CVE-2022-41860:
In freeradius, when an EAP-SIM supplicant sends an unknown SIM option,
the server will try to look that option up in the internal dictionaries.
This lookup will fail, but the SIM code will not check for that failure.
Instead, it will dereference a NULL pointer, and cause the server to
crash.
CVE-2022-41861:
A flaw was found in freeradius. A malicious RADIUS client or home server
can send a malformed abinary attribute which can cause the server to
crash.
References:
https://nvd.nist.gov/vuln/detail/CVE-2022-41860https://nvd.nist.gov/vuln/detail/CVE-2022-41861
Patches from:
CVE-2022-41860:
f1cdbb33ec
CVE-2022-41861:
0ec2b39d26
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
ptest results:
====== 3600 passed, 324 skipped, 2 xfailed, 1 xpassed in 74.41s (0:01:14) ======
for qemux86-64 with 2 GB RAM which is the same as seen on master.
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
License-Updated: copyright year updated to 2023
Changelog:
==========
Fixed null pointer dereference crash with malformed font #6846
Return from ImagingFill early if image has a zero dimension #6842
Reversed deprecations for Image constants, except for duplicate Resampling attributes #6830
Improve exception traceback readability #6836
Do not attempt to read IFD1 if absent #6840
Fixed writing int as ASCII tag #6800
If available, use wl-paste or xclip for grabclipboard() on Linux #6783
Added signed option when saving JPEG2000 images #6709
Patch OpenJPEG to include ARM64 fix#6718
Added support for I;16 modes in putdata() #6825
Added conversion from RGBa to RGB #6708
Added DDS support for uncompressed L and LA images #6820
Added LightSource tag values to ExifTags #6749
Fixed PyAccess after changing ICO size #6821
Do not use EXIF from info when saving PNG images #6819
Fixed saving EXIF data to MPO #6817
Added Exif hide_offsets() #6762
Only compare to previous frame when checking for duplicate GIF frames while saving #6787
Always initialize all plugins in registered_extensions() #6811
Ignore non-opaque WebP background when saving as GIF #6792
Only set tile in ImageFile __setstate__ #6793
When reading BLP, do not trust JPEG decoder to determine image is CMYK #6767
Added IFD enum to ExifTags #6748
Fixed bug combining GIF frame durations #6779
Support saving JPEG comments #6774
Added getxmp() to WebPImagePlugin #6758
Added "exact" option when saving WebP #6747
Use fractional coordinates when drawing text #6722
Fixed writing int as BYTE tag #6740
Added MP Format Version when saving MPO #6735
Added Interop to ExifTags #6724
CVE-2007-4559 patch when building on Windows #6704
Fix compiler warning: accessing 64 bytes in a region of size 48 #6714
Use verbose flag for pip install #6713
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit b73867b9d7)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Changelog:
=========
Limit SAMPLESPERPIXEL to avoid runtime DOS #6700 [wiredfool]
Initialize libtiff buffer when saving #6699 [radarhere]
Inline fname2char to fix memory leak #6329 [nulano]
Fix memory leaks related to text features #6330 [nulano]
Use double quotes for version check on old CPython on Windows #6695 [hugovk]
Remove backup implementation of Round for Windows platforms #6693 [cgohlke]
Fixed set_variation_by_name offset #6445 [radarhere]
Fix malloc in _imagingft.c:font_setvaraxes #6690 [cgohlke]
Release Python GIL when converting images using matrix operations #6418 [hmaarrfk]
Added ExifTags enums #6630 [radarhere]
Do not modify previous frame when calculating delta in PNG #6683 [radarhere]
Added support for reading BMP images with RLE4 compression #6674 [npjg, radarhere]
Decode JPEG compressed BLP1 data in original mode #6678 [radarhere]
Added GPS TIFF tag info #6661 [radarhere]
Added conversion between RGB/RGBA/RGBX and LAB #6647 [radarhere]
Do not attempt normalization if mode is already normal #6644 [radarhere]
Fixed seeking to an L frame in a GIF #6576 [radarhere]
Consider all frames when selecting mode for PNG save_all #6610 [radarhere]
Don't reassign crc on ChunkStream close#6627 [wiredfool, radarhere]
Raise a warning if NumPy failed to raise an error during conversion #6594 [radarhere]
Show all frames in ImageShow #6611 [radarhere]
Allow FLI palette chunk to not be first #6626 [radarhere]
If first GIF frame has transparency for RGB_ALWAYS loading strategy, use RGBA mode #6592 [radarhere]
Round box position to integer when pasting embedded color #6517 [radarhere, nulano]
Removed EXIF prefix when saving WebP #6582 [radarhere]
Pad IM palette to 768 bytes when saving #6579 [radarhere]
Added DDS BC6H reading #6449 [ShadelessFox, REDxEYE, radarhere]
