diff options
author | Sona Sarmadi <sona.sarmadi@enea.com> | 2015-02-20 11:37:37 +0100 |
---|---|---|
committer | Tudor Florea <tudor.florea@enea.com> | 2015-07-06 20:19:37 +0200 |
commit | 57e2046e575c85d5963b108792a28fc166329234 (patch) | |
tree | a1e712926f1099455d0752430b0de35decb8418b /meta/recipes-core/eglibc | |
parent | 0892adf79c73bbfb427846670c480da0912431a2 (diff) | |
download | poky-57e2046e575c85d5963b108792a28fc166329234.tar.gz |
eglibc: CVE-2014-9402 denial of service in getnetbyname
getnetbyname function in eglibc 2.21 and earlier will
enter an infinite loop if the DNS backend is activated
in the system Name Service Switch configuration, and the
DNS resolver receives a positive answer while processing
the networkname.
Reference
https://sourceware.org/bugzilla/show_bug.cgi?id=17630
Changes in the NEWS and ChangeLog files from the original upstream
commit have been ignored
Upstream commit that fixes this issue:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;
h=11e3417af6e354f1942c68a271ae51e892b2814d
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Diffstat (limited to 'meta/recipes-core/eglibc')
-rw-r--r-- | meta/recipes-core/eglibc/eglibc-2.19/CVE-2014-9402_endless-loop-in-getaddr_r.patch | 28 | ||||
-rw-r--r-- | meta/recipes-core/eglibc/eglibc_2.19.bb | 1 |
2 files changed, 29 insertions, 0 deletions
diff --git a/meta/recipes-core/eglibc/eglibc-2.19/CVE-2014-9402_endless-loop-in-getaddr_r.patch b/meta/recipes-core/eglibc/eglibc-2.19/CVE-2014-9402_endless-loop-in-getaddr_r.patch new file mode 100644 index 0000000000..f062420d92 --- /dev/null +++ b/meta/recipes-core/eglibc/eglibc-2.19/CVE-2014-9402_endless-loop-in-getaddr_r.patch | |||
@@ -0,0 +1,28 @@ | |||
1 | eglibc: CVE-2014-9402 endless loop in getaddr_r | ||
2 | |||
3 | https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=11e3417af6e354f1942c68a271ae51e892b2814d | ||
4 | |||
5 | Upstream-Status: Backport | ||
6 | |||
7 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
8 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | ||
9 | |||
10 | From 11e3417af6e354f1942c68a271ae51e892b2814d Mon Sep 17 00:00:00 2001 | ||
11 | From: Florian Weimer <fweimer@redhat.com> | ||
12 | Date: Mon, 15 Dec 2014 17:41:13 +0100 | ||
13 | Subject: [PATCH] Avoid infinite loop in nss_dns getnetbyname [BZ #17630] | ||
14 | |||
15 | =================================================================== | ||
16 | --- git.orig/resolv/nss_dns/dns-network.c | ||
17 | +++ git/resolv/nss_dns/dns-network.c | ||
18 | @@ -398,8 +398,8 @@ getanswer_r (const querybuf *answer, int | ||
19 | |||
20 | case BYNAME: | ||
21 | { | ||
22 | - char **ap = result->n_aliases++; | ||
23 | - while (*ap != NULL) | ||
24 | + char **ap; | ||
25 | + for (ap = result->n_aliases; *ap != NULL; ++ap) | ||
26 | { | ||
27 | /* Check each alias name for being of the forms: | ||
28 | 4.3.2.1.in-addr.arpa = net 1.2.3.4 | ||
diff --git a/meta/recipes-core/eglibc/eglibc_2.19.bb b/meta/recipes-core/eglibc/eglibc_2.19.bb index 1ef1a429d2..a0c605c7c7 100644 --- a/meta/recipes-core/eglibc/eglibc_2.19.bb +++ b/meta/recipes-core/eglibc/eglibc_2.19.bb | |||
@@ -28,6 +28,7 @@ SRC_URI = "http://downloads.yoctoproject.org/releases/eglibc/eglibc-${PV}-svnr25 | |||
28 | file://CVE-2014-5119.patch \ | 28 | file://CVE-2014-5119.patch \ |
29 | file://CVE-2014-7817-wordexp-fails-to-honour-WRDE_NOCMD.patch \ | 29 | file://CVE-2014-7817-wordexp-fails-to-honour-WRDE_NOCMD.patch \ |
30 | file://CVE-2012-3406-Stack-overflow-in-vfprintf-BZ-16617.patch \ | 30 | file://CVE-2012-3406-Stack-overflow-in-vfprintf-BZ-16617.patch \ |
31 | file://CVE-2014-9402_endless-loop-in-getaddr_r.patch \ | ||
31 | " | 32 | " |
32 | SRC_URI[md5sum] = "197836c2ba42fb146e971222647198dd" | 33 | SRC_URI[md5sum] = "197836c2ba42fb146e971222647198dd" |
33 | SRC_URI[sha256sum] = "baaa030531fc308f7820c46acdf8e1b2f8e3c1f40bcd28b6e440d1c95d170d4c" | 34 | SRC_URI[sha256sum] = "baaa030531fc308f7820c46acdf8e1b2f8e3c1f40bcd28b6e440d1c95d170d4c" |