openclaw/tqma6-yocto-mirror
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Complete Yocto mirror with license table for TQMa6UL (2038-compliance)

Browse Source 
- 264 license table entries with exact download URLs (224/264 resolved)
- Complete sources/ directory with all BitBake recipes
- Build configuration: tqma6ul-multi-mba6ulx, spaetzle (musl)
- Full traceability for Softwarefreigabeantrag
- GCC 13.4.0, Linux 6.6.102, U-Boot 2023.04, musl 1.2.4
- License distribution: GPL-2.0 (24), MIT (23), GPL-2.0+ (18), BSD-3 (16)
This commit is contained in:
Siggi (OpenClaw Agent)
2026-03-01 20:58:18 +00:00
commit 16accb6b24
15086 changed files with 1292356 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

98
sources/poky/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32910-1.patch Normal file
View File

@@ -0,0 +1,98 @@
From e40df6d48a1cbab56f5d15016cc861a503423cfe Mon Sep 17 00:00:00 2001
From: Patrick Griffis <pgriffis@igalia.com>
Date: Sun, 8 Dec 2024 20:00:35 -0600
Subject: [PATCH] auth-digest: Handle missing realm in authenticate header
Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/e40df6d48a1cbab56f5d15016cc861a503423cfe]
CVE: CVE-2025-32910
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
libsoup/auth/soup-auth-digest.c | 3 ++
tests/auth-test.c | 50 +++++++++++++++++++++++++++++++++
2 files changed, 53 insertions(+)
diff --git a/libsoup/auth/soup-auth-digest.c b/libsoup/auth/soup-auth-digest.c
index 2e81849af..4f12e87a5 100644
--- a/libsoup/auth/soup-auth-digest.c
+++ b/libsoup/auth/soup-auth-digest.c
@@ -148,6 +148,9 @@ soup_auth_digest_update (SoupAuth *auth, SoupMessage *msg,
guint qop_options;
gboolean ok = TRUE;
+ if (!soup_auth_get_realm (auth))
+ return FALSE;
+
g_free (priv->domain);
g_free (priv->nonce);
g_free (priv->opaque);
diff --git a/tests/auth-test.c b/tests/auth-test.c
index 158fdac10..3066e904a 100644
--- a/tests/auth-test.c
+++ b/tests/auth-test.c
@@ -1866,6 +1866,55 @@ do_multiple_digest_algorithms (void)
soup_test_server_quit_unref (server);
}
+static void
+on_request_read_for_missing_realm (SoupServer *server,
+ SoupServerMessage *msg,
+ gpointer user_data)
+{
+ SoupMessageHeaders *response_headers = soup_server_message_get_response_headers (msg);
+ soup_message_headers_replace (response_headers, "WWW-Authenticate", "Digest qop=\"auth\"");
+}
+
+static void
+do_missing_realm_test (void)
+{
+ SoupSession *session;
+ SoupMessage *msg;
+ SoupServer *server;
+ SoupAuthDomain *digest_auth_domain;
+ gint status;
+ GUri *uri;
+
+ server = soup_test_server_new (SOUP_TEST_SERVER_IN_THREAD);
+ soup_server_add_handler (server, NULL,
+ server_callback, NULL, NULL);
+ uri = soup_test_server_get_uri (server, "http", NULL);
+
+ digest_auth_domain = soup_auth_domain_digest_new (
+ "realm", "auth-test",
+ "auth-callback", server_digest_auth_callback,
+ NULL);
+ soup_auth_domain_add_path (digest_auth_domain, "/");
+ soup_server_add_auth_domain (server, digest_auth_domain);
+ g_object_unref (digest_auth_domain);
+
+ g_signal_connect (server, "request-read",
+ G_CALLBACK (on_request_read_for_missing_realm),
+ NULL);
+
+ session = soup_test_session_new (NULL);
+ msg = soup_message_new_from_uri ("GET", uri);
+ g_signal_connect (msg, "authenticate",
+ G_CALLBACK (on_digest_authenticate),
+ NULL);
+
+ status = soup_test_session_send_message (session, msg);
+
+ g_assert_cmpint (status, ==, SOUP_STATUS_UNAUTHORIZED);
+ g_uri_unref (uri);
+ soup_test_server_quit_unref (server);
+}
+
int
main (int argc, char **argv)
{
@@ -1899,6 +1948,7 @@ main (int argc, char **argv)
g_test_add_func ("/auth/auth-uri", do_auth_uri_test);
g_test_add_func ("/auth/cancel-request-on-authenticate", do_cancel_request_on_authenticate);
g_test_add_func ("/auth/multiple-algorithms", do_multiple_digest_algorithms);
+ g_test_add_func ("/auth/missing-realm", do_missing_realm_test);
ret = g_test_run ();
--
GitLab