[OE-core] [oe][zeus][PATCH] xserver-xorg: Security Advisory - xserver-xorg - CVE-2020-14347

[Li Zhou]

Backport patch from  to solve
CVE-2020-14347.

Signed-off-by: Li Zhou 
---
 .../xorg-xserver/xserver-xorg/CVE-2020-14347.patch | 37 ++
 .../xorg-xserver/xserver-xorg_1.20.5.bb|  1 +
 2 files changed, 38 insertions(+)
 create mode 100644 
meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14347.patch

diff --git 
a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14347.patch 
b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14347.patch
new file mode 100644
index 000..20a6048
--- /dev/null
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2020-14347.patch
@@ -0,0 +1,37 @@
+From aac28e162e5108510065ad4c323affd6deffd816 Mon Sep 17 00:00:00 2001
+From: Matthieu Herrb 
+Date: Sat, 25 Jul 2020 19:33:50 +0200
+Subject: [PATCH] fix for ZDI-11426
+
+Avoid leaking un-initalized memory to clients by zeroing the
+whole pixmap on initial allocation.
+
+This vulnerability was discovered by:
+Jan-Niklas Sohn working with Trend Micro Zero Day Initiative
+
+Signed-off-by: Matthieu Herrb 
+Reviewed-by: Alan Coopersmith 
+
+Upstream-Status: Backport
+CVE: CVE-2020-14347
+Signed-off-by: Li Zhou 
+---
+ dix/pixmap.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/dix/pixmap.c b/dix/pixmap.c
+index 1186d7dbb..5a0146bbb 100644
+--- a/dix/pixmap.c
 b/dix/pixmap.c
+@@ -116,7 +116,7 @@ AllocatePixmap(ScreenPtr pScreen, int pixDataSize)
+ if (pScreen->totalPixmapSize > ((size_t) - 1) - pixDataSize)
+ return NullPixmap;
+ 
+-pPixmap = malloc(pScreen->totalPixmapSize + pixDataSize);
++pPixmap = calloc(1, pScreen->totalPixmapSize + pixDataSize);
+ if (!pPixmap)
+ return NullPixmap;
+ 
+-- 
+2.17.1
+
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.5.bb 
b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.5.bb
index 3de6d22..f0f15a2 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.5.bb
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.5.bb
@@ -5,6 +5,7 @@ SRC_URI += 
"file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.pat
 file://0001-test-xtest-Initialize-array-with-braces.patch \
 
file://0001-compiler.h-Do-not-include-sys-io.h-on-ARM-with-glibc.patch \
 file://sdksyms-no-build-path.patch \
+file://CVE-2020-14347.patch \
 "
 SRC_URI[md5sum] = "c9fc7e21e11286dbedd22c00df652130"
 SRC_URI[sha256sum] = 
"a81d8243f37e75a03d4f8c55f96d0bc25802be6ec45c3bfa5cb614c6d01bac9d"
-- 
1.9.1

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#141361): 
https://lists.openembedded.org/g/openembedded-core/message/141361
Mute This Topic: https://lists.openembedded.org/mt/76120064/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub  
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] Yocto Project Newcomer & Unassigned Bugs - Help Needed

[Stephen Jolley]

All,

 

The triage team is starting to try and collect up and classify bugs which a
newcomer to the project would be able to work on in a way which means people
can find them. They're being listed on the triage page under the appropriate
heading:

 

https://wiki.yoctoproject.org/wiki/Bug_Triage#Newcomer_Bugs

 

The idea is these bugs should be straight forward for a person to help work
on who doesn't have deep experience with the project.  If anyone can help,
please take ownership of the bug and send patches!  If anyone needs
help/advice there are people on irc who can likely do so, or some of the
more experienced contributors will likely be happy to help too.

 

Also, the triage team meets weekly and does its best to handle the bugs
reported into the Bugzilla. The number of people attending that meeting has
fallen, as have the number of people available to help fix bugs. One of the
things we hear users report is they don't know how to help. We (the triage
team) are therefore going to start reporting out the currently 340
unassigned or newcomer bugs.

 

We're hoping people may be able to spare some time now and again to help out
with these.  Bugs are split into two types, "true bugs" where things don't
work as they should and "enhancements" which are features we'd want to add
to the system.  There are also roughly four different "priority" classes
right now, "3.1", "3.2, "3.99" and "Future", the more pressing/urgent issues
being in "3.1" and then "3.2".

 

Please review this link and if a bug is something you would be able to help
with either take ownership of the bug, or send me (sjolley.yp...@gmail.com
 ) an e-mail with the bug number you would
like and I will assign it to you (please make sure you have a Bugzilla
account).  The list is at:
https://wiki.yoctoproject.org/wiki/Bug_Triage_Archive#Unassigned_or_Newcomer
_Bugs

 

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

*Cell:(208) 244-4460

* Email:  sjolley.yp...@gmail.com
 

 

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#141360): 
https://lists.openembedded.org/g/openembedded-core/message/141360
Mute This Topic: https://lists.openembedded.org/mt/76117257/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub  
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] ✗ patchtest: failure for gcr: make sure gcr-oids.h is generated

[Patchwork]

