* [PATCH 01/13] python: update to 2.7.17
@ 2019-11-18 14:28 Alexander Kanavin
2019-11-18 14:28 ` [PATCH 02/13] runqemu: add options that enable virgl with the SDL frontend Alexander Kanavin
` (11 more replies)
0 siblings, 12 replies; 29+ messages in thread
From: Alexander Kanavin @ 2019-11-18 14:28 UTC (permalink / raw)
To: openembedded-core
Drop backports, rebase a couple of patches.
This is the second last release of py 2.x; upstream support ends on
1 January 2020, there will be one final 2.x afterwards.
Note that the only thing that still needs python 2.x in oe-core is
u-boot; when the next u-boot update arrives, we should find out
where the py3 migration is for that component before merging the
update.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
---
...-fix-one-do_populate_sysroot-warning.patch | 25 +-
...tive_2.7.16.bb => python-native_2.7.17.bb} | 2 +-
meta/recipes-devtools/python/python.inc | 10 +-
...nt-parse-domains-containing-GH-13079.patch | 90 --------
...cape-the-server-title-of-DocXMLRPCSe.patch | 101 --------
...Resolve-intermediate-staging-issues.patch} | 53 +++--
.../python/python/CVE-2018-20852.patch | 123 ----------
.../python/python/CVE-2019-9740.patch | 216 ------------------
.../python/bpo-35907-cve-2019-9948-fix.patch | 55 -----
.../python/bpo-35907-cve-2019-9948.patch | 55 -----
.../python/bpo-36216-cve-2019-9636-fix.patch | 28 ---
.../python/bpo-36216-cve-2019-9636.patch | 111 ---------
.../python/bpo-36742-cve-2019-10160.patch | 81 -------
.../{python_2.7.16.bb => python_2.7.17.bb} | 3 -
14 files changed, 49 insertions(+), 904 deletions(-)
rename meta/recipes-devtools/python/{python-native_2.7.16.bb => python-native_2.7.17.bb} (97%)
delete mode 100644 meta/recipes-devtools/python/python/0001-2.7-bpo-34155-Dont-parse-domains-containing-GH-13079.patch
delete mode 100644 meta/recipes-devtools/python/python/0001-2.7-bpo-38243-Escape-the-server-title-of-DocXMLRPCSe.patch
rename meta/recipes-devtools/python/python/{builddir.patch => 0001-python-Resolve-intermediate-staging-issues.patch} (58%)
delete mode 100644 meta/recipes-devtools/python/python/CVE-2018-20852.patch
delete mode 100644 meta/recipes-devtools/python/python/CVE-2019-9740.patch
delete mode 100644 meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948-fix.patch
delete mode 100644 meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948.patch
delete mode 100644 meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636-fix.patch
delete mode 100644 meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636.patch
delete mode 100644 meta/recipes-devtools/python/python/bpo-36742-cve-2019-10160.patch
rename meta/recipes-devtools/python/{python_2.7.16.bb => python_2.7.17.bb} (97%)
diff --git a/meta/recipes-devtools/python/python-native/0001-python-native-fix-one-do_populate_sysroot-warning.patch b/meta/recipes-devtools/python/python-native/0001-python-native-fix-one-do_populate_sysroot-warning.patch
index 989818927d4..707ee596fa4 100644
--- a/meta/recipes-devtools/python/python-native/0001-python-native-fix-one-do_populate_sysroot-warning.patch
+++ b/meta/recipes-devtools/python/python-native/0001-python-native-fix-one-do_populate_sysroot-warning.patch
@@ -1,4 +1,4 @@
-From 12292444e1b3662b994bc223d92b8338fb0895ff Mon Sep 17 00:00:00 2001
+From 6cbb7529cf7ff0da3ca649fb3486facd9620d625 Mon Sep 17 00:00:00 2001
From: Changqing Li <changqing.li@windriver.com>
Date: Thu, 25 Oct 2018 07:32:14 +0000
Subject: [PATCH] python-native: fix one do_populate_sysroot warning
@@ -17,23 +17,24 @@ when do_populate_sysroot. use append to fix it.
Upstream-Status: Inappropriate [oe-specific]
Signed-off-by: Changqing Li <changqing.li@windriver.com>
+
---
setup.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/setup.py b/setup.py
-index 7bf13ed..6c0f29b 100644
+index a2c8127..22f9e23 100644
--- a/setup.py
+++ b/setup.py
-@@ -40,7 +40,7 @@ def add_dir_to_list(dirlist, dir):
- 1) 'dir' is not already in 'dirlist'
- 2) 'dir' actually exists, and is a directory."""
- if dir is not None and os.path.isdir(dir) and dir not in dirlist:
-- dirlist.insert(0, dir)
-+ dirlist.append(dir)
-
- def macosx_sdk_root():
- """
+@@ -47,7 +47,7 @@ def add_dir_to_list(dirlist, dir):
+ else:
+ dir_exists = os.path.isdir(dir)
+ if dir_exists:
+- dirlist.insert(0, dir)
++ dirlist.append(dir)
+
+ MACOS_SDK_ROOT = None
+
--
-2.18.0
+2.17.1
diff --git a/meta/recipes-devtools/python/python-native_2.7.16.bb b/meta/recipes-devtools/python/python-native_2.7.17.bb
similarity index 97%
rename from meta/recipes-devtools/python/python-native_2.7.16.bb
rename to meta/recipes-devtools/python/python-native_2.7.17.bb
index 90103af8be5..936810d9806 100644
--- a/meta/recipes-devtools/python/python-native_2.7.16.bb
+++ b/meta/recipes-devtools/python/python-native_2.7.17.bb
@@ -11,7 +11,7 @@ SRC_URI += "\
file://nohostlibs.patch \
file://multilib.patch \
file://add-md5module-support.patch \
- file://builddir.patch \
+ file://0001-python-Resolve-intermediate-staging-issues.patch \
file://parallel-makeinst-create-bindir.patch \
file://revert_use_of_sysconfigdata.patch \
file://0001-python-native-fix-one-do_populate_sysroot-warning.patch \
diff --git a/meta/recipes-devtools/python/python.inc b/meta/recipes-devtools/python/python.inc
index 1462b779e93..a630c26e898 100644
--- a/meta/recipes-devtools/python/python.inc
+++ b/meta/recipes-devtools/python/python.inc
@@ -8,16 +8,10 @@ INC_PR = "r1"
LIC_FILES_CHKSUM = "file://LICENSE;md5=e466242989bd33c1bd2b6a526a742498"
SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
- file://bpo-35907-cve-2019-9948.patch \
- file://bpo-35907-cve-2019-9948-fix.patch \
- file://bpo-36216-cve-2019-9636.patch \
- file://bpo-36216-cve-2019-9636-fix.patch \
- file://CVE-2019-9740.patch \
- file://CVE-2018-20852.patch \
"
-SRC_URI[md5sum] = "30157d85a2c0479c09ea2cbe61f2aaf5"
-SRC_URI[sha256sum] = "f222ef602647eecb6853681156d32de4450a2c39f4de93bd5b20235f2e660ed7"
+SRC_URI[md5sum] = "b3b6d2c92f42a60667814358ab9f0cfd"
+SRC_URI[sha256sum] = "4d43f033cdbd0aa7b7023c81b0e986fd11e653b5248dac9144d508f11812ba41"
# python recipe is actually python 2.x
# also, exclude pre-releases for both python 2.x and 3.x
diff --git a/meta/recipes-devtools/python/python/0001-2.7-bpo-34155-Dont-parse-domains-containing-GH-13079.patch b/meta/recipes-devtools/python/python/0001-2.7-bpo-34155-Dont-parse-domains-containing-GH-13079.patch
deleted file mode 100644
index 5415472a358..00000000000
--- a/meta/recipes-devtools/python/python/0001-2.7-bpo-34155-Dont-parse-domains-containing-GH-13079.patch
+++ /dev/null
@@ -1,90 +0,0 @@
-From 532ed09c5454bb789a301bb6f1339a0818255610 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Roberto=20C=2E=20S=C3=A1nchez?= <roberto@connexer.com>
-Date: Sat, 14 Sep 2019 13:26:38 -0400
-Subject: [PATCH] [2.7] bpo-34155: Dont parse domains containing @ (GH-13079)
- (GH-16006)
-
-This change skips parsing of email addresses where domains include a "@" character, which can be maliciously used since the local part is returned as a complete address.
-
-(cherry picked from commit 8cb65d1381b027f0b09ee36bfed7f35bb4dec9a9)
-
-Excludes changes to Lib/email/_header_value_parser.py, which did not
-exist in 2.7.
-
-Co-authored-by: jpic <jpic@users.noreply.github.com>
-
-https://bugs.python.org/issue34155
-
-Upstream-Status: Backport [https://github.com/python/cpython/commit/8cb65d1381b027f0b09ee36bfed7f35bb4dec9a9]
-
-CVE: CVE-2019-16056
-
-Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
----
- Lib/email/_parseaddr.py | 11 ++++++++++-
- Lib/email/test/test_email.py | 14 ++++++++++++++
- .../2019-05-04-13-33-37.bpo-34155.MJll68.rst | 1 +
- 3 files changed, 25 insertions(+), 1 deletion(-)
- create mode 100644 Misc/NEWS.d/next/Security/2019-05-04-13-33-37.bpo-34155.MJll68.rst
-
-diff --git a/Lib/email/_parseaddr.py b/Lib/email/_parseaddr.py
-index 690db2c22d..dc49d2e45a 100644
---- a/Lib/email/_parseaddr.py
-+++ b/Lib/email/_parseaddr.py
-@@ -336,7 +336,12 @@ class AddrlistClass:
- aslist.append('@')
- self.pos += 1
- self.gotonext()
-- return EMPTYSTRING.join(aslist) + self.getdomain()
-+ domain = self.getdomain()
-+ if not domain:
-+ # Invalid domain, return an empty address instead of returning a
-+ # local part to denote failed parsing.
-+ return EMPTYSTRING
-+ return EMPTYSTRING.join(aslist) + domain
-
- def getdomain(self):
- """Get the complete domain name from an address."""
-@@ -351,6 +356,10 @@ class AddrlistClass:
- elif self.field[self.pos] == '.':
- self.pos += 1
- sdlist.append('.')
-+ elif self.field[self.pos] == '@':
-+ # bpo-34155: Don't parse domains with two `@` like
-+ # `a@malicious.org@important.com`.
-+ return EMPTYSTRING
- elif self.field[self.pos] in self.atomends:
- break
- else:
-diff --git a/Lib/email/test/test_email.py b/Lib/email/test/test_email.py
-index 4b4dee3d34..2efe44ac5a 100644
---- a/Lib/email/test/test_email.py
-+++ b/Lib/email/test/test_email.py
-@@ -2306,6 +2306,20 @@ class TestMiscellaneous(TestEmailBase):
- self.assertEqual(Utils.parseaddr('<>'), ('', ''))
- self.assertEqual(Utils.formataddr(Utils.parseaddr('<>')), '')
-
-+ def test_parseaddr_multiple_domains(self):
-+ self.assertEqual(
-+ Utils.parseaddr('a@b@c'),
-+ ('', '')
-+ )
-+ self.assertEqual(
-+ Utils.parseaddr('a@b.c@c'),
-+ ('', '')
-+ )
-+ self.assertEqual(
-+ Utils.parseaddr('a@172.17.0.1@c'),
-+ ('', '')
-+ )
-+
- def test_noquote_dump(self):
- self.assertEqual(
- Utils.formataddr(('A Silly Person', 'person@dom.ain')),
-diff --git a/Misc/NEWS.d/next/Security/2019-05-04-13-33-37.bpo-34155.MJll68.rst b/Misc/NEWS.d/next/Security/2019-05-04-13-33-37.bpo-34155.MJll68.rst
-new file mode 100644
-index 0000000000..50292e29ed
---- /dev/null
-+++ b/Misc/NEWS.d/next/Security/2019-05-04-13-33-37.bpo-34155.MJll68.rst
-@@ -0,0 +1 @@
-+Fix parsing of invalid email addresses with more than one ``@`` (e.g. a@b@c.com.) to not return the part before 2nd ``@`` as valid email address. Patch by maxking & jpic.
diff --git a/meta/recipes-devtools/python/python/0001-2.7-bpo-38243-Escape-the-server-title-of-DocXMLRPCSe.patch b/meta/recipes-devtools/python/python/0001-2.7-bpo-38243-Escape-the-server-title-of-DocXMLRPCSe.patch
deleted file mode 100644
index 3025cf7bc8f..00000000000
--- a/meta/recipes-devtools/python/python/0001-2.7-bpo-38243-Escape-the-server-title-of-DocXMLRPCSe.patch
+++ /dev/null
@@ -1,101 +0,0 @@
-From b161c89c8bd66fe928192e21364678c8e9b8fcc0 Mon Sep 17 00:00:00 2001
-From: Dong-hee Na <donghee.na92@gmail.com>
-Date: Tue, 1 Oct 2019 19:58:01 +0900
-Subject: [PATCH] [2.7] bpo-38243: Escape the server title of DocXMLRPCServer
- (GH-16447)
-
-Escape the server title of DocXMLRPCServer.DocXMLRPCServer
-when rendering the document page as HTML.
-
-CVE: CVE-2019-16935
-
-Upstream-Status: Backport [https://github.com/python/cpython/pull/16447/commits/b41cde823d026f2adc21ef14b1c2e92b1006de06]
-
-Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
----
- Lib/DocXMLRPCServer.py | 13 +++++++++++-
- Lib/test/test_docxmlrpc.py | 20 +++++++++++++++++++
- .../2019-09-25-13-21-09.bpo-38243.1pfz24.rst | 3 +++
- 3 files changed, 35 insertions(+), 1 deletion(-)
- create mode 100644 Misc/NEWS.d/next/Security/2019-09-25-13-21-09.bpo-38243.1pfz24.rst
-
-diff --git a/Lib/DocXMLRPCServer.py b/Lib/DocXMLRPCServer.py
-index 4064ec2e48..90b037dd35 100644
---- a/Lib/DocXMLRPCServer.py
-+++ b/Lib/DocXMLRPCServer.py
-@@ -20,6 +20,16 @@ from SimpleXMLRPCServer import (SimpleXMLRPCServer,
- CGIXMLRPCRequestHandler,
- resolve_dotted_attribute)
-
-+
-+def _html_escape_quote(s):
-+ s = s.replace("&", "&") # Must be done first!
-+ s = s.replace("<", "<")
-+ s = s.replace(">", ">")
-+ s = s.replace('"', """)
-+ s = s.replace('\'', "'")
-+ return s
-+
-+
- class ServerHTMLDoc(pydoc.HTMLDoc):
- """Class used to generate pydoc HTML document for a server"""
-
-@@ -210,7 +220,8 @@ class XMLRPCDocGenerator:
- methods
- )
-
-- return documenter.page(self.server_title, documentation)
-+ title = _html_escape_quote(self.server_title)
-+ return documenter.page(title, documentation)
-
- class DocXMLRPCRequestHandler(SimpleXMLRPCRequestHandler):
- """XML-RPC and documentation request handler class.
-diff --git a/Lib/test/test_docxmlrpc.py b/Lib/test/test_docxmlrpc.py
-index 4dff4159e2..c45b892b8b 100644
---- a/Lib/test/test_docxmlrpc.py
-+++ b/Lib/test/test_docxmlrpc.py
-@@ -1,5 +1,6 @@
- from DocXMLRPCServer import DocXMLRPCServer
- import httplib
-+import re
- import sys
- from test import test_support
- threading = test_support.import_module('threading')
-@@ -176,6 +177,25 @@ class DocXMLRPCHTTPGETServer(unittest.TestCase):
- self.assertIn("""Try self.<strong>add</strong>, too.""",
- response.read())
-
-+ def test_server_title_escape(self):
-+ """Test that the server title and documentation
-+ are escaped for HTML.
-+ """
-+ self.serv.set_server_title('test_title<script>')
-+ self.serv.set_server_documentation('test_documentation<script>')
-+ self.assertEqual('test_title<script>', self.serv.server_title)
-+ self.assertEqual('test_documentation<script>',
-+ self.serv.server_documentation)
-+
-+ generated = self.serv.generate_html_documentation()
-+ title = re.search(r'<title>(.+?)</title>', generated).group()
-+ documentation = re.search(r'<p><tt>(.+?)</tt></p>', generated).group()
-+ self.assertEqual('<title>Python: test_title<script></title>',
-+ title)
-+ self.assertEqual('<p><tt>test_documentation<script></tt></p>',
-+ documentation)
-+
-+
- def test_main():
- test_support.run_unittest(DocXMLRPCHTTPGETServer)
-
-diff --git a/Misc/NEWS.d/next/Security/2019-09-25-13-21-09.bpo-38243.1pfz24.rst b/Misc/NEWS.d/next/Security/2019-09-25-13-21-09.bpo-38243.1pfz24.rst
-new file mode 100644
-index 0000000000..8f02baed9e
---- /dev/null
-+++ b/Misc/NEWS.d/next/Security/2019-09-25-13-21-09.bpo-38243.1pfz24.rst
-@@ -0,0 +1,3 @@
-+Escape the server title of :class:`DocXMLRPCServer.DocXMLRPCServer`
-+when rendering the document page as HTML.
-+(Contributed by Dong-hee Na in :issue:`38243`.)
---
-2.17.1
-
diff --git a/meta/recipes-devtools/python/python/builddir.patch b/meta/recipes-devtools/python/python/0001-python-Resolve-intermediate-staging-issues.patch
similarity index 58%
rename from meta/recipes-devtools/python/python/builddir.patch
rename to meta/recipes-devtools/python/python/0001-python-Resolve-intermediate-staging-issues.patch
index ad629a022e9..2ff2ccc43dc 100644
--- a/meta/recipes-devtools/python/python/builddir.patch
+++ b/meta/recipes-devtools/python/python/0001-python-Resolve-intermediate-staging-issues.patch
@@ -1,5 +1,10 @@
-When cross compiling python, we used to need to install the Makefile, pyconfig.h
-and the python library to their final location before being able to compile the
+From 77bcb3238b2853d511714544e0f84a37be6c79bf Mon Sep 17 00:00:00 2001
+From: Richard Purdie <richard.purdie@linuxfoundation.org>
+Date: Wed, 14 Nov 2012 14:31:24 +0000
+Subject: [PATCH] python: Resolve intermediate staging issues
+
+When cross compiling python, we used to need to install the Makefile, pyconfig.h
+and the python library to their final location before being able to compile the
rest of python. This change allows us to point python at its own source when
building, avoiding a variety of sysroot staging issues and simplifying the main
python recipe.
@@ -7,10 +12,29 @@ python recipe.
Upstream-Status: Inappropriate
RP 2012/11/13
-Index: Python-2.7.9/Lib/sysconfig.py
-===================================================================
---- Python-2.7.9.orig/Lib/sysconfig.py
-+++ Python-2.7.9/Lib/sysconfig.py
+---
+ Lib/distutils/sysconfig.py | 3 +++
+ Lib/sysconfig.py | 5 ++++-
+ 2 files changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/Lib/distutils/sysconfig.py b/Lib/distutils/sysconfig.py
+index 2f4b8ca..15bceb5 100644
+--- a/Lib/distutils/sysconfig.py
++++ b/Lib/distutils/sysconfig.py
+@@ -31,6 +31,9 @@ else:
+ # sys.executable can be empty if argv[0] has been changed and Python is
+ # unable to retrieve the real program name
+ project_base = os.getcwd()
++_PYTHONBUILDDIR = os.environ.get("PYTHONBUILDDIR", None)
++if _PYTHONBUILDDIR:
++ project_base = _PYTHONBUILDDIR
+ if os.name == "nt" and "pcbuild" in project_base[-8:].lower():
+ project_base = os.path.abspath(os.path.join(project_base, os.path.pardir))
+ # PC/VS7.1
+diff --git a/Lib/sysconfig.py b/Lib/sysconfig.py
+index 9c8350d..bddbe2e 100644
+--- a/Lib/sysconfig.py
++++ b/Lib/sysconfig.py
@@ -93,6 +93,7 @@ _PREFIX = os.path.normpath(sys.prefix)
_EXEC_PREFIX = os.path.normpath(sys.exec_prefix)
_CONFIG_VARS = None
@@ -30,17 +54,6 @@ Index: Python-2.7.9/Lib/sysconfig.py
_PROJECT_BASE = os.path.dirname(_safe_realpath(sys.executable))
else:
# sys.executable can be empty if argv[0] has been changed and Python is
-Index: Python-2.7.9/Lib/distutils/sysconfig.py
-===================================================================
---- Python-2.7.9.orig/Lib/distutils/sysconfig.py
-+++ Python-2.7.9/Lib/distutils/sysconfig.py
-@@ -26,6 +26,9 @@ EXEC_PREFIX = os.path.normpath(sys.exec_
- # live in project/PCBuild9. If we're dealing with an x64 Windows build,
- # it'll live in project/PCbuild/amd64.
