[Honister 0/7] Patch review

[Honister 0/7] Patch review

[Armin Kuster]

Please have comments back by Dec 31st.

The following changes since commit ae34f8f8e4f7210e4e86656a5dd9fb9bc1766ce1:

  googletest: Switch branch from master to main (2021-12-18 11:23:46 -0800)

are available in the Git repository at:

  git://git.openembedded.org/meta-openembedded-contrib stable/honister-nut
  http://cgit.openembedded.org/meta-openembedded-contrib/log/?h=stable/honister-nut

Changqing Li (1):
  postgresql: fix CVE-2021-23214,CVE-2021-23222

Trevor Gamblin (1):
  python3-django: upgrade 3.2.5 -> 3.2.10

Yi Zhao (2):
  postfix: upgrade 3.6.2 -> 3.6.3
  openipmi: upgrade 2.0.31 -> 2.0.32

wangmy (1):
  libfile-slurper-perl: upgrade 0.012 -> 0.013

zhengruoqin (2):
  openvpn: upgrade 2.5.4 -> 2.5.5
  libnet-dns-perl: upgrade 1.32 -> 1.33

 .../{postfix_3.6.2.bb => postfix_3.6.3.bb}    |   2 +-
 ...{openipmi_2.0.31.bb => openipmi_2.0.32.bb} |   4 +-
 .../{openvpn_2.5.4.bb => openvpn_2.5.5.bb}    |   2 +-
 .../postgresql/files/CVE-2021-23214.patch     | 116 ++++++++++++++++
 .../postgresql/files/CVE-2021-23222.patch     | 131 ++++++++++++++++++
 .../recipes-dbs/postgresql/postgresql_13.4.bb |   2 +
 ...0.012.bb => libfile-slurper-perl_0.013.bb} |   3 +-
 ...s-perl_1.32.bb => libnet-dns-perl_1.33.bb} |   4 +-
 ...ango_3.2.5.bb => python3-django_3.2.10.bb} |   2 +-
 9 files changed, 257 insertions(+), 9 deletions(-)
 rename meta-networking/recipes-daemons/postfix/{postfix_3.6.2.bb => postfix_3.6.3.bb} (89%)
 rename meta-networking/recipes-support/openipmi/{openipmi_2.0.31.bb => openipmi_2.0.32.bb} (96%)
 rename meta-networking/recipes-support/openvpn/{openvpn_2.5.4.bb => openvpn_2.5.5.bb} (97%)
 create mode 100644 meta-oe/recipes-dbs/postgresql/files/CVE-2021-23214.patch
 create mode 100644 meta-oe/recipes-dbs/postgresql/files/CVE-2021-23222.patch
 rename meta-perl/recipes-perl/libfile/{libfile-slurper-perl_0.012.bb => libfile-slurper-perl_0.013.bb} (88%)
 rename meta-perl/recipes-perl/libnet/{libnet-dns-perl_1.32.bb => libnet-dns-perl_1.33.bb} (93%)
 rename meta-python/recipes-devtools/python/{python3-django_3.2.5.bb => python3-django_3.2.10.bb} (77%)

-- 
2.25.1

[Honister 2/7] postgresql: fix CVE-2021-23214,CVE-2021-23222

[Armin Kuster]

From: Changqing Li <changqing.li@windriver.com>

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 8e57fb9b1e4da504ceeaadcff2fe38555a47b6b6)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../postgresql/files/CVE-2021-23214.patch     | 116 ++++++++++++++++
 .../postgresql/files/CVE-2021-23222.patch     | 131 ++++++++++++++++++
 .../recipes-dbs/postgresql/postgresql_13.4.bb |   2 +
 3 files changed, 249 insertions(+)
 create mode 100644 meta-oe/recipes-dbs/postgresql/files/CVE-2021-23214.patch
 create mode 100644 meta-oe/recipes-dbs/postgresql/files/CVE-2021-23222.patch

