+],[
-+    select(0, 0, 0, 0, 0);
-+],, 
- LIBS="$LIBS -lnet -lnsl"
- AC_CHECKING(select with $LIBS)
-AC_TRY_LINK(,[select(0, 0, 0, 0, 0);],, 
-+AC_TRY_LINK([
-+    #include <sys/select.h>
-+],[
-+    select(0, 0, 0, 0, 0);
-+],, 
- AC_MSG_ERROR(!!! no select - no screen))
- )
- dnl
-@@ -624,11 +639,19 @@ dnl
- dnl    ****  termcap or terminfo  ****
- dnl
- AC_CHECKING(for tgetent)
-AC_TRY_LINK(,tgetent((char *)0, (char *)0);,,
-+AC_TRY_LINK([
-+    #include <curses.h>
-+    #include <term.h>
-+],[
-+    tgetent((char *)0, (char *)0);
-+],,
- olibs="$LIBS"
- LIBS="-lcurses $olibs"
- AC_CHECKING(libcurses)
-AC_TRY_LINK(,[
-+AC_TRY_LINK([
-+    #include <curses.h>
-+    #include <term.h>
-+],[
- #ifdef __hpux
- __sorry_hpux_libcurses_is_totally_broken_in_10_10();
- #else
-@@ -871,7 +894,7 @@ test -f /usr/lib/libutil.a && LIBS="$LIBS -lutil"
- fi
- 
- AC_CHECKING(getloadavg)
-AC_TRY_LINK(,[getloadavg((double *)0, 0);],
-+AC_TRY_LINK([#include <stdlib.h>],[getloadavg((double *)0, 0);],
- AC_DEFINE(LOADAV_GETLOADAVG) load=1,
- if test "$cross_compiling" = no && test -f /usr/lib/libkvm.a ; then
- olibs="$LIBS"
-@@ -1109,10 +1132,10 @@ AC_CHECKING(IRIX sun library)
- AC_TRY_LINK(,,,LIBS="$oldlibs")
- 
- AC_CHECKING(syslog)
-AC_TRY_LINK(,[closelog();], , [oldlibs="$LIBS"
-+AC_TRY_LINK([#include <syslog.h>],[closelog();], , [oldlibs="$LIBS"
- LIBS="$LIBS -lbsd"
- AC_CHECKING(syslog in libbsd.a)
-AC_TRY_LINK(, [closelog();], AC_NOTE(- found.), [LIBS="$oldlibs"
-+AC_TRY_LINK([#include <syslog.h>], [closelog();], AC_NOTE(- found.), [LIBS="$oldlibs"
- AC_NOTE(- bad news: syslog missing.) AC_DEFINE(NOSYSLOG)])])
- 
- AC_EGREP_CPP(YES_IS_DEFINED,
-@@ -1149,7 +1172,7 @@ AC_CHECKING(getspnam)
- AC_TRY_LINK([#include <shadow.h>], [getspnam("x");],AC_DEFINE(SHADOWPW))
- 
- AC_CHECKING(getttyent)
-AC_TRY_LINK(,[getttyent();], AC_DEFINE(GETTTYENT))
-+AC_TRY_LINK([#include <ttyent.h>],[getttyent();], AC_DEFINE(GETTTYENT))
- 
- AC_CHECKING(fdwalk)
- AC_TRY_LINK([#include <stdlib.h>], [fdwalk(NULL, NULL);],AC_DEFINE(HAVE_FDWALK))
-@@ -1204,7 +1227,13 @@ main() {
- AC_SYS_LONG_FILE_NAMES
- 
- AC_MSG_CHECKING(for vsprintf)
-AC_TRY_LINK([#include <stdarg.h>],[va_list valist; vsprintf(0,0,valist);], AC_MSG_RESULT(yes);AC_DEFINE(USEVARARGS), AC_MSG_RESULT(no))
-+AC_TRY_LINK([
-+    #include <stdarg.h>
-+    #include <stdio.h>
-+],[
-+   va_list valist;
-+   vsprintf(0,0,valist);
-+], AC_MSG_RESULT(yes);AC_DEFINE(USEVARARGS), AC_MSG_RESULT(no))
- 
- AC_HEADER_DIRENT
- 
diff --git a/meta/recipes-extended/screen/screen/signal-permission.patch b/meta/recipes-extended/screen/screen/signal-permission.patch
deleted file mode 100644
index 77dc649090..0000000000
--- a/meta/recipes-extended/screen/screen/signal-permission.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From e9ad41bfedb4537a6f0de20f00b27c7739f168f7 Mon Sep 17 00:00:00 2001