- project_base = os.path.dirname(os.path.abspath(sys.executable))
-+_PYTHONBUILDDIR = os.environ.get("PYTHONBUILDDIR", None)
-+if _PYTHONBUILDDIR:
-+ project_base = _PYTHONBUILDDIR
- if os.name == "nt" and "pcbuild" in project_base[-8:].lower():
- project_base = os.path.abspath(os.path.join(project_base, os.path.pardir))
- # PC/VS7.1
+--
+2.17.1
+
diff --git a/meta/recipes-devtools/python/python/CVE-2018-20852.patch b/meta/recipes-devtools/python/python/CVE-2018-20852.patch
deleted file mode 100644
index 23c784a2105..00000000000
--- a/meta/recipes-devtools/python/python/CVE-2018-20852.patch
+++ /dev/null
@@ -1,123 +0,0 @@
-From 979daae300916adb399ab5b51410b6ebd0888f13 Mon Sep 17 00:00:00 2001
-From: Xtreak <tir.karthi@gmail.com>
-Date: Sat, 15 Jun 2019 20:59:43 +0530
-Subject: [PATCH] [2.7] bpo-35121: prefix dot in domain for proper subdomain
- validation (GH-10258) (GH-13426)
-
-This is a manual backport of ca7fe5063593958e5efdf90f068582837f07bd14 since 2.7 has `http.cookiejar` in `cookielib`
-
-
-https://bugs.python.org/issue35121
-CVE: CVE-2018-20852
-Upstream-Status: Backport [https://github.com/python/cpython/pull/13426]
-Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
----
- Lib/cookielib.py | 13 ++++++--
- Lib/test/test_cookielib.py | 30 +++++++++++++++++++
- .../2019-05-20-00-35-12.bpo-35121.RRi-HU.rst | 4 +++
- 3 files changed, 45 insertions(+), 2 deletions(-)
- create mode 100644 Misc/NEWS.d/next/Security/2019-05-20-00-35-12.bpo-35121.RRi-HU.rst
-
-diff --git a/Lib/cookielib.py b/Lib/cookielib.py
-index 2dd7c48728e0..0b471a42f296 100644
---- a/Lib/cookielib.py
-+++ b/Lib/cookielib.py
-@@ -1139,6 +1139,11 @@ def return_ok_domain(self, cookie, request):
- req_host, erhn = eff_request_host(request)
- domain = cookie.domain
-
-+ if domain and not domain.startswith("."):
-+ dotdomain = "." + domain
-+ else:
-+ dotdomain = domain
-+
- # strict check of non-domain cookies: Mozilla does this, MSIE5 doesn't
- if (cookie.version == 0 and
- (self.strict_ns_domain & self.DomainStrictNonDomain) and
-@@ -1151,7 +1156,7 @@ def return_ok_domain(self, cookie, request):
- _debug(" effective request-host name %s does not domain-match "
- "RFC 2965 cookie domain %s", erhn, domain)
- return False
-- if cookie.version == 0 and not ("."+erhn).endswith(domain):
-+ if cookie.version == 0 and not ("."+erhn).endswith(dotdomain):
- _debug(" request-host %s does not match Netscape cookie domain "
- "%s", req_host, domain)
- return False
-@@ -1165,7 +1170,11 @@ def domain_return_ok(self, domain, request):
- req_host = "."+req_host
- if not erhn.startswith("."):
- erhn = "."+erhn
-- if not (req_host.endswith(domain) or erhn.endswith(domain)):
-+ if domain and not domain.startswith("."):
-+ dotdomain = "." + domain
-+ else:
-+ dotdomain = domain
-+ if not (req_host.endswith(dotdomain) or erhn.endswith(dotdomain)):
- #_debug(" request domain %s does not match cookie domain %s",
- # req_host, domain)
- return False
-diff --git a/Lib/test/test_cookielib.py b/Lib/test/test_cookielib.py
-index f2dd9727d137..7f7ff614d61d 100644
---- a/Lib/test/test_cookielib.py
-+++ b/Lib/test/test_cookielib.py
-@@ -368,6 +368,7 @@ def test_domain_return_ok(self):
- ("http://foo.bar.com/", ".foo.bar.com", True),
- ("http://foo.bar.com/", "foo.bar.com", True),
- ("http://foo.bar.com/", ".bar.com", True),
-+ ("http://foo.bar.com/", "bar.com", True),
- ("http://foo.bar.com/", "com", True),
- ("http://foo.com/", "rhubarb.foo.com", False),
- ("http://foo.com/", ".foo.com", True),
-@@ -378,6 +379,8 @@ def test_domain_return_ok(self):
- ("http://foo/", "foo", True),
- ("http://foo/", "foo.local", True),
- ("http://foo/", ".local", True),
-+ ("http://barfoo.com", ".foo.com", False),
-+ ("http://barfoo.com", "foo.com", False),
- ]:
- request = urllib2.Request(url)
- r = pol.domain_return_ok(domain, request)
-@@ -938,6 +941,33 @@ def test_domain_block(self):
- c.add_cookie_header(req)
- self.assertFalse(req.has_header("Cookie"))
-
-+ c.clear()
-+
-+ pol.set_blocked_domains([])
-+ req = Request("http://acme.com/")
-+ res = FakeResponse(headers, "http://acme.com/")
-+ cookies = c.make_cookies(res, req)
-+ c.extract_cookies(res, req)
-+ self.assertEqual(len(c), 1)
-+
-+ req = Request("http://acme.com/")
-+ c.add_cookie_header(req)
-+ self.assertTrue(req.has_header("Cookie"))
-+
-+ req = Request("http://badacme.com/")
-+ c.add_cookie_header(req)
-+ self.assertFalse(pol.return_ok(cookies[0], req))
-+ self.assertFalse(req.has_header("Cookie"))
-+
-+ p = pol.set_blocked_domains(["acme.com"])
-+ req = Request("http://acme.com/")
-+ c.add_cookie_header(req)
-+ self.assertFalse(req.has_header("Cookie"))
-+
-+ req = Request("http://badacme.com/")
-+ c.add_cookie_header(req)
-+ self.assertFalse(req.has_header("Cookie"))
-+
- def test_secure(self):
- from cookielib import CookieJar, DefaultCookiePolicy
-
-diff --git a/Misc/NEWS.d/next/Security/2019-05-20-00-35-12.bpo-35121.RRi-HU.rst b/Misc/NEWS.d/next/Security/2019-05-20-00-35-12.bpo-35121.RRi-HU.rst
-new file mode 100644
-index 000000000000..77251806163b
---- /dev/null
-+++ b/Misc/NEWS.d/next/Security/2019-05-20-00-35-12.bpo-35121.RRi-HU.rst
-@@ -0,0 +1,4 @@
-+Don't send cookies of domain A without Domain attribute to domain B when
-+domain A is a suffix match of domain B while using a cookiejar with
-+:class:`cookielib.DefaultCookiePolicy` policy. Patch by Karthikeyan
-+Singaravelan.
diff --git a/meta/recipes-devtools/python/python/CVE-2019-9740.patch b/meta/recipes-devtools/python/python/CVE-2019-9740.patch
deleted file mode 100644
index 95f43e0387d..00000000000
--- a/meta/recipes-devtools/python/python/CVE-2019-9740.patch
+++ /dev/null
@@ -1,216 +0,0 @@
-From bb8071a4cae5ab3fe321481dd3d73662ffb26052 Mon Sep 17 00:00:00 2001
-From: Victor Stinner <victor.stinner@gmail.com>
-Date: Tue, 21 May 2019 15:12:33 +0200
-Subject: [PATCH] bpo-30458: Disallow control chars in http URLs (GH-12755)
- (GH-13154) (GH-13315)
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Disallow control chars in http URLs in urllib2.urlopen. This
-addresses a potential security problem for applications that do not
-sanity check their URLs where http request headers could be injected.
-
-Disable https related urllib tests on a build without ssl (GH-13032)
-These tests require an SSL enabled build. Skip these tests when
-python is built without SSL to fix test failures.
-
-Use httplib.InvalidURL instead of ValueError as the new error case's
-exception. (GH-13044)
-
-Backport Co-Authored-By: Miro Hrončok <miro@hroncok.cz>
-
-(cherry picked from commit 7e200e0763f5b71c199aaf98bd5588f291585619)
-
-Notes on backport to Python 2.7:
-
-* test_urllib tests urllib.urlopen() which quotes the URL and so is
- not vulerable to HTTP Header Injection.
-* Add tests to test_urllib2 on urllib2.urlopen().
-* Reject non-ASCII characters: range 0x80-0xff.
-
-Upstream-Status: Backport
-CVE: CVE-2019-9740
-CVE: CVE-2019-9947
-Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
----
- Lib/httplib.py | 16 ++++++
- Lib/test/test_urllib.py | 25 +++++++++
- Lib/test/test_urllib2.py | 51 ++++++++++++++++++-
- Lib/test/test_xmlrpc.py | 8 ++-
- .../2019-04-10-08-53-30.bpo-30458.51E-DA.rst | 1 +
- 5 files changed, 99 insertions(+), 2 deletions(-)
- create mode 100644 Misc/NEWS.d/next/Security/2019-04-10-08-53-30.bpo-30458.51E-DA.rst
-
-diff --git a/Lib/httplib.py b/Lib/httplib.py
-index 60a8fb4e355f..1b41c346e090 100644
---- a/Lib/httplib.py
-+++ b/Lib/httplib.py
-@@ -247,6 +247,16 @@
- _is_legal_header_name = re.compile(r'\A[^:\s][^:\r\n]*\Z').match
- _is_illegal_header_value = re.compile(r'\n(?![ \t])|\r(?![ \t\n])').search
-
-+# These characters are not allowed within HTTP URL paths.
-+# See https://tools.ietf.org/html/rfc3986#section-3.3 and the
-+# https://tools.ietf.org/html/rfc3986#appendix-A pchar definition.
-+# Prevents CVE-2019-9740. Includes control characters such as \r\n.
-+# Restrict non-ASCII characters above \x7f (0x80-0xff).
-+_contains_disallowed_url_pchar_re = re.compile('[\x00-\x20\x7f-\xff]')
-+# Arguably only these _should_ allowed:
-+# _is_allowed_url_pchars_re = re.compile(r"^[/!$&'()*+,;=:@%a-zA-Z0-9._~-]+$")
-+# We are more lenient for assumed real world compatibility purposes.
-+
- # We always set the Content-Length header for these methods because some
- # servers will otherwise respond with a 411
- _METHODS_EXPECTING_BODY = {'PATCH', 'POST', 'PUT'}
-@@ -927,6 +937,12 @@ def putrequest(self, method, url, skip_host=0, skip_accept_encoding=0):
- self._method = method
- if not url:
- url = '/'
-+ # Prevent CVE-2019-9740.
-+ match = _contains_disallowed_url_pchar_re.search(url)
-+ if match:
-+ raise InvalidURL("URL can't contain control characters. %r "
-+ "(found at least %r)"
-+ % (url, match.group()))
- hdr = '%s %s %s' % (method, url, self._http_vsn_str)
-
- self._output(hdr)
-diff --git a/Lib/test/test_urllib.py b/Lib/test/test_urllib.py
-index 1ce9201c0693..d7778d4194f3 100644
---- a/Lib/test/test_urllib.py
-+++ b/Lib/test/test_urllib.py
-@@ -257,6 +257,31 @@ def test_url_fragment(self):
- finally:
- self.unfakehttp()
-
-+ def test_url_with_control_char_rejected(self):
-+ for char_no in range(0, 0x21) + range(0x7f, 0x100):
-+ char = chr(char_no)
-+ schemeless_url = "//localhost:7777/test%s/" % char
-+ self.fakehttp(b"HTTP/1.1 200 OK\r\n\r\nHello.")
-+ try:
-+ # urllib quotes the URL so there is no injection.
-+ resp = urllib.urlopen("http:" + schemeless_url)
-+ self.assertNotIn(char, resp.geturl())
-+ finally:
-+ self.unfakehttp()
-+
-+ def test_url_with_newline_header_injection_rejected(self):
-+ self.fakehttp(b"HTTP/1.1 200 OK\r\n\r\nHello.")
-+ host = "localhost:7777?a=1 HTTP/1.1\r\nX-injected: header\r\nTEST: 123"
-+ schemeless_url = "//" + host + ":8080/test/?test=a"
-+ try:
-+ # urllib quotes the URL so there is no injection.
-+ resp = urllib.urlopen("http:" + schemeless_url)
-+ self.assertNotIn(' ', resp.geturl())
-+ self.assertNotIn('\r', resp.geturl())
-+ self.assertNotIn('\n', resp.geturl())
-+ finally:
-+ self.unfakehttp()
-+
- def test_read_bogus(self):
- # urlopen() should raise IOError for many error codes.
- self.fakehttp('''HTTP/1.1 401 Authentication Required
-diff --git a/Lib/test/test_urllib2.py b/Lib/test/test_urllib2.py
-index 6d24d5ddf83c..9531818e16b2 100644
---- a/Lib/test/test_urllib2.py
-+++ b/Lib/test/test_urllib2.py
-@@ -15,6 +15,9 @@
- except ImportError:
- ssl = None
-
-+from test.test_urllib import FakeHTTPMixin
-+
-+
- # XXX
- # Request
- # CacheFTPHandler (hard to write)
-@@ -1262,7 +1265,7 @@ def _test_basic_auth(self, opener, auth_handler, auth_header,
- self.assertEqual(len(http_handler.requests), 1)
- self.assertFalse(http_handler.requests[0].has_header(auth_header))
-
--class MiscTests(unittest.TestCase):
-+class MiscTests(unittest.TestCase, FakeHTTPMixin):
-
- def test_build_opener(self):
- class MyHTTPHandler(urllib2.HTTPHandler): pass
-@@ -1317,6 +1320,52 @@ def test_unsupported_algorithm(self):
- "Unsupported digest authentication algorithm 'invalid'"
- )
-
-+ @unittest.skipUnless(ssl, "ssl module required")
-+ def test_url_with_control_char_rejected(self):
-+ for char_no in range(0, 0x21) + range(0x7f, 0x100):
-+ char = chr(char_no)
-+ schemeless_url = "//localhost:7777/test%s/" % char
-+ self.fakehttp(b"HTTP/1.1 200 OK\r\n\r\nHello.")
-+ try:
-+ # We explicitly test urllib.request.urlopen() instead of the top
-+ # level 'def urlopen()' function defined in this... (quite ugly)
-+ # test suite. They use different url opening codepaths. Plain
-+ # urlopen uses FancyURLOpener which goes via a codepath that
-+ # calls urllib.parse.quote() on the URL which makes all of the
-+ # above attempts at injection within the url _path_ safe.
-+ escaped_char_repr = repr(char).replace('\\', r'\\')
-+ InvalidURL = httplib.InvalidURL
-+ with self.assertRaisesRegexp(
-+ InvalidURL, "contain control.*" + escaped_char_repr):
-+ urllib2.urlopen("http:" + schemeless_url)
-+ with self.assertRaisesRegexp(
-+ InvalidURL, "contain control.*" + escaped_char_repr):
-+ urllib2.urlopen("https:" + schemeless_url)
-+ finally:
-+ self.unfakehttp()
-+
-+ @unittest.skipUnless(ssl, "ssl module required")
-+ def test_url_with_newline_header_injection_rejected(self):
-+ self.fakehttp(b"HTTP/1.1 200 OK\r\n\r\nHello.")
-+ host = "localhost:7777?a=1 HTTP/1.1\r\nX-injected: header\r\nTEST: 123"
-+ schemeless_url = "//" + host + ":8080/test/?test=a"
-+ try:
-+ # We explicitly test urllib2.urlopen() instead of the top
-+ # level 'def urlopen()' function defined in this... (quite ugly)
-+ # test suite. They use different url opening codepaths. Plain
-+ # urlopen uses FancyURLOpener which goes via a codepath that
-+ # calls urllib.parse.quote() on the URL which makes all of the
-+ # above attempts at injection within the url _path_ safe.
-+ InvalidURL = httplib.InvalidURL
-+ with self.assertRaisesRegexp(
-+ InvalidURL, r"contain control.*\\r.*(found at least . .)"):
-+ urllib2.urlopen("http:" + schemeless_url)
-+ with self.assertRaisesRegexp(InvalidURL, r"contain control.*\\n"):
-+ urllib2.urlopen("https:" + schemeless_url)
-+ finally:
-+ self.unfakehttp()
-+
-+
-
- class RequestTests(unittest.TestCase):
-
-diff --git a/Lib/test/test_xmlrpc.py b/Lib/test/test_xmlrpc.py
-index 36b3be67fd6b..90ccb30716ff 100644
---- a/Lib/test/test_xmlrpc.py
-+++ b/Lib/test/test_xmlrpc.py
-@@ -659,7 +659,13 @@ def test_dotted_attribute(self):
- def test_partial_post(self):
- # Check that a partial POST doesn't make the server loop: issue #14001.
- conn = httplib.HTTPConnection(ADDR, PORT)
-- conn.request('POST', '/RPC2 HTTP/1.0\r\nContent-Length: 100\r\n\r\nbye')
-+ conn.send('POST /RPC2 HTTP/1.0\r\n'
-+ 'Content-Length: 100\r\n\r\n'
-+ 'bye HTTP/1.1\r\n'
-+ 'Host: %s:%s\r\n'
-+ 'Accept-Encoding: identity\r\n'
-+ 'Content-Length: 0\r\n\r\n'
-+ % (ADDR, PORT))
- conn.close()
-
- class SimpleServerEncodingTestCase(BaseServerTestCase):
-diff --git a/Misc/NEWS.d/next/Security/2019-04-10-08-53-30.bpo-30458.51E-DA.rst b/Misc/NEWS.d/next/Security/2019-04-10-08-53-30.bpo-30458.51E-DA.rst
-new file mode 100644
-index 000000000000..47cb899df1af
---- /dev/null
-+++ b/Misc/NEWS.d/next/Security/2019-04-10-08-53-30.bpo-30458.51E-DA.rst
-@@ -0,0 +1 @@
-+Address CVE-2019-9740 by disallowing URL paths with embedded whitespace or control characters through into the underlying http client request. Such potentially malicious header injection URLs now cause an httplib.InvalidURL exception to be raised.
diff --git a/meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948-fix.patch b/meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948-fix.patch
deleted file mode 100644
index b2672370186..00000000000
--- a/meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948-fix.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-From 179a5f75f1121dab271fe8f90eb35145f9dcbbda Mon Sep 17 00:00:00 2001
-From: Sihoon Lee <push0ebp@gmail.com>
-Date: Fri, 17 May 2019 02:41:06 +0900
-Subject: [PATCH] Update test_urllib.py and urllib.py\nchange assertEqual into
- assertRasies in DummyURLopener test, and simplify mitigation
-
-Upstream-Status: Submitted https://github.com/python/cpython/pull/11842
-
-CVE: CVE-2019-9948
-
-Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
----
- Lib/test/test_urllib.py | 11 +++--------
- Lib/urllib.py | 4 ++--
- 2 files changed, 5 insertions(+), 10 deletions(-)
-
-diff --git a/Lib/test/test_urllib.py b/Lib/test/test_urllib.py
-index e5f210e62a18..1e23dfb0bb16 100644
---- a/Lib/test/test_urllib.py
-+++ b/Lib/test/test_urllib.py
-@@ -1027,14 +1027,9 @@ def test_local_file_open(self):
- class DummyURLopener(urllib.URLopener):
- def open_local_file(self, url):
- return url
-- self.assertEqual(DummyURLopener().open(
-- 'local-file://example'), '//example')
-- self.assertEqual(DummyURLopener().open(
-- 'local_file://example'), '//example')
-- self.assertRaises(IOError, urllib.urlopen,
-- 'local-file://example')
-- self.assertRaises(IOError, urllib.urlopen,
-- 'local_file://example')
-+ for url in ('local_file://example', 'local-file://example'):
-+ self.assertRaises(IOError, DummyURLopener().open, url)
-+ self.assertRaises(IOError, urllib.urlopen, url)
-
- # Just commented them out.
- # Can't really tell why keep failing in windows and sparc.
-diff --git a/Lib/urllib.py b/Lib/urllib.py
-index a24e9a5c68fb..39b834054e9e 100644
---- a/Lib/urllib.py
-+++ b/Lib/urllib.py
-@@ -203,10 +203,10 @@ def open(self, fullurl, data=None):
- name = 'open_' + urltype
- self.type = urltype
- name = name.replace('-', '_')
--
-+
- # bpo-35907: # disallow the file reading with the type not allowed
- if not hasattr(self, name) or \
-- (self == _urlopener and name == 'open_local_file'):
-+ getattr(self, name) == self.open_local_file:
- if proxy:
- return self.open_unknown_proxy(proxy, fullurl, data)
- else:
diff --git a/meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948.patch b/meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948.patch
deleted file mode 100644
index f4c225d2fcf..00000000000
--- a/meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-From 8f99cc799e4393bf1112b9395b2342f81b3f45ef Mon Sep 17 00:00:00 2001
-From: push0ebp <push0ebp@shl-MacBook-Pro.local>
-Date: Thu, 14 Feb 2019 02:05:46 +0900
-Subject: [PATCH] bpo-35907: Avoid file reading as disallowing the unnecessary
- URL scheme in urllib
-
-Upstream-Status: Submitted https://github.com/python/cpython/pull/11842
-
-CVE: CVE-2019-9948
-
-Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
----
- Lib/test/test_urllib.py | 12 ++++++++++++
- Lib/urllib.py | 5 ++++-
- 2 files changed, 16 insertions(+), 1 deletion(-)
-
-diff --git a/Lib/test/test_urllib.py b/Lib/test/test_urllib.py
-index 1ce9201c0693..e5f210e62a18 100644
---- a/Lib/test/test_urllib.py
-+++ b/Lib/test/test_urllib.py
-@@ -1023,6 +1023,18 @@ def open_spam(self, url):
- "spam://c:|windows%/:=&?~#+!$,;'@()*[]|/path/"),
- "//c:|windows%/:=&?~#+!$,;'@()*[]|/path/")
-
-+ def test_local_file_open(self):
-+ class DummyURLopener(urllib.URLopener):
-+ def open_local_file(self, url):
-+ return url
-+ self.assertEqual(DummyURLopener().open(
-+ 'local-file://example'), '//example')
-+ self.assertEqual(DummyURLopener().open(
-+ 'local_file://example'), '//example')
-+ self.assertRaises(IOError, urllib.urlopen,
-+ 'local-file://example')
-+ self.assertRaises(IOError, urllib.urlopen,
-+ 'local_file://example')
-
- # Just commented them out.
- # Can't really tell why keep failing in windows and sparc.
-diff --git a/Lib/urllib.py b/Lib/urllib.py
-index d85504a5cb7e..a24e9a5c68fb 100644
---- a/Lib/urllib.py
-+++ b/Lib/urllib.py
-@@ -203,7 +203,10 @@ def open(self, fullurl, data=None):
- name = 'open_' + urltype
- self.type = urltype
- name = name.replace('-', '_')
-- if not hasattr(self, name):
-+
-+ # bpo-35907: # disallow the file reading with the type not allowed
-+ if not hasattr(self, name) or \
-+ (self == _urlopener and name == 'open_local_file'):
- if proxy:
- return self.open_unknown_proxy(proxy, fullurl, data)
- else:
diff --git a/meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636-fix.patch b/meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636-fix.patch
deleted file mode 100644
index 2ce4d2cde7a..00000000000
--- a/meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636-fix.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From 06b5ee585d6e76bdbb4002f642d864d860cbbd2b Mon Sep 17 00:00:00 2001
-From: Steve Dower <steve.dower@python.org>
-Date: Tue, 12 Mar 2019 08:23:33 -0700
-Subject: [PATCH] bpo-36216: Only print test messages when verbose
-
-CVE: CVE-2019-9636
-
-Upstream-Status: Backport https://github.com/python/cpython/pull/12291/commits/06b5ee585d6e76bdbb4002f642d864d860cbbd2b
-
-Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
----
- Lib/test/test_urlparse.py | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/Lib/test/test_urlparse.py b/Lib/test/test_urlparse.py
-index 73b0228ea8e3..1830d0b28688 100644
---- a/Lib/test/test_urlparse.py
-+++ b/Lib/test/test_urlparse.py
-@@ -644,7 +644,8 @@ def test_urlsplit_normalization(self):
- for scheme in [u"http", u"https", u"ftp"]:
- for c in denorm_chars:
- url = u"{}://netloc{}false.netloc/path".format(scheme, c)
-- print "Checking %r" % url
-+ if test_support.verbose:
-+ print "Checking %r" % url
- with self.assertRaises(ValueError):
- urlparse.urlsplit(url)
-
diff --git a/meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636.patch b/meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636.patch
deleted file mode 100644
index 352b13ba9b5..00000000000
--- a/meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636.patch
+++ /dev/null
@@ -1,111 +0,0 @@
-From 3e3669c9c41a27e1466e2c28b3906e3dd0ce3e7e Mon Sep 17 00:00:00 2001
-From: Steve Dower <steve.dower@python.org>
-Date: Thu, 7 Mar 2019 08:25:22 -0800
-Subject: [PATCH] bpo-36216: Add check for characters in netloc that normalize
- to separators (GH-12201)
-
-CVE: CVE-2019-9636
-
-Upstream-Status: Backport https://github.com/python/cpython/pull/12216/commits/3e3669c9c41a27e1466e2c28b3906e3dd0ce3e7e
-
-Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
----
- Doc/library/urlparse.rst | 20 ++++++++++++++++
- Lib/test/test_urlparse.py | 24 +++++++++++++++++++
- Lib/urlparse.py | 17 +++++++++++++
- .../2019-03-06-09-38-40.bpo-36216.6q1m4a.rst | 3 +++
- 4 files changed, 64 insertions(+)
- create mode 100644 Misc/NEWS.d/next/Security/2019-03-06-09-38-40.bpo-36216.6q1m4a.rst
-
-diff --git a/Lib/test/test_urlparse.py b/Lib/test/test_urlparse.py
-index 4e1ded73c266..73b0228ea8e3 100644
---- a/Lib/test/test_urlparse.py
-+++ b/Lib/test/test_urlparse.py
-@@ -1,4 +1,6 @@
- from test import test_support
-+import sys
-+import unicodedata
- import unittest
- import urlparse
-
-@@ -624,6 +626,28 @@ def test_portseparator(self):
- self.assertEqual(urlparse.urlparse("http://www.python.org:80"),
- ('http','www.python.org:80','','','',''))
-
-+ def test_urlsplit_normalization(self):
-+ # Certain characters should never occur in the netloc,
-+ # including under normalization.
