Re: [oe] kirkstone merge request: April 28th
merged thanks Armin.
On Sun, Apr 28, 2024 at 10:14 AM akuster808 wrote:
>
> The following changes since commit 8bb16533532b6abc2eded7d9961ab2a108fd7a5b:
>
>dnsmasq: Upgrade 2.87 -> 2.90 (2024-03-25 07:11:05 -0400)
>
> are available in the Git repository at:
>
>https://git.openembedded.org/meta-openembedded kirkstone-next
>
> for you to fetch changes up to 5a6f7925bd2b885955c942573f70a5594f231563:
>
>python3-twisted: Add python3-typing-extensions to RDEPENDS
> (2024-04-28 13:10:23 -0400)
>
>
> Ashish Sharma (1):
>wireshark: Backport fix for CVE-2024-2955
>
> Derek Straka (1):
>python3-pyyaml-include: add initial recipe for version 1.3.2
>
> Hains van den Bosch (2):
>python3-twisted: Add python3-asyncio to RDEPENDS
>python3-twisted: Add python3-typing-extensions to RDEPENDS
>
> Hitendra Prajapati (1):
>wireshark: fix CVE-2023-6175
>
> Mingli Yu (1):
>python3-pyyaml-include: Upgrade 1.3.2 -> 1.4.1
>
> Rahul Janani Pandi (3):
>python3-pillow: Fix CVE-2023-50447
>python3-django: fix CVE-2024-24680
>python3-aiohttp: Fix CVE-2024-23334
>
> Rohini Sangam (1):
>xterm: Security fix for CVE-2023-40359
>
> Soumya Sambu (2):
>iniparser: Fix CVE-2023-33461
>apache2: Upgrade v2.4.58 -> v2.4.59
>
> Tim Orling (1):
>python3-pyyaml-include: switch to pytest --automake
>
> Xiangyu Chen (1):
>bats: fix bats-format-pretty report error when multilib enabled
>
> nikhil (1):
>giflib: Fix CVE CVE-2022-28506
>
> .../recipes-support/wireshark/files/CVE-2023-6175.patch | 246
> ++
> .../recipes-support/wireshark/files/CVE-2024-2955.patch | 52
> meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb | 2 +
> meta-oe/recipes-devtools/giflib/files/CVE-2022-28506.patch | 40 +++
> meta-oe/recipes-devtools/giflib/giflib_5.2.1.bb | 4 +-
> meta-oe/recipes-graphics/xorg-app/xterm/CVE-2023-40359.patch| 388
>
> meta-oe/recipes-graphics/xorg-app/xterm_372.bb | 1 +
> .../recipes-support/iniparser/iniparser/CVE-2023-33461.patch| 51
> meta-oe/recipes-support/iniparser/iniparser_4.1.bb | 4 +-
> meta-oe/recipes-test/bats/bats_1.6.1.bb | 1 +
> .../python/python3-aiohttp/CVE-2024-23334.patch | 222
>
> meta-python/recipes-devtools/python/python3-aiohttp_3.8.6.bb| 3 +
> .../recipes-devtools/python/python3-django/CVE-2024-24680.patch | 48
> meta-python/recipes-devtools/python/python3-django_2.2.28.bb| 1 +
> .../python/python3-pillow/CVE-2023-50447-1.patch| 29 +++
> .../python/python3-pillow/CVE-2023-50447-2.patch| 31 +++
> .../python/python3-pillow/CVE-2023-50447-3.patch| 56
> .../python/python3-pillow/CVE-2023-50447-4.patch| 66 +
> meta-python/recipes-devtools/python/python3-pillow_9.4.0.bb | 4 +
> .../recipes-devtools/python/python3-pyyaml-include/run-ptest| 3 +
> .../recipes-devtools/python/python3-pyyaml-include_1.4.1.bb | 29 +++
> meta-python/recipes-devtools/python/python3-twisted_22.2.0.bb | 2 +
> .../0004-apache2-log-the-SELinux-context-at-startup.patch | 16 +-
> .../apache2/0007-apache2-allow-to-disable-selinux-support.patch | 10 +-
> .../apache2/{apache2_2.4.58.bb => apache2_2.4.59.bb} | 2 +-
> 25 files changed, 1295 insertions(+), 16 deletions(-)
> create mode 100644
> meta-networking/recipes-support/wireshark/files/CVE-2023-6175.patch
> create mode 100644
> meta-networking/recipes-support/wireshark/files/CVE-2024-2955.patch
> create mode 100644
> meta-oe/recipes-devtools/giflib/files/CVE-2022-28506.patch
> create mode 100644
> meta-oe/recipes-graphics/xorg-app/xterm/CVE-2023-40359.patch