diff --git a/meta-oe/recipes-dbs/postgresql/files/CVE-2021-23214.patch b/meta-oe/recipes-dbs/postgresql/files/CVE-2021-23214.patch
new file mode 100644
index 0000000000..58bf810626
--- /dev/null
+++ b/meta-oe/recipes-dbs/postgresql/files/CVE-2021-23214.patch
@@ -0,0 +1,116 @@
+From 24c2b9e42edb6d2f4ef2cead3b0aa1d6196adfce Mon Sep 17 00:00:00 2001
+From: Tom Lane <tgl@sss.pgh.pa.us>
+Date: Mon, 8 Nov 2021 11:01:43 -0500
+Subject: [PATCH 2/2] Reject extraneous data after SSL or GSS encryption
+ handshake.
+
+The server collects up to a bufferload of data whenever it reads data
+from the client socket.  When SSL or GSS encryption is requested
+during startup, any additional data received with the initial
+request message remained in the buffer, and would be treated as
+already-decrypted data once the encryption handshake completed.
+Thus, a man-in-the-middle with the ability to inject data into the 
+TCP connection could stuff some cleartext data into the start of
+a supposedly encryption-protected database session.
+
+This could be abused to send faked SQL commands to the server,
+although that would only work if the server did not demand any 
+authentication data.  (However, a server relying on SSL certificate
+authentication might well not do so.)
+
+To fix, throw a protocol-violation error if the internal buffer
+is not empty after the encryption handshake.
+
+Our thanks to Jacob Champion for reporting this problem.
+
+Security: CVE-2021-23214
+
+Upstream-Status: Backport[https://github.com/postgres/postgres/commit/28e24125541545483093819efae9bca603441951]
+CVE: CVE-2021-23214
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+
+---
+ src/backend/libpq/pqcomm.c          | 11 +++++++++++
+ src/backend/postmaster/postmaster.c | 23 ++++++++++++++++++++++-
+ src/include/libpq/libpq.h           |  1 +
+ 3 files changed, 34 insertions(+), 1 deletion(-)
+
+diff --git a/src/backend/libpq/pqcomm.c b/src/backend/libpq/pqcomm.c
+index ee2cd86..4dd1c02 100644
+--- a/src/backend/libpq/pqcomm.c
++++ b/src/backend/libpq/pqcomm.c
+@@ -1183,6 +1183,17 @@ pq_getstring(StringInfo s)
+ 	}
+ }
+ 
++/* -------------------------------
++ *             pq_buffer_has_data              - is any buffered data available to read?
++ *
++ * This will *not* attempt to read more data.
++ * --------------------------------
++ */
++bool
++pq_buffer_has_data(void)
++{
++	return (PqRecvPointer < PqRecvLength);
++}
+ 
+ /* --------------------------------
+  *		pq_startmsgread - begin reading a message from the client.
+diff --git a/src/backend/postmaster/postmaster.c b/src/backend/postmaster/postmaster.c
+index 5775fc0..1fcc3f8 100644
+--- a/src/backend/postmaster/postmaster.c
++++ b/src/backend/postmaster/postmaster.c
+@@ -2049,6 +2049,17 @@ retry1:
+ 			return STATUS_ERROR;
+ #endif
+ 
++		/*
++		* At this point we should have no data already buffered.  If we do,
++		* it was received before we performed the SSL handshake, so it wasn't
++		* encrypted and indeed may have been injected by a man-in-the-middle.
++		* We report this case to the client.
++		*/
++		if (pq_buffer_has_data())
++			ereport(FATAL,
++				(errcode(ERRCODE_PROTOCOL_VIOLATION),
++				errmsg("received unencrypted data after SSL request"),
++				errdetail("This could be either a client-software bug or evidence of an attempted man-in-the-middle attack.")));
+ 		/*
+ 		 * regular startup packet, cancel, etc packet should follow, but not
+ 		 * another SSL negotiation request, and a GSS request should only
+@@ -2080,7 +2091,17 @@ retry1:
+ 		if (GSSok == 'G' && secure_open_gssapi(port) == -1)
+ 			return STATUS_ERROR;
+ #endif
+-
++		/*
++		* At this point we should have no data already buffered.  If we do,
++		* it was received before we performed the GSS handshake, so it wasn't