== Series Details ==

Series: gcr: make sure gcr-oids.h is generated
Revision: 1
URL   : https://patchwork.openembedded.org/series/25552/
State : failure

== Summary ==


Thank you for submitting this patch series to OpenEmbedded Core. This is
an automated response. Several tests have been executed on the proposed
series by patchtest resulting in the following failures:



* Issue Upstream-Status is in incorrect format 
[test_upstream_status_presence_format] 
  Suggested fixFix Upstream-Status format in 
0001-meson-Make-sure-gcr-oids.h-is-built.patch
  Current  Upstream-Status:  backport [https://github.com/GNOME/gcr.git]
  Standard format  Upstream-Status: 
  Valid status Pending, Accepted, Backport, Denied, Inappropriate [reason], 
Submitted [where]



If you believe any of these test results are incorrect, please reply to the
mailing list (openembedded-core@lists.openembedded.org) raising your concerns.
Otherwise we would appreciate you correcting the issues and submitting a new
version of the patchset if applicable. Please ensure you add/increment the
version number when sending the new version (i.e. [PATCH] -> [PATCH v2] ->
[PATCH v3] -> ...).

---
Guidelines: 
https://www.openembedded.org/wiki/Commit_Patch_Message_Guidelines
Test framework: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest
Test suite: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest-oe

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#141359): 
https://lists.openembedded.org/g/openembedded-core/message/141359
Mute This Topic: https://lists.openembedded.org/mt/76115496/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub  
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[oe-core][PATCH 1/1] gcr: make sure gcr-oids.h is generated

[Joe Slater]

Backport, without modification, a patch from mainline after
gcr-3-36 branch created.

Signed-off-by: Joe Slater 
---
 ...-meson-Make-sure-gcr-oids.h-is-built.patch | 36 +++
 meta/recipes-gnome/gcr/gcr_3.36.0.bb  |  2 ++
 2 files changed, 38 insertions(+)
 create mode 100644 
meta/recipes-gnome/gcr/gcr/0001-meson-Make-sure-gcr-oids.h-is-built.patch

diff --git 
a/meta/recipes-gnome/gcr/gcr/0001-meson-Make-sure-gcr-oids.h-is-built.patch 
b/meta/recipes-gnome/gcr/gcr/0001-meson-Make-sure-gcr-oids.h-is-built.patch
new file mode 100644
index 00..3c8902d05e
--- /dev/null
+++ b/meta/recipes-gnome/gcr/gcr/0001-meson-Make-sure-gcr-oids.h-is-built.patch
@@ -0,0 +1,36 @@
+From 9fca6ae0aa7355c27d0922c561b9fbe18dde5b3d Mon Sep 17 00:00:00 2001
+From: Niels De Graef 
+Date: Fri, 19 Jun 2020 22:37:31 +0200
+Subject: [PATCH 1/1] meson: Make sure gcr-oids.h is built
+
+Fixes https://gitlab.gnome.org/GNOME/gcr/-/issues/48
+---
+ gcr/meson.build | 5 -
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+--- end of original header ---
+
+Upstream-Status:  backport [https://github.com/GNOME/gcr.git]
+
+Signed-off-by: Joe Slater 
+
+---
+diff --git a/gcr/meson.build b/gcr/meson.build
+index 199452f..06c3a63 100644
+--- a/gcr/meson.build
 b/gcr/meson.build
+@@ -178,7 +178,10 @@ endif
+ gcr_base_dep = declare_dependency(
+   link_with: gcr_base_lib,
+   include_directories: include_directories('..'),
+-  sources: gcr_enums_gen[1], # Make sure gcr-enum-types-base.h can be included
++  sources: [
++gcr_enums_gen[1],
++gcr_oids[1],
++  ],
+ )
+ 
+ if get_option('introspection')
+-- 
+2.7.4
+
diff --git a/meta/recipes-gnome/gcr/gcr_3.36.0.bb 
b/meta/recipes-gnome/gcr/gcr_3.36.0.bb
index d5a88dfb35..ff455a68ec 100644
--- a/meta/recipes-gnome/gcr/gcr_3.36.0.bb
+++ b/meta/recipes-gnome/gcr/gcr_3.36.0.bb
@@ -18,6 +18,8 @@ inherit gnomebase gtk-icon-cache gtk-doc features_check 
upstream-version-is-even
 REQUIRED_DISTRO_FEATURES = "x11"
 
 SRC_URI += " 
file://0001-meson.build-correctly-set-internal-vapi-dependencies.patch"
+SRC_URI += " file://0001-meson-Make-sure-gcr-oids.h-is-built.patch"
+
 SRC_URI[archive.md5sum] = "adc65563b6b458507b9a578a8b68fb61"
 SRC_URI[archive.sha256sum] = 
"aaf9bed017a2263c6145c89a1a84178f9f40f238426463e4ae486694ef5f6601"
 
-- 
2.17.1

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#141358): 
https://lists.openembedded.org/g/openembedded-core/message/141358
Mute This Topic: https://lists.openembedded.org/mt/76115036/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub  
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [zeus][PATCH 0/4] zeus review request

[Anuj Mittal]

Last set of changes before last zeus dot release. Please review.

