Complete Yocto mirror with license table for TQMa6UL (2038-compliance)
- 264 license table entries with exact download URLs (224/264 resolved) - Complete sources/ directory with all BitBake recipes - Build configuration: tqma6ul-multi-mba6ulx, spaetzle (musl) - Full traceability for Softwarefreigabeantrag - GCC 13.4.0, Linux 6.6.102, U-Boot 2023.04, musl 1.2.4 - License distribution: GPL-2.0 (24), MIT (23), GPL-2.0+ (18), BSD-3 (16)
This commit is contained in:
Siggi (OpenClaw Agent)
@@ -0,0 +1,62 @@
|
||||
From 4f887cc665c9a48b83e20ef4abe57afa7e365e0e Mon Sep 17 00:00:00 2001
|
||||
From: Hongxu Jia <hongxu.jia@eng.windriver.com>
|
||||
Date: Tue, 5 Dec 2023 23:02:22 -0800
|
||||
Subject: [PATCH v2] fix compile procan.c failed
|
||||
|
||||
1. Compile socat failed if out of tree build (build dir != source dir)
|
||||
...
|
||||
gcc -c -D CC="gcc" -o procan.o procan.c
|
||||
cc1: fatal error: procan.c: No such file or directory
|
||||
...
|
||||
Explicitly add $srcdir to makefile rule
|
||||
|
||||
2. Compile socat failed if multiple words in $(CC), such as CC="gcc -m64"
|
||||
...
|
||||
from ../socat-1.8.0.0/procan.c:10:
|
||||
../socat-1.8.0.0/sysincludes.h:18:10: fatal error: inttypes.h: No such file or directory
|
||||
18 | #include <inttypes.h> /* uint16_t */
|
||||
...
|
||||
|
||||
In commit [Procan: print umask, CC, and couple more new infos][1],
|
||||
it defeines marcro CC in C source, the space in CC will break
|
||||
C source compile. Use first word of $(CC) to defeine marco CC
|
||||
|
||||
[1] https://repo.or.cz/socat.git/commit/cd5673dbd0786c94e0b3ace7e35fab14c01e3185
|
||||
|
||||
Upstream-Status: Submitted [socat@dest-unreach.org]
|
||||
Signed-off-by: Hongxu Jia <hongxu.jia@eng.windriver.com>
|
||||
---
|
||||
Makefile.in | 10 +++++-----
|
||||
1 file changed, 5 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/Makefile.in b/Makefile.in
|
||||
index c01b1a4..48dad69 100644
|
||||
--- a/Makefile.in
|
||||
+++ b/Makefile.in
|
||||
@@ -109,8 +109,8 @@ depend: $(CFILES) $(HFILES)
|
||||
socat: socat.o libxio.a
|
||||
$(CC) $(CFLAGS) $(LDFLAGS) -o $@ socat.o libxio.a $(CLIBS)
|
||||
|
||||
-procan.o: procan.c
|
||||
- $(CC) $(CFLAGS) -c -D CC=\"$(CC)\" -o $@ procan.c
|
||||
+procan.o: $(srcdir)/procan.c
|
||||
+ $(CC) $(CFLAGS) -c -D CC=\"$(firstword $(CC))\" -o $@ $(srcdir)/procan.c
|
||||
|
||||
PROCAN_OBJS=procan_main.o procan.o procan-cdefs.o hostan.o error.o sycls.o sysutils.o utils.o vsnprintf_r.o snprinterr.o
|
||||
procan: $(PROCAN_OBJS)
|
||||
@@ -132,9 +132,9 @@ install: progs $(srcdir)/doc/socat.1
|
||||
mkdir -p $(DESTDIR)$(BINDEST)
|
||||
$(INSTALL) -m 755 socat $(DESTDIR)$(BINDEST)/socat1
|
||||
ln -sf socat1 $(DESTDIR)$(BINDEST)/socat
|
||||
- $(INSTALL) -m 755 socat-chain.sh $(DESTDIR)$(BINDEST)
|
||||
- $(INSTALL) -m 755 socat-mux.sh $(DESTDIR)$(BINDEST)
|
||||
- $(INSTALL) -m 755 socat-broker.sh $(DESTDIR)$(BINDEST)
|
||||
+ $(INSTALL) -m 755 $(srcdir)/socat-chain.sh $(DESTDIR)$(BINDEST)
|
||||
+ $(INSTALL) -m 755 $(srcdir)/socat-mux.sh $(DESTDIR)$(BINDEST)
