diff options
Diffstat (limited to 'meta-oe/recipes-extended')
-rw-r--r-- | meta-oe/recipes-extended/rsyslog/rsyslog/0001-Out-of-bounds-issue.patch | 31 | ||||
-rw-r--r-- | meta-oe/recipes-extended/rsyslog/rsyslog/0001-pmaixforwardedfrom-bugfix-potential-misadressing.patch | 43 | ||||
-rw-r--r-- | meta-oe/recipes-extended/rsyslog/rsyslog_8.1910.0.bb (renamed from meta-oe/recipes-extended/rsyslog/rsyslog_8.1908.0.bb) | 6 |
3 files changed, 2 insertions, 78 deletions
diff --git a/meta-oe/recipes-extended/rsyslog/rsyslog/0001-Out-of-bounds-issue.patch b/meta-oe/recipes-extended/rsyslog/rsyslog/0001-Out-of-bounds-issue.patch deleted file mode 100644 index b494ca687..000000000 --- a/meta-oe/recipes-extended/rsyslog/rsyslog/0001-Out-of-bounds-issue.patch +++ /dev/null | |||
@@ -1,31 +0,0 @@ | |||
1 | From b0894088b680666035a3418326e13bc99d4fed49 Mon Sep 17 00:00:00 2001 | ||
2 | From: Philippe Duveau <pduveau@users.noreply.github.com> | ||
3 | Date: Tue, 24 Sep 2019 20:45:25 +0200 | ||
4 | Subject: [PATCH] Out of bounds issue | ||
5 | |||
6 | Add a new sanity check after determining the level len. | ||
7 | --- | ||
8 | contrib/pmdb2diag/pmdb2diag.c | 4 ++++ | ||
9 | 1 file changed, 4 insertions(+) | ||
10 | |||
11 | Upstream-Status: Backport [https://github.com/rsyslog/rsyslog/commit/b0894088b6] | ||
12 | CVE: CVE-2019-17040 | ||
13 | Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> | ||
14 | diff --git a/contrib/pmdb2diag/pmdb2diag.c b/contrib/pmdb2diag/pmdb2diag.c | ||
15 | index 2b5916301..5810eb4df 100644 | ||
16 | --- a/contrib/pmdb2diag/pmdb2diag.c | ||
17 | +++ b/contrib/pmdb2diag/pmdb2diag.c | ||
18 | @@ -134,6 +134,10 @@ CODESTARTparse2 | ||
19 | ABORT_FINALIZE(0); | ||
20 | } | ||
21 | |||
22 | + /* let recheck with the real level len */ | ||
23 | + if(pMsg->iLenRawMsg - (int)pMsg->offAfterPRI < pInst->levelpos+lvl_len) | ||
24 | + ABORT_FINALIZE(RS_RET_COULD_NOT_PARSE); | ||
25 | + | ||
26 | DBGPRINTF("db2parse Level %d\n", pMsg->iSeverity); | ||
27 | |||
28 | end = (char*)pMsg->pszRawMsg + pMsg->iLenRawMsg ; | ||
29 | -- | ||
30 | 2.17.1 | ||
31 | |||
diff --git a/meta-oe/recipes-extended/rsyslog/rsyslog/0001-pmaixforwardedfrom-bugfix-potential-misadressing.patch b/meta-oe/recipes-extended/rsyslog/rsyslog/0001-pmaixforwardedfrom-bugfix-potential-misadressing.patch deleted file mode 100644 index 0b32766a5..000000000 --- a/meta-oe/recipes-extended/rsyslog/rsyslog/0001-pmaixforwardedfrom-bugfix-potential-misadressing.patch +++ /dev/null | |||
@@ -1,43 +0,0 @@ | |||
1 | From 10549ba915556c557b22b3dac7e4cb73ad22d3d8 Mon Sep 17 00:00:00 2001 | ||
2 | From: Rainer Gerhards <rgerhards@adiscon.com> | ||
3 | Date: Fri, 27 Sep 2019 13:36:02 +0200 | ||
4 | Subject: [PATCH] pmaixforwardedfrom bugfix: potential misadressing | ||
5 | |||
6 | --- | ||
7 | contrib/pmaixforwardedfrom/pmaixforwardedfrom.c | 9 +++++++++ | ||
8 | 1 file changed, 9 insertions(+) | ||
9 | |||
10 | Upstream-Status: Backport [https://github.com/rsyslog/rsyslog/pull/3884] | ||
11 | CVE: CVE-2019-17041 | ||