Thanks,

Anuj

The following changes since commit 74e22d0d2b61d0014f408972725469bb7a024622:

  gstreamer1.0: fix builds with make 4.3 (2020-07-28 16:16:52 +0800)

are available in the Git repository at:

  git://push.openembedded.org/openembedded-core-contrib anujm/zeus

Konrad Weihmann (1):
  pypi.bbclass: mind package suffix on version check

Li Zhou (1):
  go: Security Advisory - go - CVE-2020-15586

Rahul Taya (1):
  libpcre: Add fix for CVE-2020-14155

Tim Orling (1):
  pypi.bbclass: use new pypi UPSTREAM_CHECK_URI

 meta/classes/pypi.bbclass |   4 +-
 meta/recipes-devtools/go/go-1.12.inc  |   1 +
 .../go/go-1.12/CVE-2020-15586.patch   | 131 ++
 .../libpcre/libpcre/CVE-2020-14155.patch  |  41 ++
 meta/recipes-support/libpcre/libpcre_8.43.bb  |   1 +
 5 files changed, 176 insertions(+), 2 deletions(-)
 create mode 100644 meta/recipes-devtools/go/go-1.12/CVE-2020-15586.patch
 create mode 100644 meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch

-- 
2.26.2

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#141353): 
https://lists.openembedded.org/g/openembedded-core/message/141353
Mute This Topic: https://lists.openembedded.org/mt/76105710/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub  
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [zeus][PATCH 3/4] go: Security Advisory - go - CVE-2020-15586

[Anuj Mittal]

From: Li Zhou 

Backport patch from  to solve CVE-2020-15586.

Signed-off-by: Li Zhou 
Signed-off-by: Anuj Mittal 
---
 meta/recipes-devtools/go/go-1.12.inc  |   1 +
 .../go/go-1.12/CVE-2020-15586.patch   | 131 ++
 2 files changed, 132 insertions(+)
 create mode 100644 meta/recipes-devtools/go/go-1.12/CVE-2020-15586.patch

diff --git a/meta/recipes-devtools/go/go-1.12.inc 
b/meta/recipes-devtools/go/go-1.12.inc
index 6aecaad75d..c3c2d0cfee 100644
--- a/meta/recipes-devtools/go/go-1.12.inc
+++ b/meta/recipes-devtools/go/go-1.12.inc
@@ -18,6 +18,7 @@ SRC_URI += "\
 file://0008-use-GOBUILDMODE-to-set-buildmode.patch \
 file://0001-release-branch.go1.12-security-net-textproto-don-t-n.patch \
 file://0010-fix-CVE-2019-17596.patch \
+file://CVE-2020-15586.patch \
 "
 SRC_URI_append_libc-musl = " 
file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch"
 
diff --git a/meta/recipes-devtools/go/go-1.12/CVE-2020-15586.patch 
b/meta/recipes-devtools/go/go-1.12/CVE-2020-15586.patch
new file mode 100644
index 00..ebdc5aec6d
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.12/CVE-2020-15586.patch
@@ -0,0 +1,131 @@
+From fa98f46741f818913a8c11b877520a548715131f Mon Sep 17 00:00:00 2001
+From: Russ Cox 
+Date: Mon, 13 Jul 2020 13:27:22 -0400
+Subject: [PATCH] net/http: synchronize "100 Continue" write and Handler writes
+
+The expectContinueReader writes to the connection on the first
+Request.Body read. Since a Handler might be doing a read in parallel or
+before a write, expectContinueReader needs to synchronize with the
+ResponseWriter, and abort if a response already went out.
+
+The tests will land in a separate CL.
+
+Fixes #34902
+Fixes CVE-2020-15586
+
+Change-Id: Icdd8dd539f45e8863762bd378194bb4741e875fc
+Reviewed-on: 
https://team-review.git.corp.google.com/c/golang/go-private/+/793350
+Reviewed-by: Filippo Valsorda 
+Reviewed-on: https://go-review.googlesource.com/c/go/+/242598
+Run-TryBot: Katie Hockman 
+Reviewed-by: Filippo Valsorda 
+TryBot-Result: Gobot Gobot 
+
+Upstream-Status: Backport
+CVE: CVE-2020-15586
+Signed-off-by: Li Zhou 
+---
+ src/net/http/server.go | 43 +++---
+ 1 file changed, 36 insertions(+), 7 deletions(-)
+
+diff --git a/src/net/http/server.go b/src/net/http/server.go
+index a995a50658..d41b5f6f48 100644
+--- a/src/net/http/server.go
 b/src/net/http/server.go
+@@ -425,6 +425,16 @@ type response struct {
+   wants10KeepAlive bool   // HTTP/1.0 w/ Connection 
"keep-alive"
+   wantsClose   bool   // HTTP request has Connection 
"close"
+ 
++  // canWriteContinue is a boolean value accessed as an atomic int32
++  // that says whether or not a 100 Continue header can be written
++  // to the connection.
++  // writeContinueMu must be held while writing the header.
++  // These two fields together synchronize the body reader
++  // (the expectContinueReader, which wants to write 100 Continue)
++  // against the main writer.
++  canWriteContinue atomicBool
++  writeContinueMu  sync.Mutex
++
+   w  *bufio.Writer // buffers output in chunks to chunkWriter
+   cw chunkWriter
+ 
+@@ -515,6 +525,7 @@ type atomicBool int32
+ 
+ func (b *atomicBool) isSet() bool { return atomic.LoadInt32((*int32)(b)) != 0 
}
+ func (b *atomicBool) setTrue(){ atomic.StoreInt32((*int32)(b), 1) }
++func (b *atomicBool) setFalse()   { atomic.StoreInt32((*int32)(b), 0) }
+ 
+ // declareTrailer is called for each Trailer header when the
+ // response header is written. It notes that a header will need to be
+@@ -878,21 +889,27 @@ type expectContinueReader struct {
+   resp   *response
+   readCloser io.ReadCloser
+   closed bool
+-  sawEOF bool
++  sawEOF atomicBool
+ }
+ 
+ func (ecr *expectContinueReader) Read(p []byte) (n int, err error) {
+   if ecr.closed {
+   return 0, ErrBodyReadAfterClose
+   }
+-  if !ecr.resp.wroteContinue && !ecr.resp.conn.hijacked() {
+-  ecr.resp.wroteContinue = true
+-  ecr.resp.conn.bufw.WriteString("HTTP/1.1 100 Continue\r\n\r\n")
+-  ecr.resp.conn.bufw.Flush()
++  w := ecr.resp
++  if !w.wroteContinue && w.canWriteContinue.isSet() && !w.conn.hijacked() 
{
++  w.wroteContinue = true
++  w.writeContinueMu.Lock()
++  if w.canWriteContinue.isSet() {
++  w.conn.bufw.WriteString("HTTP/1.1 100 Continue\r\n\r\n")
++  w.conn.bufw.Flush()
++  w.canWriteContinue.setFalse()
++  }
++  w.writeContinueMu.Unlock()
+   }
+   n, err = ecr.readCloser.Read(p)
+   if err == io.EOF {
+-  ecr.sawEOF = true
++  ecr.sawEOF.setTrue()
+   }
+   return
+ }
+@@ -1311,7 +1328,7 @@ func (cw 

