date:20240504

[OE-core][kirkstone][PATCH] glibc: Update to latest on stable 2.35 branch

2024-05-04 Thread Peter Marko via lists.openembedded.org

From: Peter Marko 

Adresses CVEs: CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602

Changes:
54a666dc5c elf: Disable some subtests of ifuncmain1, ifuncmain5 for !PIE
3a38600cc7 malloc: Exit early on test failure in tst-realloc
924a98402a nscd: Use time_t for return type of addgetnetgrentX
396f065496 login: structs utmp, utmpx, lastlog _TIME_BITS independence (bug 
30701)
77d8f49058 login: Check default sizes of structs utmp, utmpx, lastlog
8e7f0eba01 sparc: Remove 64 bit check on sparc32 wordsize (BZ 27574)
55771aba9d elf: Also compile dl-misc.os with $(rtld-early-cflags)
7a5864cac6 CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two buffers in 
addgetnetgrentX (bug 31680)
bafadc589f CVE-2024-33600: nscd: Avoid null pointer crashes after notfound 
response (bug 31678)
4370bef52b CVE-2024-33600: nscd: Do not send missing not-found response in 
addgetnetgrentX (bug 31678)
7a95873543 CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache 
(bug 31677)

Since glibc introduced file sysdeps/arm/bits/wordsize.h
our multilib patch needed to be updated.

Signed-off-by: Peter Marko 
---
 meta/recipes-core/glibc/glibc-version.inc |  2 +-
 ...y-the-header-between-arm-and-aarch64.patch | 64 +++
 meta/recipes-core/glibc/glibc_2.35.bb |  5 +-
 3 files changed, 41 insertions(+), 30 deletions(-)

diff --git a/meta/recipes-core/glibc/glibc-version.inc 
b/meta/recipes-core/glibc/glibc-version.inc
index cd8c7ecf94..1a8d51ef63 100644
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
 SRCBRANCH ?= "release/2.35/master"
 PV = "2.35"
-SRCREV_glibc ?= "36280d1ce5e245aabefb877fe4d3c6cff95dabfa"
+SRCREV_glibc ?= "54a666dc5c94897dab63856ba264ab2c53503303"
 SRCREV_localedef ?= "794da69788cbf9bf57b59a852f9f11307663fa87"
 
 GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
diff --git 
a/meta/recipes-core/glibc/glibc/0018-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch
 
b/meta/recipes-core/glibc/glibc/0018-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch
index 3b2d638b5f..789d2edf23 100644
--- 
a/meta/recipes-core/glibc/glibc/0018-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch
+++ 
b/meta/recipes-core/glibc/glibc/0018-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch
@@ -11,16 +11,15 @@ Upstream-Status: Inappropriate [ OE-Specific ]
 
 Signed-off-by: Khem Raj 
 ---
- sysdeps/aarch64/bits/wordsize.h  |  8 ++--
- sysdeps/{aarch64 => arm}/bits/wordsize.h | 10 +++---
- 2 files changed, 13 insertions(+), 5 deletions(-)
- copy sysdeps/{aarch64 => arm}/bits/wordsize.h (80%)
+ sysdeps/aarch64/bits/wordsize.h | 11 +--
+ sysdeps/arm/bits/wordsize.h | 16 +++-
+ 2 files changed, 24 insertions(+), 3 deletions(-)
 
 diff --git a/sysdeps/aarch64/bits/wordsize.h b/sysdeps/aarch64/bits/wordsize.h
-index 4635431f0e..5ef0ed21f3 100644
+index 4635431f0e..1639bcb063 100644
 --- a/sysdeps/aarch64/bits/wordsize.h
 +++ b/sysdeps/aarch64/bits/wordsize.h
-@@ -17,12 +17,16 @@
+@@ -17,12 +17,19 @@
 License along with the GNU C Library; if not, see
 .  */
  
@@ -33,38 +32,47 @@ index 4635431f0e..5ef0ed21f3 100644
  # define __WORDSIZE32_SIZE_ULONG  1
  # define __WORDSIZE32_PTRDIFF_LONG1
 +#else
-+# define __WORDSIZE   32
-+# define __WORDSIZE32_SIZE_ULONG  0
-+# define __WORDSIZE32_PTRDIFF_LONG0
++#define __WORDSIZE32
++#define __WORDSIZE_TIME64_COMPAT321
++#define __WORDSIZE32_SIZE_ULONG   0
++#define __WORDSIZE32_PTRDIFF_LONG 0
  #endif
  
