diff options
author | Marius Bakke <mbakke@fastmail.com> | 2018-12-09 00:18:32 +0100 |
---|---|---|
committer | Marius Bakke <mbakke@fastmail.com> | 2018-12-09 00:18:32 +0100 |
commit | fbb7b04a8563fbb5dfbe7b3c7be171c8dec23442 (patch) | |
tree | 5508f13c24ef19dd018cd91fe287e8fa50eda7e4 /gnu/packages/patches | |
parent | 16735b0b632b5f05fc914836b8f345e3a9e601dd (diff) | |
parent | cec0c4e29c6efb337ae65d9c533cdbb2bf724430 (diff) | |
download | guix-fbb7b04a8563fbb5dfbe7b3c7be171c8dec23442.tar guix-fbb7b04a8563fbb5dfbe7b3c7be171c8dec23442.tar.gz |
Merge branch 'master' into staging
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r-- | gnu/packages/patches/beets-python-3.7-fix.patch | 57 | ||||
-rw-r--r-- | gnu/packages/patches/elogind-glibc-2.27.patch | 22 | ||||
-rw-r--r-- | gnu/packages/patches/gcc-libsanitizer-fix.patch | 113 | ||||
-rw-r--r-- | gnu/packages/patches/qemu-CVE-2018-16847.patch | 158 | ||||
-rw-r--r-- | gnu/packages/patches/qemu-CVE-2018-16867.patch | 49 | ||||
-rw-r--r-- | gnu/packages/patches/quilt-getopt-nondigit-param.patch (renamed from gnu/packages/patches/quilt-compat-getopt-fix-option-with-nondigit-param.patch) | 0 | ||||
-rw-r--r-- | gnu/packages/patches/quilt-getopt-second-separator.patch (renamed from gnu/packages/patches/quilt-compat-getopt-fix-second-separator.patch) | 0 |
7 files changed, 264 insertions, 135 deletions
diff --git a/gnu/packages/patches/beets-python-3.7-fix.patch b/gnu/packages/patches/beets-python-3.7-fix.patch new file mode 100644 index 0000000000..43707cd9d0 --- /dev/null +++ b/gnu/packages/patches/beets-python-3.7-fix.patch @@ -0,0 +1,57 @@ +Fix compatibility issue with Python 3.7: + +https://github.com/beetbox/beets/issues/2978 + +Patch copied from upstream source repository: + +https://github.com/beetbox/beets/commit/15d44f02a391764da1ce1f239caef819f08beed8 + +From 15d44f02a391764da1ce1f239caef819f08beed8 Mon Sep 17 00:00:00 2001 +From: Adrian Sampson <adrian@radbox.org> +Date: Sun, 22 Jul 2018 12:34:19 -0400 +Subject: [PATCH] Fix Python 3.7 compatibility (#2978) + +--- + beets/autotag/hooks.py | 8 +++++++- + docs/changelog.rst | 2 ++ + 2 files changed, 9 insertions(+), 1 deletion(-) + +diff --git a/beets/autotag/hooks.py b/beets/autotag/hooks.py +index 3615a9333..1c62a54c5 100644 +--- a/beets/autotag/hooks.py ++++ b/beets/autotag/hooks.py +@@ -31,6 +31,12 @@ + + log = logging.getLogger('beets') + ++# The name of the type for patterns in re changed in Python 3.7. ++try: ++ Pattern = re._pattern_type ++except AttributeError: ++ Pattern = re.Pattern ++ + + # Classes used to represent candidate options. + +@@ -433,7 +439,7 @@ def _eq(self, value1, value2): + be a compiled regular expression, in which case it will be + matched against `value2`. + """ +- if isinstance(value1, re._pattern_type): ++ if isinstance(value1, Pattern): + return bool(value1.match(value2)) + return value1 == value2 + +#diff --git a/docs/changelog.rst b/docs/changelog.rst +#index be6de2904..d487f31f5 100644 +#--- a/docs/changelog.rst +#+++ b/docs/changelog.rst +#@@ -19,6 +19,8 @@ New features: +# +# Fixes: +# +#+* Fix compatibility Python 3.7 and its change to a name in the ``re`` module. +#+ :bug:`2978` +# * R128 normalization tags are now properly deleted from files when the values +# are missing. +# Thanks to :user:`autrimpo`. diff --git a/gnu/packages/patches/elogind-glibc-2.27.patch b/gnu/packages/patches/elogind-glibc-2.27.patch