diff options
Diffstat (limited to 'meta')
33 files changed, 3894 insertions, 45 deletions
diff --git a/meta/conf/distro/include/yocto-uninative.inc b/meta/conf/distro/include/yocto-uninative.inc index eaa3e9b31c..4ac66fd506 100644 --- a/meta/conf/distro/include/yocto-uninative.inc +++ b/meta/conf/distro/include/yocto-uninative.inc | |||
@@ -6,10 +6,10 @@ | |||
6 | # to the distro running on the build machine. | 6 | # to the distro running on the build machine. |
7 | # | 7 | # |
8 | 8 | ||
9 | UNINATIVE_MAXGLIBCVERSION = "2.38" | 9 | UNINATIVE_MAXGLIBCVERSION = "2.39" |
10 | UNINATIVE_VERSION = "4.3" | 10 | UNINATIVE_VERSION = "4.4" |
11 | 11 | ||
12 | UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/${UNINATIVE_VERSION}/" | 12 | UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/${UNINATIVE_VERSION}/" |
13 | UNINATIVE_CHECKSUM[aarch64] ?= "8df05f4a41455018b4303b2e0ea4eac5c960b5a13713f6dbb33dfdb3e32753ec" | 13 | UNINATIVE_CHECKSUM[aarch64] ?= "b61876130f494f75092f21086b4a64ea5fb064045769bf1d32e9cb6af17ea8ec" |
14 | UNINATIVE_CHECKSUM[i686] ?= "bea76b4a97c9ba0077c0dd1295f519cd599dbf71f0ca1c964471c4cdb043addd" | 14 | UNINATIVE_CHECKSUM[i686] ?= "9f28627828f0082cc0344eede4d9a861a9a064bfa8f36e072e46212f0fe45fcc" |
15 | UNINATIVE_CHECKSUM[x86_64] ?= "1c35f09a75c4096749bbe1e009df4e3968cde151424062cf4aa3ed89db22b030" | 15 | UNINATIVE_CHECKSUM[x86_64] ?= "d81c54284be2bb886931fc87281d58177a2cd381cf99d1981f8923039a72a302" |
diff --git a/meta/conf/licenses.conf b/meta/conf/licenses.conf index d14c365977..c78823e847 100644 --- a/meta/conf/licenses.conf +++ b/meta/conf/licenses.conf | |||
@@ -37,6 +37,7 @@ SPDXLICENSEMAP[GPL-3.0-only] = "GPL-3.0" | |||
37 | SPDXLICENSEMAP[LGPLv2] = "LGPL-2.0" | 37 | SPDXLICENSEMAP[LGPLv2] = "LGPL-2.0" |
38 | SPDXLICENSEMAP[LGPLv2+] = "LGPL-2.0+" | 38 | SPDXLICENSEMAP[LGPLv2+] = "LGPL-2.0+" |
39 | SPDXLICENSEMAP[LGPLv2.0] = "LGPL-2.0" | 39 | SPDXLICENSEMAP[LGPLv2.0] = "LGPL-2.0" |
40 | SPDXLICENSEMAP[LGPLv2.0+] = "LGPL-2.0+" | ||
40 | SPDXLICENSEMAP[LGPL-2.0-only] = "LGPL-2.0" | 41 | SPDXLICENSEMAP[LGPL-2.0-only] = "LGPL-2.0" |
41 | SPDXLICENSEMAP[LGPL2.1] = "LGPL-2.1" | 42 | SPDXLICENSEMAP[LGPL2.1] = "LGPL-2.1" |
42 | SPDXLICENSEMAP[LGPLv2.1] = "LGPL-2.1" | 43 | SPDXLICENSEMAP[LGPLv2.1] = "LGPL-2.1" |
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2024-0727.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2024-0727.patch new file mode 100644 index 0000000000..3da6879ccb --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/CVE-2024-0727.patch | |||
@@ -0,0 +1,122 @@ | |||
1 | Backport of: | ||
2 | |||
3 | From 09df4395b5071217b76dc7d3d2e630eb8c5a79c2 Mon Sep 17 00:00:00 2001 | ||
4 | From: Matt Caswell <matt@openssl.org> | ||
5 | Date: Fri, 19 Jan 2024 11:28:58 +0000 | ||
6 | Subject: [PATCH] Add NULL checks where ContentInfo data can be NULL | ||
7 | |||
8 | PKCS12 structures contain PKCS7 ContentInfo fields. These fields are | ||
9 | optional and can be NULL even if the "type" is a valid value. OpenSSL | ||
10 | was not properly accounting for this and a NULL dereference can occur | ||
11 | causing a crash. | ||
12 | |||
13 | CVE-2024-0727 | ||
14 | |||
15 | Reviewed-by: Tomas Mraz <tomas@openssl.org> | ||
16 | Reviewed-by: Hugo Landau <hlandau@openssl.org> | ||
17 | Reviewed-by: Neil Horman <nhorman@openssl.org> | ||
