[Buildroot] [git commit branch/2020.02.x] package/memcached: security bump to version 1.5.22
Peter Korsgaard
peter at korsgaard.com
Sun Oct 4 18:42:13 UTC 2020
commit: https://git.buildroot.net/buildroot/commit/?id=422fe3eb8249e887a2dde23302f74e1e7b9e4595
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2020.02.x
- Fix a security issue: When enabling SASL authentication for binary
protocol, enabling UDP mode would allow bypassing SASL. Now refuses
to start with both UDP and SASL enabled. Text mode authentication was
not vulnerable.
- Drop patches (already in version) and so autoreconf
- Update indentation in hash file (two spaces)
https://github.com/memcached/memcached/wiki/ReleaseNotes1522
Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
...01-configure-Fix-cross-compilation-errors.patch | 142 ---------------------
...002-configure-Simplify-pointer-size-check.patch | 76 -----------
package/memcached/memcached.hash | 8 +-
package/memcached/memcached.mk | 5 +-
4 files changed, 5 insertions(+), 226 deletions(-)
diff --git a/package/memcached/0001-configure-Fix-cross-compilation-errors.patch b/package/memcached/0001-configure-Fix-cross-compilation-errors.patch
deleted file mode 100644
index 5c5d948325..0000000000
--- a/package/memcached/0001-configure-Fix-cross-compilation-errors.patch
+++ /dev/null
@@ -1,142 +0,0 @@
-From 1146bf07624b5820b942b84b68e66f0d3dd25914 Mon Sep 17 00:00:00 2001
-From: Ola Jeppsson <ola.jeppsson at gmail.com>
-Date: Mon, 7 Oct 2019 18:07:30 -0400
-Subject: [PATCH] configure: Fix cross-compilation errors
-
-AC_RUN_IFELSE does not work when cross-compiling so we need to provide
-fallback methods for those cases.
-
-I tried to use constructs that work with Autoconf 2.52.
-Alas, I wasn't able to generate a working build system with that version.
-
-Autoconf 2.58 / Automake 1.7.9 is the earliest combo that I could get
-to work (with and without this patch).
-Perhaps it's time for a slight bump for the required version numbers?
-
-Cross-compiles sucessfully against:
-riscv64-unknown-linux-gnu
-
-Downloaded from upstream PR:
-https://github.com/memcached/memcached/pull/552
-
-Signed-off-by: Bernd Kuhls <bernd.kuhls at t-online.de>
----
- configure.ac | 80 +++++++++++++++++++++++++++-------------------------
- 1 file changed, 41 insertions(+), 39 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index fb78fc5..27dc939 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -264,23 +264,42 @@ return sizeof(void*) == 8 ? 0 : 1;
- ],[
- CFLAGS="-m64 $org_cflags"
- ],[
-- AC_MSG_ERROR([Don't know how to build a 64-bit object.])
-+ AC_MSG_ERROR([Don't know how to build a 64-bit object.])
-+ ],[
-+ dnl cross compile
-+ AC_MSG_WARN([Assuming no extra CFLAGS are required for cross-compiling 64bit version.])
- ])
- fi
-
- dnl If data pointer is 64bit or not.
--AC_RUN_IFELSE(
-- [AC_LANG_PROGRAM([], [dnl
--return sizeof(void*) == 8 ? 0 : 1;
-- ])
--],[
-- have_64bit_ptr=yes
--],[
-+AC_CHECK_HEADERS([stdint.h])
-+AS_IF([test -z "$have_64bit_ptr"],
-+ [AC_RUN_IFELSE(
-+ [AC_LANG_PROGRAM([], [return sizeof(void*) == 8 ? 0 : 1;])],
-+ [have_64bit_ptr=yes ],
-+ [have_64bit_ptr=no],
-+ [dnl cross compile (this test requires C99)
-+ AS_IF([test "x$ac_cv_header_stdint_h" = xyes],
-+ [AC_COMPILE_IFELSE(
-+ [AC_LANG_PROGRAM([
-+ #include <stdint.h>
-+ #if UINTPTR_MAX == 0xFFFFFFFFFFFFFFFFUL
-+ /* 64 bit pointer */
-+ #else
-+ #error 32 bit pointer
-+ #endif
-+ ], [])],
-+ [have_64bit_ptr=yes],
-+ [have_64bit_ptr=no])],
-+ [have_64bit_ptr=unknown])
-+ ])
- ])
--
--if test $have_64bit_ptr = yes; then
-+AS_IF([test "$have_64bit_ptr" = "unknown" ],[
-+ AC_MSG_ERROR([Cannot detect pointer size. Must pass have_64bit_ptr={yes,no} to configure.])
