From patchwork Fri Apr 16 20:34:12 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Fabrice Fontaine <fontaine.fabrice@gmail.com>
X-Patchwork-Id: 1467280
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming-buildroot@patchwork.ozlabs.org
Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net
 (client-ip=140.211.166.138; helo=smtp1.osuosl.org;
 envelope-from=buildroot-bounces@busybox.net; receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
 unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256
 header.s=20161025 header.b=hr6R+cR9;
	dkim-atps=neutral
Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest
 SHA256)
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 4FMScX3nPhz9sPf
	for <incoming-buildroot@patchwork.ozlabs.org>;
 Sat, 17 Apr 2021 06:34:34 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1])
	by smtp1.osuosl.org (Postfix) with ESMTP id 71F6D847A7;
	Fri, 16 Apr 2021 20:34:32 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from smtp1.osuosl.org ([127.0.0.1])
	by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 9C02xsHtzZlH; Fri, 16 Apr 2021 20:34:31 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by smtp1.osuosl.org (Postfix) with ESMTP id C749884543;
	Fri, 16 Apr 2021 20:34:30 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133])
 by ash.osuosl.org (Postfix) with ESMTP id F094E1BF417
 for <buildroot@lists.busybox.net>; Fri, 16 Apr 2021 20:34:28 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by smtp2.osuosl.org (Postfix) with ESMTP id EB21E4197E
 for <buildroot@lists.busybox.net>; Fri, 16 Apr 2021 20:34:28 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Authentication-Results: smtp2.osuosl.org (amavisd-new);
 dkim=pass (2048-bit key) header.d=gmail.com
Received: from smtp2.osuosl.org ([127.0.0.1])
 by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id U4w8dwwt1iJp for <buildroot@lists.busybox.net>;
 Fri, 16 Apr 2021 20:34:25 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.8.0
Received: from mail-wr1-x433.google.com (mail-wr1-x433.google.com
 [IPv6:2a00:1450:4864:20::433])
 by smtp2.osuosl.org (Postfix) with ESMTPS id 2881240121
 for <buildroot@buildroot.org>; Fri, 16 Apr 2021 20:34:25 +0000 (UTC)
Received: by mail-wr1-x433.google.com with SMTP id e7so18876812wrs.11
 for <buildroot@buildroot.org>; Fri, 16 Apr 2021 13:34:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=1kjE2in4HyK4fXbFJnzg5qkWsPpHmLumwzvE4CthRJg=;
 b=hr6R+cR9hnBXjoAHxkon1o/CrgfZkD7o7eI5xO5o/fDDaGtQakvLFcNlxcjnEiRIiv
 gqVuCwHN+HS776s1roRh8V3RGefRntC/NfxYGNfAysWQ0P5EYUP3XzIeiocETYIFqsHS
 Hu0PUtECe9Dkgyu7ZEQGAgmbxfDvnU1eNHhwp+chMNSktI3nJFhwRoOzlcijjsDBrQRW
 sPA2zShtYXRZ434+y7RXNoNW++QXivFJAaeKnnBpeBII7FlI5k9GbGeyMcXNBbXACNyY
 9KiFo0lS+PeHh8msT28PXwCfP2TNA9RCKlPAcQjUVbJSeL7ZsRktKaLy6KfqXoMsAz49
 6sKw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=1kjE2in4HyK4fXbFJnzg5qkWsPpHmLumwzvE4CthRJg=;
 b=ZRaMUuIZ8/Eb3WS+SeWJYolH43zdQ12z9iIrT+srKJ3g5XCvMu1O9GhOI4wy+wfgN6
 A7CR1q5WFuS7dsMNfCV0b/LGseJ5/NTZ9KKN+G/iqe0ZDutt819Q1G4Ep9kNMtaLf+tc
 Kc96NdHKhurGPDc5rut+F2dCcLuNoHmBlnMcqnI9amw2p9OEpHHSpc2thAIN1+y0htvl
 fIGniGG2IdLLC62QnQiQpce2c3vU7MVpluDcuTq7fSRk8rfJrBRqbjyE5mtHyUyU1BjM
 ngwJXvwsEsTSZX22QyCMExRL5sLKjiTMeqBbe5BvZ1bQLb/i1fM5jGvYqxVJ+bbkegB+
 4qog==
X-Gm-Message-State: AOAM530U1nAR9M/G/6xtxeZkM216N5YXOwxZyaJAz79oQNJAk/JueDNa
 rXskVSs+ihDUv8IVlSe7ADQtgd8u9OA=
X-Google-Smtp-Source: 
 ABdhPJyeOiyoUB7PueP2VOo49lX8WcaIA9NvysMi4y/WSgoTvAFSwOAt12Drs/pkuFMiqj/NCR2SKQ==
X-Received: by 2002:a5d:6648:: with SMTP id f8mr989575wrw.76.1618605262800;
 Fri, 16 Apr 2021 13:34:22 -0700 (PDT)
Received: from kali.home (lfbn-ren-1-1383-171.w86-229.abo.wanadoo.fr.
 [86.229.230.171])
 by smtp.gmail.com with ESMTPSA id f6sm11447693wrt.19.2021.04.16.13.34.21
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 16 Apr 2021 13:34:22 -0700 (PDT)
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
To: buildroot@buildroot.org
Date: Fri, 16 Apr 2021 22:34:12 +0200
Message-Id: <20210416203413.1603113-1-fontaine.fabrice@gmail.com>
X-Mailer: git-send-email 2.30.2
MIME-Version: 1.0
Subject: [Buildroot] [PATCH 1/2] package/libcgroup: bump to version 0.42.2
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
 <mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
 <mailto:buildroot-request@busybox.net?subject=subscribe>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

