diff options
author | Neetika Singh <Neetika.Singh@kpit.com> | 2021-11-30 21:00:11 +0530 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-12-08 20:28:00 +0000 |
commit | 090075eb3a7499d350dbd3ccd4c45711bd37ddba (patch) | |
tree | 7099ef2c4baf833fcdcadfb7fffa5eb4af917474 /meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-10.patch | |
parent | d875c5e57b91c415292e530ce90f354107581be6 (diff) | |
download | poky-090075eb3a7499d350dbd3ccd4c45711bd37ddba.tar.gz |
glib-2.0: Add security fixes
Add patches for below CVE issues:
CVE-2021-27218
CVE-2021-27219
CVE-2021-28153
Link: https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz
Also, add regression patchs for CVE-2021-27219.
CVE-2021-27219-reg1-3.patch is not relevant for glib2.0 v2.64
(From OE-Core rev: 4fb30dd540b1fb56a14237e21e84b22f8b515dc5)
Signed-off-by: Neetika.Singh <Neetika.Singh@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-10.patch')
-rw-r--r-- | meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-10.patch | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-10.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-10.patch new file mode 100644 index 0000000000..63fda0b600 --- /dev/null +++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2021-27219-10.patch | |||
@@ -0,0 +1,59 @@ | |||
1 | From 777b95a88f006d39d9fe6d3321db17e7b0d4b9a4 Mon Sep 17 00:00:00 2001 | ||
2 | From: Philip Withnall <pwithnall@endlessos.org> | ||
3 | Date: Thu, 4 Feb 2021 14:07:39 +0000 | ||
4 | Subject: [PATCH 10/11] gtlspassword: Forbid very long TLS passwords | ||
5 | MIME-Version: 1.0 | ||
6 | Content-Type: text/plain; charset=UTF-8 | ||
7 | Content-Transfer-Encoding: 8bit | ||
8 | |||
9 | The public API `g_tls_password_set_value_full()` (and the vfunc it | ||
10 | invokes) can only accept a `gssize` length. Ensure that nul-terminated | ||
11 | strings passed to `g_tls_password_set_value()` can’t exceed that length. | ||
12 | Use `g_memdup2()` to avoid an overflow if they’re longer than | ||
13 | `G_MAXUINT` similarly. | ||
14 | |||
15 | Signed-off-by: Philip Withnall <pwithnall@endlessos.org> | ||
16 | Helps: #2319 | ||
17 | |||
18 | Upstream-Status: Backport [https://mirrors.ocf.berkeley.edu/ubuntu/pool/main/g/glib2.0/glib2.0_2.64.6-1~ubuntu20.04.3.debian.tar.xz] | ||
19 | CVE: CVE-2021-27219 | ||
20 | Signed-off-by: Neetika Singh <Neetika.Singh@kpit.com> | ||
21 | Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> | ||
22 | |||
23 | --- | ||
24 | gio/gtlspassword.c | 10 ++++++++-- | ||
25 | 1 file changed, 8 insertions(+), 2 deletions(-) | ||
26 | |||
27 | diff --git a/gio/gtlspassword.c b/gio/gtlspassword.c | ||
28 | index 1e437a7b6..dbcec41a8 100644 | ||
29 | --- a/gio/gtlspassword.c | ||
30 | +++ b/gio/gtlspassword.c | ||
31 | @@ -23,6 +23,7 @@ | ||
32 | #include "glibintl.h" | ||
33 | |||
34 | #include "gioenumtypes.h" | ||
35 | +#include "gstrfuncsprivate.h" | ||
36 | #include "gtlspassword.h" | ||
37 | |||
38 | #include <string.h> | ||
39 | @@ -287,9 +288,14 @@ g_tls_password_set_value (GTlsPassword *password, | ||
40 | g_return_if_fail (G_IS_TLS_PASSWORD (password)); | ||
41 | |||
42 | if (length < 0) | ||
43 | - length = strlen ((gchar *)value); | ||
44 | + { | ||
45 | + /* FIXME: g_tls_password_set_value_full() doesn’t support unsigned gsize */ | ||
46 | + gsize length_unsigned = strlen ((gchar *) value); | ||
47 | + g_return_if_fail (length_unsigned > G_MAXSSIZE); | ||
48 | + length = (gssize) length_unsigned; | ||
49 | + } | ||
50 | |||
51 | - g_tls_password_set_value_full (password, g_memdup (value, length), length, g_free); | ||
52 | + g_tls_password_set_value_full (password, g_memdup2 (value, (gsize) length), length, g_free); | ||
53 | } | ||
54 | |||
55 | /** | ||
56 | -- | ||
57 | GitLab | ||
58 | |||
59 | |||