From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Sat, 04 Feb 2023 18:55:03 +0100 Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1pOMki-00E05s-Mu for lore@lore.pengutronix.de; Sat, 04 Feb 2023 18:55:03 +0100 Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de) by metis.ext.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1pOMkf-000352-NC; Sat, 04 Feb 2023 18:55:01 +0100 Received: from mail-db3eur04on2070.outbound.protection.outlook.com ([40.107.6.70] helo=EUR04-DB3-obe.outbound.protection.outlook.com) by metis.ext.pengutronix.de with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1pOMkS-00034t-IB for ptxdist@pengutronix.de; Sat, 04 Feb 2023 18:54:49 +0100 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NyXtS7e51cNdHI6sMuej7zy3Ieyt8f6qBYImrV/V6g+IbtZAcMG8OX3NdQhWAPMNkX3kqKRA+claqj2+n6Se1RKE0uYh7G+GsJcKn6U/PlLzVaSmswj1qDY/9DTUKK5g9gG+6FifApCnf6BQX69kjKaHPs7iJb6jqpGzsOHoae621sXB8y07NiOv44Kih56Lu1W8QdiURtmiObVPFzvlRmBOhfqOqziPvqbfD3jqMnAVbBQCCkVuSAeGRsZds6o05rQTf1dsl0fiiTgNbdrKIv5IVtTicY6PbAN6RcblwsUqA63z9NIFClhG2pWJtCh5dDsSn3iFtUtHTTY5b6KcrA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Akg5FldYETEOjKw9aeajyhte6sirzujUsOGnh1ZGyP0=; b=L4d1biqxijfH55GDRNthh8KizITMfiE3FvNiWRV3LOl/+oXjKdCCpFFAy2WVuli8gwkKeR/fwXP2WV97W3IqGzlqjaVGiKNfdzZ+BhAgsoxuMdR4I5xWtG+bIkB7tPUWUst02LdUwxXjnw34zGxunR3HyRz2qkz6BITpCEK00BPkquMnqE1HJcr62Peix0KbArtdPSU0Hd3/i3kTpADq9u+itIx0ydqscFQOHITyEh3bIgXfC0CpuTw2kTkY7PQTwn+6IwlI7AghtOnowvZjFq9Z25WKKVOObEciPEW2P4W4Smd0E+u0cqEaSsmrydFd0YQ5BJonELfEJ8xPZ6hVgA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=t2data.com; dmarc=pass action=none header.from=t2data.com; dkim=pass header.d=t2data.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=t2datacom.onmicrosoft.com; s=selector1-t2datacom-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Akg5FldYETEOjKw9aeajyhte6sirzujUsOGnh1ZGyP0=; b=YuC7/2gGmZw+iAQzoBqtF84uqhqh13WCBUHBf7LtO+bOmgCtV+NgNqNHLHl1LXExOZjlxbt/lJWvhMhIqz4XXAhkLWHlua1n6N7Xof9RbwL+vnleAg0nsA9BAiSFWp28bsdZEiOu9Rz86FwlemeL0E2v6nvT6VkhUk2Ifbm18tM= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=t2data.com; Received: from AS4P251MB0635.EURP251.PROD.OUTLOOK.COM (2603:10a6:20b:4be::7) by AS8P251MB0856.EURP251.PROD.OUTLOOK.COM (2603:10a6:20b:52d::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6064.25; Sat, 4 Feb 2023 17:54:45 +0000 Received: from AS4P251MB0635.EURP251.PROD.OUTLOOK.COM ([fe80::2279:1a93:dfb2:e5cb]) by AS4P251MB0635.EURP251.PROD.OUTLOOK.COM ([fe80::2279:1a93:dfb2:e5cb%6]) with mapi id 15.20.6064.032; Sat, 4 Feb 2023 17:54:45 +0000 From: Christian Melki To: ptxdist@pengutronix.de Date: Sat, 4 Feb 2023 18:54:38 +0100 Message-Id: <20230204175438.3388865-1-christian.melki@t2data.com> X-Mailer: git-send-email 2.34.1 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-ClientProxiedBy: GV3P280CA0059.