-+ # Ensure that ALL of them are detected and cause an error
-+ illegal_chars = u'/:#?@'
-+ hex_chars = {'{:04X}'.format(ord(c)) for c in illegal_chars}
-+ denorm_chars = [
-+ c for c in map(unichr, range(128, sys.maxunicode))
-+ if (hex_chars & set(unicodedata.decomposition(c).split()))
-+ and c not in illegal_chars
-+ ]
-+ # Sanity check that we found at least one such character
-+ self.assertIn(u'\u2100', denorm_chars)
-+ self.assertIn(u'\uFF03', denorm_chars)
-+
-+ for scheme in [u"http", u"https", u"ftp"]:
-+ for c in denorm_chars:
-+ url = u"{}://netloc{}false.netloc/path".format(scheme, c)
-+ print "Checking %r" % url
-+ with self.assertRaises(ValueError):
-+ urlparse.urlsplit(url)
-+
- def test_main():
- test_support.run_unittest(UrlParseTestCase)
-
-diff --git a/Lib/urlparse.py b/Lib/urlparse.py
-index f7c2b032b097..54eda08651ab 100644
---- a/Lib/urlparse.py
-+++ b/Lib/urlparse.py
-@@ -165,6 +165,21 @@ def _splitnetloc(url, start=0):
- delim = min(delim, wdelim) # use earliest delim position
- return url[start:delim], url[delim:] # return (domain, rest)
-
-+def _checknetloc(netloc):
-+ if not netloc or not isinstance(netloc, unicode):
-+ return
-+ # looking for characters like \u2100 that expand to 'a/c'
-+ # IDNA uses NFKC equivalence, so normalize for this check
-+ import unicodedata
-+ netloc2 = unicodedata.normalize('NFKC', netloc)
-+ if netloc == netloc2:
-+ return
-+ _, _, netloc = netloc.rpartition('@') # anything to the left of '@' is okay
-+ for c in '/?#@:':
-+ if c in netloc2:
-+ raise ValueError("netloc '" + netloc2 + "' contains invalid " +
-+ "characters under NFKC normalization")
-+
- def urlsplit(url, scheme='', allow_fragments=True):
- """Parse a URL into 5 components:
- <scheme>://<netloc>/<path>?<query>#<fragment>
-@@ -193,6 +208,7 @@ def urlsplit(url, scheme='', allow_fragments=True):
- url, fragment = url.split('#', 1)
- if '?' in url:
- url, query = url.split('?', 1)
-+ _checknetloc(netloc)
- v = SplitResult(scheme, netloc, url, query, fragment)
- _parse_cache[key] = v
- return v
-@@ -216,6 +232,7 @@ def urlsplit(url, scheme='', allow_fragments=True):
- url, fragment = url.split('#', 1)
- if '?' in url:
- url, query = url.split('?', 1)
-+ _checknetloc(netloc)
- v = SplitResult(scheme, netloc, url, query, fragment)
- _parse_cache[key] = v
- return v
-diff --git a/Misc/NEWS.d/next/Security/2019-03-06-09-38-40.bpo-36216.6q1m4a.rst b/Misc/NEWS.d/next/Security/2019-03-06-09-38-40.bpo-36216.6q1m4a.rst
-new file mode 100644
-index 000000000000..1e1ad92c6feb
---- /dev/null
-+++ b/Misc/NEWS.d/next/Security/2019-03-06-09-38-40.bpo-36216.6q1m4a.rst
-@@ -0,0 +1,3 @@
-+Changes urlsplit() to raise ValueError when the URL contains characters that
-+decompose under IDNA encoding (NFKC-normalization) into characters that
-+affect how the URL is parsed.
-\ No newline at end of file
diff --git a/meta/recipes-devtools/python/python/bpo-36742-cve-2019-10160.patch b/meta/recipes-devtools/python/python/bpo-36742-cve-2019-10160.patch
deleted file mode 100644
index 1b6cb8cf3e6..00000000000
--- a/meta/recipes-devtools/python/python/bpo-36742-cve-2019-10160.patch
+++ /dev/null
@@ -1,81 +0,0 @@
-From 5a1033fe5be764a135adcfff2fdc14edc3e5f327 Mon Sep 17 00:00:00 2001
-From: Changqing Li <changqing.li@windriver.com>
-Date: Thu, 10 Oct 2019 16:32:19 +0800
-Subject: [PATCH] bpo-36742: Fixes handling of pre-normalization characters in
- urlsplit() bpo-36742: Corrects fix to handle decomposition in usernames
-
-Upstream-Status: Backport
-
-https://github.com/python/cpython/commit/98a4dcefbbc3bce5ab07e7c0830a183157250259
-https://github.com/python/cpython/commit/f61599b050c621386a3fc6bc480359e2d3bb93de#diff-b577545d73dd0cdb2c337a4c5f89e1d7
-
-CVE: CVE-2019-10160
-
-Signed-off-by: Changqing Li <changqing.li@windriver.com>
----
- Lib/test/test_urlparse.py | 19 +++++++++++++------
- Lib/urlparse.py | 14 +++++++++-----
- 2 files changed, 22 insertions(+), 11 deletions(-)
-
-diff --git a/Lib/test/test_urlparse.py b/Lib/test/test_urlparse.py
-index 1830d0b..857ed96 100644
---- a/Lib/test/test_urlparse.py
-+++ b/Lib/test/test_urlparse.py
-@@ -641,13 +641,20 @@ class UrlParseTestCase(unittest.TestCase):
- self.assertIn(u'\u2100', denorm_chars)
- self.assertIn(u'\uFF03', denorm_chars)
-
-+ # bpo-36742: Verify port separators are ignored when they
-+ # existed prior to decomposition
-+ urlparse.urlsplit(u'http://\u30d5\u309a:80')
-+ with self.assertRaises(ValueError):
-+ urlparse.urlsplit(u'http://\u30d5\u309a\ufe1380')
-+
- for scheme in [u"http", u"https", u"ftp"]:
-- for c in denorm_chars:
-- url = u"{}://netloc{}false.netloc/path".format(scheme, c)
-- if test_support.verbose:
-- print "Checking %r" % url
-- with self.assertRaises(ValueError):
-- urlparse.urlsplit(url)
-+ for netloc in [u"netloc{}false.netloc", u"n{}user@netloc"]:
-+ for c in denorm_chars:
-+ url = u"{}://{}/path".format(scheme, netloc.format(c))
-+ if test_support.verbose:
-+ print "Checking %r" % url
-+ with self.assertRaises(ValueError):
-+ urlparse.urlsplit(url)
-
- def test_main():
- test_support.run_unittest(UrlParseTestCase)
-diff --git a/Lib/urlparse.py b/Lib/urlparse.py
-index 54eda08..e34b368 100644
---- a/Lib/urlparse.py
-+++ b/Lib/urlparse.py
-@@ -171,14 +171,18 @@ def _checknetloc(netloc):
- # looking for characters like \u2100 that expand to 'a/c'
- # IDNA uses NFKC equivalence, so normalize for this check
- import unicodedata
-- netloc2 = unicodedata.normalize('NFKC', netloc)
-- if netloc == netloc2:
-+ n = netloc.replace(u'@', u'') # ignore characters already included
-+ n = n.replace(u':', u'') # but not the surrounding text
-+ n = n.replace(u'#', u'')
-+ n = n.replace(u'?', u'')
-+
-+ netloc2 = unicodedata.normalize('NFKC', n)
-+ if n == netloc2:
- return
-- _, _, netloc = netloc.rpartition('@') # anything to the left of '@' is okay
- for c in '/?#@:':
- if c in netloc2:
-- raise ValueError("netloc '" + netloc2 + "' contains invalid " +
-- "characters under NFKC normalization")
-+ raise ValueError(u"netloc '" + netloc + u"' contains invalid " +
-+ u"characters under NFKC normalization")
-
- def urlsplit(url, scheme='', allow_fragments=True):
- """Parse a URL into 5 components:
---
-2.7.4
-
diff --git a/meta/recipes-devtools/python/python_2.7.16.bb b/meta/recipes-devtools/python/python_2.7.17.bb
similarity index 97%
rename from meta/recipes-devtools/python/python_2.7.16.bb
rename to meta/recipes-devtools/python/python_2.7.17.bb
index 625c5312a6e..5b856a50977 100644
--- a/meta/recipes-devtools/python/python_2.7.16.bb
+++ b/meta/recipes-devtools/python/python_2.7.17.bb
@@ -30,9 +30,6 @@ SRC_URI += " \
file://support_SOURCE_DATE_EPOCH_in_py_compile_2.7.patch \
file://float-endian.patch \
file://0001-python2-use-cc_basename-to-replace-CC-for-checking-c.patch \
- file://0001-2.7-bpo-34155-Dont-parse-domains-containing-GH-13079.patch \
- file://bpo-36742-cve-2019-10160.patch \
- file://0001-2.7-bpo-38243-Escape-the-server-title-of-DocXMLRPCSe.patch \
"
S = "${WORKDIR}/Python-${PV}"
--
2.17.1
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [PATCH 02/13] runqemu: add options that enable virgl with the SDL frontend
2019-11-18 14:28 [PATCH 01/13] python: update to 2.7.17 Alexander Kanavin
@ 2019-11-18 14:28 ` Alexander Kanavin
2019-11-18 14:28 ` [PATCH 03/13] oe-selftest: extend virgl gtk test to also check the SDL option Alexander Kanavin
` (10 subsequent siblings)
11 siblings, 0 replies; 29+ messages in thread
From: Alexander Kanavin @ 2019-11-18 14:28 UTC (permalink / raw)
To: openembedded-core
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
---
scripts/runqemu | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/scripts/runqemu b/scripts/runqemu
index a05facd0db6..5c56c3fe6c1 100755
--- a/scripts/runqemu
+++ b/scripts/runqemu
@@ -67,9 +67,9 @@ of the following environment variables (in any order):
nographic - disable video console
sdl - choose the SDL UI frontend
gtk - choose the Gtk UI frontend
- gl - enable virgl-based GL acceleration (also needs gtk option)
- gl-es - enable virgl-based GL acceleration, using OpenGL ES (also needs gtk option)
- egl-headless - enable headless EGL output; use vnc or spice to see it
+ gl - enable virgl-based GL acceleration (also needs gtk or sdl options)
+ gl-es - enable virgl-based GL acceleration, using OpenGL ES (also needs gtk or sdl options)
+ egl-headless - enable headless EGL output; use vnc (via publicvnc option) or spice to see it
serial - enable a serial console on /dev/ttyS0
serialstdio - enable a serial console on the console (regardless of graphics mode)
slirp - enable user networking, no root privileges is required
@@ -437,7 +437,12 @@ class BaseConfig(object):
self.qemu_opt_script += ' -nographic'
self.kernel_cmdline_script += ' console=ttyS0'
elif arg == 'sdl':
- self.qemu_opt_script += ' -display sdl'
+ if 'gl' in sys.argv[1:]:
+ self.qemu_opt_script += ' -vga virtio -display sdl,gl=on'
+ elif 'gl-es' in sys.argv[1:]:
+ self.qemu_opt_script += ' -vga virtio -display sdl,gl=es'
+ else:
+ self.qemu_opt_script += ' -display sdl'
elif arg == 'gtk':
if 'gl' in sys.argv[1:]:
self.qemu_opt_script += ' -vga virtio -display gtk,gl=on'
--
2.17.1
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [PATCH 03/13] oe-selftest: extend virgl gtk test to also check the SDL option
2019-11-18 14:28 [PATCH 01/13] python: update to 2.7.17 Alexander Kanavin
2019-11-18 14:28 ` [PATCH 02/13] runqemu: add options that enable virgl with the SDL frontend Alexander Kanavin
@ 2019-11-18 14:28 ` Alexander Kanavin
2019-11-18 14:28 ` [PATCH 04/13] tiff: update to 4.1.0 Alexander Kanavin
` (9 subsequent siblings)
11 siblings, 0 replies; 29+ messages in thread
From: Alexander Kanavin @ 2019-11-18 14:28 UTC (permalink / raw)
To: openembedded-core
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
---
meta/lib/oeqa/selftest/cases/runtime_test.py | 17 +++++++++++++----
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/meta/lib/oeqa/selftest/cases/runtime_test.py b/meta/lib/oeqa/selftest/cases/runtime_test.py
index 4b56e5beca2..ccd2c40aa3f 100644
--- a/meta/lib/oeqa/selftest/cases/runtime_test.py
+++ b/meta/lib/oeqa/selftest/cases/runtime_test.py
@@ -166,9 +166,9 @@ class TestImage(OESelftestTestCase):
bitbake('core-image-full-cmdline socat')
bitbake('-c testimage core-image-full-cmdline')
- def test_testimage_virgl_gtk(self):
+ def test_testimage_virgl_gtk_sdl(self):
"""
- Summary: Check host-assisted accelerate OpenGL functionality in qemu with gtk frontend
+ Summary: Check host-assisted accelerate OpenGL functionality in qemu with gtk and SDL frontends
Expected: 1. Check that virgl kernel driver is loaded and 3d acceleration is enabled
2. Check that kmscube demo runs without crashing.
Product: oe-core
@@ -183,18 +183,27 @@ class TestImage(OESelftestTestCase):
self.skipTest('virgl isn\'t working with Centos 7')
qemu_packageconfig = get_bb_var('PACKAGECONFIG', 'qemu-system-native')
+ sdl_packageconfig = get_bb_var('PACKAGECONFIG', 'libsdl2-native')
features = 'INHERIT += "testimage"\n'
if 'gtk+' not in qemu_packageconfig:
features += 'PACKAGECONFIG_append_pn-qemu-system-native = " gtk+"\n'
+ if 'sdl' not in qemu_packageconfig:
+ features += 'PACKAGECONFIG_append_pn-qemu-system-native = " sdl"\n'
if 'virglrenderer' not in qemu_packageconfig:
features += 'PACKAGECONFIG_append_pn-qemu-system-native = " virglrenderer"\n'
if 'glx' not in qemu_packageconfig:
features += 'PACKAGECONFIG_append_pn-qemu-system-native = " glx"\n'
+ if 'opengl' not in sdl_packageconfig:
+ features += 'PACKAGECONFIG_append_pn-libsdl2-native = " opengl"\n'
features += 'TEST_SUITES = "ping ssh virgl"\n'
features += 'IMAGE_FEATURES_append = " ssh-server-dropbear"\n'
features += 'IMAGE_INSTALL_append = " kmscube"\n'
- features += 'TEST_RUNQEMUPARAMS = "gtk gl"\n'
- self.write_config(features)
+ features_gtk = features + 'TEST_RUNQEMUPARAMS = "gtk gl"\n'
+ self.write_config(features_gtk)
+ bitbake('core-image-minimal')
+ bitbake('-c testimage core-image-minimal')
+ features_sdl = features + 'TEST_RUNQEMUPARAMS = "sdl gl"\n'
+ self.write_config(features_sdl)
bitbake('core-image-minimal')
bitbake('-c testimage core-image-minimal')
--
2.17.1
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [PATCH 04/13] tiff: update to 4.1.0
2019-11-18 14:28 [PATCH 01/13] python: update to 2.7.17 Alexander Kanavin
2019-11-18 14:28 ` [PATCH 02/13] runqemu: add options that enable virgl with the SDL frontend Alexander Kanavin
2019-11-18 14:28 ` [PATCH 03/13] oe-selftest: extend virgl gtk test to also check the SDL option Alexander Kanavin
@ 2019-11-18 14:28 ` Alexander Kanavin
2019-11-18 14:28 ` [PATCH 05/13] librepo: upgrade 1.10.6 -> 1.11.0 Alexander Kanavin
` (8 subsequent siblings)
11 siblings, 0 replies; 29+ messages in thread
From: Alexander Kanavin @ 2019-11-18 14:28 UTC (permalink / raw)
To: openembedded-core
Drop backported patches.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
---
.../libtiff/tiff/CVE-2019-14973.patch | 415 ------------------
.../libtiff/tiff/CVE-2019-17546.patch | 103 -----
.../libtiff/tiff/CVE-2019-6128.patch | 52 ---
.../libtiff/tiff/CVE-2019-7663.patch | 77 ----
.../libtiff/{tiff_4.0.10.bb => tiff_4.1.0.bb} | 10 +-
5 files changed, 3 insertions(+), 654 deletions(-)
delete mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2019-14973.patch
delete mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2019-17546.patch
delete mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2019-6128.patch
delete mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2019-7663.patch
rename meta/recipes-multimedia/libtiff/{tiff_4.0.10.bb => tiff_4.1.0.bb} (85%)
diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2019-14973.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2019-14973.patch
deleted file mode 100644
index 8345295d07b..00000000000
--- a/meta/recipes-multimedia/libtiff/tiff/CVE-2019-14973.patch
+++ /dev/null
@@ -1,415 +0,0 @@
-From 95ac1e3fcc6b643b5bd100f2ea54faca0a003315 Mon Sep 17 00:00:00 2001
-From: Trevor Gamblin <trevor.gamblin@windriver.com>
-Date: Fri, 20 Sep 2019 09:33:22 -0400
-Subject: [PATCH] libtiff-fix-CVE-2019-14973
-
-Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/commit/2218055ca67d84be596a13080e8f50f22116555c]
-CVE: CVE-2019-14973
-
-Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
----
- libtiff/tif_aux.c | 49 +++++++++++++++++++++++++++++++++++++-----
- libtiff/tif_getimage.c | 6 ++----
- libtiff/tif_luv.c | 8 +------
- libtiff/tif_pixarlog.c | 7 +-----
- libtiff/tif_read.c | 38 +++++++++-----------------------
- libtiff/tif_strip.c | 35 ++++--------------------------
- libtiff/tif_tile.c | 27 +++--------------------
- libtiff/tiffiop.h | 7 +++++-
- 8 files changed, 71 insertions(+), 106 deletions(-)
-
-diff --git a/libtiff/tif_aux.c b/libtiff/tif_aux.c
-index 4ece162f..33fb8a44 100644
---- a/libtiff/tif_aux.c
-+++ b/libtiff/tif_aux.c
-@@ -57,18 +57,57 @@ _TIFFMultiply64(TIFF* tif, uint64 first, uint64 second, const char* where)
- return bytes;
- }
-
-+tmsize_t
-+_TIFFMultiplySSize(TIFF* tif, tmsize_t first, tmsize_t second, const char* where)
-+{
-+ if( first <= 0 || second <= 0 )
-+ {
-+ if( tif != NULL && where != NULL )
-+ {
-+ TIFFErrorExt(tif->tif_clientdata, where,
-+ "Invalid argument to _TIFFMultiplySSize() in %s", where);
-+ }
-+ return 0;
-+ }
-+
-+ if( first > TIFF_TMSIZE_T_MAX / second )
-+ {
-+ if( tif != NULL && where != NULL )
-+ {
-+ TIFFErrorExt(tif->tif_clientdata, where,
-+ "Integer overflow in %s", where);
-+ }
-+ return 0;
-+ }
-+ return first * second;
-+}
-+
-+tmsize_t _TIFFCastUInt64ToSSize(TIFF* tif, uint64 val, const char* module)
-+{
-+ if( val > (uint64)TIFF_TMSIZE_T_MAX )
-+ {
-+ if( tif != NULL && module != NULL )
-+ {
-+ TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow");
-+ }
-+ return 0;
-+ }
-+ return (tmsize_t)val;
-+}
-+
- void*
- _TIFFCheckRealloc(TIFF* tif, void* buffer,
- tmsize_t nmemb, tmsize_t elem_size, const char* what)
- {
- void* cp = NULL;
-- tmsize_t bytes = nmemb * elem_size;
--
-+ tmsize_t count = _TIFFMultiplySSize(tif, nmemb, elem_size, NULL);
- /*
-- * XXX: Check for integer overflow.
-+ * Check for integer overflow.