> create mode 100644
> meta-oe/recipes-support/iniparser/iniparser/CVE-2023-33461.patch
> create mode 100644
> meta-python/recipes-devtools/python/python3-aiohttp/CVE-2024-23334.patch
> create mode 100644
> meta-python/recipes-devtools/python/python3-django/CVE-2024-24680.patch
> create mode 100644
> meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-1.patch
> create mode 100644
> meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-2.patch
> create mode 100644
> meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-3.patch
> create mode 100644
> meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-4.patch
> create mode 100755
> meta-python/recipes-devtools/python/python3-pyyaml-include/run-ptest
> create mode 100644
> meta-python/recipes-devtools/python/python3-pyyaml-include_1.4.1.bb
> rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.58.bb =>
> apache2_2.4.59.bb} (99%)
>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages
[oe] kirkstone merge request: April 28th
The following changes since commit 8bb16533532b6abc2eded7d9961ab2a108fd7a5b:
dnsmasq: Upgrade 2.87 -> 2.90 (2024-03-25 07:11:05 -0400)
are available in the Git repository at:
https://git.openembedded.org/meta-openembedded kirkstone-next
for you to fetch changes up to 5a6f7925bd2b885955c942573f70a5594f231563:
python3-twisted: Add python3-typing-extensions to RDEPENDS
(2024-04-28 13:10:23 -0400)
Ashish Sharma (1):
wireshark: Backport fix for CVE-2024-2955
Derek Straka (1):
python3-pyyaml-include: add initial recipe for version 1.3.2
Hains van den Bosch (2):
python3-twisted: Add python3-asyncio to RDEPENDS
python3-twisted: Add python3-typing-extensions to RDEPENDS
Hitendra Prajapati (1):
wireshark: fix CVE-2023-6175
Mingli Yu (1):
python3-pyyaml-include: Upgrade 1.3.2 -> 1.4.1
Rahul Janani Pandi (3):
python3-pillow: Fix CVE-2023-50447
python3-django: fix CVE-2024-24680
python3-aiohttp: Fix CVE-2024-23334
Rohini Sangam (1):
xterm: Security fix for CVE-2023-40359
Soumya Sambu (2):
iniparser: Fix CVE-2023-33461
apache2: Upgrade v2.4.58 -> v2.4.59
Tim Orling (1):
python3-pyyaml-include: switch to pytest --automake
Xiangyu Chen (1):
bats: fix bats-format-pretty report error when multilib enabled
nikhil (1):
giflib: Fix CVE CVE-2022-28506
.../recipes-support/wireshark/files/CVE-2023-6175.patch | 246
++
.../recipes-support/wireshark/files/CVE-2024-2955.patch | 52
meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb | 2 +
meta-oe/recipes-devtools/giflib/files/CVE-2022-28506.patch | 40 +++
meta-oe/recipes-devtools/giflib/giflib_5.2.1.bb | 4 +-
meta-oe/recipes-graphics/xorg-app/xterm/CVE-2023-40359.patch | 388
meta-oe/recipes-graphics/xorg-app/xterm_372.bb | 1 +
.../recipes-support/iniparser/iniparser/CVE-2023-33461.patch | 51
meta-oe/recipes-support/iniparser/iniparser_4.1.bb | 4 +-
meta-oe/recipes-test/bats/bats_1.6.1.bb | 1 +
.../python/python3-aiohttp/CVE-2024-23334.patch | 222
meta-python/recipes-devtools/python/python3-aiohttp_3.8.6.bb | 3 +
.../recipes-devtools/python/python3-django/CVE-2024-24680.patch | 48
meta-python/recipes-devtools/python/python3-django_2.2.28.bb | 1 +
.../python/python3-pillow/CVE-2023-50447-1.patch | 29 +++
.../python/python3-pillow/CVE-2023-50447-2.patch | 31 +++
.../python/python3-pillow/CVE-2023-50447-3.patch | 56
.../python/python3-pillow/CVE-2023-50447-4.patch | 66 +
meta-python/recipes-devtools/python/python3-pillow_9.4.0.bb | 4 +
