git: Security fixes CVE-2015-7545

CVE-2015-7545 git: arbitrary code execution via crafted URLs (From OE-Core rev: 0c4bdd61acbc1fa1b9bfb167d8eaf90c8bccc25c) Signed-off-by: Armin Kuster <akuster@mvista.com> Already in Jethro, not needed in master due to shipping a version of git which is already fixes (> 2.6.1) Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Armin Kuster <akuster@mvista.com> 2016-02-23 17:38:25 -0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2016-03-03 11:11:40 +0000
commit: f98b8b767d66e0e4bfa6f3e8ef7e44a4d45270e3 (patch)
tree: eaf1e0b535b1f650b15c25daef6fb3274ccedb58 /meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_5.patch
parent: 3aa8ba185b381088f4c51d7ba48fb109f2fc679b (diff)
download: poky-f98b8b767d66e0e4bfa6f3e8ef7e44a4d45270e3.tar.gz
1 files changed, 67 insertions, 0 deletions
diff --git a/meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_5.patch b/meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_5.patch
new file mode 100644
index 0000000000..32dfbaedbe
--- /dev/null
+++ b/meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_5.patch
@@ -0,0 +1,67 @@
+From b258116462399b318c86165c61a5c7123043cfd4 Mon Sep 17 00:00:00 2001
+From: Blake Burkhart <bburky@bburky.com>
+Date: Tue, 22 Sep 2015 18:06:20 -0400
+Subject: [PATCH] http: limit redirection depth
+By default, libcurl will follow circular http redirects
+forever. Let's put a cap on this so that somebody who can
+trigger an automated fetch of an arbitrary repository (e.g.,
+for CI) cannot convince git to loop infinitely.
+The value chosen is 20, which is the same default that
+Firefox uses.
+Signed-off-by: Jeff King <peff@peff.net>
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+Upstream-Status: Backport
+https://kernel.googlesource.com/pub/scm/git/git/+/b258116462399b318c86165c61a5c7123043cfd4%5E%21/
+CVE: CVE-2015-7545 patch #1 
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+---
+ http.c                        | 1 +
+ t/lib-httpd/apache.conf       | 3 +++
+ t/t5812-proto-disable-http.sh | 4 ++++
+ 3 files changed, 8 insertions(+)
+Index: git-2.3.0/http.c
+===================================================================
+--- git-2.3.0.orig/http.c
+++ git-2.3.0/http.c
+@@ -349,6 +349,7 @@ static CURL *get_curl_handle(void)
+        }
+ 
+        curl_easy_setopt(result, CURLOPT_FOLLOWLOCATION, 1);
+       curl_easy_setopt(result, CURLOPT_MAXREDIRS, 20);
+ #if LIBCURL_VERSION_NUM >= 0x071301
+        curl_easy_setopt(result, CURLOPT_POSTREDIR, CURL_REDIR_POST_ALL);
+ #elif LIBCURL_VERSION_NUM >= 0x071101
+Index: git-2.3.0/t/lib-httpd/apache.conf
+===================================================================
+--- git-2.3.0.orig/t/lib-httpd/apache.conf
+++ git-2.3.0/t/lib-httpd/apache.conf
+@@ -120,6 +120,9 @@ RewriteRule ^/smart-redir-auth/(.*)$ /au
+ RewriteRule ^/smart-redir-limited/(.*)/info/refs$ /smart/$1/info/refs [R=301]
+ RewriteRule ^/ftp-redir/(.*)$ ftp://localhost:1000/$1 [R=302]
+ 
+RewriteRule ^/loop-redir/x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-(.*) /$1 [R=302]
+RewriteRule ^/loop-redir/(.*)$ /loop-redir/x-$1 [R=302]
+
+ <IfDefine SSL>
+ LoadModule ssl_module modules/mod_ssl.so
+ 
+Index: git-2.3.0/t/t5812-proto-disable-http.sh
+===================================================================
+--- git-2.3.0.orig/t/t5812-proto-disable-http.sh
+++ git-2.3.0/t/t5812-proto-disable-http.sh
+@@ -25,5 +25,9 @@ test_expect_success 'curl redirects resp
+        }
+ '
+ 
