summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-support')
-rw-r--r--meta/recipes-support/attr/acl_2.2.52.bb3
-rw-r--r--meta/recipes-support/attr/attr_2.4.47.bb3
-rw-r--r--meta/recipes-support/gnutls/gnutls/CVE-2020-24659.patch117
-rw-r--r--meta/recipes-support/gnutls/gnutls_3.6.13.bb1
-rw-r--r--meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch41
-rw-r--r--meta/recipes-support/libpcre/libpcre_8.43.bb1
6 files changed, 166 insertions, 0 deletions
diff --git a/meta/recipes-support/attr/acl_2.2.52.bb b/meta/recipes-support/attr/acl_2.2.52.bb
index 6bc77d868d..31ec64a43d 100644
--- a/meta/recipes-support/attr/acl_2.2.52.bb
+++ b/meta/recipes-support/attr/acl_2.2.52.bb
@@ -25,6 +25,9 @@ SRC_URI[sha256sum] = "179074bb0580c06c4b4137be4c5a92a701583277967acdb5546043c787
25 25
26require ea-acl.inc 26require ea-acl.inc
27 27
28# Has issues with newer versions of make
29PARALLEL_MAKEINST = ""
30
28# avoid RPATH hardcode to staging dir 31# avoid RPATH hardcode to staging dir
29do_configure_append() { 32do_configure_append() {
30 sed -i ${S}/config.status -e s,^\\\(hardcode_into_libs=\\\).*$,\\1\'no\', 33 sed -i ${S}/config.status -e s,^\\\(hardcode_into_libs=\\\).*$,\\1\'no\',
diff --git a/meta/recipes-support/attr/attr_2.4.47.bb b/meta/recipes-support/attr/attr_2.4.47.bb
index fc88bef830..c3da66a0c7 100644
--- a/meta/recipes-support/attr/attr_2.4.47.bb
+++ b/meta/recipes-support/attr/attr_2.4.47.bb
@@ -12,4 +12,7 @@ SRC_URI += "file://attr-Missing-configure.ac.patch \
12SRC_URI[md5sum] = "84f58dec00b60f2dc8fd1c9709291cc7" 12SRC_URI[md5sum] = "84f58dec00b60f2dc8fd1c9709291cc7"
13SRC_URI[sha256sum] = "25772f653ac5b2e3ceeb89df50e4688891e21f723c460636548971652af0a859" 13SRC_URI[sha256sum] = "25772f653ac5b2e3ceeb89df50e4688891e21f723c460636548971652af0a859"
14 14
15# Has issues with newer versions of make
16PARALLEL_MAKEINST = ""
17
15BBCLASSEXTEND = "native nativesdk" 18BBCLASSEXTEND = "native nativesdk"
diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2020-24659.patch b/meta/recipes-support/gnutls/gnutls/CVE-2020-24659.patch
new file mode 100644
index 0000000000..1702325e66
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls/CVE-2020-24659.patch
@@ -0,0 +1,117 @@
1From 29ee67c205855e848a0a26e6d0e4f65b6b943e0a Mon Sep 17 00:00:00 2001
2From: Daiki Ueno <ueno@gnu.org>
3Date: Sat, 22 Aug 2020 17:19:39 +0200
4Subject: [PATCH] handshake: reject no_renegotiation alert if handshake is
5 incomplete
6
7If the initial handshake is incomplete and the server sends a
8no_renegotiation alert, the client should treat it as a fatal error
9even if its level is warning. Otherwise the same handshake
10state (e.g., DHE parameters) are reused in the next gnutls_handshake
11call, if it is called in the loop idiom:
12
13 do {
14 ret = gnutls_handshake(session);
15 } while (ret < 0 && gnutls_error_is_fatal(ret) == 0);
16
17Signed-off-by: Daiki Ueno <ueno@gnu.org>
18CVE: CVE-2020-24659
19Upstream-Status: Backport [https://gitlab.com/gnutls/gnutls.git]
20Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
21---
22 lib/gnutls_int.h | 1 +
23 lib/handshake.c | 48 +++++++++++++-----
24 2 files changed, 36 insertions(+), 13 deletions(-)
25
26diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
27index bb6c19713..31cec5c0c 100644
28--- a/lib/gnutls_int.h
29+++ b/lib/gnutls_int.h
30@@ -1370,6 +1370,7 @@ typedef struct {
31 #define HSK_RECORD_SIZE_LIMIT_RECEIVED (1<<26) /* server: record_size_limit extension was seen but not accepted yet */
32 #define HSK_OCSP_REQUESTED (1<<27) /* server: client requested OCSP stapling */
33 #define HSK_CLIENT_OCSP_REQUESTED (1<<28) /* client: server requested OCSP stapling */
34+#define HSK_SERVER_HELLO_RECEIVED (1<<29) /* client: Server Hello message has been received */
35
36 /* The hsk_flags are for use within the ongoing handshake;
37 * they are reset to zero prior to handshake start by gnutls_handshake. */
38diff --git a/lib/handshake.c b/lib/handshake.c
39index b40f84b3d..ce2d160e2 100644
40--- a/lib/handshake.c
41+++ b/lib/handshake.c
42@@ -2051,6 +2051,8 @@ read_server_hello(gnutls_session_t session,
43 if (ret < 0)
44 return gnutls_assert_val(ret);
45
46+ session->internals.hsk_flags |= HSK_SERVER_HELLO_RECEIVED;
47+
48 return 0;
49 }
50
51@@ -2575,16 +2577,42 @@ int gnutls_rehandshake(gnutls_session_t session)
52 return 0;
53 }
54
55+/* This function checks whether the error code should be treated fatal
56+ * or not, and also does the necessary state transition. In
57+ * particular, in the case of a rehandshake abort it resets the
58+ * handshake's internal state.
59+ */
60 inline static int
61 _gnutls_abort_handshake(gnutls_session_t session, int ret)
62 {
63- if (((ret == GNUTLS_E_WARNING_ALERT_RECEIVED) &&
64- (gnutls_alert_get(session) == GNUTLS_A_NO_RENEGOTIATION))
65- || ret == GNUTLS_E_GOT_APPLICATION_DATA)
66- return 0;
67+ switch (ret) {
68+ case GNUTLS_E_WARNING_ALERT_RECEIVED:
69+ if (gnutls_alert_get(session) == GNUTLS_A_NO_RENEGOTIATION) {
70+ /* The server always toleretes a "no_renegotiation" alert. */
71+ if (session->security_parameters.entity == GNUTLS_SERVER) {
72+ STATE = STATE0;
73+ return ret;
74+ }
75+
76+ /* The client should tolerete a "no_renegotiation" alert only if:
77+ * - the initial handshake has completed, or
78+ * - a Server Hello is not yet received
79+ */
80+ if (session->internals.initial_negotiation_completed ||
81+ !(session->internals.hsk_flags & HSK_SERVER_HELLO_RECEIVED)) {
82+ STATE = STATE0;
83+ return ret;
84+ }
85
86- /* this doesn't matter */
87- return GNUTLS_E_INTERNAL_ERROR;
88+ return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
89+ }
90+ return ret;
91+ case GNUTLS_E_GOT_APPLICATION_DATA:
92+ STATE = STATE0;
93+ return ret;
94+ default:
95+ return ret;
96+ }
97 }
98
99
100@@ -2747,13 +2774,7 @@ int gnutls_handshake(gnutls_session_t session)
101 }
102
103 if (ret < 0) {
104- /* In the case of a rehandshake abort
105- * we should reset the handshake's internal state.