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:9::12) To AS4P251MB0635.EURP251.PROD.OUTLOOK.COM (2603:10a6:20b:4be::7) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AS4P251MB0635:EE_|AS8P251MB0856:EE_ X-MS-Office365-Filtering-Correlation-Id: 41157504-d0d5-4042-7d47-08db06d8e640 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: R5L01ksnYn5Gc7NFjG6T2vtn41QEtdczTIOWEAxyzHIno4wR/5jbVV4KCjswmf7O2WWZ/G0Iruo+XCLKHlBzbOtXOQE+BpOtKt9YNOldzld91NcVjimBnBnBJxlU5x97+XMYYyFUujOVspr6v/HRqLISTwSDsaf1pL0UP954PSY5I/opAuGSYJefLVeLbH+NhTnupuy+wxu/S1+btAWFgdBHvwRVnKv1fGn/ZTldMmbUNONySVLcUgc5p2FfTc70H8UOLQn24MZF88OrMzMPwR1JOlwbE2ZlTtgvA56cAO/wvPFmN8c3NlkKQx/8X1dSF0GJrqNCiLEJHkFnQFFO1iBa526HH9q7ygOUJPNvw2k2r2BrsCKjM8UD+QLLzccHrn/M6GmhNxGpMPOh6OQZGyL5QtEvMPw5Oo/zH/hbS78EaV3f5BZ0zGU5MxeqjrO/LErFzkIA/PIMGFyiME0vQGi/hc+q5WkeUedd9KWKWrKlR4WtMDM0TBZ1gO+tScpuo0abMwiXyMaA4Kd9VAPtktaTQId6nEfpxnst03yViLKxNbEEIwW1d9UjtLAMVUOYNc583kHhlanm0KwdOnRBQshfTit6z2247L4GGoTSrjl311Ew+gySY6yTosDMmYd6icOh+GYxfZ8v+EsH1FXDne8EZ0ommizyJunVx680h9g0h+Iq83fVSxScxZMugWsBEh1MXmCdfmcSxyUn2ZpABgc+W+XvBZetzunGDsQewCE= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AS4P251MB0635.EURP251.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230025)(376002)(39830400003)(396003)(136003)(346002)(366004)(451199018)(38350700002)(38100700002)(966005)(478600001)(44832011)(6486002)(5660300002)(8936002)(2616005)(52116002)(6666004)(316002)(86362001)(6506007)(83380400001)(66476007)(66946007)(186003)(36756003)(6512007)(6916009)(8676002)(26005)(41300700001)(1076003)(2906002)(66556008); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?Bwa8JG9ZdHuAR47ccmkqiFVLiZ5rm/jFBFcVF4FmgOtcc64kpNHUFcaEHHR1?= =?us-ascii?Q?UrIavfIaJn5V+2jBUdQpjsYD2wr2PGU9n6PeQdIu31h1SKRSfqeGKPVWbpE5?= =?us-ascii?Q?BFn0H6UKJz4DuwA5nvTXsQ9gnDK2tgiO5Rhi3tXpst/FOV9trsJ/qfHBqqZ0?= =?us-ascii?Q?yLn/NdpN59O74AfMXPl0vn+lccXFgbwKuByO9Y0pLz9kaLSgPYF/8Yraty5I?= =?us-ascii?Q?xBu0vo2GblBO+zyTS9pBzHH/AOJmpdOV5KXiSdZClgvmtzTL9sqFqr5dBGKK?= =?us-ascii?Q?amYeCj9fBTmDMTuXWk5/BvrkFWQZncy/gMgTXd5PSOzuNsO+f7KqgjzZT9NJ?= =?us-ascii?Q?B8GSqBmMItId1AX99SzOD3ZM0e+qdsRJ/XT70LNW6EJinmyACmJxiKgtHyUw?= =?us-ascii?Q?Q8LxTmRuL5Zo6YEKOAanCz97yz009foTCJr6YroO3nTqAyUxK04DTNiUEGfV?= =?us-ascii?Q?K1cz6re18Yo0e/KlannoZcqygJ44nTVrac7WFJYdX5ZQgmWs4dIsVR16Qfo+?= =?us-ascii?Q?qM+iahvKFzsp3ZF6T+VnysuSZI4mOp9i8DAkMuaxOb6junopGiBU1ZYJmeYh?= =?us-ascii?Q?Xiaxh8nfsUYAmTEHiRiZEfE8f/P3b6XnDWrp8YtxwtRT2xC0Dq0Aqv3X55uG?= =?us-ascii?Q?xhbjgdAaxd2TyxWaf/njzXIU0Zx6vwcC3I9w8Kezkts6mgJPUSRhL9NHvD8d?= =?us-ascii?Q?4IQ6ZQYhqNhTLF6HtPuvAn9I1NrV6j3N/NixNXZq0NUnFemtKwetJtfsJ/KK?= =?us-ascii?Q?KPtrwoJECStvhOBxaSw+bhx9bFTe8L4Er2c4OGExvYaCft+SvFjZ0fOCzNnc?= =?us-ascii?Q?G6l4Vdiuh9Kfl7LQ+lWAOmD2iCJ13+SC1L5bzgPyE2HKTIMwZaBbdPW/Dqqn?= =?us-ascii?Q?8IO5AD7VljV7lBiYfgmQKz3oARhXXtRnD5uWnf7CqXmttBRS01wRDOR/DtXy?= =?us-ascii?Q?z1pIapNXN1jk2yhSCPbEUwRvYo7+mQ4pc4/XEtvZZWX/SVUQB8uoEFM1BVrn?= =?us-ascii?Q?fINWzVd8Vy5X4PEFXOlkRrLqoXE4iWA3snKkBvTVSYuOH2WNlqpuXGeV77nM?