buildroot.busybox.net archive mirror
 help / color / mirror / Atom feed
* [Buildroot] [PATCH 1/1] package/snmppp: security bump to version 3.5.0
@ 2023-03-18 12:32 Fabrice Fontaine
  2023-03-18 21:42 ` Thomas Petazzoni via buildroot
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: Fabrice Fontaine @ 2023-03-18 12:32 UTC (permalink / raw)
  To: buildroot; +Cc: Luca Ceresoli, Fabrice Fontaine

- Improved (security): Avoid timing attacks on authentication
  verification.
- Drop patch (already in version)

https://www.agentpp.com/download/changes_snmp++v3.txt

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
 .../0001-fix-build-with-libressl-3-5-0.patch  | 39 -------------------
 package/snmppp/snmppp.hash                    |  2 +-
 package/snmppp/snmppp.mk                      |  2 +-
 3 files changed, 2 insertions(+), 41 deletions(-)
 delete mode 100644 package/snmppp/0001-fix-build-with-libressl-3-5-0.patch

diff --git a/package/snmppp/0001-fix-build-with-libressl-3-5-0.patch b/package/snmppp/0001-fix-build-with-libressl-3-5-0.patch
deleted file mode 100644
index f60f84f9a2..0000000000
--- a/package/snmppp/0001-fix-build-with-libressl-3-5-0.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-fix build with libressl >= 3.5.0
-
-Fix the following build failure with libressl >= 3.5.0:
-
-auth_priv.cpp: In member function 'virtual int Snmp_pp::AuthMD5::password_to_key(const unsigned char*, unsigned int, const unsigned char*, unsigned int, unsigned char*, unsigned int*)':
-auth_priv.cpp:1132:20: error: aggregate 'Snmp_pp::MD5HashStateType md5_hash_state' has incomplete type and cannot be defined
-   MD5HashStateType md5_hash_state;
-                    ^~~~~~~~~~~~~~
-
-Fixes:
- - http://autobuild.buildroot.org/results/b50b883c03e82564198a8b7e91bd14bf007772e0
-
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
-[Upstream status: merged (emailed to katz.agentpp.com@magenta.de)]
-
-diff -Naurp snmp++-3.4.9.orig/src/auth_priv.cpp snmp++-3.4.9/src/auth_priv.cpp
---- snmp++-3.4.9.orig/src/auth_priv.cpp	2022-05-13 11:39:14.083038544 +0200
-+++ snmp++-3.4.9/src/auth_priv.cpp	2022-05-13 15:00:42.576102348 +0200
-@@ -79,8 +79,9 @@ static const char *loggerModuleName = "s
- 
- /* -- START: Defines for OpenSSL -- */
- 
--#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
--// OpenSSL versions up to 1.0.x and LibreSSL
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
-+	(defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x30500000L)
-+// OpenSSL versions up to 1.0.x and LibreSSL versions up to 3.4.x
- typedef EVP_MD_CTX            EVPHashStateType;
- 
- int evpAllocAndInit(EVP_MD_CTX *ctx, const EVP_MD *md)
-@@ -138,7 +139,7 @@ typedef EVP_MD_CTX*           MD5HashSta
- #define MD5_PROCESS(s, p, l)  EVP_DigestUpdate(*(s), p, l)
- #define MD5_DONE(s, k)        evpDigestFinalAndFree(s, k)
- 
--#endif // OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-+#endif // OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x30500000L)
- 
- typedef DES_key_schedule      DESCBCType;
- #define DES_CBC_START_ENCRYPT(c, iv, k, kl, r, s) \
diff --git a/package/snmppp/snmppp.hash b/package/snmppp/snmppp.hash
index 6dc3d39ced..74c6a3e98f 100644
--- a/package/snmppp/snmppp.hash
+++ b/package/snmppp/snmppp.hash
@@ -1,3 +1,3 @@
 # Locally computed:
-sha256  d7a77fd05ecd99b25c51cbab08dfeef22a5edf2677875695c213631af59d5bae  snmp++-3.4.10.tar.gz
+sha256  43a433bd5f6fd67add5a26add6521ca664c41aead438405658ed57483664b4bf  snmp++-3.5.0.tar.gz
 sha256  61337e799c8274e596e5783b22607beea8073ee296c6b27fc5c7487296e56851  src/v3.cpp
diff --git a/package/snmppp/snmppp.mk b/package/snmppp/snmppp.mk
index 005a5a9f35..9f1916dd66 100644
--- a/package/snmppp/snmppp.mk
+++ b/package/snmppp/snmppp.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-SNMPPP_VERSION = 3.4.10
+SNMPPP_VERSION = 3.5.0
 SNMPPP_SOURCE = snmp++-$(SNMPPP_VERSION).tar.gz
 SNMPPP_SITE = http://www.agentpp.com/download
 SNMPPP_DEPENDENCIES = host-pkgconf
-- 
2.39.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/snmppp: security bump to version 3.5.0
  2023-03-18 12:32 [Buildroot] [PATCH 1/1] package/snmppp: security bump to version 3.5.0 Fabrice Fontaine
@ 2023-03-18 21:42 ` Thomas Petazzoni via buildroot
  2023-03-19 20:15 ` Peter Korsgaard
  2023-04-10 19:29 ` Peter Korsgaard
  2 siblings, 0 replies; 4+ messages in thread
From: Thomas Petazzoni via buildroot @ 2023-03-18 21:42 UTC (permalink / raw)
  To: Fabrice Fontaine; +Cc: Luca Ceresoli, buildroot

