diff options
author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-11-16 00:35:03 +0300 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-11-16 00:36:05 +0300 |
commit | 1d80a2eac54644288c7f2820d3c3fbcb5402b351 (patch) | |
tree | dbe2ecc74749cf37f66f9f7268bd7c16d32e9b9b /poky/meta/recipes-devtools/file | |
parent | 98f5315998ea2d2cba17ba9ebafd573902ea97cc (diff) | |
download | openbmc-1d80a2eac54644288c7f2820d3c3fbcb5402b351.tar.xz |
poky: subtree update:7035b4b21e..a616ffebdc
Adrian Bunk (3):
python3: Upgrade 3.7.4 -> 3.7.5
lz4: Whitelist CVE-2014-4715
iputils: Whitelist CVE-2000-1213 CVE-2000-1214
Alex Kube (1):
go: Refactor patches for 1.13.3
Andreas Müller (2):
vte: upgrade 0.56.3 -> 0.58.2
webkitgtk: upgrade 2.26.1 -> 2.26.2
Andreas Oberritter (3):
glibc: move ldconfig to its own package
package.bbclass: Always include ldconfig fragment
systemd: Add runtime dependency on new ldconfig package
André Draszik (1):
libevent: update packaging (one package per shared library)
Anuj Mittal (1):
libsdl2: fix race when building in parallel
Armin Kuster (13):
oeqa/core: Add a check for MACHINE
oeqa/core: Add qemu checks
oeqa/manual/bsp-qemu: remove rpm tests already done in runtime
oeqa/manual/bsp-qemu: remove KVM enabled which is already done in selftest runqemu
oeqa/manual/bsp-qemu: drop xserver test done at runtime
oeqa/manual/bsp-qemu: remove only_one_connmand_in_background test done at runtime
oeqa/manual/bsp-qemu: remove postinit test done w/selftest runtime
oeqa/manual/bsp-qemu: remove manual bash test
oeqa/manual/bsp-qemu: remove manual useradd test
oeqa/selftest/oescripts: move list-packageconfig-flags tests from manual to self
oeqa/manua/oe-core: remove manual PACKAGECONFIG_FLAGS tests
oeqa/selftest/runtime_test: add crosstab selftest
oeqa/manual/oe-core: remove crosstab test from manual
Changhyeok Bae (1):
iproute2: update 5.2.0 -> 5.3.0
Chee Yang Lee (1):
wic: beautify 'wic help'
Chris Laplante via bitbake-devel (7):
bitbake: contrib/vim: More Python indenting; move indent file to correct directory
bitbake: contrib/vim: Special handling of bb.fatal
bitbake: contrib/vim: don't redeclare indenter
bitbake: contrib/vim: renaming & comments
bitbake: contrib/vim: indenting for assignments; tweak Python indenting
bitbake: contrib/vim: handle shell indenting
bitbake: contrib/vim: Add copyright and license notice
Denys Dmytriyenko (1):
buildhistory: fix "version went backwards" QA error message
Gavin Li (1):
bitbake: prserv: fix ResourceWarning due to unclosed socket
Haris Okanovic (8):
isoimage-isohybrid.py: Parameterize ESP label
isoimage-isohybrid.py: Parameterize ESP partition size
initscripts/sysfs.sh: Mount /sys/firmware/efi/efivars when possible
gnupg: Split gpg and gpg-agent into a minimal gnupg-gpg package
opkg: RDEPEND "gnupg-gpg" instead of "gnupg"
gnupg/libksba/npth/pinentry: Add nativesdk to BBCLASSEXTEND
meta/lib/oe/package_manager.py: Enable sha256 checksums in opkg indexer
dhcp: Workaround busybox limitation in Linux dhclient-script
Ivan Efimov (1):
