[Buildroot] [PATCH 1/2] package/openocd: bump to 0.11.0

Yann E. MORIN yann.morin.1998 at free.fr
Fri May 21 20:57:11 UTC 2021 

Sébastien, All,

On 2021-05-21 10:32 +0200, Sébastien Szymanski spake thusly:
> Remove upstream patches.
> 
> Signed-off-by: Sébastien Szymanski <sebastien.szymanski at armadeus.com>

Applied to next, thanks.

Regards,
Yann E. MORIN.

> ---
>  ...event-some-forms-of-Cross-Protocol-S.patch | 50 -------------------
>  .../0003-bitbang-Fix-FTBFS-with-GCC-10.patch  | 37 --------------
>  package/openocd/openocd.hash                  |  7 ++-
>  package/openocd/openocd.mk                    |  2 +-
>  4 files changed, 4 insertions(+), 92 deletions(-)
>  delete mode 100644 package/openocd/0002-CVE-2018-5704-Prevent-some-forms-of-Cross-Protocol-S.patch
>  delete mode 100644 package/openocd/0003-bitbang-Fix-FTBFS-with-GCC-10.patch
> 
> diff --git a/package/openocd/0002-CVE-2018-5704-Prevent-some-forms-of-Cross-Protocol-S.patch b/package/openocd/0002-CVE-2018-5704-Prevent-some-forms-of-Cross-Protocol-S.patch
> deleted file mode 100644
> index ba19bf5735..0000000000
> --- a/package/openocd/0002-CVE-2018-5704-Prevent-some-forms-of-Cross-Protocol-S.patch
> +++ /dev/null
> @@ -1,50 +0,0 @@
> -From 3a223ca3ebc7ac24d7726a0cd58e5695bc813657 Mon Sep 17 00:00:00 2001
> -From: Andreas Fritiofson <andreas.fritiofson at gmail.com>
> -Date: Sat, 13 Jan 2018 21:00:47 +0100
> -Subject: [PATCH] CVE-2018-5704: Prevent some forms of Cross Protocol Scripting
> - attacks
> -
> -OpenOCD can be targeted by a Cross Protocol Scripting attack from
> -a web browser running malicious code, such as the following PoC:
> -
> -var x = new XMLHttpRequest();
> -x.open("POST", "http://127.0.0.1:4444", true);
> -x.send("exec xcalc\r\n");
> -
> -This mitigation should provide some protection from browser-based
> -attacks and is based on the corresponding fix in Redis:
> -
> -https://github.com/antirez/redis/blob/8075572207b5aebb1385c4f233f5302544439325/src/networking.c#L1758
> -
> -
> -Upstream-status: Under review: http://openocd.zylin.com/#/c/4335/
> -Change-Id: Ia96ebe19b74b5805dc228bf7364c7971a90a4581
> -Signed-off-by: Andreas Fritiofson <andreas.fritiofson at gmail.com>
> -Reported-by: Josef Gajdusek <atx at atx.name>
> -Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
> ----
> - src/server/startup.tcl | 11 +++++++++++
> - 1 file changed, 11 insertions(+)
> -
> -diff --git a/src/server/startup.tcl b/src/server/startup.tcl
> -index 64ace407..dd1b31e4 100644
> ---- a/src/server/startup.tcl
> -+++ b/src/server/startup.tcl
> -@@ -8,3 +8,14 @@ proc ocd_gdb_restart {target_id} {
> - 	# one target
> - 	reset halt
> - }
> -+
> -+proc prevent_cps {} {
> -+	echo "Possible SECURITY ATTACK detected."
> -+	echo "It looks like somebody is sending POST or Host: commands to OpenOCD."
> -+	echo "This is likely due to an attacker attempting to use Cross Protocol Scripting"
> -+	echo "to compromise your OpenOCD instance. Connection aborted."
> -+	exit
> -+}
> -+
> -+proc POST {args} { prevent_cps }
> -+proc Host: {args} { prevent_cps }