On Sat, 18 Mar 2023 13:32:17 +0100
Fabrice Fontaine <fontaine.fabrice@gmail.com> wrote:

> - Improved (security): Avoid timing attacks on authentication
>   verification.
> - Drop patch (already in version)
> 
> https://www.agentpp.com/download/changes_snmp++v3.txt
> 
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
> ---
>  .../0001-fix-build-with-libressl-3-5-0.patch  | 39 -------------------
>  package/snmppp/snmppp.hash                    |  2 +-
>  package/snmppp/snmppp.mk                      |  2 +-
>  3 files changed, 2 insertions(+), 41 deletions(-)
>  delete mode 100644 package/snmppp/0001-fix-build-with-libressl-3-5-0.patch

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/snmppp: security bump to version 3.5.0
  2023-03-18 12:32 [Buildroot] [PATCH 1/1] package/snmppp: security bump to version 3.5.0 Fabrice Fontaine
  2023-03-18 21:42 ` Thomas Petazzoni via buildroot
@ 2023-03-19 20:15 ` Peter Korsgaard
  2023-04-10 19:29 ` Peter Korsgaard
  2 siblings, 0 replies; 4+ messages in thread
From: Peter Korsgaard @ 2023-03-19 20:15 UTC (permalink / raw)
  To: Fabrice Fontaine; +Cc: Luca Ceresoli, buildroot

>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:

 > - Improved (security): Avoid timing attacks on authentication
 >   verification.
 > - Drop patch (already in version)

 > https://www.agentpp.com/download/changes_snmp++v3.txt

 > Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>

It looks like we also need to bump agentpp:

http://autobuild.buildroot.net/results/d73/d7347b8b3953596b66da6ca6d85f084fb427934c/build-end.log

https://agentpp.com/download/changes_agent++.txt

Care to have a look at doing that?

-- 
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/snmppp: security bump to version 3.5.0
  2023-03-18 12:32 [Buildroot] [PATCH 1/1] package/snmppp: security bump to version 3.5.0 Fabrice Fontaine
  2023-03-18 21:42 ` Thomas Petazzoni via buildroot
  2023-03-19 20:15 ` Peter Korsgaard
@ 2023-04-10 19:29 ` Peter Korsgaard
  2 siblings, 0 replies; 4+ messages in thread
From: Peter Korsgaard @ 2023-04-10 19:29 UTC (permalink / raw)
  To: Fabrice Fontaine; +Cc: Luca Ceresoli, buildroot

>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:

 > - Improved (security): Avoid timing attacks on authentication
 >   verification.
 > - Drop patch (already in version)

 > https://www.agentpp.com/download/changes_snmp++v3.txt

 > Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>

Committed to 2023.02.x and 2022.02.x, thanks.

-- 
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2023-04-10 19:29 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-03-18 12:32 [Buildroot] [PATCH 1/1] package/snmppp: security bump to version 3.5.0 Fabrice Fontaine
2023-03-18 21:42 ` Thomas Petazzoni via buildroot
2023-03-19 20:15 ` Peter Korsgaard
2023-04-10 19:29 ` Peter Korsgaard

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).