++		* encrypted and indeed may have been injected by a man-in-the-middle.
++		* We report this case to the client.
++		*/
++		if (pq_buffer_has_data())
++			ereport(FATAL,
++				(errcode(ERRCODE_PROTOCOL_VIOLATION),
++				errmsg("received unencrypted data after GSSAPI encryption request"),
++				errdetail("This could be either a client-software bug or evidence of an attempted man-in-the-middle attack.")));
+ 		/*
+ 		 * regular startup packet, cancel, etc packet should follow, but not
+ 		 * another GSS negotiation request, and an SSL request should only
+diff --git a/src/include/libpq/libpq.h b/src/include/libpq/libpq.h
+index b115247..9969692 100644
+--- a/src/include/libpq/libpq.h
++++ b/src/include/libpq/libpq.h
+@@ -73,6 +73,7 @@ extern int	pq_getbyte(void);
+ extern int	pq_peekbyte(void);
+ extern int	pq_getbyte_if_available(unsigned char *c);
+ extern int	pq_putbytes(const char *s, size_t len);
++extern bool pq_buffer_has_data(void);
+ 
+ /*
+  * prototypes for functions in be-secure.c
+-- 
+2.17.1
+
diff --git a/meta-oe/recipes-dbs/postgresql/files/CVE-2021-23222.patch b/meta-oe/recipes-dbs/postgresql/files/CVE-2021-23222.patch
new file mode 100644
index 0000000000..42b78539b4
--- /dev/null
+++ b/meta-oe/recipes-dbs/postgresql/files/CVE-2021-23222.patch
@@ -0,0 +1,131 @@
+From 79125ead2a6a234086844bb42f06d49603fe6ca0 Mon Sep 17 00:00:00 2001
+From: Tom Lane <tgl@sss.pgh.pa.us>
+Date: Mon, 8 Nov 2021 11:14:56 -0500
+Subject: [PATCH 1/2] libpq: reject extraneous data after SSL or GSS encryption
+ handshake.
+
+libpq collects up to a bufferload of data whenever it reads data from
+the socket.  When SSL or GSS encryption is requested during startup,
+any additional data received with the server's yes-or-no reply
+remained in the buffer, and would be treated as already-decrypted data
+once the encryption handshake completed.  Thus, a man-in-the-middle
+with the ability to inject data into the TCP connection could stuff
+some cleartext data into the start of a supposedly encryption-protected
+database session.
+
+This could probably be abused to inject faked responses to the
+client's first few queries, although other details of libpq's behavior
+make that harder than it sounds.  A different line of attack is to
+exfiltrate the client's password, or other sensitive data that might
+be sent early in the session.  That has been shown to be possible with
+a server vulnerable to CVE-2021-23214.
+
+To fix, throw a protocol-violation error if the internal buffer
+is not empty after the encryption handshake.
+
+Our thanks to Jacob Champion for reporting this problem.
+
+Security: CVE-2021-23222
+
+Upstream-Status: Backport[https://github.com/postgres/postgres/commit/160c0258802d10b0600d7671b1bbea55d8e17d45]
+CVE: CVE-2021-23222
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ doc/src/sgml/protocol.sgml        | 28 ++++++++++++++++++++++++++++
+ src/interfaces/libpq/fe-connect.c | 26 ++++++++++++++++++++++++++
+ 2 files changed, 54 insertions(+)
+
+diff --git a/doc/src/sgml/protocol.sgml b/doc/src/sgml/protocol.sgml
+index e26619e1b5..b692648fca 100644
+--- a/doc/src/sgml/protocol.sgml
++++ b/doc/src/sgml/protocol.sgml
+@@ -1471,6 +1471,20 @@ SELCT 1/0;<!-- this typo is intentional -->
+     and proceed without requesting <acronym>SSL</acronym>.
+    </para>
+ 
++   <para>
++    When <acronym>SSL</acronym> encryption can be performed, the server
++    is expected to send only the single <literal>S</literal> byte and then
++    wait for the frontend to initiate an <acronym>SSL</acronym> handshake.
++    If additional bytes are available to read at this point, it likely
++    means that a man-in-the-middle is attempting to perform a
++    buffer-stuffing attack