- */
-- if (nmemb && elem_size && bytes / elem_size == nmemb)
-- cp = _TIFFrealloc(buffer, bytes);
-+ if (count != 0)
-+ {
-+ cp = _TIFFrealloc(buffer, count);
-+ }
-
- if (cp == NULL) {
- TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
-diff --git a/libtiff/tif_getimage.c b/libtiff/tif_getimage.c
-index 6a9d5a7c..2106ca21 100644
---- a/libtiff/tif_getimage.c
-+++ b/libtiff/tif_getimage.c
-@@ -755,9 +755,8 @@ gtTileSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
- uint32 leftmost_tw;
-
- tilesize = TIFFTileSize(tif);
-- bufsize = TIFFSafeMultiply(tmsize_t,alpha?4:3,tilesize);
-+ bufsize = _TIFFMultiplySSize(tif, alpha?4:3,tilesize, "gtTileSeparate");
- if (bufsize == 0) {
-- TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in %s", "gtTileSeparate");
- return (0);
- }
-
-@@ -1019,9 +1018,8 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
- uint16 colorchannels;
-
- stripsize = TIFFStripSize(tif);
-- bufsize = TIFFSafeMultiply(tmsize_t,alpha?4:3,stripsize);
-+ bufsize = _TIFFMultiplySSize(tif,alpha?4:3,stripsize, "gtStripSeparate");
- if (bufsize == 0) {
-- TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in %s", "gtStripSeparate");
- return (0);
- }
-
-diff --git a/libtiff/tif_luv.c b/libtiff/tif_luv.c
-index aa35ea07..46d2dff2 100644
---- a/libtiff/tif_luv.c
-+++ b/libtiff/tif_luv.c
-@@ -1264,16 +1264,10 @@ LogL16GuessDataFmt(TIFFDirectory *td)
- return (SGILOGDATAFMT_UNKNOWN);
- }
-
--
--#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0))
--#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1)
--
- static tmsize_t
- multiply_ms(tmsize_t m1, tmsize_t m2)
- {
-- if( m1 == 0 || m2 > TIFF_TMSIZE_T_MAX / m1 )
-- return 0;
-- return m1 * m2;
-+ return _TIFFMultiplySSize(NULL, m1, m2, NULL);
- }
-
- static int
-diff --git a/libtiff/tif_pixarlog.c b/libtiff/tif_pixarlog.c
-index 7438d692..b52a3ee4 100644
---- a/libtiff/tif_pixarlog.c
-+++ b/libtiff/tif_pixarlog.c
-@@ -634,15 +634,10 @@ PixarLogGuessDataFmt(TIFFDirectory *td)
- return guess;
- }
-
--#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0))
--#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1)
--
- static tmsize_t
- multiply_ms(tmsize_t m1, tmsize_t m2)
- {
-- if( m1 == 0 || m2 > TIFF_TMSIZE_T_MAX / m1 )
-- return 0;
-- return m1 * m2;
-+ return _TIFFMultiplySSize(NULL, m1, m2, NULL);
- }
-
- static tmsize_t
-diff --git a/libtiff/tif_read.c b/libtiff/tif_read.c
-index e63810cc..8db39d7a 100644
---- a/libtiff/tif_read.c
-+++ b/libtiff/tif_read.c
-@@ -29,9 +29,6 @@
- #include "tiffiop.h"
- #include <stdio.h>
-
--#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0))
--#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1)
--
- int TIFFFillStrip(TIFF* tif, uint32 strip);
- int TIFFFillTile(TIFF* tif, uint32 tile);
- static int TIFFStartStrip(TIFF* tif, uint32 strip);
-@@ -49,6 +46,8 @@ TIFFReadRawTile1(TIFF* tif, uint32 tile, void* buf, tmsize_t size, const char* m
- #define THRESHOLD_MULTIPLIER 10
- #define MAX_THRESHOLD (THRESHOLD_MULTIPLIER * THRESHOLD_MULTIPLIER * THRESHOLD_MULTIPLIER * INITIAL_THRESHOLD)
-
-+#define TIFF_INT64_MAX ((((int64)0x7FFFFFFF) << 32) | 0xFFFFFFFF)
-+
- /* Read 'size' bytes in tif_rawdata buffer starting at offset 'rawdata_offset'
- * Returns 1 in case of success, 0 otherwise. */
- static int TIFFReadAndRealloc( TIFF* tif, tmsize_t size,
-@@ -734,23 +733,8 @@ TIFFReadRawStrip(TIFF* tif, uint32 strip, void* buf, tmsize_t size)
- return ((tmsize_t)(-1));
- }
- bytecount = td->td_stripbytecount[strip];
-- if ((int64)bytecount <= 0) {
--#if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
-- TIFFErrorExt(tif->tif_clientdata, module,
-- "%I64u: Invalid strip byte count, strip %lu",
-- (unsigned __int64) bytecount,
-- (unsigned long) strip);
--#else
-- TIFFErrorExt(tif->tif_clientdata, module,
-- "%llu: Invalid strip byte count, strip %lu",
-- (unsigned long long) bytecount,
-- (unsigned long) strip);
--#endif
-- return ((tmsize_t)(-1));
-- }
-- bytecountm = (tmsize_t)bytecount;
-- if ((uint64)bytecountm!=bytecount) {
-- TIFFErrorExt(tif->tif_clientdata, module, "Integer overflow");
-+ bytecountm = _TIFFCastUInt64ToSSize(tif, bytecount, module);
-+ if (bytecountm == 0) {
- return ((tmsize_t)(-1));
- }
- if (size != (tmsize_t)(-1) && size < bytecountm)
-@@ -774,7 +758,7 @@ TIFFFillStrip(TIFF* tif, uint32 strip)
- if ((tif->tif_flags&TIFF_NOREADRAW)==0)
- {
- uint64 bytecount = td->td_stripbytecount[strip];
-- if ((int64)bytecount <= 0) {
-+ if( bytecount == 0 || bytecount > (uint64)TIFF_INT64_MAX ) {
- #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
- TIFFErrorExt(tif->tif_clientdata, module,
- "Invalid strip byte count %I64u, strip %lu",
-@@ -801,7 +785,7 @@ TIFFFillStrip(TIFF* tif, uint32 strip)
- (bytecount - 4096) / 10 > (uint64)stripsize )
- {
- uint64 newbytecount = (uint64)stripsize * 10 + 4096;
-- if( (int64)newbytecount >= 0 )
-+ if( newbytecount == 0 || newbytecount > (uint64)TIFF_INT64_MAX )
- {
- #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
- TIFFWarningExt(tif->tif_clientdata, module,
-@@ -1196,10 +1180,8 @@ TIFFReadRawTile(TIFF* tif, uint32 tile, void* buf, tmsize_t size)
- bytecount64 = td->td_stripbytecount[tile];
- if (size != (tmsize_t)(-1) && (uint64)size < bytecount64)
- bytecount64 = (uint64)size;
-- bytecountm = (tmsize_t)bytecount64;
-- if ((uint64)bytecountm!=bytecount64)
-- {
-- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow");
-+ bytecountm = _TIFFCastUInt64ToSSize(tif, bytecount64, module);
-+ if( bytecountm == 0 ) {
- return ((tmsize_t)(-1));
- }
- return (TIFFReadRawTile1(tif, tile, buf, bytecountm, module));
-@@ -1221,7 +1203,7 @@ TIFFFillTile(TIFF* tif, uint32 tile)
- if ((tif->tif_flags&TIFF_NOREADRAW)==0)
- {
- uint64 bytecount = td->td_stripbytecount[tile];
-- if ((int64)bytecount <= 0) {
-+ if( bytecount == 0 || bytecount > (uint64)TIFF_INT64_MAX ) {
- #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
- TIFFErrorExt(tif->tif_clientdata, module,
- "%I64u: Invalid tile byte count, tile %lu",
-@@ -1248,7 +1230,7 @@ TIFFFillTile(TIFF* tif, uint32 tile)
- (bytecount - 4096) / 10 > (uint64)stripsize )
- {
- uint64 newbytecount = (uint64)stripsize * 10 + 4096;
-- if( (int64)newbytecount >= 0 )
-+ if( newbytecount == 0 || newbytecount > (uint64)TIFF_INT64_MAX )
- {
- #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
- TIFFWarningExt(tif->tif_clientdata, module,
-diff --git a/libtiff/tif_strip.c b/libtiff/tif_strip.c
-index 5b76fba5..2366acf0 100644
---- a/libtiff/tif_strip.c
-+++ b/libtiff/tif_strip.c
-@@ -129,15 +129,8 @@ TIFFVStripSize(TIFF* tif, uint32 nrows)
- {
- static const char module[] = "TIFFVStripSize";
- uint64 m;
-- tmsize_t n;
- m=TIFFVStripSize64(tif,nrows);
-- n=(tmsize_t)m;
-- if ((uint64)n!=m)
-- {
-- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow");
-- n=0;
-- }
-- return(n);
-+ return _TIFFCastUInt64ToSSize(tif, m, module);
- }
-
- /*
-@@ -211,15 +204,8 @@ TIFFStripSize(TIFF* tif)
- {
- static const char module[] = "TIFFStripSize";
- uint64 m;
-- tmsize_t n;
- m=TIFFStripSize64(tif);
-- n=(tmsize_t)m;
-- if ((uint64)n!=m)
-- {
-- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow");
-- n=0;
-- }
-- return(n);
-+ return _TIFFCastUInt64ToSSize(tif, m, module);
- }
-
- /*
-@@ -330,14 +316,8 @@ TIFFScanlineSize(TIFF* tif)
- {
- static const char module[] = "TIFFScanlineSize";
- uint64 m;
-- tmsize_t n;
- m=TIFFScanlineSize64(tif);
-- n=(tmsize_t)m;
-- if ((uint64)n!=m) {
-- TIFFErrorExt(tif->tif_clientdata,module,"Integer arithmetic overflow");
-- n=0;
-- }
-- return(n);
-+ return _TIFFCastUInt64ToSSize(tif, m, module);
- }
-
- /*
-@@ -366,15 +346,8 @@ TIFFRasterScanlineSize(TIFF* tif)
- {
- static const char module[] = "TIFFRasterScanlineSize";
- uint64 m;
-- tmsize_t n;
- m=TIFFRasterScanlineSize64(tif);
-- n=(tmsize_t)m;
-- if ((uint64)n!=m)
-- {
-- TIFFErrorExt(tif->tif_clientdata,module,"Integer arithmetic overflow");
-- n=0;
-- }
-- return(n);
-+ return _TIFFCastUInt64ToSSize(tif, m, module);
- }
-
- /* vim: set ts=8 sts=8 sw=8 noet: */
-diff --git a/libtiff/tif_tile.c b/libtiff/tif_tile.c
-index 58fe9354..661cc771 100644
---- a/libtiff/tif_tile.c
-+++ b/libtiff/tif_tile.c
-@@ -181,15 +181,8 @@ TIFFTileRowSize(TIFF* tif)
- {
- static const char module[] = "TIFFTileRowSize";
- uint64 m;
-- tmsize_t n;
- m=TIFFTileRowSize64(tif);
-- n=(tmsize_t)m;
-- if ((uint64)n!=m)
-- {
-- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow");
-- n=0;
-- }
-- return(n);
-+ return _TIFFCastUInt64ToSSize(tif, m, module);
- }
-
- /*
-@@ -248,15 +241,8 @@ TIFFVTileSize(TIFF* tif, uint32 nrows)
- {
- static const char module[] = "TIFFVTileSize";
- uint64 m;
-- tmsize_t n;
- m=TIFFVTileSize64(tif,nrows);
-- n=(tmsize_t)m;
-- if ((uint64)n!=m)
-- {
-- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow");
-- n=0;
-- }
-- return(n);
-+ return _TIFFCastUInt64ToSSize(tif, m, module);
- }
-
- /*
-@@ -272,15 +258,8 @@ TIFFTileSize(TIFF* tif)
- {
- static const char module[] = "TIFFTileSize";
- uint64 m;
-- tmsize_t n;
- m=TIFFTileSize64(tif);
-- n=(tmsize_t)m;
-- if ((uint64)n!=m)
-- {
-- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow");
-- n=0;
-- }
-- return(n);
-+ return _TIFFCastUInt64ToSSize(tif, m, module);
- }
-
- /*
-diff --git a/libtiff/tiffiop.h b/libtiff/tiffiop.h
-index 186c291f..558484fe 100644
---- a/libtiff/tiffiop.h
-+++ b/libtiff/tiffiop.h
-@@ -77,6 +77,9 @@ extern int snprintf(char* str, size_t size, const char* format, ...);
- #define FALSE 0
- #endif
-
-+#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0))
-+#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1)
-+
- typedef struct client_info {
- struct client_info *next;
- void *data;
-@@ -258,7 +261,7 @@ struct tiff {
- #define TIFFhowmany8_64(x) (((x)&0x07)?((uint64)(x)>>3)+1:(uint64)(x)>>3)
- #define TIFFroundup_64(x, y) (TIFFhowmany_64(x,y)*(y))
-
--/* Safe multiply which returns zero if there is an integer overflow */
-+/* Safe multiply which returns zero if there is an *unsigned* integer overflow. This macro is not safe for *signed* integer types */
- #define TIFFSafeMultiply(t,v,m) ((((t)(m) != (t)0) && (((t)(((v)*(m))/(m))) == (t)(v))) ? (t)((v)*(m)) : (t)0)
-
- #define TIFFmax(A,B) ((A)>(B)?(A):(B))
-@@ -368,6 +371,8 @@ extern TIFFErrorHandlerExt _TIFFerrorHandlerExt;
-
- extern uint32 _TIFFMultiply32(TIFF*, uint32, uint32, const char*);
- extern uint64 _TIFFMultiply64(TIFF*, uint64, uint64, const char*);
-+extern tmsize_t _TIFFMultiplySSize(TIFF*, tmsize_t, tmsize_t, const char*);
-+extern tmsize_t _TIFFCastUInt64ToSSize(TIFF*, uint64, const char*);
- extern void* _TIFFCheckMalloc(TIFF*, tmsize_t, tmsize_t, const char*);
- extern void* _TIFFCheckRealloc(TIFF*, void*, tmsize_t, tmsize_t, const char*);
-
---
-2.17.1
-
diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2019-17546.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2019-17546.patch
deleted file mode 100644
index 04c5410930a..00000000000
--- a/meta/recipes-multimedia/libtiff/tiff/CVE-2019-17546.patch
+++ /dev/null
@@ -1,103 +0,0 @@
-libtiff: fix CVE-2019-17546
-
-Added after 4.0.10 release.
-
-CVE: CVE-2019-17546
-Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff]
-Signed-off-by: Joe Slater <joe.slater@windriver.com>
-
-commit 4bb584a35f87af42d6cf09d15e9ce8909a839145
-Author: Even Rouault <even.rouault@spatialys.com>
-Date: Thu Aug 15 15:05:28 2019 +0200
-
- RGBA interface: fix integer overflow potentially causing write heap buffer overflow, especially on 32 bit builds. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16443. Credit to OSS Fuzz
-
-diff --git a/libtiff/tif_getimage.c b/libtiff/tif_getimage.c
-index c88b5fa..4da785d 100644
---- a/libtiff/tif_getimage.c
-+++ b/libtiff/tif_getimage.c
-@@ -949,16 +949,23 @@ gtStripContig(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
- fromskew = (w < imagewidth ? imagewidth - w : 0);
- for (row = 0; row < h; row += nrow)
- {
-+ uint32 temp;
- rowstoread = rowsperstrip - (row + img->row_offset) % rowsperstrip;
- nrow = (row + rowstoread > h ? h - row : rowstoread);
- nrowsub = nrow;
- if ((nrowsub%subsamplingver)!=0)
- nrowsub+=subsamplingver-nrowsub%subsamplingver;
-+ temp = (row + img->row_offset)%rowsperstrip + nrowsub;
-+ if( scanline > 0 && temp > (size_t)(TIFF_TMSIZE_T_MAX / scanline) )
-+ {
-+ TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in gtStripContig");
-+ return 0;
-+ }
- if (_TIFFReadEncodedStripAndAllocBuffer(tif,
- TIFFComputeStrip(tif,row+img->row_offset, 0),
- (void**)(&buf),
- maxstripsize,
-- ((row + img->row_offset)%rowsperstrip + nrowsub) * scanline)==(tmsize_t)(-1)
-+ temp * scanline)==(tmsize_t)(-1)
- && (buf == NULL || img->stoponerr))
- {
- ret = 0;
-@@ -1051,15 +1058,22 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
- fromskew = (w < imagewidth ? imagewidth - w : 0);
- for (row = 0; row < h; row += nrow)
- {
-+ uint32 temp;
- rowstoread = rowsperstrip - (row + img->row_offset) % rowsperstrip;
- nrow = (row + rowstoread > h ? h - row : rowstoread);
- offset_row = row + img->row_offset;
-+ temp = (row + img->row_offset)%rowsperstrip + nrow;
-+ if( scanline > 0 && temp > (size_t)(TIFF_TMSIZE_T_MAX / scanline) )
-+ {
-+ TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in gtStripSeparate");
-+ return 0;
-+ }
- if( buf == NULL )
- {
- if (_TIFFReadEncodedStripAndAllocBuffer(
- tif, TIFFComputeStrip(tif, offset_row, 0),
- (void**) &buf, bufsize,
-- ((row + img->row_offset)%rowsperstrip + nrow) * scanline)==(tmsize_t)(-1)
-+ temp * scanline)==(tmsize_t)(-1)
- && (buf == NULL || img->stoponerr))
- {
- ret = 0;
-@@ -1079,7 +1093,7 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
- }
- }
- else if (TIFFReadEncodedStrip(tif, TIFFComputeStrip(tif, offset_row, 0),
-- p0, ((row + img->row_offset)%rowsperstrip + nrow) * scanline)==(tmsize_t)(-1)
-+ p0, temp * scanline)==(tmsize_t)(-1)
- && img->stoponerr)
- {
- ret = 0;
-@@ -1087,7 +1101,7 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
- }
- if (colorchannels > 1
- && TIFFReadEncodedStrip(tif, TIFFComputeStrip(tif, offset_row, 1),
-- p1, ((row + img->row_offset)%rowsperstrip + nrow) * scanline) == (tmsize_t)(-1)
-+ p1, temp * scanline) == (tmsize_t)(-1)
- && img->stoponerr)
- {
- ret = 0;
-@@ -1095,7 +1109,7 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
- }
- if (colorchannels > 1
- && TIFFReadEncodedStrip(tif, TIFFComputeStrip(tif, offset_row, 2),
-- p2, ((row + img->row_offset)%rowsperstrip + nrow) * scanline) == (tmsize_t)(-1)
-+ p2, temp * scanline) == (tmsize_t)(-1)
- && img->stoponerr)
- {
- ret = 0;
-@@ -1104,7 +1118,7 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
- if (alpha)
- {
- if (TIFFReadEncodedStrip(tif, TIFFComputeStrip(tif, offset_row, colorchannels),
-- pa, ((row + img->row_offset)%rowsperstrip + nrow) * scanline)==(tmsize_t)(-1)
-+ pa, temp * scanline)==(tmsize_t)(-1)
- && img->stoponerr)
- {
- ret = 0;
diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2019-6128.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2019-6128.patch
deleted file mode 100644
index 6f1fd4d4478..00000000000
--- a/meta/recipes-multimedia/libtiff/tiff/CVE-2019-6128.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-CVE: CVE-2019-6128
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-
-From 0c74a9f49b8d7a36b17b54a7428b3526d20f88a8 Mon Sep 17 00:00:00 2001
-From: Scott Gayou <github.scott@gmail.com>
-Date: Wed, 23 Jan 2019 15:03:53 -0500
-Subject: [PATCH] Fix for simple memory leak that was assigned CVE-2019-6128.
-
-pal2rgb failed to free memory on a few errors. This was reported
-here: http://bugzilla.maptools.org/show_bug.cgi?id=2836.
----
- tools/pal2rgb.c | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/tools/pal2rgb.c b/tools/pal2rgb.c
-index 01d8502ec..9492f1cf1 100644
---- a/tools/pal2rgb.c
-+++ b/tools/pal2rgb.c
-@@ -118,12 +118,14 @@ main(int argc, char* argv[])
- shortv != PHOTOMETRIC_PALETTE) {
- fprintf(stderr, "%s: Expecting a palette image.\n",
- argv[optind]);
-+ (void) TIFFClose(in);
- return (-1);
- }
- if (!TIFFGetField(in, TIFFTAG_COLORMAP, &rmap, &gmap, &bmap)) {
- fprintf(stderr,
- "%s: No colormap (not a valid palette image).\n",
- argv[optind]);
-+ (void) TIFFClose(in);
- return (-1);
- }
- bitspersample = 0;
-@@ -131,11 +133,14 @@ main(int argc, char* argv[])
- if (bitspersample != 8) {
- fprintf(stderr, "%s: Sorry, can only handle 8-bit images.\n",
- argv[optind]);
-+ (void) TIFFClose(in);
- return (-1);
- }
- out = TIFFOpen(argv[optind+1], "w");
-- if (out == NULL)
-+ if (out == NULL) {
-+ (void) TIFFClose(in);
- return (-2);
-+ }
- cpTags(in, out);
- TIFFGetField(in, TIFFTAG_IMAGEWIDTH, &imagewidth);
- TIFFGetField(in, TIFFTAG_IMAGELENGTH, &imagelength);
---
-2.21.0
diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2019-7663.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2019-7663.patch
deleted file mode 100644
index f244fb2f324..00000000000
--- a/meta/recipes-multimedia/libtiff/tiff/CVE-2019-7663.patch
+++ /dev/null
@@ -1,77 +0,0 @@
-CVE: CVE-2019-7663
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-
-From c6fc6c1fa895024c86285c58efd6424cf8078f32 Mon Sep 17 00:00:00 2001
-From: Thomas Bernard <miniupnp@free.fr>
-Date: Mon, 11 Feb 2019 10:05:33 +0100
-Subject: [PATCH 1/2] check that (Tile Width)*(Samples/Pixel) do no overflow
-
-fixes bug 2833
----
- tools/tiffcp.c | 8 +++++++-
- 1 file changed, 7 insertions(+), 1 deletion(-)
-
-diff --git a/tools/tiffcp.c b/tools/tiffcp.c
-index 2f406e2d..f0ee2c02 100644
---- a/tools/tiffcp.c
-+++ b/tools/tiffcp.c
-@@ -1408,7 +1408,7 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer)
- int status = 1;
- uint32 imagew = TIFFRasterScanlineSize(in);
- uint32 tilew = TIFFTileRowSize(in);
-- int iskew = imagew - tilew*spp;
-+ int iskew;
- tsize_t tilesize = TIFFTileSize(in);
- tdata_t tilebuf;
- uint8* bufp = (uint8*) buf;
-@@ -1416,6 +1416,12 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer)
- uint32 row;
- uint16 bps = 0, bytes_per_sample;
-
-+ if (spp > (0x7fffffff / tilew))
-+ {
-+ TIFFError(TIFFFileName(in), "Error, cannot handle that much samples per tile row (Tile Width * Samples/Pixel)");
-+ return 0;
-+ }
-+ iskew = imagew - tilew*spp;
- tilebuf = _TIFFmalloc(tilesize);
- if (tilebuf == 0)
- return 0;
---
-2.20.1
-
-
-From da6454aa80b9bb3154dfab4e8b21637de47531e0 Mon Sep 17 00:00:00 2001
-From: Thomas Bernard <miniupnp@free.fr>
-Date: Mon, 11 Feb 2019 21:42:03 +0100
-Subject: [PATCH 2/2] tiffcp.c: use INT_MAX
-
----
- tools/tiffcp.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/tools/tiffcp.c b/tools/tiffcp.c
-index f0ee2c02..8c81aa4f 100644
---- a/tools/tiffcp.c
-+++ b/tools/tiffcp.c
-@@ -41,6 +41,7 @@
- #include <stdio.h>
- #include <stdlib.h>
- #include <string.h>
-+#include <limits.h>
-
- #include <ctype.h>
-
-@@ -1416,7 +1417,7 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer)
- uint32 row;
- uint16 bps = 0, bytes_per_sample;
-
-- if (spp > (0x7fffffff / tilew))
-+ if (spp > (INT_MAX / tilew))
- {
- TIFFError(TIFFFileName(in), "Error, cannot handle that much samples per tile row (Tile Width * Samples/Pixel)");
- return 0;
---
-2.20.1
-
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.0.10.bb b/meta/recipes-multimedia/libtiff/tiff_4.1.0.bb
similarity index 85%
rename from meta/recipes-multimedia/libtiff/tiff_4.0.10.bb
rename to meta/recipes-multimedia/libtiff/tiff_4.1.0.bb
index 5c008c53fed..1f92c185131 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.0.10.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.1.0.bb
@@ -5,13 +5,9 @@ LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=34da3db46fab7501992f9615d7e158cf"
CVE_PRODUCT = "libtiff"
SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
- file://CVE-2019-6128.patch \
- file://CVE-2019-7663.patch \
- file://CVE-2019-14973.patch \
- file://CVE-2019-17546.patch \
-"
-SRC_URI[md5sum] = "114192d7ebe537912a2b97408832e7fd"
-SRC_URI[sha256sum] = "2c52d11ccaf767457db0c46795d9c7d1a8d8f76f68b0b800a3dfe45786b996e4"
+ "
+SRC_URI[md5sum] = "2165e7aba557463acc0664e71a3ed424"
+SRC_URI[sha256sum] = "5d29f32517dadb6dbcd1255ea5bbc93a2b54b94fbf83653b4d65c7d6775b8634"
# exclude betas
UPSTREAM_CHECK_REGEX = "tiff-(?P<pver>\d+(\.\d+)+).tar"
--
2.17.1
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [PATCH 05/13] librepo: upgrade 1.10.6 -> 1.11.0
2019-11-18 14:28 [PATCH 01/13] python: update to 2.7.17 Alexander Kanavin
` (2 preceding siblings ...)
2019-11-18 14:28 ` [PATCH 04/13] tiff: update to 4.1.0 Alexander Kanavin
@ 2019-11-18 14:28 ` Alexander Kanavin
2019-11-18 14:28 ` [PATCH 06/13] btrfs-tools: upgrade 5.3 -> 5.3.1 Alexander Kanavin
` (7 subsequent siblings)
11 siblings, 0 replies; 29+ messages in thread
From: Alexander Kanavin @ 2019-11-18 14:28 UTC (permalink / raw)
To: openembedded-core
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
---
.../librepo/{librepo_1.10.6.bb => librepo_1.11.0.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-devtools/librepo/{librepo_1.10.6.bb => librepo_1.11.0.bb} (93%)
diff --git a/meta/recipes-devtools/librepo/librepo_1.10.6.bb b/meta/recipes-devtools/librepo/librepo_1.11.0.bb
similarity index 93%
rename from meta/recipes-devtools/librepo/librepo_1.10.6.bb
rename to meta/recipes-devtools/librepo/librepo_1.11.0.bb
index cf4de22c474..30c8a5c55d5 100644
--- a/meta/recipes-devtools/librepo/librepo_1.10.6.bb
+++ b/meta/recipes-devtools/librepo/librepo_1.11.0.bb
@@ -8,7 +8,7 @@ SRC_URI = "git://github.com/rpm-software-management/librepo.git \
file://0004-Set-gpgme-variables-with-pkg-config-not-with-cmake-m.patch \
"
-SRCREV = "2ec349f1c686c1704dc83da6c118035ff57c8dea"
+SRCREV = "497f5eb2293662835bed6bdb0f43521788b2cebe"
S = "${WORKDIR}/git"
--
2.17.1
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [PATCH 06/13] btrfs-tools: upgrade 5.3 -> 5.3.1
2019-11-18 14:28 [PATCH 01/13] python: update to 2.7.17 Alexander Kanavin
` (3 preceding siblings ...)