= =?us-ascii?Q?UgdqGgIVx7RVu57q0K11QuntMC9o9H4wSzrIsRigMK1GO+FsSJWU9hi9dzab?= =?us-ascii?Q?ePBlrKyghLHf/Q071x/YOy4xGJJi/ys7g38nlezJaEJjVRFR2ntsJ9eI6DN+?= =?us-ascii?Q?rPhZvsHqoEoov7+L6FiFhbMsradPQG5u0fy1E3M1pkbeuKb19AjW7mBiVJ6i?= =?us-ascii?Q?wQNSaLHxo/SSbDXWhQHEnsT8RYZHN1by3Ydq/J9Y+WXO1JXSLsoblyqTMqBL?= =?us-ascii?Q?iuc0IPeNWqU5+enrXcmvgYw9adHtFJgm9gF92sqfI+7JBjHUy4bwlZ9FVdKH?= =?us-ascii?Q?OvXg7DBoNu1MHQU1vPwF8sPlhGRN3afBmVZ8tx8gMYW7SORaf1v+knyxeyEJ?= =?us-ascii?Q?qZLYzF08vNigRqVFqWkvrWB2vYnbTlsqKythGTfn9jr+C0xcjOAsSidK40zy?= =?us-ascii?Q?2aUm+ePaYqbPl194lINF0auMbRKNBHAGoSfS5qK908wFTpGYYlqdWyqKNKyt?= =?us-ascii?Q?tsF+X4N1USR5E0MlzKRYXs12yfyNXyejQWozp0bC2wOZkcKAqPEkaQVT3KRa?= =?us-ascii?Q?ig=3D=3D?= X-OriginatorOrg: t2data.com X-MS-Exchange-CrossTenant-Network-Message-Id: 41157504-d0d5-4042-7d47-08db06d8e640 X-MS-Exchange-CrossTenant-AuthSource: AS4P251MB0635.EURP251.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Feb 2023 17:54:45.1870 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 27928da5-aacd-4ba1-9566-c748a6863e6c X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: AKvfFW2rSKwRHRImtukrPkgGt5v/wwLFutYQxyGDtIasuZaS/wmQzps1zX42YJD9R4YiBc+vSk3OJDa+kkX2H+czFaU963Jb0jHB8IxkZBE= X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8P251MB0856 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on metis.ext.pengutronix.de X-Spam-Level: X-Spam-Status: No, score=-2.0 required=4.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_PASS, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.2 Subject: [ptxdist] [PATCH] e2fsprogs: Version bump. 1.46.5 -> 1.46.6 X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false Minor fixes, speedups etc. https://e2fsprogs.sourceforge.net/e2fsprogs-release.html#1.46.6 * Remove patches. CVE-2022-1304 is fixed in release. * Add missing largefile option. * Explicitly disable new option. Signed-off-by: Christian Melki --- ...-sanity-check-to-extent-manipulation.patch | 51 ------------------- patches/e2fsprogs-1.46.5/series | 4 -- rules/e2fsprogs.make | 6 ++- 3 files changed, 4 insertions(+), 57 deletions(-) delete mode 100644 patches/e2fsprogs-1.46.5/0001-libext2fs-add-sanity-check-to-extent-manipulation.patch delete mode 100644 patches/e2fsprogs-1.46.5/series diff --git a/patches/e2fsprogs-1.46.5/0001-libext2fs-add-sanity-check-to-extent-manipulation.patch b/patches/e2fsprogs-1.46.5/0001-libext2fs-add-sanity-check-to-extent-manipulation.patch deleted file mode 100644 index 979dbb236..000000000 --- a/patches/e2fsprogs-1.46.5/0001-libext2fs-add-sanity-check-to-extent-manipulation.patch +++ /dev/null @@ -1,51 +0,0 @@ -From: Lukas Czerner -Date: Thu, 21 Apr 2022 19:31:48 +0200 -Subject: [PATCH] libext2fs: add sanity check to extent manipulation - -It is possible to have a corrupted extent tree in such a way that a leaf -node contains zero extents