++    (<ulink url="https://www.postgresql.org/support/security/CVE-2021-23222/">CVE-2021-23222</ulink>).
++    Frontends should be coded either to read exactly one byte from the
++    socket before turning the socket over to their SSL library, or to
++    treat it as a protocol violation if they find they have read additional
++    bytes.
++   </para>
++
+    <para>
+     An initial SSLRequest can also be used in a connection that is being
+     opened to send a CancelRequest message.
+@@ -1532,6 +1546,20 @@ SELCT 1/0;<!-- this typo is intentional -->
+     encryption.
+    </para>
+ 
++   <para>
++    When <acronym>GSSAPI</acronym> encryption can be performed, the server
++    is expected to send only the single <literal>G</literal> byte and then
++    wait for the frontend to initiate a <acronym>GSSAPI</acronym> handshake.
++    If additional bytes are available to read at this point, it likely
++    means that a man-in-the-middle is attempting to perform a
++    buffer-stuffing attack
++    (<ulink url="https://www.postgresql.org/support/security/CVE-2021-23222/">CVE-2021-23222</ulink>).
++    Frontends should be coded either to read exactly one byte from the
++    socket before turning the socket over to their GSSAPI library, or to
++    treat it as a protocol violation if they find they have read additional
++    bytes.
++   </para>
++
+    <para>
+     An initial GSSENCRequest can also be used in a connection that is being
+     opened to send a CancelRequest message.
+diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c
+index f80f4e98d8..57aee95183 100644
+--- a/src/interfaces/libpq/fe-connect.c
++++ b/src/interfaces/libpq/fe-connect.c
+@@ -3076,6 +3076,19 @@ keep_going:						/* We will come back to here until there is
+ 				pollres = pqsecure_open_client(conn);
+ 				if (pollres == PGRES_POLLING_OK)
+ 				{
++					/*
++					 * At this point we should have no data already buffered.
++					 * If we do, it was received before we performed the SSL
++					 * handshake, so it wasn't encrypted and indeed may have
++					 * been injected by a man-in-the-middle.
++					 */
++					if (conn->inCursor != conn->inEnd)
++					{
++						appendPQExpBufferStr(&conn->errorMessage,
++											 libpq_gettext("received unencrypted data after SSL response\n"));
++						goto error_return;
++					}
++
+ 					/* SSL handshake done, ready to send startup packet */
+ 					conn->status = CONNECTION_MADE;
+ 					return PGRES_POLLING_WRITING;
+@@ -3175,6 +3188,19 @@ keep_going:						/* We will come back to here until there is
+ 				pollres = pqsecure_open_gss(conn);
+ 				if (pollres == PGRES_POLLING_OK)
+ 				{
++					/*
++					 * At this point we should have no data already buffered.
++					 * If we do, it was received before we performed the GSS
++					 * handshake, so it wasn't encrypted and indeed may have
++					 * been injected by a man-in-the-middle.
++					 */
++					if (conn->inCursor != conn->inEnd)
++					{
++						appendPQExpBufferStr(&conn->errorMessage,
++											 libpq_gettext("received unencrypted data after GSSAPI encryption response\n"));
++						goto error_return;
++					}
++
+ 					/* All set for startup packet */
+ 					conn->status = CONNECTION_MADE;
+ 					return PGRES_POLLING_WRITING;
+-- 
+2.17.1
+
diff --git a/meta-oe/recipes-dbs/postgresql/postgresql_13.4.bb b/meta-oe/recipes-dbs/postgresql/postgresql_13.4.bb
index f63d23dbef..2ed0fa49bb 100644
--- a/meta-oe/recipes-dbs/postgresql/postgresql_13.4.bb
+++ b/meta-oe/recipes-dbs/postgresql/postgresql_13.4.bb
@@ -7,6 +7,8 @@ SRC_URI += "\
    file://0001-Add-support-for-RISC-V.patch \
    file://0001-Improve-reproducibility.patch \
    file://0001-configure.in-bypass-autoconf-2.69-version-check.patch \
+   file://CVE-2021-23214.patch \
+   file://CVE-2021-23222.patch \
 "
 
