diff options
author | Sona Sarmadi <sona.sarmadi@enea.com> | 2016-11-02 10:52:11 +0100 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-11-08 23:47:13 +0000 |
commit | c4061a0a689fd3f4e3fb5d5dd6357dc542973d45 (patch) | |
tree | 55fa2e594e075f6de399f519211a31e6e7bcf23a /meta/recipes-core/dropbear/dropbear/CVE-2016-7409.patch | |
parent | 6962ee368906e096cf2df3031ca5142117e7c52a (diff) | |
download | poky-c4061a0a689fd3f4e3fb5d5dd6357dc542973d45.tar.gz |
dropbear: fix multiple CVEs
CVE-2016-7406
CVE-2016-7407
CVE-2016-7408
CVE-2016-7409
References:
https://matt.ucc.asn.au/dropbear/CHANGES
http://seclists.org/oss-sec/2016/q3/504
[YOCTO #10443]
(From OE-Core rev: cca372506522c1d588f9ebc66c6051089743d2a9)
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/dropbear/dropbear/CVE-2016-7409.patch')
-rw-r--r-- | meta/recipes-core/dropbear/dropbear/CVE-2016-7409.patch | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/meta/recipes-core/dropbear/dropbear/CVE-2016-7409.patch b/meta/recipes-core/dropbear/dropbear/CVE-2016-7409.patch new file mode 100644 index 0000000000..1475475b4d --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear/CVE-2016-7409.patch | |||
@@ -0,0 +1,27 @@ | |||
1 | |||
2 | # HG changeset patch | ||
3 | # User Matt Johnston <matt@ucc.asn.au> | ||
4 | # Date 1468245085 -28800 | ||
5 | # Node ID 6a14b1f6dc04e70933c49ea335184e68c1deeb94 | ||
6 | # Parent 309e1c4a87682b6ca7d80b8555a1db416c3cb7ac | ||
7 | better TRACE of failed remote ident | ||
8 | |||
9 | CVE: CVE-2016-7409 | ||
10 | Upstream-Status: Backport [backported from: | ||
11 | https://secure.ucc.asn.au/hg/dropbear/raw-rev/6a14b1f6dc04] | ||
12 | |||
13 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
14 | |||
15 | diff -r 309e1c4a8768 -r 6a14b1f6dc04 common-session.c | ||
16 | --- a/common-session.c Fri Mar 18 22:44:36 2016 +0800 | ||
17 | +++ b/common-session.c Mon Jul 11 21:51:25 2016 +0800 | ||
18 | @@ -361,7 +361,7 @@ | ||
19 | } | ||
20 | |||
21 | if (!done) { | ||
22 | - TRACE(("err: %s for '%s'\n", strerror(errno), linebuf)) | ||
23 | + TRACE(("error reading remote ident: %s\n", strerror(errno))) | ||
24 | ses.remoteclosed(); | ||
25 | } else { | ||
26 | /* linebuf is already null terminated */ | ||
27 | |||