12 | Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> | ||
13 | |||
14 | diff --git a/contrib/pmaixforwardedfrom/pmaixforwardedfrom.c b/contrib/pmaixforwardedfrom/pmaixforwardedfrom.c | ||
15 | index 37157c7d4..ebf12ebbe 100644 | ||
16 | --- a/contrib/pmaixforwardedfrom/pmaixforwardedfrom.c | ||
17 | +++ b/contrib/pmaixforwardedfrom/pmaixforwardedfrom.c | ||
18 | @@ -109,6 +109,10 @@ CODESTARTparse | ||
19 | /* bump the message portion up by skipLen(23 or 5) characters to overwrite the "Message forwarded from | ||
20 | " or "From " with the hostname */ | ||
21 | lenMsg -=skipLen; | ||
22 | + if(lenMsg < 2) { | ||
23 | + dbgprintf("not a AIX message forwarded from message has nothing after header\n"); | ||
24 | + ABORT_FINALIZE(RS_RET_COULD_NOT_PARSE); | ||
25 | + } | ||
26 | memmove(p2parse, p2parse + skipLen, lenMsg); | ||
27 | *(p2parse + lenMsg) = '\n'; | ||
28 | *(p2parse + lenMsg + 1) = '\0'; | ||
29 | @@ -120,6 +124,11 @@ really an AIX log, but has a similar preamble */ | ||
30 | --lenMsg; | ||
31 | ++p2parse; | ||
32 | } | ||
33 | + if (lenMsg < 1) { | ||
34 | + dbgprintf("not a AIX message forwarded from message has nothing after colon " | ||
35 | + "or no colon at all\n"); | ||
36 | + ABORT_FINALIZE(RS_RET_COULD_NOT_PARSE); | ||
37 | + } | ||
38 | if (lenMsg && *p2parse != ':') { | ||
39 | DBGPRINTF("not a AIX message forwarded from mangled log but similar enough that the preamble has " | ||
40 | "been removed\n"); | ||
41 | -- | ||
42 | 2.17.1 | ||
43 | |||
diff --git a/meta-oe/recipes-extended/rsyslog/rsyslog_8.1908.0.bb b/meta-oe/recipes-extended/rsyslog/rsyslog_8.1910.0.bb index f9e44421d..f50f9a34b 100644 --- a/meta-oe/recipes-extended/rsyslog/rsyslog_8.1908.0.bb +++ b/meta-oe/recipes-extended/rsyslog/rsyslog_8.1910.0.bb | |||
@@ -23,16 +23,14 @@ SRC_URI = "http://www.rsyslog.com/download/files/download/rsyslog/${BPN}-${PV}.t | |||
23 | file://rsyslog.logrotate \ | 23 | file://rsyslog.logrotate \ |
24 | file://use-pkgconfig-to-check-libgcrypt.patch \ | 24 | file://use-pkgconfig-to-check-libgcrypt.patch \ |
25 | file://run-ptest \ | 25 | file://run-ptest \ |
26 | file://0001-Out-of-bounds-issue.patch \ | ||
27 | file://0001-pmaixforwardedfrom-bugfix-potential-misadressing.patch \ | ||
28 | " | 26 | " |
29 | 27 | ||
30 | SRC_URI_append_libc-musl = " \ | 28 | SRC_URI_append_libc-musl = " \ |
31 | file://0001-Include-sys-time-h.patch \ | 29 | file://0001-Include-sys-time-h.patch \ |
32 | " | 30 | " |
33 | 31 | ||
34 | SRC_URI[md5sum] = "6e9aa4ef4cad8ae49affa0a786cc9e2f" | 32 | SRC_URI[md5sum] = "6d4d94359d083f449f089b8dbb93c423" |
35 | SRC_URI[sha256sum] = "f8c8e53b651e03a011667c60bd2d4dba7a7cb6ec04b247c8ea8514115527863b" | 33 | SRC_URI[sha256sum] = "0219ee692f31a39743acb62aaf4196b644ce94edf386df4605fd6a11a4fe0c93" |
36 | 34 | ||
37 | UPSTREAM_CHECK_URI = "https://github.com/rsyslog/rsyslog/releases" | 35 | UPSTREAM_CHECK_URI = "https://github.com/rsyslog/rsyslog/releases" |
38 | UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)" | 36 | UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)" |