Complete Yocto mirror with license table for TQMa6UL (2038-compliance)

- 264 license table entries with exact download URLs (224/264 resolved)
- Complete sources/ directory with all BitBake recipes
- Build configuration: tqma6ul-multi-mba6ulx, spaetzle (musl)
- Full traceability for Softwarefreigabeantrag
- GCC 13.4.0, Linux 6.6.102, U-Boot 2023.04, musl 1.2.4
- License distribution: GPL-2.0 (24), MIT (23), GPL-2.0+ (18), BSD-3 (16)

sources/meta-openembedded/meta-networking/recipes-devtools/libcoap/libcoap/CVE-2024-0962.patch

@@ -0,0 +1,45 @@
+From bf6a303883bde40cf96b960c8574cddd89e71701 Mon Sep 17 00:00:00 2001
+From: Jon Shallow <supjps-libcoap@jpshallow.com>
+Date: Thu, 25 Jan 2024 18:03:17 +0000
+Subject: [PATCH] coap_oscore.c: Fix parsing OSCORE configuration information
+
+A vulnerability was found in obgm libcoap 4.3.4. It has been rated as critical.
+Affected by this issue is the function get_split_entry of the file src/coap_oscore.c of the component Configuration File Handler.
+The manipulation leads to stack-based buffer overflow.
+
+CVE: CVE-2024-0962
+
+Upstream-Status: Backport [https://github.com/obgm/libcoap/pull/1311]
+
+Signed-off-by: alperak <alperyasinak1@gmail.com>
+---
+ src/coap_oscore.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/src/coap_oscore.c b/src/coap_oscore.c
+index 83f785c92..e0fb22947 100644
+--- a/src/coap_oscore.c
++++ b/src/coap_oscore.c
+@@ -1678,11 +1678,12 @@ get_split_entry(const char **start,
+                 oscore_value_t *value) {
+   const char *begin = *start;
+   const char *end;
++  const char *kend;
+   const char *split;
+   size_t i;
+
+ retry:
+-  end = memchr(begin, '\n', size);
++  kend = end = memchr(begin, '\n', size);
+   if (end == NULL)
+     return 0;
+
+@@ -1693,7 +1694,7 @@ get_split_entry(const char **start,
+
+   if (begin[0] == '#' || (end - begin) == 0) {
+     /* Skip comment / blank line */
+-    size -= end - begin + 1;
++    size -= kend - begin + 1;
+     begin = *start;
+     goto retry;
+   }

sources/meta-openembedded/meta-networking/recipes-devtools/libcoap/libcoap/run-ptest

@@ -0,0 +1,7 @@
+#!/bin/sh
+
+if /usr/lib/libcoap/ptest/testdriver; then
+	echo "PASS: libcoap"
+else
+	echo "FAIL: libcoap"
+fi

sources/meta-openembedded/meta-networking/recipes-devtools/libcoap/libcoap_4.3.4.bb

