| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
This patch removes the call to update-rc.d in order to fix the console login
issue for the Cavium board.
Signed-off-by: Gabriel Ionescu <gabriel.ionescu@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
| |
Since we have multiple distributions now we need to have
a mirror for each distro name and distro version.
Signed-off-by: Adrian Calianu <adrian.calianu@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When a board boots for the first time, it executes run-postinsts.service and
dpkg-configure.service. Since both services run dpkg --configure, it sometimes
results in locking up the login service.
This patch disables the execution of dpkg --configure from run-postinsts by
removing the deb keyword from the list of scanned packet types.
Signed-off-by: Gabriel Ionescu <gabriel.ionescu@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
| |
This reverts commit eb6fe9f31ec566dd16d1120e4ed6d91e43d77545.
This patch dinn't fix ther fetch issues, the only solution is to
establish our own source mirros.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
| |
to allow some slow downloads to finish, like openjre.
Signed-off-by: Adrian Calianu <adrian.calianu@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Lack of free() here.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-14495
https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Invalid boundary checks here. Integer underflow leading to a huge memcpy.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-14496
https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Can help bypass ASLR.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-14494
https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Stack Based overflow.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-14493
https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Heap based overflow.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-14492
https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Heap based overflow (2 bytes). Before 2.76 and this commit overflow
was unrestricted.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-14491
https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
| |
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
refuse to load units with errors
If a unit has a statement such as User=0day where the username exists but is
strictly speaking invalid, the unit will be started as the root user instead.
Backport a patch from upstream to mitigate this by refusing to start units such
as this.
(From OE-Core rev: a6eaef0f179a341c0b96bb30aaec2d80862a11d6)
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000082
Backport from: http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?h=pyro&id=b7e7b5e294f944c27fb1d2be61c0cf38f6c81ba8
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes
a NULL pointer dereference and crash when reading crafted input that
triggers assignment of a NULL value within an asn1_node structure. It
may lead to a remote denial of service attack.
References:
https://nvd.nist.gov/vuln/detail/CVE-2017-10790
http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit;
h=d8d805e1f2e6799bb2dff4871a8598dc83088a39
(From OE-Core rev: 6176151625c971de031e14c97601ffd75a29772f)
(From OE-Core rev: 649f78102222ec156d490968c13d3222379a1956)
Patch from: http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?h=
pyro&id=cb4fd41504826905455a34d3cb85e952f4ed4991
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
| |
--write-out out of buffer read
Reference:
https://curl.haxx.se/docs/adv_20170403.html
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
| |
URL globbing out of bounds read
Reference:
https://curl.haxx.se/docs/adv_20170809A.html
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
| |
TFTP sends more than buffer size
Reference:
https://curl.haxx.se/docs/adv_20170809B.html
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Incorrect error handling causes assertion failure when using DNS64
with "break-dnssec yes;"
Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-3136
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
| |
Assertion failure when using DNS64 and RPZ Can Lead to Crash
Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=1420193
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Out-of-bounds read in htmlParseTryOrFinish
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8872
Backported from:
http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?h=pyro&id=d2b60efe20f4d9dce03f8f351715b103a85b7338
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
URL file scheme drive letter buffer overflow
References:
https://curl.haxx.se/docs/adv_20170614.html
https://curl.haxx.se/CVE-2017-9502.patch
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
TLS session resumption client cert bypass (again)
References:
https://curl.haxx.se/docs/adv_20170419.html
https://curl.haxx.se/CVE-2017-7468.patch
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Out-of-bounds write in systemd-resolved due to allocating too
small buffer in dns_packet_new
References:
https://bugzilla.redhat.com/attachment.cgi?id=1290017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9445
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
| |
Fixes integer overflow in in handling virtio-crypto requests
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5931
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes assertion failure while handling an unusually-formed DS record response
Reference:
https://kb.isc.org/article/AA-01441
Upstream patch (CVE-2016-9444.patch):
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commit;h=04c7ee66b1eda851737cc7582a2a88193a0b4118
This patch (0001-fix-back-port-issue.patch) is needed to fix undefined reference to `DO_ERROR' in CVE-2016-9444.patch:
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch;h=6bed6ea11b1880e0a078bd02c1d31d21f0540583
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fixes memory leak in sunrpc when decoding malformed XDR
References:
https://security-tracker.debian.org/tracker/CVE-2017-8804
Upstream patch:
https://sourceware.org/ml/libc-alpha/2017-05/msg00105.html
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The DNS stub resolver in the glibc or libc6 before version 2.26,
when EDNS support is enabled, will solicit large UDP responses
from name servers, potentially simplifying off-path DNS
spoofing attacks due to IP fragmentation.
Reference:
https://security-tracker.debian.org/tracker/CVE-2017-12132
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
glibc contains a vulnerability that allows specially crafted
LD_LIBRARY_PATH values to manipulate the heap/stack, causing
them to alias, potentially resulting in arbitrary code execution.
Reference:
https://security-tracker.debian.org/tracker/CVE-2017-1000366
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
A remote code execution vulnerability in libxml2 could enable an attacker
using a specially crafted file to execute arbitrary code within the context
of an unprivileged process. This issue is rated as High due to the
possibility of remote code execution in an application that uses this library.
Reference:
https://security-tracker.debian.org/tracker/CVE-2017-0663
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
FreeType 2 before 2017-03-24 has an out-of-bounds write caused by a heap-based
buffer overflow related to the t1_decoder_parse_charstrings function in
psaux/t1decode.c.