-+])
-+AS_IF([test "$have_64bit_ptr" = yes],[
- AC_DEFINE(HAVE_64BIT_PTR, 1, [data pointer is 64bit])
--fi
-+])
-
- # Issue 213: Search for clock_gettime to help people linking
- # with a static version of libevent
-@@ -570,30 +589,10 @@ fi
- AC_C_SOCKLEN_T
-
- dnl Check if we're a little-endian or a big-endian system, needed by hash code
--AC_DEFUN([AC_C_ENDIAN],
--[AC_CACHE_CHECK(for endianness, ac_cv_c_endian,
--[
-- AC_RUN_IFELSE(
-- [AC_LANG_PROGRAM([], [dnl
-- long val = 1;
-- char *c = (char *) &val;
-- exit(*c == 1);
-- ])
-- ],[
-- ac_cv_c_endian=big
-- ],[
-- ac_cv_c_endian=little
-- ])
--])
--if test $ac_cv_c_endian = big; then
-- AC_DEFINE(ENDIAN_BIG, 1, [machine is bigendian])
--fi
--if test $ac_cv_c_endian = little; then
-- AC_DEFINE(ENDIAN_LITTLE, 1, [machine is littleendian])
--fi
--])
--
--AC_C_ENDIAN
-+AC_C_BIGENDIAN(
-+ [AC_DEFINE(ENDIAN_BIG, 1, [machine is bigendian])],
-+ [AC_DEFINE(ENDIAN_LITTLE, 1, [machine is littleendian])],
-+ [AC_MSG_ERROR([Cannot detect endianness. Must pass ac_cv_c_bigendian={yes,no} to configure.])])
-
- AC_DEFUN([AC_C_HTONLL],
- [
-@@ -670,12 +669,15 @@ AC_DEFUN([AC_C_ALIGNMENT],
- ],[
- ac_cv_c_alignment=need
- ],[
-- ac_cv_c_alignment=need
-+ dnl cross compile
-+ ac_cv_c_alignment=maybe
- ])
- ])
--if test $ac_cv_c_alignment = need; then
-- AC_DEFINE(NEED_ALIGN, 1, [Machine need alignment])
--fi
-+AS_IF([test $ac_cv_c_alignment = need],
-+ [AC_DEFINE(NEED_ALIGN, 1, [Machine need alignment])])
-+AS_IF([test $ac_cv_c_alignment = maybe],
-+ [AC_MSG_WARN([Assuming aligned access is required when cross-compiling])
-+ AC_DEFINE(NEED_ALIGN, 1, [Machine need alignment])])
- ])
-
- AC_C_ALIGNMENT
---
-2.20.1
-
diff --git a/package/memcached/0002-configure-Simplify-pointer-size-check.patch b/package/memcached/0002-configure-Simplify-pointer-size-check.patch
deleted file mode 100644
index 1a5dc31963..0000000000
--- a/package/memcached/0002-configure-Simplify-pointer-size-check.patch
+++ /dev/null
@@ -1,76 +0,0 @@
-From ec7f3bc97c53578d5ca332b9e86c4d08d155c5a0 Mon Sep 17 00:00:00 2001
-From: Ola Jeppsson <ola.jeppsson at gmail.com>
-Date: Mon, 7 Oct 2019 19:57:46 -0400
-Subject: [PATCH] configure: Simplify pointer size check
-
-Tested with:
-Autoconf 2.59 / Automake 1.7.9
-Autoconf 2.69 / Automake 1.16.1
-
-Downloaded from upstream PR:
-https://github.com/memcached/memcached/pull/552
-
-Signed-off-by: Bernd Kuhls <bernd.kuhls at t-online.de>
----
- configure.ac | 31 ++-----------------------------
- restart.h | 2 +-
- 2 files changed, 3 insertions(+), 30 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index 27dc939..7e5bd5d 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -271,35 +271,8 @@ return sizeof(void*) == 8 ? 0 : 1;
- ])
- fi
-
--dnl If data pointer is 64bit or not.
