code.ossystems Code Review - openembedded-core.git/commit

author	Andre McCurdy <armccurdy@gmail.com>
	Fri, 25 May 2018 00:14:19 +0000 (17:14 -0700)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Fri, 15 Jun 2018 10:09:40 +0000 (11:09 +0100)
commit	f170288ac706126e69a504a14d564b2e5c3513e4
tree	5c6ab11f5e0fd2162b48f396f50010199901ab25	tree \| snapshot
parent	7dad119dd0ee82b14a82b2a0b5a89f790e3bc007	commit \| diff

cpio: fix CVE-2016-2037

"The cpio_safer_name_suffix function in util.c in cpio 2.11 allows
remote attackers to cause a denial of service (out-of-bounds write)
via a crafted cpio file."

  https://nvd.nist.gov/vuln/detail/CVE-2016-2037

Note that there appear to be two versions of this fix. The original
patch posted to the bug-cpio mailing list [1] is used by Debian [2],
but apparently causes regression [3]. The patch accepted to the
upstream git repo [4] seems to be the most complete fix.

  [1] https://lists.gnu.org/archive/html/bug-cpio/2016-01/msg00005.html
  [2] https://security-tracker.debian.org/tracker/CVE-2016-2037
  [3] https://www.mail-archive.com/bug-cpio@gnu.org/msg00584.html
  [4] http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=d36ec5f4e93130efb24fb9678aafd88e8070095b

Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>

meta/recipes-extended/cpio/cpio-2.12/0001-CVE-2016-2037-1-byte-out-of-bounds-write.patch	[new file with mode: 0644]	blob
meta/recipes-extended/cpio/cpio_2.12.bb		diff \| blob \| history