@@ -0,0 +1,63 @@
+SUMMARY = "A C implementation of the Constrained Application Protocol"
+DESCRIPTION = "libcoap implements a lightweight application-protocol for \
+devices that are constrained their resources such as computing power, \
+RF range, memory, bandwith, or network packet sizes."
+HOMEPAGE ="https://libcoap.net/"
+
+LICENSE = "BSD-2-Clause & BSD-3-Clause"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=1978dbc41673ab1c20e64b287c8317bc"
+
+SRC_URI = "git://github.com/obgm/libcoap.git;branch=main;protocol=https \
+           file://run-ptest \
+           file://CVE-2024-0962.patch \
+           "
+SRCREV = "5fd2f89ef068214130e5d60b7087ef48711fa615"
+
+S = "${WORKDIR}/git"
+
+inherit autotools manpages pkgconfig ptest
+
+DEPENDS += "ctags-native"
+
+PACKAGECONFIG ?= "\
+    async openssl tcp \
+    ${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)} \
+"
+PACKAGECONFIG[async] = "--enable-async,--disable-async"
+PACKAGECONFIG[gnutls] = "--with-gnutls,--without-gnutls,gnutls,,,openssl mbedtls"
+PACKAGECONFIG[manpages] = "--enable-documentation --enable-doxygen --enable-manpages,--disable-documentation,asciidoc-native doxygen-native graphviz-native"
+PACKAGECONFIG[mbedtls] = "--with-mbedtls,--without-mbedtls,mbedtls,,,gnutls openssl"
+PACKAGECONFIG[openssl] = "--with-openssl,--without-openssl,openssl,,,gnutls mbedtls"
+PACKAGECONFIG[small-stack] = "--enable-small-stack,--disable-small-stack"
+PACKAGECONFIG[tcp] = "--enable-tcp,--disable-tcp"
+PACKAGECONFIG[tests] = "--enable-tests,--disable-tests,cunit"
+
+EXTRA_OECONF = "\
+    --with-epoll --enable-add-default-names \
+    --without-tinydtls --without-submodule-tinydtls \
+    ${@bb.utils.contains_any('PACKAGECONFIG', 'gnutls openssl mbedtls', '--enable-dtls', '--disable-dtls', d)} \
+"
+
+python () {
+    if d.getVar('PTEST_ENABLED') == "1":
+        d.setVar('DISABLE_STATIC', '')
+}
+
+export SGML_CATALOG_FILES="file://${STAGING_ETCDIR_NATIVE}/xml/catalog"
+
+do_compile:prepend() {
+    oe_runmake update-map-file
+}
+
+do_install_ptest () {
+	install -d ${D}${PTEST_PATH}
+	install -m 0755 ${WORKDIR}/run-ptest ${D}${PTEST_PATH}/run-ptest
+	install -m 0755 ${B}/tests/testdriver ${D}${PTEST_PATH}/testdriver
+}
+
+PACKAGE_BEFORE_PN += "\
+    ${PN}-bin \
+"
+
+FILES:${PN}-bin = "${bindir}"
+FILES:${PN}-dev += "${datadir}/${BPN}/examples"

sources/meta-openembedded/meta-networking/recipes-devtools/python/python3-scapy/run-ptest

@@ -0,0 +1,4 @@
+#!/bin/sh
+python3 UTscapy.py -t regression.uts -f text -l -C \
+    -o @PTEST_PATH@/scapy_ptest_$(date +%Y%m%d-%H%M%S).log \
+    2>&1 | sed -e 's/^passed None/PASS:/' -e 's/^failed None/FAIL:/'

sources/meta-openembedded/meta-networking/recipes-devtools/python/python3-scapy_2.5.0.bb

@@ -0,0 +1,44 @@
+SUMMARY = "Network scanning and manipulation tool"
+DESCRIPTION = "Scapy is a powerful interactive packet manipulation program. \
+It is able to forge or decode packets of a wide number of protocols, send \
+them on the wire, capture them, match requests and replies, and much more. \
+It can easily handle most classical tasks like scanning, tracerouting, probing, \
+unit tests, attacks or network discovery (it can replace hping, 85% of nmap, \
+arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, etc.). It also performs very \
+well at a lot of other specific tasks that most other tools can't handle, like \
+sending invalid frames, injecting your own 802.11 frames, combining technics \
+(VLAN hopping+ARP cache poisoning, VOIP decoding on WEP encrypted channel, ...), etc."
+SECTION = "security"
+LICENSE = "GPL-2.0-only"
+
+LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263"
+
+# If you want ptest support, use the git repo
+# UTscapy does not exist in the pypi pkg
+#
+SRCREV = "0474c37bf1d147c969173d52ab3ac76d2404d981"
+SRC_URI = "git://github.com/secdev/scapy.git;branch=master;protocol=https \
+           file://run-ptest"
+
+S = "${WORKDIR}/git"
+
+UPSTREAM_CHECK_COMMITS = "1"
+
+inherit setuptools3 ptest
+
+do_install:append() {
+        mv ${D}${bindir}/scapy ${D}${bindir}/scapy3
+}
+
+do_install_ptest() {
+    install -m 0644 ${S}/scapy/tools/UTscapy.py ${D}${PTEST_PATH}
+    install -m 0644 ${S}/test/regression.uts ${D}${PTEST_PATH}
+    sed -i 's,@PTEST_PATH@,${PTEST_PATH},' ${D}${PTEST_PATH}/run-ptest
+}
+
+RDEPENDS:${PN} = "tcpdump python3-compression python3-cryptography python3-netclient  \
+                  python3-netserver python3-pydoc python3-pkgutil python3-shell \
+                  python3-threading python3-numbers python3-fcntl python3-logging \
+                  python3-difflib"
+RDEPENDS:${PN}-ptest += "python3-json python3-mock python3-multiprocessing \
+                         iproute2 tshark"