.../recipes-devtools/python/python3-pyyaml-include/run-ptest | 3 +
.../recipes-devtools/python/python3-pyyaml-include_1.4.1.bb | 29 +++
meta-python/recipes-devtools/python/python3-twisted_22.2.0.bb | 2 +
.../0004-apache2-log-the-SELinux-context-at-startup.patch | 16 +-
.../apache2/0007-apache2-allow-to-disable-selinux-support.patch | 10 +-
.../apache2/{apache2_2.4.58.bb => apache2_2.4.59.bb} | 2 +-
25 files changed, 1295 insertions(+), 16 deletions(-)
create mode 100644
meta-networking/recipes-support/wireshark/files/CVE-2023-6175.patch
create mode 100644
meta-networking/recipes-support/wireshark/files/CVE-2024-2955.patch
create mode 100644
meta-oe/recipes-devtools/giflib/files/CVE-2022-28506.patch
create mode 100644
meta-oe/recipes-graphics/xorg-app/xterm/CVE-2023-40359.patch
create mode 100644
meta-oe/recipes-support/iniparser/iniparser/CVE-2023-33461.patch
create mode 100644
meta-python/recipes-devtools/python/python3-aiohttp/CVE-2024-23334.patch
create mode 100644
meta-python/recipes-devtools/python/python3-django/CVE-2024-24680.patch
create mode 100644
meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-1.patch
create mode 100644
meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-2.patch
create mode 100644
meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-3.patch
create mode 100644
meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-4.patch
create mode 100755
meta-python/recipes-devtools/python/python3-pyyaml-include/run-ptest
create mode 100644
meta-python/recipes-devtools/python/python3-pyyaml-include_1.4.1.bb
rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.58.bb =>
apache2_2.4.59.bb} (99%)
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#110162):
https://lists.openembedded.org/g/openembedded-devel/message/110162
Mute This Topic: https://lists.openembedded.org/mt/105786043/21656
Group Owner: openembedded-devel+ow...@lists.openembedded.org
Unsubscribe:
Re: [oe] [PATCH v2] apache2: fix multilib files confliction
> -Original Message-
> From: openembedded-devel@lists.openembedded.org
> On Behalf Of Kai Kang
> Sent: den 25 april 2024 05:07
> To: openembedded-devel@lists.openembedded.org
> Subject: [oe] [PATCH v2] apache2: fix multilib files confliction
>
> From: Kai Kang
>
> There are files confliction of apache2 when multilib enabled:
>
> Error: Transaction test error:
> file /usr/share/apache2/build/config.nice conflicts between attempted
> installs of apache2-dev-2.4.58-r0.cortexa57 and
> lib32-apache2-dev-2.4.58-r0.armv7vet2hf_vfp
> file /usr/share/apache2/build/config_vars.mk conflicts between
> attempted installs of apache2-dev-2.4.58-r0.cortexa57 and
> lib32-apache2-dev-2.4.58-r0.armv7vet2hf_vfp
>
> Install the 'build' directory to ${libexecdir} to fix the confliction by
> setting 'installbuilddir'. ${libexecdir} is not populated to sysroot by
> default, but command apxs requires these files, then add the dir to
> SYSROOT_DIRS to populate them.
>
> And inherit bbclasses multilib_script and multilib_header to fix follow
> up conflictions:
>
> file /usr/bin/apxs conflicts between attempted installs of
> apache2-dev-2.4.58-r0.cortexa57 and
> lib32-apache2-dev-2.4.58-r0.armv7vet2hf_vfp
> file /usr/include/apache2/ap_config_layout.h conflicts between
> attempted installs of apache2-dev-2.4.58-r0.cortexa57 and
> lib32-apache2-dev-2.4.58-r0.armv7vet2hf_vfp
>
> Since multilib_script inherits update-alternatives, remove it from
> inherit line for beautification.
