diff options
| author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-08-26 08:33:31 +0300 |
|---|---|---|
| committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-08-26 08:33:45 +0300 |
| commit | c68388fccb8c0b5bf4d6b8efff91203796be98b2 (patch) | |
| tree | f2b3d0381b84be54f0fc03f24daf603d2a6cb95a /poky/meta/recipes-devtools/binutils | |
| parent | 665fd026517259031fd55bcfb2a9dab0d9f3582a (diff) | |
| download | openbmc-c68388fccb8c0b5bf4d6b8efff91203796be98b2.tar.xz | |
poky: subtree update:20946c63c2..c17113f1e2
Adrian Bunk (3):
shadow: musl now supports secure_getenv
kmod: Replace dolt hacks with backport of upstream dolt removal
btrfs-tools: Add a PACKAGECONFIG for zstd
Alexander Kanavin (12):
linux-yocto: add drm-bochs support
mesa: fix upstream version check
conf/conf-notes.txt: add a mention of common tools
conf/conf-notes.txt: add a mention of common tools
gtk-doc: upgrade 1.30 -> 1.31
desktop-file-utils: upgrade 0.23 -> 0.24
libdazzle: upgrade 3.32.2 -> 3.32.3
rt-tests: exclude another development version
vala: upgrade 0.44.5 -> 0.44.7
epiphany: upgrade 3.32.3 -> 3.32.4
libmodulemd: depend on target python at build time
createrepo-c: upgrade 0.14.3 -> 0.15.0
Alistair Francis (3):
qemu: Upgrade to version 4.1
scripts/runqemu: Add support for the BIOS variable
qemuriscv64: Specify the firmware as a bios instead of kernel
Anuj Mittal (2):
binutils: fix CVE-2019-14250 CVE-2019-14444
patch: backport fixes
Bruce Ashfield (6):
kernel-devsrc: tweak for v5.3+
kern-tools: Add SPDX license headers to source files
linux-yocto: arch/x86/boot: use prefix map to avoid embedded paths
kernel-yocto: import security fragments from meta-security
kconf_check: tweak CONFIG_ regex
linux-yocto/4.19: make drm-bochs feature available
Changqing Li (2):
dbus: disable test-bus
qemumips/qemumips64: move QB_SYSTEM_NAME to corresponding conf
Chen Qi (1):
target-sdk-provides-dummy: extend packages for multilib case
He Zhe (2):
ltp: Fix tgkill03 failure
ltp: Fix ustat02 failure
Hongxu Jia (3):
nfs-utils: decrease RLIMIT_NOFILE to 4k for systemd
distcc: upgrade 3.3.2 -> 3.3.3
ncurses: upgrade 6.1+20181013 -> 6.1+20190803
Jaewon Lee (1):
devtool: build: Also run deploy for devtool build if applicable
Jason Wessel (2):
cross-localedef-native: Add hardlink resolver from util-linux
libc-package.bbclass: Split locale hard link processing into two parts
Jon Mason (1):
resulttool: Prevent multiple results for the same test
Kai Kang (1):
webkitgtk: disable gold on mipsn32
Kevin Hao (1):
psplash: Avoid mount the psplash tmpfs twice
Khem Raj (10):
musl: Update to latest tip
systemd: Drop musl __secure_getenv patch
mesa: Add packageconfigs for vc4 and v3d
util-linux: Make pam specific logic apply to target recipe alone
systemd.bbclass: Limit rm_sysvinit_initddir and rm_systemd_unitdir to target alone
systemd: Refresh patch after removal of __secure_getenv patch
gcc-9: Upgrade to 9.2
gcc: Search in OE specific target gcclibdir
opensbi: Disable SECURITY_CFLAGS since it cant link with libssp
libffi: Upgrade to 3.3-rc0
Lei Maohui (2):
nativesdk-qemu: support aarch64_be.
at: fix a spelling mistake.
