diff options
author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2018-10-16 05:47:12 +0300 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2018-11-19 04:46:35 +0300 |
commit | 6f8dcde58e2226d5a46f41ab53225134d0e60b4e (patch) | |
tree | dfbdf8de08982b93dfd42921b548cffc73b4a153 /poky/meta/recipes-devtools/nasm | |
parent | 10719a5be4799cf3961bdb4754cb389e8e45ede5 (diff) | |
download | openbmc-6f8dcde58e2226d5a46f41ab53225134d0e60b4e.tar.xz |
poky: sumo refresh d240b885f2..eebbc00b25
Update poky to sumo HEAD.
Anuj Mittal (1):
perl: skip tests that are not useful
Armin Kuster (4):
tzcode-native: updatet to 2018e
tzdata: update to 2018e
tzcode: update to 2018f
tzdata: update to 2018f
Bruce Ashfield (10):
kernel-yocto/cfg: configuration warning fixes
linux-yocto/4.14/4.18: address kernel configuration warnings
linux-yocto: configuration warning fixes
linux-yocto: tweak RTC configuration
linux-yocto/4.14: fix kernel configuration audit warnings
linux-yocto/4.14: update to v4.14.71
linux-yocto: enable pci and CRYPTO_DEV_VIRTIO
linux-yocto/4.14: fix beaglebone configuration warnings
linux-yocto-rt: fixup 4.14 merge issues
linux-yocto/4.14: update to v4.14.76
Changqing Li (1):
apt: update SRC_URI
Chen Qi (2):
python: backport patch to fix CVE-2018-1000802
python: backport patch to fix CVE-2018-14647
Dan McGregor (2):
os-release: move to nonarch_libdir
base-files: change permissions on /sys and /proc
Derek Straka (1):
python: update to version 2.7.15
Grygorii Tertychnyi (2):
cve-check: Allow multiple entries in CVE_PRODUCT
curl: extend CVE_PRODUCT
Hongxu Jia (2):
valgrind: fix compile ptest failure on mips32
nasm: fix CVE-2018-1000667
Hongzhi.Song (1):
linux-yocto-rt: Add paravirt_kvm support for qemux86-64
Jagadeesh Krishnanjanappa (1):
valgrind: fix ptest compilation for PowerPC64
Peter Kjellerstedt (1):
curl: Include the complete license information
Richard Purdie (2):
yocto-uninative: Upgrade to verson 2.3 which includes glibc 2.28
oeqa/selftest/runtime_test: Ensure we build/use gnupg-native
Ross Burton (2):
python: clean up ptest
python: don't use runtime checks to identify float endianism
Zhixiong Chi (1):
curl: CVE-2018-14618
Change-Id: I4b7aa481ed2a57c3551c4a45d30350f2376444cc
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'poky/meta/recipes-devtools/nasm')
-rw-r--r-- | poky/meta/recipes-devtools/nasm/nasm/0001-preproc-parse_size-Check-for-string-provided.patch | 37 | ||||
-rw-r--r-- | poky/meta/recipes-devtools/nasm/nasm_2.13.03.bb | 1 |
2 files changed, 38 insertions, 0 deletions
diff --git a/poky/meta/recipes-devtools/nasm/nasm/0001-preproc-parse_size-Check-for-string-provided.patch b/poky/meta/recipes-devtools/nasm/nasm/0001-preproc-parse_size-Check-for-string-provided.patch new file mode 100644 index 000000000..2121fd17f --- /dev/null +++ b/poky/meta/recipes-devtools/nasm/nasm/0001-preproc-parse_size-Check-for-string-provided.patch @@ -0,0 +1,37 @@ +From a2f43331a853b7cc449cae3361ee1fb54c7fad8d Mon Sep 17 00:00:00 2001 +From: Cyrill Gorcunov <gorcunov@gmail.com> +Date: Sat, 29 Sep 2018 14:30:14 +0300 +Subject: [PATCH] preproc: parse_size -- Check for string provided + +In case if the string is nil we will have sigsegv. + +https://bugzilla.nasm.us/show_bug.cgi?id=3392507 + +Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> + +CVE: CVE-2018-1000667 +Upstream-Status: Backport +https://repo.or.cz/nasm/nasm.git/commit/c713b5f994cf7b29164c3b6838b91f0499591434 + +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + asm/preproc.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/asm/preproc.c b/asm/preproc.c +index 475926d..1d770a5 100644 +--- a/asm/preproc.c ++++ b/asm/preproc.c +@@ -2216,8 +2216,7 @@ static int parse_size(const char *str) { + { "byte", "dword", "oword", "qword", "tword", "word", "yword" }; + static const int sizes[] = + { 0, 1, 4, 16, 8, 10, 2, 32 }; +- +- return sizes[bsii(str, size_names, ARRAY_SIZE(size_names))+1]; ++ return str ? sizes[bsii(str, size_names, ARRAY_SIZE(size_names))+1] : 0; + } + + /* +-- +2.8.1 + diff --git a/poky/meta/recipes-devtools/nasm/nasm_2.13.03.bb b/poky/meta/recipes-devtools/nasm/nasm_2.13.03.bb index 730db1d8c..de4c55446 100644 --- a/poky/meta/recipes-devtools/nasm/nasm_2.13.03.bb +++ b/poky/meta/recipes-devtools/nasm/nasm_2.13.03.bb @@ -9,6 +9,7 @@ SRC_URI = "http://www.nasm.us/pub/nasm/releasebuilds/${PV}/nasm-${PV}.tar.bz2 \ file://0001-fix-CVE-2018-8882.patch \ file://0001-Verify-that-we-are-not-reading-past-end-of-a-buffer.patch \ file://0001-eval-Eliminate-division-by-zero.patch \ + file://0001-preproc-parse_size-Check-for-string-provided.patch \ " SRC_URI[md5sum] = "0c581d482f39d5111879ca9601938f74" |