> --- 
> -2.11.0
> -
> diff --git a/package/openocd/0003-bitbang-Fix-FTBFS-with-GCC-10.patch b/package/openocd/0003-bitbang-Fix-FTBFS-with-GCC-10.patch
> deleted file mode 100644
> index cf83515247..0000000000
> --- a/package/openocd/0003-bitbang-Fix-FTBFS-with-GCC-10.patch
> +++ /dev/null
> @@ -1,37 +0,0 @@
> -From c60252ac2b636c4d99b766a574b9df0966151696 Mon Sep 17 00:00:00 2001
> -From: Andreas Fritiofson <andreas.fritiofson at gmail.com>
> -Date: Fri, 17 Apr 2020 13:49:28 +0200
> -Subject: [PATCH] bitbang: Fix FTBFS with GCC 10
> -
> -GCC 10 defaults to -fno-common which breaks the sharing of bitbang_swd
> -struct between bitbang drivers due to a missing extern.
> -
> -Change-Id: I2b4122f7939cec91a72284006748f99a23548324
> -Signed-off-by: Andreas Fritiofson <andreas.fritiofson at gmail.com>
> -Reviewed-on: http://openocd.zylin.com/5592
> -Tested-by: jenkins
> -Reviewed-by: Antonio Borneo <borneo.antonio at gmail.com>
> -Reviewed-by: Jonathan McDowell <noodles-openocd at earth.li>
> -
> -Patch taken from upstream: https://github.com/ntfreak/openocd/commit/c60252ac2b636c4d99b766a574b9df0966151696
> -Signed-off-by: Heiko Thiery <heiko.thiery at gmailcom>
> ----
> - src/jtag/drivers/bitbang.h | 2 +-
> - 1 file changed, 1 insertion(+), 1 deletion(-)
> -
> -diff --git a/src/jtag/drivers/bitbang.h b/src/jtag/drivers/bitbang.h
> -index edb779ca..bbbc693d 100644
> ---- a/src/jtag/drivers/bitbang.h
> -+++ b/src/jtag/drivers/bitbang.h
> -@@ -56,7 +56,7 @@ struct bitbang_interface {
> - 	void (*swdio_drive)(bool on);
> - };
> - 
> --const struct swd_driver bitbang_swd;
> -+extern const struct swd_driver bitbang_swd;
> - 
> - extern bool swd_mode;
> - 
> --- 
> -2.20.1
> -
> diff --git a/package/openocd/openocd.hash b/package/openocd/openocd.hash
> index 3fb817b4a2..91eb56d930 100644
> --- a/package/openocd/openocd.hash
> +++ b/package/openocd/openocd.hash
> @@ -1,4 +1,3 @@
> -# From http://sourceforge.net/projects/openocd/files/openocd/0.10.0/
> -sha1 3245d43d60a1a93f8b0f6b1ce20b53e38cab7a4a  openocd-0.10.0.tar.bz2
> -md5 b412bdef0481a3859c6585eb69f6f6ba  openocd-0.10.0.tar.bz2
> -sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  COPYING
> +# From http://sourceforge.net/projects/openocd/files/openocd/0.11.0/
> +sha256  43a3ce734aff1d3706ad87793a9f3a5371cb0e357f0ffd0a151656b06b3d1e7d  openocd-0.11.0.tar.bz2
> +sha256  8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  COPYING
> diff --git a/package/openocd/openocd.mk b/package/openocd/openocd.mk
> index 7887f3a6dc..1460495a88 100644
> --- a/package/openocd/openocd.mk
> +++ b/package/openocd/openocd.mk
> @@ -4,7 +4,7 @@
>  #
>  ################################################################################
>  
> -OPENOCD_VERSION = 0.10.0
> +OPENOCD_VERSION = 0.11.0
>  OPENOCD_SOURCE = openocd-$(OPENOCD_VERSION).tar.bz2
>  OPENOCD_SITE = http://sourceforge.net/projects/openocd/files/openocd/$(OPENOCD_VERSION)
>  OPENOCD_LICENSE = GPL-2.0+
> -- 
> 2.26.3
> 
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'

More information about the buildroot mailing list