[OE-core] [zeus][PATCH 1/4] pypi.bbclass: mind package suffix on version check

[Anuj Mittal]

From: Konrad Weihmann 

Some pypi packages do have suffixes like dev, or a0 or b1.
When doing a version check on these, the version will get falsely
identified as major release versions.
Add a terminating slash to rule out those false positives

Signed-off-by: Konrad Weihmann 
Signed-off-by: Richard Purdie 
Signed-off-by: Steve Sakoman 
(cherry picked from commit 0603f6d9f2abfa67b99b1bc39228f6aa16a0370d)
[Yocto bug #13990]
Signed-off-by: Armin Kuster 
---
 meta/classes/pypi.bbclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/classes/pypi.bbclass b/meta/classes/pypi.bbclass
index e5d7ab3ce1..ffa8aa3ff4 100644
--- a/meta/classes/pypi.bbclass
+++ b/meta/classes/pypi.bbclass
@@ -23,4 +23,4 @@ SRC_URI += "${PYPI_SRC_URI}"
 S = "${WORKDIR}/${PYPI_PACKAGE}-${PV}"
 
 UPSTREAM_CHECK_URI ?= "https://pypi.python.org/pypi/${PYPI_PACKAGE}/;
-UPSTREAM_CHECK_REGEX ?= "/${PYPI_PACKAGE}/(?P(\d+[\.\-_]*)+)"
+UPSTREAM_CHECK_REGEX ?= "/${PYPI_PACKAGE}/(?P(\d+[\.\-_]*)+)/"
-- 
2.26.2

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#141354): 
https://lists.openembedded.org/g/openembedded-core/message/141354
Mute This Topic: https://lists.openembedded.org/mt/76105711/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub  
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [zeus][PATCH 2/4] pypi.bbclass: use new pypi UPSTREAM_CHECK_URI

[Anuj Mittal]

From: Tim Orling 

Upstream https://pypi.python.org/pypi/${PYPI_PACKAGE}/
redirects to https://pypi.org/project/${PYPI_PACKAGE}/

Signed-off-by: Tim Orling 
Signed-off-by: Richard Purdie 
Signed-off-by: Steve Sakoman 
(cherry picked from commit e5f3f961242d888f3f786af8f793bf1d247fdff0)
[Yocto # 13990]
Signed-off-by: Armin Kuster 
---
 meta/classes/pypi.bbclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/classes/pypi.bbclass b/meta/classes/pypi.bbclass
index ffa8aa3ff4..87b4c85fc0 100644
--- a/meta/classes/pypi.bbclass
+++ b/meta/classes/pypi.bbclass
@@ -22,5 +22,5 @@ SECTION = "devel/python"
 SRC_URI += "${PYPI_SRC_URI}"
 S = "${WORKDIR}/${PYPI_PACKAGE}-${PV}"
 
-UPSTREAM_CHECK_URI ?= "https://pypi.python.org/pypi/${PYPI_PACKAGE}/;
+UPSTREAM_CHECK_URI ?= "https://pypi.org/project/${PYPI_PACKAGE}/;
 UPSTREAM_CHECK_REGEX ?= "/${PYPI_PACKAGE}/(?P(\d+[\.\-_]*)+)/"
-- 
2.26.2

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#141355): 
https://lists.openembedded.org/g/openembedded-core/message/141355
Mute This Topic: https://lists.openembedded.org/mt/76105712/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub  
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [zeus][PATCH 4/4] libpcre: Add fix for CVE-2020-14155

[Anuj Mittal]

From: Rahul Taya 

Added below patch in libpcre
CVE-2020-14155.patch

This patch fixes below error:
PCRE could allow a remote attacker to execute arbitrary
code on the system, caused by an integer overflow in
libpcre via a large number after (?C substring.
By sending a request with a large number, an attacker
can execute arbitrary code on the system or
cause the application to crash.