+test_expect_success 'curl limits redirects' '
+       test_must_fail git clone "$HTTPD_URL/loop-redir/smart/repo.git"
+'
+
+ stop_httpd
+ test_done
author	Armin Kuster <akuster@mvista.com>	2016-02-23 17:38:25 -0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2016-03-03 11:11:40 +0000
commit	f98b8b767d66e0e4bfa6f3e8ef7e44a4d45270e3 (patch)
tree	eaf1e0b535b1f650b15c25daef6fb3274ccedb58 /meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_5.patch
parent	3aa8ba185b381088f4c51d7ba48fb109f2fc679b (diff)
download	poky-f98b8b767d66e0e4bfa6f3e8ef7e44a4d45270e3.tar.gz

diff --git a/meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_5.patch b/meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_5.patch new file mode 100644 index 0000000000..32dfbaedbe --- /dev/null +++ b/meta/recipes-devtools/git/git-2.3.0/CVE-2015-7545_5.patch
@@ -0,0 +1,67 @@
	1	From b258116462399b318c86165c61a5c7123043cfd4 Mon Sep 17 00:00:00 2001
	2	From: Blake Burkhart <bburky@bburky.com>
	3	Date: Tue, 22 Sep 2015 18:06:20 -0400
	4	Subject: [PATCH] http: limit redirection depth
	5
	6	By default, libcurl will follow circular http redirects
	7	forever. Let's put a cap on this so that somebody who can
	8	trigger an automated fetch of an arbitrary repository (e.g.,
	9	for CI) cannot convince git to loop infinitely.
	10
	11	The value chosen is 20, which is the same default that
	12	Firefox uses.
	13
	14	Signed-off-by: Jeff King <peff@peff.net>
	15	Signed-off-by: Junio C Hamano <gitster@pobox.com>
	16
	17	Upstream-Status: Backport
	18	https://kernel.googlesource.com/pub/scm/git/git/+/b258116462399b318c86165c61a5c7123043cfd4%5E%21/
	19	CVE: CVE-2015-7545 patch #1
	20	Signed-off-by: Armin Kuster <akuster@mvista.com>
	21
	22	---
	23	http.c \| 1 +
	24	t/lib-httpd/apache.conf \| 3 +++
	25	t/t5812-proto-disable-http.sh \| 4 ++++
	26	3 files changed, 8 insertions(+)
	27
	28	Index: git-2.3.0/http.c
	29	===================================================================
	30	--- git-2.3.0.orig/http.c
	31	+++ git-2.3.0/http.c
	32	@@ -349,6 +349,7 @@ static CURL *get_curl_handle(void)
	33	}
	34
	35	curl_easy_setopt(result, CURLOPT_FOLLOWLOCATION, 1);
	36	+ curl_easy_setopt(result, CURLOPT_MAXREDIRS, 20);
	37	#if LIBCURL_VERSION_NUM >= 0x071301
	38	curl_easy_setopt(result, CURLOPT_POSTREDIR, CURL_REDIR_POST_ALL);
	39	#elif LIBCURL_VERSION_NUM >= 0x071101
	40	Index: git-2.3.0/t/lib-httpd/apache.conf
	41	===================================================================
	42	--- git-2.3.0.orig/t/lib-httpd/apache.conf
	43	+++ git-2.3.0/t/lib-httpd/apache.conf
	44	@@ -120,6 +120,9 @@ RewriteRule ^/smart-redir-auth/(.*)$ /au
	45	RewriteRule ^/smart-redir-limited/(.*)/info/refs$ /smart/$1/info/refs [R=301]
	46	RewriteRule ^/ftp-redir/(.*)$ ftp://localhost:1000/$1 [R=302]
	47
	48	+RewriteRule ^/loop-redir/x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-(.*) /$1 [R=302]
	49	+RewriteRule ^/loop-redir/(.*)$ /loop-redir/x-$1 [R=302]
	50	+
	51	<IfDefine SSL>
	52	LoadModule ssl_module modules/mod_ssl.so
	53
	54	Index: git-2.3.0/t/t5812-proto-disable-http.sh
	55	===================================================================
	56	--- git-2.3.0.orig/t/t5812-proto-disable-http.sh
	57	+++ git-2.3.0/t/t5812-proto-disable-http.sh
	58	@@ -25,5 +25,9 @@ test_expect_success 'curl redirects resp
	59	}
	60	'
	61
	62	+test_expect_success 'curl limits redirects' '
	63	+ test_must_fail git clone "$HTTPD_URL/loop-redir/smart/repo.git"
	64	+'
	65	+
	66	stop_httpd
	67	test_done