Skip to content

libhtp: Update version from 0.5.30-1 to 0.5.30-1+deb10u1 #183

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
stobe-ctj wants to merge 1 commit into
base: deb10.13-2
Choose a base branch
from
Open

libhtp: Update version from 0.5.30-1 to 0.5.30-1+deb10u1 #183

stobe-ctj wants to merge 1 commit into from
+8 −10

Conversation

@stobe-ctj
Copy link

@stobe-ctj stobe-ctj commented Dec 15, 2025
edited
Loading

Purpose of pull request

This version fixes following CVEs.

  • CVE-2024-23837
  • CVE-2024-45797

ELA: ELA-1588-1

This version contains patches so removed DEBIAN_QUILT_PATCHES line.

Testing

  • Package build
  • Functional checks

Package build

Add the following to local.conf.

MACHINE = "qemuarm64"
DISTRO = "deby"
IMAGE_INSTALL_append = " libhtp"
IMAGE_INSTALL_append = " openssh"
EXTRA_IMAGE_FEATURES_append = " tools-sdk"
IMAGE_ROOTFS_EXTRA_SPACE = "10485760"

Functional checks

Build and Start the image on BUILD_PC.

BUILD_PC$ bitbake core-image-minimal
BUILD_PC$ runqemu nographic qemuarm64

Open another terminal and connect to BUILD_PC.
Then transfer the source tree from BUILD_PC to QEMU.

BUILD_PC$ scp -P 2222 -r ~/build/tmp/work/aarch64-deby-linux/libhtp/0.5.30-r0/libhtp-0.5.30/ root@localhost:~/

Create a Makefile to run the tests.

QEMU# cd libhtp-0.5.30/
QEMU# ./autogen.sh
QEMU# ./configure
QEMU# make install

Change the test target link (the dependency of the executable ./libhtp-0.5.30/test/test_all) to the installed file (/usr/local/lib/libhtp.so.2.0.0).

QEMU# rm -f /usr/local/lib/libhtp.so.2.0.0
QEMU# ln -s /usr/lib/libhtp.so.2.0.0 /usr/local/lib/libhtp.so.2.0.0

Run libhtp test.

QEMU# make check

Check that the test target links include the installed file (/usr/local/lib/libhtp.so.2.0.0).

QEMU# ldd ./test/.libs/test_all
QEMU# ls -la /usr/local/lib/libhtp.so*

Test result

Package build

The package was successfully built.

deby@7413c3f8851a:~/build$ bitbake libhtp
Parsing recipes: 100% |########################################################################################| Time: 0:00:03
Parsing of 1043 .bb files complete (0 cached, 1043 parsed). 1825 targets, 75 skipped, 0 masked, 0 errors.
NOTE: Resolving any missing task queue dependencies

Build Configuration:
BB_VERSION           = "1.42.0"
BUILD_SYS            = "x86_64-linux"
NATIVELSBSTRING      = "debian-10"
TARGET_SYS           = "aarch64-deby-linux"
MACHINE              = "qemuarm64"
DISTRO               = "deby"
DISTRO_VERSION       = "10.0"
TUNE_FEATURES        = "aarch64 armv8a crc"
TARGET_FPU           = ""
meta                 
meta-poky            = "warrior:d4b57c68b22027c2bedff335dee06af963e4f8a8"
meta-debian          = "update-libhtp_0.5.30-1+deb10u1:d0ab0afc5f44233dd837ccdcafe06833b7e81745"

Initialising tasks: 100% |#####################################################################################| Time: 0:00:00
Sstate summary: Wanted 91 Found 0 Missed 91 Current 0 (0% match, 0% complete)
NOTE: Executing SetScene Tasks
NOTE: Executing RunQueue Tasks
NOTE: Tasks Summary: Attempted 631 tasks of which 0 didn't need to be rerun and all succeeded.

Functional checks

There was no difference in test results before and after the update.

QEMU# make check

... snip ...

============================================================================
Testsuite summary for LibHTP 0.5.30
============================================================================
# TOTAL: 1
# PASS:  1
# SKIP:  0
# XFAIL: 0
# FAIL:  0
# XPASS: 0
# ERROR: 0
============================================================================
make[3]: Leaving directory '/root/libhtp-0.5.30/test'
make[2]: Leaving directory '/root/libhtp-0.5.30/test'
make[1]: Leaving directory '/root/libhtp-0.5.30/test'
Making check in docs
make[1]: Entering directory '/root/libhtp-0.5.30/docs'
make[1]: Nothing to be done for 'check'.
make[1]: Leaving directory '/root/libhtp-0.5.30/docs'
make[1]: Entering directory '/root/libhtp-0.5.30'
make[1]: Leaving directory '/root/libhtp-0.5.30'

The test target links were confirmed to include installed files (/usr/local/lib/libhtp.so.2.0.0).

QEMU# ldd ./test/.libs/test_all
	linux-vdso.so.1 (0x0000ffff91d2c000)
	libpthread.so.0 => /lib/libpthread.so.0 (0x0000ffff91b87000)
	libhtp.so.2 => /usr/local/lib/libhtp.so.2 (0x0000ffff91b56000)
	libz.so.1 => /lib/libz.so.1 (0x0000ffff91b2f000)
	libstdc++.so.6 => /usr/lib/libstdc++.so.6 (0x0000ffff919a4000)
	libm.so.6 => /lib/libm.so.6 (0x0000ffff918e7000)
	libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x0000ffff918c2000)
	libc.so.6 => /lib/libc.so.6 (0x0000ffff91757000)
	/lib/ld-linux-aarch64.so.1 (0x0000ffff91cfe000)
QEMU# ls -la /usr/local/lib/libhtp.so* 
lrwxrwxrwx 1 root root 15 Jan  5 07:22 /usr/local/lib/libhtp.so -> libhtp.so.2.0.0
lrwxrwxrwx 1 root root 15 Jan  5 07:22 /usr/local/lib/libhtp.so.2 -> libhtp.so.2.0.0
lrwxrwxrwx 1 root root 24 Jan  5 07:25 /usr/local/lib/libhtp.so.2.0.0 -> /usr/lib/libhtp.so.2.0.0

@stobe-ctj
libhtp: Update version from 0.5.30-1 to 0.5.30-1+deb10u1
d0ab0af 
This version fixes following CVEs.
- CVE-2024-23837
- CVE-2024-45797

ELA: ELA-1588-1

This version contains patches so removed DEBIAN_QUILT_PATCHES line.
@teradat teradat marked this pull request as draft December 16, 2025 02:29
@stobe-ctj stobe-ctj marked this pull request as ready for review January 5, 2026 08:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@stobe-ctj