diff options
author | Neetika Singh <Neetika.Singh@kpit.com> | 2021-07-26 22:57:46 +0530 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-08-10 11:14:11 +0100 |
commit | 02476f72f47b328ce53734da11baf4d68a0b44f2 (patch) | |
tree | 8d6f32edc85ead5641e28b346350c4050d3ac52d /meta/recipes-support | |
parent | 1d36ed33069d76898115eaf271fa1f15dea9b657 (diff) | |
download | poky-02476f72f47b328ce53734da11baf4d68a0b44f2.tar.gz |
curl: Fix for CVE-2021-22898
Applied trivial patch for cve issue CVE-2021-22898
Link: https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde
(From OE-Core rev: ba99fce9354555e556158a0af8ec809ae00cb62b)
Signed-off-by: Neetika.Singh <Neetika.Singh@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-support')
-rw-r--r-- | meta/recipes-support/curl/curl/CVE-2021-22898.patch | 26 | ||||
-rw-r--r-- | meta/recipes-support/curl/curl_7.69.1.bb | 1 |
2 files changed, 27 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl/CVE-2021-22898.patch b/meta/recipes-support/curl/curl/CVE-2021-22898.patch new file mode 100644 index 0000000000..0800e10175 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2021-22898.patch | |||
@@ -0,0 +1,26 @@ | |||
1 | From 39ce47f219b09c380b81f89fe54ac586c8db6bde Mon Sep 17 00:00:00 2001 | ||
2 | From: Harry Sintonen <sintonen@iki.fi> | ||
3 | Date: Fri, 7 May 2021 13:09:57 +0200 | ||
4 | Subject: [PATCH] telnet: check sscanf() for correct number of matches | ||
5 | |||
6 | CVE: CVE-2021-22898 | ||
7 | Upstream-Status: Backport | ||
8 | Link: https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde | ||
9 | Bug: https://curl.se/docs/CVE-2021-22898.html | ||
10 | --- | ||
11 | lib/telnet.c | 2 +- | ||
12 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
13 | |||
14 | diff --git a/lib/telnet.c b/lib/telnet.c | ||
15 | index 26e0658ba9cc..fdd137fb0c04 100644 | ||
16 | --- a/lib/telnet.c | ||
17 | +++ b/lib/telnet.c | ||
18 | @@ -922,7 +922,7 @@ static void suboption(struct Curl_easy *data) | ||
19 | size_t tmplen = (strlen(v->data) + 1); | ||
20 | /* Add the variable only if it fits */ | ||
21 | if(len + tmplen < (int)sizeof(temp)-6) { | ||
22 | - if(sscanf(v->data, "%127[^,],%127s", varname, varval)) { | ||
23 | + if(sscanf(v->data, "%127[^,],%127s", varname, varval) == 2) { | ||
24 | msnprintf((char *)&temp[len], sizeof(temp) - len, | ||
25 | "%c%s%c%s", CURL_NEW_ENV_VAR, varname, | ||
26 | CURL_NEW_ENV_VALUE, varval); | ||
diff --git a/meta/recipes-support/curl/curl_7.69.1.bb b/meta/recipes-support/curl/curl_7.69.1.bb index 13ab29cf69..9b510bcf9f 100644 --- a/meta/recipes-support/curl/curl_7.69.1.bb +++ b/meta/recipes-support/curl/curl_7.69.1.bb | |||
@@ -19,6 +19,7 @@ SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \ | |||
19 | file://CVE-2020-8286.patch \ | 19 | file://CVE-2020-8286.patch \ |
20 | file://CVE-2021-22876.patch \ | 20 | file://CVE-2021-22876.patch \ |
21 | file://CVE-2021-22890.patch \ | 21 | file://CVE-2021-22890.patch \ |
22 | file://CVE-2021-22898.patch \ | ||
22 | " | 23 | " |
23 | 24 | ||
24 | SRC_URI[md5sum] = "ec5fc263f898a3dfef08e805f1ecca42" | 25 | SRC_URI[md5sum] = "ec5fc263f898a3dfef08e805f1ecca42" |