|
||||
+ $(INSTALL) -m 755 $(srcdir)/socat-broker.sh $(DESTDIR)$(BINDEST)
|
||||
$(INSTALL) -m 755 procan $(DESTDIR)$(BINDEST)
|
||||
$(INSTALL) -m 755 filan $(DESTDIR)$(BINDEST)
|
||||
mkdir -p $(DESTDIR)$(MANDEST)/man1
|
||||
--
|
||||
2.42.0
|
||||
|
||||
@@ -0,0 +1,113 @@
|
||||
From 4ee1f31cf80019c5907876576d6dfd49368d660f Mon Sep 17 00:00:00 2001
|
||||
From: Gerhard Rieger <gerhard@dest-unreach.org>
|
||||
Date: Fri, 6 Dec 2024 11:42:09 +0100
|
||||
Subject: [PATCH] Version 1.8.0.2 - CVE-2024-54661: Arbitrary file overwrite in
|
||||
readline.sh
|
||||
|
||||
CVE: CVE-2024-54661
|
||||
Upstream-Status: Backport [https://repo.or.cz/socat.git/commitdiff/4ee1f31cf80019c5907876576d6dfd49368d660f]
|
||||
Signed-off-by: Peter Marko <peter.marko@siemens.com>
|
||||
---
|
||||
readline.sh | 10 +++++++--
|
||||
test.sh | 63 +++++++++++++++++++++++++++++++++++++++++++++++++++++
|
||||
2 files changed, 71 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/readline.sh b/readline.sh
|
||||
index b6f8438..1045303 100755
|
||||
--- a/readline.sh
|
||||
+++ b/readline.sh
|
||||
@@ -22,9 +22,15 @@ if [ "$withhistfile" ]; then
|
||||
else
|
||||
HISTOPT=
|
||||
fi
|
||||
-mkdir -p /tmp/$USER || exit 1
|
||||
#
|
||||
#
|
||||
|
||||
-exec socat -d readline"$HISTOPT",noecho='[Pp]assword:' exec:"$PROGRAM",sigint,pty,setsid,ctty,raw,echo=0,stderr 2>/tmp/$USER/stderr2
|
||||
+if test -w .; then
|
||||
+ STDERR=./socat-readline.${1##*/}.log
|
||||
+ rm -f $STDERR
|
||||
+else
|
||||
+ STDERR=/dev/null
|
||||
+fi
|
||||
+
|
||||
+exec socat -d readline"$HISTOPT",noecho='[Pp]assword:' exec:"$PROGRAM",sigint,pty,setsid,ctty,raw,echo=0,stderr 2>$STDERR
|
||||
|
||||
diff --git a/test.sh b/test.sh
|
||||
index 46bebf8..5204ac7 100755
|
||||
--- a/test.sh
|
||||
+++ b/test.sh
|
||||
@@ -19154,6 +19154,69 @@ esac
|
||||
N=$((N+1))
|
||||
|
||||
|
||||
+# Test the readline.sh file overwrite vulnerability
|
||||
+NAME=READLINE_SH_OVERWRITE
|
||||
+case "$TESTS" in
|
||||
+*%$N%*|*%functions%*|*%bugs%*|*%readline%*|*%security%*|*%$NAME%*)
|
||||
+TEST="$NAME: Test the readline.sh file overwrite vulnerability"
|
||||
+# Create a symlink /tmp/$USER/stderr2 pointing to a temporary file,
|
||||
+# run readline.sh
|
||||
+# When the temporary file is kept the test succeeded
|
||||
+if ! eval $NUMCOND; then :
|
||||
+elif ! cond=$(checkconds \
|
||||
+ "" \
|
||||
+ "" \
|
||||
+ "readline.sh" \
|
||||
+ "" \
|
||||
+ "" \
|
||||
+ "" \
|
||||
+ "" ); then
|
||||
+ $PRINTF "test $F_n $TEST... ${YELLOW}$cond${NORMAL}\n" $N
|
||||
+ numCANT=$((numCANT+1))
|
||||
+ listCANT="$listCANT $N"
|
||||
+ namesCANT="$namesCANT $NAME"
|
||||
+else
|
||||
+ tf="$td/test$N.file"
|
||||
+ te="$td/test$N.stderr"
|
||||
+ tdiff="$td/test$N.diff"
|
||||
+ da="test$N $(date) $RANDOM"
|
||||
+ echo "$da" >"$tf"
|
||||
+ ln -sf "$tf" /tmp/$USER/stderr2
|
||||
+ CMD0="readline.sh cat"
|
||||
+ printf "test $F_n $TEST... " $N
|
||||
+ $CMD0 </dev/null >/dev/null 2>"${te}0"
|
||||
+ rc0=$?
