From 8400b956819dfb6c9750b7bd9cb60353d20bbb46 Mon Sep 17 00:00:00 2001 From: Krzesimir Nowak Date: Mon, 26 Sep 2022 17:19:48 +0200 Subject: [PATCH 1/4] profiles: Drop accept keywords for sys-devel/crossdev The updated package is stable for both amd64 and arm64. --- .../profiles/coreos/base/package.accept_keywords | 3 --- 1 file changed, 3 deletions(-) diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords index b9b277b21b..5cede6421a 100644 --- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords +++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords @@ -57,6 +57,3 @@ # Required for CVE-2022-27239, CVE-2022-29869 =net-fs/cifs-utils-6.15 ~amd64 ~arm64 - -# Required to fix toolchains build during fsscript in stage 4 of SDK build. -=sys-devel/crossdev-20220709 ~amd64 ~arm64 From 5d556e801f006766a48360d252bc6aa8b249d316 Mon Sep 17 00:00:00 2001 From: Krzesimir Nowak Date: Mon, 26 Sep 2022 17:27:40 +0200 Subject: [PATCH 2/4] profiles: Update keywords and unmask for new version of dev-vcs/git --- .../coreos-overlay/profiles/coreos/base/package.accept_keywords | 2 +- .../coreos-overlay/profiles/coreos/base/package.unmask | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords index 5cede6421a..90020374c7 100644 --- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords +++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords @@ -46,7 +46,7 @@ =sys-fs/cryptsetup-2.4.3-r1 ~amd64 ~arm64 # Required for CVE-2022-29187 -=dev-vcs/git-2.37.1 ~amd64 ~arm64 +=dev-vcs/git-2.37.3 ~amd64 ~arm64 =sys-power/acpid-2.0.33 ~amd64 ~arm64 diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.unmask b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.unmask index 6436d15bbb..4a21035df6 100644 --- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.unmask +++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.unmask @@ -11,4 +11,4 @@ # Overwrite portage-stable mask - we want to use this version of git # for security fixes. -=dev-vcs/git-2.37.1 +=dev-vcs/git-2.37.3 From 8a0db2516bfb01c4f56d0d827f1232c39dade198 Mon Sep 17 00:00:00 2001 From: Krzesimir Nowak Date: Mon, 26 Sep 2022 17:28:09 +0200 Subject: [PATCH 3/4] profiles: Drop accept keywords for net-fs/cifs-utils The updated package is stable for both amd64 and arm64. --- .../profiles/coreos/base/package.accept_keywords | 3 --- 1 file changed, 3 deletions(-) diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords index 90020374c7..b901e5d398 100644 --- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords +++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords @@ -54,6 +54,3 @@ =sys-libs/liburing-2.1-r2 ~amd64 ~arm64 =app-crypt/adcli-0.9.1-r2 ~amd64 ~arm64 - -# Required for CVE-2022-27239, CVE-2022-29869 -=net-fs/cifs-utils-6.15 ~amd64 ~arm64 From d39991c53849a77d38324d85601469ad211be476 Mon Sep 17 00:00:00 2001 From: Krzesimir Nowak Date: Wed, 28 Sep 2022 15:56:20 +0200 Subject: [PATCH 4/4] coreos/config: Drop linking workarounds for net-misc/curl Let's see if those are fixed by now. --- .../coreos-overlay/coreos/config/env/net-misc/curl | 6 ------ 1 file changed, 6 deletions(-) delete mode 100644 sdk_container/src/third_party/coreos-overlay/coreos/config/env/net-misc/curl diff --git a/sdk_container/src/third_party/coreos-overlay/coreos/config/env/net-misc/curl b/sdk_container/src/third_party/coreos-overlay/coreos/config/env/net-misc/curl deleted file mode 100644 index 01295e8c0e..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/coreos/config/env/net-misc/curl +++ /dev/null @@ -1,6 +0,0 @@ -# Since curl now builds static libraries, there are linking failures due to the -# lack of -fPIC when building under src/ . The project is actually configured -# to use -fPIC when the compiler is wrapped by libtool, but that only happens -# under lib/ and not src/ . -CFLAGS="${CFLAGS} -fPIC" -CXXFLAGS="${CXXFLAGS} -fPIC"