18 | (Merged from https://github.com/openssl/openssl/pull/23362) | ||
19 | |||
20 | (cherry picked from commit d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c) | ||
21 | |||
22 | Upstream-Status: Backport [https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c] | ||
23 | |||
24 | CVE: CVE-2024-0727 | ||
25 | |||
26 | Signed-off-by: virendra thakur <virendrak@kpit.com> | ||
27 | --- | ||
28 | crypto/pkcs12/p12_add.c | 18 ++++++++++++++++++ | ||
29 | crypto/pkcs12/p12_mutl.c | 5 +++++ | ||
30 | crypto/pkcs12/p12_npas.c | 5 +++-- | ||
31 | crypto/pkcs7/pk7_mime.c | 7 +++++-- | ||
32 | 4 files changed, 31 insertions(+), 4 deletions(-) | ||
33 | |||
34 | --- a/crypto/pkcs12/p12_add.c | ||
35 | +++ b/crypto/pkcs12/p12_add.c | ||
36 | @@ -76,6 +76,13 @@ STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_ | ||
37 | PKCS12_R_CONTENT_TYPE_NOT_DATA); | ||
38 | return NULL; | ||
39 | } | ||
40 | + | ||
41 | + if (p7->d.data == NULL) { | ||
42 | + PKCS12err(PKCS12_F_PKCS12_UNPACK_P7DATA, | ||
43 | + PKCS12_R_DECODE_ERROR); | ||
44 | + return NULL; | ||
45 | + } | ||
46 | + | ||
47 | return ASN1_item_unpack(p7->d.data, ASN1_ITEM_rptr(PKCS12_SAFEBAGS)); | ||
48 | } | ||
49 | |||
50 | @@ -132,6 +139,12 @@ STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_ | ||
51 | { | ||
52 | if (!PKCS7_type_is_encrypted(p7)) | ||
53 | return NULL; | ||
54 | + | ||
55 | + if (p7->d.encrypted == NULL) { | ||
56 | + PKCS12err(PKCS12_F_PKCS12_UNPACK_P7DATA, PKCS12_R_DECODE_ERROR); | ||
57 | + return NULL; | ||
58 | + } | ||
59 | + | ||
60 | return PKCS12_item_decrypt_d2i(p7->d.encrypted->enc_data->algorithm, | ||
61 | ASN1_ITEM_rptr(PKCS12_SAFEBAGS), | ||
62 | pass, passlen, | ||
63 | @@ -159,6 +172,13 @@ STACK_OF(PKCS7) *PKCS12_unpack_authsafes | ||
64 | PKCS12_R_CONTENT_TYPE_NOT_DATA); | ||
65 | return NULL; | ||
66 | } | ||
67 | + | ||
68 | + if (p12->authsafes->d.data == NULL) { | ||
69 | + PKCS12err(PKCS12_F_PKCS12_UNPACK_AUTHSAFES, | ||
70 | + PKCS12_R_DECODE_ERROR); | ||
71 | + return NULL; | ||
72 | + } | ||
73 | + | ||
74 | return ASN1_item_unpack(p12->authsafes->d.data, | ||
75 | ASN1_ITEM_rptr(PKCS12_AUTHSAFES)); | ||
76 | } | ||
77 | --- a/crypto/pkcs12/p12_mutl.c | ||
78 | +++ b/crypto/pkcs12/p12_mutl.c | ||
79 | @@ -93,6 +93,11 @@ static int pkcs12_gen_mac(PKCS12 *p12, c | ||
80 | return 0; | ||
81 | } | ||
82 | |||
83 | + if (p12->authsafes->d.data == NULL) { | ||
84 | + PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_DECODE_ERROR); | ||
85 | + return 0; | ||
86 | + } | ||
87 | + | ||
88 | salt = p12->mac->salt->data; | ||
89 | saltlen = p12->mac->salt->length; | ||
90 | if (!p12->mac->iter) | ||
91 | --- a/crypto/pkcs12/p12_npas.c | ||
92 | +++ b/crypto/pkcs12/p12_npas.c | ||
93 | @@ -78,8 +78,9 @@ static int newpass_p12(PKCS12 *p12, cons | ||
94 | bags = PKCS12_unpack_p7data(p7); | ||
95 | } else if (bagnid == NID_pkcs7_encrypted) { | ||
96 | bags = PKCS12_unpack_p7encdata(p7, oldpass, -1); | ||
97 | - if (!alg_get(p7->d.encrypted->enc_data->algorithm, | ||
98 | - &pbe_nid, &pbe_iter, &pbe_saltlen)) | ||
99 | + if (p7->d.encrypted == NULL | ||
100 | + || !alg_get(p7->d.encrypted->enc_data->algorithm, | ||
101 | + &pbe_nid, &pbe_iter, &pbe_saltlen)) | ||
102 | goto err; | ||
103 | } else { | ||
104 | continue; | ||
