freetype/libarchive/gnutls: Drop CVE patches

The CVEs have been fixed in upstream poky/rocko. Signed-off-by: Martin Borg <martin.borg@enea.com>
author: Martin Borg <martin.borg@enea.com> 2018-03-01 10:39:47 +0100
committer: Martin Borg <martin.borg@enea.com> 2018-03-01 10:42:05 +0100
commit: b6d4cd74cebeded8a49c06c6d7a52c32769f3ed8 (patch)
tree: a956a4fb98f38e062dcfda04e9aef05f1451bf5c /recipes-support
parent: 2c0b43b3032f9a55edd395ae37f45fffce44fa9d (diff)
download: meta-nfv-access-common-b6d4cd74cebeded8a49c06c6d7a52c32769f3ed8.tar.gz
2 files changed, 0 insertions, 64 deletions
diff --git a/recipes-support/gnutls/gnutls/CVE-2017-7868.patch b/recipes-support/gnutls/gnutls/CVE-2017-7868.patch
deleted file mode 100644
index dca7861..0000000
--- a/recipes-support/gnutls/gnutls/CVE-2017-7868.patch
+++ /dev/null
@@ -1,59 +0,0 @@
-From 51464af713d71802e3c6d5ac15f1a95132a354fe Mon Sep 17 00:00:00 2001
-From: Nikos Mavrogiannopoulos <nmav@redhat.com>
-Date: Mon, 20 Feb 2017 11:13:08 +0100
-Subject: [PATCH] cdk_pkt_read: enforce packet limits
-That ensures that there are no overflows in the subsequent
-calculations.
-Resolves the oss-fuzz found bug:
-https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=420
-Relates: #159
-CVE: CVE-2017-7869
-Upstream-Status: Backport
-Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
---
- lib/opencdk/read-packet.c |  9 +++++++++
- 1 file changed, 9 insertions(+)
-diff --git a/lib/opencdk/read-packet.c b/lib/opencdk/read-packet.c
-index 8055a63..ead6480 100644
--- a/lib/opencdk/read-packet.c
-+++ b/lib/opencdk/read-packet.c
-@@ -950,6 +950,7 @@ static cdk_error_t skip_packet(cdk_stream_t inp, size_t pktlen)
-        return 0;
- }
- 
-+#define MAX_PACKET_LEN (1<<24)
- 
- /**
-  * cdk_pkt_read:
-@@ -1002,6 +1003,13 @@ cdk_error_t cdk_pkt_read(cdk_stream_t inp, cdk_packet_t pkt)
-        else
-                read_old_length(inp, ctb, &pktlen, &pktsize);
- 
-+       /* enforce limits to ensure that the following calculations
-+        * do not overflow */
-+       if (pktlen >= MAX_PACKET_LEN || pktsize >= MAX_PACKET_LEN) {
-+               _cdk_log_info("cdk_pkt_read: too long packet\n");
-+               return gnutls_assert_val(CDK_Inv_Packet);
-+       }
-+
-        pkt->pkttype = pkttype;
-        pkt->pktlen = pktlen;
-        pkt->pktsize = pktsize + pktlen;
-@@ -1026,6 +1034,7 @@ cdk_error_t cdk_pkt_read(cdk_stream_t inp, cdk_packet_t pkt)
-                break;
- 
-        case CDK_PKT_USER_ID:
-+
-                pkt->pkt.user_id = cdk_calloc(1, sizeof *pkt->pkt.user_id
-                                              + pkt->pktlen + 1);
-                if (!pkt->pkt.user_id)
--
-libgit2 0.26.0
diff --git a/recipes-support/gnutls/gnutls_%.bbappend b/recipes-support/gnutls/gnutls_%.bbappend
deleted file mode 100644
index d2d927c..0000000
--- a/recipes-support/gnutls/gnutls_%.bbappend
+++ /dev/null
@@ -1,5 +0,0 @@
-# look for files in the layer first
-FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
-SRC_URI += "file://CVE-2017-7868.patch \
-           "
author	Martin Borg <martin.borg@enea.com>	2018-03-01 10:39:47 +0100
committer	Martin Borg <martin.borg@enea.com>	2018-03-01 10:42:05 +0100
commit	b6d4cd74cebeded8a49c06c6d7a52c32769f3ed8 (patch)
tree	a956a4fb98f38e062dcfda04e9aef05f1451bf5c /recipes-support
parent	2c0b43b3032f9a55edd395ae37f45fffce44fa9d (diff)
download	meta-nfv-access-common-b6d4cd74cebeded8a49c06c6d7a52c32769f3ed8.tar.gz

