Skip to content

Merging internal commits for release/5.0 #66352

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 8 commits into from
Mar 10, 2022
Merged

Merging internal commits for release/5.0 #66352

merged 8 commits into from
Mar 10, 2022

Conversation

vseanreesermsft
Copy link

No description provided.

jeffhandley and others added 7 commits February 8, 2022 00:31
@jeffhandley @wtgodbe
Merged PR 20977: [release/5.0] MSRC 70024 - Update brotli to v1.0.9 t…
e69d627 
…o address CVE-2020-8927

[Component Governance](https://dnceng.visualstudio.com/internal/_componentGovernance/dotnet-corefx/alert/5549446?typeId=8301794) identified that we have an insecure version of Brotli in place for .NET Core 2.1, .NET Core 3.1, and .NET 5.0. The vulnerability is surfaced in the BrotliDecoderDecompress method which is used by .NET in our BrotliDecoder.TryDecompress public API.

This addresses MSRC 70024.

This change was created by backporting dotnet#44107, which updated Brotli to v1.0.9 in .NET 6.0 for performance optimizations.
@dotnet-bot
Merge in 'release/5.0' changes
5a54577
@tannergooding @wtgodbe
Merged PR 21062: Resolve MSRC 68613 for .NET 5
bf3ddcd 
Resolve MSRC 68613 for .NET 5
@dotnet-bot
Merge in 'release/5.0' changes
6326c85
@dotnet-bot
Merge in 'release/5.0' changes
f4567ec
@tannergooding @mmitche
Merged PR 21171: Fixing the shift-left handling to correctly account …
3065735 
…for overshifting

Fixing the shift-left handling to correctly account for overshifting
@vseanreesermsft
Merge commit '3065735be79d6b7d17e8e3a723115810b43c9b3a' into internal…
62b44d9 
…-merge-5.0-2022-03-08-1135
@ghost ghost assigned vseanreesermsft Mar 8, 2022
@ghost
Copy link

ghost commented Mar 8, 2022

I couldn't figure out the best area label to add to this PR. If you have write-permissions please help me learn by adding exactly one area label.

@runfoapp runfoapp bot mentioned this pull request Mar 8, 2022
Open
@ericstj ericstj requested a review from a team March 9, 2022 19:48
@ericstj
Copy link
Member

ericstj commented Mar 9, 2022

cc @agocke @hoyosjs looks like this is existing state of the 5.0 branch. All 5.0 PRs are failing similarly.

Here's an example of a log.

       "D:\a\_work\1\s\artifacts\obj\coreclr\Linux.x64.Release\crossgen\install.vcxproj" (default target) (1) ->
       "D:\a\_work\1\s\artifacts\obj\coreclr\Linux.x64.Release\crossgen\ALL_BUILD.vcxproj" (default target) (3) ->
       "D:\a\_work\1\s\artifacts\obj\coreclr\Linux.x64.Release\crossgen\src\pal\src\libunwind\src\libunwind_xdac.vcxproj" (default target) (5) ->
       (ClCompile target) -> 
         D:\a\_work\1\s\src\coreclr\src\pal\src\libunwind\src\mi\mempool.c(44,16): error C2143: syntax error: missing ')' before '(' [D:\a\_work\1\s\artifacts\obj\coreclr\Linux.x64.Release\crossgen\src\pal\src\libunwind\src\libunwind_xdac.vcxproj]
         D:\a\_work\1\s\src\coreclr\src\pal\src\libunwind\src\mi\mempool.c(44,16): error C2143: syntax error: missing ')' before 'sizeof' [D:\a\_work\1\s\artifacts\obj\coreclr\Linux.x64.Release\crossgen\src\pal\src\libunwind\src\libunwind_xdac.vcxproj]
         D:\a\_work\1\s\src\coreclr\src\pal\src\libunwind\src\mi\mempool.c(44,16): error C2091: function returns function [D:\a\_work\1\s\artifacts\obj\coreclr\Linux.x64.Release\crossgen\src\pal\src\libunwind\src\libunwind_xdac.vcxproj]
         D:\a\_work\1\s\src\coreclr\src\pal\src\libunwind\src\mi\mempool.c(44,16): error C2143: syntax error: missing '{' before 'sizeof' [D:\a\_work\1\s\artifacts\obj\coreclr\Linux.x64.Release\crossgen\src\pal\src\libunwind\src\libunwind_xdac.vcxproj]
         D:\a\_work\1\s\src\coreclr\src\pal\src\libunwind\src\mi\mempool.c(44,16): error C2059: syntax error: 'sizeof' [D:\a\_work\1\s\artifacts\obj\coreclr\Linux.x64.Release\crossgen\src\pal\src\libunwind\src\libunwind_xdac.vcxproj]
         D:\a\_work\1\s\src\coreclr\src\pal\src\libunwind\src\mi\mempool.c(63,21): error C2065: 'sos_memory': undeclared identifier [D:\a\_work\1\s\artifacts\obj\coreclr\Linux.x64.Release\crossgen\src\pal\src\libunwind\src\libunwind_xdac.vcxproj]
         D:\a\_work\1\s\src\coreclr\src\pal\src\libunwind\src\mi\mempool.c(63,25): error C2109: subscript requires array or pointer type [D:\a\_work\1\s\artifacts\obj\coreclr\Linux.x64.Release\crossgen\src\pal\src\libunwind\src\libunwind_xdac.vcxproj]

@ericstj
Copy link
Member

ericstj commented Mar 9, 2022

The Libraries Build Windows_NT net48 x86 Release failures are #62068. We should port the test fix for this that was also ported to 6.0: #63507

@ericstj
Copy link
Member

ericstj commented Mar 9, 2022

#66406 should fix the CoreCLR build failures once it's merged. We have to decide if we wait on that or not.

@danmoseley danmoseley added the area-codeflow for labeling automated codeflow label Mar 10, 2022
@ericstj
Copy link
Member

ericstj commented Mar 10, 2022

Merging to unblock source build. Build failures are known, specific to the machine pools used in Validation, and are being addressed in #66406

@ericstj ericstj merged commit 85ad38b into dotnet:release/5.0 Mar 10, 2022
@ghost ghost locked as resolved and limited conversation to collaborators Apr 9, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees

@vseanreesermsft vseanreesermsft

Labels
area-codeflow for labeling automated codeflow
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@vseanreesermsft @ericstj @danmoseley @jeffhandley @dotnet-bot @tannergooding