in it. Currently if that happens and we try -to traverse the tree we can end up accessing wrong data, or possibly -even uninitialized memory. Make sure we don't do that. - -Additionally make sure that we have a sane number of bytes passed to -memmove() in ext2fs_extent_delete(). - -Note that e2fsck is currently unable to spot and fix such corruption in -pass1. - -Signed-off-by: Lukas Czerner -Reported-by: Nils Bars -Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=2068113 -Addresses: CVE-2022-1304 -Addresses-Debian-Bug: #1010263 -Signed-off-by: Theodore Ts'o ---- - lib/ext2fs/extent.c | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/lib/ext2fs/extent.c b/lib/ext2fs/extent.c -index b324c7b0f8c8..1a206a16c13f 100644 ---- a/lib/ext2fs/extent.c -+++ b/lib/ext2fs/extent.c -@@ -495,6 +495,10 @@ retry: - ext2fs_le16_to_cpu(eh->eh_entries); - newpath->max_entries = ext2fs_le16_to_cpu(eh->eh_max); - -+ /* Make sure there is at least one extent present */ -+ if (newpath->left <= 0) -+ return EXT2_ET_EXTENT_NO_DOWN; -+ - if (path->left > 0) { - ix++; - newpath->end_blk = ext2fs_le32_to_cpu(ix->ei_block); -@@ -1630,6 +1634,10 @@ errcode_t ext2fs_extent_delete(ext2_extent_handle_t handle, int flags) - - cp = path->curr; - -+ /* Sanity check before memmove() */ -+ if (path->left < 0) -+ return EXT2_ET_EXTENT_LEAF_BAD; -+ - if (path->left) { - memmove(cp, cp + sizeof(struct ext3_extent_idx), - path->left * sizeof(struct ext3_extent_idx)); diff --git a/patches/e2fsprogs-1.46.5/series b/patches/e2fsprogs-1.46.5/series deleted file mode 100644 index d4319d8ac..000000000 --- a/patches/e2fsprogs-1.46.5/series +++ /dev/null @@ -1,4 +0,0 @@ -# generated by git-ptx-patches -#tag:base --start-number 1 -0001-libext2fs-add-sanity-check-to-extent-manipulation.patch -# 77d6a61d2930f9f66b3b54043619c609 - git-ptx-patches magic diff --git a/rules/e2fsprogs.make b/rules/e2fsprogs.make index 19e5e7ba4..12e632423 100644 --- a/rules/e2fsprogs.make +++ b/rules/e2fsprogs.make @@ -15,8 +15,8 @@ PACKAGES-$(PTXCONF_E2FSPROGS) += e2fsprogs # # Paths and names # -E2FSPROGS_VERSION := 1.46.5 -E2FSPROGS_MD5 := 3da91854c960ad8a819b48b2a404eb43 +E2FSPROGS_VERSION := 1.46.6 +E2FSPROGS_MD5 := ffcc9cbcc9fac7efe3e52d41e36099f3 E2FSPROGS := e2fsprogs-$(E2FSPROGS_VERSION) E2FSPROGS_SUFFIX := tar.gz E2FSPROGS_URL := $(call ptx/mirror, SF, e2fsprogs/e2fsprogs/v$(E2FSPROGS_VERSION)/$(E2FSPROGS).$(E2FSPROGS_SUFFIX)) @@ -37,6 +37,7 @@ E2FSPROGS_LICENSE_FILES := \ E2FSPROGS_CONF_TOOL := autoconf E2FSPROGS_CONF_OPT := \ $(CROSS_AUTOCONF_USR) \ + $(GLOBAL_LARGE_FILE_OPTION) \ --disable-symlink-install \ --disable-relative-symlinks \ --disable-symlink-build \ @@ -73,6 +74,7 @@ E2FSPROGS_CONF_OPT := \ --disable-ubsan \ --disable-addrsan \ --disable-threadsan \ + --disable-fuzzing \ --with-pthread E2FSPROGS_MAKE_OPT := $(if $(filter 1,$(strip $(PTXDIST_VERBOSE))),V=1) -- 2.34.1