diff options
Diffstat (limited to 'meta/recipes-connectivity/ppp/ppp')
3 files changed, 0 insertions, 124 deletions
diff --git a/meta/recipes-connectivity/ppp/ppp/0001-ppp-fix-build-against-5.15-headers.patch b/meta/recipes-connectivity/ppp/ppp/0001-ppp-fix-build-against-5.15-headers.patch deleted file mode 100644 index c91246dbf5..0000000000 --- a/meta/recipes-connectivity/ppp/ppp/0001-ppp-fix-build-against-5.15-headers.patch +++ /dev/null | |||
@@ -1,36 +0,0 @@ | |||
1 | From aba3273273e826c6dc90f197ca9a3e800e826891 Mon Sep 17 00:00:00 2001 | ||
2 | From: Bruce Ashfield <bruce.ashfield@gmail.com> | ||
3 | Date: Fri, 5 Nov 2021 12:41:35 -0400 | ||
4 | Subject: [PATCH] ppp: fix build against 5.15 headers | ||
5 | |||
6 | The 5.15 kernel has removed ipx support, along with the userspace | ||
7 | visible header. | ||
8 | |||
9 | This support wasn't used previously (as it hasn't been very well | ||
10 | maintained in the kernel for several years), so we can simply | ||
11 | disable it in our build and wait for upstream to do a release that | ||
12 | drops the support. | ||
13 | |||
14 | Upstream-Status: Inappropriate [OE-specific configuration/headers] | ||
15 | |||
16 | Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> | ||
17 | --- | ||
18 | pppd/Makefile.linux | 2 +- | ||
19 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
20 | |||
21 | diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux | ||
22 | index 22837c5..23b9b22 100644 | ||
23 | --- a/pppd/Makefile.linux | ||
24 | +++ b/pppd/Makefile.linux | ||
25 | @@ -91,7 +91,7 @@ MAXOCTETS=y | ||
26 | |||
27 | INCLUDE_DIRS= -I../include | ||
28 | |||
29 | -COMPILE_FLAGS= -DHAVE_PATHS_H -DIPX_CHANGE -DHAVE_MMAP -pipe | ||
30 | +COMPILE_FLAGS= -DHAVE_PATHS_H -DHAVE_MMAP -pipe | ||
31 | |||
32 | CFLAGS= $(COPTS) $(COMPILE_FLAGS) $(INCLUDE_DIRS) '-DDESTDIR="@DESTDIR@"' | ||
33 | |||
34 | -- | ||
35 | 2.25.1 | ||
36 | |||
diff --git a/meta/recipes-connectivity/ppp/ppp/CVE-2022-4603.patch b/meta/recipes-connectivity/ppp/ppp/CVE-2022-4603.patch deleted file mode 100644 index 4325b1d6b0..0000000000 --- a/meta/recipes-connectivity/ppp/ppp/CVE-2022-4603.patch +++ /dev/null | |||
@@ -1,48 +0,0 @@ | |||
1 | From a75fb7b198eed50d769c80c36629f38346882cbf Mon Sep 17 00:00:00 2001 | ||
2 | From: Paul Mackerras <paulus@ozlabs.org> | ||
3 | Date: Thu, 4 Aug 2022 12:23:08 +1000 | ||
4 | Subject: [PATCH] pppdump: Avoid out-of-range access to packet buffer | ||
5 | |||
6 | This fixes a potential vulnerability where data is written to spkt.buf | ||
7 | and rpkt.buf without a check on the array index. To fix this, we | ||
8 | check the array index (pkt->cnt) before storing the byte or | ||
9 | incrementing the count. This also means we no longer have a potential | ||
10 | signed integer overflow on the increment of pkt->cnt. | ||
11 | |||
12 | Fortunately, pppdump is not used in the normal process of setting up a | ||
13 | PPP connection, is not installed setuid-root, and is not invoked | ||
14 | automatically in any scenario that I am aware of. | ||
15 | |||
16 | Signed-off-by: Paul Mackerras <paulus@ozlabs.org> | ||
17 | |||
18 | Upstream-Status: Backport | ||
