Upgrade to release 3.4.0: - bd_nvme_connect() now defaults to port 4420 or 8009 for discovery NQN respectively when - configure.ac: fix bashism - smart: Use drive self-assessment as an overall status - nvme: Default to well-known tr_svcid values when not specified - nvme: Handle memory allocation failures from _nvme_alloc() - crypto: Add a function to set persistent flags for LUKS - tests: Various minor mptovements
Drop CVE-2025-6019.patch because the change has been merged in the upstream and it is included in version 3.4.0. This work was sponsored by GOVCERT.LU. Signed-off-by: Leon Anavi <[email protected]> --- .../libblockdev/files/CVE-2025-6019.patch | 31 ------------------- ...blockdev_3.2.1.bb => libblockdev_3.4.0.bb} | 5 ++- 2 files changed, 2 insertions(+), 34 deletions(-) delete mode 100644 meta-oe/recipes-extended/libblockdev/files/CVE-2025-6019.patch rename meta-oe/recipes-extended/libblockdev/{libblockdev_3.2.1.bb => libblockdev_3.4.0.bb} (95%) diff --git a/meta-oe/recipes-extended/libblockdev/files/CVE-2025-6019.patch b/meta-oe/recipes-extended/libblockdev/files/CVE-2025-6019.patch deleted file mode 100644 index 2575578e77..0000000000 --- a/meta-oe/recipes-extended/libblockdev/files/CVE-2025-6019.patch +++ /dev/null @@ -1,31 +0,0 @@ -From b2e9c16c726f62e500241617f8f3a03aa658fbe3 Mon Sep 17 00:00:00 2001 -From: Thomas Blume <[email protected]> -Date: Fri, 16 May 2025 14:27:10 +0200 -Subject: [PATCH] Don't allow suid and dev set on fs resize - -Fixes: CVE-2025-6019 - -CVE: CVE-2025-6019 -Upstream-Status: Backport [ https://github.com/storaged-project/libblockdev/commit/46b54414f66e965e3c37f8f51e621f96258ae22e ] - -Signed-off-by: Changqing Li <[email protected]> ---- - src/plugins/fs/generic.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/plugins/fs/generic.c b/src/plugins/fs/generic.c -index 2b2180aa..60f7d75e 100644 ---- a/src/plugins/fs/generic.c -+++ b/src/plugins/fs/generic.c -@@ -661,7 +661,7 @@ static gchar* fs_mount (const gchar *device, gchar *fstype, gboolean read_only, - "Failed to create temporary directory for mounting '%s'.", device); - return NULL; - } -- ret = bd_fs_mount (device, mountpoint, fstype, read_only ? "ro" : NULL, NULL, &l_error); -+ ret = bd_fs_mount (device, mountpoint, fstype, read_only ? "nosuid,nodev,ro" : "nosuid,nodev", NULL, &l_error); - if (!ret) { - g_propagate_prefixed_error (error, l_error, "Failed to mount '%s': ", device); - g_rmdir (mountpoint); --- -2.34.1 - diff --git a/meta-oe/recipes-extended/libblockdev/libblockdev_3.2.1.bb b/meta-oe/recipes-extended/libblockdev/libblockdev_3.4.0.bb similarity index 95% rename from meta-oe/recipes-extended/libblockdev/libblockdev_3.2.1.bb rename to meta-oe/recipes-extended/libblockdev/libblockdev_3.4.0.bb index e4078d6862..2263e0bbdd 100644 --- a/meta-oe/recipes-extended/libblockdev/libblockdev_3.2.1.bb +++ b/meta-oe/recipes-extended/libblockdev/libblockdev_3.4.0.bb @@ -12,11 +12,10 @@ inherit autotools gobject-introspection pkgconfig lib_package DEPENDS = "autoconf-archive-native glib-2.0 kmod udev libnvme" -SRC_URI = "git://github.com/storaged-project/libblockdev;branch=3.2.x-branch;protocol=https \ +SRC_URI = "git://github.com/storaged-project/libblockdev;branch=master;protocol=https \ file://0001-fix-pythondir-for-multilib-when-cross-compiling.patch \ - file://CVE-2025-6019.patch \ " -SRCREV = "b829b60d9ff049abb190f09a3b9a5fac648cd5a3" +SRCREV = "c1053b3643f0b4f3d4549ac8f3ae85fdecbb2c72" FILES:${PN} += "${PYTHON_SITEPACKAGES_DIR}" -- 2.47.3
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#121907): https://lists.openembedded.org/g/openembedded-devel/message/121907 Mute This Topic: https://lists.openembedded.org/mt/116375221/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