Drop patch (already in version)

https://github.com/libcgroup/libcgroup/releases/tag/v0.42.2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
 .../0001-cgrulesengd-remove-umask-0.patch     | 33 -------------------
 package/libcgroup/libcgroup.hash              |  6 ++--
 package/libcgroup/libcgroup.mk                |  7 ++--
 3 files changed, 6 insertions(+), 40 deletions(-)
 delete mode 100644 package/libcgroup/0001-cgrulesengd-remove-umask-0.patch

diff --git a/package/libcgroup/0001-cgrulesengd-remove-umask-0.patch b/package/libcgroup/0001-cgrulesengd-remove-umask-0.patch
deleted file mode 100644
index 1d9077a2d6..0000000000
--- a/package/libcgroup/0001-cgrulesengd-remove-umask-0.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From 0d88b73d189ea3440ccaab00418d6469f76fa590 Mon Sep 17 00:00:00 2001
-From: Michal Hocko <mhocko@suse.com>
-Date: Wed, 18 Jul 2018 11:24:29 +0200
-Subject: [PATCH] cgrulesengd: remove umask(0)
-
-One of our partners has noticed that cgred daemon is creating a log file
-(/var/log/cgred) with too wide permissions (0666) and that is seen as
-a security bug because an untrusted user can write to otherwise
-restricted area. CVE-2018-14348 has been assigned to this issue.
-
-Signed-off-by: Michal Hocko <mhocko@suse.com>
-Acked-by: Balbir Singh <bsingharora@gmail.com>
-[Retrieved from:
-https://github.com/libcgroup/libcgroup/commit/0d88b73d189ea3440ccaab00418d6469f76fa590]
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
----
- src/daemon/cgrulesengd.c | 3 ---
- 1 file changed, 3 deletions(-)
-
-diff --git a/src/daemon/cgrulesengd.c b/src/daemon/cgrulesengd.c
-index ea51f11..0d288f3 100644
---- a/src/daemon/cgrulesengd.c
-+++ b/src/daemon/cgrulesengd.c
-@@ -889,9 +889,6 @@ int cgre_start_daemon(const char *logp, const int logf,
- 		} else if (pid > 0) {
- 			exit(EXIT_SUCCESS);
- 		}
--
--		/* Change the file mode mask. */
--		umask(0);
- 	} else {
- 		flog(LOG_DEBUG, "Not using daemon mode\n");
- 		pid = getpid();
diff --git a/package/libcgroup/libcgroup.hash b/package/libcgroup/libcgroup.hash
index 11423e269f..70671212ef 100644
--- a/package/libcgroup/libcgroup.hash
+++ b/package/libcgroup/libcgroup.hash
@@ -1,3 +1,5 @@
-# Locally computed:
-sha256  e4e38bdc7ef70645ce33740ddcca051248d56b53283c0dc6d404e17706f6fb51  libcgroup-0.41.tar.bz2
+# From https://github.com/libcgroup/libcgroup/releases/download/v0.42.2/libcgroup-0.42.2.tar.bz2.sha256
+sha256  18939381324d418e11be4f5fdca37b01652c18917bfaf1f6b0c505f157e18d07  libcgroup-0.42.2.tar.bz2
+
+# Hash for license file
 sha256  a9bdde5616ecdd1e980b44f360600ee8783b1f99b8cc83a2beb163a0a390e861  COPYING
diff --git a/package/libcgroup/libcgroup.mk b/package/libcgroup/libcgroup.mk
index a26d5f2ddf..ff0639946c 100644
--- a/package/libcgroup/libcgroup.mk
+++ b/package/libcgroup/libcgroup.mk
@@ -4,17 +4,14 @@
 #
 ################################################################################
 
