* [Buildroot] [PATCH 1/1] package/snmppp: security bump to version 3.5.0
@ 2023-03-18 12:32 Fabrice Fontaine
2023-03-18 21:42 ` Thomas Petazzoni via buildroot
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Fabrice Fontaine @ 2023-03-18 12:32 UTC (permalink / raw)
To: buildroot; +Cc: Luca Ceresoli, Fabrice Fontaine
- Improved (security): Avoid timing attacks on authentication
verification.
- Drop patch (already in version)
https://www.agentpp.com/download/changes_snmp++v3.txt
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
.../0001-fix-build-with-libressl-3-5-0.patch | 39 -------------------
package/snmppp/snmppp.hash | 2 +-
package/snmppp/snmppp.mk | 2 +-
3 files changed, 2 insertions(+), 41 deletions(-)
delete mode 100644 package/snmppp/0001-fix-build-with-libressl-3-5-0.patch
diff --git a/package/snmppp/0001-fix-build-with-libressl-3-5-0.patch b/package/snmppp/0001-fix-build-with-libressl-3-5-0.patch
deleted file mode 100644
index f60f84f9a2..0000000000
--- a/package/snmppp/0001-fix-build-with-libressl-3-5-0.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-fix build with libressl >= 3.5.0
-
-Fix the following build failure with libressl >= 3.5.0:
-
-auth_priv.cpp: In member function 'virtual int Snmp_pp::AuthMD5::password_to_key(const unsigned char*, unsigned int, const unsigned char*, unsigned int, unsigned char*, unsigned int*)':
-auth_priv.cpp:1132:20: error: aggregate 'Snmp_pp::MD5HashStateType md5_hash_state' has incomplete type and cannot be defined
- MD5HashStateType md5_hash_state;
- ^~~~~~~~~~~~~~
-
-Fixes:
- - http://autobuild.buildroot.org/results/b50b883c03e82564198a8b7e91bd14bf007772e0
-
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
-[Upstream status: merged (emailed to katz.agentpp.com@magenta.de)]
-
-diff -Naurp snmp++-3.4.9.orig/src/auth_priv.cpp snmp++-3.4.9/src/auth_priv.cpp
---- snmp++-3.4.9.orig/src/auth_priv.cpp 2022-05-13 11:39:14.083038544 +0200
-+++ snmp++-3.4.9/src/auth_priv.cpp 2022-05-13 15:00:42.576102348 +0200
-@@ -79,8 +79,9 @@ static const char *loggerModuleName = "s
-
- /* -- START: Defines for OpenSSL -- */
-
--#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
--// OpenSSL versions up to 1.0.x and LibreSSL
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
-+ (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x30500000L)
-+// OpenSSL versions up to 1.0.x and LibreSSL versions up to 3.4.x
- typedef EVP_MD_CTX EVPHashStateType;
-
- int evpAllocAndInit(EVP_MD_CTX *ctx, const EVP_MD *md)
-@@ -138,7 +139,7 @@ typedef EVP_MD_CTX* MD5HashSta
- #define MD5_PROCESS(s, p, l) EVP_DigestUpdate(*(s), p, l)
- #define MD5_DONE(s, k) evpDigestFinalAndFree(s, k)
-
--#endif // OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-+#endif // OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x30500000L)
-
- typedef DES_key_schedule DESCBCType;
- #define DES_CBC_START_ENCRYPT(c, iv, k, kl, r, s) \
diff --git a/package/snmppp/snmppp.hash b/package/snmppp/snmppp.hash
index 6dc3d39ced..74c6a3e98f 100644
--- a/package/snmppp/snmppp.hash
+++ b/package/snmppp/snmppp.hash
@@ -1,3 +1,3 @@
# Locally computed:
-sha256 d7a77fd05ecd99b25c51cbab08dfeef22a5edf2677875695c213631af59d5bae snmp++-3.4.10.tar.gz
+sha256 43a433bd5f6fd67add5a26add6521ca664c41aead438405658ed57483664b4bf snmp++-3.5.0.tar.gz
sha256 61337e799c8274e596e5783b22607beea8073ee296c6b27fc5c7487296e56851 src/v3.cpp
diff --git a/package/snmppp/snmppp.mk b/package/snmppp/snmppp.mk
index 005a5a9f35..9f1916dd66 100644
--- a/package/snmppp/snmppp.mk
+++ b/package/snmppp/snmppp.mk