2019-11-18 14:28 ` [PATCH 05/13] librepo: upgrade 1.10.6 -> 1.11.0 Alexander Kanavin
@ 2019-11-18 14:28 ` Alexander Kanavin
2019-11-18 14:28 ` [PATCH 07/13] psmisc: update to 23.3 Alexander Kanavin
` (6 subsequent siblings)
11 siblings, 0 replies; 29+ messages in thread
From: Alexander Kanavin @ 2019-11-18 14:28 UTC (permalink / raw)
To: openembedded-core
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
---
.../btrfs-tools/{btrfs-tools_5.3.bb => btrfs-tools_5.3.1.bb} | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-devtools/btrfs-tools/{btrfs-tools_5.3.bb => btrfs-tools_5.3.1.bb} (97%)
diff --git a/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.3.bb b/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.3.1.bb
similarity index 97%
rename from meta/recipes-devtools/btrfs-tools/btrfs-tools_5.3.bb
rename to meta/recipes-devtools/btrfs-tools/btrfs-tools_5.3.1.bb
index 12b5c4562dc..a44c0bc87af 100644
--- a/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.3.bb
+++ b/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.3.1.bb
@@ -14,7 +14,7 @@ DEPENDS = "util-linux attr e2fsprogs lzo acl"
DEPENDS_append_class-target = " udev"
RDEPENDS_${PN} = "libgcc"
-SRCREV = "de7856cee5907938441f765ebab7cc106b7faf70"
+SRCREV = "f82e569b33c3c1cfd4f8f405085ff8d439a0a915"
SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/kdave/btrfs-progs.git \
file://0001-Add-a-possibility-to-specify-where-python-modules-ar.patch \
"
--
2.17.1
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [PATCH 07/13] psmisc: update to 23.3
2019-11-18 14:28 [PATCH 01/13] python: update to 2.7.17 Alexander Kanavin
` (4 preceding siblings ...)
2019-11-18 14:28 ` [PATCH 06/13] btrfs-tools: upgrade 5.3 -> 5.3.1 Alexander Kanavin
@ 2019-11-18 14:28 ` Alexander Kanavin
2019-11-19 12:37 ` Mittal, Anuj
2019-11-18 14:28 ` [PATCH 08/13] libxslt: update to 1.1.34 Alexander Kanavin
` (5 subsequent siblings)
11 siblings, 1 reply; 29+ messages in thread
From: Alexander Kanavin @ 2019-11-18 14:28 UTC (permalink / raw)
To: openembedded-core
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
---
...am-create-src-directory-before-attempting-t.patch | 12 +++++-------
.../psmisc/{psmisc_23.2.bb => psmisc_23.3.bb} | 2 +-
2 files changed, 6 insertions(+), 8 deletions(-)
rename meta/recipes-extended/psmisc/{psmisc_23.2.bb => psmisc_23.3.bb} (87%)
diff --git a/meta/recipes-extended/psmisc/psmisc/0001-Makefile.am-create-src-directory-before-attempting-t.patch b/meta/recipes-extended/psmisc/psmisc/0001-Makefile.am-create-src-directory-before-attempting-t.patch
index 4d44495fd3f..9451303dd7b 100644
--- a/meta/recipes-extended/psmisc/psmisc/0001-Makefile.am-create-src-directory-before-attempting-t.patch
+++ b/meta/recipes-extended/psmisc/psmisc/0001-Makefile.am-create-src-directory-before-attempting-t.patch
@@ -1,4 +1,4 @@
-From 285877b7761d74736aca2687ed9bef2f78b82c33 Mon Sep 17 00:00:00 2001
+From dac375f640fecd45e6254a8d870ee37ec8f41670 Mon Sep 17 00:00:00 2001
From: Alexander Kanavin <alex.kanavin@gmail.com>
Date: Thu, 2 Nov 2017 16:21:22 +0200
Subject: [PATCH] Makefile.am: create src directory before attempting to write
@@ -8,23 +8,21 @@ Otherwise out of tree builds will fail.
Upstream-Status: Pending
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
+
---
Makefile.am | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile.am b/Makefile.am
-index 9f61ab4..b4ced7f 100644
+index 441ae94..882969d 100644
--- a/Makefile.am
+++ b/Makefile.am
-@@ -79,7 +79,7 @@ EXTRA_DIST = src/signames.c README.md
+@@ -86,7 +86,7 @@ EXTRA_DIST = src/signames.c README.md misc/git-version-gen
CLEANFILES = src/signames.h
- src/signames.h: src/signames.c Makefile
+ src/signames.h: src/signames.c Makefile src/$(am__dirstamp)
- export LC_ALL=C ; \
+ export LC_ALL=C ; mkdir -p src ; \
@CPP@ -dM $< |\
tr -s '\t ' ' ' | sort -n -k 3 | sed \
's:#define SIG\([A-Z][A-Z]*[0-9]*\) \([0-9][0-9]*\).*$\:{\ \2,"\1" },:p;d' | \
---
-2.14.2
-
diff --git a/meta/recipes-extended/psmisc/psmisc_23.2.bb b/meta/recipes-extended/psmisc/psmisc_23.3.bb
similarity index 87%
rename from meta/recipes-extended/psmisc/psmisc_23.2.bb
rename to meta/recipes-extended/psmisc/psmisc_23.3.bb
index 38e0a440587..b3c3c7e5a84 100644
--- a/meta/recipes-extended/psmisc/psmisc_23.2.bb
+++ b/meta/recipes-extended/psmisc/psmisc_23.3.bb
@@ -6,5 +6,5 @@ SRC_URI = "git://gitlab.com/psmisc/psmisc.git;protocol=https \
file://0001-Use-UINTPTR_MAX-instead-of-__WORDSIZE.patch \
file://0001-Makefile.am-create-src-directory-before-attempting-t.patch \
"
-SRCREV = "44eab9a3a63394eae6b79a7ef0a042f57e0c8a8f"
+SRCREV = "78bde849041e6c914a2a517ebe1255b86dc98772"
S = "${WORKDIR}/git"
--
2.17.1
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [PATCH 08/13] libxslt: update to 1.1.34
2019-11-18 14:28 [PATCH 01/13] python: update to 2.7.17 Alexander Kanavin
` (5 preceding siblings ...)
2019-11-18 14:28 ` [PATCH 07/13] psmisc: update to 23.3 Alexander Kanavin
@ 2019-11-18 14:28 ` Alexander Kanavin
2019-11-18 14:28 ` [PATCH 09/13] Revert "devtool/standard.py: Not filtering devtool workspace for devtool finish" Alexander Kanavin
` (4 subsequent siblings)
11 siblings, 0 replies; 29+ messages in thread
From: Alexander Kanavin @ 2019-11-18 14:28 UTC (permalink / raw)
To: openembedded-core
Drop backported patches.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
---
.../0001-Fix-security-framework-bypass.patch | 124 ------------------
.../libxslt/files/CVE-2019-13117.patch | 33 -----
.../libxslt/files/CVE-2019-13118.patch | 76 -----------
.../libxslt/files/CVE-2019-18197.patch | 33 -----
.../{libxslt_1.1.33.bb => libxslt_1.1.34.bb} | 12 +-
5 files changed, 4 insertions(+), 274 deletions(-)
delete mode 100644 meta/recipes-support/libxslt/files/0001-Fix-security-framework-bypass.patch
delete mode 100644 meta/recipes-support/libxslt/files/CVE-2019-13117.patch
delete mode 100644 meta/recipes-support/libxslt/files/CVE-2019-13118.patch
delete mode 100644 meta/recipes-support/libxslt/files/CVE-2019-18197.patch
rename meta/recipes-support/libxslt/{libxslt_1.1.33.bb => libxslt_1.1.34.bb} (81%)
diff --git a/meta/recipes-support/libxslt/files/0001-Fix-security-framework-bypass.patch b/meta/recipes-support/libxslt/files/0001-Fix-security-framework-bypass.patch
deleted file mode 100644
index 89b647ddbf1..00000000000
--- a/meta/recipes-support/libxslt/files/0001-Fix-security-framework-bypass.patch
+++ /dev/null
@@ -1,124 +0,0 @@
-From e03553605b45c88f0b4b2980adfbbb8f6fca2fd6 Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Sun, 24 Mar 2019 09:51:39 +0100
-Subject: Fix security framework bypass
-
-xsltCheckRead and xsltCheckWrite return -1 in case of error but callers
-don't check for this condition and allow access. With a specially
-crafted URL, xsltCheckRead could be tricked into returning an error
-because of a supposedly invalid URL that would still be loaded
-succesfully later on.
-
-Fixes #12.
-
-Thanks to Felix Wilhelm for the report.
-
-Signed-off-by: Adrian Bunk <bunk@stusta.de>
-Upstream-Status: Backport
-CVE: CVE-2019-11068
----
- libxslt/documents.c | 18 ++++++++++--------
- libxslt/imports.c | 9 +++++----
- libxslt/transform.c | 9 +++++----
- libxslt/xslt.c | 9 +++++----
- 4 files changed, 25 insertions(+), 20 deletions(-)
-
-diff --git a/libxslt/documents.c b/libxslt/documents.c
-index 3f3a7312..4aad11bb 100644
---- a/libxslt/documents.c
-+++ b/libxslt/documents.c
-@@ -296,10 +296,11 @@ xsltLoadDocument(xsltTransformContextPtr ctxt, const xmlChar *URI) {
- int res;
-
- res = xsltCheckRead(ctxt->sec, ctxt, URI);
-- if (res == 0) {
-- xsltTransformError(ctxt, NULL, NULL,
-- "xsltLoadDocument: read rights for %s denied\n",
-- URI);
-+ if (res <= 0) {
-+ if (res == 0)
-+ xsltTransformError(ctxt, NULL, NULL,
-+ "xsltLoadDocument: read rights for %s denied\n",
-+ URI);
- return(NULL);
- }
- }
-@@ -372,10 +373,11 @@ xsltLoadStyleDocument(xsltStylesheetPtr style, const xmlChar *URI) {
- int res;
-
- res = xsltCheckRead(sec, NULL, URI);
-- if (res == 0) {
-- xsltTransformError(NULL, NULL, NULL,
-- "xsltLoadStyleDocument: read rights for %s denied\n",
-- URI);
-+ if (res <= 0) {
-+ if (res == 0)
-+ xsltTransformError(NULL, NULL, NULL,
-+ "xsltLoadStyleDocument: read rights for %s denied\n",
-+ URI);
- return(NULL);
- }
- }
-diff --git a/libxslt/imports.c b/libxslt/imports.c
-index 874870cc..3783b247 100644
---- a/libxslt/imports.c
-+++ b/libxslt/imports.c
-@@ -130,10 +130,11 @@ xsltParseStylesheetImport(xsltStylesheetPtr style, xmlNodePtr cur) {
- int secres;
-
- secres = xsltCheckRead(sec, NULL, URI);
-- if (secres == 0) {
-- xsltTransformError(NULL, NULL, NULL,
-- "xsl:import: read rights for %s denied\n",
-- URI);
-+ if (secres <= 0) {
-+ if (secres == 0)
-+ xsltTransformError(NULL, NULL, NULL,
-+ "xsl:import: read rights for %s denied\n",
-+ URI);
- goto error;
- }
- }
-diff --git a/libxslt/transform.c b/libxslt/transform.c
-index 13793914..0636dbd0 100644
---- a/libxslt/transform.c
-+++ b/libxslt/transform.c
-@@ -3493,10 +3493,11 @@ xsltDocumentElem(xsltTransformContextPtr ctxt, xmlNodePtr node,
- */
- if (ctxt->sec != NULL) {
- ret = xsltCheckWrite(ctxt->sec, ctxt, filename);
-- if (ret == 0) {
-- xsltTransformError(ctxt, NULL, inst,
-- "xsltDocumentElem: write rights for %s denied\n",
-- filename);
-+ if (ret <= 0) {
-+ if (ret == 0)
-+ xsltTransformError(ctxt, NULL, inst,
-+ "xsltDocumentElem: write rights for %s denied\n",
-+ filename);
- xmlFree(URL);
- xmlFree(filename);
- return;
-diff --git a/libxslt/xslt.c b/libxslt/xslt.c
-index 780a5ad7..a234eb79 100644
---- a/libxslt/xslt.c
-+++ b/libxslt/xslt.c
-@@ -6763,10 +6763,11 @@ xsltParseStylesheetFile(const xmlChar* filename) {
- int res;
-
- res = xsltCheckRead(sec, NULL, filename);
-- if (res == 0) {
-- xsltTransformError(NULL, NULL, NULL,
-- "xsltParseStylesheetFile: read rights for %s denied\n",
-- filename);
-+ if (res <= 0) {
-+ if (res == 0)
-+ xsltTransformError(NULL, NULL, NULL,
-+ "xsltParseStylesheetFile: read rights for %s denied\n",
-+ filename);
- return(NULL);
- }
- }
---
-2.20.1
-
diff --git a/meta/recipes-support/libxslt/files/CVE-2019-13117.patch b/meta/recipes-support/libxslt/files/CVE-2019-13117.patch
deleted file mode 100644
index ef3f2709f73..00000000000
--- a/meta/recipes-support/libxslt/files/CVE-2019-13117.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From c5eb6cf3aba0af048596106ed839b4ae17ecbcb1 Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Sat, 27 Apr 2019 11:19:48 +0200
-Subject: [PATCH] Fix uninitialized read of xsl:number token
-
-Found by OSS-Fuzz.
-
-CVE: CVE-2019-13117
-Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxslt/commit/c5eb6cf3aba0af048596106ed839b4ae17ecbcb1]
-Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
----
- libxslt/numbers.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/libxslt/numbers.c b/libxslt/numbers.c
-index 89e1f668..75c31eba 100644
---- a/libxslt/numbers.c
-+++ b/libxslt/numbers.c
-@@ -382,7 +382,10 @@ xsltNumberFormatTokenize(const xmlChar *format,
- tokens->tokens[tokens->nTokens].token = val - 1;
- ix += len;
- val = xmlStringCurrentChar(NULL, format+ix, &len);
-- }
-+ } else {
-+ tokens->tokens[tokens->nTokens].token = (xmlChar)'0';
-+ tokens->tokens[tokens->nTokens].width = 1;
-+ }
- } else if ( (val == (xmlChar)'A') ||
- (val == (xmlChar)'a') ||
- (val == (xmlChar)'I') ||
---
-2.21.0
-
diff --git a/meta/recipes-support/libxslt/files/CVE-2019-13118.patch b/meta/recipes-support/libxslt/files/CVE-2019-13118.patch
deleted file mode 100644
index 595e6c2f336..00000000000
--- a/meta/recipes-support/libxslt/files/CVE-2019-13118.patch
+++ /dev/null
@@ -1,76 +0,0 @@
-From 6ce8de69330783977dd14f6569419489875fb71b Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Mon, 3 Jun 2019 13:14:45 +0200
-Subject: [PATCH] Fix uninitialized read with UTF-8 grouping chars
-
-The character type in xsltFormatNumberConversion was too narrow and
-an invalid character/length combination could be passed to
-xsltNumberFormatDecimal, resulting in an uninitialized read.
-
-Found by OSS-Fuzz.
-
-CVE: CVE-2019-13118
-Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b]
-Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
-
----
- libxslt/numbers.c | 5 +++--
- tests/docs/bug-222.xml | 1 +
- tests/general/bug-222.out | 2 ++
- tests/general/bug-222.xsl | 6 ++++++
- 4 files changed, 12 insertions(+), 2 deletions(-)
- create mode 100644 tests/docs/bug-222.xml
- create mode 100644 tests/general/bug-222.out
- create mode 100644 tests/general/bug-222.xsl
-
-diff --git a/libxslt/numbers.c b/libxslt/numbers.c
-index f1ed8846..20b99d5a 100644
---- a/libxslt/numbers.c
-+++ b/libxslt/numbers.c
-@@ -1298,13 +1298,14 @@ OUTPUT_NUMBER:
- number = floor((scale * number + 0.5)) / scale;
- if ((self->grouping != NULL) &&
- (self->grouping[0] != 0)) {
-+ int gchar;
-
- len = xmlStrlen(self->grouping);
-- pchar = xsltGetUTF8Char(self->grouping, &len);
-+ gchar = xsltGetUTF8Char(self->grouping, &len);
- xsltNumberFormatDecimal(buffer, floor(number), self->zeroDigit[0],
- format_info.integer_digits,
- format_info.group,
-- pchar, len);
-+ gchar, len);
- } else
- xsltNumberFormatDecimal(buffer, floor(number), self->zeroDigit[0],
- format_info.integer_digits,
-diff --git a/tests/docs/bug-222.xml b/tests/docs/bug-222.xml
-new file mode 100644
-index 00000000..69d62f2c
---- /dev/null
-+++ b/tests/docs/bug-222.xml
-@@ -0,0 +1 @@
-+<doc/>
-diff --git a/tests/general/bug-222.out b/tests/general/bug-222.out
-new file mode 100644
-index 00000000..e3139698
---- /dev/null
-+++ b/tests/general/bug-222.out
-@@ -0,0 +1,2 @@
-+<?xml version="1.0"?>
-+1⠢0
-diff --git a/tests/general/bug-222.xsl b/tests/general/bug-222.xsl
-new file mode 100644
-index 00000000..e32dc473
---- /dev/null
-+++ b/tests/general/bug-222.xsl
-@@ -0,0 +1,6 @@
-+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
-+ <xsl:decimal-format name="f" grouping-separator="⠢"/>
-+ <xsl:template match="/">
-+ <xsl:value-of select="format-number(10,'#⠢0','f')"/>
-+ </xsl:template>
-+</xsl:stylesheet>
---
-2.21.0
-
diff --git a/meta/recipes-support/libxslt/files/CVE-2019-18197.patch b/meta/recipes-support/libxslt/files/CVE-2019-18197.patch
deleted file mode 100644
index 5f2b620396f..00000000000
--- a/meta/recipes-support/libxslt/files/CVE-2019-18197.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-libxslt: fix CVE-2019-18197
-
-Added after 1.1.33 release.
-
-CVE: CVE-2019-18197
-Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxslt.git]
-Signed-off-by: Joe Slater <joe.slater@windriver.com>
-
-commit 2232473733b7313d67de8836ea3b29eec6e8e285
-Author: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Sat Aug 17 16:51:53 2019 +0200
-
- Fix dangling pointer in xsltCopyText
-
- xsltCopyText didn't reset ctxt->lasttext in some cases which could
- lead to various memory errors in relation with CDATA sections in input
- documents.
-
- Found by OSS-Fuzz.
-
-diff --git a/libxslt/transform.c b/libxslt/transform.c
-index 95ebd07..d7ab0b6 100644
---- a/libxslt/transform.c
-+++ b/libxslt/transform.c
-@@ -1094,6 +1094,8 @@ xsltCopyText(xsltTransformContextPtr ctxt, xmlNodePtr target,
- if ((copy->content = xmlStrdup(cur->content)) == NULL)
- return NULL;
- }
-+
-+ ctxt->lasttext = NULL;
- } else {
- /*
- * normal processing. keep counters to extend the text node
diff --git a/meta/recipes-support/libxslt/libxslt_1.1.33.bb b/meta/recipes-support/libxslt/libxslt_1.1.34.bb
similarity index 81%
rename from meta/recipes-support/libxslt/libxslt_1.1.33.bb
rename to meta/recipes-support/libxslt/libxslt_1.1.34.bb
index 9f268e7bb03..ad37b5a44a0 100644
--- a/meta/recipes-support/libxslt/libxslt_1.1.33.bb
+++ b/meta/recipes-support/libxslt/libxslt_1.1.34.bb
@@ -9,14 +9,10 @@ SECTION = "libs"
DEPENDS = "libxml2"
SRC_URI = "http://xmlsoft.org/sources/libxslt-${PV}.tar.gz \
- file://0001-Fix-security-framework-bypass.patch \
- file://CVE-2019-13117.patch \
- file://CVE-2019-13118.patch \
- file://CVE-2019-18197.patch \
-"
-
-SRC_URI[md5sum] = "b3bd254a03e46d58f8ad1e4559cd2c2f"
-SRC_URI[sha256sum] = "8e36605144409df979cab43d835002f63988f3dc94d5d3537c12796db90e38c8"
+ "
+
+SRC_URI[md5sum] = "db8765c8d076f1b6caafd9f2542a304a"
+SRC_URI[sha256sum] = "98b1bd46d6792925ad2dfe9a87452ea2adebf69dcb9919ffd55bf926a7f93f7f"
UPSTREAM_CHECK_REGEX = "libxslt-(?P<pver>\d+(\.\d+)+)\.tar"
--
2.17.1
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [PATCH 09/13] Revert "devtool/standard.py: Not filtering devtool workspace for devtool finish"
2019-11-18 14:28 [PATCH 01/13] python: update to 2.7.17 Alexander Kanavin
` (6 preceding siblings ...)
2019-11-18 14:28 ` [PATCH 08/13] libxslt: update to 1.1.34 Alexander Kanavin
@ 2019-11-18 14:28 ` Alexander Kanavin
2019-11-18 16:44 ` Richard Purdie
2019-11-18 14:28 ` [PATCH 10/13] mpg123: upgrade 1.25.12 -> 1.25.13 Alexander Kanavin
` (3 subsequent siblings)
11 siblings, 1 reply; 29+ messages in thread
From: Alexander Kanavin @ 2019-11-18 14:28 UTC (permalink / raw)
To: openembedded-core
This reverts commit 41d225f4a37d02e9f79bdbfb79caac8cd3d291ce.
Unfortunately this change broke 'devtool upgrade' functionality,
causing 'devtool finish' to write out an upgraded recipe that no
longer includes the original upstream source in SRC_URI.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
---
scripts/lib/devtool/standard.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/lib/devtool/standard.py b/scripts/lib/devtool/standard.py
index 8d9c1a30225..1c0cd8ab51b 100644
--- a/scripts/lib/devtool/standard.py
+++ b/scripts/lib/devtool/standard.py
@@ -2021,7 +2021,7 @@ def finish(args, config, basepath, workspace):
remove_work=args.remove_work
tinfoil = setup_tinfoil(basepath=basepath, tracking=True)
try:
- rd = parse_recipe(config, tinfoil, args.recipename, True, False)
+ rd = parse_recipe(config, tinfoil, args.recipename, True)
if not rd:
return 1
--
2.17.1
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [PATCH 10/13] mpg123: upgrade 1.25.12 -> 1.25.13
2019-11-18 14:28 [PATCH 01/13] python: update to 2.7.17 Alexander Kanavin
` (7 preceding siblings ...)