>
> Fix buildpaths warning as well:
>
> WARNING: lib32-apache2-2.4.58-r0 do_package_qa: QA Issue: File
> /usr/share/apache2/build/config.nice
>in package lib32-apache2-dev contains reference to TMPDIR
> [buildpaths]
>
> Signed-off-by: Kai Kang
> ---
> v2:
> * still populate `.../build` directory after installed to ${libexecdir}
> * fix buildpaths warning
>
> .../recipes-httpd/apache2/apache2_2.4.59.bb | 38 ---
> 1 file changed, 24 insertions(+), 14 deletions(-)
>
> diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb
> b/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb
> index b96e8b4e1..5b170fac3 100644
> --- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb
> +++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb
> @@ -31,7 +31,7 @@ SRC_URI[sha256sum] =
> "ec51501ec480284ff52f637258135d333230a7d229c3afa6f6c2f9040e
>
> S = "${WORKDIR}/httpd-${PV}"
>
> -inherit autotools update-rc.d pkgconfig systemd update-alternatives
> +inherit autotools update-rc.d pkgconfig systemd multilib_script
> multilib_header
>
> DEPENDS = "openssl expat pcre apr apr-util apache2-native "
>
> @@ -80,7 +80,10 @@ EXTRA_OECONF:class-native = "\
> "
>
> do_configure:prepend() {
> -sed -i -e 's:$''{prefix}/usr/lib/cgi-bin:$''{libexecdir}/cgi-bin:g'
> ${S}/config.layout
> +# only modify layout Debian which is adopted
> +sed -i -e '/Layout Debian/,/\Layout/
> s#\(cgidir:\s*\).*#\1${libexecdir}/cgi-bin#g' \
> +-e '/Layout Debian/,/\Layout/
> s#\(installbuilddir:\s*\).*#\1${libexecdir}/${PN}/build#g' \
> +${S}/config.layout
> }
>
> do_install:append:class-target() {
> @@ -119,14 +122,15 @@ do_install:append:class-target() {
> -e 's,-fdebug-prefix-map[^ ]*,,g; s,-fmacro-prefix-map[^ ]*,,g;
> s,-ffile-prefix-map[^ ]*,,g' \
> -e 's,${HOSTTOOLS_DIR}/,,g' \
> -e 's,APU_INCLUDEDIR = .*,APU_INCLUDEDIR = ,g' \
> - -e 's,APU_CONFIG = .*,APU_CONFIG = ,g'
> ${D}${datadir}/apache2/build/config_vars.mk
> + -e 's,APU_CONFIG = .*,APU_CONFIG = ,g'
> ${D}${libexecdir}/${PN}/build/config_vars.mk
>
> sed -i -e 's,--sysroot=${STAGING_DIR_TARGET},,g' \
> -e 's,${DEBUG_PREFIX_MAP},,g' \
> -e 's,${RECIPE_SYSROOT},,g' \
> -e 's,-fdebug-prefix-map[^ ]*,,g; s,-fmacro-prefix-map[^ ]*,,g;
> s,-fmacro-prefix-map[^ ]*,,g' \
> -e 's,APU_INCLUDEDIR = .*,APU_INCLUDEDIR = ,g' \
> - -e 's,".*/configure","configure",g'
> ${D}${datadir}/apache2/build/config.nice
> + -e 's,${WORKDIR}/recipe-sysroot/,,g' \
> + -e 's,".*/configure","configure",g'
> ${D}${libexecdir}/${PN}/build/config.nice
>
> if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false',
> d)}; then
> install -d ${D}${sysconfdir}/tmpfiles.d/
> @@ -143,6 +147,8 @@ do_install:append:class-target() {
>
> rm -rf ${D}${localstatedir} ${D}${sbindir}/envvars*
> chown -R root:root ${D}
> +
> +oe_multilib_header apache2/ap_config_layout.h
> }
>
> do_install:append:class-native() {
> @@ -152,20 +158,22 @@ do_install:append:class-native() {
>
> SYSROOT_PREPROCESS_FUNCS:append:class-target = " apache_sysroot_preprocess"
>
> +SYSROOT_DIRS += "${libexecdir}/${PN}/build"
> +
> apache_sysroot_preprocess() {
> install -d ${SYSROOT_DESTDIR}${bindir_crossscripts}
> install -m 755 ${D}${bindir}/apxs
>
Re: [oe] [PATCH v2] apache2: fix multilib files confliction
On 4/29/24 05:32, Peter Kjellerstedt wrote:
-Original Message-
From: openembedded-devel@lists.openembedded.org
On Behalf Of Kai Kang
Sent: den 25 april 2024 05:07
To: openembedded-devel@lists.openembedded.org
Subject: [oe] [PATCH v2] apache2: fix multilib files confliction
From: Kai Kang
There are files confliction of apache2 when multilib enabled:
Error: Transaction test error:
file /usr/share/apache2/build/config.nice conflicts between attempted
installs of apache2-dev-2.4.58-r0.cortexa57 and
lib32-apache2-dev-2.4.58-r0.armv7vet2hf_vfp
file /usr/share/apache2/build/config_vars.mk conflicts between
attempted installs of apache2-dev-2.4.58-r0.cortexa57 and
lib32-apache2-dev-2.4.58-r0.armv7vet2hf_vfp
Install the 'build' directory to ${libexecdir} to fix the confliction by
setting 'installbuilddir'. ${libexecdir} is not populated to sysroot by
default, but command apxs requires these files, then add the dir to
SYSROOT_DIRS to populate them.
And inherit bbclasses multilib_script and multilib_header to fix follow
up conflictions:
file /usr/bin/apxs conflicts between attempted installs of
apache2-dev-2.4.58-r0.cortexa57 and
lib32-apache2-dev-2.4.58-r0.armv7vet2hf_vfp
file /usr/include/apache2/ap_config_layout.h conflicts between
attempted installs of apache2-dev-2.4.58-r0.cortexa57 and
lib32-apache2-dev-2.4.58-r0.armv7vet2hf_vfp
Since multilib_script inherits update-alternatives, remove it from
inherit line for beautification.
