From patchwork Wed Jun 16 06:10:01 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fabrice Fontaine X-Patchwork-Id: 1492724 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net (client-ip=2605:bc80:3010::136; helo=smtp3.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=kqL0fMBe; dkim-atps=neutral Received: from smtp3.osuosl.org (smtp3.osuosl.org [IPv6:2605:bc80:3010::136]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4G4ZY940Mnz9sRf for ; Wed, 16 Jun 2021 16:10:21 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id 5DDB46078D; Wed, 16 Jun 2021 06:10:16 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ulyNxGIHz1Gr; Wed, 16 Jun 2021 06:10:15 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by smtp3.osuosl.org (Postfix) with ESMTP id B080E60A3C; Wed, 16 Jun 2021 06:10:14 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by ash.osuosl.org (Postfix) with ESMTP id 3A1511BF5B5 for ; Wed, 16 Jun 2021 06:10:13 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 25BD4400CF for ; Wed, 16 Jun 2021 06:10:13 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Authentication-Results: smtp2.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D2r8qs9GcEUV for ; Wed, 16 Jun 2021 06:10:12 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 Received: from mail-wm1-x329.google.com (mail-wm1-x329.google.com [IPv6:2a00:1450:4864:20::329]) by smtp2.osuosl.org (Postfix) with ESMTPS id 2DD6C400A9 for ; Wed, 16 Jun 2021 06:10:12 +0000 (UTC) Received: by mail-wm1-x329.google.com with SMTP id t11-20020a1cc30b0000b02901cec841b6a0so1930876wmf.0 for ; Tue, 15 Jun 2021 23:10:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=75UMOlkM+OGSPndCmwlgmjKqBvLdggGsAj58TqmNc38=; b=kqL0fMBeUdfDXVA1n0pErjfcez3iGlkLMAjHal2dfOVCtZlyYJxzzongQH3VwqJ3F7 l3SQvbpTYYs5xH8LEcJdmeVSglBKnX37lXGjqdiv80flEdN/khRqm7sF+P3GSBxtmhAh Rn2+H63YdH3JqY2lnub3XuRiGDV9wSKbKMkba6Ksna/b2yUNIco/uYVCuSalS4Y1TSDc YMYWNowCSzFq+wJP87CV1cIchdrPkdXj+GKRIDGlQzs+tB6FLibv5gaQCN3peV2KTn/2 W9dCfoBpzAZSHQZnZbKIDlzxtWv9Azmuygkgqy0UwFgzSzgvSkUg6wvMcHjKhedzL4sa /OpQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=75UMOlkM+OGSPndCmwlgmjKqBvLdggGsAj58TqmNc38=; b=AUKtzYwLUGDWcP+Uh6i3ftz8b9DU5SrkEdh5VtU2QSdk2zTvvvRA8zkTa266BiL8OU 4hu+q7lS3KJDZtRhSN/dpA2U4r1ZaNzpuXvpzxd9L38vsvl+K5WFX2VavtzcpN+YJ2T7 jz4c2OmsOijGZ1D7SoCB1vDAGLIMk80b85Kg2AOyvaTBgjanzvGVgcZKOMJpYE3V2Yrg s67EdAXXisVKkiCjbZ8A3gI5p9gUlaR2fHKDFR4Tvx8j7Csqc5n9D//7OwlKJjtS9yS7 766disBj2nY2d4kevd6AK3V19uc+9uA7o1s38OtRpEINRvvp5VV1UE4YzLd47MDhn0Jk P14w== X-Gm-Message-State: AOAM532WhzNPYKY3lBU8vGoHv6nGlnS5s7X8q+vIVvVpIy4FpFEQQ7r7 hxUFLqwoqY4esw2+A0LKa0lahxOWlMhxoQ== X-Google-Smtp-Source: ABdhPJxvPMXf6JD3YWlVxj4ug+O7f0UwewZ2nnGp3yYnOTiuKbLpmC1jwWdKxBhS3FMRQOpEq/rj1g== X-Received: by 2002:a05:600c:204:: with SMTP id 4mr9359595wmi.95.1623823810040; Tue, 15 Jun 2021 23:10:10 -0700 (PDT) Received: from kali.home (lfbn-ren-1-1383-171.w86-229.abo.wanadoo.fr. [86.229.230.171]) by smtp.gmail.com with ESMTPSA id j12sm974340wrt.69.2021.06.15.23.10.