Tested-by: Rahul Taya 
Signed-off-by: Saloni Jain 
Signed-off-by: Anuj Mittal 
---
 .../libpcre/libpcre/CVE-2020-14155.patch  | 41 +++
 meta/recipes-support/libpcre/libpcre_8.43.bb  |  1 +
 2 files changed, 42 insertions(+)
 create mode 100644 meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch

diff --git a/meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch 
b/meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch
new file mode 100644
index 00..183512fd7d
--- /dev/null
+++ b/meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch
@@ -0,0 +1,41 @@
+--- pcre-8.43/pcre_compile.c2020-07-05 22:26:25.310501521 +0530
 pcre-8.43/pcre_compile1.c   2020-07-05 22:30:22.254489562 +0530
+
+CVE: CVE-2020-14155
+Upstream-Status: Backport 
[https://vcs.pcre.org/pcre/code/trunk/pcre_compile.c?view=patch=1761=1760=1761]
+Signed-off-by: Rahul Taya
+
+@@ -6,7 +6,7 @@
+ and semantics are as close as possible to those of the Perl 5 language.
+
+Written by Philip Hazel
+-   Copyright (c) 1997-2018 University of Cambridge
++   Copyright (c) 1997-2020 University of Cambridge
+
+ -
+ Redistribution and use in source and binary forms, with or without
+@@ -7130,17 +7130,19 @@
+   int n = 0;
+   ptr++;
+   while(IS_DIGIT(*ptr))
++   {
+ n = n * 10 + *ptr++ - CHAR_0;
++if (n > 255)
++   {
++   *errorcodeptr = ERR38;
++   goto FAILED;
++   }
++}
+   if (*ptr != CHAR_RIGHT_PARENTHESIS)
+ {
+ *errorcodeptr = ERR39;
+ goto FAILED;
+ }
+-  if (n > 255)
+-{
+-*errorcodeptr = ERR38;
+-goto FAILED;
+-}
+   *code++ = n;
+   PUT(code, 0, (int)(ptr - cd->start_pattern + 1)); /* Pattern offset 
*/
+   PUT(code, LINK_SIZE, 0);  /* Default length 
*/
diff --git a/meta/recipes-support/libpcre/libpcre_8.43.bb 
b/meta/recipes-support/libpcre/libpcre_8.43.bb
index b97af08b25..60ece64504 100644
--- a/meta/recipes-support/libpcre/libpcre_8.43.bb
+++ b/meta/recipes-support/libpcre/libpcre_8.43.bb
@@ -12,6 +12,7 @@ SRC_URI = "https://ftp.pcre.org/pub/pcre/pcre-${PV}.tar.bz2 \
file://out-of-tree.patch \
file://run-ptest \
file://Makefile \
+   file://CVE-2020-14155.patch \
 "
 
 SRC_URI[md5sum] = "636222e79e392c3d95dcc545f24f98c4"
-- 
2.26.2

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#141357): 
https://lists.openembedded.org/g/openembedded-core/message/141357
Mute This Topic: https://lists.openembedded.org/mt/76105714/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub  
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH v2 2/2] python3-manifest.json: Updates

[Nathan Rossi]

- Regenerate using create_manifest
- Fix up some indentation compared to generated
- Add "secrets" module into netclient package (introduced in 3.6)
- Move "urllib" python package into core package, it is used more
  commonly than just netclient (e.g. email, xml, mimetypes, pydoc)
- Update compression package dependencies due to some modules moving
  into core package
- Update dependencies due to improvements to get_module_deps handling
  modules of a python package (e.g. ctypes.utils)

Signed-off-by: Nathan Rossi 
---
 .../python/python3/python3-manifest.json   | 66 --
 1 file changed, 48 insertions(+), 18 deletions(-)

