code.ossystems Code Review - openembedded-core.git/commit

author	Andre McCurdy <armccurdy@gmail.com>
	Fri, 25 May 2018 00:14:19 +0000 (17:14 -0700)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Mon, 2 Jul 2018 09:40:38 +0000 (10:40 +0100)
commit	5f9d19c53c7704bb8d14f3f7dc36fe54fa501e67
tree	de9115e9365a69538736ab95fd796ca3af15e8c5	tree \| snapshot
parent	a716b58a098233ceb9c2403dda428e2b0eded9a9	commit \| diff

cpio: fix CVE-2016-2037

"The cpio_safer_name_suffix function in util.c in cpio 2.11 allows
remote attackers to cause a denial of service (out-of-bounds write)
via a crafted cpio file."

  https://nvd.nist.gov/vuln/detail/CVE-2016-2037

Note that there appear to be two versions of this fix. The original
patch posted to the bug-cpio mailing list [1] is used by Debian [2],
but apparently causes regression [3]. The patch accepted to the
upstream git repo [4] seems to be the most complete fix.

  [1] https://lists.gnu.org/archive/html/bug-cpio/2016-01/msg00005.html
  [2] https://security-tracker.debian.org/tracker/CVE-2016-2037
  [3] https://www.mail-archive.com/bug-cpio@gnu.org/msg00584.html
  [4] http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=d36ec5f4e93130efb24fb9678aafd88e8070095b

(From OE-Core rev: f170288ac706126e69a504a14d564b2e5c3513e4)

Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 31a87d4d1dc80c6054c15a6f7dbc83b4d79bf0b2)
Signed-off-by: Armin Kuster <akuster808@gmail.com>

meta/recipes-extended/cpio/cpio-2.12/0001-CVE-2016-2037-1-byte-out-of-bounds-write.patch	[new file with mode: 0644]	blob
meta/recipes-extended/cpio/cpio_2.12.bb		diff \| blob \| history