Re: [hardknott][oe-core][PATCH 1/1] util-linux: fix two CVEs

2022-05-11 Thread Randy MacLeod 

On 2022-05-11 18:05, Joe Slater wrote:

Advance to 2.38 to fix CVE-2021-3995 and CVE-2021-3996
by pulling that recipe from master.  The first version
on master to fix these was 2.37.4.

Signed-off-by: Joe Slater 
---
  ...d_2.36.2.bb => util-linux-libuuid_2.38.bb} |   2 +-
  meta/recipes-core/util-linux/util-linux.inc   |  18 ++-
  ...-tags-add-use-system-commands-option.patch |  35 -
  ...RA_LTLIBRARIES-instead-of-noinst_LTL.patch |  49 ---
  .../util-linux/CVE-2021-37600.patch   |  38 -
  .../util-linux/avoid_parallel_tests.patch |  27 ++--
  .../util-linux/util-linux/ptest.patch |  15 +-
  .../util-linux/util-linux/run-ptest   |  24 +---
  ...til-linux_2.36.2.bb => util-linux_2.38.bb} | 130 --
  9 files changed, 98 insertions(+), 240 deletions(-)
  rename meta/recipes-core/util-linux/{util-linux-libuuid_2.36.2.bb => 
util-linux-libuuid_2.38.bb} (95%)
  delete mode 100644 
meta/recipes-core/util-linux/util-linux/0001-tabfiles-tags-add-use-system-commands-option.patch
  delete mode 100644 
meta/recipes-core/util-linux/util-linux/Automake-use-EXTRA_LTLIBRARIES-instead-of-noinst_LTL.patch
  delete mode 100644 
meta/recipes-core/util-linux/util-linux/CVE-2021-37600.patch
  rename meta/recipes-core/util-linux/{util-linux_2.36.2.bb => 
util-linux_2.38.bb} (77%)

...


Joe,

Hardknott is EOL so we'll do this in WR Linux only.

https://wiki.yoctoproject.org/wiki/Releases

--
# Randy MacLeod
# Wind River Linux


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165532): 
https://lists.openembedded.org/g/openembedded-core/message/165532
Mute This Topic: https://lists.openembedded.org/mt/91046551/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[hardknott][oe-core][PATCH 1/1] util-linux: fix two CVEs

2022-05-11 Thread Joe Slater 
Advance to 2.38 to fix CVE-2021-3995 and CVE-2021-3996
by pulling that recipe from master.  The first version
on master to fix these was 2.37.4.

Signed-off-by: Joe Slater 
---
 ...d_2.36.2.bb => util-linux-libuuid_2.38.bb} |   2 +-
 meta/recipes-core/util-linux/util-linux.inc   |  18 ++-
 ...-tags-add-use-system-commands-option.patch |  35 -
 ...RA_LTLIBRARIES-instead-of-noinst_LTL.patch |  49 ---
 .../util-linux/CVE-2021-37600.patch   |  38 -
 .../util-linux/avoid_parallel_tests.patch |  27 ++--
 .../util-linux/util-linux/ptest.patch |  15 +-
 .../util-linux/util-linux/run-ptest   |  24 +---
 ...til-linux_2.36.2.bb => util-linux_2.38.bb} | 130 --
 9 files changed, 98 insertions(+), 240 deletions(-)
 rename meta/recipes-core/util-linux/{util-linux-libuuid_2.36.2.bb => 
util-linux-libuuid_2.38.bb} (95%)
 delete mode 100644 
meta/recipes-core/util-linux/util-linux/0001-tabfiles-tags-add-use-system-commands-option.patch
 delete mode 100644 
meta/recipes-core/util-linux/util-linux/Automake-use-EXTRA_LTLIBRARIES-instead-of-noinst_LTL.patch
 delete mode 100644 meta/recipes-core/util-linux/util-linux/CVE-2021-37600.patch
 rename meta/recipes-core/util-linux/{util-linux_2.36.2.bb => 
util-linux_2.38.bb} (77%)

diff --git a/meta/recipes-core/util-linux/util-linux-libuuid_2.36.2.bb 
b/meta/recipes-core/util-linux/util-linux-libuuid_2.38.bb
similarity index 95%
rename from meta/recipes-core/util-linux/util-linux-libuuid_2.36.2.bb
rename to meta/recipes-core/util-linux/util-linux-libuuid_2.38.bb
index 9612c491cd..5d759aed94 100644
--- a/meta/recipes-core/util-linux/util-linux-libuuid_2.36.2.bb
+++ b/meta/recipes-core/util-linux/util-linux-libuuid_2.38.bb
@@ -9,7 +9,7 @@ S = "${WORKDIR}/util-linux-${PV}"
 EXTRA_OECONF += "--disable-all-programs --enable-libuuid"
 LICENSE = "BSD-3-Clause"
 