2019-11-18 14:28 ` [PATCH 09/13] Revert "devtool/standard.py: Not filtering devtool workspace for devtool finish" Alexander Kanavin
@ 2019-11-18 14:28 ` Alexander Kanavin
2019-11-18 14:28 ` [PATCH 11/13] vala: upgrade 0.46.3 -> 0.46.4 Alexander Kanavin
` (2 subsequent siblings)
11 siblings, 0 replies; 29+ messages in thread
From: Alexander Kanavin @ 2019-11-18 14:28 UTC (permalink / raw)
To: openembedded-core
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
---
.../mpg123/{mpg123_1.25.12.bb => mpg123_1.25.13.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-multimedia/mpg123/{mpg123_1.25.12.bb => mpg123_1.25.13.bb} (94%)
diff --git a/meta/recipes-multimedia/mpg123/mpg123_1.25.12.bb b/meta/recipes-multimedia/mpg123/mpg123_1.25.13.bb
similarity index 94%
rename from meta/recipes-multimedia/mpg123/mpg123_1.25.12.bb
rename to meta/recipes-multimedia/mpg123/mpg123_1.25.13.bb
index a18b2f44174..125574fcfc9 100644
--- a/meta/recipes-multimedia/mpg123/mpg123_1.25.12.bb
+++ b/meta/recipes-multimedia/mpg123/mpg123_1.25.13.bb
@@ -11,8 +11,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=1e86753638d3cf2512528b99079bc4f3"
SRC_URI = "https://www.mpg123.de/download/${BP}.tar.bz2 \
file://sdl2.patch"
-SRC_URI[md5sum] = "ddb38254966eb38c77f220d456a1839d"
-SRC_URI[sha256sum] = "1ffec7c9683dfb86ea9040d6a53d6ea819ecdda215df347f79def08f1fe731d1"
+SRC_URI[md5sum] = "294a6c30546504ec3d0deac2b2ea22be"
+SRC_URI[sha256sum] = "90306848359c793fd43b9906e52201df18775742dc3c81c06ab67a806509890a"
inherit autotools pkgconfig
--
2.17.1
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [PATCH 11/13] vala: upgrade 0.46.3 -> 0.46.4
2019-11-18 14:28 [PATCH 01/13] python: update to 2.7.17 Alexander Kanavin
` (8 preceding siblings ...)
2019-11-18 14:28 ` [PATCH 10/13] mpg123: upgrade 1.25.12 -> 1.25.13 Alexander Kanavin
@ 2019-11-18 14:28 ` Alexander Kanavin
2019-11-18 14:28 ` [PATCH 12/13] sysstat: upstream version check is working again Alexander Kanavin
2019-11-18 14:28 ` [PATCH 13/13] man-pages: correct the SRC_URI Alexander Kanavin
11 siblings, 0 replies; 29+ messages in thread
From: Alexander Kanavin @ 2019-11-18 14:28 UTC (permalink / raw)
To: openembedded-core
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
---
meta/recipes-devtools/vala/{vala_0.46.3.bb => vala_0.46.4.bb} | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
rename meta/recipes-devtools/vala/{vala_0.46.3.bb => vala_0.46.4.bb} (57%)
diff --git a/meta/recipes-devtools/vala/vala_0.46.3.bb b/meta/recipes-devtools/vala/vala_0.46.4.bb
similarity index 57%
rename from meta/recipes-devtools/vala/vala_0.46.3.bb
rename to meta/recipes-devtools/vala/vala_0.46.4.bb
index eda5738c066..c4cd6dd4109 100644
--- a/meta/recipes-devtools/vala/vala_0.46.3.bb
+++ b/meta/recipes-devtools/vala/vala_0.46.4.bb
@@ -4,5 +4,5 @@ SRC_URI += "file://0001-git-version-gen-don-t-append-dirty-if-we-re-not-in-g.pat
file://0001-vapigen.m4-use-PKG_CONFIG_SYSROOT_DIR.patch \
"
-SRC_URI[md5sum] = "809ddac69b039ef509b61993c848613f"
-SRC_URI[sha256sum] = "e29c2b1f108dc22c91bb501975a77c938aef079ca7875e1fbf41191e22cc57e3"
+SRC_URI[md5sum] = "b79bbaf8929ec8ed35911b3571f5a248"
+SRC_URI[sha256sum] = "4bb9b60fc0230b0db2c8a0e2a80ec29f1c10b43dc78355abba78adedbc2e03a1"
--
2.17.1
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [PATCH 12/13] sysstat: upstream version check is working again
2019-11-18 14:28 [PATCH 01/13] python: update to 2.7.17 Alexander Kanavin
` (9 preceding siblings ...)
2019-11-18 14:28 ` [PATCH 11/13] vala: upgrade 0.46.3 -> 0.46.4 Alexander Kanavin
@ 2019-11-18 14:28 ` Alexander Kanavin
2019-11-18 14:28 ` [PATCH 13/13] man-pages: correct the SRC_URI Alexander Kanavin
11 siblings, 0 replies; 29+ messages in thread
From: Alexander Kanavin @ 2019-11-18 14:28 UTC (permalink / raw)
To: openembedded-core
As upstream has released a new stable version,
the exception is no longer needed.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
---
meta/recipes-extended/sysstat/sysstat.inc | 1 -
1 file changed, 1 deletion(-)
diff --git a/meta/recipes-extended/sysstat/sysstat.inc b/meta/recipes-extended/sysstat/sysstat.inc
index 62de36b44bf..77cc6f2cf2a 100644
--- a/meta/recipes-extended/sysstat/sysstat.inc
+++ b/meta/recipes-extended/sysstat/sysstat.inc
@@ -10,7 +10,6 @@ SRC_URI = "http://pagesperso-orange.fr/sebastien.godard/${BP}.tar.xz \
"
UPSTREAM_CHECK_URI = "http://sebastien.godard.pagesperso-orange.fr/download.html"
-UPSTREAM_VERSION_UNKNOWN = "1"
DEPENDS += "base-passwd"
--
2.17.1
^ permalink raw reply related [flat|nested] 29+ messages in thread
* [PATCH 13/13] man-pages: correct the SRC_URI
2019-11-18 14:28 [PATCH 01/13] python: update to 2.7.17 Alexander Kanavin
` (10 preceding siblings ...)
2019-11-18 14:28 ` [PATCH 12/13] sysstat: upstream version check is working again Alexander Kanavin
@ 2019-11-18 14:28 ` Alexander Kanavin
2019-11-18 20:08 ` Khem Raj
11 siblings, 1 reply; 29+ messages in thread
From: Alexander Kanavin @ 2019-11-18 14:28 UTC (permalink / raw)
To: openembedded-core
The homepage: https://www.kernel.org/doc/man-pages/download.html
specifies that the latest tarballs are published one level up
from where we currently take them.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
---
meta/recipes-extended/man-pages/man-pages_5.01.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-extended/man-pages/man-pages_5.01.bb b/meta/recipes-extended/man-pages/man-pages_5.01.bb
index 28525f4ba7e..ea1249e4396 100644
--- a/meta/recipes-extended/man-pages/man-pages_5.01.bb
+++ b/meta/recipes-extended/man-pages/man-pages_5.01.bb
@@ -5,7 +5,7 @@ HOMEPAGE = "http://www.kernel.org/pub/linux/docs/man-pages"
LICENSE = "GPLv2+"
LIC_FILES_CHKSUM = "file://README;md5=794f701617cc03fe50c53257660d8ec4"
-SRC_URI = "${KERNELORG_MIRROR}/linux/docs/${BPN}/Archive/${BP}.tar.gz"
+SRC_URI = "${KERNELORG_MIRROR}/linux/docs/${BPN}/${BP}.tar.gz"
SRC_URI[md5sum] = "38abead776a506109e128ab96bcbbe58"
SRC_URI[sha256sum] = "070bef794c6826b3fb3965d1a2efdb46c25cb37c06c715987f88a50906cd5b6f"
--
2.17.1
^ permalink raw reply related [flat|nested] 29+ messages in thread
* Re: [PATCH 09/13] Revert "devtool/standard.py: Not filtering devtool workspace for devtool finish"
2019-11-18 14:28 ` [PATCH 09/13] Revert "devtool/standard.py: Not filtering devtool workspace for devtool finish" Alexander Kanavin
@ 2019-11-18 16:44 ` Richard Purdie
2019-11-18 16:52 ` Manjukumar Harthikote Matha
2019-11-18 17:18 ` Alexander Kanavin
0 siblings, 2 replies; 29+ messages in thread
From: Richard Purdie @ 2019-11-18 16:44 UTC (permalink / raw)
To: Alexander Kanavin, openembedded-core
On Mon, 2019-11-18 at 15:28 +0100, Alexander Kanavin wrote:
> This reverts commit 41d225f4a37d02e9f79bdbfb79caac8cd3d291ce.
>
> Unfortunately this change broke 'devtool upgrade' functionality,
> causing 'devtool finish' to write out an upgraded recipe that no
> longer includes the original upstream source in SRC_URI.
>
> Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
> ---
> scripts/lib/devtool/standard.py | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/scripts/lib/devtool/standard.py
> b/scripts/lib/devtool/standard.py
> index 8d9c1a30225..1c0cd8ab51b 100644
> --- a/scripts/lib/devtool/standard.py
> +++ b/scripts/lib/devtool/standard.py
> @@ -2021,7 +2021,7 @@ def finish(args, config, basepath, workspace):
> remove_work=args.remove_work
> tinfoil = setup_tinfoil(basepath=basepath, tracking=True)
> try:
> - rd = parse_recipe(config, tinfoil, args.recipename, True,
> False)
> + rd = parse_recipe(config, tinfoil, args.recipename, True)
> if not rd:
> return 1
Are we missing a test case for something here?
If yes, would that be worth noting in bugzilla whilst we know about it?
Cheers,
Richard
^ permalink raw reply [flat|nested] 29+ messages in thread
* Re: [PATCH 09/13] Revert "devtool/standard.py: Not filtering devtool workspace for devtool finish"
2019-11-18 16:44 ` Richard Purdie
@ 2019-11-18 16:52 ` Manjukumar Harthikote Matha
2019-11-18 17:18 ` Alexander Kanavin
1 sibling, 0 replies; 29+ messages in thread
From: Manjukumar Harthikote Matha @ 2019-11-18 16:52 UTC (permalink / raw)
To: Richard Purdie, Alexander Kanavin, openembedded-core
> -----Original Message-----
> From: openembedded-core-bounces@lists.openembedded.org
> <openembedded-core-bounces@lists.openembedded.org> On Behalf Of Richard
> Purdie
> Sent: Monday, November 18, 2019 8:44 AM
> To: Alexander Kanavin <alex.kanavin@gmail.com>; openembedded-
> core@lists.openembedded.org
> Subject: Re: [OE-core] [PATCH 09/13] Revert "devtool/standard.py: Not filtering
> devtool workspace for devtool finish"
>
> On Mon, 2019-11-18 at 15:28 +0100, Alexander Kanavin wrote:
> > This reverts commit 41d225f4a37d02e9f79bdbfb79caac8cd3d291ce.
> >
> > Unfortunately this change broke 'devtool upgrade' functionality,
> > causing 'devtool finish' to write out an upgraded recipe that no
> > longer includes the original upstream source in SRC_URI.
> >
> > Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
> > ---
> > scripts/lib/devtool/standard.py | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/scripts/lib/devtool/standard.py
> > b/scripts/lib/devtool/standard.py index 8d9c1a30225..1c0cd8ab51b
> > 100644
> > --- a/scripts/lib/devtool/standard.py
> > +++ b/scripts/lib/devtool/standard.py
> > @@ -2021,7 +2021,7 @@ def finish(args, config, basepath, workspace):
> > remove_work=args.remove_work
> > tinfoil = setup_tinfoil(basepath=basepath, tracking=True)
> > try:
> > - rd = parse_recipe(config, tinfoil, args.recipename, True,
> > False)
> > + rd = parse_recipe(config, tinfoil, args.recipename, True)
> > if not rd:
> > return 1
>
> Are we missing a test case for something here?
>
> If yes, would that be worth noting in bugzilla whilst we know about it?
>
We will work on adding some of the test cases as well. The functionality of devtool is broad, it has various features and patches sent are missing testing every single functionality
Thanks,
Manju
^ permalink raw reply [flat|nested] 29+ messages in thread
* Re: [PATCH 09/13] Revert "devtool/standard.py: Not filtering devtool workspace for devtool finish"
2019-11-18 16:44 ` Richard Purdie
2019-11-18 16:52 ` Manjukumar Harthikote Matha
@ 2019-11-18 17:18 ` Alexander Kanavin
1 sibling, 0 replies; 29+ messages in thread
From: Alexander Kanavin @ 2019-11-18 17:18 UTC (permalink / raw)
To: Richard Purdie; +Cc: OE-core
[-- Attachment #1: Type: text/plain, Size: 679 bytes --]
On Mon, 18 Nov 2019 at 17:44, Richard Purdie <
richard.purdie@linuxfoundation.org> wrote:
>
> Are we missing a test case for something here?
>
> If yes, would that be worth noting in bugzilla whilst we know about it?
>
There are tests for 'devtool upgrade' (the sample recipes are in
meta-selftest/recipes-test/devtool/) but apparently they weren't able to
catch this. I only noticed because AUH produced a number of broken patches
for some (but not all) recipes.
I'll try to expand the tests so that they would fail with the change I
reverted. I'm not sure exactly which combination of recipe patches before
and after the upgrade triggers the issue.
Alex
[-- Attachment #2: Type: text/html, Size: 1042 bytes --]
^ permalink raw reply [flat|nested] 29+ messages in thread
* Re: [PATCH 13/13] man-pages: correct the SRC_URI
2019-11-18 14:28 ` [PATCH 13/13] man-pages: correct the SRC_URI Alexander Kanavin
@ 2019-11-18 20:08 ` Khem Raj
2019-11-19 11:40 ` Alexander Kanavin
0 siblings, 1 reply; 29+ messages in thread
From: Khem Raj @ 2019-11-18 20:08 UTC (permalink / raw)
To: Alexander Kanavin; +Cc: Patches and discussions about the oe-core layer
On Mon, Nov 18, 2019 at 6:33 AM Alexander Kanavin
<alex.kanavin@gmail.com> wrote:
>
> The homepage: https://www.kernel.org/doc/man-pages/download.html
> specifies that the latest tarballs are published one level up
> from where we currently take them.
>
archive is a better location for what it's worth. Since long after a
release, the tarball may disappear from
level up but chances of it being in archive are higher. So Let's not
change this URI, unless there is another
reason that I missed.
> Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
> ---
> meta/recipes-extended/man-pages/man-pages_5.01.bb | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/meta/recipes-extended/man-pages/man-pages_5.01.bb b/meta/recipes-extended/man-pages/man-pages_5.01.bb
> index 28525f4ba7e..ea1249e4396 100644
> --- a/meta/recipes-extended/man-pages/man-pages_5.01.bb
> +++ b/meta/recipes-extended/man-pages/man-pages_5.01.bb
> @@ -5,7 +5,7 @@ HOMEPAGE = "http://www.kernel.org/pub/linux/docs/man-pages"
> LICENSE = "GPLv2+"
>
> LIC_FILES_CHKSUM = "file://README;md5=794f701617cc03fe50c53257660d8ec4"
> -SRC_URI = "${KERNELORG_MIRROR}/linux/docs/${BPN}/Archive/${BP}.tar.gz"
> +SRC_URI = "${KERNELORG_MIRROR}/linux/docs/${BPN}/${BP}.tar.gz"
>
> SRC_URI[md5sum] = "38abead776a506109e128ab96bcbbe58"
> SRC_URI[sha256sum] = "070bef794c6826b3fb3965d1a2efdb46c25cb37c06c715987f88a50906cd5b6f"
> --
> 2.17.1
>
> --
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.openembedded.org/mailman/listinfo/openembedded-core
^ permalink raw reply [flat|nested] 29+ messages in thread
* Re: [PATCH 13/13] man-pages: correct the SRC_URI
2019-11-18 20:08 ` Khem Raj
@ 2019-11-19 11:40 ` Alexander Kanavin
2019-11-19 15:51 ` Khem Raj
0 siblings, 1 reply; 29+ messages in thread
From: Alexander Kanavin @ 2019-11-19 11:40 UTC (permalink / raw)
To: Khem Raj, Christopher Larson
Cc: Patches and discussions about the oe-core layer
[-- Attachment #1: Type: text/plain, Size: 1414 bytes --]
On Mon, 18 Nov 2019 at 21:09, Khem Raj <raj.khem@gmail.com> wrote:
> On Mon, Nov 18, 2019 at 6:33 AM Alexander Kanavin
> <alex.kanavin@gmail.com> wrote:
> >
> > The homepage: https://www.kernel.org/doc/man-pages/download.html
> > specifies that the latest tarballs are published one level up
> > from where we currently take them.
> >
>
> archive is a better location for what it's worth. Since long after a
> release, the tarball may disappear from
> level up but chances of it being in archive are higher. So Let's not
> change this URI, unless there is another
> reason that I missed.
>
I have to disagree actually! The reasons are:
1. Taking man-pages from archive means we are always shipping an out of
date version, particularly if a tarball is archived months or years later
than it was released.
2. Specifically here, the main folder has all man-page releases going back
1.5 years, which is longer than yocto release's support window. Meanwhile,
the archive is missing several latest releases.
3. Even if a yocto release ships a version of man-pages that is then
archived and removed from main folder, it is trivial and safe to backport
an update from master. man-pages tarballs contain pre-built documentation
and don't threaten release stability.
If this becomes a real problem, we can also write to Michael Kerrisk and
ask that he doesn't move tarballs around.
Alex
[-- Attachment #2: Type: text/html, Size: 2007 bytes --]
^ permalink raw reply [flat|nested] 29+ messages in thread
* Re: [PATCH 07/13] psmisc: update to 23.3
2019-11-18 14:28 ` [PATCH 07/13] psmisc: update to 23.3 Alexander Kanavin
@ 2019-11-19 12:37 ` Mittal, Anuj
2019-11-19 13:10 ` Alexander Kanavin
0 siblings, 1 reply; 29+ messages in thread
From: Mittal, Anuj @ 2019-11-19 12:37 UTC (permalink / raw)
To: openembedded-core, alex.kanavin
On Mon, 2019-11-18 at 15:28 +0100, Alexander Kanavin wrote:
> Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
> ---
> ...am-create-src-directory-before-attempting-t.patch | 12 +++++-----
> --
> .../psmisc/{psmisc_23.2.bb => psmisc_23.3.bb} | 2 +-
> 2 files changed, 6 insertions(+), 8 deletions(-)
> rename meta/recipes-extended/psmisc/{psmisc_23.2.bb =>
> psmisc_23.3.bb} (87%)
>
> diff --git a/meta/recipes-extended/psmisc/psmisc/0001-Makefile.am-
> create-src-directory-before-attempting-t.patch b/meta/recipes-
> extended/psmisc/psmisc/0001-Makefile.am-create-src-directory-before-
> attempting-t.patch
> index 4d44495fd3f..9451303dd7b 100644
> --- a/meta/recipes-extended/psmisc/psmisc/0001-Makefile.am-create-
> src-directory-before-attempting-t.patch
> +++ b/meta/recipes-extended/psmisc/psmisc/0001-Makefile.am-create-
> src-directory-before-attempting-t.patch
> @@ -1,4 +1,4 @@
> -From 285877b7761d74736aca2687ed9bef2f78b82c33 Mon Sep 17 00:00:00
> 2001
> +From dac375f640fecd45e6254a8d870ee37ec8f41670 Mon Sep 17 00:00:00
> 2001
> From: Alexander Kanavin <alex.kanavin@gmail.com>
> Date: Thu, 2 Nov 2017 16:21:22 +0200
> Subject: [PATCH] Makefile.am: create src directory before attempting
> to write
> @@ -8,23 +8,21 @@ Otherwise out of tree builds will fail.
>
> Upstream-Status: Pending
> Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
> +
> ---
> Makefile.am | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/Makefile.am b/Makefile.am
> -index 9f61ab4..b4ced7f 100644
> +index 441ae94..882969d 100644
> --- a/Makefile.am
> +++ b/Makefile.am
> -@@ -79,7 +79,7 @@ EXTRA_DIST = src/signames.c README.md
> +@@ -86,7 +86,7 @@ EXTRA_DIST = src/signames.c README.md misc/git-
> version-gen
> CLEANFILES = src/signames.h
>
> - src/signames.h: src/signames.c Makefile
> + src/signames.h: src/signames.c Makefile src/$(am__dirstamp)
This patch is probably not needed now considering this new change.
https://gitlab.com/psmisc/psmisc/commit/b7dc1c5eb9459f83b2355c8f061933c74b71c724
Thanks,
Anuj
^ permalink raw reply [flat|nested] 29+ messages in thread
* Re: [PATCH 07/13] psmisc: update to 23.3
2019-11-19 12:37 ` Mittal, Anuj
@ 2019-11-19 13:10 ` Alexander Kanavin
0 siblings, 0 replies; 29+ messages in thread
From: Alexander Kanavin @ 2019-11-19 13:10 UTC (permalink / raw)
To: Mittal, Anuj; +Cc: openembedded-core
[-- Attachment #1: Type: text/plain, Size: 2403 bytes --]
Thanks, I've checked that and queued a commit that removes the patch.
Alex
On Tue, 19 Nov 2019 at 13:42, Mittal, Anuj <anuj.mittal@intel.com> wrote:
> On Mon, 2019-11-18 at 15:28 +0100, Alexander Kanavin wrote:
> > Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
> > ---
> > ...am-create-src-directory-before-attempting-t.patch | 12 +++++-----
> > --
> > .../psmisc/{psmisc_23.2.bb => psmisc_23.3.bb} | 2 +-
> > 2 files changed, 6 insertions(+), 8 deletions(-)
> > rename meta/recipes-extended/psmisc/{psmisc_23.2.bb =>
> > psmisc_23.3.bb} (87%)
> >
> > diff --git a/meta/recipes-extended/psmisc/psmisc/0001-Makefile.am-
> > create-src-directory-before-attempting-t.patch b/meta/recipes-
> > extended/psmisc/psmisc/0001-Makefile.am-create-src-directory-before-
> > attempting-t.patch
> > index 4d44495fd3f..9451303dd7b 100644
> > --- a/meta/recipes-extended/psmisc/psmisc/0001-Makefile.am-create-
> > src-directory-before-attempting-t.patch
> > +++ b/meta/recipes-extended/psmisc/psmisc/0001-Makefile.am-create-
> > src-directory-before-attempting-t.patch
> > @@ -1,4 +1,4 @@
> > -From 285877b7761d74736aca2687ed9bef2f78b82c33 Mon Sep 17 00:00:00
> > 2001
> > +From dac375f640fecd45e6254a8d870ee37ec8f41670 Mon Sep 17 00:00:00
> > 2001
> > From: Alexander Kanavin <alex.kanavin@gmail.com>
> > Date: Thu, 2 Nov 2017 16:21:22 +0200
> > Subject: [PATCH] Makefile.am: create src directory before attempting
> > to write
> > @@ -8,23 +8,21 @@ Otherwise out of tree builds will fail.
> >
> > Upstream-Status: Pending
> > Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
> > +
> > ---
> > Makefile.am | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/Makefile.am b/Makefile.am
> > -index 9f61ab4..b4ced7f 100644
> > +index 441ae94..882969d 100644
> > --- a/Makefile.am
> > +++ b/Makefile.am
> > -@@ -79,7 +79,7 @@ EXTRA_DIST = src/signames.c README.md
> > +@@ -86,7 +86,7 @@ EXTRA_DIST = src/signames.c README.md misc/git-
> > version-gen
> > CLEANFILES = src/signames.h
> >
> > - src/signames.h: src/signames.c Makefile
> > + src/signames.h: src/signames.c Makefile src/$(am__dirstamp)
>
> This patch is probably not needed now considering this new change.
>
>
> https://gitlab.com/psmisc/psmisc/commit/b7dc1c5eb9459f83b2355c8f061933c74b71c724
>
> Thanks,
>
> Anuj
>
[-- Attachment #2: Type: text/html, Size: 3621 bytes --]
^ permalink raw reply [flat|nested] 29+ messages in thread
* Re: [PATCH 13/13] man-pages: correct the SRC_URI
2019-11-19 11:40 ` Alexander Kanavin
@ 2019-11-19 15:51 ` Khem Raj
2019-11-19 16:11 ` Alexander Kanavin
0 siblings, 1 reply; 29+ messages in thread
From: Khem Raj @ 2019-11-19 15:51 UTC (permalink / raw)
To: Alexander Kanavin; +Cc: Patches and discussions about the oe-core layer
On Tue, Nov 19, 2019 at 3:41 AM Alexander Kanavin
<alex.kanavin@gmail.com> wrote:
>
> On Mon, 18 Nov 2019 at 21:09, Khem Raj <raj.khem@gmail.com> wrote:
>>
>> On Mon, Nov 18, 2019 at 6:33 AM Alexander Kanavin
>> <alex.kanavin@gmail.com> wrote:
>> >
>> > The homepage: https://www.kernel.org/doc/man-pages/download.html
>> > specifies that the latest tarballs are published one level up
>> > from where we currently take them.