@@ -4,7 +4,7 @@
#
################################################################################
-SNMPPP_VERSION = 3.4.10
+SNMPPP_VERSION = 3.5.0
SNMPPP_SOURCE = snmp++-$(SNMPPP_VERSION).tar.gz
SNMPPP_SITE = http://www.agentpp.com/download
SNMPPP_DEPENDENCIES = host-pkgconf
--
2.39.1
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/snmppp: security bump to version 3.5.0
2023-03-18 12:32 [Buildroot] [PATCH 1/1] package/snmppp: security bump to version 3.5.0 Fabrice Fontaine
@ 2023-03-18 21:42 ` Thomas Petazzoni via buildroot
2023-03-19 20:15 ` Peter Korsgaard
2023-04-10 19:29 ` Peter Korsgaard
2 siblings, 0 replies; 4+ messages in thread
From: Thomas Petazzoni via buildroot @ 2023-03-18 21:42 UTC (permalink / raw)
To: Fabrice Fontaine; +Cc: Luca Ceresoli, buildroot
On Sat, 18 Mar 2023 13:32:17 +0100
Fabrice Fontaine <fontaine.fabrice@gmail.com> wrote:
> - Improved (security): Avoid timing attacks on authentication
> verification.
> - Drop patch (already in version)
>
> https://www.agentpp.com/download/changes_snmp++v3.txt
>
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
> ---
> .../0001-fix-build-with-libressl-3-5-0.patch | 39 -------------------
> package/snmppp/snmppp.hash | 2 +-
> package/snmppp/snmppp.mk | 2 +-
> 3 files changed, 2 insertions(+), 41 deletions(-)
> delete mode 100644 package/snmppp/0001-fix-build-with-libressl-3-5-0.patch
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/snmppp: security bump to version 3.5.0
2023-03-18 12:32 [Buildroot] [PATCH 1/1] package/snmppp: security bump to version 3.5.0 Fabrice Fontaine
2023-03-18 21:42 ` Thomas Petazzoni via buildroot
@ 2023-03-19 20:15 ` Peter Korsgaard
2023-04-10 19:29 ` Peter Korsgaard
2 siblings, 0 replies; 4+ messages in thread
From: Peter Korsgaard @ 2023-03-19 20:15 UTC (permalink / raw)
To: Fabrice Fontaine; +Cc: Luca Ceresoli, buildroot
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:
> - Improved (security): Avoid timing attacks on authentication
> verification.
> - Drop patch (already in version)
> https://www.agentpp.com/download/changes_snmp++v3.txt
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
It looks like we also need to bump agentpp:
http://autobuild.buildroot.net/results/d73/d7347b8b3953596b66da6ca6d85f084fb427934c/build-end.log
https://agentpp.com/download/changes_agent++.txt
Care to have a look at doing that?
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/snmppp: security bump to version 3.5.0
2023-03-18 12:32 [Buildroot] [PATCH 1/1] package/snmppp: security bump to version 3.5.0 Fabrice Fontaine
2023-03-18 21:42 ` Thomas Petazzoni via buildroot
2023-03-19 20:15 ` Peter Korsgaard
@ 2023-04-10 19:29 ` Peter Korsgaard
2 siblings, 0 replies; 4+ messages in thread
From: Peter Korsgaard @ 2023-04-10 19:29 UTC (permalink / raw)
To: Fabrice Fontaine; +Cc: Luca Ceresoli, buildroot
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:
> - Improved (security): Avoid timing attacks on authentication
> verification.
> - Drop patch (already in version)
> https://www.agentpp.com/download/changes_snmp++v3.txt
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Committed to 2023.02.x and 2022.02.x, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2023-04-10 19:29 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-03-18 12:32 [Buildroot] [PATCH 1/1] package/snmppp: security bump to version 3.5.0 Fabrice Fontaine
2023-03-18 21:42 ` Thomas Petazzoni via buildroot
2023-03-19 20:15 ` Peter Korsgaard
2023-04-10 19:29 ` Peter Korsgaard
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).