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 15 Jun 2021 23:10:09 -0700 (PDT) From: Fabrice Fontaine To: buildroot@buildroot.org Date: Wed, 16 Jun 2021 08:10:01 +0200 Message-Id: <20210616061002.345235-1-fontaine.fabrice@gmail.com> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 Subject: [Buildroot] [PATCH 1/2] package/spice: security bump to version 0.15.0 X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: "Yann E . MORIN" , Fabrice Fontaine Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" Fix CVE-2021-20201: A flaw was found in spice in versions before 0.14.92. A DoS tool might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection. https://gitlab.freedesktop.org/spice/spice/-/tags/v0.15.0 Signed-off-by: Fabrice Fontaine --- package/spice/spice.hash | 2 +- package/spice/spice.mk | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/package/spice/spice.hash b/package/spice/spice.hash index 8f84c2321f..b228f213a5 100644 --- a/package/spice/spice.hash +++ b/package/spice/spice.hash @@ -1,3 +1,3 @@ # Locally calculated -sha256 551d4be4a07667cf0543f3c895beb6da8a93ef5a9829f2ae47817be5e616a114 spice-0.14.3.tar.bz2 +sha256 b320cf8f4bd2852750acb703c15b72856027e5a8554f8217dfbb3cc09deba0f5 spice-0.15.0.tar.bz2 sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING diff --git a/package/spice/spice.mk b/package/spice/spice.mk index b515431cf1..ab35265ab4 100644 --- a/package/spice/spice.mk +++ b/package/spice/spice.mk @@ -4,7 +4,7 @@ # ################################################################################ -SPICE_VERSION = 0.14.3 +SPICE_VERSION = 0.15.0 SPICE_SOURCE = spice-$(SPICE_VERSION).tar.bz2 SPICE_SITE = http://www.spice-space.org/download/releases/spice-server SPICE_LICENSE = LGPL-2.1+ From patchwork Wed Jun 16 06:10:02 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fabrice Fontaine X-Patchwork-Id: 1492725 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net (client-ip=2605:bc80:3010::133; helo=smtp2.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=gnfIgIaQ; dkim-atps=neutral Received: from smtp2.osuosl.org (smtp2.osuosl.org [IPv6:2605:bc80:3010::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4G4ZYM5hv5z9sRf for ; Wed, 16 Jun 2021 16:10:31 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 45FFD401C5; Wed, 16 Jun 2021 06:10:29 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r0Ok4AdO7Mnh; Wed, 16 Jun 2021 06:10:28 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by smtp2.osuosl.org (Postfix) with ESMTP id A51A9400BF; Wed, 16 Jun 2021 06:10:27 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by ash.osuosl.org (Postfix) with ESMTP id 14D931BF5B5 for ; Wed, 16 Jun 2021 06:10:14 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id 04E4C60A3C for ; Wed, 16 Jun 2021 06:10:14 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Authentication-Results: smtp3.