++#ifdef __aarch64__
  #define __WORDSIZE_TIME64_COMPAT320
-diff --git a/sysdeps/aarch64/bits/wordsize.h b/sysdeps/arm/bits/wordsize.h
-similarity index 80%
-copy from sysdeps/aarch64/bits/wordsize.h
-copy to sysdeps/arm/bits/wordsize.h
-index 4635431f0e..34fcdef1f1 100644
 a/sysdeps/aarch64/bits/wordsize.h
++#endif
+diff --git a/sysdeps/arm/bits/wordsize.h b/sysdeps/arm/bits/wordsize.h
+index 6ecbfe7c86..1639bcb063 100644
+--- a/sysdeps/arm/bits/wordsize.h
 +++ b/sysdeps/arm/bits/wordsize.h
-@@ -17,12 +17,16 @@
+@@ -1,4 +1,6 @@
+-/* Copyright (C) 1999-2024 Free Software Foundation, Inc.
++/* Determine the wordsize from the preprocessor defines.
++
++   Copyright (C) 2016-2022 Free Software Foundation, Inc.
+This file is part of the GNU C Library.
+ 
+The GNU C Library is free software; you can redistribute it and/or
+@@ -15,7 +17,19 @@
 License along with the GNU C Library; if not, see
 .  */
  
--#ifdef __LP64__
 +#if defined (__aarch64__) && defined (__LP64__)
- # define __WORDSIZE   64
--#else
++# define __WORDSIZE   64
 +#elif defined (__aarch64__)
- # define __WORDSIZE   32
- # define __WORDSIZE32_SIZE_ULONG  1
- # define __WORDSIZE32_PTRDIFF_LONG1
-+#else
 +# define __WORDSIZE   32
-+#

[OE-core][master][scarthgap][PATCH] glibc: Update to latest on stable 2.39 branch

2024-05-04 Thread Peter Marko via lists.openembedded.org

From: Peter Marko 

Adresses CVEs: CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602

Changes:
273a835fe7 time: Allow later version licensing.
acc56074b0 nscd: Use time_t for return type of addgetnetgrentX
836d43b989 login: structs utmp, utmpx, lastlog _TIME_BITS independence (bug 
30701)
9831f98c26 login: Check default sizes of structs utmp, utmpx, lastlog
fd658f026f elf: Also compile dl-misc.os with $(rtld-early-cflags)
a9a8d3eebb CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two buffers in 
addgetnetgrentX (bug 31680)
c99f886de5 CVE-2024-33600: nscd: Avoid null pointer crashes after notfound 
response (bug 31678)
5a508e0b50 CVE-2024-33600: nscd: Do not send missing not-found response in 
addgetnetgrentX (bug 31678)
1263d583d2 CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache 
(bug 31677)
2f8f157eb0 x86: Define MINIMUM_X86_ISA_LEVEL in config.h [BZ #31676]
e701c7d761 i386: ulp update for SSE2 --disable-multi-arch configurations
e828914cf9 nptl: Fix tst-cancel30 on kernels without ppoll_time64 support

Since glibc introduced file sysdeps/arm/bits/wordsize.h
our multilib patch needed to be updated.

Signed-off-by: Peter Marko 
---
 meta/recipes-core/glibc/glibc-version.inc |  2 +-
 ...y-the-header-between-arm-and-aarch64.patch | 47 +++
 meta/recipes-core/glibc/glibc_2.39.bb |  2 +-
 3 files changed, 40 insertions(+), 11 deletions(-)

diff --git a/meta/recipes-core/glibc/glibc-version.inc 
b/meta/recipes-core/glibc/glibc-version.inc
index 4fc6986ffc..1e4a323d64 100644
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
 SRCBRANCH ?= "release/2.39/master"
 PV = "2.39+git"
-SRCREV_glibc ?= "31da30f23cddd36db29d5b6a1c7619361b271fb4"
+SRCREV_glibc ?= "273a835fe7c685cc54266bb8b502787bad5e9bae"
 SRCREV_localedef ?= "fab74f31b3811df543e24b6de47efdf45b538abc"
 
 GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git;protocol=https"
diff --git 
a/meta/recipes-core/glibc/glibc/0016-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch
 
b/meta/recipes-core/glibc/glibc/0016-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch
index 066c3b1ea2..9bdfa76318 100644
--- 
a/meta/recipes-core/glibc/glibc/0016-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch
+++ 
b/meta/recipes-core/glibc/glibc/0016-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch
@@ -11,16 +11,15 @@ Upstream-Status: Inappropriate [ OE-Specific ]
 