-LIBCGROUP_VERSION = 0.41
+LIBCGROUP_VERSION = 0.42.2
 LIBCGROUP_SOURCE = libcgroup-$(LIBCGROUP_VERSION).tar.bz2
-LIBCGROUP_SITE = http://downloads.sourceforge.net/project/libcg/libcgroup/v$(LIBCGROUP_VERSION)
+LIBCGROUP_SITE = https://github.com/libcgroup/libcgroup/releases/download/v$(LIBCGROUP_VERSION)
 LIBCGROUP_LICENSE = LGPL-2.1
 LIBCGROUP_LICENSE_FILES = COPYING
 LIBCGROUP_DEPENDENCIES = host-bison host-flex
 LIBCGROUP_INSTALL_STAGING = YES
 
-# 0001-cgrulesengd-remove-umask-0.patch
-LIBCGROUP_IGNORE_CVES += CVE-2018-14348
-
 # Undefining _FILE_OFFSET_BITS here because of a "bug" with glibc fts.h
 # large file support. See https://bugzilla.redhat.com/show_bug.cgi?id=574992
 # for more information.

From patchwork Fri Apr 16 20:34:13 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Fabrice Fontaine <fontaine.fabrice@gmail.com>
X-Patchwork-Id: 1467281
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming-buildroot@patchwork.ozlabs.org
Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net
 (client-ip=2605:bc80:3010::136; helo=smtp3.osuosl.org;
 envelope-from=buildroot-bounces@busybox.net; receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
 unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256
 header.s=20161025 header.b=u9qxXXHA;
	dkim-atps=neutral
Received: from smtp3.osuosl.org (smtp3.osuosl.org [IPv6:2605:bc80:3010::136])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest
 SHA256)
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 4FMScl3JyPz9sPf
	for <incoming-buildroot@patchwork.ozlabs.org>;
 Sat, 17 Apr 2021 06:34:47 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1])
	by smtp3.osuosl.org (Postfix) with ESMTP id 2E61F6160A;
	Fri, 16 Apr 2021 20:34:45 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from smtp3.osuosl.org ([127.0.0.1])
	by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id VftSaXLoELEA; Fri, 16 Apr 2021 20:34:44 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by smtp3.osuosl.org (Postfix) with ESMTP id 9188A615FA;
	Fri, 16 Apr 2021 20:34:43 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133])
 by ash.osuosl.org (Postfix) with ESMTP id 78B1B1BF417
 for <buildroot@lists.busybox.net>; Fri, 16 Apr 2021 20:34:30 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by smtp2.osuosl.org (Postfix) with ESMTP id 6802340121
 for <buildroot@lists.busybox.net>; Fri, 16 Apr 2021 20:34:30 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Authentication-Results: smtp2.osuosl.org (amavisd-new);
 dkim=pass (2048-bit key) header.d=gmail.com
Received: from smtp2.osuosl.org ([127.0.0.1])
 by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id ZJxAd5MLtpBm for <buildroot@lists.busybox.net>;
 Fri, 16 Apr 2021 20:34:26 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.8.0
Received: from mail-wm1-x32b.google.com (mail-wm1-x32b.google.com
 [IPv6:2a00:1450:4864:20::32b])
 by smtp2.osuosl.org (Postfix) with ESMTPS id A5E2A401C3
 for <buildroot@buildroot.org>; Fri, 16 Apr 2021 20:34:26 +0000 (UTC)
Received: by mail-wm1-x32b.google.com with SMTP id
 w7-20020a1cdf070000b0290125f388fb34so14693440wmg.0