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6wvt5f0WQb6K for ; Wed, 16 Jun 2021 06:10:13 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 Received: from mail-wr1-x42b.google.com (mail-wr1-x42b.google.com [IPv6:2a00:1450:4864:20::42b]) by smtp3.osuosl.org (Postfix) with ESMTPS id 5BEE96078D for ; Wed, 16 Jun 2021 06:10:13 +0000 (UTC) Received: by mail-wr1-x42b.google.com with SMTP id z8so1177592wrp.12 for ; Tue, 15 Jun 2021 23:10:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=5k6lAXTS2SkkJAC6Kx7YGmx9R0q1DwCa1agWIq3LXl0=; b=gnfIgIaQ/r6NFUxYUNEXpzFNVR0PMQjWePIfw5bCZE0lAXNKPKCuWl/9oozAoSbuKh h4RvPPVMd9ipYzlpbLu1oUkHEaejbobY4Aark0TSi1EZmKF/dw2GHgR+DAlPIbC4PGL7 uAagPiLpEswKk0Q4YI7TFMnqRh4aWlTKCQcpbWZkufwPPc/USU5pkiqa6+q7B0W3qpfB 0rORnqZO0M/kFlherHeynB+acUc61EbYDPUEX+/ykDbViJ1GNsQpog7JJZmnFKw4ngXW FefV8QD1urNUGUda15XNiu93/3ddIQHSjnalEaOF3eG32QpYEuCud7QccVCk+FepSizf B99g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=5k6lAXTS2SkkJAC6Kx7YGmx9R0q1DwCa1agWIq3LXl0=; b=YGCtaQRt6Fz8s3l6IVCzqsjzgE+OMvfr50y4CCU5gMeGBUR/fxusQ43/mondTWHq7m OqaGD/HC6dAJDBaiSNzFfNidIN1G/HGWAOBa3iklTWrz8uLfOMd5lBaFQjiiFGlxEWVk NBv3y+x1QCgf9OBXFTPIH+DugTqhRuQYbZSW0gdvpsOyEk1bEEoLVoJiLvy1J2Ay01xL uUUNl+avgllHiWQ6F+qRtXbG67CFBGELVYBZ/26ZjzMGvcVv/TZ/1d+6S8KOYCMgORpH UgrvMkQzwOZ20oxpInDAT+uBNYBpq+vjbSjD6D+ek3t3J9crPv/N1gew5PNXx++hJo5o G3LA== X-Gm-Message-State: AOAM533PTuxb4fGDuONYl3JgQYeoSjitjH6evxC8gbA1mSlJ1oiC2pZx HrYn8LUT4jOl5cUwkhyf/pzxt9vpzOJ0Gw== X-Google-Smtp-Source: ABdhPJyEtsFD9n5neBRpenWtVk28Nxu+5G4GA3Iieb+lHWenVl32B/4wzBWylE1Slkty2VOIIP6OEw== X-Received: by 2002:adf:ea86:: with SMTP id s6mr3170520wrm.75.1623823811157; Tue, 15 Jun 2021 23:10:11 -0700 (PDT) Received: from kali.home (lfbn-ren-1-1383-171.w86-229.abo.wanadoo.fr. [86.229.230.171]) by smtp.gmail.com with ESMTPSA id j12sm974340wrt.69.2021.06.15.23.10.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 15 Jun 2021 23:10:10 -0700 (PDT) From: Fabrice Fontaine To: buildroot@buildroot.org Date: Wed, 16 Jun 2021 08:10:02 +0200 Message-Id: <20210616061002.345235-2-fontaine.fabrice@gmail.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210616061002.345235-1-fontaine.fabrice@gmail.com> References: <20210616061002.345235-1-fontaine.fabrice@gmail.com> MIME-Version: 1.0 Subject: [Buildroot] [PATCH 2/2] package/spice: drop duplicated opus handling X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: "Yann E . MORIN" , Fabrice Fontaine Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" opus dependency is handled twice since commit f33f7a4f6407f624edb4b4ffe54cb09e029a49b2 Signed-off-by: Fabrice Fontaine --- package/spice/spice.mk | 5 ----- 1 file changed, 5 deletions(-) diff --git a/package/spice/spice.mk b/package/spice/spice.mk index ab35265ab4..5f7bcd9d2f 100644 --- a/package/spice/spice.mk +++ b/package/spice/spice.mk @@ -45,11 +45,6 @@ else SPICE_CONF_OPTS += --disable-opus endif -# no enable/disable, detected using pkg-config -ifeq ($(BR2_PACKAGE_OPUS),y) -SPICE_DEPENDENCIES += opus -endif - # We need to tweak spice.pc because it /forgets/ (for static linking) that # it should link against libz and libjpeg. libz is pkg-config-aware, while # libjpeg isn't, hence the two-line tweak