Added support for opening WhiteIsZero 16-bit integer TIFF images #6642 [JayWiz, radarhere]
Raise an error when allocating translucent color to RGB palette #6654 [jsbueno, radarhere]
Added reading of TIFF child images #6569 [radarhere]
Improved ImageOps palette handling #6596 [PososikTeam, radarhere]
Defer parsing of palette into colors #6567 [radarhere]
Apply transparency to P images in ImageTk.PhotoImage #6559 [radarhere]
Use rounding in ImageOps contain() and pad() #6522 [bibinhashley, radarhere]
Fixed GIF remapping to palette with duplicate entries #6548 [radarhere]
Allow remap_palette() to return an image with less than 256 palette entries #6543 [radarhere]
Corrected BMP and TGA palette size when saving #6500 [radarhere]
Do not call load() before draft() in Image.thumbnail #6539 [radarhere]
Copy palette when converting from P to PA #6497 [radarhere]
Allow RGB and RGBA values for PA image putpixel #6504 [radarhere]
Removed support for tkinter in PyPy before Python 3.6 #6551 [nulano]
Do not use CCITTFaxDecode filter if libtiff is not available #6518 [radarhere]
Fallback to not using mmap if buffer is not large enough #6510 [radarhere]
Fixed writing bytes as ASCII tag #6493 [radarhere]
Open 1 bit EPS in mode 1 #6499 [radarhere]
Removed support for tkinter before Python 1.5.2 #6549 [radarhere]
Allow default ImageDraw font to be set #6484 [radarhere, hugovk]
Save 1 mode PDF using CCITTFaxDecode filter #6470 [radarhere]
Added support for RGBA PSD images #6481 [radarhere]
Parse orientation from XMP tag contents #6463 [bigcat88, radarhere]
Added support for reading ATI1/ATI2 (BC4/BC5) DDS images #6457 [REDxEYE, radarhere]
Do not clear GIF tile when checking number of frames #6455 [radarhere]
Support saving multiple MPO frames #6444 [radarhere]
Do not double quote Pillow version for setuptools >= 60 #6450 [radarhere]
Added ABGR BMP mask mode #6436 [radarhere]
Fixed PSDraw rectangle #6429 [radarhere]
Raise ValueError if PNG sRGB chunk is truncated #6431 [radarhere]
Handle missing Python executable in ImageShow on macOS #6416 [bryant1410, radarhere]
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 4e075c7dc8)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Change OS_TEST to be soft assignment so that the cross-compilation
doens't fail with the errors like (note the difference in CPU tags):
| make[4]: *** No rule to make target
'../certhigh/Linux3.4_x86_64_glibc_PTH_64_OPT.OBJ/certhtml.o', needed by
'Linux3.4_aarch64_glibc_PTH_64_OPT.OBJ/libnss3.so'. Stop.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
TUNE_CCARGS are meant to be passed to target compilers only. This fixes
build failures seen on qemux6
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Markus Volk <f_l_k@t-online.de>
(cherry picked from commit 90ea68fc11)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
We already tried to pass -mfloat-abi=hard if the machine can use it, but since
no floating-point-unit was defined it got stubbed out and the result was, that
only arm targets configured for softfp were able to build perfetto.
Simplify by passing ${TUNE_CCARGS} to ensure, we always use the features, the
machine was configured for.
Also, do not use sed to remove the hardcoded -mfpu=neon entry. If this really
turns out to be problematic, we need to patch it out to avoid not having a
floating-point-unit again.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c23bde86d0)
[Fixes build failure]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Remove branch 2.2.x from SRC_URI as fluidsynth github removed the branch.
The SRCREV is on master branch.
Signed-off-by: Preeti Sachan <preeti.sachan@intel.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 534d04af48)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The current handling of /etc/resolv.conf by NM has some problems.
When networkd is not configuring network, and there's 'ip=dhcp'
in kernel command line, the /run/NetworkManager/resolv.conf file
is not created, resulting in /etc/resolv.conf being a dead symlink.
This is because NM is treating the network interface as externally
configured and will not try to reconfigure it again.
This means if we want NM to work properly with /etc/resolv.conf,
we've got to either ensure there's no 'ip=dhcp' in kernel command
line, or we've got to ensure networkd is configuring network. This
is weird because normally we should not enable two network managers
at the same time. Note that NM syncs part of its codes with networkd,
which is the reason I think it happens to work when these two network
configuration tools are configuring the same interface at the same
time.