Fix buildpaths warning as well:
WARNING: lib32-apache2-2.4.58-r0 do_package_qa: QA Issue: File
/usr/share/apache2/build/config.nice
in package lib32-apache2-dev contains reference to TMPDIR
[buildpaths]
Signed-off-by: Kai Kang
---
v2:
* still populate `.../build` directory after installed to ${libexecdir}
* fix buildpaths warning
.../recipes-httpd/apache2/apache2_2.4.59.bb | 38 ---
1 file changed, 24 insertions(+), 14 deletions(-)
diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb
b/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb
index b96e8b4e1..5b170fac3 100644
--- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb
+++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb
@@ -31,7 +31,7 @@ SRC_URI[sha256sum] =
"ec51501ec480284ff52f637258135d333230a7d229c3afa6f6c2f9040e
S = "${WORKDIR}/httpd-${PV}"
-inherit autotools update-rc.d pkgconfig systemd update-alternatives
+inherit autotools update-rc.d pkgconfig systemd multilib_script multilib_header
DEPENDS = "openssl expat pcre apr apr-util apache2-native "
@@ -80,7 +80,10 @@ EXTRA_OECONF:class-native = "\
"
do_configure:prepend() {
-sed -i -e 's:$''{prefix}/usr/lib/cgi-bin:$''{libexecdir}/cgi-bin:g'
${S}/config.layout
+# only modify layout Debian which is adopted
+sed -i -e '/Layout Debian/,/\Layout/
s#\(cgidir:\s*\).*#\1${libexecdir}/cgi-bin#g' \
+-e '/Layout Debian/,/\Layout/
s#\(installbuilddir:\s*\).*#\1${libexecdir}/${PN}/build#g' \
+${S}/config.layout
}
do_install:append:class-target() {
@@ -119,14 +122,15 @@ do_install:append:class-target() {
-e 's,-fdebug-prefix-map[^ ]*,,g; s,-fmacro-prefix-map[^ ]*,,g;
s,-ffile-prefix-map[^ ]*,,g' \
-e 's,${HOSTTOOLS_DIR}/,,g' \
-e 's,APU_INCLUDEDIR = .*,APU_INCLUDEDIR = ,g' \
- -e 's,APU_CONFIG = .*,APU_CONFIG = ,g'
${D}${datadir}/apache2/build/config_vars.mk
+ -e 's,APU_CONFIG = .*,APU_CONFIG = ,g'
${D}${libexecdir}/${PN}/build/config_vars.mk
sed -i -e 's,--sysroot=${STAGING_DIR_TARGET},,g' \
-e 's,${DEBUG_PREFIX_MAP},,g' \
-e 's,${RECIPE_SYSROOT},,g' \
-e 's,-fdebug-prefix-map[^ ]*,,g; s,-fmacro-prefix-map[^ ]*,,g;
s,-fmacro-prefix-map[^ ]*,,g' \
-e 's,APU_INCLUDEDIR = .*,APU_INCLUDEDIR = ,g' \
- -e 's,".*/configure","configure",g'
${D}${datadir}/apache2/build/config.nice
+ -e 's,${WORKDIR}/recipe-sysroot/,,g' \
+ -e 's,".*/configure","configure",g'
${D}${libexecdir}/${PN}/build/config.nice
if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false',
d)}; then
install -d ${D}${sysconfdir}/tmpfiles.d/
@@ -143,6 +147,8 @@ do_install:append:class-target() {
rm -rf ${D}${localstatedir} ${D}${sbindir}/envvars*
chown -R root:root ${D}
+
+oe_multilib_header apache2/ap_config_layout.h
}
do_install:append:class-native() {
@@ -152,20 +158,22 @@ do_install:append:class-native() {
SYSROOT_PREPROCESS_FUNCS:append:class-target = " apache_sysroot_preprocess"
+SYSROOT_DIRS += "${libexecdir}/${PN}/build"
+
apache_sysroot_preprocess() {
install -d ${SYSROOT_DESTDIR}${bindir_crossscripts}
install -m 755 ${D}${bindir}/apxs ${SYSROOT_DESTDIR}${bindir_crossscripts}
install -d ${SYSROOT_DESTDIR}${sbindir}
install -m 755 ${D}${sbindir}/apachectl ${SYSROOT_DESTDIR}${sbindir}
-sed -i 's!my
