Re: [oe] kirkstone merge request: April 28th
merged thanks Armin. On Sun, Apr 28, 2024 at 10:14 AM akuster808 wrote: > > The following changes since commit 8bb16533532b6abc2eded7d9961ab2a108fd7a5b: > >dnsmasq: Upgrade 2.87 -> 2.90 (2024-03-25 07:11:05 -0400) > > are available in the Git repository at: > >https://git.openembedded.org/meta-openembedded kirkstone-next > > for you to fetch changes up to 5a6f7925bd2b885955c942573f70a5594f231563: > >python3-twisted: Add python3-typing-extensions to RDEPENDS > (2024-04-28 13:10:23 -0400) > > > Ashish Sharma (1): >wireshark: Backport fix for CVE-2024-2955 > > Derek Straka (1): >python3-pyyaml-include: add initial recipe for version 1.3.2 > > Hains van den Bosch (2): >python3-twisted: Add python3-asyncio to RDEPENDS >python3-twisted: Add python3-typing-extensions to RDEPENDS > > Hitendra Prajapati (1): >wireshark: fix CVE-2023-6175 > > Mingli Yu (1): >python3-pyyaml-include: Upgrade 1.3.2 -> 1.4.1 > > Rahul Janani Pandi (3): >python3-pillow: Fix CVE-2023-50447 >python3-django: fix CVE-2024-24680 >python3-aiohttp: Fix CVE-2024-23334 > > Rohini Sangam (1): >xterm: Security fix for CVE-2023-40359 > > Soumya Sambu (2): >iniparser: Fix CVE-2023-33461 >apache2: Upgrade v2.4.58 -> v2.4.59 > > Tim Orling (1): >python3-pyyaml-include: switch to pytest --automake > > Xiangyu Chen (1): >bats: fix bats-format-pretty report error when multilib enabled > > nikhil (1): >giflib: Fix CVE CVE-2022-28506 > > .../recipes-support/wireshark/files/CVE-2023-6175.patch | 246 > ++ > .../recipes-support/wireshark/files/CVE-2024-2955.patch | 52 > meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb | 2 + > meta-oe/recipes-devtools/giflib/files/CVE-2022-28506.patch | 40 +++ > meta-oe/recipes-devtools/giflib/giflib_5.2.1.bb | 4 +- > meta-oe/recipes-graphics/xorg-app/xterm/CVE-2023-40359.patch| 388 > > meta-oe/recipes-graphics/xorg-app/xterm_372.bb | 1 + > .../recipes-support/iniparser/iniparser/CVE-2023-33461.patch| 51 > meta-oe/recipes-support/iniparser/iniparser_4.1.bb | 4 +- > meta-oe/recipes-test/bats/bats_1.6.1.bb | 1 + > .../python/python3-aiohttp/CVE-2024-23334.patch | 222 > > meta-python/recipes-devtools/python/python3-aiohttp_3.8.6.bb| 3 + > .../recipes-devtools/python/python3-django/CVE-2024-24680.patch | 48 > meta-python/recipes-devtools/python/python3-django_2.2.28.bb| 1 + > .../python/python3-pillow/CVE-2023-50447-1.patch| 29 +++ > .../python/python3-pillow/CVE-2023-50447-2.patch| 31 +++ > .../python/python3-pillow/CVE-2023-50447-3.patch| 56 > .../python/python3-pillow/CVE-2023-50447-4.patch| 66 + > meta-python/recipes-devtools/python/python3-pillow_9.4.0.bb | 4 + > .../recipes-devtools/python/python3-pyyaml-include/run-ptest| 3 + > .../recipes-devtools/python/python3-pyyaml-include_1.4.1.bb | 29 +++ > meta-python/recipes-devtools/python/python3-twisted_22.2.0.bb | 2 + > .../0004-apache2-log-the-SELinux-context-at-startup.patch | 16 +- > .../apache2/0007-apache2-allow-to-disable-selinux-support.patch | 10 +- > .../apache2/{apache2_2.4.58.bb => apache2_2.4.59.bb} | 2 +- > 25 files changed, 1295 insertions(+), 16 deletions(-) > create mode 100644 > meta-networking/recipes-support/wireshark/files/CVE-2023-6175.patch > create mode 100644 > meta-networking/recipes-support/wireshark/files/CVE-2024-2955.patch > create mode 100644 > meta-oe/recipes-devtools/giflib/files/CVE-2022-28506.patch > create mode 100644 > meta-oe/recipes-graphics/xorg-app/xterm/CVE-2023-40359.patch > create mode 100644 > meta-oe/recipes-support/iniparser/iniparser/CVE-2023-33461.patch > create mode 100644 > meta-python/recipes-devtools/python/python3-aiohttp/CVE-2024-23334.patch > create mode 100644 > meta-python/recipes-devtools/python/python3-django/CVE-2024-24680.patch > create mode 100644 > meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-1.patch > create mode 100644 > meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-2.patch > create mode 100644 > meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-3.patch > create mode 100644 > meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-4.patch > create mode 100755 > meta-python/recipes-devtools/python/python3-pyyaml-include/run-ptest > create mode 100644 > meta-python/recipes-devtools/python/python3-pyyaml-include_1.4.1.bb > rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.58.bb => > apache2_2.4.59.bb} (99%) > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages
[oe] kirkstone merge request: April 28th
The following changes since commit 8bb16533532b6abc2eded7d9961ab2a108fd7a5b: dnsmasq: Upgrade 2.87 -> 2.90 (2024-03-25 07:11:05 -0400) are available in the Git repository at: https://git.openembedded.org/meta-openembedded kirkstone-next for you to fetch changes up to 5a6f7925bd2b885955c942573f70a5594f231563: python3-twisted: Add python3-typing-extensions to RDEPENDS (2024-04-28 13:10:23 -0400) Ashish Sharma (1): wireshark: Backport fix for CVE-2024-2955 Derek Straka (1): python3-pyyaml-include: add initial recipe for version 1.3.2 Hains van den Bosch (2): python3-twisted: Add python3-asyncio to RDEPENDS python3-twisted: Add python3-typing-extensions to RDEPENDS Hitendra Prajapati (1): wireshark: fix CVE-2023-6175 Mingli Yu (1): python3-pyyaml-include: Upgrade 1.3.2 -> 1.4.1 Rahul Janani Pandi (3): python3-pillow: Fix CVE-2023-50447 python3-django: fix CVE-2024-24680 python3-aiohttp: Fix CVE-2024-23334 Rohini Sangam (1): xterm: Security fix for CVE-2023-40359 Soumya Sambu (2): iniparser: Fix CVE-2023-33461 apache2: Upgrade v2.4.58 -> v2.4.59 Tim Orling (1): python3-pyyaml-include: switch to pytest --automake Xiangyu Chen (1): bats: fix bats-format-pretty report error when multilib enabled nikhil (1): giflib: Fix CVE CVE-2022-28506 .../recipes-support/wireshark/files/CVE-2023-6175.patch | 246 ++ .../recipes-support/wireshark/files/CVE-2024-2955.patch | 52 meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb | 2 + meta-oe/recipes-devtools/giflib/files/CVE-2022-28506.patch | 40 +++ meta-oe/recipes-devtools/giflib/giflib_5.2.1.bb | 4 +- meta-oe/recipes-graphics/xorg-app/xterm/CVE-2023-40359.patch | 388 meta-oe/recipes-graphics/xorg-app/xterm_372.bb | 1 + .../recipes-support/iniparser/iniparser/CVE-2023-33461.patch | 51 meta-oe/recipes-support/iniparser/iniparser_4.1.bb | 4 +- meta-oe/recipes-test/bats/bats_1.6.1.bb | 1 + .../python/python3-aiohttp/CVE-2024-23334.patch | 222 meta-python/recipes-devtools/python/python3-aiohttp_3.8.6.bb | 3 + .../recipes-devtools/python/python3-django/CVE-2024-24680.patch | 48 meta-python/recipes-devtools/python/python3-django_2.2.28.bb | 1 + .../python/python3-pillow/CVE-2023-50447-1.patch | 29 +++ .../python/python3-pillow/CVE-2023-50447-2.patch | 31 +++ .../python/python3-pillow/CVE-2023-50447-3.patch | 56 .../python/python3-pillow/CVE-2023-50447-4.patch | 66 + meta-python/recipes-devtools/python/python3-pillow_9.4.0.bb | 4 + .../recipes-devtools/python/python3-pyyaml-include/run-ptest | 3 + .../recipes-devtools/python/python3-pyyaml-include_1.4.1.bb | 29 +++ meta-python/recipes-devtools/python/python3-twisted_22.2.0.bb | 2 + .../0004-apache2-log-the-SELinux-context-at-startup.patch | 16 +- .../apache2/0007-apache2-allow-to-disable-selinux-support.patch | 10 +- .../apache2/{apache2_2.4.58.bb => apache2_2.4.59.bb} | 2 +- 25 files changed, 1295 insertions(+), 16 deletions(-) create mode 100644 meta-networking/recipes-support/wireshark/files/CVE-2023-6175.patch create mode 100644 meta-networking/recipes-support/wireshark/files/CVE-2024-2955.patch create mode 100644 meta-oe/recipes-devtools/giflib/files/CVE-2022-28506.patch create mode 100644 meta-oe/recipes-graphics/xorg-app/xterm/CVE-2023-40359.patch create mode 100644 meta-oe/recipes-support/iniparser/iniparser/CVE-2023-33461.patch create mode 100644 meta-python/recipes-devtools/python/python3-aiohttp/CVE-2024-23334.patch create mode 100644 meta-python/recipes-devtools/python/python3-django/CVE-2024-24680.patch create mode 100644 meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-1.patch create mode 100644 meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-2.patch create mode 100644 meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-3.patch create mode 100644 meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-4.patch create mode 100755 meta-python/recipes-devtools/python/python3-pyyaml-include/run-ptest create mode 100644 meta-python/recipes-devtools/python/python3-pyyaml-include_1.4.1.bb rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.58.bb => apache2_2.4.59.bb} (99%) -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#110162): https://lists.openembedded.org/g/openembedded-devel/message/110162 Mute This Topic: https://lists.openembedded.org/mt/105786043/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe:
Re: [oe] [PATCH v2] apache2: fix multilib files confliction
> -Original Message- > From: openembedded-devel@lists.openembedded.org > On Behalf Of Kai Kang > Sent: den 25 april 2024 05:07 > To: openembedded-devel@lists.openembedded.org > Subject: [oe] [PATCH v2] apache2: fix multilib files confliction > > From: Kai Kang > > There are files confliction of apache2 when multilib enabled: > > Error: Transaction test error: > file /usr/share/apache2/build/config.nice conflicts between attempted > installs of apache2-dev-2.4.58-r0.cortexa57 and > lib32-apache2-dev-2.4.58-r0.armv7vet2hf_vfp > file /usr/share/apache2/build/config_vars.mk conflicts between > attempted installs of apache2-dev-2.4.58-r0.cortexa57 and > lib32-apache2-dev-2.4.58-r0.armv7vet2hf_vfp > > Install the 'build' directory to ${libexecdir} to fix the confliction by > setting 'installbuilddir'. ${libexecdir} is not populated to sysroot by > default, but command apxs requires these files, then add the dir to > SYSROOT_DIRS to populate them. > > And inherit bbclasses multilib_script and multilib_header to fix follow > up conflictions: > > file /usr/bin/apxs conflicts between attempted installs of > apache2-dev-2.4.58-r0.cortexa57 and > lib32-apache2-dev-2.4.58-r0.armv7vet2hf_vfp > file /usr/include/apache2/ap_config_layout.h conflicts between > attempted installs of apache2-dev-2.4.58-r0.cortexa57 and > lib32-apache2-dev-2.4.58-r0.armv7vet2hf_vfp > > Since multilib_script inherits update-alternatives, remove it from > inherit line for beautification. > > Fix buildpaths warning as well: > > WARNING: lib32-apache2-2.4.58-r0 do_package_qa: QA Issue: File > /usr/share/apache2/build/config.nice >in package lib32-apache2-dev contains reference to TMPDIR > [buildpaths] > > Signed-off-by: Kai Kang > --- > v2: > * still populate `.../build` directory after installed to ${libexecdir} > * fix buildpaths warning > > .../recipes-httpd/apache2/apache2_2.4.59.bb | 38 --- > 1 file changed, 24 insertions(+), 14 deletions(-) > > diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb > b/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb > index b96e8b4e1..5b170fac3 100644 > --- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb > +++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb > @@ -31,7 +31,7 @@ SRC_URI[sha256sum] = > "ec51501ec480284ff52f637258135d333230a7d229c3afa6f6c2f9040e > > S = "${WORKDIR}/httpd-${PV}" > > -inherit autotools update-rc.d pkgconfig systemd update-alternatives > +inherit autotools update-rc.d pkgconfig systemd multilib_script > multilib_header > > DEPENDS = "openssl expat pcre apr apr-util apache2-native " > > @@ -80,7 +80,10 @@ EXTRA_OECONF:class-native = "\ > " > > do_configure:prepend() { > -sed -i -e 's:$''{prefix}/usr/lib/cgi-bin:$''{libexecdir}/cgi-bin:g' > ${S}/config.layout > +# only modify layout Debian which is adopted > +sed -i -e '/Layout Debian/,/\Layout/ > s#\(cgidir:\s*\).*#\1${libexecdir}/cgi-bin#g' \ > +-e '/Layout Debian/,/\Layout/ > s#\(installbuilddir:\s*\).*#\1${libexecdir}/${PN}/build#g' \ > +${S}/config.layout > } > > do_install:append:class-target() { > @@ -119,14 +122,15 @@ do_install:append:class-target() { > -e 's,-fdebug-prefix-map[^ ]*,,g; s,-fmacro-prefix-map[^ ]*,,g; > s,-ffile-prefix-map[^ ]*,,g' \ > -e 's,${HOSTTOOLS_DIR}/,,g' \ > -e 's,APU_INCLUDEDIR = .*,APU_INCLUDEDIR = ,g' \ > - -e 's,APU_CONFIG = .*,APU_CONFIG = ,g' > ${D}${datadir}/apache2/build/config_vars.mk > + -e 's,APU_CONFIG = .*,APU_CONFIG = ,g' > ${D}${libexecdir}/${PN}/build/config_vars.mk > > sed -i -e 's,--sysroot=${STAGING_DIR_TARGET},,g' \ > -e 's,${DEBUG_PREFIX_MAP},,g' \ > -e 's,${RECIPE_SYSROOT},,g' \ > -e 's,-fdebug-prefix-map[^ ]*,,g; s,-fmacro-prefix-map[^ ]*,,g; > s,-fmacro-prefix-map[^ ]*,,g' \ > -e 's,APU_INCLUDEDIR = .*,APU_INCLUDEDIR = ,g' \ > - -e 's,".*/configure","configure",g' > ${D}${datadir}/apache2/build/config.nice > + -e 's,${WORKDIR}/recipe-sysroot/,,g' \ > + -e 's,".*/configure","configure",g' > ${D}${libexecdir}/${PN}/build/config.nice > > if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', > d)}; then > install -d ${D}${sysconfdir}/tmpfiles.d/ > @@ -143,6 +147,8 @@ do_install:append:class-target() { > > rm -rf ${D}${localstatedir} ${D}${sbindir}/envvars* > chown -R root:root ${D} > + > +oe_multilib_header apache2/ap_config_layout.h > } > > do_install:append:class-native() { > @@ -152,20 +158,22 @@ do_install:append:class-native() { > > SYSROOT_PREPROCESS_FUNCS:append:class-target = " apache_sysroot_preprocess" > > +SYSROOT_DIRS += "${libexecdir}/${PN}/build" > + > apache_sysroot_preprocess() { > install -d ${SYSROOT_DESTDIR}${bindir_crossscripts} > install -m 755 ${D}${bindir}/apxs >
Re: [oe] [PATCH v2] apache2: fix multilib files confliction
On 4/29/24 05:32, Peter Kjellerstedt wrote: -Original Message- From: openembedded-devel@lists.openembedded.org On Behalf Of Kai Kang Sent: den 25 april 2024 05:07 To: openembedded-devel@lists.openembedded.org Subject: [oe] [PATCH v2] apache2: fix multilib files confliction From: Kai Kang There are files confliction of apache2 when multilib enabled: Error: Transaction test error: file /usr/share/apache2/build/config.nice conflicts between attempted installs of apache2-dev-2.4.58-r0.cortexa57 and lib32-apache2-dev-2.4.58-r0.armv7vet2hf_vfp file /usr/share/apache2/build/config_vars.mk conflicts between attempted installs of apache2-dev-2.4.58-r0.cortexa57 and lib32-apache2-dev-2.4.58-r0.armv7vet2hf_vfp Install the 'build' directory to ${libexecdir} to fix the confliction by setting 'installbuilddir'. ${libexecdir} is not populated to sysroot by default, but command apxs requires these