From fdbec64d99592d679fd38d0b79f72d876bb6523f Mon Sep 17 00:00:00 2001 From: Peter Marko Date: Fri, 20 Dec 2024 16:36:22 +0100 Subject: memcached: upgrade 1.6.17 -> 1.6.33 Solves CVE-2023-46852 and CVE-2023-46853. Upgrade done via "devtool upgrade". Signed-off-by: Peter Marko Signed-off-by: Khem Raj --- .../memcached/0001-Fix-function-protypes.patch | 110 --------------------- .../memcached/memcached-add-hugetlbfs-check.patch | 13 ++- .../recipes-support/memcached/memcached_1.6.17.bb | 59 ----------- .../recipes-support/memcached/memcached_1.6.33.bb | 58 +++++++++++ 4 files changed, 67 insertions(+), 173 deletions(-) delete mode 100644 meta-networking/recipes-support/memcached/memcached/0001-Fix-function-protypes.patch delete mode 100644 meta-networking/recipes-support/memcached/memcached_1.6.17.bb create mode 100644 meta-networking/recipes-support/memcached/memcached_1.6.33.bb (limited to 'meta-networking/recipes-support') diff --git a/meta-networking/recipes-support/memcached/memcached/0001-Fix-function-protypes.patch b/meta-networking/recipes-support/memcached/memcached/0001-Fix-function-protypes.patch deleted file mode 100644 index 15ef54f80e..0000000000 --- a/meta-networking/recipes-support/memcached/memcached/0001-Fix-function-protypes.patch +++ /dev/null @@ -1,110 +0,0 @@ -From 6021d3d60e64d9174f41515d2d962df9b5d7645e Mon Sep 17 00:00:00 2001 -From: Khem Raj -Date: Mon, 29 Aug 2022 17:15:28 -0700 -Subject: [PATCH] Fix function protypes - -clang-15+ has started diagnosing them as errors - -thread.c:925:18: error: a function declaration without a prototype is deprecated in all versions of C [-Werror,-Wstrict-prototypes] -| void STATS_UNLOCK() { -| ^ -| void - -Upstream-Status: Submitted [https://github.com/memcached/memcached/pull/928] -Signed-off-by: Khem Raj ---- - assoc.c | 4 ++-- - memcached.c | 4 ++-- - slabs.c | 2 +- - testapp.c | 2 +- - thread.c | 4 ++-- - 5 files changed, 8 insertions(+), 8 deletions(-) - -diff --git a/assoc.c b/assoc.c -index bc68695..01063a9 100644 ---- a/assoc.c -+++ b/assoc.c -@@ -261,7 +261,7 @@ static void *assoc_maintenance_thread(void *arg) { - - static pthread_t maintenance_tid; - --int start_assoc_maintenance_thread() { -+int start_assoc_maintenance_thread(void) { - int ret; - char *env = getenv("MEMCACHED_HASH_BULK_MOVE"); - if (env != NULL) { -@@ -279,7 +279,7 @@ int start_assoc_maintenance_thread() { - return 0; - } - --void stop_assoc_maintenance_thread() { -+void stop_assoc_maintenance_thread(void) { - mutex_lock(&maintenance_lock); - do_run_maintenance_thread = 0; - pthread_cond_signal(&maintenance_cond); -diff --git a/memcached.c b/memcached.c -index 7871fe8..4d3b54a 100644 ---- a/memcached.c -+++ b/memcached.c -@@ -84,7 +84,7 @@ static int try_read_command_udp(conn *c); - static enum try_read_result try_read_network(conn *c); - static enum try_read_result try_read_udp(conn *c); - --static int start_conn_timeout_thread(); -+static int start_conn_timeout_thread(void); - - /* stats */ - static void stats_init(void); -@@ -374,7 +374,7 @@ static void *conn_timeout_thread(void *arg) { - return NULL; - } - --static int start_conn_timeout_thread() { -+static int start_conn_timeout_thread(void) { - int ret; - - if (settings.idle_timeout == 0) -diff --git a/slabs.c b/slabs.c -index 3c78d8a..0dadd35 100644 ---- a/slabs.c -+++ b/slabs.c -@@ -638,7 +638,7 @@ static void *memory_allocate(size_t size) { - } - - /* Must only be used if all pages are item_size_max */ --static void memory_release() { -+static void memory_release(void) { - void *p = NULL; - if (mem_base != NULL) - return; -diff --git a/testapp.c b/testapp.c -index 5face54..387a847 100644 ---- a/testapp.c -+++ b/testapp.c -@@ -80,7 +80,7 @@ static struct conn *con = NULL; - static bool allow_closed_read = false; - static bool enable_ssl = false; - --static void close_conn() { -+static void close_conn(void) { - if (con == NULL) return; - #ifdef TLS - if (con->ssl) { -diff --git a/thread.c b/thread.c -index d5ed052..f5efdc3 100644 ---- a/thread.c -+++ b/thread.c -@@ -918,11 +918,11 @@ enum store_item_type store_item(item *item, int comm, conn* c) { - - /******************************* GLOBAL STATS ******************************/ - --void STATS_LOCK() { -+void STATS_LOCK(void) { - pthread_mutex_lock(&stats_lock); - } - --void STATS_UNLOCK() { -+void STATS_UNLOCK(void) { - pthread_mutex_unlock(&stats_lock); - } - diff --git a/meta-networking/recipes-support/memcached/memcached/memcached-add-hugetlbfs-check.patch b/meta-networking/recipes-support/memcached/memcached/memcached-add-hugetlbfs-check.patch index 45428ed234..26281e73ef 100644 --- a/meta-networking/recipes-support/memcached/memcached/memcached-add-hugetlbfs-check.patch +++ b/meta-networking/recipes-support/memcached/memcached/memcached-add-hugetlbfs-check.patch @@ -1,4 +1,7 @@ -memcached: add knob to detect whether hugetlbfs are checked +From dfa90817a08f206f7e2dbba44d913968ae7f7d94 Mon Sep 17 00:00:00 2001 +From: Chong Lu +Date: Tue, 19 Aug 2014 17:38:32 +0800 +Subject: [PATCH] memcached: add knob to detect whether hugetlbfs are checked Add knob to detect whether hugetlbfs are checked or not. @@ -6,12 +9,14 @@ Upstream-Status: Pending Signed-off-by: Chong Lu --- - configure.ac | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) + configure.ac | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) +diff --git a/configure.ac b/configure.ac +index 6f2ef97..bd7dd96 100644 --- a/configure.ac +++ b/configure.ac -@@ -488,8 +488,12 @@ if test "x$enable_static" = "xyes"; then +@@ -559,8 +559,12 @@ if test "x$enable_static" = "xyes"; then fi dnl ---------------------------------------------------------------------------- diff --git a/meta-networking/recipes-support/memcached/memcached_1.6.17.bb b/meta-networking/recipes-support/memcached/memcached_1.6.17.bb deleted file mode 100644 index dabe393573..0000000000 --- a/meta-networking/recipes-support/memcached/memcached_1.6.17.bb +++ /dev/null @@ -1,59 +0,0 @@ -SUMMARY = "A high-performance memory object caching system" -DESCRIPTION = "\ - memcached optimizes specific high-load serving applications that are designed \ - to take advantage of its versatile no-locking memory access system. Clients \ - are available in several different programming languages, to suit the needs \ - of the specific application. Traditionally this has been used in mod_perl \ - apps to avoid storing large chunks of data in Apache memory, and to share \ - this burden across several machines." -SECTION = "web" -HOMEPAGE = "http://memcached.org/" -LICENSE = "BSD-3-Clause" - -LIC_FILES_CHKSUM = "file://COPYING;md5=7e5ded7363d335e1bb18013ca08046ff" - -inherit autotools pkgconfig - -DEPENDS += "libevent" -RDEPENDS:${PN} += "perl perl-module-posix perl-module-autoloader \ - perl-module-tie-hash bash \ - " - -SRC_URI = "http://www.memcached.org/files/${BP}.tar.gz \ - file://memcached-add-hugetlbfs-check.patch \ - file://0001-Fix-function-protypes.patch \ - " -SRC_URI[sha256sum] = "2055e373613d8fc21529aff9f0adce3e23b9ce01ba0478d30e7941d9f2bd1224" - -CVE_STATUS[CVE-2022-26635] = "disputed: this is a problem of applications using php-memcached inproperly" - -UPSTREAM_CHECK_URI = "${HOMEPAGE}" - -# set the same COMPATIBLE_HOST as libhugetlbfs -COMPATIBLE_HOST = "(i.86|x86_64|powerpc|powerpc64|aarch64|arm).