diff --git a/meta/recipes-devtools/python/python3/python3-manifest.json 
b/meta/recipes-devtools/python/python3/python3-manifest.json
index 07b084d48c..69aecb7004 100644
--- a/meta/recipes-devtools/python/python3/python3-manifest.json
+++ b/meta/recipes-devtools/python/python3/python3-manifest.json
@@ -285,7 +285,7 @@
 "${libdir}/python${PYTHON_MAJMIN}/operator.py",
 "${libdir}/python${PYTHON_MAJMIN}/optparse.py",
 "${libdir}/python${PYTHON_MAJMIN}/os.py",
-   "${libdir}/python${PYTHON_MAJMIN}/pathlib.py",
+"${libdir}/python${PYTHON_MAJMIN}/pathlib.py",
 "${libdir}/python${PYTHON_MAJMIN}/pkgutil.py",
 "${libdir}/python${PYTHON_MAJMIN}/platform.py",
 "${libdir}/python${PYTHON_MAJMIN}/posixpath.py",
@@ -313,6 +313,8 @@
 "${libdir}/python${PYTHON_MAJMIN}/tokenize.py",
 "${libdir}/python${PYTHON_MAJMIN}/traceback.py",
 "${libdir}/python${PYTHON_MAJMIN}/types.py",
+"${libdir}/python${PYTHON_MAJMIN}/urllib",
+"${libdir}/python${PYTHON_MAJMIN}/urllib/parse.py",
 "${libdir}/python${PYTHON_MAJMIN}/warnings.py",
 "${libdir}/python${PYTHON_MAJMIN}/weakref.py",
 "${prefix}/lib/python${PYTHON_MAJMIN}/config*/*[!.a]"
@@ -359,7 +361,7 @@
 "${libdir}/python${PYTHON_MAJMIN}/__pycache__/operator.*.pyc",
 "${libdir}/python${PYTHON_MAJMIN}/__pycache__/optparse.*.pyc",
 "${libdir}/python${PYTHON_MAJMIN}/__pycache__/os.*.pyc",
-   "${libdir}/python${PYTHON_MAJMIN}/__pycache__/pathlib.*.pyc",
+"${libdir}/python${PYTHON_MAJMIN}/__pycache__/pathlib.*.pyc",
 "${libdir}/python${PYTHON_MAJMIN}/__pycache__/pkgutil.*.pyc",
 "${libdir}/python${PYTHON_MAJMIN}/__pycache__/platform.*.pyc",
 "${libdir}/python${PYTHON_MAJMIN}/__pycache__/posixpath.*.pyc",
@@ -397,7 +399,9 @@
 "${libdir}/python${PYTHON_MAJMIN}/importlib/__pycache__",
 "${libdir}/python${PYTHON_MAJMIN}/importlib/__pycache__/abc.*.pyc",
 
"${libdir}/python${PYTHON_MAJMIN}/importlib/__pycache__/machinery.*.pyc",
-"${libdir}/python${PYTHON_MAJMIN}/importlib/__pycache__/util.*.pyc"
+
"${libdir}/python${PYTHON_MAJMIN}/importlib/__pycache__/util.*.pyc",
+"${libdir}/python${PYTHON_MAJMIN}/urllib/__pycache__",
+"${libdir}/python${PYTHON_MAJMIN}/urllib/__pycache__/parse.*.pyc"
 ]
 },
 "crypt": {
@@ -427,7 +431,10 @@
 "ctypes": {
 "summary": "Python C types support",
 "rdepends": [
-"core"
+"core",
+"crypt",
+"io",
+"math"
 ],
 "files": [
 "${libdir}/python${PYTHON_MAJMIN}/ctypes",
@@ -537,7 +544,10 @@
 "distutils": {
 "summary": "Python Distribution Utilities",
 "rdepends": [
-"core"
+"compression",
+"core",
+"email",
+"stringold"
 ],
 "files": [
 "${libdir}/python${PYTHON_MAJMIN}/distutils"
@@ -548,7 +558,6 @@
 "summary": "Python framework for running examples in docstrings",
 "rdepends": [
 "asyncio",
-"compression",
 "core",
 "debugger",
 "difflib",
@@ -577,7 +586,9 @@
 "datetime",
 "io",
 "math",
-"netclient"
+"mime",
+"netclient",
+"stringold"
 ],
 "files": [
 "${libdir}/python${PYTHON_MAJMIN}/email",
@@ -648,7 +659,6 @@
 "io": {
 "summary": "Python low-level I/O",
 "rdepends": [
-"compression",
 "core",
 "crypt",
 "math",
@@ -690,7 +700,11 @@
 "summary": "Python logging support",
 "rdepends": [
 "core",
-"stringold"
+"io",
+"netserver",
+"pickle",
+"stringold",
+"threading"
 ],
 "files": [
 "${libdir}/python${PYTHON_MAJMIN}/logging"
@@ -824,11 +838,18 @@
 "summary": "Python multiprocessing support",
 "rdepends": [
 "core",
+"crypt",
+ 

[OE-core] [PATCH v2 1/2] python3: Improve handling of python3 manifest generation

[Nathan Rossi]

Specifically cover detection of modules within a python package that do
not import anything within their __init__.py. This is at least the case
with the xmlrpc package which is only used via its modules xmlrpc.server
and xmlrpc.client. Other important corner cases include ctypes.utils
which depends on some modules not used by ctypes.

This is implemented by generally assuming that importing all the modules
of a package (aka *.py within a package, excluding _*.py) will provide
enough information.

Also due to this change some modules import sysconfig, resulting in
sysconfigdata being imported. Handle the conversion of its path to a
wildcard based on the platform dependent name being replaced.