files, then add the dir to SYSROOT_DIRS to populate them. And inherit bbclasses multilib_script and multilib_header to fix follow up conflictions: file /usr/bin/apxs conflicts between attempted installs of apache2-dev-2.4.58-r0.cortexa57 and lib32-apache2-dev-2.4.58-r0.armv7vet2hf_vfp file /usr/include/apache2/ap_config_layout.h conflicts between attempted installs of apache2-dev-2.4.58-r0.cortexa57 and lib32-apache2-dev-2.4.58-r0.armv7vet2hf_vfp Since multilib_script inherits update-alternatives, remove it from inherit line for beautification. Fix buildpaths warning as well: WARNING: lib32-apache2-2.4.58-r0 do_package_qa: QA Issue: File /usr/share/apache2/build/config.nice in package lib32-apache2-dev contains reference to TMPDIR [buildpaths] Signed-off-by: Kai Kang --- v2: * still populate `.../build` directory after installed to ${libexecdir} * fix buildpaths warning .../recipes-httpd/apache2/apache2_2.4.59.bb | 38 --- 1 file changed, 24 insertions(+), 14 deletions(-) diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb index b96e8b4e1..5b170fac3 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb +++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb @@ -31,7 +31,7 @@ SRC_URI[sha256sum] = "ec51501ec480284ff52f637258135d333230a7d229c3afa6f6c2f9040e S = "${WORKDIR}/httpd-${PV}" -inherit autotools update-rc.d pkgconfig systemd update-alternatives +inherit autotools update-rc.d pkgconfig systemd multilib_script multilib_header DEPENDS = "openssl expat pcre apr apr-util apache2-native " @@ -80,7 +80,10 @@ EXTRA_OECONF:class-native = "\ " do_configure:prepend() { -sed -i -e 's:$''{prefix}/usr/lib/cgi-bin:$''{libexecdir}/cgi-bin:g' ${S}/config.layout +# only modify layout Debian which is adopted +sed -i -e '/Layout Debian/,/\Layout/ s#\(cgidir:\s*\).*#\1${libexecdir}/cgi-bin#g' \ +-e '/Layout Debian/,/\Layout/ s#\(installbuilddir:\s*\).*#\1${libexecdir}/${PN}/build#g' \ +${S}/config.layout } do_install:append:class-target() { @@ -119,14 +122,15 @@ do_install:append:class-target() { -e 's,-fdebug-prefix-map[^ ]*,,g; s,-fmacro-prefix-map[^ ]*,,g; s,-ffile-prefix-map[^ ]*,,g' \ -e 's,${HOSTTOOLS_DIR}/,,g' \ -e 's,APU_INCLUDEDIR = .*,APU_INCLUDEDIR = ,g' \ - -e 's,APU_CONFIG = .*,APU_CONFIG = ,g' ${D}${datadir}/apache2/build/config_vars.mk + -e 's,APU_CONFIG = .*,APU_CONFIG = ,g' ${D}${libexecdir}/${PN}/build/config_vars.mk sed -i -e 's,--sysroot=${STAGING_DIR_TARGET},,g' \ -e 's,${DEBUG_PREFIX_MAP},,g' \ -e 's,${RECIPE_SYSROOT},,g' \ -e 's,-fdebug-prefix-map[^ ]*,,g; s,-fmacro-prefix-map[^ ]*,,g; s,-fmacro-prefix-map[^ ]*,,g' \ -e 's,APU_INCLUDEDIR = .*,APU_INCLUDEDIR = ,g' \ - -e 's,".*/configure","configure",g' ${D}${datadir}/apache2/build/config.nice + -e 's,${WORKDIR}/recipe-sysroot/,,g' \ + -e 's,".*/configure","configure",g' ${D}${libexecdir}/${PN}/build/config.nice if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then install -d ${D}${sysconfdir}/tmpfiles.d/ @@ -143,6 +147,8 @@ do_install:append:class-target() { rm -rf ${D}${localstatedir} ${D}${sbindir}/envvars* chown -R root:root ${D} + +oe_multilib_header apache2/ap_config_layout.h } do_install:append:class-native() { @@ -152,20 +158,22 @@ do_install:append:class-native() { SYSROOT_PREPROCESS_FUNCS:append:class-target = " apache_sysroot_preprocess" +SYSROOT_DIRS += "${libexecdir}/${PN}/build" + apache_sysroot_preprocess() { install -d ${SYSROOT_DESTDIR}${bindir_crossscripts} install -m 755 ${D}${bindir}/apxs ${SYSROOT_DESTDIR}${bindir_crossscripts} install -d ${SYSROOT_DESTDIR}${sbindir} install -m 755 ${D}${sbindir}/apachectl ${SYSROOT_DESTDIR}${sbindir} -sed -i 's!my