bitbake: bitbake-worker child process create group before registering SIGTERM handler
Jacob Kroon (2):
rm_work: Promote do_image_qa stamps to setscene versions
rm_work: Simplify logic for setscene promotion
Jagadeesh Krishnanjanappa (1):
tune-cortexa32: Fix libgcc-initial build issue for cortex-a32
Joshua Watt (4):
oeqa: reproducible: Add option to capture bad packages
icecc-create-env: Use OE patchelf in SDK
mc: Fix build reproducibility
wayland: Fix wayland-scanner build for MinGW
Khem Raj (4):
libtirpc: Do not include bits/endian.h directly
strace: Fix ptest build
libnsl2: Update to latest master
strace: Fix build found with 64bit time_t/musl
Liwei Song (1):
buildtools-tarball: export OPENSSL_CONF for openssl
Mark Hatle (1):
populate_sdk_ext.bbclass: Make integrated buildtools optional
Maxime Roussin-Bélanger (1):
meta: add missing description for some recipes in graphics
Mikko Rapeli (1):
harfbuzz: split libharfbuzz-subset.so to its own binary package
Oleksandr Kravchuk (1):
git: update to 2.24.0
Paul Barker (1):
scripts/native-intercept: Add chgrp intercept
Peter Kjellerstedt (3):
sysstat: Correct our systemd unit file
sysstat: Correct when to use the package provided systemd unit files
bitbake: cooker: Remove a left-over comment about expanded_data
Richard Purdie (9):
bitbake: fetch2: Ensure cached url data is matched to a datastore
staging: Handle files moving between dependencies
sstate: Add ability to hide summary output for sstate
selftest/signing: Fix test_locked_signatures to use a temporary layer
dhcp/ruby/ffpmeg: Use CFLAGS, not TARGET_CFLAGS
bitbake: runqueue: Improve sstate rehashing output
pseudo: Add statx support to fix fedora30 issues
pseudo: Drop static linking to sqlite3
sqlite3: Drop pic as we no longer need the sqlite3 static lib
Ross Burton (16):
file: fix CVE-2019-18218
file: remove redundant upstream check workaround
file: run test suite when building natively
patch: the CVE-2019-13638 fix also handles CVE-2018-20969
libpng: whitelist CVE-2019-17371
procps: whitelist CVE-2018-1121
libsndfile1: whitelist CVE-2018-13419
libpam: set CVE_PRODUCT
libsoup: set CVE_PRODUCT
libsoup-2.4: upgrade to 2.66.4
insane: improve textrel warning message
libsoup: update patch upstream status
acpica: upgrade to 20191018
ovmf: unify DEPENDS
cve-check: we don't actually need to unpack to check
cve-update-db-native: don't refresh more than once an hour
Samuli Piippo (1):
linux-firmware: update packaging for brcm files
Scott Rifenbark (3):
ref-manual: Completed the 3.0 migration section.
mega-manual: Updated mega-manual Bitbake manual search path
ref-manual: Removed blank lines from 3.0 migratrion section.
Stefan Agner (1):
dbus: drop unused group netdev
Torbjörn Svensson (1):
psplash: Do mount psplash tmpfs if not mounted
Trevor Gamblin (1):
python3-misc: add python3-audio to RDEPENDS
Volker Vogelhuber (1):
bitbake: fetch2/hg: Fix various runtime issues
Yeoh Ee Peng (4):
scripts/resulttool/report: Enable report to use regression_map
scripts/resulttool/report: Enable output raw test results
scripts/resulttool/report: Add total statistic to test result.