>> >
>>
>> archive is a better location for what it's worth. Since long after a
>> release, the tarball may disappear from
>> level up but chances of it being in archive are higher. So Let's not
>> change this URI, unless there is another
>> reason that I missed.
>
>
> I have to disagree actually! The reasons are:
> 1. Taking man-pages from archive means we are always shipping an out of date version, particularly if a tarball is archived months or years later than it was released.
> 2. Specifically here, the main folder has all man-page releases going back 1.5 years, which is longer than yocto release's support window. Meanwhile, the archive is missing several latest releases.
> 3. Even if a yocto release ships a version of man-pages that is then archived and removed from main folder, it is trivial and safe to backport an update from master. man-pages tarballs contain pre-built documentation and don't threaten release stability.
>
> If this becomes a real problem, we can also write to Michael Kerrisk and ask that he doesn't move tarballs around.
think about building a release after many years, if we do not have to
update SRC_URI to point to archive then its one less things to do
given that the same copies are in archive for current releases too
its just better for long term.
>
> Alex
^ permalink raw reply [flat|nested] 29+ messages in thread
* Re: [PATCH 13/13] man-pages: correct the SRC_URI
2019-11-19 15:51 ` Khem Raj
@ 2019-11-19 16:11 ` Alexander Kanavin
2019-11-19 16:38 ` Khem Raj
0 siblings, 1 reply; 29+ messages in thread
From: Alexander Kanavin @ 2019-11-19 16:11 UTC (permalink / raw)
To: Khem Raj; +Cc: Patches and discussions about the oe-core layer
[-- Attachment #1: Type: text/plain, Size: 727 bytes --]
On Tue, 19 Nov 2019 at 16:51, Khem Raj <raj.khem@gmail.com> wrote:
>
> think about building a release after many years, if we do not have to
> update SRC_URI to point to archive then its one less things to do
> given that the same copies are in archive for current releases too
> its just better for long term.
>
Building a release after many years without having a preserved local copy
of DL_DIR is asking for trouble, regardless of whether man-pages comes from
archive or not. Other things will have changed their location or vanished
off the internet in the meantime, even though they supposedly come from
'stable' locations. But if you have a DL_DIR, then you don't need to fix
the recipes at all.
Alex
[-- Attachment #2: Type: text/html, Size: 1067 bytes --]
^ permalink raw reply [flat|nested] 29+ messages in thread
* Re: [PATCH 13/13] man-pages: correct the SRC_URI
2019-11-19 16:11 ` Alexander Kanavin
@ 2019-11-19 16:38 ` Khem Raj
2019-11-19 16:46 ` Alexander Kanavin
0 siblings, 1 reply; 29+ messages in thread
From: Khem Raj @ 2019-11-19 16:38 UTC (permalink / raw)
To: Alexander Kanavin; +Cc: Patches and discussions about the oe-core layer
[-- Attachment #1: Type: text/plain, Size: 1369 bytes --]
On Tue, Nov 19, 2019 at 8:11 AM Alexander Kanavin <alex.kanavin@gmail.com>
wrote:
> On Tue, 19 Nov 2019 at 16:51, Khem Raj <raj.khem@gmail.com> wrote:
>
>>
>> think about building a release after many years, if we do not have to
>> update SRC_URI to point to archive then its one less things to do
>> given that the same copies are in archive for current releases too
>> its just better for long term.
>>
>
> Building a release after many years without having a preserved local copy
> of DL_DIR is asking for trouble, regardless of whether man-pages comes from
> archive or not. Other things will have changed their location or vanished
> off the internet in the meantime, even though they supposedly come from
> 'stable' locations. But if you have a DL_DIR, then you don't need to fix
> the recipes at all.
>
Please look at the stable yocto releases in past and see how many patches
have been suggested or applied just to update src_uri
Usually new users start with stable releases a lot of times due to their
work asking them to or some other reason and they may not have all dl_dir
stuff
If I was asking you to store the tarball some place in arctic then I would
understand your concern but in this case I am not able to. can you describe
why using archive location is not suitable here perhaps that will help me
>
> Alex
>
>
[-- Attachment #2: Type: text/html, Size: 2249 bytes --]
^ permalink raw reply [flat|nested] 29+ messages in thread
* Re: [PATCH 13/13] man-pages: correct the SRC_URI
2019-11-19 16:38 ` Khem Raj
@ 2019-11-19 16:46 ` Alexander Kanavin
2019-11-19 18:08 ` Christopher Larson
0 siblings, 1 reply; 29+ messages in thread
From: Alexander Kanavin @ 2019-11-19 16:46 UTC (permalink / raw)
To: Khem Raj; +Cc: Patches and discussions about the oe-core layer
[-- Attachment #1: Type: text/plain, Size: 583 bytes --]
On Tue, 19 Nov 2019 at 17:38, Khem Raj <raj.khem@gmail.com> wrote:
>
> If I was asking you to store the tarball some place in arctic then I would
> understand your concern but in this case I am not able to. can you describe
> why using archive location is not suitable here perhaps that will help me
>
The archive location is missing several latest releases of man-pages, which
are only available from the main location. Which means that we always ship
an out of date version of manpages, and aren't aware (via version check
tooling) that later versions exist.
Alex
[-- Attachment #2: Type: text/html, Size: 963 bytes --]
^ permalink raw reply [flat|nested] 29+ messages in thread
* Re: [PATCH 13/13] man-pages: correct the SRC_URI
2019-11-19 16:46 ` Alexander Kanavin
@ 2019-11-19 18:08 ` Christopher Larson
2019-11-19 18:14 ` Alexander Kanavin
0 siblings, 1 reply; 29+ messages in thread
From: Christopher Larson @ 2019-11-19 18:08 UTC (permalink / raw)
To: Khem Raj, Alexander Kanavin
Cc: Patches and discussions about the oe-core layer
[-- Attachment #1: Type: text/plain, Size: 914 bytes --]
The whole point of having PV in the filename is ensuring it won’t change out from under us. If they’re modifying files in place that’s going to cause us headaches whether we pull from archive or not due to checksum changes.
On Nov 19, 2019, 9:46 AM -0700, Alexander Kanavin <alex.kanavin@gmail.com>, wrote:
> > On Tue, 19 Nov 2019 at 17:38, Khem Raj <raj.khem@gmail.com> wrote:
> > > >
> > > > If I was asking you to store the tarball some place in arctic then I would understand your concern but in this case I am not able to. can you describe why using archive location is not suitable here perhaps that will help me
> >
> > The archive location is missing several latest releases of man-pages, which are only available from the main location. Which means that we always ship an out of date version of manpages, and aren't aware (via version check tooling) that later versions exist.
> >
> > Alex
[-- Attachment #2: Type: text/html, Size: 1675 bytes --]
^ permalink raw reply [flat|nested] 29+ messages in thread
* Re: [PATCH 13/13] man-pages: correct the SRC_URI
2019-11-19 18:08 ` Christopher Larson
@ 2019-11-19 18:14 ` Alexander Kanavin
2019-11-19 18:21 ` Khem Raj
0 siblings, 1 reply; 29+ messages in thread
From: Alexander Kanavin @ 2019-11-19 18:14 UTC (permalink / raw)
To: Christopher Larson; +Cc: Patches and discussions about the oe-core layer
[-- Attachment #1: Type: text/plain, Size: 1385 bytes --]
I never said they are modifying files in place, I think you misunderstood
me somehow. 'Archive' in this discussion is a folder on a server with
tarballs, not a tarball.
Maybe it's easier if I provide clickable links:
https://mirrors.edge.kernel.org/pub/linux/docs/man-pages/
https://mirrors.edge.kernel.org/pub/linux/docs/man-pages/Archive/
Alex
On Tue, 19 Nov 2019 at 19:08, Christopher Larson <kergoth@gmail.com> wrote:
> The whole point of having PV in the filename is ensuring it won’t change
> out from under us. If they’re modifying files in place that’s going to
> cause us headaches whether we pull from archive or not due to checksum
> changes.
> On Nov 19, 2019, 9:46 AM -0700, Alexander Kanavin <alex.kanavin@gmail.com>,
> wrote:
>
> On Tue, 19 Nov 2019 at 17:38, Khem Raj <raj.khem@gmail.com> wrote:
>
>>
>> If I was asking you to store the tarball some place in arctic then I
>> would understand your concern but in this case I am not able to. can you
>> describe why using archive location is not suitable here perhaps that will
>> help me
>>
>
> The archive location is missing several latest releases of man-pages,
> which are only available from the main location. Which means that we always
> ship an out of date version of manpages, and aren't aware (via version
> check tooling) that later versions exist.
>
> Alex
>
>
[-- Attachment #2: Type: text/html, Size: 2575 bytes --]
^ permalink raw reply [flat|nested] 29+ messages in thread
* Re: [PATCH 13/13] man-pages: correct the SRC_URI
2019-11-19 18:14 ` Alexander Kanavin
@ 2019-11-19 18:21 ` Khem Raj
2019-11-19 21:54 ` Khem Raj
0 siblings, 1 reply; 29+ messages in thread
From: Khem Raj @ 2019-11-19 18:21 UTC (permalink / raw)
To: Alexander Kanavin; +Cc: Patches and discussions about the oe-core layer
On Tue, Nov 19, 2019 at 10:14 AM Alexander Kanavin
<alex.kanavin@gmail.com> wrote:
>
> I never said they are modifying files in place, I think you misunderstood me somehow. 'Archive' in this discussion is a folder on a server with tarballs, not a tarball.
>
> Maybe it's easier if I provide clickable links:
> https://mirrors.edge.kernel.org/pub/linux/docs/man-pages/
> https://mirrors.edge.kernel.org/pub/linux/docs/man-pages/Archive/
>
I see that they are still carrying a release from 2013 in
https://mirrors.edge.kernel.org/pub/linux/docs/man-pages/, I am hoping
that they do keep the tarballs in this location for long enough. So
it might not be such a bad thing to move to using it, I was thinking
the cycle is smaller
> Alex
>
> On Tue, 19 Nov 2019 at 19:08, Christopher Larson <kergoth@gmail.com> wrote:
>>
>> The whole point of having PV in the filename is ensuring it won’t change out from under us. If they’re modifying files in place that’s going to cause us headaches whether we pull from archive or not due to checksum changes.
>> On Nov 19, 2019, 9:46 AM -0700, Alexander Kanavin <alex.kanavin@gmail.com>, wrote:
>>
>> On Tue, 19 Nov 2019 at 17:38, Khem Raj <raj.khem@gmail.com> wrote:
>>>
>>>
>>> If I was asking you to store the tarball some place in arctic then I would understand your concern but in this case I am not able to. can you describe why using archive location is not suitable here perhaps that will help me
>>
>>
>> The archive location is missing several latest releases of man-pages, which are only available from the main location. Which means that we always ship an out of date version of manpages, and aren't aware (via version check tooling) that later versions exist.
>>
>> Alex
^ permalink raw reply [flat|nested] 29+ messages in thread
* Re: [PATCH 13/13] man-pages: correct the SRC_URI
2019-11-19 18:21 ` Khem Raj
@ 2019-11-19 21:54 ` Khem Raj
0 siblings, 0 replies; 29+ messages in thread
From: Khem Raj @ 2019-11-19 21:54 UTC (permalink / raw)
To: Alexander Kanavin; +Cc: Patches and discussions about the oe-core layer
please update manpages to latest (5.04) that will justify moving to
new location for SRC_URI
On Tue, Nov 19, 2019 at 10:21 AM Khem Raj <raj.khem@gmail.com> wrote:
>
> On Tue, Nov 19, 2019 at 10:14 AM Alexander Kanavin
> <alex.kanavin@gmail.com> wrote:
> >
> > I never said they are modifying files in place, I think you misunderstood me somehow. 'Archive' in this discussion is a folder on a server with tarballs, not a tarball.
> >
> > Maybe it's easier if I provide clickable links:
> > https://mirrors.edge.kernel.org/pub/linux/docs/man-pages/
> > https://mirrors.edge.kernel.org/pub/linux/docs/man-pages/Archive/
> >
>
> I see that they are still carrying a release from 2013 in
> https://mirrors.edge.kernel.org/pub/linux/docs/man-pages/, I am hoping
> that they do keep the tarballs in this location for long enough. So
> it might not be such a bad thing to move to using it, I was thinking
> the cycle is smaller
>
> > Alex
> >
> > On Tue, 19 Nov 2019 at 19:08, Christopher Larson <kergoth@gmail.com> wrote:
> >>
> >> The whole point of having PV in the filename is ensuring it won’t change out from under us. If they’re modifying files in place that’s going to cause us headaches whether we pull from archive or not due to checksum changes.
> >> On Nov 19, 2019, 9:46 AM -0700, Alexander Kanavin <alex.kanavin@gmail.com>, wrote:
> >>
> >> On Tue, 19 Nov 2019 at 17:38, Khem Raj <raj.khem@gmail.com> wrote:
> >>>
> >>>
> >>> If I was asking you to store the tarball some place in arctic then I would understand your concern but in this case I am not able to. can you describe why using archive location is not suitable here perhaps that will help me
> >>
> >>
> >> The archive location is missing several latest releases of man-pages, which are only available from the main location. Which means that we always ship an out of date version of manpages, and aren't aware (via version check tooling) that later versions exist.
> >>
> >> Alex
^ permalink raw reply [flat|nested] 29+ messages in thread
* [PATCH 04/13] tiff: update to 4.1.0
2019-11-18 13:07 [PATCH 01/13] python: update to 2.7.17 Alexander Kanavin
@ 2019-11-18 13:07 ` Alexander Kanavin
0 siblings, 0 replies; 29+ messages in thread
From: Alexander Kanavin @ 2019-11-18 13:07 UTC (permalink / raw)
To: openembedded-core
Drop backported patches.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
---
.../libtiff/tiff/CVE-2019-14973.patch | 415 ------------------
.../libtiff/tiff/CVE-2019-17546.patch | 103 -----
.../libtiff/tiff/CVE-2019-6128.patch | 52 ---
.../libtiff/tiff/CVE-2019-7663.patch | 77 ----
.../libtiff/{tiff_4.0.10.bb => tiff_4.1.0.bb} | 10 +-
5 files changed, 3 insertions(+), 654 deletions(-)
delete mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2019-14973.patch
delete mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2019-17546.patch
delete mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2019-6128.patch
delete mode 100644 meta/recipes-multimedia/libtiff/tiff/CVE-2019-7663.patch
rename meta/recipes-multimedia/libtiff/{tiff_4.0.10.bb => tiff_4.1.0.bb} (85%)
diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2019-14973.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2019-14973.patch
deleted file mode 100644
index 8345295d07b..00000000000
--- a/meta/recipes-multimedia/libtiff/tiff/CVE-2019-14973.patch
+++ /dev/null
@@ -1,415 +0,0 @@
-From 95ac1e3fcc6b643b5bd100f2ea54faca0a003315 Mon Sep 17 00:00:00 2001
-From: Trevor Gamblin <trevor.gamblin@windriver.com>
-Date: Fri, 20 Sep 2019 09:33:22 -0400
-Subject: [PATCH] libtiff-fix-CVE-2019-14973
-
-Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff/commit/2218055ca67d84be596a13080e8f50f22116555c]
-CVE: CVE-2019-14973
-
-Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
----
- libtiff/tif_aux.c | 49 +++++++++++++++++++++++++++++++++++++-----
- libtiff/tif_getimage.c | 6 ++----
- libtiff/tif_luv.c | 8 +------
- libtiff/tif_pixarlog.c | 7 +-----
- libtiff/tif_read.c | 38 +++++++++-----------------------
- libtiff/tif_strip.c | 35 ++++--------------------------
- libtiff/tif_tile.c | 27 +++--------------------
- libtiff/tiffiop.h | 7 +++++-
- 8 files changed, 71 insertions(+), 106 deletions(-)
-
-diff --git a/libtiff/tif_aux.c b/libtiff/tif_aux.c
-index 4ece162f..33fb8a44 100644
---- a/libtiff/tif_aux.c
-+++ b/libtiff/tif_aux.c
-@@ -57,18 +57,57 @@ _TIFFMultiply64(TIFF* tif, uint64 first, uint64 second, const char* where)
- return bytes;
- }
-
-+tmsize_t
-+_TIFFMultiplySSize(TIFF* tif, tmsize_t first, tmsize_t second, const char* where)
-+{
-+ if( first <= 0 || second <= 0 )
-+ {
-+ if( tif != NULL && where != NULL )
-+ {
-+ TIFFErrorExt(tif->tif_clientdata, where,
-+ "Invalid argument to _TIFFMultiplySSize() in %s", where);
-+ }
-+ return 0;
-+ }
-+
-+ if( first > TIFF_TMSIZE_T_MAX / second )
-+ {
-+ if( tif != NULL && where != NULL )
-+ {
-+ TIFFErrorExt(tif->tif_clientdata, where,
-+ "Integer overflow in %s", where);
-+ }
-+ return 0;
-+ }
-+ return first * second;
-+}
-+
-+tmsize_t _TIFFCastUInt64ToSSize(TIFF* tif, uint64 val, const char* module)
-+{
-+ if( val > (uint64)TIFF_TMSIZE_T_MAX )
-+ {
-+ if( tif != NULL && module != NULL )
-+ {
-+ TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow");
-+ }
-+ return 0;
-+ }
-+ return (tmsize_t)val;
-+}
-+
- void*
- _TIFFCheckRealloc(TIFF* tif, void* buffer,
- tmsize_t nmemb, tmsize_t elem_size, const char* what)
- {
- void* cp = NULL;
-- tmsize_t bytes = nmemb * elem_size;
--
-+ tmsize_t count = _TIFFMultiplySSize(tif, nmemb, elem_size, NULL);
- /*
-- * XXX: Check for integer overflow.
-+ * Check for integer overflow.