deleted file mode 100644 index 4ade587b5e..0000000000 --- a/gnu/packages/patches/elogind-glibc-2.27.patch +++ /dev/null @@ -1,22 +0,0 @@ -Look for memfd_create in sys/mman.h instead of linux/memfd.h. -Needed to build with glibc-2.27. - ---- a/configure.ac 1969-12-31 19:00:00.000000000 -0500 -+++ b/configure.ac 2018-03-27 23:54:15.414589005 -0400 -@@ -360,7 +360,7 @@ - # ------------------------------------------------------------------------------ - - AC_CHECK_HEADERS([sys/capability.h], [], [AC_MSG_ERROR([*** POSIX caps headers not found])]) --AC_CHECK_HEADERS([linux/memfd.h], [], []) -+AC_CHECK_HEADERS([sys/mman.h], [], []) - - AC_CHECK_HEADERS([printf.h], [have_printf_h=yes], [have_printf_h=no]) - AS_IF([test x$have_printf_h = xyes], [ -@@ -395,6 +395,7 @@ - [], [], [[ - #include <sys/types.h> - #include <unistd.h> -+#include <sys/mman.h> - #include <sys/mount.h> - #include <fcntl.h> - #include <sched.h> diff --git a/gnu/packages/patches/gcc-libsanitizer-fix.patch b/gnu/packages/patches/gcc-libsanitizer-fix.patch deleted file mode 100644 index 67aa44bed4..0000000000 --- a/gnu/packages/patches/gcc-libsanitizer-fix.patch +++ /dev/null @@ -1,113 +0,0 @@ -https://gcc.gnu.org/git/?p=gcc.git;a=patch;h=8937b94d1a643fd9760714642296d034a45254a8 -https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81066 - -This patch can be removed when gcc-6.5.0 is released - -From 8937b94d1a643fd9760714642296d034a45254a8 Mon Sep 17 00:00:00 2001 -From: doko <doko@138bc75d-0d04-0410-961f-82ee72b054a4> -Date: Thu, 7 Sep 2017 07:15:24 +0000 -Subject: [PATCH] 2017-09-07 Matthias Klose <doko@ubuntu.com> - - Backported from mainline - 2017-07-14 Jakub Jelinek <jakub@redhat.com> - - PR sanitizer/81066 - * sanitizer_common/sanitizer_linux.h: Cherry-pick upstream r307969. - * sanitizer_common/sanitizer_linux.cc: Likewise. - * sanitizer_common/sanitizer_stoptheworld_linux_libcdep.cc: Likewise. - * tsan/tsan_platform_linux.cc: Likewise. - - -git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-6-branch@251828 138bc75d-0d04-0410-961f-82ee72b054a4 ---- - libsanitizer/ChangeLog | 11 +++++++++++ - libsanitizer/sanitizer_common/sanitizer_linux.cc | 3 +-- - libsanitizer/sanitizer_common/sanitizer_linux.h | 4 +--- - .../sanitizer_common/sanitizer_stoptheworld_linux_libcdep.cc | 2 +- - libsanitizer/tsan/tsan_platform_linux.cc | 2 +- - 5 files changed, 15 insertions(+), 7 deletions(-) - -diff --git a/libsanitizer/ChangeLog b/libsanitizer/ChangeLog -index 252cd09..d988b28 100644 ---- a/libsanitizer/ChangeLog -+++ b/libsanitizer/ChangeLog -@@ -1,3 +1,14 @@ -+2017-09-07 Matthias Klose <doko@ubuntu.com> -+ -+ Backported from mainline -+ 2017-07-14 Jakub Jelinek <jakub@redhat.com> -+ -+ PR sanitizer/81066 -+ * sanitizer_common/sanitizer_linux.h: Cherry-pick upstream r307969. -+ * sanitizer_common/sanitizer_linux.cc: Likewise. -+ * sanitizer_common/sanitizer_stoptheworld_linux_libcdep.cc: Likewise. -+ * tsan/tsan_platform_linux.cc: Likewise. -+ - 2017-07-04 Release Manager - - * GCC 6.4.0 released. -diff --git a/libsanitizer/sanitizer_common/sanitizer_linux.cc b/libsanitizer/sanitizer_common/sanitizer_linux.cc -index 2cefa20..223d9c6 100644 ---- a/libsanitizer/sanitizer_common/sanitizer_linux.cc -+++ b/libsanitizer/sanitizer_common/sanitizer_linux.cc -@@ -546,8 +546,7 @@ uptr internal_prctl(int option, uptr arg2, uptr arg3, uptr arg4, uptr arg5) { - } - #endif - --uptr