*-linux*" - -# assoc.c:83:9: error: variable 'depth' set but not used [-Werror,-Wunused-but-set-variable] -CFLAGS:append:toolchain-clang = " -Wno-error=unused-but-set-variable" - -python __anonymous () { - endianness = d.getVar('SITEINFO_ENDIANNESS') - if endianness == 'le': - d.appendVar('EXTRA_OECONF', " ac_cv_c_endian=little") - else: - d.appendVar('EXTRA_OECONF', " ac_cv_c_endian=big") -} - -PACKAGECONFIG ??= "" -PACKAGECONFIG[hugetlbfs] = "--enable-hugetlbfs, --disable-hugetlbfs, libhugetlbfs" - -inherit update-rc.d - -INITSCRIPT_NAME = "memcached" -INITSCRIPT_PARAMS = "defaults" - -do_install:append() { - install -D -m 755 ${S}/scripts/memcached-init ${D}${sysconfdir}/init.d/memcached - mkdir -p ${D}/usr/share/memcached/scripts - install -m 755 ${S}/scripts/memcached-tool ${D}/usr/share/memcached/scripts - install -m 755 ${S}/scripts/start-memcached ${D}/usr/share/memcached/scripts -} diff --git a/meta-networking/recipes-support/memcached/memcached_1.6.33.bb b/meta-networking/recipes-support/memcached/memcached_1.6.33.bb new file mode 100644 index 0000000000..346754c6ad --- /dev/null +++ b/meta-networking/recipes-support/memcached/memcached_1.6.33.bb @@ -0,0 +1,58 @@ +SUMMARY = "A high-performance memory object caching system" +DESCRIPTION = "\ + memcached optimizes specific high-load serving applications that are designed \ + to take advantage of its versatile no-locking memory access system. Clients \ + are available in several different programming languages, to suit the needs \ + of the specific application. Traditionally this has been used in mod_perl \ + apps to avoid storing large chunks of data in Apache memory, and to share \ + this burden across several machines." +SECTION = "web" +HOMEPAGE = "http://memcached.org/" +LICENSE = "BSD-3-Clause" + +LIC_FILES_CHKSUM = "file://COPYING;md5=7e5ded7363d335e1bb18013ca08046ff" + +inherit autotools pkgconfig + +DEPENDS += "libevent" +RDEPENDS:${PN} += "perl perl-module-posix perl-module-autoloader \ + perl-module-tie-hash bash \ + " + +SRC_URI = "http://www.memcached.org/files/${BP}.tar.gz \ + file://memcached-add-hugetlbfs-check.patch \ + " +SRC_URI[sha256sum] = "707f74c4c6876b61532b998ca8f118b0b82a0d96365d7a1d70ebfc40dfe83dad" + +CVE_STATUS[CVE-2022-26635] = "disputed: this is a problem of applications using php-memcached inproperly" + +UPSTREAM_CHECK_URI = "${HOMEPAGE}" + +# set the same COMPATIBLE_HOST as libhugetlbfs +COMPATIBLE_HOST = "(i.86|x86_64|powerpc|powerpc64|aarch64|arm).*-linux*" + +# assoc.c:83:9: error: variable 'depth' set but not used [-Werror,-Wunused-but-set-variable] +CFLAGS:append:toolchain-clang = " -Wno-error=unused-but-set-variable" + +python __anonymous () { + endianness = d.getVar('SITEINFO_ENDIANNESS') + if endianness == 'le': + d.appendVar('EXTRA_OECONF', " ac_cv_c_endian=little") + else: + d.appendVar('EXTRA_OECONF', " ac_cv_c_endian=big") +} + +PACKAGECONFIG ??= "" +PACKAGECONFIG[hugetlbfs] = "--enable-hugetlbfs, --disable-hugetlbfs, libhugetlbfs" + +inherit update-rc.d + +INITSCRIPT_NAME = "memcached" +INITSCRIPT_PARAMS = "defaults" + +do_install:append() { + install -D -m 755 ${S}/scripts/memcached-init ${D}${sysconfdir}/init.d/memcached + mkdir -p ${D}/usr/share/memcached/scripts + install -m 755 ${S}/scripts/memcached-tool ${D}/usr/share/memcached/scripts + install -m 755 ${S}/scripts/start-memcached ${D}/usr/share/memcached/scripts +} -- cgit v1.2.3-54-g00ecf