From 440aa7dcf467fb925e05806d3d4b48eb384c6033 Mon Sep 17 00:00:00 2001 From: Daniel Thau Date: Fri, 29 Mar 2024 17:01:36 -0400 Subject: [PATCH] Bump version to 0.7.30beta2 --- Makefile | 16 ++++++++-------- ReleaseNotes.md | 6 ++++++ releases | 30 +++++++++++++++--------------- 3 files changed, 29 insertions(+), 23 deletions(-) diff --git a/Makefile b/Makefile index 325bcf5e..93eacc35 100644 --- a/Makefile +++ b/Makefile @@ -131,7 +131,7 @@ # # make check -BEDROCK_VERSION=0.7.30beta1 +BEDROCK_VERSION=0.7.30beta2 CODENAME=Poki ARCHITECTURE=$(shell ./detect_arch.sh | head -n1) FILE_ARCH_NAME=$(shell ./detect_arch.sh | awk 'NR==2') @@ -750,18 +750,18 @@ $(COMPLETED)/zlib: vendor/zlib/.success_retrieving_source $(COMPLETED)/musl touch $(COMPLETED)/zlib zlib: $(COMPLETED)/zlib +# Hard code v5.4.6 until xz CVE is resolved +# https://nvd.nist.gov/vuln/detail/CVE-2024-3094 +# https://www.openwall.com/lists/musl/2022/08/23/5 vendor/xz/.success_retrieving_source: rm -rf vendor/xz/ mkdir -p vendor/xz git clone \ - -b `git ls-remote --tags 'https://git.tukaani.org/xz.git' | \ - awk -F/ '{print $$NF}' | \ - sed -e 's/^v//g' | \ - grep '^[0-9.]*$$' | \ - sort -t . -k1,1n -k2,2n -k3,3n -k4,4n -k5,5n | \ - tail -n1 | \ - sed -e 's/^/v/'` 'https://git.tukaani.org/xz.git' \ + -b v5.4.6 \ + 'https://git.tukaani.org/xz.git' \ vendor/xz + # sanity check branch is expected commit + cd vendor/xz/ && git show | head -n1 | grep -q 'commit 6e8732c5a317a349986a4078718f1d95b67072c5' touch vendor/xz/.success_retrieving_source $(COMPLETED)/xz: vendor/xz/.success_retrieving_source $(COMPLETED)/musl rm -rf $(VENDOR)/xz diff --git a/ReleaseNotes.md b/ReleaseNotes.md index 20d9a5e9..7a48159d 100644 --- a/ReleaseNotes.md +++ b/ReleaseNotes.md @@ -1,3 +1,9 @@ +# 0.7.30beta2 + +- Revert xz version to 5.4.6 + - See https://nvd.nist.gov/vuln/detail/CVE-2024-3094 + - Note beta1 build with 5.6.1 used git, not tarball, and was unaffected. This is an unlikely unnecessary precaution. + # 0.7.30beta1 - Fixed brl-fetch Void diff --git a/releases b/releases index deebe844..36c92903 100644 --- a/releases +++ b/releases @@ -37,21 +37,21 @@ # Current release # ################### -https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta1/bedrock-linux-0.7.30beta1-x86_64.sh -https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta1/bedrock-linux-0.7.30beta1-s390x.sh -https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta1/bedrock-linux-0.7.30beta1-ppc64le.sh -https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta1/bedrock-linux-0.7.30beta1-ppc64.sh -https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta1/bedrock-linux-0.7.30beta1-ppc.sh -https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta1/bedrock-linux-0.7.30beta1-mipsel.sh -https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta1/bedrock-linux-0.7.30beta1-mips64el.sh -https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta1/bedrock-linux-0.7.30beta1-mips.sh -https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta1/bedrock-linux-0.7.30beta1-i686.sh -https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta1/bedrock-linux-0.7.30beta1-i586.sh -https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta1/bedrock-linux-0.7.30beta1-i486.sh -https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta1/bedrock-linux-0.7.30beta1-i386.sh -https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta1/bedrock-linux-0.7.30beta1-armv7l.sh -https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta1/bedrock-linux-0.7.30beta1-armv7hl.sh -https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta1/bedrock-linux-0.7.30beta1-aarch64.sh +https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta2/bedrock-linux-0.7.30beta2-x86_64.sh +https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta2/bedrock-linux-0.7.30beta2-s390x.sh +https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta2/bedrock-linux-0.7.30beta2-ppc64le.sh +https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta2/bedrock-linux-0.7.30beta2-ppc64.sh +https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta2/bedrock-linux-0.7.30beta2-ppc.sh +https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta2/bedrock-linux-0.7.30beta2-mipsel.sh +https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta2/bedrock-linux-0.7.30beta2-mips64el.sh +https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta2/bedrock-linux-0.7.30beta2-mips.sh +https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta2/bedrock-linux-0.7.30beta2-i686.sh +https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta2/bedrock-linux-0.7.30beta2-i586.sh +https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta2/bedrock-linux-0.7.30beta2-i486.sh +https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta2/bedrock-linux-0.7.30beta2-i386.sh +https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta2/bedrock-linux-0.7.30beta2-armv7l.sh +https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta2/bedrock-linux-0.7.30beta2-armv7hl.sh +https://github.com/bedrocklinux/bedrocklinux-userland/releases/download/0.7.30beta2/bedrock-linux-0.7.30beta2-aarch64.sh ################# # Past releases #