diff --git a/recipes-support/gnutls/gnutls/CVE-2017-7868.patch b/recipes-support/gnutls/gnutls/CVE-2017-7868.patch deleted file mode 100644 index dca7861..0000000 --- a/recipes-support/gnutls/gnutls/CVE-2017-7868.patch +++ /dev/null
@@ -1,59 +0,0 @@
1	From 51464af713d71802e3c6d5ac15f1a95132a354fe Mon Sep 17 00:00:00 2001
2	From: Nikos Mavrogiannopoulos <nmav@redhat.com>
3	Date: Mon, 20 Feb 2017 11:13:08 +0100
4	Subject: [PATCH] cdk_pkt_read: enforce packet limits
5
6	That ensures that there are no overflows in the subsequent
7	calculations.
8
9	Resolves the oss-fuzz found bug:
10	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=420
11
12	Relates: #159
13
14	CVE: CVE-2017-7869
15	Upstream-Status: Backport
16
17	Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
18	Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
19	---
20	lib/opencdk/read-packet.c \| 9 +++++++++
21	1 file changed, 9 insertions(+)
22
23	diff --git a/lib/opencdk/read-packet.c b/lib/opencdk/read-packet.c
24	index 8055a63..ead6480 100644
25	--- a/lib/opencdk/read-packet.c
26	+++ b/lib/opencdk/read-packet.c
27	@@ -950,6 +950,7 @@ static cdk_error_t skip_packet(cdk_stream_t inp, size_t pktlen)
28	return 0;
29	}
30
31	+#define MAX_PACKET_LEN (1<<24)
32
33	/**
34	* cdk_pkt_read:
35	@@ -1002,6 +1003,13 @@ cdk_error_t cdk_pkt_read(cdk_stream_t inp, cdk_packet_t pkt)
36	else
37	read_old_length(inp, ctb, &pktlen, &pktsize);
38
39	+ /* enforce limits to ensure that the following calculations
40	+ * do not overflow */
41	+ if (pktlen >= MAX_PACKET_LEN \|\| pktsize >= MAX_PACKET_LEN) {
42	+ _cdk_log_info("cdk_pkt_read: too long packet\n");
43	+ return gnutls_assert_val(CDK_Inv_Packet);
44	+ }
45	+
46	pkt->pkttype = pkttype;
47	pkt->pktlen = pktlen;
48	pkt->pktsize = pktsize + pktlen;
49	@@ -1026,6 +1034,7 @@ cdk_error_t cdk_pkt_read(cdk_stream_t inp, cdk_packet_t pkt)
50	break;
51
52	case CDK_PKT_USER_ID:
53	+
54	pkt->pkt.user_id = cdk_calloc(1, sizeof *pkt->pkt.user_id
55	+ pkt->pktlen + 1);
56	if (!pkt->pkt.user_id)
57	--
58	libgit2 0.26.0
59


diff --git a/recipes-support/gnutls/gnutls_%.bbappend b/recipes-support/gnutls/gnutls_%.bbappend deleted file mode 100644 index d2d927c..0000000 --- a/recipes-support/gnutls/gnutls_%.bbappend +++ /dev/null
@@ -1,5 +0,0 @@
1	# look for files in the layer first
2	FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
3
4	SRC_URI += "file://CVE-2017-7868.patch \
5	"