resulttool/store.py: Enable add extra test environment data
Yongxin Liu (2):
systemd: Fix invalid argument of pstore log entry
ltp: Add "udevadm trigger" before swap verification in mkswap01.sh
Zang Ruochen (8):
ruby:upgrade 2.6.4 -> 2.6.5
ethtool:upgrade 5.2 -> 5.3
libdrm:upgrade 2.4.99 -> 2.4.100
libcheck:upgrade 0.12.0 -> 0.13.0
curl:upgrade 7.66.0 -> 7.67.0
libinput:upgrade 1.14.1 -> 1.14.3
python3-six:upgrade 1.12.0 -> 1.13.0
libedit: upgrade 20190324 -> 20191025
Zhixiong Chi (1):
libtirpc: create the symbol link for rpc header files
grygorii tertychnyi (1):
archiver: avoid empty incfile in ar_recipe
Change-Id: Ice596e426e4533d7568a82bcbb21efdfc19e21e7
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'poky/meta/recipes-devtools/file')
-rw-r--r-- | poky/meta/recipes-devtools/file/file/CVE-2019-18218.patch | 55 | ||||
-rw-r--r-- | poky/meta/recipes-devtools/file/file_5.37.bb | 10 |
2 files changed, 61 insertions, 4 deletions
diff --git a/poky/meta/recipes-devtools/file/file/CVE-2019-18218.patch b/poky/meta/recipes-devtools/file/file/CVE-2019-18218.patch new file mode 100644 index 000000000..3d02c5ad4 --- /dev/null +++ b/poky/meta/recipes-devtools/file/file/CVE-2019-18218.patch @@ -0,0 +1,55 @@ +cdf_read_property_info in cdf.c in file through 5.37 does not restrict the +number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte +out-of-bounds write). + +CVE: CVE-2019-18218 +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@intel.com> + +From 46a8443f76cec4b41ec736eca396984c74664f84 Mon Sep 17 00:00:00 2001 +From: Christos Zoulas <christos@zoulas.com> +Date: Mon, 26 Aug 2019 14:31:39 +0000 +Subject: [PATCH] Limit the number of elements in a vector (found by oss-fuzz) + +--- + src/cdf.c | 9 ++++----- + src/cdf.h | 1 + + 2 files changed, 5 insertions(+), 5 deletions(-) + +diff --git a/src/cdf.c b/src/cdf.c +index 9d6396742..bb81d6374 100644 +--- a/src/cdf.c ++++ b/src/cdf.c +@@ -1016,8 +1016,9 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h, + goto out; + } + nelements = CDF_GETUINT32(q, 1); +- if (nelements == 0) { +- DPRINTF(("CDF_VECTOR with nelements == 0\n")); ++ if (nelements > CDF_ELEMENT_LIMIT || nelements == 0) { ++ DPRINTF(("CDF_VECTOR with nelements == %" ++ SIZE_T_FORMAT "u\n", nelements)); + goto out; + } + slen = 2; +@@ -1060,8 +1061,6 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h, + goto out; + inp += nelem; + } +- DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n", +- nelements)); + for (j = 0; j < nelements && i < sh.sh_properties; + j++, i++) + { +diff --git a/src/cdf.h b/src/cdf.h +index 2f7e554b7..05056668f 100644 +--- a/src/cdf.h ++++ b/src/cdf.h +@@ -48,6 +48,7 @@ + typedef int32_t cdf_secid_t; + + #define CDF_LOOP_LIMIT 10000 ++#define CDF_ELEMENT_LIMIT 100000 + + #define CDF_SECID_NULL 0 + #define CDF_SECID_FREE -1 diff --git a/poky/meta/recipes-devtools/file/file_5.37.bb b/poky/meta/recipes-devtools/file/file_5.37.bb index c53a120b8..a96ccc0d3 100644 --- a/poky/meta/recipes-devtools/file/file_5.37.bb +++ b/poky/meta/recipes-devtools/file/file_5.37.bb @@ -11,10 +11,8 @@ LIC_FILES_CHKSUM = "file://COPYING;beginline=2;md5=0251eaec1188b20d9a72c502ecfdd DEPENDS = "zlib file-replacement-native" DEPENDS_class-native = "zlib-native" -# Blacklist a bogus tag in upstream check -UPSTREAM_CHECK_GITTAGREGEX = "FILE(?P<pver>(?!6_23).+)" - -SRC_URI = "git://github.com/file/file.git" +SRC_URI = "git://github.com/file/file.git \ + file://CVE-2019-18218.patch" SRCREV = "a0d5b0e4e9f97d74a9911e95cedd579852e25398" S = "${WORKDIR}/git" @@ -31,6 +29,10 @@ EXTRA_OEMAKE_append_class-nativesdk = "-e FILE_COMPILE=${STAGING_BINDIR_NATIVE}/ FILES_${PN} += "${datadir}/misc/*.mgc" +do_compile_append_class-native() { + oe_runmake check +} + do_install_append_class-native() { create_cmdline_wrapper ${D}/${bindir}/file \ --magic-file ${datadir}/misc/magic.mgc |