From 7fb8297df405da4affcb68c7647a41487b7d129e Mon Sep 17 00:00:00 2001 From: Fabrice Fontaine Date: Tue, 23 Jul 2024 14:01:40 +0200 Subject: [PATCH] package/procps-ng: security bump to version 4.0.4 - Fixes CVE-2023-4016 - Drop all patches (already in version) and so also drop autoreconf - This bump will also fix the following build failure with gcc >= 14: pgrep.c: In function 'main': pgrep.c:1066:37: error: implicit declaration of function 'pidfd_open'; did you mean 'fdopen'? [-Wimplicit-function-declaration] 1066 | int pidfd = pidfd_open(procs[i].num, 0); | ^~~~~~~~~~ | fdopen https://gitlab.com/procps-ng/procps/-/blob/v4.0.4/NEWS Fixes: - http://autobuild.buildroot.org/results/bd7b49123905c580842a3dd3b7a338d5aedf55d7 Signed-off-by: Fabrice Fontaine Signed-off-by: Thomas Petazzoni (cherry picked from commit d79f40dbbe98983bc657d4c82d46b38b8283351b) Signed-off-by: Peter Korsgaard --- .checkpackageignore | 3 - .../0001-configure-Add--disable-w.patch | 93 ------------------- ...ssing-nl_langinfo-on-certain-configs.patch | 34 ------- .../procps-ng/0003-fix-pifd_open-check.patch | 59 ------------ package/procps-ng/procps-ng.hash | 8 +- package/procps-ng/procps-ng.mk | 4 +- 6 files changed, 5 insertions(+), 196 deletions(-) delete mode 100644 package/procps-ng/0001-configure-Add--disable-w.patch delete mode 100644 package/procps-ng/0002-escape-c-Fix-missing-nl_langinfo-on-certain-configs.patch delete mode 100644 package/procps-ng/0003-fix-pifd_open-check.patch diff --git a/.checkpackageignore b/.checkpackageignore index dfe71f1505..2582cf706a 100644 --- a/.checkpackageignore +++ b/.checkpackageignore @@ -1011,9 +1011,6 @@ package/pptp-linux/0002-fix-parallel-build.patch Upstream package/prboom/0001-libpng-1.4.patch Upstream package/prboom/0002-configure-remove-predefined-O2-optimization-flag.patch Upstream package/prelink-cross/0001-src-rtld-dl-tls.c-Fix-TLS-offsets-computation-for-s3.patch Upstream -package/procps-ng/0001-configure-Add--disable-w.patch Upstream -package/procps-ng/0002-escape-c-Fix-missing-nl_langinfo-on-certain-configs.patch Upstream -package/procps-ng/0003-fix-pifd_open-check.patch Upstream package/procps-ng/S02sysctl Variables package/proftpd/S50proftpd Indent Shellcheck Variables package/prosody/0001-enable-syslog.patch Upstream diff --git a/package/procps-ng/0001-configure-Add--disable-w.patch b/package/procps-ng/0001-configure-Add--disable-w.patch deleted file mode 100644 index 8a699df5a6..0000000000 --- a/package/procps-ng/0001-configure-Add--disable-w.patch +++ /dev/null @@ -1,93 +0,0 @@ -From 1524a625e693b956ce0b5091c9f89f24fb7e8614 Mon Sep 17 00:00:00 2001 -From: "Issam E. Maghni" -Date: Fri, 23 Apr 2021 15:58:36 -0400 -Subject: [PATCH] configure: Add --disable-w - -[Retrieved (and backported) from: -https://gitlab.com/procps-ng/procps/-/commit/1524a625e693b956ce0b5091c9f89f24fb7e8614] -Signed-off-by: Fabrice Fontaine ---- - Makefile.am | 21 +++++++++++++++------ - configure.ac | 6 ++++++ - 2 files changed, 21 insertions(+), 6 deletions(-) - -diff --git a/Makefile.am b/Makefile.am -index de15e137..d2356872 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -47,8 +47,7 @@ bin_PROGRAMS = \ - pwdx \ - tload \ - uptime \ -- vmstat \ -- w -+ vmstat - if BUILD_PWAIT - bin_PROGRAMS += pwait - endif -@@ -60,8 +59,7 @@ usrbin_exec_PROGRAMS += \ - pkill \ - pmap \ - uptime \ -- vmstat \ -- w -+ vmstat - endif - - lib_LTLIBRARIES = \ -@@ -74,7 +72,6 @@ dist_man_MANS = \ - pmap.1 \ - uptime.1 \ - vmstat.8 \ -- w.1 \ - ps/procps.1 - - if !CYGWIN -@@ -137,6 +134,19 @@ else - EXTRA_DIST += kill.1 - endif - -+if BUILD_W -+if CYGWIN -+usrbin_exec_PROGRAMS += w -+else -+bin_PROGRAMS += w -+endif -+ -+dist_man_MANS += w.1 -+w_SOURCES = w.c lib/fileutils.c -+else -+ EXTRA_DIST += w.1 -+endif -+ - if WITH_NCURSES - if !CYGWIN - bin_PROGRAMS += \ -@@ -213,7 +223,6 @@ endif - tload_SOURCES = tload.c lib/strutils.c lib/fileutils.c - uptime_SOURCES = uptime.c lib/fileutils.c - vmstat_SOURCES = vmstat.c lib/strutils.c lib/fileutils.c --w_SOURCES = w.c lib/fileutils.c - - # proc/libprocps.la - -diff --git a/configure.ac b/configure.ac -index 750c0fbb..3e83fb88 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -234,6 +234,12 @@ AC_ARG_ENABLE([kill], - [], [enable_kill=yes] - ) - AM_CONDITIONAL(BUILD_KILL, test "x$enable_kill" = xyes) -+AC_ARG_ENABLE([w], -+ AS_HELP_STRING([--disable-w], [do not build w]), -+ [], [enable_w=yes] -+) -+AM_CONDITIONAL(BUILD_W, test "x$enable_w" = xyes) -+ - AM_CONDITIONAL(LINUX, test "x$host_os" = xlinux-gnu) - AM_CONDITIONAL(CYGWIN, test "x$host_os" = xcygwin) - --- -GitLab - diff --git a/package/procps-ng/0002-escape-c-Fix-missing-nl_langinfo-on-certain-configs.patch b/package/procps-ng/0002-escape-c-Fix-missing-nl_langinfo-on-certain-configs.patch deleted file mode 100644 index f3e2b126a6..0000000000 --- a/package/procps-ng/0002-escape-c-Fix-missing-nl_langinfo-on-certain-configs.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 2763b9880a7aab569694d6ee3170dd7341a26b84 Mon Sep 17 00:00:00 2001 -From: "Issam E. Maghni" -Date: Fri, 23 Apr 2021 16:53:39 -0400 -Subject: [PATCH] escape.c: Fix missing nl_langinfo on certain configs - -[Retrieved from: -https://gitlab.com/procps-ng/procps/-/commit/2763b9880a7aab569694d6ee3170dd7341a26b84] -Signed-off-by: Fabrice Fontaine ---- - proc/escape.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/proc/escape.c b/proc/escape.c -index 2e8fb7dd..cf4a80de 100644 ---- a/proc/escape.c -+++ b/proc/escape.c -@@ -24,13 +24,13 @@ - #include "procps.h" - #include "escape.h" - #include "readproc.h" -+#include "nls.h" - - #if (__GNU_LIBRARY__ >= 6) && (!defined(__UCLIBC__) || defined(__UCLIBC_HAS_WCHAR__)) - # include - # include - # include /* MB_CUR_MAX */ - # include --# include - #endif - - #define SECURE_ESCAPE_ARGS(dst, bytes, cells) do { \ --- -GitLab - diff --git a/package/procps-ng/0003-fix-pifd_open-check.patch b/package/procps-ng/0003-fix-pifd_open-check.patch deleted file mode 100644 index 7152901e70..0000000000 --- a/package/procps-ng/0003-fix-pifd_open-check.patch +++ /dev/null @@ -1,59 +0,0 @@ -From 0cce3e981540c28d2f703b9ab16c04d0df8fa03d Mon Sep 17 00:00:00 2001 -From: Fabrice Fontaine -Date: Thu, 3 Nov 2022 18:24:53 +0100 -Subject: [PATCH] fix pifd_open check - -Replace AC_CHECK_FUNC by AC_CHECK_FUNCS otherwise HAVE_PIDFD_OPEN will -never be defined resulting in the following build failure if pidfd_open -is available but __NR_pidfd_open is not available: - -pgrep.c: In function 