From 00e122a7b3a839f5ce8b819cb1bfe92cf3781eda Mon Sep 17 00:00:00 2001 From: Brad Bishop Date: Sat, 5 Oct 2019 11:10:57 -0400 Subject: poky: subtree update:81f9e815d3..03d4d9d68f MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Adrian Bunk (1): json-c: Don't --enable-rdrand Alessio Igor Bogani (2): wic: Using the right rootfs size during prepare_rootfs rootfs-postcommands: Avoid use of an hard-coded value Alexander Kanavin (1): binutils: drop UPSTREAM_VERSION_UNKNOWN Alexandre Bard (1): systemd: Expose resolv-conf alternative only when resolved is built Andre McCurdy (1): ffmpeg: enable more verbose build logs André Draszik (4): ruby: drop long-merged CVE patches ruby: configure mis-detects isnan/isinf on musl ruby: fix non-IPv6 support packagegroup: fix a comment regarding PACKAGE_ARCH Bruce Ashfield (6): linux-yocto/5.2: update to v5.2.13 linux-yocto/4.19: update to v4.19.72 linux-yocto/5.2: update to v5.2.14 linux-yocto/5.2: update to v5.2.16 linux-yocto/5.2: update to v5.2.17 yocto-bsps: update to v5.2.17 Böszörményi Zoltán via Openembedded-core (1): classes/image-live.bbclass: Don't hardcode cpio.gz Changqing Li (2): devtool.py: change to do clean before remove-layer devtool.py: fix buildclean test Chen Qi (1): systemd: fix NFS regression Dan Tran (1): unzip: Fix CVE-2019-13232 David Reyna (2): bitbake: toaster: issues in import layer when clicking 'add layer' bitbake: toaster: improve warnings when adding dependency to packages Diego Rondini (2): initramfs-framework: fix var name initramfs-framework: support PARTLABEL option Douglas Royds (1): icecc: Don't use icecc when INHIBIT_DEFAULT_DEPS is set He Zhe (1): ltp: Fix hang of cve test cases Heiko Schocher (1): kernel.fitimage.bbclass: remove ramdisk_ctype Jacob Kroon (1): bitbake: tests/data: Test combinations of _append together with override Joe Slater (1): bash-completion: add image feature Jonathan Marler (1): package: Multiple shlib_providers for the same file should error Joshua Watt (8): classes/reproducible_build: Move SDE deploy to another directory oeqa: Test multiconfig parsing bitbake: cookerdata: Add mc conffiles hashes to cache hash bitbake: hashserve: Add missing import bitbake: siggen: Fix attribute error when hashserver fails bitbake: hashserv: Don't daemonize server process local.conf.sample: Add Hash Equivalence classes/reproducible_build: Create SDE destination Khem Raj (7): musl: Fix riscv64 CAS functions qemuriscv: Do not blacklist clang anymore sdk: Install nativesdk locales for all TCLIBC variants strace: Upgrade to 5.3 packagegroups: All groups are not allarch musl: Fix __riscv_mc* containers to match glibc core-image-sato-sdk-ptest: Remove valgrind ptests for riscv Konrad Scherer (1): gen-lockedsig-cache: Replace glob lookup with hash to filename lookup Lei Maohui (1): bluez5: update patch to fix do_patch error when PATCHTOOL = "patch". Li Zhou (1): shadow: use relaxed usernames for all Limeng (1): u-boot: add CVE patches for u-boot Nathan Rossi (2): oeqa/core/utils/concurrencytest.py: Handle exceptions and details oeqa/core/case.py: Encode binary data of log Niclas Svensson (1): devtool: finish: Keep patches ordered when updating bbappend Otavio Salvador (1): mesa: Add freedreno PACKAGECONFIG option Peter Kjellerstedt (3): systemd: Make it build with hwdb disabled devtool: finish: Add suppport for the --no-clean option lib/oe/lsb: Make sure the distro ID is always lowercased Randy MacLeod (1): ffmpeg: update from 4.2 to 4.2.1 Richard Purdie (17): Revert "meta-extsdk: Either an sstate task is a proper task or it isn't" sstatesig: Fix hash equivlanency locked signature issues oeqa/selftest/signing: Fix for hash equivlance server lib/sstatesig: Fix class inheritance problems populate_sdk_ext: Fix for hash equiv bitbake: runqueue: Fix task migration problems bitbake: siggen: Ensure setscenetasks list is available to worker context bitbake: runqueue: Change task migration behaviour for rerunning setscene tasks bitbake: siggen/runqueue: Fix signature mismatch issues bitbake: siggen: Avoid writing misleading sigdata files bitbake: runqueue: Save unihashes more frequently bitbake: runqueue: Small performance optimisation bitbake: siggen: Remove full path from unitaskhashes keys bitbake: tests/runqueue: Fix hashserve shutdown race base: Improve module import error message sanity.conf: Bump minimum bitbake version bitbake: bitbake: Bump verison 1.43.1 -> 1.43.2 Robert Yang (6): cases/bbtests.py: test_bitbake_g(): Check base-files rather than busybox expect: Fix configure error for nativesdk net-tools: Fix installed-vs-shipped for nativesdk expect: Fix buffer overflow error when build in long path apr: Check for libtoolize rather than libtool lttng-ust: Fix for --enable-python-agent Ross Burton (12): oeqa/selftest/reproducible: test ipkgs too distcc: clean up the UI install logic distcc: use --enable-tcp-insecure instead of --make-me-a-botnet distcc: split into client and server packages json-c: clean up recipe json-c: use GitHub for upstream release checking bitbake: fetch2/git: refactor check for git-lfs command bitbake: tests/fetch: add test case for git-lfs handling python3: move runpy to core pango: fix the failing testiter test case opkg: remove redundant systemd inherit lttng-ust: update patch Signed-off-by Trevor Gamblin (5): python3-subunit: ensure runtime dependencies are present python3-pip: ensure pickle is installed lighttpd: remove fam as a PACKAGECONFIG option tiff: fix CVE-2019-14973 opkg: remove pathfinder PACKAGECONFIG option Wang Quanyang (1): kexec-tools: fix arm kexec failure for __NR_kexec_file_load Yi Zhao (1): python: add tk-lib as runtime dependency for python-tkinter Change-Id: I0570125d49f7e4bc3bbf70508cbfd7e10bdbc032 Signed-off-by: Brad Bishop --- .../u-boot/files/0004-CVE-2019-13106.patch | 56 ++++++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 poky/meta/recipes-bsp/u-boot/files/0004-CVE-2019-13106.patch (limited to 'poky/meta/recipes-bsp/u-boot/files/0004-CVE-2019-13106.patch') diff --git a/poky/meta/recipes-bsp/u-boot/files/0004-CVE-2019-13106.patch b/poky/meta/recipes-bsp/u-boot/files/0004-CVE-2019-13106.patch new file mode 100644 index 000000000..8e1a1a994 --- /dev/null +++ b/poky/meta/recipes-bsp/u-boot/files/0004-CVE-2019-13106.patch @@ -0,0 +1,56 @@ +From 1307dabf5422372483f840dda3963f9dbd2e8e6f Mon Sep 17 00:00:00 2001 +From: Paul Emge +Date: Mon, 8 Jul 2019 16:37:07 -0700 +Subject: [PATCH 4/9] CVE-2019-13106: ext4: fix out-of-bounds memset + +In ext4fs_read_file in ext4fs.c, a memset can overwrite the bounds of +the destination memory region. This patch adds a check to disallow +this. + +Signed-off-by: Paul Emge + +Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit; + h=e205896c5383c938274262524adceb2775fb03ba] + +CVE: CVE-2019-13106 + +Signed-off-by: Meng Li +--- + fs/ext4/ext4fs.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/fs/ext4/ext4fs.c b/fs/ext4/ext4fs.c +index e2b740cac4..37b31d9f0f 100644 +--- a/fs/ext4/ext4fs.c ++++ b/fs/ext4/ext4fs.c +@@ -61,6 +61,7 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t pos, + lbaint_t delayed_skipfirst = 0; + lbaint_t delayed_next = 0; + char *delayed_buf = NULL; ++ char *start_buf = buf; + short status; + struct ext_block_cache cache; + +@@ -139,6 +140,7 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t pos, + } + } else { + int n; ++ int n_left; + if (previous_block_number != -1) { + /* spill */ + status = ext4fs_devread(delayed_start, +@@ -153,8 +155,9 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t pos, + } + /* Zero no more than `len' bytes. */ + n = blocksize - skipfirst; +- if (n > len) +- n = len; ++ n_left = len - ( buf - start_buf ); ++ if (n > n_left) ++ n = n_left; + memset(buf, 0, n); + } + buf += blocksize - skipfirst; +-- +2.17.1 + -- cgit v1.2.3