internal_sigaltstack(const struct sigaltstack *ss, -- struct sigaltstack *oss) { -+uptr internal_sigaltstack(const void *ss, void *oss) { - return internal_syscall(SYSCALL(sigaltstack), (uptr)ss, (uptr)oss); - } - -diff --git a/libsanitizer/sanitizer_common/sanitizer_linux.h b/libsanitizer/sanitizer_common/sanitizer_linux.h -index 4497702..1594058 100644 ---- a/libsanitizer/sanitizer_common/sanitizer_linux.h -+++ b/libsanitizer/sanitizer_common/sanitizer_linux.h -@@ -19,7 +19,6 @@ - #include "sanitizer_platform_limits_posix.h" - - struct link_map; // Opaque type returned by dlopen(). --struct sigaltstack; - - namespace __sanitizer { - // Dirent structure for getdents(). Note that this structure is different from -@@ -28,8 +27,7 @@ struct linux_dirent; - - // Syscall wrappers. - uptr internal_getdents(fd_t fd, struct linux_dirent *dirp, unsigned int count); --uptr internal_sigaltstack(const struct sigaltstack* ss, -- struct sigaltstack* oss); -+uptr internal_sigaltstack(const void* ss, void* oss); - uptr internal_sigprocmask(int how, __sanitizer_sigset_t *set, - __sanitizer_sigset_t *oldset); - void internal_sigfillset(__sanitizer_sigset_t *set); -diff --git a/libsanitizer/sanitizer_common/sanitizer_stoptheworld_linux_libcdep.cc b/libsanitizer/sanitizer_common/sanitizer_stoptheworld_linux_libcdep.cc -index c919e4f..014162af 100644 ---- a/libsanitizer/sanitizer_common/sanitizer_stoptheworld_linux_libcdep.cc -+++ b/libsanitizer/sanitizer_common/sanitizer_stoptheworld_linux_libcdep.cc -@@ -267,7 +267,7 @@ static int TracerThread(void* argument) { - - // Alternate stack for signal handling. - InternalScopedBuffer<char> handler_stack_memory(kHandlerStackSize); -- struct sigaltstack handler_stack; -+ stack_t handler_stack; - internal_memset(&handler_stack, 0, sizeof(handler_stack)); - handler_stack.ss_sp = handler_stack_memory.data(); - handler_stack.ss_size = kHandlerStackSize; -diff --git a/libsanitizer/tsan/tsan_platform_linux.cc b/libsanitizer/tsan/tsan_platform_linux.cc -index 09cec5f..908f4fe 100644 ---- a/libsanitizer/tsan/tsan_platform_linux.cc -+++ b/libsanitizer/tsan/tsan_platform_linux.cc -@@ -291,7 +291,7 @@ bool IsGlobalVar(uptr addr) { - int ExtractResolvFDs(void *state, int *fds, int nfd) { - #if SANITIZER_LINUX - int cnt = 0; -- __res_state *statp = (__res_state*)state; -+ struct __res_state *statp = (struct __res_state*)state; - for (int i = 0; i < MAXNS && cnt < nfd; i++) { - if (statp->_u._ext.nsaddrs[i] && statp->_u._ext.nssocks[i] != -1) - fds[cnt++] = statp->_u._ext.nssocks[i]; --- -2.9.3 - diff --git a/gnu/packages/patches/qemu-CVE-2018-16847.patch b/gnu/packages/patches/qemu-CVE-2018-16847.patch new file mode 100644 index 0000000000..c76bdf764a --- /dev/null +++ b/gnu/packages/patches/qemu-CVE-2018-16847.patch @@ -0,0 +1,158 @@ +Fix CVE-2018-16847: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16847 + +Patch copied from upstream source repository: + +https://git.qemu.org/?p=qemu.git;a=commitdiff;h=87ad860c622cc8f8916b5232bd8728c08f938fce + +From 87ad860c622cc8f8916b5232bd8728c08f938fce Mon Sep 17 00:00:00 2001 +From: Paolo Bonzini <pbonzini@redhat.com> +Date: Tue, 20 Nov 2018 19:41:48 +0100 +Subject: [PATCH] nvme: fix out-of-bounds access to the CMB +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Because the CMB BAR has a min_access_size of 2, if you read the last +byte it will try to memcpy *2* bytes from n->cmbuf, causing an