poky: sumo refresh 36d5cee56b..d240b885f2

Update poky to sumo HEAD. Changqing Li (1): libsndfile1: CVE-2018-13139 Chen Qi (2): runqemu: add SIGTERM handler to make sure things are cleaned up runqemu: fix handling of SIGTERM and the problem of line wrapping Hongxu Jia (1): nasm: fix CVE-2018-10016 Ioan-Adrian Ratiu (1): rootfs: always update the opkg index Jagadeesh Krishnanjanappa (1): runqemu: exit gracefully with an error message if qemu system is not evaluated Joe Slater (1): libtiff: fix CVE-2017-17095 Khem Raj (1): x264: Disable asm on musl/x86 Nicolas Dechesne (1): checklayer: avoid recursive loop in add_layer_dependencies Ola x Nilsson (1): externalsrc.bbclass: Set BB_DONT_CACHE for non-target recipes Richard Purdie (1): recipes: Update git.gnome.org addresses after upstream changes Sinan Kaya (3): libxml2: CVE-2018-14404 python3: CVE-2018-1061 git: CVE-2018-11233 Change-Id: Ic2daa2803af197180e605346f59bab03f8264e19 Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
author: Brad Bishop <bradleyb@fuzziesquirrel.com> 2018-10-03 00:54:45 +0300
committer: Brad Bishop <bradleyb@fuzziesquirrel.com> 2018-10-18 16:09:35 +0300
commit: 004d49958a83b2ab92301b67134d6910313d94d8 (patch)
tree: 3ac325f55a24dad4ea8569be395fdb6b4a8248c8 /poky/meta/recipes-core
parent: 6ad4e5bc647bd823fd10fca9022b7129df2fa369 (diff)
download: openbmc-004d49958a83b2ab92301b67134d6910313d94d8.tar.xz
3 files changed, 60 insertions, 1 deletions
diff --git a/poky/meta/recipes-core/glib-networking/glib-networking_2.54.1.bb b/poky/meta/recipes-core/glib-networking/glib-networking_2.54.1.bb
index 2a6f8af2b4..5d17a824f0 100644
--- a/poky/meta/recipes-core/glib-networking/glib-networking_2.54.1.bb
+++ b/poky/meta/recipes-core/glib-networking/glib-networking_2.54.1.bb
@@ -1,6 +1,6 @@
 SUMMARY = "GLib networking extensions"
 DESCRIPTION = "glib-networking contains the implementations of certain GLib networking features that cannot be implemented directly in GLib itself because of their dependencies."
-HOMEPAGE = "http://git.gnome.org/browse/glib-networking/"
+HOMEPAGE = "https://gitlab.gnome.org/GNOME/glib-networking/"
 BUGTRACKER = "http://bugzilla.gnome.org"
 
 LICENSE = "LGPLv2"
diff --git a/poky/meta/recipes-core/libxml/libxml2/CVE-2018-14404.patch b/poky/meta/recipes-core/libxml/libxml2/CVE-2018-14404.patch
new file mode 100644
index 0000000000..af3e7b2af9
--- /dev/null
+++ b/poky/meta/recipes-core/libxml/libxml2/CVE-2018-14404.patch
@@ -0,0 +1,58 @@
+From 29115868c92c81a4119b05ea95b3c91608a0b6e8 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Mon, 30 Jul 2018 12:54:38 +0200
+Subject: [PATCH] Fix nullptr deref with XPath logic ops
+
+If the XPath stack is corrupted, for example by a misbehaving extension
+function, the "and" and "or" XPath operators could dereference NULL
+pointers. Check that the XPath stack isn't empty and optimize the
+logic operators slightly.
+
+Closes: https://gitlab.gnome.org/GNOME/libxml2/issues/5
+
+Also see
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817
+https://bugzilla.redhat.com/show_bug.cgi?id=1595985
+
+This is CVE-2018-14404.
+
+Thanks to Guy Inbar for the report.
+
+CVE: CVE-2018-14404
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/commit/a436374994c47b12d5de1b8b1d191a098fa23594]
+Signed-off-by: Sinan Kaya <okaya@kernel.org>
+---
+ xpath.c | 10 ++++------
+ 1 file changed, 4 insertions(+), 6 deletions(-)
+
+diff --git a/xpath.c b/xpath.c
+index 35274731..3fcdc9e1 100644
+--- a/xpath.c
++++ b/xpath.c
+@@ -13337,9 +13337,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
+ 		return(0);
+ 	    }
+             xmlXPathBooleanFunction(ctxt, 1);
+-            arg1 = valuePop(ctxt);
+-            arg1->boolval &= arg2->boolval;
+-            valuePush(ctxt, arg1);
++            if (ctxt->value != NULL)
++                ctxt->value->boolval &= arg2->boolval;
+ 	    xmlXPathReleaseObject(ctxt->context, arg2);
+             return (total);
+         case XPATH_OP_OR:
+@@ -13363,9 +13362,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
+ 		return(0);
+ 	    }
+             xmlXPathBooleanFunction(ctxt, 1);
+-            arg1 = valuePop(ctxt);
+-            arg1->boolval |= arg2->boolval;
+-            valuePush(ctxt, arg1);
++            if (ctxt->value != NULL)
++                ctxt->value->boolval |= arg2->boolval;
+ 	    xmlXPathReleaseObject(ctxt->context, arg2);
+             return (total);
+         case XPATH_OP_EQUAL:
+-- 
+2.19.0
+
diff --git a/poky/meta/recipes-core/libxml/libxml2_2.9.7.bb b/poky/meta/recipes-core/libxml/libxml2_2.9.7.bb
index deb3488a7a..c749a81657 100644
--- a/poky/meta/recipes-core/libxml/libxml2_2.9.7.bb
+++ b/poky/meta/recipes-core/libxml/libxml2_2.9.7.bb
@@ -21,6 +21,7 @@ SRC_URI = "http://www.xmlsoft.org/sources/libxml2-${PV}.tar.gz;name=libtar \
            file://libxml-m4-use-pkgconfig.patch \
            file://0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch \
            file://fix-execution-of-ptests.patch \
+           file://CVE-2018-14404.patch \
            "
 
 SRC_URI[libtar.md5sum] = "896608641a08b465098a40ddf51cefba"
author	Brad Bishop <bradleyb@fuzziesquirrel.com>	2018-10-03 00:54:45 +0300
committer	Brad Bishop <bradleyb@fuzziesquirrel.com>	2018-10-18 16:09:35 +0300
commit	004d49958a83b2ab92301b67134d6910313d94d8 (patch)
tree	3ac325f55a24dad4ea8569be395fdb6b4a8248c8 /poky/meta/recipes-core
parent	6ad4e5bc647bd823fd10fca9022b7129df2fa369 (diff)
download	openbmc-004d49958a83b2ab92301b67134d6910313d94d8.tar.xz