--AC_CHECK_HEADERS([stdint.h])
--AS_IF([test -z "$have_64bit_ptr"],
-- [AC_RUN_IFELSE(
-- [AC_LANG_PROGRAM([], [return sizeof(void*) == 8 ? 0 : 1;])],
-- [have_64bit_ptr=yes ],
-- [have_64bit_ptr=no],
-- [dnl cross compile (this test requires C99)
-- AS_IF([test "x$ac_cv_header_stdint_h" = xyes],
-- [AC_COMPILE_IFELSE(
-- [AC_LANG_PROGRAM([
-- #include <stdint.h>
-- #if UINTPTR_MAX == 0xFFFFFFFFFFFFFFFFUL
-- /* 64 bit pointer */
-- #else
-- #error 32 bit pointer
-- #endif
-- ], [])],
-- [have_64bit_ptr=yes],
-- [have_64bit_ptr=no])],
-- [have_64bit_ptr=unknown])
-- ])
--])
--AS_IF([test "$have_64bit_ptr" = "unknown" ],[
-- AC_MSG_ERROR([Cannot detect pointer size. Must pass have_64bit_ptr={yes,no} to configure.])
--])
--AS_IF([test "$have_64bit_ptr" = yes],[
-- AC_DEFINE(HAVE_64BIT_PTR, 1, [data pointer is 64bit])
--])
-+dnl Check if data pointer is 64bit or not
-+AC_CHECK_SIZEOF([void *])
-
- # Issue 213: Search for clock_gettime to help people linking
- # with a static version of libevent
-diff --git a/restart.h b/restart.h
-index 76cd0a8..9de5096 100644
---- a/restart.h
-+++ b/restart.h
-@@ -4,7 +4,7 @@
- #define RESTART_TAG_MAXLEN 255
-
- // Track the pointer size for restart fiddling.
--#ifdef HAVE_64BIT_PTR
-+#if SIZEOF_VOID_P == 8
- typedef uint64_t mc_ptr_t;
- #else
- typedef uint32_t mc_ptr_t;
---
-2.20.1
-
diff --git a/package/memcached/memcached.hash b/package/memcached/memcached.hash
index 98e47d6c07..e599cd2fa2 100644
--- a/package/memcached/memcached.hash
+++ b/package/memcached/memcached.hash
@@ -1,6 +1,6 @@
-# From http://www.memcached.org/files/memcached-1.5.19.tar.gz.sha1
-sha1 14e6a02e743838696fcb620edf6a2fd7e60cabec memcached-1.5.19.tar.gz
+# From http://www.memcached.org/files/memcached-1.5.22.tar.gz.sha1
+sha1 3fe5d3929130e860efcfde18d4d396a29db006b7 memcached-1.5.22.tar.gz
# Locally computed
-sha256 3ddcdaa2d14d215f3111a7448b79c889c57618a26e97ad989581f1880a5a4be0 memcached-1.5.19.tar.gz
-sha256 bc887c4ad8051fe690ace9528fe37a2e0bb362e6d963331d82e845ca9b585a0c COPYING
+sha256 c2b47e9d20575a2367087c229636ffc3fb699a6c3a7f3a22f44402f25f5f1f93 memcached-1.5.22.tar.gz
+sha256 bc887c4ad8051fe690ace9528fe37a2e0bb362e6d963331d82e845ca9b585a0c COPYING
diff --git a/package/memcached/memcached.mk b/package/memcached/memcached.mk
index 9b362d2a36..8a980677ce 100644
--- a/package/memcached/memcached.mk
+++ b/package/memcached/memcached.mk
@@ -4,16 +4,13 @@
#
################################################################################
-MEMCACHED_VERSION = 1.5.19
+MEMCACHED_VERSION = 1.5.22
MEMCACHED_SITE = http://www.memcached.org/files
MEMCACHED_DEPENDENCIES = libevent
MEMCACHED_CONF_ENV = ac_cv_prog_cc_c99='-std=gnu99'
MEMCACHED_CONF_OPTS = --disable-coverage
MEMCACHED_LICENSE = BSD-3-Clause
MEMCACHED_LICENSE_FILES = COPYING
-# 0001-configure-Fix-cross-compilation-errors.patch
-# 0002-configure-Simplify-pointer-size-check.patch
-MEMCACHED_AUTORECONF = YES
ifeq ($(BR2_ENDIAN),"BIG")
MEMCACHED_CONF_ENV += ac_cv_c_endian=big
More information about the buildroot
mailing list