-From: Alexander Naumov <alexander_naumov@opensuse.org>
-Date: Mon, 30 Jan 2023 17:22:25 +0200
-Subject: fix: missing signal sending permission check on failed query messages
-Signed-off-by: Alexander Naumov <alexander_naumov@opensuse.org>
-CVE: CVE-2023-24626
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@arm.com>
---
- src/socket.c | 9 +++++++--
- 1 file changed, 7 insertions(+), 2 deletions(-)
-diff --git a/src/socket.c b/src/socket.c
-index 147dc54..54d8cb8 100644
--- a/socket.c
-+++ b/socket.c
-@@ -1285,11 +1285,16 @@ ReceiveMsg()
-           else
-             queryflag = -1;
- 
-          Kill(m.m.command.apid,
-+          if (CheckPid(m.m.command.apid)) {
-+            Msg(0, "Query attempt with bad pid(%d)!", m.m.command.apid);
-+          }
-+          else {
-+            Kill(m.m.command.apid,
-                (queryflag >= 0)
-                    ? SIGCONT
-                    : SIG_BYE); /* Send SIG_BYE if an error happened */
-          queryflag = -1;
-+            queryflag = -1;
-+          }
-         }
-         break;
-       case MSG_COMMAND:
-- 
-cgit v1.1
diff --git a/meta/recipes-extended/screen/screen_4.9.0.bb b/meta/recipes-extended/screen/screen_4.9.1.bb
index 235cd8c6cf..7b040e6b57 100644
--- a/meta/recipes-extended/screen/screen_4.9.0.bb
+++ b/meta/recipes-extended/screen/screen_4.9.1.bb
@@ -21,11 +21,9 @@ SRC_URI = "${GNU_MIRROR}/screen/screen-${PV}.tar.gz \
           file://0002-comm.h-now-depends-on-term.h.patch \
           file://0001-fix-for-multijob-build.patch \
           file://0001-Remove-more-compatibility-stuff.patch \
-           file://0001-configure-Add-needed-system-headers-in-checks.patch \
-           file://signal-permission.patch \
           "
-SRC_URI[sha256sum] = "f9335281bb4d1538ed078df78a20c2f39d3af9a4e91c57d084271e0289c730f4"
+SRC_URI[sha256sum] = "26cef3e3c42571c0d484ad6faf110c5c15091fbf872b06fa7aa4766c7405ac69"
 inherit autotools texinfo

diff --git a/meta/recipes-extended/screen/screen/0001-configure-Add-needed-system-headers-in-checks.patch b/meta/recipes-extended/screen/screen/0001-configure-Add-needed-system-headers-in-checks.patch deleted file mode 100644 index 80659942c7..0000000000 --- a/meta/recipes-extended/screen/screen/0001-configure-Add-needed-system-headers-in-checks.patch +++ /dev/null
@@ -1,151 +0,0 @@
1	From 4e102de2e6204c1d8e8be00bb5ffd4587e70350c Mon Sep 17 00:00:00 2001
2	From: Khem Raj <raj.khem@gmail.com>
3	Date: Mon, 15 Aug 2022 10:35:53 -0700
4	Subject: [PATCH] configure: Add needed system headers in checks
5
6	Newer compilers throw warnings when a funciton is used with implicit
7	declaration and enabling -Werror can silently fail these tests and
8	result in wrong configure results. Therefore add the needed headers in
9	the AC_TRY_LINK macros
10
11	* configure.ac: Add missing system headers in AC_TRY_LINK.