|
||||
+# if [ "$rc0" -ne 0 ]; then
|
||||
+# $PRINTF "$CANT (rc0=$rc0)\n"
|
||||
+# echo "$CMD0"
|
||||
+# cat "${te}0" >&2
|
||||
+# numCANT=$((numCANT+1))
|
||||
+# listCANT="$listCANT $N"
|
||||
+# namesCANT="$namesCANT $NAME"
|
||||
+# elif ! echo "$da" |diff - "$tf" >$tdiff; then
|
||||
+ if ! echo "$da" |diff - "$tf" >$tdiff; then
|
||||
+ $PRINTF "$FAILED (diff)\n"
|
||||
+ echo "$CMD0 &"
|
||||
+ cat "${te}0" >&2
|
||||
+ echo "// diff:" >&2
|
||||
+ cat "$tdiff" >&2
|
||||
+ numFAIL=$((numFAIL+1))
|
||||
+ listFAIL="$listFAIL $N"
|
||||
+ namesFAIL="$namesFAIL $NAME"
|
||||
+ else
|
||||
+ $PRINTF "$OK\n"
|
||||
+ if [ "$VERBOSE" ]; then echo "$CMD0 &"; fi
|
||||
+ if [ "$DEBUG" ]; then cat "${te}0" >&2; fi
|
||||
+ if [ "$VERBOSE" ]; then echo "$CMD1"; fi
|
||||
+ if [ "$DEBUG" ]; then cat "${te}1" >&2; fi
|
||||
+ numOK=$((numOK+1))
|
||||
+ listOK="$listOK $N"
|
||||
+ fi
|
||||
+fi # NUMCOND
|
||||
+ ;;
|
||||
+esac
|
||||
+N=$((N+1))
|
||||
+
|
||||
# end of common tests
|
||||
|
||||
##################################################################################
|
||||
--
|
||||
2.30.2
|
||||
|
||||
@@ -0,0 +1,54 @@
|
||||
SUMMARY = "Multipurpose relay for bidirectional data transfer"
|
||||
DESCRIPTION = "Socat is a relay for bidirectional data \
|
||||
transfer between two independent data channels."
|
||||
HOMEPAGE = "http://www.dest-unreach.org/socat/"
|
||||
|
||||
SECTION = "console/network"
|
||||
|
||||
LICENSE = "GPL-2.0-with-OpenSSL-exception"
|
||||
LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
|
||||
file://README;beginline=241;endline=271;md5=338c05eadd013872abb1d6e198e10a3f"
|
||||
|
||||
SRC_URI = "http://www.dest-unreach.org/socat/download/socat-${PV}.tar.bz2 \
|
||||
file://0001-fix-compile-procan.c-failed.patch \
|
||||
file://CVE-2024-54661.patch \
|
||||
"
|
||||
|
||||
SRC_URI[sha256sum] = "e1de683dd22ee0e3a6c6bbff269abe18ab0c9d7eb650204f125155b9005faca7"
|
||||
|
||||
inherit autotools
|
||||
|
||||
EXTRA_AUTORECONF += "--exclude=autoheader"
|
||||
|
||||
EXTRA_OECONF += "ac_cv_have_z_modifier=yes \
|
||||
ac_cv_header_bsd_libutil_h=no \
|
||||
sc_cv_termios_ispeed=no \
|
||||
${TERMBITS_SHIFTS} \
|
||||
"
|
||||
|
||||
TERMBITS_SHIFTS ?= "sc_cv_sys_crdly_shift=9 \
|
||||
sc_cv_sys_tabdly_shift=11 \
|
||||
sc_cv_sys_csize_shift=4"
|
||||
|
||||
TERMBITS_SHIFTS:powerpc = "sc_cv_sys_crdly_shift=12 \
|
||||
sc_cv_sys_tabdly_shift=10 \
|
||||
sc_cv_sys_csize_shift=8"
|
||||
|
||||
TERMBITS_SHIFTS:powerpc64 = "sc_cv_sys_crdly_shift=12 \
|
||||
sc_cv_sys_tabdly_shift=10 \
|
||||
sc_cv_sys_csize_shift=8"
|
||||
|
||||
PACKAGECONFIG:class-target ??= "tcp-wrappers readline openssl"
|
||||
PACKAGECONFIG ??= "readline openssl"
|
||||
PACKAGECONFIG[tcp-wrappers] = "--enable-libwrap,--disable-libwrap,tcp-wrappers"
|
||||
PACKAGECONFIG[readline] = "--enable-readline,--disable-readline,readline"
|
||||
PACKAGECONFIG[openssl] = "--enable-openssl,--disable-openssl,openssl"
|
||||
|
||||
CFLAGS += "-fcommon"
|
||||
|
||||
do_install:prepend () {
|
||||
mkdir -p ${D}${bindir}
|
||||
install -d ${D}${bindir} ${D}${mandir}/man1
|
||||
}
|
||||
|
||||
BBCLASSEXTEND = "native nativesdk"
|
||||
Reference in New Issue
Block a user