 SRC_URI[sha256sum] = "ea93e10390245f1ce461a54eb5f99a48d8cabd3a08ce4d652ec2169a357bc0cd"
-- 
2.25.1

[Honister 3/7] openvpn: upgrade 2.5.4 -> 2.5.5

[Armin Kuster]

From: zhengruoqin <zhengrq.fnst@fujitsu.com>

Changelog:
=========
 Fix error in example firewall.sh script
 configure: remove useless -Wno-* from default CFLAGS
 Add argv_insert_head__empty_argv__head_only to argv tests
 Move deprecation of SWEET32/64bit block size ciphers to 2.7
 Include --push-remove in the output of --help.
 Move '--push-peer-info' documentation from 'server' to 'client options'
 add test case(s) to notice 'openvpn --show-cipher' crashing
 BUILD: enable CFG and Spectre mitigation for MSVC
 Fix loading PKCS12 files on Windows
 msvc: fix product version display
 msvc: add missing header to project file
 config-msvc.h: fix OpenSSL-related defines
 contrib/vcpkg-ports: remove openssl port
 GitHub Actions: use latest working lukka/run-vcpkg
 Use network address for emulated DHCP server as a default
 Load OpenSSL config on Windows from trusted location
 ring_buffer.h: fix GCC warning about unused function
 ssh_openssl.h: remove unused declaration
 vcpkg/pkcs11-helper: compatibility with latest vcpkg
 config-msvc.h: indicate key material export support
 Don't use BF-CBC in unit tests if we don't have it
 Define have_blowfish variable in ncp unit tests
 doc link-options.rst: Use free open-source dynamic-DNS provider URL
 Fix some more wrong defines in config-msvc.h
 Ensure the current common_name is in the environment for scripts
 Require EC key support in Windows builds
 resolvconf fails with -p
 Update IRC information in CONTRIBUTING.rst
 doc/man (vpn-network-options): fix foreign_option_{n} typo
 README.down-root: Fix plugin module name

Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 2867330535cd93067d1fc005f0cdf5984a4c43fb)
[2.5.x is a stable branch]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../openvpn/{openvpn_2.5.4.bb => openvpn_2.5.5.bb}              | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta-networking/recipes-support/openvpn/{openvpn_2.5.4.bb => openvpn_2.5.5.bb} (97%)

diff --git a/meta-networking/recipes-support/openvpn/openvpn_2.5.4.bb b/meta-networking/recipes-support/openvpn/openvpn_2.5.5.bb
similarity index 97%
rename from meta-networking/recipes-support/openvpn/openvpn_2.5.4.bb
rename to meta-networking/recipes-support/openvpn/openvpn_2.5.5.bb
index 6b588a5f50..2dc3af6bf9 100644
--- a/meta-networking/recipes-support/openvpn/openvpn_2.5.4.bb
+++ b/meta-networking/recipes-support/openvpn/openvpn_2.5.5.bb
@@ -14,7 +14,7 @@ SRC_URI = "http://swupdate.openvpn.org/community/releases/${BP}.tar.gz \
 
 UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads"
 
-SRC_URI[sha256sum] = "f80f3c3df1b94a8892ae547df84f152583250684a24bd022ccc98ef56fa93d97"
+SRC_URI[sha256sum] = "7500df4734173bce2e95b5039079119dacaff121650b2b6ca76d2dc68bdac1c5"
 
 # CVE-2020-7224 and CVE-2020-27569 are for Aviatrix OpenVPN client, not for openvpn.
 CVE_CHECK_WHITELIST += "CVE-2020-7224 CVE-2020-27569"
-- 
2.25.1

[Honister 4/7] postfix: upgrade 3.6.2 -> 3.6.3

[Armin Kuster]

