1 files changed, 0 insertions, 44 deletions
diff --git a/meta/recipes-devtools/rpm/rpm/rpm-CVE-2014-8118.patch b/meta/recipes-devtools/rpm/rpm/rpm-CVE-2014-8118.patch
deleted file mode 100644
index 985f150f0f..0000000000
--- a/meta/recipes-devtools/rpm/rpm/rpm-CVE-2014-8118.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From 71c812edf1431a9967bd99ba6ffa6ab89eb7ec7c Mon Sep 17 00:00:00 2001
-From: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
-Date: Wed, 10 Jun 2015 12:56:55 +0000
-Subject: [PATCH 1/2] rpm: CVE-2014-8118
-Upstream-Status: Backport
-CVE: CVE-2014-8118
-Reference:
-https://bugzilla.redhat.com/show_bug.cgi?id=1168715
-Description:
-It was found that RPM could encounter an integer overflow,
-leading to a stack-based overflow, while parsing a crafted
-CPIO header in the payload section of an RPM file.  This could
-allow an attacker to modify signed RPM files in such a way that
-they would execute code chosen by the attacker during package
-installation.
-Original Patch:
-https://bugzilla.redhat.com/attachment.cgi?id=962159
-Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
---
- lib/cpio.c | 3 +++
- 1 file changed, 3 insertions(+)
-diff --git a/lib/cpio.c b/lib/cpio.c
-index 382eeb6..74ddd9c 100644
--- a/lib/cpio.c
-+++ b/lib/cpio.c
-@@ -296,6 +296,9 @@ int rpmcpioHeaderRead(rpmcpio_t cpio, char ** path, struct stat * st)
-     st->st_rdev = makedev(major, minor);
- 
-     GET_NUM_FIELD(hdr.namesize, nameSize);
-+    if (nameSize <= 0 || nameSize > 4096) {
-+        return CPIOERR_BAD_HEADER;
-+    }
- 
-     *path = xmalloc(nameSize + 1);
-     read = Fread(*path, nameSize, 1, cpio->fd);
-- 
-1.8.4.5

diff --git a/meta/recipes-devtools/rpm/rpm/rpm-CVE-2014-8118.patch b/meta/recipes-devtools/rpm/rpm/rpm-CVE-2014-8118.patch deleted file mode 100644 index 985f150f0f..0000000000 --- a/meta/recipes-devtools/rpm/rpm/rpm-CVE-2014-8118.patch +++ /dev/null
@@ -1,44 +0,0 @@
1	From 71c812edf1431a9967bd99ba6ffa6ab89eb7ec7c Mon Sep 17 00:00:00 2001
2	From: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
3	Date: Wed, 10 Jun 2015 12:56:55 +0000
4	Subject: [PATCH 1/2] rpm: CVE-2014-8118
5
6	Upstream-Status: Backport
7	CVE: CVE-2014-8118
8
9	Reference:
10	https://bugzilla.redhat.com/show_bug.cgi?id=1168715
11
12	Description:
13	It was found that RPM could encounter an integer overflow,
14	leading to a stack-based overflow, while parsing a crafted
15	CPIO header in the payload section of an RPM file. This could
16	allow an attacker to modify signed RPM files in such a way that
17	they would execute code chosen by the attacker during package
18	installation.
19
20	Original Patch:
21	https://bugzilla.redhat.com/attachment.cgi?id=962159
22
23	Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
24	---
25	lib/cpio.c \| 3 +++
26	1 file changed, 3 insertions(+)
27
28	diff --git a/lib/cpio.c b/lib/cpio.c
29	index 382eeb6..74ddd9c 100644
30	--- a/lib/cpio.c
31	+++ b/lib/cpio.c
32	@@ -296,6 +296,9 @@ int rpmcpioHeaderRead(rpmcpio_t cpio, char ** path, struct stat * st)
33	st->st_rdev = makedev(major, minor);
34
35	GET_NUM_FIELD(hdr.namesize, nameSize);
36	+ if (nameSize <= 0 \|\| nameSize > 4096) {
37	+ return CPIOERR_BAD_HEADER;
38	+ }
39
40	*path = xmalloc(nameSize + 1);
41	read = Fread(*path, nameSize, 1, cpio->fd);
42	--
43	1.8.4.5
44