diff options
author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-10-29 16:48:15 +0300 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-10-29 16:48:21 +0300 |
commit | 93c3acf56fcecefef579497263e98c15b6b0e34a (patch) | |
tree | b2b86526293298bb30af7587d17d62405832b930 /meta-openembedded/meta-oe/recipes-extended | |
parent | b350a87270ee007fb1da2c564c050184abd5ba1e (diff) | |
download | openbmc-93c3acf56fcecefef579497263e98c15b6b0e34a.tar.xz |
meta-openembedded: subtree update:18506b797b..c986cbed93
Adrian Bunk (7):
gpsd: Backport a memory leak fix
gpsd: Stop depending on chrpath-native
klibc: Upgrade 2.0.6 -> 2.0.7
gerbera: Upgrade 1.3.0 -> 1.3.2
gstd: Fix the version number
webrtc-audio-processing: Upgrade 0.3 -> 0.3.1
vlc: Upgrade 3.0.6 -> 3.0.8
Andreas Müller (15):
itstool: rework native shebang and add class to make native itstool work
yelp-tools: use itstools.bbclass
yelp-xsl: use itstool.bbclass
yelp: use itstool.bbclass
gnome-help.bbclass: Handle gnome-help files with new distro feature 'helpfiles'
zenity: rework recipe
dconf: extend to native build for upcoming gdm
dconf-editor: upgrade 3.32.0 -> 3.34.0
gtksourceview4: upgrade 4.2.0 -> 4.4.0
gnome-menus3: upgrade 3.10.1 -> 3.32.0
gnome-desktop3: upgrade 3.34.0 -> 3.34.1
gnome-bluetooth: upgrade 3.32.1 -> 3.34.0
gspell: upgrade 1.8.1 -> 1.8.2
gnome-system-monitor: upgrade 3.32.0 -> 3.32.1
network-manager-applet: upgrade 1.8.22 -> 1.8.23 / build with meson / cleanup
Luca Boccassi (4):
dbus-broker: 19 -> 21
dbus-broker: backport patches from master
dbus-broker: build with SELinux if it's enabled via DISTRO_FEATURES
dbus-broker: add patch to fix build with musl libc
Trevor Gamblin (1):
rsyslog: upgrade from v8.1908.0 to v8.1910.0
Zang Ruochen (4):
python-bitarray: upgrade 0.8.3 -> 1.0.1
python-can: upgrade 2.2.1 -> 3.3.2
python-daemonize: upgrade 2.4.7 -> 2.5.0
xmlsec1: upgrade 1.2.28 -> 1.2.29
Zheng Ruoqin (2):
keepalived: upgrade 2.0.16 -> 2.0.19
postfix: upgrade 3.4.5 -> 3.4.7
Change-Id: Ibff272f163bb42473022825cfb17a284a0019e83
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'meta-openembedded/meta-oe/recipes-extended')
-rw-r--r-- | meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/0001-Out-of-bounds-issue.patch | 31 | ||||
-rw-r--r-- | meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/0001-pmaixforwardedfrom-bugfix-potential-misadressing.patch | 43 | ||||
-rw-r--r-- | meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog_8.1910.0.bb (renamed from meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog_8.1908.0.bb) | 6 |
3 files changed, 2 insertions, 78 deletions
diff --git a/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/0001-Out-of-bounds-issue.patch b/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/0001-Out-of-bounds-issue.patch deleted file mode 100644 index b494ca687..000000000 --- a/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/0001-Out-of-bounds-issue.patch +++ /dev/null @@ -1,31 +0,0 @@ -From b0894088b680666035a3418326e13bc99d4fed49 Mon Sep 17 00:00:00 2001 -From: Philippe Duveau <pduveau@users.noreply.github.com> -Date: Tue, 24 Sep 2019 20:45:25 +0200 -Subject: [PATCH] Out of bounds issue - -Add a new sanity check after determining the level len. ---- - contrib/pmdb2diag/pmdb2diag.c | 4 ++++ - 1 file changed, 4 insertions(+) - -Upstream-Status: Backport [https://github.com/rsyslog/rsyslog/commit/b0894088b6] -CVE: CVE-2019-17040 -Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> -diff --git a/contrib/pmdb2diag/pmdb2diag.c b/contrib/pmdb2diag/pmdb2diag.c -index 2b5916301..5810eb4df 100644 ---- a/contrib/pmdb2diag/pmdb2diag.c -+++ b/contrib/pmdb2diag/pmdb2diag.c -@@ -134,6 +134,10 @@ CODESTARTparse2 - ABORT_FINALIZE(0); - } - -+ /* let recheck with the real level len */ -+ if(pMsg->iLenRawMsg - (int)pMsg->offAfterPRI < pInst->levelpos+lvl_len) -+ ABORT_FINALIZE(RS_RET_COULD_NOT_PARSE); -+ - DBGPRINTF("db2parse Level %d\n", pMsg->iSeverity); - - end = (char*)pMsg->pszRawMsg + pMsg->iLenRawMsg ; --- -2.17.1 - diff --git a/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/0001-pmaixforwardedfrom-bugfix-potential-misadressing.patch b/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/0001-pmaixforwardedfrom-bugfix-potential-misadressing.patch deleted file mode 100644 index 0b32766a5..000000000 --- a/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog/0001-pmaixforwardedfrom-bugfix-potential-misadressing.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 10549ba915556c557b22b3dac7e4cb73ad22d3d8 Mon Sep 17 00:00:00 2001 -From: Rainer Gerhards <rgerhards@adiscon.com> -Date: Fri, 27 Sep 2019 13:36:02 +0200 -Subject: [PATCH] pmaixforwardedfrom bugfix: potential misadressing - ---- - contrib/pmaixforwardedfrom/pmaixforwardedfrom.c | 9 +++++++++ - 1 file changed, 9 insertions(+) - -Upstream-Status: Backport [https://github.com/rsyslog/rsyslog/pull/3884] -CVE: CVE-2019-17041 -Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> - -diff --git a/contrib/pmaixforwardedfrom/pmaixforwardedfrom.c b/contrib/pmaixforwardedfrom/pmaixforwardedfrom.c -index 37157c7d4..ebf12ebbe 100644 ---- a/contrib/pmaixforwardedfrom/pmaixforwardedfrom.c -+++ b/contrib/pmaixforwardedfrom/pmaixforwardedfrom.c -@@ -109,6 +109,10 @@ CODESTARTparse - /* bump the message portion up by skipLen(23 or 5) characters to overwrite the "Message forwarded from - " or "From " with the hostname */ - lenMsg -=skipLen; -+ if(lenMsg < 2) { -+ dbgprintf("not a AIX message forwarded from message has nothing after header\n"); -+ ABORT_FINALIZE(RS_RET_COULD_NOT_PARSE); -+ } - memmove(p2parse, p2parse + skipLen, lenMsg); - *(p2parse + lenMsg) = '\n'; - *(p2parse + lenMsg + 1) = '\0'; -@@ -120,6 +124,11 @@ really an AIX log, but has a similar preamble */ - --lenMsg; - ++p2parse; - } -+ if (lenMsg < 1) { -+ dbgprintf("not a AIX message forwarded from message has nothing after colon " -+ "or no colon at all\n"); -+ ABORT_FINALIZE(RS_RET_COULD_NOT_PARSE); -+ } - if (lenMsg && *p2parse != ':') { - DBGPRINTF("not a AIX message forwarded from mangled log but similar enough that the preamble has " - "been removed\n"); --- -2.17.1 - diff --git a/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog_8.1908.0.bb b/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog_8.1910.0.bb index f9e44421d..f50f9a34b 100644 --- a/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog_8.1908.0.bb +++ b/meta-openembedded/meta-oe/recipes-extended/rsyslog/rsyslog_8.1910.0.bb @@ -23,16 +23,14 @@ SRC_URI = "http://www.rsyslog.com/download/files/download/rsyslog/${BPN}-${PV}.t file://rsyslog.logrotate \ file://use-pkgconfig-to-check-libgcrypt.patch \ file://run-ptest \ - file://0001-Out-of-bounds-issue.patch \ - file://0001-pmaixforwardedfrom-bugfix-potential-misadressing.patch \ " SRC_URI_append_libc-musl = " \ file://0001-Include-sys-time-h.patch \ " -SRC_URI[md5sum] = "6e9aa4ef4cad8ae49affa0a786cc9e2f" -SRC_URI[sha256sum] = "f8c8e53b651e03a011667c60bd2d4dba7a7cb6ec04b247c8ea8514115527863b" +SRC_URI[md5sum] = "6d4d94359d083f449f089b8dbb93c423" +SRC_URI[sha256sum] = "0219ee692f31a39743acb62aaf4196b644ce94edf386df4605fd6a11a4fe0c93" UPSTREAM_CHECK_URI = "https://github.com/rsyslog/rsyslog/releases" UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)" |