1 files changed, 0 insertions, 55 deletions
diff --git a/meta-oe/recipes-extended/collectd/collectd/CVE-2016-6254.patch b/meta-oe/recipes-extended/collectd/collectd/CVE-2016-6254.patch
deleted file mode 100644
index bc85b4c0e..000000000
--- a/meta-oe/recipes-extended/collectd/collectd/CVE-2016-6254.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-From dd8483a4beb6f61521d8b32c726523bbea21cd92 Mon Sep 17 00:00:00 2001
-From: Florian Forster <octo@collectd.org>
-Date: Tue, 19 Jul 2016 10:00:37 +0200
-Subject: [PATCH] network plugin: Fix heap overflow in parse_packet().
-Emilien Gaspar has identified a heap overflow in parse_packet(), the
-function used by the network plugin to parse incoming network packets.
-This is a vulnerability in collectd, though the scope is not clear at
-this point. At the very least specially crafted network packets can be
-used to crash the daemon. We can't rule out a potential remote code
-execution though.
-Fixes: CVE-2016-6254
-cherry picked from upstream commit b589096f
-Upstream Status: Backport
-Signed-off-by: Alexandru Moise <alexandru.moise@windriver.com>
---
- src/network.c | 3 +++
- 1 file changed, 3 insertions(+)
-diff --git a/src/network.c b/src/network.c
-index 551bd5c..cb979b2 100644
--- a/src/network.c
-+++ b/src/network.c
-@@ -1444,6 +1444,7 @@ static int parse_packet (sockent_t *se, /* {{{ */
-                                printed_ignore_warning = 1;
-                        }
-                        buffer = ((char *) buffer) + pkg_length;
-+                       buffer_size -= (size_t) pkg_length;
-                        continue;
-                }
- #endif /* HAVE_LIBGCRYPT */
-@@ -1471,6 +1472,7 @@ static int parse_packet (sockent_t *se, /* {{{ */
-                                printed_ignore_warning = 1;
-                        }
-                        buffer = ((char *) buffer) + pkg_length;
-+                       buffer_size -= (size_t) pkg_length;
-                        continue;
-                }
- #endif /* HAVE_LIBGCRYPT */
-@@ -1612,6 +1614,7 @@ static int parse_packet (sockent_t *se, /* {{{ */
-                        DEBUG ("network plugin: parse_packet: Unknown part"
-                                        " type: 0x%04hx", pkg_type);
-                        buffer = ((char *) buffer) + pkg_length;
-+                       buffer_size -= (size_t) pkg_length;
-                }
-        } /* while (buffer_size > sizeof (part_header_t)) */
- 
-- 
-2.7.4

diff --git a/meta-oe/recipes-extended/collectd/collectd/CVE-2016-6254.patch b/meta-oe/recipes-extended/collectd/collectd/CVE-2016-6254.patch deleted file mode 100644 index bc85b4c0e..000000000 --- a/meta-oe/recipes-extended/collectd/collectd/CVE-2016-6254.patch +++ /dev/null
@@ -1,55 +0,0 @@
1	From dd8483a4beb6f61521d8b32c726523bbea21cd92 Mon Sep 17 00:00:00 2001
2	From: Florian Forster <octo@collectd.org>
3	Date: Tue, 19 Jul 2016 10:00:37 +0200
4	Subject: [PATCH] network plugin: Fix heap overflow in parse_packet().
5
6	Emilien Gaspar has identified a heap overflow in parse_packet(), the
7	function used by the network plugin to parse incoming network packets.
8
9	This is a vulnerability in collectd, though the scope is not clear at
10	this point. At the very least specially crafted network packets can be
11	used to crash the daemon. We can't rule out a potential remote code
12	execution though.
13
14	Fixes: CVE-2016-6254
15
16	cherry picked from upstream commit b589096f
17
18	Upstream Status: Backport
19
20	Signed-off-by: Alexandru Moise <alexandru.moise@windriver.com>
21	---
22	src/network.c \| 3 +++
23	1 file changed, 3 insertions(+)
24
25	diff --git a/src/network.c b/src/network.c
26	index 551bd5c..cb979b2 100644
27	--- a/src/network.c
28	+++ b/src/network.c
29	@@ -1444,6 +1444,7 @@ static int parse_packet (sockent_t se, / {{{ */
30	printed_ignore_warning = 1;
31	}
32	buffer = ((char *) buffer) + pkg_length;
33	+ buffer_size -= (size_t) pkg_length;
34	continue;
35	}
36	#endif /* HAVE_LIBGCRYPT */
37	@@ -1471,6 +1472,7 @@ static int parse_packet (sockent_t se, / {{{ */
38	printed_ignore_warning = 1;
39	}
40	buffer = ((char *) buffer) + pkg_length;
41	+ buffer_size -= (size_t) pkg_length;
42	continue;
43	}
44	#endif /* HAVE_LIBGCRYPT */
45	@@ -1612,6 +1614,7 @@ static int parse_packet (sockent_t se, / {{{ */
46	DEBUG ("network plugin: parse_packet: Unknown part"
47	" type: 0x%04hx", pkg_type);
48	buffer = ((char *) buffer) + pkg_length;
49	+ buffer_size -= (size_t) pkg_length;
50	}
51	} /* while (buffer_size > sizeof (part_header_t)) */
52
53	--
54	2.7.4
55