From: Yi Zhao <yi.zhao@windriver.com>

Release Notes:
http://www.postfix.org/announcements/postfix-3.6.3.html

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 45fee2d0cec121808c6dda150b0d9ab990c74a72)
[3.6.x is a stable release]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../postfix/{postfix_3.6.2.bb => postfix_3.6.3.bb}              | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta-networking/recipes-daemons/postfix/{postfix_3.6.2.bb => postfix_3.6.3.bb} (89%)

diff --git a/meta-networking/recipes-daemons/postfix/postfix_3.6.2.bb b/meta-networking/recipes-daemons/postfix/postfix_3.6.3.bb
similarity index 89%
rename from meta-networking/recipes-daemons/postfix/postfix_3.6.2.bb
rename to meta-networking/recipes-daemons/postfix/postfix_3.6.3.bb
index 982544d5ca..98005797d9 100644
--- a/meta-networking/recipes-daemons/postfix/postfix_3.6.2.bb
+++ b/meta-networking/recipes-daemons/postfix/postfix_3.6.3.bb
@@ -15,5 +15,5 @@ SRC_URI += "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-${P
            file://0001-makedefs-add-lnsl-and-lresolv-to-SYSLIBS-by-default.patch \
            file://0007-correct-signature-of-closefrom-API.patch \
            "
-SRC_URI[sha256sum] = "507323d20d7b3f705f49cf8c07d437c6d8090bed07e15a3c0ec405edad54a7d4"
+SRC_URI[sha256sum] = "0f1241d456a0158e0c418abf62c52c2ff83f8f1dcf2fbdd4c40765b67789b1bc"
 UPSTREAM_CHECK_REGEX = "postfix\-(?P<pver>3\.6(\.\d+)+).tar.gz"
-- 
2.25.1

[Honister 5/7] openipmi: upgrade 2.0.31 -> 2.0.32

[Armin Kuster]

From: Yi Zhao <yi.zhao@windriver.com>

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 35aa5959c6bc2fa0458b90f4892cffd1da8189f0)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../openipmi/{openipmi_2.0.31.bb => openipmi_2.0.32.bb}       | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta-networking/recipes-support/openipmi/{openipmi_2.0.31.bb => openipmi_2.0.32.bb} (96%)

diff --git a/meta-networking/recipes-support/openipmi/openipmi_2.0.31.bb b/meta-networking/recipes-support/openipmi/openipmi_2.0.32.bb
similarity index 96%
rename from meta-networking/recipes-support/openipmi/openipmi_2.0.31.bb
rename to meta-networking/recipes-support/openipmi/openipmi_2.0.32.bb
index ecc98dd8be..0b4244022e 100644
--- a/meta-networking/recipes-support/openipmi/openipmi_2.0.31.bb
+++ b/meta-networking/recipes-support/openipmi/openipmi_2.0.32.bb
@@ -35,8 +35,8 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/openipmi/OpenIPMI-${PV}.tar.gz \
 
 S = "${WORKDIR}/OpenIPMI-${PV}"
 
-SRC_URI[md5sum] = "ce8eb27da016dcad7543d0128fcb3b0a"
-SRC_URI[sha256sum] = "7052f37726ff454b0dcac49f35dd030bc12c9570ca0ba5cd2d17774b8e9d9717"
+SRC_URI[md5sum] = "532404c9df7d0e8bde975b95b9e6775b"
+SRC_URI[sha256sum] = "f6d0fd4c0a74b05f80907229d0b270f54ca23294bcc11979f8b8d12766786945"
 
 inherit autotools-brokensep pkgconfig python3native perlnative update-rc.d systemd cpan-base python3targetconfig
 
-- 
2.25.1

[Honister 6/7] libfile-slurper-perl: upgrade 0.012 -> 0.013

[Armin Kuster]