'pidfd_open': -pgrep.c:748:17: error: '__NR_pidfd_open' undeclared (first use in this function); did you mean 'pidfd_open'? - 748 | return syscall(__NR_pidfd_open, pid, flags); - | ^~~~~~~~~~~~~~~ - | pidfd_open - -This build failure is raised since the addition of pwait in version -3.3.17 and -https://gitlab.com/procps-ng/procps/-/commit/c8384e682c1cfb3b2dc797e0f8a3cbaaccf7a3da - -Fixes: - - http://autobuild.buildroot.org/results/f23a5156e641b2ebdd673973dec0f9c87760c688 - -Signed-off-by: Fabrice Fontaine -[Upstream status: -https://gitlab.com/procps-ng/procps/-/merge_requests/166] ---- - configure.ac | 2 +- - src/pgrep.c | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 629881a6..1a3ccdb8 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -160,7 +160,7 @@ AC_TRY_COMPILE([#include ], - AC_MSG_RESULT(yes), - AC_MSG_RESULT(no)) - --AC_CHECK_FUNC([pidfd_open], [enable_pwait=yes], [ -+AC_CHECK_FUNCS([pidfd_open], [enable_pwait=yes], [ - AC_MSG_CHECKING([for __NR_pidfd_open]) - AC_COMPILE_IFELSE([AC_LANG_SOURCE([ - #include -diff --git a/pgrep.c b/pgrep.c -index c4ad5da3..29cfedf7 100644 ---- a/pgrep.c -+++ b/pgrep.c -@@ -38,7 +38,7 @@ - #include - #include - --#if defined(ENABLE_PWAIT) && !defined(HAVE_PIDFD_OPEN) -+#if defined(ENABLE_PWAIT) - #include - #include - #endif --- -2.35.1 - diff --git a/package/procps-ng/procps-ng.hash b/package/procps-ng/procps-ng.hash index 09f2ebd0cb..0d9cd9a835 100644 --- a/package/procps-ng/procps-ng.hash +++ b/package/procps-ng/procps-ng.hash @@ -1,8 +1,8 @@ # From http://sourceforge.net/projects/procps-ng/files/Production/ -md5 d60613e88c2f442ebd462b5a75313d56 procps-ng-3.3.17.tar.xz -sha1 a52952e8bc6aaab812176c00d25adc4d4e1552e2 procps-ng-3.3.17.tar.xz +md5 2f747fc7df8ccf402d03e375c565cf96 procps-ng-4.0.4.tar.xz +sha1 2b859acd7060e9898ac457dbd26dbebf563cc44b procps-ng-4.0.4.tar.xz # Locally calculated after checking signature -# http://downloads.sourceforge.net/project/procps-ng/Production/procps-ng-3.3.17.tar.xz.asc -sha256 4518b3e7aafd34ec07d0063d250fd474999b20b200218c3ae56f5d2113f141b4 procps-ng-3.3.17.tar.xz +# http://downloads.sourceforge.net/project/procps-ng/Production/procps-ng-4.0.4.tar.xz.asc +sha256 22870d6feb2478adb617ce4f09a787addaf2d260c5a8aa7b17d889a962c5e42e procps-ng-4.0.4.tar.xz sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING sha256 681e386e44a19d7d0674b4320272c90e66b6610b741e7e6305f8219c42e85366 COPYING.LIB diff --git a/package/procps-ng/procps-ng.mk b/package/procps-ng/procps-ng.mk index ba8958d146..c5675e2ee6 100644 --- a/package/procps-ng/procps-ng.mk +++ b/package/procps-ng/procps-ng.mk @@ -4,15 +4,13 @@ # ################################################################################ -PROCPS_NG_VERSION = 3.3.17 +PROCPS_NG_VERSION = 4.0.4 PROCPS_NG_SOURCE = procps-ng-$(PROCPS_NG_VERSION).tar.xz PROCPS_NG_SITE = http://downloads.sourceforge.net/project/procps-ng/Production PROCPS_NG_LICENSE = GPL-2.0+, LGPL-2.0+ (libproc and libps) PROCPS_NG_LICENSE_FILES = COPYING COPYING.LIB PROCPS_NG_CPE_ID_VALID = YES PROCPS_NG_INSTALL_STAGING = YES -# We're patching configure.ac -PROCPS_NG_AUTORECONF = YES PROCPS_NG_DEPENDENCIES = ncurses host-pkgconf $(TARGET_NLS_DEPENDENCIES) PROCPS_NG_CONF_OPTS = LIBS=$(TARGET_NLS_LIBS)