Signed-off-by: Nathan Rossi 
---
Changes in v2:
- Remove duplicate importlib.import_module()
- Only treat imports which are "__init__.py" files as python packages
  for which to import child modules for
- Add additional patch to this series for updating the manifest due to
  the updated dependency logic and other minor fixes
---
 .../python/python3/get_module_deps3.py   | 20 ++--
 .../python/python3/python3-manifest.json |  2 +-
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-devtools/python/python3/get_module_deps3.py 
b/meta/recipes-devtools/python/python3/get_module_deps3.py
index fd12baad84..6806f23172 100644
--- a/meta/recipes-devtools/python/python3/get_module_deps3.py
+++ b/meta/recipes-devtools/python/python3/get_module_deps3.py
@@ -9,6 +9,7 @@
 debug=False
 
 import sys
+import os
 
 # We can get a list of the modules which are currently required to run python
 # so we run python-core and get its modules, we then import what we need
@@ -48,8 +49,19 @@ current_module =  str(sys.argv[1]).rstrip()
 if(debug==True):
 log = open('log_%s' % current_module,'w')
 log.write('Module %s generated the following dependencies:\n' % 
current_module)
-try: 
-importlib.import_module('%s' % current_module)
+try:
+m = importlib.import_module(current_module)
+# handle python packages which may not include all modules in the __init__
+if os.path.basename(m.__file__) == "__init__.py":
+modulepath = os.path.dirname(m.__file__)
+for i in os.listdir(modulepath):
+if i.startswith("_") or not(i.endswith(".py")):
+continue
+submodule = "{}.{}".format(current_module, i[:-3])
+try:
+importlib.import_module(submodule)
+except:
+pass # ignore all import or other exceptions raised during 
import
 except ImportError as e:
 if (debug==True):
 log.write('Module was not found')
@@ -107,6 +119,8 @@ for item in dif:
 dep_path = dep_path.replace(soabi,'*')
 print (dep_path)
 continue
+if "_sysconfigdata" in dep_path:
+dep_path = dep_path.replace(sysconfig._get_sysconfigdata_name(), 
"_sysconfigdata*")
 
 if (debug==True):
 log.write(dep_path+'\n')
@@ -140,6 +154,8 @@ for item in dif:
 log.write(cached)
 cached = fix_path(cached)
 cached = cached.replace(cpython_tag,'*')
+if "_sysconfigdata" in cached:
+cached = cached.replace(sysconfig._get_sysconfigdata_name(), 
"_sysconfigdata*")
 print (cached)
 
 if debug==True:
diff --git a/meta/recipes-devtools/python/python3/python3-manifest.json 
b/meta/recipes-devtools/python/python3/python3-manifest.json
index 3bcc9b8662..07b084d48c 100644
--- a/meta/recipes-devtools/python/python3/python3-manifest.json
+++ b/meta/recipes-devtools/python/python3/python3-manifest.json
@@ -324,7 +324,7 @@
 "${libdir}/python${PYTHON_MAJMIN}/__pycache__/_compression.*.pyc",
 "${libdir}/python${PYTHON_MAJMIN}/__pycache__/_markupbase.*.pyc",
 "${libdir}/python${PYTHON_MAJMIN}/__pycache__/_sitebuiltins.*.pyc",
-
"${libdir}/python${PYTHON_MAJMIN}/__pycache__/_sysconfigdata.*.pyc",
+
"${libdir}/python${PYTHON_MAJMIN}/__pycache__/_sysconfigdata*.*.pyc",
 "${libdir}/python${PYTHON_MAJMIN}/__pycache__/_weakrefset.*.pyc",
 "${libdir}/python${PYTHON_MAJMIN}/__pycache__/abc.*.pyc",
 "${libdir}/python${PYTHON_MAJMIN}/__pycache__/argparse.*.pyc",
---
2.28.0
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#141351): 
https://lists.openembedded.org/g/openembedded-core/message/141351
Mute This Topic: https://lists.openembedded.org/mt/76103240/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub  
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH v2] kernel-fitimage: build configuration for image tree when dtb is not present

[Usama Arif]

On 07/08/2020 22:35, Richard Purdie wrote:

On Thu, 2020-08-06 at 15:16 +0100, Usama Arif wrote:

Hi,

I had submitted patches for both the documentation of kernel-fitimage
in yocto mega manual as well as test for kernel-gitimage in oeqa.
Just wanted to check if there were any review comments for this patch
to progress?


Sorry, I'm a bit backlogged after the infrastructure issues earlier in
the week. At a quick glance the patch looks good, I'll queue for
testing.

Thanks for doing this (and the docs update), its much appreciated and
will ultimately ensure these use cases stay working!

Cheers,

Richard



No problem, it was good to get familiar with the documentation and 
testing side of things.


Thanks for the review!