105 | --- a/crypto/pkcs7/pk7_mime.c | ||
106 | +++ b/crypto/pkcs7/pk7_mime.c | ||
107 | @@ -30,10 +30,13 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p | ||
108 | { | ||
109 | STACK_OF(X509_ALGOR) *mdalgs; | ||
110 | int ctype_nid = OBJ_obj2nid(p7->type); | ||
111 | - if (ctype_nid == NID_pkcs7_signed) | ||
112 | + if (ctype_nid == NID_pkcs7_signed) { | ||
113 | + if (p7->d.sign == NULL) | ||
114 | + return 0; | ||
115 | mdalgs = p7->d.sign->md_algs; | ||
116 | - else | ||
117 | + } else { | ||
118 | mdalgs = NULL; | ||
119 | + } | ||
120 | |||
121 | flags ^= SMIME_OLDMIME; | ||
122 | |||
diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1w.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1w.bb index 8a53b06862..0e490eabc3 100644 --- a/meta/recipes-connectivity/openssl/openssl_1.1.1w.bb +++ b/meta/recipes-connectivity/openssl/openssl_1.1.1w.bb | |||
@@ -20,6 +20,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ | |||
20 | file://reproducibility.patch \ | 20 | file://reproducibility.patch \ |
21 | file://0001-Configure-add-2-missing-key-sorts.patch \ | 21 | file://0001-Configure-add-2-missing-key-sorts.patch \ |
22 | file://0001-Configure-do-not-tweak-mips-cflags.patch \ | 22 | file://0001-Configure-do-not-tweak-mips-cflags.patch \ |
23 | file://CVE-2024-0727.patch \ | ||
23 | " | 24 | " |
24 | 25 | ||
25 | SRC_URI_append_class-nativesdk = " \ | 26 | SRC_URI_append_class-nativesdk = " \ |
diff --git a/meta/recipes-core/images/build-appliance-image_15.0.0.bb b/meta/recipes-core/images/build-appliance-image_15.0.0.bb index 35c096bc14..035312f4d9 100644 --- a/meta/recipes-core/images/build-appliance-image_15.0.0.bb +++ b/meta/recipes-core/images/build-appliance-image_15.0.0.bb | |||
@@ -24,7 +24,7 @@ IMAGE_FSTYPES = "wic.vmdk" | |||
24 | 24 | ||
25 | inherit core-image setuptools3 | 25 | inherit core-image setuptools3 |
26 | 26 | ||
27 | SRCREV ?= "593cbdf6c3d340b5408e699bc33f5ac419297104" | 27 | SRCREV ?= "77442211926cbe93d60108f6df4abda3bc06b735" |
28 | SRC_URI = "git://git.yoctoproject.org/poky;branch=dunfell \ | 28 | SRC_URI = "git://git.yoctoproject.org/poky;branch=dunfell \ |
29 | file://Yocto_Build_Appliance.vmx \ | 29 | file://Yocto_Build_Appliance.vmx \ |
30 | file://Yocto_Build_Appliance.vmxf \ | 30 | file://Yocto_Build_Appliance.vmxf \ |
diff --git a/meta/recipes-core/ncurses/files/CVE-2023-50495.patch b/meta/recipes-core/ncurses/files/CVE-2023-50495.patch new file mode 100644 index 0000000000..58c23866d1 --- /dev/null +++ b/meta/recipes-core/ncurses/files/CVE-2023-50495.patch | |||
@@ -0,0 +1,79 @@ | |||
1 | Fix for CVE-2023-50495 from upstream: | ||
2 | https://github.com/ThomasDickey/ncurses-snapshots/commit/efe9674ee14b14b788f9618941f97d31742f0adc | ||
3 | |||
4 | Reference: | ||
5 | https://invisible-island.net/archives/ncurses/6.4/ncurses-6.4-20230424.patch.gz | ||
6 | |||
7 | Upstream-Status: Backport [import from suse ftp.pbone.net/mirror/ftp.opensuse.org/update/leap-micro/5.3/sle/src/ncurses-6.1-150000.5.20.1.src.rpm | ||
8 | Upstream commit https://github.com/ThomasDickey/ncurses-snapshots/commit/efe9674ee14b14b788f9618941f97d31742f0adc] | ||
9 | CVE: CVE-2023-50495 | ||
10 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
11 | --- | ||
12 | ncurses/tinfo/parse_entry.c | 23 ++++++++++++++++------- | ||
