diff options
| author |   Armin Kuster <akuster@mvista.com> | 2016-02-10 15:46:01 -0800 |
|---|---|---|
| committer |   Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-02-21 09:37:22 +0000 |
| commit | 093d76f3f4a385aae46304bd572ce1545c6bcf33 (patch) | |
| tree | 98391c37406ab7ba2497b89b531d68ea651352bc /meta/recipes-core | |
| parent | 4fe0654253d7444f2c445a30b06623cef036b2bb (diff) | |
| download | openembedded-core-contrib-093d76f3f4a385aae46304bd572ce1545c6bcf33.tar.gz | |
uclibc: Security fix CVE-2016-2225
CVE-2016-2225 Make sure to always terminate decoded string
This change is being provide to comply to Yocto compatiblility.
Signed-off-by: Armin Kuster <akuster@mvista.com>
Diffstat (limited to 'meta/recipes-core')
| -rw-r--r-- | meta/recipes-core/uclibc/uclibc-git.inc | 1 | ||||
| -rw-r--r-- | meta/recipes-core/uclibc/uclibc-git/CVE-2016-2225.patch | 32 |
2 files changed, 33 insertions, 0 deletions
diff --git a/meta/recipes-core/uclibc/uclibc-git.inc b/meta/recipes-core/uclibc/uclibc-git.inc index d3fb2a8a8e..b7184794d1 100644 --- a/meta/recipes-core/uclibc/uclibc-git.inc +++ b/meta/recipes-core/uclibc/uclibc-git.inc @@ -20,5 +20,6 @@ SRC_URI = "git://uclibc.org/uClibc.git;branch=master \ file://0001-fcntl-Add-AT_EMPTY_PATH-for-all-and-O_PATH-for-arm.patch \ file://0001-wire-in-syncfs.patch \ file://CVE-2016-2224.patch \ + file://CVE-2016-2225.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-core/uclibc/uclibc-git/CVE-2016-2225.patch b/meta/recipes-core/uclibc/uclibc-git/CVE-2016-2225.patch new file mode 100644 index 0000000000..0217e4bf55 --- /dev/null +++ b/meta/recipes-core/uclibc/uclibc-git/CVE-2016-2225.patch @@ -0,0 +1,32 @@ +From bb01edff0377f2585ce304ecbadcb7b6cde372ac Mon Sep 17 00:00:00 2001 +From: Waldemar Brodkorb <wbx@openadk.org> +Date: Mon, 25 Jan 2016 21:11:34 +0100 +Subject: [PATCH] Make sure to always terminate decoded string + +Write a terminating '\0' to dest when the first byte of the encoded data +is 0. This corner case was previously missed. + +Signed-off-by: Daniel Fahlgren <daniel@fahlgren.se> +Signed-off-by: Waldemar Brodkorb <wbx@uclibc-ng.org> + +Upstream-Status: Backport +http://repo.or.cz/uclibc-ng.git/commit/bb01edff0377f2585ce304ecbadcb7b6cde372ac +CVE: CVE-2016-2225 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + libc/inet/resolv.c | 1 + + 1 file changed, 1 insertion(+) + +Index: git/libc/inet/resolv.c +=================================================================== +--- git.orig/libc/inet/resolv.c ++++ git/libc/inet/resolv.c +@@ -671,6 +671,7 @@ int __decode_dotted(const unsigned char + if (!packet) + return -1; + ++ dest[0] = '\0'; + while (--maxiter) { + if (offset >= packet_len) + return -1; |