12
13	Upstream-Status: Submitted [https://lists.gnu.org/archive/html/screen-devel/2022-08/msg00000.html]
14	Signed-off-by: Khem Raj <raj.khem@gmail.com>
15	---
16	configure.ac \| 57 +++++++++++++++++++++++++++++++++++++++-------------
17	1 file changed, 43 insertions(+), 14 deletions(-)
18
19	diff --git a/configure.ac b/configure.ac
20	index c0f02df..d308079 100644
21	--- a/configure.ac
22	+++ b/configure.ac
23	@@ -233,6 +233,7 @@ AC_CHECKING(BSD job jontrol)
24	AC_TRY_LINK(
25	[#include <sys/types.h>
26	#include <sys/ioctl.h>
27	+#include <unistd.h>
28	], [
29	#ifdef POSIX
30	tcsetpgrp(0, 0);
31	@@ -250,12 +251,16 @@ dnl
32	dnl ** setresuid(), setreuid(), seteuid() **
33	dnl
34	AC_CHECKING(setresuid)
35	-AC_TRY_LINK(,[
36	-setresuid(0, 0, 0);
37	+AC_TRY_LINK([
38	+#include <unistd.h>
39	+],[
40	+return setresuid(0, 0, 0);
41	], AC_DEFINE(HAVE_SETRESUID))
42	AC_CHECKING(setreuid)
43	-AC_TRY_LINK(,[
44	-setreuid(0, 0);
45	+AC_TRY_LINK([
46	+#include <unistd.h>
47	+],[
48	+return setreuid(0, 0);
49	], AC_DEFINE(HAVE_SETREUID))
50	dnl
51	dnl seteuid() check:
52	@@ -274,7 +279,9 @@ seteuid(0);
53
54	dnl execvpe
55	AC_CHECKING(execvpe)
56	-AC_TRY_LINK(,[
57	+AC_TRY_LINK([
58	+ #include <unistd.h>
59	+],[
60	execvpe(0, 0, 0);
61	], AC_DEFINE(HAVE_EXECVPE)
62	CFLAGS="$CFLAGS -D_GNU_SOURCE")
63	@@ -284,10 +291,18 @@ dnl ** select() **
64	dnl
65
66	AC_CHECKING(select)
67	-AC_TRY_LINK(,[select(0, 0, 0, 0, 0);],,
68	+AC_TRY_LINK([
69	+ #include <sys/select.h>
70	+],[
71	+ select(0, 0, 0, 0, 0);
72	+],,
73	LIBS="$LIBS -lnet -lnsl"
74	AC_CHECKING(select with $LIBS)
75	-AC_TRY_LINK(,[select(0, 0, 0, 0, 0);],,
76	+AC_TRY_LINK([
77	+ #include <sys/select.h>
78	+],[
79	+ select(0, 0, 0, 0, 0);
80	+],,
81	AC_MSG_ERROR(!!! no select - no screen))
82	)
83	dnl
84	@@ -624,11 +639,19 @@ dnl
85	dnl ** termcap or terminfo **
86	dnl
87	AC_CHECKING(for tgetent)
88	-AC_TRY_LINK(,tgetent((char )0, (char )0);,,
89	+AC_TRY_LINK([
90	+ #include <curses.h>
91	+ #include <term.h>
92	+],[
93	+ tgetent((char )0, (char )0);
94	+],,
95	olibs="$LIBS"
96	LIBS="-lcurses $olibs"
97	AC_CHECKING(libcurses)
98	-AC_TRY_LINK(,[
99	+AC_TRY_LINK([
100	+ #include <curses.h>
101	+ #include <term.h>
102	+],[
103	#ifdef __hpux
104	__sorry_hpux_libcurses_is_totally_broken_in_10_10();
105	#else
106	@@ -871,7 +894,7 @@ test -f /usr/lib/libutil.a && LIBS="$LIBS -lutil"
107	fi
108
109	AC_CHECKING(getloadavg)
110	-AC_TRY_LINK(,[getloadavg((double *)0, 0);],
111	+AC_TRY_LINK([#include <stdlib.h>],[getloadavg((double *)0, 0);],
112	AC_DEFINE(LOADAV_GETLOADAVG) load=1,
113	if test "$cross_compiling" = no && test -f /usr/lib/libkvm.a ; then
114	olibs="$LIBS"
115	@@ -1109,10 +1132,10 @@ AC_CHECKING(IRIX sun library)
116	AC_TRY_LINK(,,,LIBS="$oldlibs")
117
118	AC_CHECKING(syslog)
119	-AC_TRY_LINK(,[closelog();], , [oldlibs="$LIBS"
120	+AC_TRY_LINK([#include <syslog.h>],[closelog();], , [oldlibs="$LIBS"
121	LIBS="$LIBS -lbsd"
122	AC_CHECKING(syslog in libbsd.a)
123	-AC_TRY_LINK(, [closelog();], AC_NOTE(- found.), [LIBS="$oldlibs"
124	+AC_TRY_LINK([#include <syslog.h>], [closelog();], AC_NOTE(- found.), [LIBS="$oldlibs"
125	AC_NOTE(- bad news: syslog missing.) AC_DEFINE(NOSYSLOG)])])
126
127	AC_EGREP_CPP(YES_IS_DEFINED,
