[Buildroot] [PATCH v2] dbus: bump to version 1.10.24

Baruch Siach baruch at tkos.co.il
Tue Oct 10 12:04:12 UTC 2017


Drop upstream patch.

Add license hash.

Signed-off-by: Baruch Siach <baruch at tkos.co.il>
---
v2: Fix signature link
---
 ...er-expat-Tell-Expat-not-to-defend-against.patch | 78 ----------------------
 package/dbus/dbus.hash                             |  6 +-
 package/dbus/dbus.mk                               |  5 +-
 3 files changed, 5 insertions(+), 84 deletions(-)
 delete mode 100644 package/dbus/0001-config-loader-expat-Tell-Expat-not-to-defend-against.patch

diff --git a/package/dbus/0001-config-loader-expat-Tell-Expat-not-to-defend-against.patch b/package/dbus/0001-config-loader-expat-Tell-Expat-not-to-defend-against.patch
deleted file mode 100644
index fd9e01dad53b..000000000000
--- a/package/dbus/0001-config-loader-expat-Tell-Expat-not-to-defend-against.patch
+++ /dev/null
@@ -1,78 +0,0 @@
-From 1252dc1d1f465b8ab6b36ff7252e395e66a040cf Mon Sep 17 00:00:00 2001
-From: Simon McVittie <smcv at debian.org>
-Date: Fri, 21 Jul 2017 10:46:39 +0100
-Subject: [PATCH 1/2] config-loader-expat: Tell Expat not to defend against
- hash collisions
-
-By default, Expat uses cryptographic-quality random numbers as a salt for
-its hash algorithm, and since 2.2.1 it gets them from the getrandom
-syscall on Linux. That syscall refuses to return any entropy until the
-kernel's CSPRNG (random pool) has been initialized. Unfortunately, this
-can take as long as 40 seconds on embedded devices with few entropy
-sources, which is too long: if the system dbus-daemon blocks for that
-length of time, important D-Bus clients like systemd and systemd-logind
-time out and fail to connect to it.
-
-We're parsing small configuration files here, and we trust them
-completely, so we don't need to defend against hash collisions: nobody
-is going to be crafting them to cause pathological performance.
-
-Bug: https://bugs.freedesktop.org/show_bug.cgi?id=101858
-Signed-off-by: Simon McVittie <smcv at debian.org>
-Tested-by: Christopher Hewitt <hewitt at ieee.org>
-Reviewed-by: Philip Withnall <withnall at endlessm.com>
-
-Upstream commit 1252dc1d1f465b8ab6b36ff7252e395e66a040cf
-Signed-off-by: Marcus Hoffmann <m.hoffmann at cartelsol.com>
----
- bus/config-loader-expat.c | 14 ++++++++++++++
- configure.ac              |  8 ++++++++
- 2 files changed, 22 insertions(+)
-
-diff --git a/bus/config-loader-expat.c b/bus/config-loader-expat.c
-index b571fda3..27cbe2d0 100644
---- a/bus/config-loader-expat.c
-+++ b/bus/config-loader-expat.c
-@@ -203,6 +203,20 @@ bus_config_load (const DBusString      *file,
-       goto failed;
-     }
- 
-+  /* We do not need protection against hash collisions (CVE-2012-0876)
-+   * because we are only parsing trusted XML; and if we let Expat block
-+   * waiting for the CSPRNG to be initialized, as it does by default to
-+   * defeat CVE-2012-0876, it can cause timeouts during early boot on
-+   * entropy-starved embedded devices.
-+   *
-+   * TODO: When Expat gets a more explicit API for this than
-+   * XML_SetHashSalt, check for that too, and use it preferentially.
-+   * https://github.com/libexpat/libexpat/issues/91 */
-+#if defined(HAVE_XML_SETHASHSALT)
-+  /* Any nonzero number will do. https://xkcd.com/221/ */
-+  XML_SetHashSalt (expat, 4);
-+#endif
-+
-   if (!_dbus_string_get_dirname (file, &dirname))
-     {
-       dbus_set_error (error, DBUS_ERROR_NO_MEMORY, NULL);
-diff --git a/configure.ac b/configure.ac
-index 52da11fb..c4022ed7 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -938,6 +938,14 @@ XML_CFLAGS=
- AC_SUBST([XML_CFLAGS])
- AC_SUBST([XML_LIBS])
- 
-+save_cflags="$CFLAGS"
-+save_libs="$LIBS"
-+CFLAGS="$CFLAGS $XML_CFLAGS"
-+LIBS="$LIBS $XML_LIBS"
-+AC_CHECK_FUNCS([XML_SetHashSalt])
-+CFLAGS="$save_cflags"
-+LIBS="$save_libs"
-+
- # Thread lib detection
- AC_ARG_VAR([THREAD_LIBS])
- save_libs="$LIBS"
--- 
-2.11.0
-
diff --git a/package/dbus/dbus.hash b/package/dbus/dbus.hash
index b0052422c503..b174391c1303 100644
--- a/package/dbus/dbus.hash
+++ b/package/dbus/dbus.hash
@@ -1,3 +1,5 @@
 # Locally calculated after checking pgp signature
-# http://dbus.freedesktop.org/releases/dbus/dbus-1.10.22.tar.gz.asc
-sha256	e2b1401e3eedc7b5c9a2034d31254c886e1fcbc7858006e0a1c59158fe4b7b97  dbus-1.10.22.tar.gz
+# https://dbus.freedesktop.org/releases/dbus/dbus-1.10.24.tar.gz.asc
+sha256	71184eb27638e224579ffa998e88f01d0f1fef17a7811406e53350735eaecd1b  dbus-1.10.24.tar.gz
+# Locally calculated
+sha256	0e46f54efb12d04ab5c33713bacd0e140c9a35b57ae29e03c853203266e8f3a1  COPYING
diff --git a/package/dbus/dbus.mk b/package/dbus/dbus.mk
index a2f81cdbefcb..6fa04962baf7 100644
--- a/package/dbus/dbus.mk
+++ b/package/dbus/dbus.mk
@@ -4,11 +4,8 @@
 #
 ################################################################################
 
-DBUS_VERSION = 1.10.22
+DBUS_VERSION = 1.10.24
 DBUS_SITE = https://dbus.freedesktop.org/releases/dbus
-
-# 0001-config-loader-expat-Tell-Expat-not-to-defend-against.patch
-DBUS_AUTORECONF = YES
 DBUS_LICENSE = AFL-2.1 or GPL-2.0+ (library, tools), GPL-2.0+ (tools)
 DBUS_LICENSE_FILES = COPYING
 DBUS_INSTALL_STAGING = YES
-- 
2.14.2



More information about the buildroot mailing list