In fact, NM now works well with resolved. It sends the DNS info it
gets to resolved unconditionally by default (the behavior could be
disabled in configuration file).
Looking at the original commit that sets up the update-alternatives
mechanism, it says:
"""
This brings the networkmanager in sync with how systemd-resolved and connman
work. Additionally this allows it to function with a read-only rootFS.
"""
I guess the author was using systemd but disabling resolved, and the author
wanted to use read-only rootFS. In order to keep such combination still works,
change to use PACKAGECONFIG to handle things, and when 'man-resolv-conf' is
enabled, the above combination could still work.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit a8ebf23dde)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The kernel_add_regdb should run before do_compile to make it take
effect.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Upgrade urgency: SECURITY, contains fixes to security issues.
Security Fixes:
(CVE-2022-35977) Integer overflow in the Redis SETRANGE and SORT/SORT_RO
commands can drive Redis to OOM panic
(CVE-2023-22458) Integer overflow in the Redis HRANDFIELD and
ZRANDMEMBER
commands can lead to denial-of-service
Bug Fixes:
Avoid possible hang when client issues long KEYS, SRANDMEMBER,
HRANDFIELD,
and ZRANDMEMBER commands and gets disconnected by client output buffer
limit (#11676)
Fix sentinel issue if replica changes IP (#11590)
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Upgrade urgency: SECURITY, contains fixes to security issues.
Security Fixes:
(CVE-2022-35977) Integer overflow in the Redis SETRANGE and SORT/SORT_RO
commands can drive Redis to OOM panic
(CVE-2023-22458) Integer overflow in the Redis HRANDFIELD and
ZRANDMEMBER
commands can lead to denial-of-service
Bug Fixes
Avoid possible hang when client issues long KEYS, SRANDMEMBER,
HRANDFIELD,
and ZRANDMEMBER commands and gets disconnected by client output buffer
limit (#11676)
Make sure that fork child doesn't do incremental rehashing (#11692)
Fix a bug where blocking commands with a sub-second timeout would block
forever (#11688)
Fix sentinel issue if replica changes IP (#11590)
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This upgrade include fix for CVE-2022-3647
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This upgrade include fix for CVE-2022-3647
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
The current location has no effect, because NetworkManager
is not looking for config files there.
In meson.build, we have:
nm_pkglibdir = join_paths(nm_prefix, 'lib', nm_name)
config_extra_h.set_quoted('NMLIBDIR', nm_pkglibdir)
It's clear that the configuration directory should be
nonarch_libdir instead of libdir.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 15893f46f8)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Without this patch, even if dhcpcd is enabled, the NetworkManager
cannot find it. Below are the messages from NetworkMananger:
dhcp: init: DHCP client 'dhcpcd' not available
dhcp: init: Using DHCP client 'internal'
The problem is that dhcpcd needs to be specified as a path, otherwise
NetworkManager tries to find it in /usr/sbin/dhcpcd.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 178123a006)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
When cleaning the package during rebuild in base_do_configure()
'make clean' deletes docs/dool.1. This files comes from source repository
but can't be recreated using 'make docs'.
Signed-off-by: Alexander Stein <alexander.stein@ew.tq-group.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 19f28fb34e)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
It fails to install postfix and lib32-postfix at same time:
| Error: Transaction test error:
| file /etc/postfix/sample-main.cf conflicts between attempted installs of
lib32-postfix-cfg-3.7.3-r0.i586 and postfix-cfg-3.7.3-r0.core2_64
Rename sample-main.cf with ${MLPREFIX}.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit b75c138a1c)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Changelog:
==========
- Add smcroutectl batch support, issue #189. Based on the IPC support added in issue #185
- Fix#178: invalid systemd daemon type Simple/Notify vs simple/notify
- Fix#179: typo in wildcard routes section of README
- Fix#180: minor typo in file and directory names in documentation
- Fix#183: casting in IPC code hides error handling of recv()
- Fix#186: NULL pointer dereference in utimensat() replacement function.
Found accidentally by Alexey Smirnov. Only triggered on systems that don't
have a native utimensat() in their C-library, or if you try to build
SMCRoute without using its own build system ...