128	@@ -1149,7 +1172,7 @@ AC_CHECKING(getspnam)
129	AC_TRY_LINK([#include <shadow.h>], [getspnam("x");],AC_DEFINE(SHADOWPW))
130
131	AC_CHECKING(getttyent)
132	-AC_TRY_LINK(,[getttyent();], AC_DEFINE(GETTTYENT))
133	+AC_TRY_LINK([#include <ttyent.h>],[getttyent();], AC_DEFINE(GETTTYENT))
134
135	AC_CHECKING(fdwalk)
136	AC_TRY_LINK([#include <stdlib.h>], [fdwalk(NULL, NULL);],AC_DEFINE(HAVE_FDWALK))
137	@@ -1204,7 +1227,13 @@ main() {
138	AC_SYS_LONG_FILE_NAMES
139
140	AC_MSG_CHECKING(for vsprintf)
141	-AC_TRY_LINK([#include <stdarg.h>],[va_list valist; vsprintf(0,0,valist);], AC_MSG_RESULT(yes);AC_DEFINE(USEVARARGS), AC_MSG_RESULT(no))
142	+AC_TRY_LINK([
143	+ #include <stdarg.h>
144	+ #include <stdio.h>
145	+],[
146	+ va_list valist;
147	+ vsprintf(0,0,valist);
148	+], AC_MSG_RESULT(yes);AC_DEFINE(USEVARARGS), AC_MSG_RESULT(no))
149
150	AC_HEADER_DIRENT
151


diff --git a/meta/recipes-extended/screen/screen/signal-permission.patch b/meta/recipes-extended/screen/screen/signal-permission.patch deleted file mode 100644 index 77dc649090..0000000000 --- a/meta/recipes-extended/screen/screen/signal-permission.patch +++ /dev/null
@@ -1,40 +0,0 @@
1	From e9ad41bfedb4537a6f0de20f00b27c7739f168f7 Mon Sep 17 00:00:00 2001
2	From: Alexander Naumov <alexander_naumov@opensuse.org>
3	Date: Mon, 30 Jan 2023 17:22:25 +0200
4	Subject: fix: missing signal sending permission check on failed query messages
5
6	Signed-off-by: Alexander Naumov <alexander_naumov@opensuse.org>
7
8	CVE: CVE-2023-24626
9	Upstream-Status: Backport
10	Signed-off-by: Ross Burton <ross.burton@arm.com>
11	---
12	src/socket.c \| 9 +++++++--
13	1 file changed, 7 insertions(+), 2 deletions(-)
14
15	diff --git a/src/socket.c b/src/socket.c
16	index 147dc54..54d8cb8 100644
17	--- a/socket.c
18	+++ b/socket.c
19	@@ -1285,11 +1285,16 @@ ReceiveMsg()
20	else
21	queryflag = -1;
22
23	- Kill(m.m.command.apid,
24	+ if (CheckPid(m.m.command.apid)) {
25	+ Msg(0, "Query attempt with bad pid(%d)!", m.m.command.apid);
26	+ }
27	+ else {
28	+ Kill(m.m.command.apid,
29	(queryflag >= 0)
30	? SIGCONT
31	: SIG_BYE); /* Send SIG_BYE if an error happened */
32	- queryflag = -1;
33	+ queryflag = -1;
34	+ }
35	}
36	break;
37	case MSG_COMMAND:
38	--
39	cgit v1.1
40


diff --git a/meta/recipes-extended/screen/screen_4.9.0.bb b/meta/recipes-extended/screen/screen_4.9.1.bb index 235cd8c6cf..7b040e6b57 100644 --- a/meta/recipes-extended/screen/screen_4.9.0.bb +++ b/meta/recipes-extended/screen/screen_4.9.1.bb
@@ -21,11 +21,9 @@ SRC_URI = "${GNU_MIRROR}/screen/screen-${PV}.tar.gz \
21	file://0002-comm.h-now-depends-on-term.h.patch \	21	file://0002-comm.h-now-depends-on-term.h.patch \
22	file://0001-fix-for-multijob-build.patch \	22	file://0001-fix-for-multijob-build.patch \
23	file://0001-Remove-more-compatibility-stuff.patch \	23	file://0001-Remove-more-compatibility-stuff.patch \
24	file://0001-configure-Add-needed-system-headers-in-checks.patch \
25	file://signal-permission.patch \
26	"	24	"
27		25
28	SRC_URI[sha256sum] = "f9335281bb4d1538ed078df78a20c2f39d3af9a4e91c57d084271e0289c730f4"	26	SRC_URI[sha256sum] = "26cef3e3c42571c0d484ad6faf110c5c15091fbf872b06fa7aa4766c7405ac69"
29		27
30	inherit autotools texinfo	28	inherit autotools texinfo
31		29