summaryrefslogtreecommitdiff
path: root/poky/meta/recipes-bsp
diff options
context:
space:
mode:
authorBrad Bishop <bradleyb@fuzziesquirrel.com>2018-08-23 11:11:46 +0300
committerBrad Bishop <bradleyb@fuzziesquirrel.com>2018-09-27 14:47:44 +0300
commitbba38f38e7e41525c30116a2fe990d113b8157da (patch)
tree14a0d015f4b144a97c51c896e7a3135b600760a6 /poky/meta/recipes-bsp
parent36b84cde8facab568630eec811e483cf1fc50848 (diff)
downloadopenbmc-bba38f38e7e41525c30116a2fe990d113b8157da.tar.xz
poky: sumo refresh 51872d3f99..3b8dc3a88e
Update poky to sumo HEAD. Andrej Valek (1): wpa-supplicant: fix CVE-2018-14526 Armin Kuster (2): xserver-xorg: config: fix NULL value detection for ID_INPUT being unset binutils: Change the ARM assembler's ADR and ADRl pseudo-ops so that they will only set the bottom bit of imported thumb function symbols if the -mthumb-interwork option is active. Bruce Ashfield (3): linux-yocto/4.12: update to v4.12.28 linux-yocto/4.14: update to v4.14.62 linux-yocto/4.14: update to v4.14.67 Changqing Li (6): libexif: patch for CVE-2017-7544 squashfs-tools: patch for CVE-2015-4645(4646) libcroco: patch for CVE-2017-7960 libid3tag: patch for CVE-2004-2779 libice: patch for CVE-2017-2626 apr-util: fix ptest fail problem Chen Qi (2): util-linux: upgrade 2.32 -> 2.32.1 busybox: move init related configs to init.cfg Jagadeesh Krishnanjanappa (2): libarchive: CVE-2017-14501 libcgroup: CVE-2018-14348 Jon Szymaniak (1): cve-check.bbclass: detect CVE IDs listed on multiple lines Joshua Lock (1): os-release: fix to install in the expected location Khem Raj (1): serf: Fix Sconstruct build with python 3.7 Konstantin Shemyak (1): cve-check.bbclass: do not download the CVE DB in package-specific tasks Mike Looijmans (1): busybox/mdev-mount.sh: Fix partition detect and cleanup mountpoint on fail Ross Burton (1): lrzsz: fix CVE-2018-10195 Sinan Kaya (3): busybox: CVE-2017-15874 libpng: CVE-2018-13785 sqlite3: CVE-2018-8740 Yadi.hu (1): busybox: handle syslog Yi Zhao (2): blktrace: Security fix CVE-2018-10689 taglib: Security fix CVE-2018-11439 Zheng Ruoqin (1): glibc: fix CVE-2018-11237 Change-Id: I2eb1fe6574638de745e4bfc106b86fe797b977c8 Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'poky/meta/recipes-bsp')
-rw-r--r--poky/meta/recipes-bsp/lrzsz/lrzsz-0.12.20/cve-2018-10195.patch28
-rw-r--r--poky/meta/recipes-bsp/lrzsz/lrzsz_0.12.20.bb1
2 files changed, 29 insertions, 0 deletions
diff --git a/poky/meta/recipes-bsp/lrzsz/lrzsz-0.12.20/cve-2018-10195.patch b/poky/meta/recipes-bsp/lrzsz/lrzsz-0.12.20/cve-2018-10195.patch
new file mode 100644
index 000000000..dea298634
--- /dev/null
+++ b/poky/meta/recipes-bsp/lrzsz/lrzsz-0.12.20/cve-2018-10195.patch
@@ -0,0 +1,28 @@
+Integer overflow in src/zm.c:zsdata() causes crash in sz and can leak information to receiver.
+
+Patch taken from Fedora.
+
+CVE: CVE-2018-10195
+Upstream-Status: Inappropriate (dead upstream)
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+
+diff -urN lrzsz-0.12.20/src/zm.c lrzsz-0.12.20.new/src/zm.c
+--- lrzsz-0.12.20/src/zm.c Tue Dec 29 09:48:38 1998
++++ lrzsz-0.12.20.new/src/zm.c Tue Oct 8 12:46:58 2002
+@@ -431,10 +431,12 @@
+ VPRINTF(3,("zsdata: %lu %s", (unsigned long) length,
+ Zendnames[(frameend-ZCRCE)&3]));
+ crc = 0;
+- do {
+- zsendline(*buf); crc = updcrc((0377 & *buf), crc);
+- buf++;
+- } while (--length>0);
++
++ for( ; length; length--) {
++ zsendline(*buf); crc = updcrc((0377 & *buf), crc);
++ buf++;
++ }
++
+ xsendline(ZDLE); xsendline(frameend);
+ crc = updcrc(frameend, crc);
+ \ No newline at end of file
diff --git a/poky/meta/recipes-bsp/lrzsz/lrzsz_0.12.20.bb b/poky/meta/recipes-bsp/lrzsz/lrzsz_0.12.20.bb
index 4b349be32..002c774c6 100644
--- a/poky/meta/recipes-bsp/lrzsz/lrzsz_0.12.20.bb
+++ b/poky/meta/recipes-bsp/lrzsz/lrzsz_0.12.20.bb
@@ -19,6 +19,7 @@ SRC_URI = "http://www.ohse.de/uwe/releases/lrzsz-${PV}.tar.gz \
file://acdefine.patch \
file://lrzsz_fix_for_automake-1.12.patch \
file://lrzsz-check-locale.h.patch \
+ file://cve-2018-10195.patch \
"
SRC_URI[md5sum] = "b5ce6a74abc9b9eb2af94dffdfd372a4"