All of lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [PATCH 1/1] package/lapack: bump to version 3.10.1
@ 2022-07-28 11:58 Fabrice Fontaine
  2022-07-28 20:56 ` Thomas Petazzoni via buildroot
  0 siblings, 1 reply; 2+ messages in thread
From: Fabrice Fontaine @ 2022-07-28 11:58 UTC (permalink / raw)
  To: buildroot; +Cc: Benjamin Kamath, Fabrice Fontaine

- Drop patch (already in version)
- Update hash of LICENSE (update in year:
  https://github.com/Reference-LAPACK/lapack/commit/e7ad0370d4c3bb81d663abb773e49094f68bd5d6)

http://www.netlib.org/lapack/lapack-3.10.1.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
 ...001-Fix-out-of-bounds-read-in-slarrv.patch | 82 -------------------
 package/lapack/lapack.hash                    |  4 +-
 package/lapack/lapack.mk                      |  5 +-
 3 files changed, 3 insertions(+), 88 deletions(-)
 delete mode 100644 package/lapack/0001-Fix-out-of-bounds-read-in-slarrv.patch

diff --git a/package/lapack/0001-Fix-out-of-bounds-read-in-slarrv.patch b/package/lapack/0001-Fix-out-of-bounds-read-in-slarrv.patch
deleted file mode 100644
index 43c6444b02..0000000000
--- a/package/lapack/0001-Fix-out-of-bounds-read-in-slarrv.patch
+++ /dev/null
@@ -1,82 +0,0 @@
-From 0631b6beaed60ba118b0b027c0f8d35397bf5df0 Mon Sep 17 00:00:00 2001
-From: Keno Fischer <keno@juliacomputing.com>
-Date: Thu, 30 Sep 2021 03:51:23 -0400
-Subject: [PATCH] Fix out of bounds read in slarrv
-
-This was originally reported as https://github.com/JuliaLang/julia/issues/42415.
-I've tracked this down to an our of bounds read on the following line:
-
-https://github.com/Reference-LAPACK/lapack/blob/44ecb6a5ff821b1cbb39f8cc2166cb098e060b4d/SRC/slarrv.f#L423
-
-In the crashing example, `M` is `0`, causing `slarrv` to read uninitialized
-memory from the work array. I believe the `0` for `M` is correct and indeed,
-the documentation above supports that `M` may be zero:
-
-https://github.com/Reference-LAPACK/lapack/blob/44ecb6a5ff821b1cbb39f8cc2166cb098e060b4d/SRC/slarrv.f#L113-L116
-
-I believe it may be sufficient to early-out this function as suggested
-in this PR. However, I have limited context for the full routine here,
-so I would appreciate a sanity check.
-
-[Retrieved from:
-https://github.com/Reference-LAPACK/lapack/commit/38f3eeee3108b18158409ca2a100e6fe03754781]
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
----
- SRC/clarrv.f | 2 +-
- SRC/dlarrv.f | 2 +-
- SRC/slarrv.f | 2 +-
- SRC/zlarrv.f | 2 +-
- 4 files changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/SRC/clarrv.f b/SRC/clarrv.f
-index 1f09e4da6..42f710757 100644
---- a/SRC/clarrv.f
-+++ b/SRC/clarrv.f
-@@ -348,7 +348,7 @@ SUBROUTINE CLARRV( N, VL, VU, D, L, PIVMIN,
- *
- *     Quick return if possible
- *
--      IF( N.LE.0 ) THEN
-+      IF( (N.LE.0).OR.(M.LE.0) ) THEN
-          RETURN
-       END IF
- *
-diff --git a/SRC/dlarrv.f b/SRC/dlarrv.f
-index b036c1e66..299430361 100644
---- a/SRC/dlarrv.f
-+++ b/SRC/dlarrv.f
-@@ -350,7 +350,7 @@ SUBROUTINE DLARRV( N, VL, VU, D, L, PIVMIN,
- *
- *     Quick return if possible
- *
--      IF( N.LE.0 ) THEN
-+      IF( (N.LE.0).OR.(M.LE.0) ) THEN
-          RETURN
-       END IF
- *
-diff --git a/SRC/slarrv.f b/SRC/slarrv.f
-index 9d72b339a..95f94fd1b 100644
---- a/SRC/slarrv.f
-+++ b/SRC/slarrv.f
-@@ -350,7 +350,7 @@ SUBROUTINE SLARRV( N, VL, VU, D, L, PIVMIN,
- *
- *     Quick return if possible
- *
--      IF( N.LE.0 ) THEN
-+      IF( (N.LE.0).OR.(M.LE.0) ) THEN
-          RETURN
-       END IF
- *
-diff --git a/SRC/zlarrv.f b/SRC/zlarrv.f
-index 51ec558f5..e4be63e0d 100644
---- a/SRC/zlarrv.f
-+++ b/SRC/zlarrv.f
-@@ -348,7 +348,7 @@ SUBROUTINE ZLARRV( N, VL, VU, D, L, PIVMIN,
- *
- *     Quick return if possible
- *
--      IF( N.LE.0 ) THEN
-+      IF( (N.LE.0).OR.(M.LE.0) ) THEN
-          RETURN
-       END IF
- *
diff --git a/package/lapack/lapack.hash b/package/lapack/lapack.hash
index 6f6dbff1a6..4d4d2c0596 100644
--- a/package/lapack/lapack.hash
+++ b/package/lapack/lapack.hash
@@ -1,3 +1,3 @@
 # Locally computed:
-sha256  328c1bea493a32cac5257d84157dc686cc3ab0b004e2bea22044e0a59f6f8a19  lapack-3.10.0.tar.gz
-sha256  66246b7d3e6736aea46e63fd5e087659474d07edfe2f9b051d085d9b42aaac61  LICENSE
+sha256  cd005cd021f144d7d5f7f33c943942db9f03a28d110d6a3b80d718a295f7f714  lapack-3.10.1.tar.gz
+sha256  44f7c08ab11e40b21d8bf8220712929ba8d0204645d2174869acf915562d0969  LICENSE
diff --git a/package/lapack/lapack.mk b/package/lapack/lapack.mk
index 609075842d..2d069c1c93 100644
--- a/package/lapack/lapack.mk
+++ b/package/lapack/lapack.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LAPACK_VERSION = 3.10.0
+LAPACK_VERSION = 3.10.1
 LAPACK_LICENSE = BSD-3-Clause
 LAPACK_LICENSE_FILES = LICENSE
 LAPACK_SITE = $(call github,Reference-LAPACK,lapack,v$(LAPACK_VERSION))
@@ -13,9 +13,6 @@ LAPACK_INSTALL_STAGING = YES
 LAPACK_SUPPORTS_IN_SOURCE_BUILD = NO
 LAPACK_CONF_OPTS = -DLAPACKE=ON -DCBLAS=ON
 
