[ptxdist] [PATCH 1/6] dbus: version bump 1.10.22 -> 1.10.24

[Clemens Gruber <clemens.gruber@pqgruber.com>]

The expat patch is now upstream.

Signed-off-by: Clemens Gruber <clemens.gruber@pqgruber.com>
---
 ...er-expat-Tell-Expat-not-to-defend-against.patch | 74 ----------------------
 patches/dbus-1.10.22/autogen.sh                    |  1 -
 patches/dbus-1.10.22/series                        |  5 --
 rules/dbus.make                                    |  4 +-
 4 files changed, 2 insertions(+), 82 deletions(-)
 delete mode 100644 patches/dbus-1.10.22/0010-config-loader-expat-Tell-Expat-not-to-defend-against.patch
 delete mode 120000 patches/dbus-1.10.22/autogen.sh
 delete mode 100644 patches/dbus-1.10.22/series

diff --git a/patches/dbus-1.10.22/0010-config-loader-expat-Tell-Expat-not-to-defend-against.patch b/patches/dbus-1.10.22/0010-config-loader-expat-Tell-Expat-not-to-defend-against.patch
deleted file mode 100644
index 5289f720f..000000000
--- a/patches/dbus-1.10.22/0010-config-loader-expat-Tell-Expat-not-to-defend-against.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-From: Simon McVittie <smcv@debian.org>
-Date: Fri, 21 Jul 2017 10:46:39 +0100
-Subject: [PATCH] config-loader-expat: Tell Expat not to defend against hash
- collisions
-
-By default, Expat uses cryptographic-quality random numbers as a salt for
-its hash algorithm, and since 2.2.1 it gets them from the getrandom
-syscall on Linux. That syscall refuses to return any entropy until the
-kernel's CSPRNG (random pool) has been initialized. Unfortunately, this
-can take as long as 40 seconds on embedded devices with few entropy
-sources, which is too long: if the system dbus-daemon blocks for that
-length of time, important D-Bus clients like systemd and systemd-logind
-time out and fail to connect to it.
-
-We're parsing small configuration files here, and we trust them
-completely, so we don't need to defend against hash collisions: nobody
-is going to be crafting them to cause pathological performance.
-
-Bug: https://bugs.freedesktop.org/show_bug.cgi?id=101858
-Signed-off-by: Simon McVittie <smcv@debian.org>
-Tested-by: Christopher Hewitt <hewitt@ieee.org>
-Reviewed-by: Philip Withnall <withnall@endlessm.com>
-
-Upstream commit 1252dc1d1f465b8ab6b36ff7252e395e66a040cf
-Signed-off-by: Marcus Hoffmann <m.hoffmann@cartelsol.com>
----
- bus/config-loader-expat.c | 14 ++++++++++++++
- configure.ac              |  8 ++++++++
- 2 files changed, 22 insertions(+)
-
-diff --git a/bus/config-loader-expat.c b/bus/config-loader-expat.c
-index b571fda3181f..27cbe2d090a0 100644
---- a/bus/config-loader-expat.c
-+++ b/bus/config-loader-expat.c
-@@ -203,6 +203,20 @@ bus_config_load (const DBusString      *file,
-       goto failed;
-     }
- 
-+  /* We do not need protection against hash collisions (CVE-2012-0876)
-+   * because we are only parsing trusted XML; and if we let Expat block
-+   * waiting for the CSPRNG to be initialized, as it does by default to
-+   * defeat CVE-2012-0876, it can cause timeouts during early boot on
-+   * entropy-starved embedded devices.
-+   *
-+   * TODO: When Expat gets a more explicit API for this than
-+   * XML_SetHashSalt, check for that too, and use it preferentially.
-+   * https://github.com/libexpat/libexpat/issues/91 */
-+#if defined(HAVE_XML_SETHASHSALT)
-+  /* Any nonzero number will do. https://xkcd.com/221/ */
-+  XML_SetHashSalt (expat, 4);
-+#endif
-+
-   if (!_dbus_string_get_dirname (file, &dirname))
-     {
-       dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
-diff --git a/configure.ac b/configure.ac
-index 1fabddd190a4..4e9c1de7bafc 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -938,6 +938,14 @@ XML_CFLAGS=
- AC_SUBST([XML_CFLAGS])
- AC_SUBST([XML_LIBS])
- 
-+save_cflags="$CFLAGS"
-+save_libs="$LIBS"
-+CFLAGS="$CFLAGS $XML_CFLAGS"
-+LIBS="$LIBS $XML_LIBS"
-+AC_CHECK_FUNCS([XML_SetHashSalt])
-+CFLAGS="$save_cflags"
-+LIBS="$save_libs"
-+
- # Thread lib detection
- AC_ARG_VAR([THREAD_LIBS])
- save_libs="$LIBS"
diff --git a/patches/dbus-1.10.22/autogen.sh b/patches/dbus-1.10.22/autogen.sh
deleted file mode 120000
index 9f8a4cb7d..000000000
--- a/patches/dbus-1.10.22/autogen.sh
+++ /dev/null
@@ -1 +0,0 @@
-../autogen.sh
\ No newline at end of file
diff --git a/patches/dbus-1.10.22/series b/patches/dbus-1.10.22/series
deleted file mode 100644
index 5883e2956..000000000
--- a/patches/dbus-1.10.22/series
+++ /dev/null
@@ -1,5 +0,0 @@
-# generated by git-ptx-patches
-#tag:base --start-number 1
-#tag:upstream --start-number 10
-0010-config-loader-expat-Tell-Expat-not-to-defend-against.patch
-# 0ea4df42f11d73dba6bd33a9d510501c  - git-ptx-patches magic
diff --git a/rules/dbus.make b/rules/dbus.make
index 8139009ff..d209547f6 100644
--- a/rules/dbus.make
+++ b/rules/dbus.make
@@ -18,8 +18,8 @@ PACKAGES-$(PTXCONF_DBUS) += dbus
 #
 # Paths and names
 #
-DBUS_VERSION	:= 1.10.22
-DBUS_MD5	:= baaa10b7cb49086ad91179a8decfadc5
+DBUS_VERSION	:= 1.10.24
+DBUS_MD5	:= d548ae16f9a3268fe4650ccc86a3f06f
 DBUS		:= dbus-$(DBUS_VERSION)
 DBUS_SUFFIX	:= tar.gz
 DBUS_URL	:= http://dbus.freedesktop.org/releases/dbus/$(DBUS).$(DBUS_SUFFIX)
-- 
2.14.2


_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de