19 | Signed-off-by: Ross Burton <ross.burton@arm.com> | ||
20 | --- | ||
21 | pppdump/pppdump.c | 7 ++++++- | ||
22 | 1 file changed, 6 insertions(+), 1 deletion(-) | ||
23 | |||
24 | diff --git a/pppdump/pppdump.c b/pppdump/pppdump.c | ||
25 | index 2b815fc9..b85a8627 100644 | ||
26 | --- a/pppdump/pppdump.c | ||
27 | +++ b/pppdump/pppdump.c | ||
28 | @@ -297,6 +297,10 @@ dumpppp(f) | ||
29 | printf("%s aborted packet:\n ", dir); | ||
30 | q = " "; | ||
31 | } | ||
32 | + if (pkt->cnt >= sizeof(pkt->buf)) { | ||
33 | + printf("%s over-long packet truncated:\n ", dir); | ||
34 | + q = " "; | ||
35 | + } | ||
36 | nb = pkt->cnt; | ||
37 | p = pkt->buf; | ||
38 | pkt->cnt = 0; | ||
39 | @@ -400,7 +404,8 @@ dumpppp(f) | ||
40 | c ^= 0x20; | ||
41 | pkt->esc = 0; | ||
42 | } | ||
43 | - pkt->buf[pkt->cnt++] = c; | ||
44 | + if (pkt->cnt < sizeof(pkt->buf)) | ||
45 | + pkt->buf[pkt->cnt++] = c; | ||
46 | break; | ||
47 | } | ||
48 | } | ||
diff --git a/meta/recipes-connectivity/ppp/ppp/makefix.patch b/meta/recipes-connectivity/ppp/ppp/makefix.patch deleted file mode 100644 index fce068cae0..0000000000 --- a/meta/recipes-connectivity/ppp/ppp/makefix.patch +++ /dev/null | |||
@@ -1,40 +0,0 @@ | |||
1 | We were seeing reproducibility issues where one host would use the internal | ||
2 | logwtmp wrapper, another would use the one in libutil. The issue was that in | ||
3 | some cases the "\#include" was making it to CC, in others, "#include". The | ||
4 | issue seems to be related to shell escaping. | ||
5 | |||
6 | The root cause looks to be: | ||
7 | http://git.savannah.gnu.org/cgit/make.git/commit/?id=c6966b323811c37acedff05b576b907b06aea5f4 | ||
8 | |||
9 | Instead of relying on shell quoting, use make to indirect the variable | ||
10 | and avoid the problem. | ||
11 | |||
12 | See https://github.com/paulusmack/ppp/issues/233 | ||
13 | |||
14 | Upstream-Status: Backport [https://github.com/paulusmack/ppp/commit/b4430f7092ececdff2504d5f3393a4c6528c3686] | ||
15 | Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> | ||
16 | |||
17 | Index: ppp-2.4.9/pppd/Makefile.linux | ||
18 | =================================================================== | ||
19 | --- ppp-2.4.9.orig/pppd/Makefile.linux | ||
20 | +++ ppp-2.4.9/pppd/Makefile.linux | ||
21 | @@ -80,7 +80,8 @@ PLUGIN=y | ||
22 | #USE_SRP=y | ||
23 | |||
24 | # Use libutil; test if logwtmp is declared in <utmp.h> to detect | ||
25 | -ifeq ($(shell echo '\#include <utmp.h>' | $(CC) -E - 2>/dev/null | grep -q logwtmp && echo yes),yes) | ||
26 | +UTMPHEADER = "\#include <utmp.h>" | ||
27 | +ifeq ($(shell echo $(UTMPHEADER) | $(CC) -E - 2>/dev/null | grep -q logwtmp && echo yes),yes) | ||
28 | USE_LIBUTIL=y | ||
29 | endif | ||
30 | |||
31 | @@ -143,7 +144,8 @@ CFLAGS += -DHAS_SHADOW | ||
32 | #LIBS += -lshadow $(LIBS) | ||
33 | endif | ||
34 | |||
35 | -ifeq ($(shell echo '\#include <crypt.h>' | $(CC) -E - >/dev/null 2>&1 && echo yes),yes) | ||
36 | +CRYPTHEADER = "\#include <crypt.h>" | ||
37 | +ifeq ($(shell echo $(CRYPTHEADER) | $(CC) -E - >/dev/null 2>&1 && echo yes),yes) | ||
38 | CFLAGS += -DHAVE_CRYPT_H=1 | ||
39 | LIBS += -lcrypt | ||
40 | endif | ||