- Fix#187: strange behavior joining/leaving the same group
- Fix#192: typo in README
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit abc501113a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
It currently ends up using native python3-config which adds native paths
to compiler includes which is not what we want.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit aac23a0407)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
It uses python3-config during build to grok the python specific
includedirs, therefore its important to ensure that target specific
python3-config is used, otherwise currently it defaults to native
python3-config which ends up adding native python3 include paths
which might work out ok but is exposed when target is 32bit + lfs
enabled, the headers don't match between native and target python
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c7fcebd05d)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
It uses python3-config during build to grok the python specific
includedirs, therefore its important to ensure that target specific
python3-config is used, otherwise currently it defaults to native
python3-config which ends up adding native python3 include paths
which might work out ok but is exposed when target is 32bit + lfs
enabled, the headers don't match between native and target python
and compile fails e.g.
| In file included from /mnt/b/yoe/master/build/tmp/work/cortexa15t2hf-neon-yoe-linux-gnueabi/volume-key/0.3.12-r0/recipe-sysroot-native/usr/include/python3.11/Python.h:38:
| /mnt/b/yoe/master/build/tmp/work/cortexa15t2hf-neon-yoe-linux-gnueabi/volume-key/0.3.12-r0/recipe-sysroot-native/usr/include/python3.11/pyport.h:601:2: error: "LONG_BIT definition appears wrong for platform (bad gcc/glibc config?)."
| #error "LONG_BIT definition appears wrong for platform (bad gcc/glibc config?)."
| ^
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 44384179db)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Fixes
| /mnt/b/yoe/master/build/tmp/work/cortexa15t2hf-neon-yoe-linux-gnueabi/aufs-util/4.9+gitAUTOINC+8f35db59ef-r0/recipe-sysroot-native/usr/bin/arm-yoe-linux-gnueabi/arm-yoe-linux-gnueabi-ld: rdu64.o: in function `readdir64':
| <unknown>:122: multiple definition of `readdir64'; rdu.o:<unknown>:122: first defined here
| /mnt/b/yoe/master/build/tmp/work/cortexa15t2hf-neon-yoe-linux-gnueabi/aufs-util/4.9+gitAUTOINC+8f35db59ef-r0/recipe-sysroot-native/usr/bin/arm-yoe-linux-gnueabi/arm-yoe-linux-gnueabi-ld: rdu64.o: in function `readdir64_r':
| <unknown>:139: multiple definition of `readdir64_r'; rdu.o:<unknown>:139: first defined here
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit c8e7f93867)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Changelog:
==========
Bugfixes:
- Add missing copyright notices
- Add Spyder X entry
- Document where to send patches
- Don't use exact floating point comparisons
- Drop option for removed reverse engineering tools
- Drop references to hughski.com
- Fix a small memory leak in sqlite3_exec()
- Fix typo in device-removed signal documentation
- Make introspection optional in meson
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 706cfeb250)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Changelog:
===========
In auditd, release the async flush lock on stop
Don't allow auditd to log directly into /var/log when log_group is non-zero
Cleanup krb5 memory leaks on error paths
Update auditd.cron to use auditctl --signal
In auparse, if too many fields, realloc array bigger (Paul Wolneykien)
In auparse, special case kernel module name interpretation
If overflow_action is ignore, don't treat as an error
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 01eb5561da)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Version 2.19.3, 2022-11-16
CVE-2022-43705: A malicious OCSP responder could forge OCSP responses due to a
failure to validate that an embedded certificate was issued by the end-entity
issuing certificate authority.
Signed-off-by: Chen Pei <cp0613@linux.alibaba.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 2392dc7925)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
If protoc is enabled for the build, recipes using protobuf will
fail when protoc is not available in the recipe sysroot:
| The imported target "protobuf::protoc" references the file
|
| ".../recipe-sysroot/usr/local/oe-sdk-hardcoded-buildpath/sysroots/x86_64-pokysdk-linux/usr/bin/protoc-3.21.5.0"
|
| but this file does not exist. Possible reasons include:
|
| * The file was deleted, renamed, or moved to another location.
|
| * An install or uninstall procedure did not complete successfully.
|
| * The installation package was faulty and contained
|
| ".../recipe-sysroot/usr/local/oe-sdk-hardcoded-buildpath/sysroots/x86_64-pokysdk-linux/usr/lib/cmake/protobuf/protobuf-targets.cmake"
|
| but not all the files it references.
Use SYSROOT_DIRS to stage the binary to sysroot so it's always
available for other recipes.
Signed-off-by: Samuli Piippo <samuli.piippo@qt.io>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d7f46fa816)
* Drop Openssl legacy provider patch and install both binaries patch
which are already available in 16.x
* Refresh native binaries patch against 16.x base
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
It fails to start radiusd.service from lib32-freeradius that the
configure directory is /etc/lib32-raddb rather than /etc/raddb. So add
an environment file to export a variable MLPREFIX for the service file
to make it start successfully.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 172c707251)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