From: wangmy <wangmy@fujitsu.com>

Changelog:
=========
Always split on newlines in read_lines

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d830b7ad4a957a4667d000f840d9442db13250d2)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 ...ile-slurper-perl_0.012.bb => libfile-slurper-perl_0.013.bb} | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)
 rename meta-perl/recipes-perl/libfile/{libfile-slurper-perl_0.012.bb => libfile-slurper-perl_0.013.bb} (88%)

diff --git a/meta-perl/recipes-perl/libfile/libfile-slurper-perl_0.012.bb b/meta-perl/recipes-perl/libfile/libfile-slurper-perl_0.013.bb
similarity index 88%
rename from meta-perl/recipes-perl/libfile/libfile-slurper-perl_0.012.bb
rename to meta-perl/recipes-perl/libfile/libfile-slurper-perl_0.013.bb
index 4a2cb73e86..c7e5c56b6e 100644
--- a/meta-perl/recipes-perl/libfile/libfile-slurper-perl_0.012.bb
+++ b/meta-perl/recipes-perl/libfile/libfile-slurper-perl_0.013.bb
@@ -13,8 +13,7 @@ file://${COMMON_LICENSE_DIR}/GPL-1.0-or-later;md5=30c0b8a5048cc2f4be5ff15ef0d8cf
 
 SRC_URI = "${CPAN_MIRROR}/authors/id/L/LE/LEONT/File-Slurper-${PV}.tar.gz"
 
-SRC_URI[md5sum] = "5742c63096392dfee50b8db314bcca18"
-SRC_URI[sha256sum] = "4efb2ea416b110a1bda6f8133549cc6ea3676402e3caf7529fce0313250aa578"
+SRC_URI[sha256sum] = "e2f6a4029a6a242d50054044f1fb86770b9b5cc4daeb1a967f91ffb42716a8c5"
 RDEPENDS:${PN} = " \
     perl-module-carp \
     perl-module-encode \
-- 
2.25.1

[Honister 7/7] libnet-dns-perl: upgrade 1.32 -> 1.33

[Armin Kuster]

From: zhengruoqin <zhengrq.fnst@fujitsu.com>

License-Update:
  change "the above copyright" to "the original copyright"

Changelog:
=========
Fix rt.cpan.org #137768

	Test t/05-SVCB.t on Perl 5.18.0 fails with deep recursion.

Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 347a9d7456fbc705c58113adf397025a0cd12e24)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../{libnet-dns-perl_1.32.bb => libnet-dns-perl_1.33.bb}      | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta-perl/recipes-perl/libnet/{libnet-dns-perl_1.32.bb => libnet-dns-perl_1.33.bb} (93%)

diff --git a/meta-perl/recipes-perl/libnet/libnet-dns-perl_1.32.bb b/meta-perl/recipes-perl/libnet/libnet-dns-perl_1.33.bb
similarity index 93%
rename from meta-perl/recipes-perl/libnet/libnet-dns-perl_1.32.bb
rename to meta-perl/recipes-perl/libnet/libnet-dns-perl_1.33.bb
index 7e485bece5..2c7d793a7b 100644
--- a/meta-perl/recipes-perl/libnet/libnet-dns-perl_1.32.bb
+++ b/meta-perl/recipes-perl/libnet/libnet-dns-perl_1.33.bb
@@ -3,13 +3,13 @@ HOMEPAGE = "http://www.net-dns.org/"
 SECTION = "libs"
 LICENSE = "MIT"
 
-LIC_FILES_CHKSUM = "file://README;beginline=252;endline=269;md5=27db37b42cd1a5173a53922d67072bcb"
+LIC_FILES_CHKSUM = "file://README;beginline=252;endline=269;md5=de95b6a896d5f861d724ea854d316a0b"
 
 DEPENDS += "perl"
 
 SRC_URI = "http://search.cpan.org/CPAN/authors/id/N/NL/NLNETLABS/Net-DNS-${PV}.tar.gz"
 
-SRC_URI[sha256sum] = "b890a7b44d573f27cc713caadf1e12eaaa4478a6504d1157194df614316b5b50"
+SRC_URI[sha256sum] = "5a40e7cf524e4bd2c33cf03b82b47d5308b712083aa5ee180b0b5af54c71fbd2"
 
 UPSTREAM_CHECK_REGEX = "Net\-DNS\-(?P<pver>(\d+\.\d+))(?!_\d+).tar"
 
-- 
2.25.1