-# 0001-Fix-out-of-bounds-read-in-slarrv.patch
-LAPACK_IGNORE_CVES += CVE-2021-4048
-
 ifeq ($(BR2_PACKAGE_LAPACK_COMPLEX),y)
 LAPACK_CONF_OPTS += -DBUILD_COMPLEX=ON -DBUILD_COMPLEX16=ON
 else
-- 
2.35.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/lapack: bump to version 3.10.1
  2022-07-28 11:58 [Buildroot] [PATCH 1/1] package/lapack: bump to version 3.10.1 Fabrice Fontaine
@ 2022-07-28 20:56 ` Thomas Petazzoni via buildroot
  0 siblings, 0 replies; 2+ messages in thread
From: Thomas Petazzoni via buildroot @ 2022-07-28 20:56 UTC (permalink / raw)
  To: Fabrice Fontaine; +Cc: Benjamin Kamath, buildroot

On Thu, 28 Jul 2022 13:58:47 +0200
Fabrice Fontaine <fontaine.fabrice@gmail.com> wrote:

> - Drop patch (already in version)
> - Update hash of LICENSE (update in year:
>   https://github.com/Reference-LAPACK/lapack/commit/e7ad0370d4c3bb81d663abb773e49094f68bd5d6)
> 
> http://www.netlib.org/lapack/lapack-3.10.1.html
> 
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
> ---
>  ...001-Fix-out-of-bounds-read-in-slarrv.patch | 82 -------------------
>  package/lapack/lapack.hash                    |  4 +-
>  package/lapack/lapack.mk                      |  5 +-
>  3 files changed, 3 insertions(+), 88 deletions(-)
>  delete mode 100644 package/lapack/0001-Fix-out-of-bounds-read-in-slarrv.patch

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-07-28 20:56 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-07-28 11:58 [Buildroot] [PATCH 1/1] package/lapack: bump to version 3.10.1 Fabrice Fontaine
2022-07-28 20:56 ` Thomas Petazzoni via buildroot

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.