diff --git a/.oebuild/manifest.yaml b/.oebuild/manifest.yaml index a8ba78283f16f94c157371171804a58531d52bc7..5c316a983ddb4c2699d4df6e503d70e7cdb71e3a 100644 --- a/.oebuild/manifest.yaml +++ b/.oebuild/manifest.yaml @@ -74,37 +74,37 @@ manifest_list: version: 8b37f3eedc9097d22849ddacfbd3925d7640e119 cifs-utils: remote_url: https://gitee.com/src-openeuler/cifs-utils.git - version: 56b68ee4a19ae7fe5dd0fdbd5e0711856c0ac243 + version: 41bd0937c2f958d39fe905dfae6ad962d11a0333 cjson: remote_url: https://gitee.com/src-openeuler/cjson.git - version: b3be75a5e336e75e811c1ffe2bc3aae8b96f30fe + version: bd6e439b41cf8f7d07f247337feceb8ebbe722e2 cmake: remote_url: https://gitee.com/src-openeuler/cmake.git - version: 05ee2b55cc3c6408f80806f29f834a06b43528f7 + version: ac3f495f2e4f9118636e1be9d0547309587820a4 coreutils: remote_url: https://gitee.com/src-openeuler/coreutils.git - version: 3c81d74d0cc01815a7796c81b021f0912a06e95f + version: aad5a8a5a0752de329d79bc059101906ae9a7236 cracklib: remote_url: https://gitee.com/src-openeuler/cracklib.git - version: 53b44842e5cb27d938f30a70b861b222b5ef206d + version: 1e70638ab38b631e1f71dfc82fad375a40504991 cronie: remote_url: https://gitee.com/src-openeuler/cronie.git - version: 5628cfc7bd90c6063b3566f83730c9ab5abdf1e6 + version: dbfa876ddfae2e44c6dded16afc568a112af5e3b curl: remote_url: https://gitee.com/src-openeuler/curl.git - version: cb304548201252fb5d67d07ae009481cfc6e8088 + version: a4e158f42cdd352140ea79af0733c24af1424e31 file: remote_url: https://gitee.com/src-openeuler/file.git version: bad93dd69236c6f1b0915ee926c0a8c86bb4ec6e dbus: remote_url: https://gitee.com/src-openeuler/dbus.git - version: 10bea11beb0f666a6c4207c2519b88a84a99d94d + version: dddf1b004f4ec06ef159f326421c25b5ca4dd273 dhcp: remote_url: https://gitee.com/src-openeuler/dhcp.git - version: 2ebc5bcc23d88fdb1bbceb9a1ed77506e9c11965 + version: f449b8f4da09fcb0dc76e854536de1680153706e dosfstools: remote_url: https://gitee.com/src-openeuler/dosfstools.git - version: 09e7b7c3c56a8173fc192b094a7da4ecaa88506a + version: 36ff718b4bfc067c5be2c12bdfd3d99f17a4c77c dsoftbus: remote_url: https://gitee.com/src-openeuler/dsoftbus.git version: b02ef74415b5a76fc30454498e982da98f6cd465 @@ -113,7 +113,7 @@ manifest_list: version: e2669305d57d3874d8b14d3c439f974cd1f4258a e2fsprogs: remote_url: https://gitee.com/src-openeuler/e2fsprogs.git - version: fc5ccf9665c69ea2b6c1e342aa7878192b1194da + version: 4749983676da5417b9cde3c5ed2e1e8f6bdaa550 eigen: remote_url: https://gitee.com/src-openeuler/eigen.git version: 6528aa495426c804a12e9ade7179ae9c701fffc6 diff --git a/meta-openeuler/recipes-connectivity/dhcp/dhcp_%.bbappend b/meta-openeuler/recipes-connectivity/dhcp/dhcp_%.bbappend index 44bf0c2b1d3c19f17c826d8db60fa551fb4ed4bb..d23647403bd42e92aec5303fd456d33b70b7b949 100644 --- a/meta-openeuler/recipes-connectivity/dhcp/dhcp_%.bbappend +++ b/meta-openeuler/recipes-connectivity/dhcp/dhcp_%.bbappend @@ -9,9 +9,15 @@ PV = "4.4.3" LIC_FILES_CHKSUM = "file://LICENSE;beginline=4;md5=613211e713c4ffc489ec370e1caceabb" +SRC_URI_remove = "\ + http://ftp.isc.org/isc/dhcp/${PV}/dhcp-${PV}.tar.gz \ +" + # apply patches in openEuler # backport-0025-bind-Detect-system-time-changes.patch, backport-Fix-CVE-2021-25220.patch for bind -SRC_URI_prepend = "file://backport-0001-change-bug-url.patch \ +SRC_URI_prepend = " \ + file://dhcp-${PV}.tar.gz \ + file://backport-0001-change-bug-url.patch \ file://backport-0002-additional-dhclient-options.patch \ file://backport-0003-Handle-releasing-interfaces-requested-by-sbin-ifup.patch \ file://backport-0004-Support-unicast-BOOTP-for-IBM-pSeries-systems-and-ma.patch \ @@ -49,6 +55,7 @@ SRC_URI_prepend = "file://backport-0001-change-bug-url.patch \ file://bugfix-error-message-display.patch \ file://backport-Fix-CVE-2022-2928.patch \ file://backport-Fix-CVE-2022-2929.patch \ + file://Revert-correcting-the-logic-in-dhclient.patch \ " SRC_URI[md5sum] = "9076af4cc1293dde5a7c6cae7de6ab45" diff --git a/meta-openeuler/recipes-core/coreutils/coreutils_%.bbappend b/meta-openeuler/recipes-core/coreutils/coreutils_%.bbappend index f45a0292df9ca983405db92d3c4127b411878f8e..f7214ba1604879be23e5d764cc9bddc05a4f8f14 100644 --- a/meta-openeuler/recipes-core/coreutils/coreutils_%.bbappend +++ b/meta-openeuler/recipes-core/coreutils/coreutils_%.bbappend @@ -30,18 +30,26 @@ SRC_URI_prepend = " \ file://bugfix-remove-usr-local-lib-from-m4.patch \ file://bugfix-dummy_help2man.patch \ file://bugfix-selinux-flask.patch \ - file://skip-the-tests-that-require-selinux-if-selinux-is-di.patch \ + file://skip-the-tests-that-require-selinux-if-selinux-is-di.patch \ file://backport-chmod-fix-exit-status-when-ignoring-symlinks.patch \ file://backport-timeout-ensure-foreground-k-exits-with-status-137.patch \ - file://backport-dd-improve-integer-overflow-checking.patch \ - file://backport-dd-do-not-access-uninitialized.patch \ - file://backport-df-fix-memory-leak.patch \ - file://backport-ls-avoid-triggering-automounts.patch \ - file://backport-stat-only-automount-with-cached-never.patch \ file://backport-config-color-alias-for-ls.patch \ file://backport-coreutils-i18n.patch \ file://backport-sort-fix-sort-g-infloop-again.patch \ file://backport-tests-sort-NaN-infloop-augment-testing-for-recent-fi.patch \ + file://backport-comm-fix-NUL-output-delimiter-with-total.patch \ + file://backport-stty-validate-ispeed-and-ospeed-arguments.patch \ + file://backport-fts-fix-race-mishandling-of-fstatat-failure.patch \ + file://backport-stty-fix-off-by-one-column-wrapping-on-output.patch \ + file://backport-copy-copy_file_range-handle-ENOENT-for-CIFS.patch \ + file://backport-tail-fix-support-for-F-with-non-seekable-files.patch \ + file://backport-fts-fail-gracefully-when-out-of-memory.patch \ + file://backport-pr-fix-infinite-loop-when-double-spacing.patch \ + file://backport-wc-ensure-we-update-file-offset.patch \ + file://backport-who-fix-only-theoretical-overflow.patch \ + file://backport-tac-handle-short-reads-on-input.patch \ + file://backport-setenv-Don-t-crash-if-malloc-returns-NULL.patch \ + file://backport-who-don-t-crash-if-clock-gyrates.patch \ + file://backport-doc-od-strings-clarify-operation.patch \ + file://backport-wc-port-to-kernels-that-disable-XSAVE-YMM.patch \ " - -SRC_URI[sha256sum] = "ce30acdf4a41bc5bb30dd955e9eaa75fa216b4e3deb08889ed32433c7b3b97ce" diff --git a/meta-openeuler/recipes-devtools/cmake/cmake_%.bbappend b/meta-openeuler/recipes-devtools/cmake/cmake_%.bbappend index 671515f21f463d456853acf79ecca2255fbd7195..a70fb2ae02fa6660dda07154d0e39402b90b59e0 100644 --- a/meta-openeuler/recipes-devtools/cmake/cmake_%.bbappend +++ b/meta-openeuler/recipes-devtools/cmake/cmake_%.bbappend @@ -1,5 +1,7 @@ # main bb file: yocto-poky/meta/recipes-devtools/cmake/cmake_3.19.5.bb +OPENEULER_SRC_URI_REMOVE = "https git http" + # openEuler version PV = "3.22.0" @@ -8,12 +10,12 @@ SRC_URI_remove = " \ " SRC_URI += "\ + file://cmake-${PV}.tar.gz \ file://cmake-findruby.patch \ file://cmake-fedora-flag_release.patch \ file://cmake-mingw-dl.patch \ + file://cmake-3.22.0-sw.patch \ " LIC_FILES_CHKSUM = "file://Copyright.txt;md5=31023e1d3f51ca90a58f55bcee8e2339 \ " - -SRC_URI[sha256sum] = "998c7ba34778d2dfdb3df8a695469e24b11e2bfa21fbe41b361a3f45e1c9345e" diff --git a/meta-openeuler/recipes-devtools/e2fsprogs/e2fsprogs_%.bbappend b/meta-openeuler/recipes-devtools/e2fsprogs/e2fsprogs_%.bbappend index c67b28ac9b6f4d739ae167032777face379b3c40..c6c80aa56f0845c5f2204fcef32df82df1554aee 100644 --- a/meta-openeuler/recipes-devtools/e2fsprogs/e2fsprogs_%.bbappend +++ b/meta-openeuler/recipes-devtools/e2fsprogs/e2fsprogs_%.bbappend @@ -1,14 +1,14 @@ +#from yocto-poky/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.46.1.bb +OPENEULER_SRC_URI_REMOVE = "https git http" + PV = "1.46.4" S = "${WORKDIR}/${BPN}-${PV}" # delete package from poky -SRC_URI_remove += "git://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git \ - git://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git;branch=master \ +SRC_URI_remove += " \ file://0001-e2fsck-fix-last-mount-write-time-when-e2fsck-is-forc.patch \ " -SRC_URI[sha256sum] = "b11042533c1b1dcf17512f0da48e05b0c573dada1dd8b762864d10f4dc399713" - # add openeuler patches SRC_URI += " \ file://e2fsprogs-${PV}.tar.xz \ @@ -38,4 +38,18 @@ SRC_URI += " \ file://0024-tune2fs-check-return-value-of-ext2fs_mmp_update2-in-.patch \ file://0025-mmp-fix-wrong-comparison-in-ext2fs_mmp_stop.patch \ file://0026-misc-fsck.c-Processes-may-kill-other-processes.patch \ + file://0027-dumpe2fs-resize2fs-avoid-memory-leak-on-error-path.patch \ + file://0028-libext2fs-fix-memory-leak-in-error-path-while-openin.patch \ + file://0029-e2fsck-avoid-theoretical-null-dereference-in-end_pro.patch \ + file://0030-e2fsck-fix-potential-out-of-bounds-read-in-inc_ea_in.patch \ + file://0031-e2fsck-avoid-out-of-bounds-write-for-very-deep-exten.patch \ + file://0032-e2fsck-fix-potential-fencepost-error-in-e2fsck_shoul.patch \ + file://0033-libext2fs-fix-potential-integer-overflow-in-bitmap-a.patch \ + file://0034-tune2fs-fix-an-error-message.patch \ + file://0035-e2fsck-don-t-allow-journal-inode-to-have-encrypt-fla.patch \ + file://0036-lib-ext2fs-fix-unbalanced-mutex-unlock-for-BOUNCE_MT.patch \ + file://0037-libext2fs-fix-ext2fs_compare_generic_bmap-logic.patch \ + file://0038-Quiet-unused-variable-warnings.patch \ + file://0039-ext2fs-Use-64bit-lseek-when-_FILE_OFFSET_BITS-is-64.patch \ + file://0040-e2fsck-fix-bad-htree-checksums-in-preen-mode.patch \ " diff --git a/meta-openeuler/recipes-extended/cronie/cronie_%.bbappend b/meta-openeuler/recipes-extended/cronie/cronie_%.bbappend index ef4eacb2f9dfc58de7f877974c8f2bf44415c3df..23acda4c3bc8d8876c5b8d8d9bdeb403af52f6eb 100644 --- a/meta-openeuler/recipes-extended/cronie/cronie_%.bbappend +++ b/meta-openeuler/recipes-extended/cronie/cronie_%.bbappend @@ -1,8 +1,11 @@ +#from yocto-poky/meta/recipes-extended/cronie/cronie_1.5.5.bb + +OPENEULER_SRC_URI_REMOVE = "https git http" + PV = "1.6.1" SRC_URI += " \ + file://cronie-${PV}.tar.gz \ file://bugfix-cronie-systemd-alias.patch \ + file://backport-Support-reloading-with-SIGURG-in-addition-to-SIGHUP.patch \ " - -SRC_URI[md5sum] = "de07b7229520bc859d987c721bab87c5" -SRC_URI[sha256sum] = "2cd0f0dd1680e6b9c39bf1e3a5e7ad6df76aa940de1ee90a453633aa59984e62" diff --git a/meta-openeuler/recipes-support/curl/curl_%.bbappend b/meta-openeuler/recipes-support/curl/curl_%.bbappend index 18e2eda18cc5b4edd601a22931d17e9a9302e136..41941589b49220d5092c7553cee1ec80ca884d8b 100644 --- a/meta-openeuler/recipes-support/curl/curl_%.bbappend +++ b/meta-openeuler/recipes-support/curl/curl_%.bbappend @@ -24,52 +24,69 @@ SRC_URI_remove = " \ # files, patches that come from openeuler # do not apply backport-0101-curl-7.32.0-multilib.patch due to failure "libcurl.pc failed sanity test" when doing QA staging "pkg-config libcurl" in this patch SRC_URI += " \ - file://${BP}.tar.xz \ - file://backport-CVE-2022-22576.patch \ - file://backport-CVE-2022-27775.patch \ - file://backport-CVE-2022-27776.patch \ - file://backport-pre-CVE-2022-27774.patch \ - file://backport-001-CVE-2022-27774.patch \ - file://backport-002-CVE-2022-27774.patch \ - file://backport-CVE-2022-27781.patch \ - file://backport-pre-CVE-2022-27782.patch \ - file://backport-CVE-2022-27782.patch \ - file://backport-CVE-2022-32205.patch \ - file://backport-CVE-2022-32206.patch \ - file://backport-CVE-2022-32207.patch \ - file://backport-CVE-2022-32208.patch \ - file://backport-fix-configure-disable-http-auth-build-error.patch \ - file://backport-CVE-2022-35252-cookie-reject-cookies-with-control-bytes.patch \ - file://backport-CVE-2022-32221.patch \ - file://backport-CVE-2022-42916.patch \ - file://backport-CVE-2022-42915.patch \ - file://backport-CVE-2022-43551-http-use-the-IDN-decoded-name-in-HSTS-checks.patch \ - file://backport-CVE-2022-43552-smb-telnet-do-not-free-the-protocol-struct-in-_done.patch \ - file://backport-0001-CVE-2023-23914-CVE-2023-23915.patch \ - file://backport-0002-CVE-2023-23914-CVE-2023-23915.patch \ - file://backport-0003-CVE-2023-23914-CVE-2023-23915.patch \ - file://backport-0004-CVE-2023-23914-CVE-2023-23915.patch \ - file://backport-0005-CVE-2023-23914-CVE-2023-23915.patch \ - file://backport-0001-CVE-2023-23916.patch \ - file://backport-0002-CVE-2023-23916.patch \ - file://backport-CVE-2023-27533.patch \ - file://backport-CVE-2023-27534-pre1.patch \ - file://backport-CVE-2023-27534.patch \ - file://backport-CVE-2023-27538.patch \ - file://backport-CVE-2023-27535-pre1.patch \ - file://backport-CVE-2023-27536.patch \ - file://backport-CVE-2023-27535.patch \ - file://backport-after-CVE-2022-32207-to-fix-build-error-when-user-don-t-use-glibc.patch \ - file://backport-CVE-2023-28321.patch \ - file://backport-CVE-2023-28322.patch \ - file://backport-0001-CVE-2023-28320.patch \ - file://backport-0002-CVE-2023-28320.patch \ - file://backport-0003-CVE-2023-28320.patch \ - file://backport-curl-tool-erase-some-more-sensitive-command-line-arg.patch \ - file://backport-tool_getparam-repair-cleanarg.patch \ - file://backport-tool_getparam-fix-cleanarg-for-unicode-builds.patch \ - file://backport-getparam-correctly-clean-args.patch \ - file://backport-tool_getparam-fix-hiding-of-command-line-secrets.patch \ + file://${BP}.tar.xz \ + file://backport-CVE-2022-22576.patch \ + file://backport-CVE-2022-27775.patch \ + file://backport-CVE-2022-27776.patch \ + file://backport-pre-CVE-2022-27774.patch \ + file://backport-001-CVE-2022-27774.patch \ + file://backport-002-CVE-2022-27774.patch \ + file://backport-CVE-2022-27781.patch \ + file://backport-pre-CVE-2022-27782.patch \ + file://backport-CVE-2022-27782.patch \ + file://backport-CVE-2022-32205.patch \ + file://backport-CVE-2022-32206.patch \ + file://backport-CVE-2022-32207.patch \ + file://backport-CVE-2022-32208.patch \ + file://backport-fix-configure-disable-http-auth-build-error.patch \ + file://backport-CVE-2022-35252-cookie-reject-cookies-with-control-bytes.patch \ + file://backport-CVE-2022-32221.patch \ + file://backport-CVE-2022-42916.patch \ + file://backport-CVE-2022-43551-http-use-the-IDN-decoded-name-in-HSTS-checks.patch \ + file://backport-CVE-2022-43552-smb-telnet-do-not-free-the-protocol-struct-in-_done.patch \ + file://backport-0001-CVE-2023-23914-CVE-2023-23915.patch \ + file://backport-0002-CVE-2023-23914-CVE-2023-23915.patch \ + file://backport-0003-CVE-2023-23914-CVE-2023-23915.patch \ + file://backport-0004-CVE-2023-23914-CVE-2023-23915.patch \ + file://backport-0005-CVE-2023-23914-CVE-2023-23915.patch \ + file://backport-0001-CVE-2023-23916.patch \ + file://backport-0002-CVE-2023-23916.patch \ + file://backport-CVE-2023-27533.patch \ + file://backport-CVE-2023-27534-pre1.patch \ + file://backport-CVE-2023-27534.patch \ + file://backport-CVE-2023-27538.patch \ + file://backport-CVE-2023-27535-pre1.patch \ + file://backport-CVE-2023-27536.patch \ + file://backport-CVE-2023-27535.patch \ + file://backport-after-CVE-2022-32207-to-fix-build-error-when-user-don-t-use-glibc.patch \ + file://backport-CVE-2023-28321.patch \ + file://backport-CVE-2023-28322.patch \ + file://backport-0001-CVE-2023-28320.patch \ + file://backport-0002-CVE-2023-28320.patch \ + file://backport-0003-CVE-2023-28320.patch \ + file://backport-curl-tool-erase-some-more-sensitive-command-line-arg.patch \ + file://backport-tool_getparam-repair-cleanarg.patch \ + file://backport-tool_getparam-fix-cleanarg-for-unicode-builds.patch \ + file://backport-getparam-correctly-clean-args.patch \ + file://backport-tool_getparam-fix-hiding-of-command-line-secrets.patch \ + file://backport-multi-shut-down-CONNECT-in-Curl_detach_connnection.patch \ + file://backport-curl_easy_cleanup.3-remove-from-multi-handle-first.patch \ + file://backport-http_proxy-make-Curl_connect_done-work-for-proxy-dis.patch \ + file://backport-Curl_connect_done-handle-being-called-twice.patch \ + file://backport-tftp-mark-protocol-as-not-possible-to-do-over-CONNEC.patch \ + file://backport-test1939-require-proxy-support-to-run.patch \ + file://backport-lib1939-make-it-endure-torture-tests.patch \ + file://backport-CVE-2022-42915.patch \ + file://backport-tests-verify-the-fix-for-CVE-2022-27774.patch \ + file://backport-test442-443-test-cookie-caps.patch \ + file://backport-test444-test-many-received-Set-Cookie.patch \ + file://backport-test8-verify-that-ctrl-byte-cookies-are-ignored.patch \ + file://backport-test1948-verify-PUT-POST-reusing-the-same-handle.patch \ + file://backport-test387-verify-rejection-of-compression-chain-attack.patch \ + file://backport-hostcheck-fix-host-name-wildcard-checking.patch \ + file://backport-CVE-2023-32001.patch \ + file://backport-CVE-2023-38545.patch \ + file://backport-CVE-2023-38546.patch \ " SRC_URI[md5sum] = "74d3c4ca8aaa6c0619806d6e246e65fb" diff --git a/meta-openeuler/recipes-support/libevent/libevent_%.bbappend b/meta-openeuler/recipes-support/libevent/libevent_%.bbappend index e6a2097d81d39e84696d56a9d66098964325c2a6..708a1e85fb5682a084c6eb4e0fcd5535d151ba38 100644 --- a/meta-openeuler/recipes-support/libevent/libevent_%.bbappend +++ b/meta-openeuler/recipes-support/libevent/libevent_%.bbappend @@ -2,10 +2,6 @@ OPENEULER_SRC_URI_REMOVE = "git https http" -# files, patches can't be applied in openeuler or conflict with openeuler -SRC_URI_remove = " \ - https://github.com/libevent/libevent/releases/download/release-${PV}-stable/${BP}-stable.tar.gz \ -" # files, patches that come from openeuler SRC_URI_prepend = " \ file://libevent-${PV}-stable.tar.gz \