Re: [oe][meta-filesystems][dunfell][PATCH 1/8] ntfs-3g-ntfsprogs: upgrade to 2021.8.22

Fri, 15 Jul 2022 14:18:42 -0700

I am finally able to look into this series pend the master and kirkstone back logs.
I am fine with the update but none of the patches apply. I tried two different systems. 


ERROR: ntfs-3g-ntfsprogs-2021.8.22-r0 do_patch: Applying patch 
'CVE-2021-46790.patch' on target directory 
'/builds/54vdLR_9/0/akuster/meta-branch-maint/build/tmp/work/core2-64-poky-linux/ntfs-3g-ntfsprogs/2021.8.22-r0/ntfs-3g_ntfsprogs-2021.8.22'
Command Error: 'quilt --quiltrc 
/builds/54vdLR_9/0/akuster/meta-branch-maint/build/tmp/work/core2-64-poky-linux/ntfs-3g-ntfsprogs/2021.8.22-r0/recipe-sysroot-native/etc/quiltrc 
push' exited with 0  Output:

Applying patch CVE-2021-46790.patch
patching file ntfsprogs/ntfsck.c
Hunk #1 FAILED at 616.
1 out of 1 hunk FAILED -- rejects in file ntfsprogs/ntfsck.c
Patch CVE-2021-46790.patch does not apply (enforce with -f)

ERROR: Logfile of failure stored in: 
/builds/54vdLR_9/0/akuster/meta-branch-maint/build/tmp/work/core2-64-poky-linux/ntfs-3g-ntfsprogs/2021.8.22-r0/temp/log.do_patch.2884481



the nest one failed too.

Applying patch patches/CVE-2022-30783.patch
patching file libfuse-lite/mount.c
patching file src/ntfs-3g_common.c
Hunk #1 FAILED at 128.
Hunk #2 FAILED at 521.
2 out of 2 hunks FAILED -- rejects in file src/ntfs-3g_common.c
patching file src/ntfs-3g_common.h
Hunk #1 FAILED at 94.
1 out of 1 hunk FAILED -- rejects in file src/ntfs-3g_common.h


-armin

On 7/1/22 01:20, Ranjitsinh Rathod via lists.openembedded.org wrote:

From: Chen Qi <[email protected]>

This upgrade revolves a bunch of CVEs. See more details in:
https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp.

Fixed CVE's:
CVE-2021-33285
CVE-2021-33289
CVE-2021-33286
CVE-2021-35266
CVE-2021-33287
CVE-2021-35267
CVE-2021-35268
CVE-2021-35269
CVE-2021-39251
CVE-2021-39252
CVE-2021-39253
CVE-2021-39254
CVE-2021-39255
CVE-2021-39256
CVE-2021-39257
CVE-2021-39258
CVE-2021-39259
CVE-2021-39260
CVE-2021-39261
CVE-2021-39262
CVE-2021-39263

Signed-off-by: Chen Qi <[email protected]>
Signed-off-by: Khem Raj <[email protected]>
(cherry picked from commit 6791dc536444a1dd0f473653501ba43fc84704f2)

Signed-off-by: Omkar Patil <[email protected]>
Signed-off-by: Ranjitsinh Rathod <[email protected]>
---
  ...-ntfsprogs_2017.3.23.bb => ntfs-3g-ntfsprogs_2021.8.22.bb} | 4 ++--
  1 file changed, 2 insertions(+), 2 deletions(-)
  rename 
meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/{ntfs-3g-ntfsprogs_2017.3.23.bb
 => ntfs-3g-ntfsprogs_2021.8.22.bb} (92%)

diff --git 
a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2017.3.23.bb
 
b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb
similarity index 92%
rename from 
meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2017.3.23.bb
rename to 
meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb
index 6f5cb6cee..19b2d6ca2 100644
--- 
a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2017.3.23.bb
+++ 
b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb
@@ -10,8 +10,8 @@ SRC_URI = 
"http://tuxera.com/opensource/ntfs-3g_ntfsprogs-${PV}.tgz \
             
file://0001-libntfs-3g-Makefile.am-fix-install-failed-while-host.patch \
  "
  S = "${WORKDIR}/ntfs-3g_ntfsprogs-${PV}"
-SRC_URI[md5sum] = "d97474ae1954f772c6d2fa386a6f462c"
-SRC_URI[sha256sum] = 
"3e5a021d7b761261836dcb305370af299793eedbded731df3d6943802e1262d5"
+SRC_URI[md5sum] = "90da343e78877d388eb34cefae6799ae"
+SRC_URI[sha256sum] = 
"55b883aa05d94b2ec746ef3966cb41e66bed6db99f22ddd41d1b8b94bb202efb"

  UPSTREAM_CHECK_URI = "https://www.tuxera.com/community/open-source-ntfs-3g/";
  UPSTREAM_CHECK_REGEX = "ntfs-3g_ntfsprogs-(?P<pver>\d+(\.\d+)+)\.tgz"
--
2.17.1

This message contains information that may be privileged or confidential and is 
the property of the KPIT Technologies Ltd. It is intended only for the person 
to whom it is addressed. If you are not the intended recipient, you are not 
authorized to read, print, retain copy, disseminate, distribute, or use this 
message or any part thereof. If you receive this message in error, please 
notify the sender immediately and delete all copies of this message. KPIT 
Technologies Ltd. does not accept any liability for virus infected mails.






-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#97848): 
https://lists.openembedded.org/g/openembedded-devel/message/97848
Mute This Topic: https://lists.openembedded.org/mt/92104299/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-























					Reply via email to