Mikko Rapeli (1):
stress-ng: provide stress
Mingli Yu (1):
python3: fix the test_locale output format
Oleksandr Kravchuk (8):
ffmpeg: update to 4.2
python-setuptools: update to 41.1.0
python3-scons: update to 3.1.1
ofono: update to 1.30
bitbake.conf: fix XORG_MIRROR URL
cups: update to 2.2.12
git: update to 2.23.0
python-setuptools: update to 41.2.0
Otavio Salvador (2):
linux-firmware: Upgrade 20190618 -> 20190815
kmscube: Bump revision to f632b23
Philippe Normand (1):
libtasn1: Enable nativesdk support
Ricardo Ribalda Delgado (1):
packagegroup-core-base-utils: Make it machine specific
Richard Purdie (7):
yocto-check-layer: Ensure we use OEBasicHash as the signature handler
package: Fix race between do_package and do_packagedata
bitbake: cookerdata: Delay the setup of the siggen slightly to allow metadata defined siggens
bitbake: runqueue: Small but critical fix
bitbake: runqueue: Optimise holdoff task handling
bitbake: runqueue: Further optimise holdoff tasks
bitbake: runqueue: Optimise build_taskdepdata slightly
Ross Burton (2):
systemd: add PACKAGECONFIG for gnu-efi
pango: upgrade to 1.44.5
Trevor Gamblin (2):
quilt: Export QUILT_PC variable in ptest Makefile
quilt: added less to RDEPENDS list
Wes Lindauer (5):
iw: Fix license field to BSD-2-Clause
openssh: Update LICENSE field with missing values
shadow: Fix BSD license file checksum
sudo: Fix BSD license file checksum
libunwind: Fix MIT license file checksum
Yuan Chao (1):
libnss-nis: upgrade 3.0 -> 3.1
Zang Ruochen (3):
acpid: upgrade 2.0.31 -> 2.0.32
lz4:upgrade 1.9.1 -> 1.9.2
python3-pip:upgrade 19.2.1 -> 19.2.2
Change-Id: I2068692bfdbbf18f892761a12f85e913b8212f3f
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'poky/meta/recipes-devtools/binutils')
3 files changed, 63 insertions, 0 deletions
diff --git a/poky/meta/recipes-devtools/binutils/binutils-2.32.inc b/poky/meta/recipes-devtools/binutils/binutils-2.32.inc index 31c24a37f5..d3c52936d1 100644 --- a/poky/meta/recipes-devtools/binutils/binutils-2.32.inc +++ b/poky/meta/recipes-devtools/binutils/binutils-2.32.inc @@ -50,6 +50,8 @@ SRC_URI = "\ file://CVE-2019-9077.patch \ file://CVE-2019-9071.patch \ file://CVE-2019-12972.patch \ + file://CVE-2019-14250.patch \ + file://CVE-2019-14444.patch \ " S = "${WORKDIR}/git" diff --git a/poky/meta/recipes-devtools/binutils/binutils/CVE-2019-14250.patch b/poky/meta/recipes-devtools/binutils/binutils/CVE-2019-14250.patch new file mode 100644 index 0000000000..c915a832b0 --- /dev/null +++ b/poky/meta/recipes-devtools/binutils/binutils/CVE-2019-14250.patch @@ -0,0 +1,33 @@ +From df78be05daf4eb07f60f50ec1080cb979af32ec0 Mon Sep 17 00:00:00 2001 +From: marxin <marxin@138bc75d-0d04-0410-961f-82ee72b054a4> +Date: Tue, 23 Jul 2019 07:33:32 +0000 +Subject: [PATCH] libiberty: Check zero value shstrndx in simple-object-elf.c + +git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@273718 138bc75d-0d04-0410-961f-82ee72b054a4 + +CVE: CVE-2019-14250 +Upstream-Status: Backport [from gcc: https://gcc.gnu.org/viewcvs/gcc?view=revision&revision=273718] +[Removed Changelog entry] +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- +diff --git a/libiberty/simple-object-elf.c b/libiberty/simple-object-elf.c +index 502388991a08..bdee963634d6 100644 +--- a/libiberty/simple-object-elf.c ++++ b/libiberty/simple-object-elf.c +@@ -548,7 +548,15 @@ simple_object_elf_match (unsigned char header[SIMPLE_OBJECT_MATCH_HEADER_LEN], + XDELETE (eor); + return NULL; + } +- ++ ++ if (eor->shstrndx == 0) ++ { ++ *errmsg = "invalid ELF shstrndx == 0"; ++ *err = 0; ++ XDELETE (eor); ++ return NULL; ++ } ++ + return (void *) eor; + } + diff --git a/poky/meta/recipes-devtools/binutils/binutils/CVE-2019-14444.patch b/poky/meta/recipes-devtools/binutils/binutils/CVE-2019-14444.patch new file mode 100644 index 0000000000..85b9a9f916 --- /dev/null +++ b/poky/meta/recipes-devtools/binutils/binutils/CVE-2019-14444.patch @@ -0,0 +1,28 @@ +From e17869db99195849826eaaf5d2d0eb2cfdd7a2a7 Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Mon, 5 Aug 2019 10:40:35 +0100 +Subject: [PATCH] Catch potential integer overflow in readelf when processing + corrupt binaries. + + PR 24829 + * readelf.c (apply_relocations): Catch potential integer overflow + whilst checking reloc location against section size. + +CVE: CVE-2019-14444 +Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e17869db99195849826eaaf5d2d0eb2cfdd7a2a7] +[Removed Changelog entry] +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- +diff --git a/binutils/readelf.c b/binutils/readelf.c +index b896ad9f406..e785fde43e7 100644 +--- a/binutils/readelf.c ++++ b/binutils/readelf.c +@@ -13366,7 +13366,7 @@ apply_relocations (Filedata * filedata, + } + + rloc = start + rp->r_offset; +- if ((rloc + reloc_size) > end || (rloc < start)) ++ if (rloc >= end || (rloc + reloc_size) > end || (rloc < start)) + { + warn (_("skipping invalid relocation offset 0x%lx in section %s\n"), + (unsigned long) rp->r_offset, |