Regards,
Usama
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#141350): 
https://lists.openembedded.org/g/openembedded-core/message/141350
Mute This Topic: https://lists.openembedded.org/mt/75686575/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub  
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][zeus][PATCH] qemu : fix CVE-2020-15863

[Li Wang]

From: Li Wang 

Signed-off-by: Lee Chee Yang 
Signed-off-by: Richard Purdie 
Signed-off-by: Li Wang 
---
 meta/recipes-devtools/qemu/qemu.inc   |  1 +
 .../qemu/qemu/CVE-2020-15863.patch| 64 +++
 2 files changed, 65 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-15863.patch

diff --git a/meta/recipes-devtools/qemu/qemu.inc 
b/meta/recipes-devtools/qemu/qemu.inc
index 5cdba1f02c..8f40a28780 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -39,6 +39,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
   file://CVE-2020-11869.patch \
file://CVE-2020-13765.patch \
file://CVE-2020-10702.patch \
+   file://CVE-2020-15863.patch \
   "
 UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar"
 
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-15863.patch 
b/meta/recipes-devtools/qemu/qemu/CVE-2020-15863.patch
new file mode 100644
index 00..9927584d11
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-15863.patch
@@ -0,0 +1,64 @@
+From 5519724a13664b43e225ca05351c60b4468e4555 Mon Sep 17 00:00:00 2001
+From: Mauro Matteo Cascella 
+Date: Fri, 10 Jul 2020 11:19:41 +0200
+Subject: [PATCH] hw/net/xgmac: Fix buffer overflow in xgmac_enet_send()
+
+A buffer overflow issue was reported by Mr. Ziming Zhang, CC'd here. It
+occurs while sending an Ethernet frame due to missing break statements
+and improper checking of the buffer size.
+
+Reported-by: Ziming Zhang 
+Signed-off-by: Mauro Matteo Cascella 
+Reviewed-by: Peter Maydell 
+Signed-off-by: Jason Wang 
+
+CVE: CVE-2020-15863
+Upstream-Status: Backport
+[https://git.qemu.org/?p=qemu.git;a=commit;h=5519724a13664b43e225ca05351c60b4468e4555]
+Signed-off-by: Chee Yang Lee 
+Signed-off-by: Li Wang 
+---
+ hw/net/xgmac.c | 14 --
+ 1 file changed, 12 insertions(+), 2 deletions(-)
+
+diff --git a/hw/net/xgmac.c b/hw/net/xgmac.c
+index f49df95..f496f7e 100644
+--- a/hw/net/xgmac.c
 b/hw/net/xgmac.c
+@@ -217,21 +217,31 @@ static void xgmac_enet_send(XgmacState *s)
+ }
+ len = (bd.buffer1_size & 0xfff) + (bd.buffer2_size & 0xfff);
+ 
++/*
++ * FIXME: these cases of malformed tx descriptors (bad sizes)
++ * should probably be reported back to the guest somehow
++ * rather than simply silently stopping processing, but we
++ * don't know what the hardware does in this situation.
++ * This will only happen for buggy guests anyway.
++ */
+ if ((bd.buffer1_size & 0xfff) > 2048) {
+ DEBUGF_BRK("qemu:%s:ERROR...ERROR...ERROR... -- "
+ "xgmac buffer 1 len on send > 2048 (0x%x)\n",
+  __func__, bd.buffer1_size & 0xfff);
++break;
+ }
+ if ((bd.buffer2_size & 0xfff) != 0) {
+ DEBUGF_BRK("qemu:%s:ERROR...ERROR...ERROR... -- "
+ "xgmac buffer 2 len on send != 0 (0x%x)\n",
+ __func__, bd.buffer2_size & 0xfff);
++break;
+ }
+-if (len >= sizeof(frame)) {
++if (frame_size + len >= sizeof(frame)) {
+ DEBUGF_BRK("qemu:%s: buffer overflow %d read into %zu "
+-"buffer\n" , __func__, len, sizeof(frame));
++"buffer\n" , __func__, frame_size + len, 
sizeof(frame));
+ DEBUGF_BRK("qemu:%s: buffer1.size=%d; buffer2.size=%d\n",
+ __func__, bd.buffer1_size, bd.buffer2_size);
++break;
+ }
+ 
+ cpu_physical_memory_read(bd.buffer1_addr, ptr, len);
+-- 
+1.9.1
+
-- 
2.17.1

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#141349): 
https://lists.openembedded.org/g/openembedded-core/message/141349
Mute This Topic: https://lists.openembedded.org/mt/76100594/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub  
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][PATCH] runqemu: fix permission check of /dev/vhost-net

[Chen Qi]

The code should check /dev/vhost-net instead of /dev/kvm. And
the permission check logically belongs to the part when kvm-vhost
is enabled. Also fix the URL to point to the correct wiki page.

Signed-off-by: Chen Qi 
---
 scripts/runqemu | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scripts/runqemu b/scripts/runqemu
index f2168c18a3..c40acc4a86 100755
--- a/scripts/runqemu
+++ b/scripts/runqemu
@@ -585,10 +585,10 @@ class BaseConfig(object):
 logger.error("For further help see:")
 raise RunQemuError(yocto_paravirt_kvm_wiki)
 
-if not os.access(dev_kvm, os.W_OK|os.R_OK):
+if not os.access(dev_vhost, os.W_OK|os.R_OK):
 logger.error("You have no read or write permission on 
/dev/vhost-net.")
 logger.error("Please change the ownership of this file as 
described at:")
-raise RunQemuError(yocto_kvm_wiki)
+raise RunQemuError(yocto_paravirt_kvm_wiki)
 
 def check_fstype(self):
 """Check and setup FSTYPE"""
-- 
2.17.1

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#141348): 
https://lists.openembedded.org/g/openembedded-core/message/141348
Mute This Topic: https://lists.openembedded.org/mt/76099909/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub  
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-