- */
-- if (nmemb && elem_size && bytes / elem_size == nmemb)
-- cp = _TIFFrealloc(buffer, bytes);
-+ if (count != 0)
-+ {
-+ cp = _TIFFrealloc(buffer, count);
-+ }
-
- if (cp == NULL) {
- TIFFErrorExt(tif->tif_clientdata, tif->tif_name,
-diff --git a/libtiff/tif_getimage.c b/libtiff/tif_getimage.c
-index 6a9d5a7c..2106ca21 100644
---- a/libtiff/tif_getimage.c
-+++ b/libtiff/tif_getimage.c
-@@ -755,9 +755,8 @@ gtTileSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
- uint32 leftmost_tw;
-
- tilesize = TIFFTileSize(tif);
-- bufsize = TIFFSafeMultiply(tmsize_t,alpha?4:3,tilesize);
-+ bufsize = _TIFFMultiplySSize(tif, alpha?4:3,tilesize, "gtTileSeparate");
- if (bufsize == 0) {
-- TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in %s", "gtTileSeparate");
- return (0);
- }
-
-@@ -1019,9 +1018,8 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
- uint16 colorchannels;
-
- stripsize = TIFFStripSize(tif);
-- bufsize = TIFFSafeMultiply(tmsize_t,alpha?4:3,stripsize);
-+ bufsize = _TIFFMultiplySSize(tif,alpha?4:3,stripsize, "gtStripSeparate");
- if (bufsize == 0) {
-- TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in %s", "gtStripSeparate");
- return (0);
- }
-
-diff --git a/libtiff/tif_luv.c b/libtiff/tif_luv.c
-index aa35ea07..46d2dff2 100644
---- a/libtiff/tif_luv.c
-+++ b/libtiff/tif_luv.c
-@@ -1264,16 +1264,10 @@ LogL16GuessDataFmt(TIFFDirectory *td)
- return (SGILOGDATAFMT_UNKNOWN);
- }
-
--
--#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0))
--#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1)
--
- static tmsize_t
- multiply_ms(tmsize_t m1, tmsize_t m2)
- {
-- if( m1 == 0 || m2 > TIFF_TMSIZE_T_MAX / m1 )
-- return 0;
-- return m1 * m2;
-+ return _TIFFMultiplySSize(NULL, m1, m2, NULL);
- }
-
- static int
-diff --git a/libtiff/tif_pixarlog.c b/libtiff/tif_pixarlog.c
-index 7438d692..b52a3ee4 100644
---- a/libtiff/tif_pixarlog.c
-+++ b/libtiff/tif_pixarlog.c
-@@ -634,15 +634,10 @@ PixarLogGuessDataFmt(TIFFDirectory *td)
- return guess;
- }
-
--#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0))
--#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1)
--
- static tmsize_t
- multiply_ms(tmsize_t m1, tmsize_t m2)
- {
-- if( m1 == 0 || m2 > TIFF_TMSIZE_T_MAX / m1 )
-- return 0;
-- return m1 * m2;
-+ return _TIFFMultiplySSize(NULL, m1, m2, NULL);
- }
-
- static tmsize_t
-diff --git a/libtiff/tif_read.c b/libtiff/tif_read.c
-index e63810cc..8db39d7a 100644
---- a/libtiff/tif_read.c
-+++ b/libtiff/tif_read.c
-@@ -29,9 +29,6 @@
- #include "tiffiop.h"
- #include <stdio.h>
-
--#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0))
--#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1)
--
- int TIFFFillStrip(TIFF* tif, uint32 strip);
- int TIFFFillTile(TIFF* tif, uint32 tile);
- static int TIFFStartStrip(TIFF* tif, uint32 strip);
-@@ -49,6 +46,8 @@ TIFFReadRawTile1(TIFF* tif, uint32 tile, void* buf, tmsize_t size, const char* m
- #define THRESHOLD_MULTIPLIER 10
- #define MAX_THRESHOLD (THRESHOLD_MULTIPLIER * THRESHOLD_MULTIPLIER * THRESHOLD_MULTIPLIER * INITIAL_THRESHOLD)
-
-+#define TIFF_INT64_MAX ((((int64)0x7FFFFFFF) << 32) | 0xFFFFFFFF)
-+
- /* Read 'size' bytes in tif_rawdata buffer starting at offset 'rawdata_offset'
- * Returns 1 in case of success, 0 otherwise. */
- static int TIFFReadAndRealloc( TIFF* tif, tmsize_t size,
-@@ -734,23 +733,8 @@ TIFFReadRawStrip(TIFF* tif, uint32 strip, void* buf, tmsize_t size)
- return ((tmsize_t)(-1));
- }
- bytecount = td->td_stripbytecount[strip];
-- if ((int64)bytecount <= 0) {
--#if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
-- TIFFErrorExt(tif->tif_clientdata, module,
-- "%I64u: Invalid strip byte count, strip %lu",
-- (unsigned __int64) bytecount,
-- (unsigned long) strip);
--#else
-- TIFFErrorExt(tif->tif_clientdata, module,
-- "%llu: Invalid strip byte count, strip %lu",
-- (unsigned long long) bytecount,
-- (unsigned long) strip);
--#endif
-- return ((tmsize_t)(-1));
-- }
-- bytecountm = (tmsize_t)bytecount;
-- if ((uint64)bytecountm!=bytecount) {
-- TIFFErrorExt(tif->tif_clientdata, module, "Integer overflow");
-+ bytecountm = _TIFFCastUInt64ToSSize(tif, bytecount, module);
-+ if (bytecountm == 0) {
- return ((tmsize_t)(-1));
- }
- if (size != (tmsize_t)(-1) && size < bytecountm)
-@@ -774,7 +758,7 @@ TIFFFillStrip(TIFF* tif, uint32 strip)
- if ((tif->tif_flags&TIFF_NOREADRAW)==0)
- {
- uint64 bytecount = td->td_stripbytecount[strip];
-- if ((int64)bytecount <= 0) {
-+ if( bytecount == 0 || bytecount > (uint64)TIFF_INT64_MAX ) {
- #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
- TIFFErrorExt(tif->tif_clientdata, module,
- "Invalid strip byte count %I64u, strip %lu",
-@@ -801,7 +785,7 @@ TIFFFillStrip(TIFF* tif, uint32 strip)
- (bytecount - 4096) / 10 > (uint64)stripsize )
- {
- uint64 newbytecount = (uint64)stripsize * 10 + 4096;
-- if( (int64)newbytecount >= 0 )
-+ if( newbytecount == 0 || newbytecount > (uint64)TIFF_INT64_MAX )
- {
- #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
- TIFFWarningExt(tif->tif_clientdata, module,
-@@ -1196,10 +1180,8 @@ TIFFReadRawTile(TIFF* tif, uint32 tile, void* buf, tmsize_t size)
- bytecount64 = td->td_stripbytecount[tile];
- if (size != (tmsize_t)(-1) && (uint64)size < bytecount64)
- bytecount64 = (uint64)size;
-- bytecountm = (tmsize_t)bytecount64;
-- if ((uint64)bytecountm!=bytecount64)
-- {
-- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow");
-+ bytecountm = _TIFFCastUInt64ToSSize(tif, bytecount64, module);
-+ if( bytecountm == 0 ) {
- return ((tmsize_t)(-1));
- }
- return (TIFFReadRawTile1(tif, tile, buf, bytecountm, module));
-@@ -1221,7 +1203,7 @@ TIFFFillTile(TIFF* tif, uint32 tile)
- if ((tif->tif_flags&TIFF_NOREADRAW)==0)
- {
- uint64 bytecount = td->td_stripbytecount[tile];
-- if ((int64)bytecount <= 0) {
-+ if( bytecount == 0 || bytecount > (uint64)TIFF_INT64_MAX ) {
- #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
- TIFFErrorExt(tif->tif_clientdata, module,
- "%I64u: Invalid tile byte count, tile %lu",
-@@ -1248,7 +1230,7 @@ TIFFFillTile(TIFF* tif, uint32 tile)
- (bytecount - 4096) / 10 > (uint64)stripsize )
- {
- uint64 newbytecount = (uint64)stripsize * 10 + 4096;
-- if( (int64)newbytecount >= 0 )
-+ if( newbytecount == 0 || newbytecount > (uint64)TIFF_INT64_MAX )
- {
- #if defined(__WIN32__) && (defined(_MSC_VER) || defined(__MINGW32__))
- TIFFWarningExt(tif->tif_clientdata, module,
-diff --git a/libtiff/tif_strip.c b/libtiff/tif_strip.c
-index 5b76fba5..2366acf0 100644
---- a/libtiff/tif_strip.c
-+++ b/libtiff/tif_strip.c
-@@ -129,15 +129,8 @@ TIFFVStripSize(TIFF* tif, uint32 nrows)
- {
- static const char module[] = "TIFFVStripSize";
- uint64 m;
-- tmsize_t n;
- m=TIFFVStripSize64(tif,nrows);
-- n=(tmsize_t)m;
-- if ((uint64)n!=m)
-- {
-- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow");
-- n=0;
-- }
-- return(n);
-+ return _TIFFCastUInt64ToSSize(tif, m, module);
- }
-
- /*
-@@ -211,15 +204,8 @@ TIFFStripSize(TIFF* tif)
- {
- static const char module[] = "TIFFStripSize";
- uint64 m;
-- tmsize_t n;
- m=TIFFStripSize64(tif);
-- n=(tmsize_t)m;
-- if ((uint64)n!=m)
-- {
-- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow");
-- n=0;
-- }
-- return(n);
-+ return _TIFFCastUInt64ToSSize(tif, m, module);
- }
-
- /*
-@@ -330,14 +316,8 @@ TIFFScanlineSize(TIFF* tif)
- {
- static const char module[] = "TIFFScanlineSize";
- uint64 m;
-- tmsize_t n;
- m=TIFFScanlineSize64(tif);
-- n=(tmsize_t)m;
-- if ((uint64)n!=m) {
-- TIFFErrorExt(tif->tif_clientdata,module,"Integer arithmetic overflow");
-- n=0;
-- }
-- return(n);
-+ return _TIFFCastUInt64ToSSize(tif, m, module);
- }
-
- /*
-@@ -366,15 +346,8 @@ TIFFRasterScanlineSize(TIFF* tif)
- {
- static const char module[] = "TIFFRasterScanlineSize";
- uint64 m;
-- tmsize_t n;
- m=TIFFRasterScanlineSize64(tif);
-- n=(tmsize_t)m;
-- if ((uint64)n!=m)
-- {
-- TIFFErrorExt(tif->tif_clientdata,module,"Integer arithmetic overflow");
-- n=0;
-- }
-- return(n);
-+ return _TIFFCastUInt64ToSSize(tif, m, module);
- }
-
- /* vim: set ts=8 sts=8 sw=8 noet: */
-diff --git a/libtiff/tif_tile.c b/libtiff/tif_tile.c
-index 58fe9354..661cc771 100644
---- a/libtiff/tif_tile.c
-+++ b/libtiff/tif_tile.c
-@@ -181,15 +181,8 @@ TIFFTileRowSize(TIFF* tif)
- {
- static const char module[] = "TIFFTileRowSize";
- uint64 m;
-- tmsize_t n;
- m=TIFFTileRowSize64(tif);
-- n=(tmsize_t)m;
-- if ((uint64)n!=m)
-- {
-- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow");
-- n=0;
-- }
-- return(n);
-+ return _TIFFCastUInt64ToSSize(tif, m, module);
- }
-
- /*
-@@ -248,15 +241,8 @@ TIFFVTileSize(TIFF* tif, uint32 nrows)
- {
- static const char module[] = "TIFFVTileSize";
- uint64 m;
-- tmsize_t n;
- m=TIFFVTileSize64(tif,nrows);
-- n=(tmsize_t)m;
-- if ((uint64)n!=m)
-- {
-- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow");
-- n=0;
-- }
-- return(n);
-+ return _TIFFCastUInt64ToSSize(tif, m, module);
- }
-
- /*
-@@ -272,15 +258,8 @@ TIFFTileSize(TIFF* tif)
- {
- static const char module[] = "TIFFTileSize";
- uint64 m;
-- tmsize_t n;
- m=TIFFTileSize64(tif);
-- n=(tmsize_t)m;
-- if ((uint64)n!=m)
-- {
-- TIFFErrorExt(tif->tif_clientdata,module,"Integer overflow");
-- n=0;
-- }
-- return(n);
-+ return _TIFFCastUInt64ToSSize(tif, m, module);
- }
-
- /*
-diff --git a/libtiff/tiffiop.h b/libtiff/tiffiop.h
-index 186c291f..558484fe 100644
---- a/libtiff/tiffiop.h
-+++ b/libtiff/tiffiop.h
-@@ -77,6 +77,9 @@ extern int snprintf(char* str, size_t size, const char* format, ...);
- #define FALSE 0
- #endif
-
-+#define TIFF_SIZE_T_MAX ((size_t) ~ ((size_t)0))
-+#define TIFF_TMSIZE_T_MAX (tmsize_t)(TIFF_SIZE_T_MAX >> 1)
-+
- typedef struct client_info {
- struct client_info *next;
- void *data;
-@@ -258,7 +261,7 @@ struct tiff {
- #define TIFFhowmany8_64(x) (((x)&0x07)?((uint64)(x)>>3)+1:(uint64)(x)>>3)
- #define TIFFroundup_64(x, y) (TIFFhowmany_64(x,y)*(y))
-
--/* Safe multiply which returns zero if there is an integer overflow */
-+/* Safe multiply which returns zero if there is an *unsigned* integer overflow. This macro is not safe for *signed* integer types */
- #define TIFFSafeMultiply(t,v,m) ((((t)(m) != (t)0) && (((t)(((v)*(m))/(m))) == (t)(v))) ? (t)((v)*(m)) : (t)0)
-
- #define TIFFmax(A,B) ((A)>(B)?(A):(B))
-@@ -368,6 +371,8 @@ extern TIFFErrorHandlerExt _TIFFerrorHandlerExt;
-
- extern uint32 _TIFFMultiply32(TIFF*, uint32, uint32, const char*);
- extern uint64 _TIFFMultiply64(TIFF*, uint64, uint64, const char*);
-+extern tmsize_t _TIFFMultiplySSize(TIFF*, tmsize_t, tmsize_t, const char*);
-+extern tmsize_t _TIFFCastUInt64ToSSize(TIFF*, uint64, const char*);
- extern void* _TIFFCheckMalloc(TIFF*, tmsize_t, tmsize_t, const char*);
- extern void* _TIFFCheckRealloc(TIFF*, void*, tmsize_t, tmsize_t, const char*);
-
---
-2.17.1
-
diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2019-17546.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2019-17546.patch
deleted file mode 100644
index 04c5410930a..00000000000
--- a/meta/recipes-multimedia/libtiff/tiff/CVE-2019-17546.patch
+++ /dev/null
@@ -1,103 +0,0 @@
-libtiff: fix CVE-2019-17546
-
-Added after 4.0.10 release.
-
-CVE: CVE-2019-17546
-Upstream-Status: Backport [https://gitlab.com/libtiff/libtiff]
-Signed-off-by: Joe Slater <joe.slater@windriver.com>
-
-commit 4bb584a35f87af42d6cf09d15e9ce8909a839145
-Author: Even Rouault <even.rouault@spatialys.com>
-Date: Thu Aug 15 15:05:28 2019 +0200
-
- RGBA interface: fix integer overflow potentially causing write heap buffer overflow, especially on 32 bit builds. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16443. Credit to OSS Fuzz
-
-diff --git a/libtiff/tif_getimage.c b/libtiff/tif_getimage.c
-index c88b5fa..4da785d 100644
---- a/libtiff/tif_getimage.c
-+++ b/libtiff/tif_getimage.c
-@@ -949,16 +949,23 @@ gtStripContig(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
- fromskew = (w < imagewidth ? imagewidth - w : 0);
- for (row = 0; row < h; row += nrow)
- {
-+ uint32 temp;
- rowstoread = rowsperstrip - (row + img->row_offset) % rowsperstrip;
- nrow = (row + rowstoread > h ? h - row : rowstoread);
- nrowsub = nrow;
- if ((nrowsub%subsamplingver)!=0)
- nrowsub+=subsamplingver-nrowsub%subsamplingver;
-+ temp = (row + img->row_offset)%rowsperstrip + nrowsub;
-+ if( scanline > 0 && temp > (size_t)(TIFF_TMSIZE_T_MAX / scanline) )
-+ {
-+ TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in gtStripContig");
-+ return 0;
-+ }
- if (_TIFFReadEncodedStripAndAllocBuffer(tif,
- TIFFComputeStrip(tif,row+img->row_offset, 0),
- (void**)(&buf),
- maxstripsize,
-- ((row + img->row_offset)%rowsperstrip + nrowsub) * scanline)==(tmsize_t)(-1)
-+ temp * scanline)==(tmsize_t)(-1)
- && (buf == NULL || img->stoponerr))
- {
- ret = 0;
-@@ -1051,15 +1058,22 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
- fromskew = (w < imagewidth ? imagewidth - w : 0);
- for (row = 0; row < h; row += nrow)
- {
-+ uint32 temp;
- rowstoread = rowsperstrip - (row + img->row_offset) % rowsperstrip;
- nrow = (row + rowstoread > h ? h - row : rowstoread);
- offset_row = row + img->row_offset;
-+ temp = (row + img->row_offset)%rowsperstrip + nrow;
-+ if( scanline > 0 && temp > (size_t)(TIFF_TMSIZE_T_MAX / scanline) )
-+ {
-+ TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), "Integer overflow in gtStripSeparate");
-+ return 0;
-+ }
- if( buf == NULL )
- {
- if (_TIFFReadEncodedStripAndAllocBuffer(
- tif, TIFFComputeStrip(tif, offset_row, 0),
- (void**) &buf, bufsize,
-- ((row + img->row_offset)%rowsperstrip + nrow) * scanline)==(tmsize_t)(-1)
-+ temp * scanline)==(tmsize_t)(-1)
- && (buf == NULL || img->stoponerr))
- {
- ret = 0;
-@@ -1079,7 +1093,7 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
- }
- }
- else if (TIFFReadEncodedStrip(tif, TIFFComputeStrip(tif, offset_row, 0),
-- p0, ((row + img->row_offset)%rowsperstrip + nrow) * scanline)==(tmsize_t)(-1)
-+ p0, temp * scanline)==(tmsize_t)(-1)
- && img->stoponerr)
- {
- ret = 0;
-@@ -1087,7 +1101,7 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
- }
- if (colorchannels > 1
- && TIFFReadEncodedStrip(tif, TIFFComputeStrip(tif, offset_row, 1),
-- p1, ((row + img->row_offset)%rowsperstrip + nrow) * scanline) == (tmsize_t)(-1)
-+ p1, temp * scanline) == (tmsize_t)(-1)
- && img->stoponerr)
- {
- ret = 0;
-@@ -1095,7 +1109,7 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
- }
- if (colorchannels > 1
- && TIFFReadEncodedStrip(tif, TIFFComputeStrip(tif, offset_row, 2),
-- p2, ((row + img->row_offset)%rowsperstrip + nrow) * scanline) == (tmsize_t)(-1)
-+ p2, temp * scanline) == (tmsize_t)(-1)
- && img->stoponerr)
- {
- ret = 0;
-@@ -1104,7 +1118,7 @@ gtStripSeparate(TIFFRGBAImage* img, uint32* raster, uint32 w, uint32 h)
- if (alpha)
- {
- if (TIFFReadEncodedStrip(tif, TIFFComputeStrip(tif, offset_row, colorchannels),
-- pa, ((row + img->row_offset)%rowsperstrip + nrow) * scanline)==(tmsize_t)(-1)
-+ pa, temp * scanline)==(tmsize_t)(-1)
- && img->stoponerr)
- {
- ret = 0;
diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2019-6128.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2019-6128.patch
deleted file mode 100644
index 6f1fd4d4478..00000000000
--- a/meta/recipes-multimedia/libtiff/tiff/CVE-2019-6128.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-CVE: CVE-2019-6128
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-
-From 0c74a9f49b8d7a36b17b54a7428b3526d20f88a8 Mon Sep 17 00:00:00 2001
-From: Scott Gayou <github.scott@gmail.com>
-Date: Wed, 23 Jan 2019 15:03:53 -0500
-Subject: [PATCH] Fix for simple memory leak that was assigned CVE-2019-6128.
-
-pal2rgb failed to free memory on a few errors. This was reported
-here: http://bugzilla.maptools.org/show_bug.cgi?id=2836.
----
- tools/pal2rgb.c | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/tools/pal2rgb.c b/tools/pal2rgb.c
-index 01d8502ec..9492f1cf1 100644
---- a/tools/pal2rgb.c
-+++ b/tools/pal2rgb.c
-@@ -118,12 +118,14 @@ main(int argc, char* argv[])
- shortv != PHOTOMETRIC_PALETTE) {
- fprintf(stderr, "%s: Expecting a palette image.\n",
- argv[optind]);
-+ (void) TIFFClose(in);
- return (-1);
- }
- if (!TIFFGetField(in, TIFFTAG_COLORMAP, &rmap, &gmap, &bmap)) {
- fprintf(stderr,
- "%s: No colormap (not a valid palette image).\n",
- argv[optind]);
-+ (void) TIFFClose(in);
- return (-1);
- }
- bitspersample = 0;
-@@ -131,11 +133,14 @@ main(int argc, char* argv[])
- if (bitspersample != 8) {
- fprintf(stderr, "%s: Sorry, can only handle 8-bit images.\n",
- argv[optind]);
-+ (void) TIFFClose(in);
- return (-1);
- }
- out = TIFFOpen(argv[optind+1], "w");
-- if (out == NULL)
-+ if (out == NULL) {
-+ (void) TIFFClose(in);
- return (-2);
-+ }
- cpTags(in, out);
- TIFFGetField(in, TIFFTAG_IMAGEWIDTH, &imagewidth);
- TIFFGetField(in, TIFFTAG_IMAGELENGTH, &imagelength);
---
-2.21.0
diff --git a/meta/recipes-multimedia/libtiff/tiff/CVE-2019-7663.patch b/meta/recipes-multimedia/libtiff/tiff/CVE-2019-7663.patch
deleted file mode 100644
index f244fb2f324..00000000000
--- a/meta/recipes-multimedia/libtiff/tiff/CVE-2019-7663.patch
+++ /dev/null
@@ -1,77 +0,0 @@
-CVE: CVE-2019-7663
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-
-From c6fc6c1fa895024c86285c58efd6424cf8078f32 Mon Sep 17 00:00:00 2001
-From: Thomas Bernard <miniupnp@free.fr>
-Date: Mon, 11 Feb 2019 10:05:33 +0100
-Subject: [PATCH 1/2] check that (Tile Width)*(Samples/Pixel) do no overflow
-
-fixes bug 2833
----
- tools/tiffcp.c | 8 +++++++-
- 1 file changed, 7 insertions(+), 1 deletion(-)
-
-diff --git a/tools/tiffcp.c b/tools/tiffcp.c
-index 2f406e2d..f0ee2c02 100644
---- a/tools/tiffcp.c
-+++ b/tools/tiffcp.c
-@@ -1408,7 +1408,7 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer)
- int status = 1;
- uint32 imagew = TIFFRasterScanlineSize(in);
- uint32 tilew = TIFFTileRowSize(in);
-- int iskew = imagew - tilew*spp;
-+ int iskew;
- tsize_t tilesize = TIFFTileSize(in);
- tdata_t tilebuf;
- uint8* bufp = (uint8*) buf;
-@@ -1416,6 +1416,12 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer)
- uint32 row;
- uint16 bps = 0, bytes_per_sample;
-
-+ if (spp > (0x7fffffff / tilew))
-+ {
-+ TIFFError(TIFFFileName(in), "Error, cannot handle that much samples per tile row (Tile Width * Samples/Pixel)");
-+ return 0;
-+ }
-+ iskew = imagew - tilew*spp;
- tilebuf = _TIFFmalloc(tilesize);
- if (tilebuf == 0)
- return 0;
---
-2.20.1
-
-
-From da6454aa80b9bb3154dfab4e8b21637de47531e0 Mon Sep 17 00:00:00 2001
-From: Thomas Bernard <miniupnp@free.fr>
-Date: Mon, 11 Feb 2019 21:42:03 +0100
-Subject: [PATCH 2/2] tiffcp.c: use INT_MAX
-
----
- tools/tiffcp.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/tools/tiffcp.c b/tools/tiffcp.c
-index f0ee2c02..8c81aa4f 100644
---- a/tools/tiffcp.c
-+++ b/tools/tiffcp.c
-@@ -41,6 +41,7 @@
- #include <stdio.h>
- #include <stdlib.h>
- #include <string.h>
-+#include <limits.h>
-
- #include <ctype.h>
-
-@@ -1416,7 +1417,7 @@ DECLAREreadFunc(readSeparateTilesIntoBuffer)
- uint32 row;
- uint16 bps = 0, bytes_per_sample;
-
-- if (spp > (0x7fffffff / tilew))
-+ if (spp > (INT_MAX / tilew))
- {
- TIFFError(TIFFFileName(in), "Error, cannot handle that much samples per tile row (Tile Width * Samples/Pixel)");
- return 0;
---
-2.20.1
-
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.0.10.bb b/meta/recipes-multimedia/libtiff/tiff_4.1.0.bb
similarity index 85%
rename from meta/recipes-multimedia/libtiff/tiff_4.0.10.bb
rename to meta/recipes-multimedia/libtiff/tiff_4.1.0.bb
index 5c008c53fed..1f92c185131 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.0.10.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.1.0.bb
@@ -5,13 +5,9 @@ LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=34da3db46fab7501992f9615d7e158cf"
CVE_PRODUCT = "libtiff"
SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
- file://CVE-2019-6128.patch \
- file://CVE-2019-7663.patch \
- file://CVE-2019-14973.patch \
- file://CVE-2019-17546.patch \
-"
-SRC_URI[md5sum] = "114192d7ebe537912a2b97408832e7fd"
-SRC_URI[sha256sum] = "2c52d11ccaf767457db0c46795d9c7d1a8d8f76f68b0b800a3dfe45786b996e4"
+ "
+SRC_URI[md5sum] = "2165e7aba557463acc0664e71a3ed424"
+SRC_URI[sha256sum] = "5d29f32517dadb6dbcd1255ea5bbc93a2b54b94fbf83653b4d65c7d6775b8634"
# exclude betas
UPSTREAM_CHECK_REGEX = "tiff-(?P<pver>\d+(\.\d+)+).tar"
--
2.17.1
^ permalink raw reply related [flat|nested] 29+ messages in thread
end of thread, other threads:[~2019-11-19 21:54 UTC | newest]
Thread overview: 29+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-11-18 14:28 [PATCH 01/13] python: update to 2.7.17 Alexander Kanavin
2019-11-18 14:28 ` [PATCH 02/13] runqemu: add options that enable virgl with the SDL frontend Alexander Kanavin
2019-11-18 14:28 ` [PATCH 03/13] oe-selftest: extend virgl gtk test to also check the SDL option Alexander Kanavin
2019-11-18 14:28 ` [PATCH 04/13] tiff: update to 4.1.0 Alexander Kanavin
2019-11-18 14:28 ` [PATCH 05/13] librepo: upgrade 1.10.6 -> 1.11.0 Alexander Kanavin
2019-11-18 14:28 ` [PATCH 06/13] btrfs-tools: upgrade 5.3 -> 5.3.1 Alexander Kanavin
2019-11-18 14:28 ` [PATCH 07/13] psmisc: update to 23.3 Alexander Kanavin
2019-11-19 12:37 ` Mittal, Anuj
2019-11-19 13:10 ` Alexander Kanavin
2019-11-18 14:28 ` [PATCH 08/13] libxslt: update to 1.1.34 Alexander Kanavin
2019-11-18 14:28 ` [PATCH 09/13] Revert "devtool/standard.py: Not filtering devtool workspace for devtool finish" Alexander Kanavin
2019-11-18 16:44 ` Richard Purdie
2019-11-18 16:52 ` Manjukumar Harthikote Matha
2019-11-18 17:18 ` Alexander Kanavin
2019-11-18 14:28 ` [PATCH 10/13] mpg123: upgrade 1.25.12 -> 1.25.13 Alexander Kanavin
2019-11-18 14:28 ` [PATCH 11/13] vala: upgrade 0.46.3 -> 0.46.4 Alexander Kanavin
2019-11-18 14:28 ` [PATCH 12/13] sysstat: upstream version check is working again Alexander Kanavin
2019-11-18 14:28 ` [PATCH 13/13] man-pages: correct the SRC_URI Alexander Kanavin
2019-11-18 20:08 ` Khem Raj
2019-11-19 11:40 ` Alexander Kanavin
2019-11-19 15:51 ` Khem Raj
2019-11-19 16:11 ` Alexander Kanavin
2019-11-19 16:38 ` Khem Raj
2019-11-19 16:46 ` Alexander Kanavin
2019-11-19 18:08 ` Christopher Larson
2019-11-19 18:14 ` Alexander Kanavin
2019-11-19 18:21 ` Khem Raj
2019-11-19 21:54 ` Khem Raj
-- strict thread matches above, loose matches on Subject: below --
2019-11-18 13:07 [PATCH 01/13] python: update to 2.7.17 Alexander Kanavin
2019-11-18 13:07 ` [PATCH 04/13] tiff: update to 4.1.0 Alexander Kanavin
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.