106- */
107- if (_gnutls_abort_handshake(session, ret) == 0)
108- STATE = STATE0;
109-
110- return ret;
111+ return _gnutls_abort_handshake(session, ret);
112 }
113
114 /* clear handshake buffer */
115--
1162.17.0
117
diff --git a/meta/recipes-support/gnutls/gnutls_3.6.13.bb b/meta/recipes-support/gnutls/gnutls_3.6.13.bb
index ab537981ac..2ed012f9d6 100644
--- a/meta/recipes-support/gnutls/gnutls_3.6.13.bb
+++ b/meta/recipes-support/gnutls/gnutls_3.6.13.bb
@@ -22,6 +22,7 @@ SRC_URI = "https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar
22 file://CVE-2020-13777-a.patch \ 22 file://CVE-2020-13777-a.patch \
23 file://CVE-2020-13777-b.patch \ 23 file://CVE-2020-13777-b.patch \
24 file://CVE-2020-13777-c.patch \ 24 file://CVE-2020-13777-c.patch \
25 file://CVE-2020-24659.patch \
25" 26"
26 27
27SRC_URI[md5sum] = "bb1fe696a11543433785b4fc70ca225f" 28SRC_URI[md5sum] = "bb1fe696a11543433785b4fc70ca225f"
diff --git a/meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch b/meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch
new file mode 100644
index 0000000000..183512fd7d
--- /dev/null
+++ b/meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch
@@ -0,0 +1,41 @@
1--- pcre-8.43/pcre_compile.c 2020-07-05 22:26:25.310501521 +0530
2+++ pcre-8.43/pcre_compile1.c 2020-07-05 22:30:22.254489562 +0530
3
4CVE: CVE-2020-14155
5Upstream-Status: Backport [https://vcs.pcre.org/pcre/code/trunk/pcre_compile.c?view=patch&r1=1761&r2=1760&pathrev=1761]
6Signed-off-by: Rahul Taya<Rahul.Taya@kpit.com>
7
8@@ -6,7 +6,7 @@
9 and semantics are as close as possible to those of the Perl 5 language.
10
11 Written by Philip Hazel
12- Copyright (c) 1997-2018 University of Cambridge
13+ Copyright (c) 1997-2020 University of Cambridge
14
15 -----------------------------------------------------------------------------
16 Redistribution and use in source and binary forms, with or without
17@@ -7130,17 +7130,19 @@
18 int n = 0;
19 ptr++;
20 while(IS_DIGIT(*ptr))
21+ {
22 n = n * 10 + *ptr++ - CHAR_0;
23+ if (n > 255)
24+ {
25+ *errorcodeptr = ERR38;
26+ goto FAILED;
27+ }
28+ }
29 if (*ptr != CHAR_RIGHT_PARENTHESIS)
30 {
31 *errorcodeptr = ERR39;
32 goto FAILED;
33 }
34- if (n > 255)
35- {
36- *errorcodeptr = ERR38;
37- goto FAILED;
38- }
39 *code++ = n;
40 PUT(code, 0, (int)(ptr - cd->start_pattern + 1)); /* Pattern offset */
41 PUT(code, LINK_SIZE, 0); /* Default length */
diff --git a/meta/recipes-support/libpcre/libpcre_8.43.bb b/meta/recipes-support/libpcre/libpcre_8.43.bb
index b97af08b25..60ece64504 100644
--- a/meta/recipes-support/libpcre/libpcre_8.43.bb
+++ b/meta/recipes-support/libpcre/libpcre_8.43.bb
@@ -12,6 +12,7 @@ SRC_URI = "https://ftp.pcre.org/pub/pcre/pcre-${PV}.tar.bz2 \
12 file://out-of-tree.patch \ 12 file://out-of-tree.patch \
13 file://run-ptest \ 13 file://run-ptest \
14 file://Makefile \ 14 file://Makefile \
15 file://CVE-2020-14155.patch \
15" 16"
16 17
17SRC_URI[md5sum] = "636222e79e392c3d95dcc545f24f98c4" 18SRC_URI[md5sum] = "636222e79e392c3d95dcc545f24f98c4"