-do_install_append() {
+do_install:append() {
rm -rf ${D}${datadir} ${D}${bindir} ${D}${base_bindir} ${D}${sbindir} 
${D}${base_sbindir} ${D}${exec_prefix}/sbin
 }
 
diff --git a/meta/recipes-core/util-linux/util-linux.inc 
b/meta/recipes-core/util-linux/util-linux.inc
index 00b8777b8b..c9bddfb7a6 100644
--- a/meta/recipes-core/util-linux/util-linux.inc
+++ b/meta/recipes-core/util-linux/util-linux.inc
@@ -6,11 +6,11 @@ disk partitioning, kernel message management, filesystem 
creation, and system lo
 
 SECTION = "base"
 
-LICENSE = "GPLv2+ & LGPLv2.1+ & BSD-3-Clause & BSD-4-Clause"
-LICENSE_${PN}-libblkid = "LGPLv2.1+"
-LICENSE_${PN}-libfdisk = "LGPLv2.1+"
-LICENSE_${PN}-libmount = "LGPLv2.1+"
-LICENSE_${PN}-libsmartcols = "LGPLv2.1+"
+LICENSE = "GPL-2.0-or-later & LGPL-2.1-or-later & BSD-3-Clause & BSD-4-Clause"
+LICENSE:${PN}-libblkid = "LGPL-2.1-or-later"
+LICENSE:${PN}-libfdisk = "LGPL-2.1-or-later"
+LICENSE:${PN}-libmount = "LGPL-2.1-or-later"
+LICENSE:${PN}-libsmartcols = "LGPL-2.1-or-later"
 
 LIC_FILES_CHKSUM = 
"file://README.licensing;md5=0fd5c050c6187d2bf0a4492b7f4e33da \
 file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
@@ -25,7 +25,7 @@ LIC_FILES_CHKSUM = 
"file://README.licensing;md5=0fd5c050c6187d2bf0a4492b7f4e33da
 
file://libsmartcols/COPYING;md5=693bcbbe16d3a4a4b37bc906bc01cc04 \
 "
 
-FILESEXTRAPATHS_prepend := "${THISDIR}/util-linux:"
+FILESEXTRAPATHS:prepend := "${THISDIR}/util-linux:"
 MAJOR_VERSION = "${@'.'.join(d.getVar('PV').split('.')[0:2])}"
 SRC_URI = 
"${KERNELORG_MIRROR}/linux/utils/util-linux/v${MAJOR_VERSION}/util-linux-${PV}.tar.xz
 \
file://configure-sbindir.patch \
@@ -35,8 +35,6 @@ SRC_URI = 
"${KERNELORG_MIRROR}/linux/utils/util-linux/v${MAJOR_VERSION}/util-lin
file://run-ptest \
file://display_testname_for_subtest.patch \
file://avoid_parallel_tests.patch \
-   file://Automake-use-EXTRA_LTLIBRARIES-instead-of-noinst_LTL.patch \
-   file://CVE-2021-37600.patch \
-   file://0001-tabfiles-tags-add-use-system-commands-option.patch \
"
-SRC_URI[sha256sum] = 
"f7516ba9d8689343594356f0e5e1a5f0da34adfbc89023437735872bb5024c5f"
+
+SRC_URI[sha256sum] = 
"6d111cbe4d55b336db2f1fbeffbc65b89908704c01136371d32aa9bec373eb64"
diff --git 
a/meta/recipes-core/util-linux/util-linux/0001-tabfiles-tags-add-use-system-commands-option.patch
 
b/meta/recipes-core/util-linux/util-linux/0001-tabfiles-tags-add-use-system-commands-option.patch
deleted file mode 100644
index 9f5a3c2d02..00
--- 
a/meta/recipes-core/util-linux/util-linux/0001-tabfiles-tags-add-use-system-commands-option.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From be3ecff8b1bc1de4d29ca6381ee9ab42e6c15947 Mon Sep 17 00:00:00 2001
-From: Mingli Yu 
-Date: Fri, 12 Nov 2021 15:33:53 +0800
-Subject: [PATCH] tabfiles-tags: add use-system-commands option
-
-Pass --use-system-commands option to make blkid command available
-Fixes:
- # ./ts/libmount/tabfiles-tags
- [snip]
- ./ts/libmount/../../functions.sh: line 652: 
/usr/lib64/util-linux/ptest/blkid: No such file or