off-by-one +error. This is CVE-2018-16847. + +Another way to fix this might be to register the CMB as a RAM memory +region, which would also be more efficient. However, that might be a +change for big-endian machines; I didn't think this through and I don't +know how real hardware works. Add a basic testcase for the CMB in case +somebody does this change later on. + +Cc: Keith Busch <keith.busch@intel.com> +Cc: qemu-block@nongnu.org +Reported-by: Li Qiang <liq3ea@gmail.com> +Reviewed-by: Li Qiang <liq3ea@gmail.com> +Tested-by: Li Qiang <liq3ea@gmail.com> +Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> +Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> +Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com> +Signed-off-by: Kevin Wolf <kwolf@redhat.com> +--- + hw/block/nvme.c | 2 +- + tests/Makefile.include | 2 +- + tests/nvme-test.c | 68 +++++++++++++++++++++++++++++++++++------- + 3 files changed, 60 insertions(+), 12 deletions(-) + +diff --git a/hw/block/nvme.c b/hw/block/nvme.c +index 28d284346dd..8c35cab2b43 100644 +--- a/hw/block/nvme.c ++++ b/hw/block/nvme.c +@@ -1201,7 +1201,7 @@ static const MemoryRegionOps nvme_cmb_ops = { + .write = nvme_cmb_write, + .endianness = DEVICE_LITTLE_ENDIAN, + .impl = { +- .min_access_size = 2, ++ .min_access_size = 1, + .max_access_size = 8, + }, + }; +diff --git a/tests/Makefile.include b/tests/Makefile.include +index 613242bc6ef..fb0b449c02a 100644 +--- a/tests/Makefile.include ++++ b/tests/Makefile.include +@@ -730,7 +730,7 @@ tests/test-hmp$(EXESUF): tests/test-hmp.o + tests/machine-none-test$(EXESUF): tests/machine-none-test.o + tests/drive_del-test$(EXESUF): tests/drive_del-test.o $(libqos-virtio-obj-y) + tests/qdev-monitor-test$(EXESUF): tests/qdev-monitor-test.o $(libqos-pc-obj-y) +-tests/nvme-test$(EXESUF): tests/nvme-test.o ++tests/nvme-test$(EXESUF): tests/nvme-test.o $(libqos-pc-obj-y) + tests/pvpanic-test$(EXESUF): tests/pvpanic-test.o + tests/i82801b11-test$(EXESUF): tests/i82801b11-test.o + tests/ac97-test$(EXESUF): tests/ac97-test.o +diff --git a/tests/nvme-test.c b/tests/nvme-test.c +index 7674a446e4f..2700ba838aa 100644 +--- a/tests/nvme-test.c ++++ b/tests/nvme-test.c +@@ -8,25 +8,73 @@ + */ + + #include "qemu/osdep.h" ++#include "qemu/units.h" + #include "libqtest.h" ++#include "libqos/libqos-pc.h" ++ ++static QOSState *qnvme_start(const char *extra_opts) ++{ ++ QOSState *qs; ++ const char *arch = qtest_get_arch(); ++ const char *cmd = "-drive id=drv0,if=none,file=null-co://,format=raw " ++ "-device nvme,addr=0x4.0,serial=foo,drive=drv0 %s"; ++ ++ if (strcmp(arch, "i386") == 0 || strcmp(arch, "x86_64") == 0) { ++ qs = qtest_pc_boot(cmd, extra_opts ? : ""); ++ global_qtest = qs->qts; ++ return qs; ++ } ++ ++ g_printerr("nvme tests are only available on x86\n"); ++ exit(EXIT_FAILURE); ++} ++ ++static void qnvme_stop(QOSState *qs) ++{ ++ qtest_shutdown(qs); ++} + +-/* Tests only initialization so far. TODO: Replace with functional tests */ + static void nop(void) + { ++ QOSState *qs; ++ ++ qs = qnvme_start(NULL); ++ qnvme_stop(qs); + } + +-int main(int argc, char **argv) ++static void nvmetest_cmb_test(void) + { +- int ret; ++ const int cmb_bar_size = 2 * MiB; ++ QOSState *qs; ++ QPCIDevice *pdev; ++ QPCIBar bar; + +- g_test_init(&argc, &argv, NULL); +- qtest_add_func("/nvme/nop", nop); ++ qs = qnvme_start("-global nvme.cmb_size_mb=2"); ++ pdev = qpci_device_find(qs->pcibus, QPCI_DEVFN(4,0)); ++ g_assert(pdev != NULL); ++ ++ qpci_device_enable(pdev); ++ bar = qpci_iomap(pdev, 2, NULL); ++ ++ qpci_io_writel(pdev, bar, 0, 0xccbbaa99); ++ g_assert_cmpint(qpci_io_readb(pdev, bar, 0), ==, 0x99); ++ g_assert_cmpint(qpci_io_readw(pdev, bar, 0), ==, 0xaa99); ++ ++ /* Test partially out-of-bounds accesses. */ ++ qpci_io_writel(pdev, bar, cmb_bar_size - 1, 0x44332211); ++ g_assert_cmpint(qpci_io_readb(pdev, bar, cmb_bar_size - 1), ==, 0x11); ++ g_assert_cmpint(qpci_io_readw(pdev, bar, cmb_bar_size - 1), !=, 0x2211); ++ g_assert_cmpint(qpci_io_readl(pdev, bar, cmb_bar_size - 1), !=, 0x44332211); ++ g_free(pdev); + +- qtest_start("-drive id=drv0,if=none,file=null-co://,format=raw " +- "-device nvme,drive=drv0,serial=foo"); +- ret = g_test_run(); ++ qnvme_stop(qs); ++} + +- qtest_end(); ++int main(int argc, char **argv) ++{ ++ g_test_init(&argc, &argv, NULL); ++ qtest_add_func("/nvme/nop", nop); ++ qtest_add_func("/nvme/cmb_test", nvmetest_cmb_test); + +- return ret; ++ return g_test_run(); + } +-- +2.19.2 + diff --git a/gnu/packages/patches/qemu-CVE-2018-16867.patch b/gnu/packages/patches/qemu-CVE-2018-16867.patch new file mode 100644 index 0000000000..1403d8e0f8 --- /dev/null +++ b/gnu/packages/patches/qemu-CVE-2018-16867.patch @@ -0,0 +1,49 @@ +Fix CVE-2018-16867: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16867 +https://seclists.org/oss-sec/2018/q4/202 + +Patch copied from upstream source repository: + +https://git.qemu.org/?p=qemu.git;a=commitdiff;h=c52d46e041b42bb1ee6f692e00a0abe37a9659f6 + +From c52d46e041b42bb1ee6f692e00a0abe37a9659f6 Mon Sep 17 00:00:00 2001 +From: Gerd Hoffmann <kraxel@redhat.com> +Date: Mon, 3 Dec 2018 11:10:45 +0100 +Subject: [PATCH] usb-mtp: outlaw slashes in filenames +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Slash is unix directory separator, so they are not allowed in filenames. +Note this also stops the classic escape via "../". + +Fixes: CVE-2018-16867 +Reported-by: Michael Hanselmann <public@hansmi.ch> +Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> +Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> +Message-id: 20181203101045.27976-3-kraxel@redhat.com +--- + hw/usb/dev-mtp.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/hw/usb/dev-mtp.c b/hw/usb/dev-mtp.c +index 0f6a9702ef1..100b7171f4e 100644 +--- a/hw/usb/dev-mtp.c ++++ b/hw/usb/dev-mtp.c +@@ -1719,6 +1719,12 @@ static void usb_mtp_write_metadata(MTPState *s) + + filename = utf16_to_str(dataset->length, dataset->filename); + ++ if (strchr(filename, '/')) { ++ usb_mtp_queue_result(s, RES_PARAMETER_NOT_SUPPORTED, d->trans, ++ 0, 0, 0, 0); ++ return; ++ } ++ + o = usb_mtp_object_lookup_name(p, filename, dataset->length); + if (o != NULL) { + next_handle = o->handle; +-- +2.19.2 + diff --git a/gnu/packages/patches/quilt-compat-getopt-fix-option-with-nondigit-param.patch b/gnu/packages/patches/quilt-getopt-nondigit-param.patch index 6bbec67e75..6bbec67e75 100644 --- a/gnu/packages/patches/quilt-compat-getopt-fix-option-with-nondigit-param.patch +++ b/gnu/packages/patches/quilt-getopt-nondigit-param.patch diff --git a/gnu/packages/patches/quilt-compat-getopt-fix-second-separator.patch b/gnu/packages/patches/quilt-getopt-second-separator.patch index cde2c8d41c..cde2c8d41c 100644 --- a/gnu/packages/patches/quilt-compat-getopt-fix-second-separator.patch +++ b/gnu/packages/patches/quilt-getopt-second-separator.patch |