diff options
author | Otavio Salvador <otavio@ossystems.com.br> | 2018-09-16 18:16:23 -0300 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-09-21 08:15:19 -0700 |
commit | 60d99a4e64fdddbbe5863fa5879c813fa004600b (patch) | |
tree | 84e4e2a680a3578fa0d885741ce03080e3344d0b /meta/recipes-extended/libarchive/libarchive/CVE-2017-14503.patch | |
parent | f82738fd14f18fab368b397faac2f70167b16b8a (diff) | |
download | openembedded-core-contrib-60d99a4e64fdddbbe5863fa5879c813fa004600b.tar.gz |
libarchive: Update 3.3.2 -> 3.3.3
This upgrades to 3.3.3 release and drop the backported patches when
doing the recipe update.
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Diffstat (limited to 'meta/recipes-extended/libarchive/libarchive/CVE-2017-14503.patch')
-rw-r--r-- | meta/recipes-extended/libarchive/libarchive/CVE-2017-14503.patch | 33 |
1 files changed, 0 insertions, 33 deletions
diff --git a/meta/recipes-extended/libarchive/libarchive/CVE-2017-14503.patch b/meta/recipes-extended/libarchive/libarchive/CVE-2017-14503.patch deleted file mode 100644 index 779ca854eb..0000000000 --- a/meta/recipes-extended/libarchive/libarchive/CVE-2017-14503.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 2c8c83b9731ff822fad6cc8c670ea5519c366a14 Mon Sep 17 00:00:00 2001 -From: Joerg Sonnenberger <joerg@bec.de> -Date: Thu, 19 Jul 2018 21:14:53 +0200 -Subject: [PATCH] Reject LHA archive entries with negative size. - -CVE: CVE-2017-14503 -Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/2c8c83b9731ff822fad6cc8c670ea5519c366a14] - -Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com> ---- - libarchive/archive_read_support_format_lha.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/libarchive/archive_read_support_format_lha.c b/libarchive/archive_read_support_format_lha.c -index b8ef4ae1..95c99bb1 100644 ---- a/libarchive/archive_read_support_format_lha.c -+++ b/libarchive/archive_read_support_format_lha.c -@@ -701,6 +701,12 @@ archive_read_format_lha_read_header(struct archive_read *a, - * Prepare variables used to read a file content. - */ - lha->entry_bytes_remaining = lha->compsize; -+ if (lha->entry_bytes_remaining < 0) { -+ archive_set_error(&a->archive, -+ ARCHIVE_ERRNO_FILE_FORMAT, -+ "Invalid LHa entry size"); -+ return (ARCHIVE_FATAL); -+ } - lha->entry_offset = 0; - lha->entry_crc_calculated = 0; - --- -2.13.3 - |