References:
==========
https://security-tracker.debian.org/tracker/CVE-2017-8105
Upstream patch:
https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Integer overflow in shadow 4.2.1 allows local users to gain privileges via
crafted input to newuidmap.
References:
==========
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6252
Upstream fix:
https://github.com/shadow-maint/shadow/commit/1d5a926cc2d6078d23a96222b1ef3e558724dad1
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2016-10349:
The archive_le32dec function in archive_endian.h in libarchive 3.2.2 allows
remote attackers to cause a denial of service (heap-based buffer over-read
and application crash) via a crafted file.
Fixed by: https://github.com/libarchive/libarchive/commit/88eb9e1d73fef46f04677c25b1697b8e25777ed3
CVE-2016-10350:
The archive_read_format_cab_read_header function in archive_read_support_format
_cab.c in libarchive 3.2.2 allows remote attackers to cause a denial of service
(heap-based buffer over-read and application crash) via a crafted file.
Fixed by: https://github.com/libarchive/libarchive/commit/88eb9e1d73fef46f04677c25b1697b8e25777ed3
References:
==========
https://security-tracker.debian.org/tracker/CVE-2016-10349
https://security-tracker.debian.org/tracker/CVE-2016-10350
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
An error in the lha_read_file_header_1() in libarchive 3.2.2 allows
remote attackers to trigger an out-of-bounds read memory access and
subsequently cause a crash via a specially crafted archive.
References:
==========
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5601
https://secuniaresearch.flexerasoftware.com//secunia_research/2017-3
Upstream patch:
https://github.com/libarchive/libarchive/commit/98dcbbf0bf4854bf987557e55e55fff7abbf3ea9
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Qemu built with the Audio subsystem support is vulnerable to
a host memory leakage issue. It could occur if a guest user
was to repeatedly start and stop audio capture.
A privileged user inside guest could use this flaw to exhaust host memory,
resulting in DoS.
Reference:
==========
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-8309
Upstream patch:
https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg05587.html
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Quick Emulator built with the USB OHCI Emulation support is vulnerable to an
infinite loop issue. It could occur while processing an endpoint list
descriptor in ohci_service_ed_list().
A guest user/process could use this flaw to crash Qemu process resulting in DoS.
References:
==========
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-6505
Upstream patch:
http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=95ed56939eb2eaa4e2f349fe6dcd13ca4edfd8fb
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Qemu built with the VirtFS, host directory sharing via Plan 9 File
System(9pfs) support, is vulnerable to an improper access control issue.
It could occur while accessing files on a shared host directory.
A privileged user inside guest could use this flaw to access host file system
beyond the shared folder and potentially escalating their privileges on a host.
References:
==========
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7471
Upstream patch:
http://git.qemu-project.org/?p=qemu.git;a=commitdiff;h=96bae145e27d4df62671b4eebd6c735f412016cf
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
QEMU built with the Cirrus CLGD 54xx VGA Emulator support
is vulnerable to an out-of-bounds access issue. The issue
could occur while copying VGA data in cirrus_bitblt_cputovideo.
References:
==========
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2620
Upstream patch:
https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04700.html
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
References:
CVE-2017-9049: Heap-based buffer over-read in function xmlDictComputeFastKey
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9049
CVE-2017-9050: Heap-based buffer over-read in function xmlDictAddString
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9050
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
References:
CVE-2017-9047: Buffer overflow in function xmlSnprintfElementContent
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047
CVE-2017-9048: Stack-based buffer overflow in function
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9048
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fixes a NULL pointer dereference in libxml2, when using
xmllint --recover. A maliciously crafted file, when parsed
in recovery mode, could cause the application to crash.
Reference
https://bugzilla.gnome.org/show_bug.cgi?id=778519
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes a vulnerability in libxslt where the EXSLT math.random
function was not initialized with a random seed during startup,
which could cause usage of this function to produce predictable outputs.
References:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-9019
Upstream patch:
https://bug758400.bugzilla-attachments.gnome.org/attachment.cgi?id=349240&action=diff&collapsed=&context=patch&format=raw&headers=1
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer
overflow and heap-based buffer overflow related to the cdk_pkt_read
function in opencdk/read-packet.c. This issue (which is a
subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10.
This issue affects only applications which utilize the OpenPGP certificate
functionality of GnuTLS.
References:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7869
Upstream patch:
https://gitlab.com/gnutls/gnutls/commit/51464af713d71802e3c6d5ac15f1a95132a354fe
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
| |
Signed-off-by: Adrian Calianu <adrian.calianu@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
| |
Added new recipe for the bitcalc tool. Removed list2mask recipe and updated
the partrt and the count-ticks recipes.
Signed-off-by: Dragos Motrea <Dragos.Motrea@enea.com>
Signed-off-by: Adrian Calianu <adrian.calianu@enea.com>
|
| |
|
|
|
|
|
| |
We won't upstream this and we won't maintain it anymore, so drop it.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
from recipe
rpm-build and rpm-common packages does not exist anymore after
the replacement of the smart package manager with the DNF, so the
nativesdk-packagegroup-sdk-host recipe should be updated.
Signed-off-by: Dragos Motrea <Dragos.Motrea@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
| |
|
|
|
| |
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
| |
|
|
|
| |
Signed-off-by: Adrian Calianu <adrian.calianu@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
| |
Signed-off-by: Adrian Calianu <adrian.calianu@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
| |
|
|
|
|
|
|
| |
Not all architectures/targets use u-boot, so we shouldn't force mkimage
in every SDK.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
