diff options
author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2018-08-23 11:11:46 +0300 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2018-09-27 14:47:44 +0300 |
commit | bba38f38e7e41525c30116a2fe990d113b8157da (patch) | |
tree | 14a0d015f4b144a97c51c896e7a3135b600760a6 /poky/meta/recipes-devtools/squashfs-tools | |
parent | 36b84cde8facab568630eec811e483cf1fc50848 (diff) | |
download | openbmc-bba38f38e7e41525c30116a2fe990d113b8157da.tar.xz |
poky: sumo refresh 51872d3f99..3b8dc3a88e
Update poky to sumo HEAD.
Andrej Valek (1):
wpa-supplicant: fix CVE-2018-14526
Armin Kuster (2):
xserver-xorg: config: fix NULL value detection for ID_INPUT being unset
binutils: Change the ARM assembler's ADR and ADRl pseudo-ops so that they will only set the bottom bit of imported thumb function symbols if the -mthumb-interwork option is active.
Bruce Ashfield (3):
linux-yocto/4.12: update to v4.12.28
linux-yocto/4.14: update to v4.14.62
linux-yocto/4.14: update to v4.14.67
Changqing Li (6):
libexif: patch for CVE-2017-7544
squashfs-tools: patch for CVE-2015-4645(4646)
libcroco: patch for CVE-2017-7960
libid3tag: patch for CVE-2004-2779
libice: patch for CVE-2017-2626
apr-util: fix ptest fail problem
Chen Qi (2):
util-linux: upgrade 2.32 -> 2.32.1
busybox: move init related configs to init.cfg
Jagadeesh Krishnanjanappa (2):
libarchive: CVE-2017-14501
libcgroup: CVE-2018-14348
Jon Szymaniak (1):
cve-check.bbclass: detect CVE IDs listed on multiple lines
Joshua Lock (1):
os-release: fix to install in the expected location
Khem Raj (1):
serf: Fix Sconstruct build with python 3.7
Konstantin Shemyak (1):
cve-check.bbclass: do not download the CVE DB in package-specific tasks
Mike Looijmans (1):
busybox/mdev-mount.sh: Fix partition detect and cleanup mountpoint on fail
Ross Burton (1):
lrzsz: fix CVE-2018-10195
Sinan Kaya (3):
busybox: CVE-2017-15874
libpng: CVE-2018-13785
sqlite3: CVE-2018-8740
Yadi.hu (1):
busybox: handle syslog
Yi Zhao (2):
blktrace: Security fix CVE-2018-10689
taglib: Security fix CVE-2018-11439
Zheng Ruoqin (1):
glibc: fix CVE-2018-11237
Change-Id: I2eb1fe6574638de745e4bfc106b86fe797b977c8
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'poky/meta/recipes-devtools/squashfs-tools')
-rw-r--r-- | poky/meta/recipes-devtools/squashfs-tools/squashfs-tools/0001-squashfs-tools-patch-for-CVE-2015-4645-6.patch | 47 | ||||
-rw-r--r-- | poky/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb | 1 |
2 files changed, 48 insertions, 0 deletions
diff --git a/poky/meta/recipes-devtools/squashfs-tools/squashfs-tools/0001-squashfs-tools-patch-for-CVE-2015-4645-6.patch b/poky/meta/recipes-devtools/squashfs-tools/squashfs-tools/0001-squashfs-tools-patch-for-CVE-2015-4645-6.patch new file mode 100644 index 000000000..2261ea94b --- /dev/null +++ b/poky/meta/recipes-devtools/squashfs-tools/squashfs-tools/0001-squashfs-tools-patch-for-CVE-2015-4645-6.patch @@ -0,0 +1,47 @@ +From 3c0d67184d6edb63f3b7d6d5eb81531daa6388f3 Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Tue, 28 Aug 2018 16:25:36 +0800 +Subject: [PATCH] squashfs-tools: patch for CVE-2015-4645(6) + +Upstream-Status: Backport[https://github.com/devttys0/sasquatch/pull/ + 5/commits/6777e08cc38bc780d27c69c1d8c272867b74524f] + +CVE: CVE-2015-4645 CVE-2015-4646 + +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + squashfs-tools/unsquash-4.c | 11 ++++++++--- + 1 file changed, 8 insertions(+), 3 deletions(-) + +diff --git a/squashfs-tools/unsquash-4.c b/squashfs-tools/unsquash-4.c +index ecdaac7..692ae25 100644 +--- a/squashfs-tools/unsquash-4.c ++++ b/squashfs-tools/unsquash-4.c +@@ -31,9 +31,9 @@ static unsigned int *id_table; + int read_fragment_table_4(long long *directory_table_end) + { + int res, i; +- int bytes = SQUASHFS_FRAGMENT_BYTES(sBlk.s.fragments); +- int indexes = SQUASHFS_FRAGMENT_INDEXES(sBlk.s.fragments); +- long long fragment_table_index[indexes]; ++ size_t bytes = SQUASHFS_FRAGMENT_BYTES(sBlk.s.fragments); ++ size_t indexes = SQUASHFS_FRAGMENT_INDEXES(sBlk.s.fragments); ++ long long *fragment_table_index; + + TRACE("read_fragment_table: %d fragments, reading %d fragment indexes " + "from 0x%llx\n", sBlk.s.fragments, indexes, +@@ -43,6 +43,11 @@ int read_fragment_table_4(long long *directory_table_end) + *directory_table_end = sBlk.s.fragment_table_start; + return TRUE; + } ++ ++ fragment_table_index = malloc(indexes*sizeof(long long)); ++ if(fragment_table_index == NULL) ++ EXIT_UNSQUASH("read_fragment_table: failed to allocate " ++ "fragment table index\n"); + + fragment_table = malloc(bytes); + if(fragment_table == NULL) +-- +2.7.4 + diff --git a/poky/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb b/poky/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb index a8baca51e..1eb0154fd 100644 --- a/poky/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb +++ b/poky/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb @@ -15,6 +15,7 @@ SRC_URI = "git://github.com/plougher/squashfs-tools.git;protocol=https \ file://0001-mksquashfs.c-get-inline-functions-work-with-C99.patch;striplevel=2 \ file://squashfs-tools-4.3-sysmacros.patch;striplevel=2 \ file://fix-compat.patch \ + file://0001-squashfs-tools-patch-for-CVE-2015-4645-6.patch;striplevel=2 \ " UPSTREAM_CHECK_COMMITS = "1" SRC_URI[lzma.md5sum] = "29d5ffd03a5a3e51aef6a74e9eafb759" |