 for <buildroot@buildroot.org>; Fri, 16 Apr 2021 13:34:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:date:message-id:in-reply-to:references
 :mime-version:content-transfer-encoding;
 bh=1RWB776NjvcANTPfd6FCO+brFprcaFxZrUL5vSxtrLE=;
 b=u9qxXXHAhQvwsmPLayO1ZwsjErWHt1r8lV5yoVCFNhxvZIlpWcRIDf2KGzMSmqt7fk
 9PtNKMiEoJeS3XNOFmLJQmpK/ePP8UWU88Em/N3LW+qwYGsmEtKGF3TJmygd5dfmYvs7
 ETPz7s1c1YPpKjLrqVqGIDmcnZ/cSNrRGJX9IDLEIOhqPqFUTdzu8ZPtM0kaXMPyQsDZ
 HYgdUBNzJOiv3CvL9oyPVRkJzdvTPhlSwSmnrlOexIhTipETAI/a8+orillMDcP7NVNn
 hhOE4ztf5Voxwx1qghBsawx6VCtvcOhgRxccjQVX5S5MhLK9qVbS7Z9PrZF9idXHhX0u
 c9dQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references:mime-version:content-transfer-encoding;
 bh=1RWB776NjvcANTPfd6FCO+brFprcaFxZrUL5vSxtrLE=;
 b=dRbgkos1sCXakgiSotnMJan9Dhb7xfB5abvFiA/vtcSiwqRFA5OpSRMz1G4L1sXgkQ
 2IjuFvZxdoZSPZu6oiYyAxcv13hB5wzgiEuLT5gTSF8ZdugyR/9y8qU3BXQJmH4iqaXx
 eSoblQq2+t9V+ylzt8whuOLY72UwHYxtcDTb1DmhivoP49FEai+bqFdqznV0+n8/Hcar
 7tRTyOe5xvN/CiH97EZADv3pfvSEbBc3aYayIn4sSPaEm3gJx8etnwyAUsDIaWgBqFLV
 etAQXWVBLuG/1cgYdyuROqVaL2b4MOlgPuYTdnuSOrNtbt0rUGlKBs8OA/NBHTkDqS+f
 sh7Q==
X-Gm-Message-State: AOAM533IjcSZfRgZ8948SSVGgirDVbLvnKQ0DGaLZgKD2NmT4sprMv58
 67mI9Hw/yQUTc+zTQghKF3cdB4KI40k=
X-Google-Smtp-Source: 
 ABdhPJzj4wzaDUkQZiZnWXSH7APv4oPYW/+3Um1PSQZJImKhKYTTmSOsbO221gxh72rpNFnj5AFeZQ==
X-Received: by 2002:a1c:e20a:: with SMTP id z10mr5135682wmg.158.1618605264674;
 Fri, 16 Apr 2021 13:34:24 -0700 (PDT)
Received: from kali.home (lfbn-ren-1-1383-171.w86-229.abo.wanadoo.fr.
 [86.229.230.171])
 by smtp.gmail.com with ESMTPSA id f6sm11447693wrt.19.2021.04.16.13.34.24
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 16 Apr 2021 13:34:24 -0700 (PDT)
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
To: buildroot@buildroot.org
Date: Fri, 16 Apr 2021 22:34:13 +0200
Message-Id: <20210416203413.1603113-2-fontaine.fabrice@gmail.com>
X-Mailer: git-send-email 2.30.2
In-Reply-To: <20210416203413.1603113-1-fontaine.fabrice@gmail.com>
References: <20210416203413.1603113-1-fontaine.fabrice@gmail.com>
MIME-Version: 1.0
Subject: [Buildroot] [PATCH 2/2] package/libcgroup: add
 LIBCGROUP_CPE_ID_VENDOR
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
 <mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
 <mailto:buildroot-request@busybox.net?subject=subscribe>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

cpe:2.3:a:libcgroup_project:libcgroup is a valid CPE identifier for this
package:

  https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Alibcgroup_project%3Alibcgroup

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
 package/libcgroup/libcgroup.mk | 1 +
 1 file changed, 1 insertion(+)

diff --git a/package/libcgroup/libcgroup.mk b/package/libcgroup/libcgroup.mk
index ff0639946c..156b066162 100644
--- a/package/libcgroup/libcgroup.mk
+++ b/package/libcgroup/libcgroup.mk
@@ -9,6 +9,7 @@ LIBCGROUP_SOURCE = libcgroup-$(LIBCGROUP_VERSION).tar.bz2
 LIBCGROUP_SITE = https://github.com/libcgroup/libcgroup/releases/download/v$(LIBCGROUP_VERSION)
 LIBCGROUP_LICENSE = LGPL-2.1
 LIBCGROUP_LICENSE_FILES = COPYING
+LIBCGROUP_CPE_ID_VENDOR = libcgroup_project
 LIBCGROUP_DEPENDENCIES = host-bison host-flex
 LIBCGROUP_INSTALL_STAGING = YES