Skip to content

Commit

Permalink
[CG-Fix-CVE-2021-44906] Patching on thrift.0.13.0 for package minimist (
Browse files Browse the repository at this point in the history 
sonic-net#10554)

* [CG-Fix-CVE-2021-44906] Patching on thrift.0.13.0 for package minimist

Signed-off-by: richardyu-ms <[email protected]>

* add more information in patch

Signed-off-by: richardyu-ms <[email protected]>
  • Loading branch information
@richardyu-ms
richardyu-ms authored Apr 14, 2022
1 parent 29b6f62 commit 6ccc458
Show file tree
Hide file tree
Showing 2 changed files with 183 additions and 0 deletions.
1 change: 1 addition & 0 deletions src/thrift_0_13_0/Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ $(addprefix $(DEST)/, $(MAIN_TARGET)): $(DEST)/% :

# Disable php perl and few other packages as they need additional packages to be installed
patch -p1 < ../patch/0001-Remove-unneeded-packages.patch
patch -p1 < ../patch/0002-Remove-minimist-packages.patch
DEB_BUILD_OPTIONS=nocheck dpkg-buildpackage -d -rfakeroot -b -us -uc -j$(SONIC_CONFIG_MAKE_JOBS) --admindir $(SONIC_DPKG_ADMINDIR)
popd

Expand Down
182 changes: 182 additions & 0 deletions src/thrift_0_13_0/patch/0002-Remove-minimist-packages.patch
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,182 @@
From b75e88a33d67ae05ef9b5fa001d2a63a2effe377 Oct 17, 2019
From: richardyu-ms <[email protected]>
Date: Tue, 12 Apr 2022 15:46:16 +0000
Subject: [PATCH] Fix security issue for package minimist

---
2 files changed, 6 insertions(+), 81 deletions(-)

diff --git diff --git a/lib/js/package-lock.json b/lib/js/package-lock.json
index 00bf05c92..2d84fb05a 100644
--- a/lib/js/package-lock.json
+++ b/lib/js/package-lock.json
@@ -1038,16 +1038,7 @@
"dev": true,
"requires": {
"acorn-node": "^1.3.0",
- "defined": "^1.0.0",
- "minimist": "^1.1.1"
- },
- "dependencies": {
- "minimist": {
- "version": "1.2.0",
- "resolved": "http://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz",
- "integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ=",
- "dev": true
- }
+ "defined": "^1.0.0"
}
},
"diffie-hellman": {
@@ -2591,20 +2582,11 @@
"decamelize": "^1.1.2",
"loud-rejection": "^1.0.0",
"map-obj": "^1.0.1",
- "minimist": "^1.1.3",
"normalize-package-data": "^2.3.4",
"object-assign": "^4.0.1",
"read-pkg-up": "^1.0.1",
"redent": "^1.0.0",
"trim-newlines": "^1.0.0"
- },
- "dependencies": {
- "minimist": {
- "version": "1.2.0",
- "resolved": "http://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz",
- "integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ=",
- "dev": true
- }
}
},
"micromatch": {
@@ -2665,11 +2647,6 @@
"brace-expansion": "^1.1.7"
}
},
- "minimist": {
- "version": "0.0.8",
- "resolved": "http://registry.npmjs.org/minimist/-/minimist-0.0.8.tgz",
- "integrity": "sha1-hX/Kv8M5fSYluCKCYuhqp6ARsF0="
- },
"mixin-deep": {
"version": "1.3.1",
"resolved": "https://registry.npmjs.org/mixin-deep/-/mixin-deep-1.3.1.tgz",
@@ -2694,10 +2671,7 @@
"mkdirp": {
"version": "0.5.1",
"resolved": "http://registry.npmjs.org/mkdirp/-/mkdirp-0.5.1.tgz",
- "integrity": "sha1-MAV0OOrGz3+MR2fzhkjWaX11yQM=",
- "requires": {
- "minimist": "0.0.8"
- }
+ "integrity": "sha1-MAV0OOrGz3+MR2fzhkjWaX11yQM="
},
"module-deps": {
"version": "6.2.0",
@@ -3920,18 +3894,7 @@
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/subarg/-/subarg-1.0.0.tgz",
"integrity": "sha1-9izxdYHplrSPyWVpn1TAauJouNI=",
- "dev": true,
- "requires": {
- "minimist": "^1.1.0"
- },
- "dependencies": {
- "minimist": {
- "version": "1.2.0",
- "resolved": "http://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz",
- "integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ=",
- "dev": true
- }
- }
+ "dev": true
},
"supports-color": {
"version": "5.5.0",
diff --git a/lib/ts/package-lock.json b/lib/ts/package-lock.json
index 8d0a7ff2f..e79c55d97 100644
--- a/lib/ts/package-lock.json
+++ b/lib/ts/package-lock.json
@@ -1139,16 +1139,7 @@
"dev": true,
"requires": {
"acorn-node": "^1.3.0",
- "defined": "^1.0.0",
- "minimist": "^1.1.1"
- },
- "dependencies": {
- "minimist": {
- "version": "1.2.0",
- "resolved": "http://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz",
- "integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ=",
- "dev": true
- }
+ "defined": "^1.0.0"
}
},
"diagnostics": {
@@ -3032,20 +3023,11 @@
"decamelize": "^1.1.2",
"loud-rejection": "^1.0.0",
"map-obj": "^1.0.1",
- "minimist": "^1.1.3",
"normalize-package-data": "^2.3.4",
"object-assign": "^4.0.1",
"read-pkg-up": "^1.0.1",
"redent": "^1.0.0",
"trim-newlines": "^1.0.0"
- },
- "dependencies": {
- "minimist": {
- "version": "1.2.0",
- "resolved": "http://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz",
- "integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ=",
- "dev": true
- }
}
},
"micromatch": {
@@ -3121,11 +3103,6 @@
"brace-expansion": "^1.1.7"
}
},
- "minimist": {
- "version": "0.0.8",
- "resolved": "http://registry.npmjs.org/minimist/-/minimist-0.0.8.tgz",
- "integrity": "sha1-hX/Kv8M5fSYluCKCYuhqp6ARsF0="
- },
"mixin-deep": {
"version": "1.3.1",
"resolved": "https://registry.npmjs.org/mixin-deep/-/mixin-deep-1.3.1.tgz",
@@ -3150,10 +3127,7 @@
"mkdirp": {
"version": "0.5.1",
"resolved": "http://registry.npmjs.org/mkdirp/-/mkdirp-0.5.1.tgz",
- "integrity": "sha1-MAV0OOrGz3+MR2fzhkjWaX11yQM=",
- "requires": {
- "minimist": "0.0.8"
- }
+ "integrity": "sha1-MAV0OOrGz3+MR2fzhkjWaX11yQM="
},
"module-deps": {
"version": "6.2.0",
@@ -4396,18 +4370,7 @@
"version": "1.0.0",
"resolved": "https://registry.npmjs.org/subarg/-/subarg-1.0.0.tgz",
"integrity": "sha1-9izxdYHplrSPyWVpn1TAauJouNI=",
- "dev": true,
- "requires": {
- "minimist": "^1.1.0"
- },
- "dependencies": {
- "minimist": {
- "version": "1.2.0",
- "resolved": "http://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz",
- "integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ=",
- "dev": true
- }
- }
+ "dev": true
},
"supports-color": {
"version": "5.5.0",

0 comments on commit 6ccc458

Please sign in to comment.