 Signed-off-by: Khem Raj 
 ---
- sysdeps/aarch64/bits/wordsize.h | 8 ++--
- sysdeps/arm/bits/wordsize.h | 1 +
- 2 files changed, 7 insertions(+), 2 deletions(-)
- create mode 12 sysdeps/arm/bits/wordsize.h
+ sysdeps/aarch64/bits/wordsize.h | 11 +--
+ sysdeps/arm/bits/wordsize.h | 22 +-
+ 2 files changed, 10 insertions(+), 23 deletions(-)
 
 diff --git a/sysdeps/aarch64/bits/wordsize.h b/sysdeps/aarch64/bits/wordsize.h
-index 118e59172d..b4b0692eb5 100644
+index 118e59172d..ff86359fe8 100644
 --- a/sysdeps/aarch64/bits/wordsize.h
 +++ b/sysdeps/aarch64/bits/wordsize.h
-@@ -17,12 +17,16 @@
+@@ -17,12 +17,19 @@
 License along with the GNU C Library; if not, see
 .  */
  
@@ -33,12 +32,42 @@ index 118e59172d..b4b0692eb5 100644
  # define __WORDSIZE32_SIZE_ULONG  1
  # define __WORDSIZE32_PTRDIFF_LONG1
 +#else
-+# define __WORDSIZE   32
-+# define __WORDSIZE32_SIZE_ULONG  0
-+# define __WORDSIZE32_PTRDIFF_LONG0
++#define __WORDSIZE32
++#define __WORDSIZE_TIME64_COMPAT321
++#define __WORDSIZE32_SIZE_ULONG   0
++#define __WORDSIZE32_PTRDIFF_LONG 0
  #endif
  
++#ifdef __aarch64__
  #define __WORDSIZE_TIME64_COMPAT320
++#endif
+diff --git a/sysdeps/arm/bits/wordsize.h b/sysdeps/arm/bits/wordsize.h
+deleted file mode 100644
+index 6ecbfe7c86..00
+--- a/sysdeps/arm/bits/wordsize.h
 /dev/null
+@@ -1,21 +0,0 @@
+-/* Copyright (C) 1999-2024 Free Software Foundation, Inc.
+-   This file is part of the GNU C Library.
+-
+-   The GNU C Library is free software; you can redistribute it and/or
+-   modify it under the terms of the GNU Lesser General Public
+-   License as published by the Free Software Foundation; either
+-   version 2.1 of the License, or (at your option) any later version.
+-
+-   The GNU C Library is distributed in the hope that it will be useful,
+-   but WITHOUT ANY WARRANTY; without even the implied warranty of
+-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+-   Lesser General Public License for more details.
+-
+-   You should have received a copy of the GNU Lesser General Public
+-   License along with the GNU C Library; if not, see
+-   .  */
+-
+-#define __WORDSIZE32
+-#define __WORDSIZE_TIME64_COMPAT321
+-#define __WORDSIZE32_SIZE_ULONG   0
+-#define __WORDSIZE32_PTRDIFF_LONG 0
 diff --git

[OE-core] [PATCH] linux-yocto-custom: Fix comment override syntax

2024-05-04 Thread Richard Purdie

The override format in a comment is incorrect, fix it.

Signed-off-by: Richard Purdie 
---
 meta-skeleton/recipes-kernel/linux/linux-yocto-custom.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-skeleton/recipes-kernel/linux/linux-yocto-custom.bb 
b/meta-skeleton/recipes-kernel/linux/linux-yocto-custom.bb
index 9437240fcff..0879bb17b91 100644
--- a/meta-skeleton/recipes-kernel/linux/linux-yocto-custom.bb
+++ b/meta-skeleton/recipes-kernel/linux/linux-yocto-custom.bb
@@ -7,7 +7,7 @@ SUMMARY = "An example kernel recipe that uses the linux-yocto 
and oe-core"
 #   To use linux-yocto-custom in your layer, copy this recipe (optionally
 #   rename it as well) and modify it appropriately for your machine. i.e.:
 #
-# COMPATIBLE_MACHINE_yourmachine = "yourmachine"
+# COMPATIBLE_MACHINE:yourmachine = "yourmachine"
 #
 #   You must also provide a Linux kernel configuration. The most direct
 #   method is to copy your .config to files/defconfig in your layer,
-- 
2.40.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#199013): 
https://lists.openembedded.org/g/openembedded-core/message/199013
Mute This Topic: https://lists.openembedded.org/mt/105907072/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone][PATCH] glibc: Update to latest on stable 2.35 branch

[OE-core][master][scarthgap][PATCH] glibc: Update to latest on stable 2.39 branch

[OE-core] [PATCH] linux-yocto-custom: Fix comment override syntax

3 matches

Site Navigation

Mail list logo

Footer information