13 | 1 file changed, 16 insertions(+), 7 deletions(-) | ||
14 | |||
15 | diff --git a/ncurses/tinfo/parse_entry.c b/ncurses/tinfo/parse_entry.c | ||
16 | index 23574b66..56ba9ae6 100644 | ||
17 | --- a/ncurses/tinfo/parse_entry.c | ||
18 | +++ b/ncurses/tinfo/parse_entry.c | ||
19 | @@ -110,7 +110,7 @@ _nc_extend_names(ENTRY * entryp, const char *name, int token_type) | ||
20 | /* Well, we are given a cancel for a name that we don't recognize */ | ||
21 | return _nc_extend_names(entryp, name, STRING); | ||
22 | default: | ||
23 | - return 0; | ||
24 | + return NULL; | ||
25 | } | ||
26 | |||
27 | /* Adjust the 'offset' (insertion-point) to keep the lists of extended | ||
28 | @@ -142,6 +142,11 @@ _nc_extend_names(ENTRY * entryp, const char *name, int token_type) | ||
29 | for (last = (unsigned) (max - 1); last > tindex; last--) | ||
30 | |||
31 | if (!found) { | ||
32 | + char *saved; | ||
33 | + | ||
34 | + if ((saved = _nc_save_str(name)) == NULL) | ||
35 | + return NULL; | ||
36 | + | ||
37 | switch (token_type) { | ||
38 | case BOOLEAN: | ||
39 | tp->ext_Booleans++; | ||
40 | @@ -169,7 +174,7 @@ _nc_extend_names(ENTRY * entryp, const char *name, int token_type) | ||
41 | TYPE_REALLOC(char *, actual, tp->ext_Names); | ||
42 | while (--actual > offset) | ||
43 | tp->ext_Names[actual] = tp->ext_Names[actual - 1]; | ||
44 | - tp->ext_Names[offset] = _nc_save_str(name); | ||
45 | + tp->ext_Names[offset] = saved; | ||
46 | } | ||
47 | |||
48 | temp.nte_name = tp->ext_Names[offset]; | ||
49 | @@ -337,6 +342,8 @@ _nc_parse_entry(ENTRY * entryp, int literal, bool silent) | ||
50 | bool is_use = (strcmp(_nc_curr_token.tk_name, "use") == 0); | ||
51 | bool is_tc = !is_use && (strcmp(_nc_curr_token.tk_name, "tc") == 0); | ||
52 | if (is_use || is_tc) { | ||
53 | + char *saved; | ||
54 | + | ||
55 | if (!VALID_STRING(_nc_curr_token.tk_valstring) | ||
56 | || _nc_curr_token.tk_valstring[0] == '\0') { | ||
57 | _nc_warning("missing name for use-clause"); | ||
58 | @@ -350,11 +357,13 @@ _nc_parse_entry(ENTRY * entryp, int literal, bool silent) | ||
59 | _nc_curr_token.tk_valstring); | ||
60 | continue; | ||
61 | } | ||
62 | - entryp->uses[entryp->nuses].name = _nc_save_str(_nc_curr_token.tk_valstring); | ||
63 | - entryp->uses[entryp->nuses].line = _nc_curr_line; | ||
64 | - entryp->nuses++; | ||
65 | - if (entryp->nuses > 1 && is_tc) { | ||
66 | - BAD_TC_USAGE | ||
67 | + if ((saved = _nc_save_str(_nc_curr_token.tk_valstring)) != NULL) { | ||
68 | + entryp->uses[entryp->nuses].name = saved; | ||
69 | + entryp->uses[entryp->nuses].line = _nc_curr_line; | ||
70 | + entryp->nuses++; | ||
71 | + if (entryp->nuses > 1 && is_tc) { | ||
72 | + BAD_TC_USAGE | ||
73 | + } | ||
74 | } | ||
75 | } else { | ||
76 | /* normal token lookup */ | ||
77 | -- | ||
78 | 2.25.1 | ||
79 | |||
diff --git a/meta/recipes-core/ncurses/ncurses_6.2.bb b/meta/recipes-core/ncurses/ncurses_6.2.bb index 33285bcb5b..dbff149f55 100644 --- a/meta/recipes-core/ncurses/ncurses_6.2.bb +++ b/meta/recipes-core/ncurses/ncurses_6.2.bb | |||
@@ -6,6 +6,7 @@ SRC_URI += "file://0001-tic-hang.patch \ | |||
6 | file://CVE-2021-39537.patch \ | 6 | file://CVE-2021-39537.patch \ |
7 | file://CVE-2022-29458.patch \ | 7 | file://CVE-2022-29458.patch \ |
8 | file://CVE-2023-29491.patch \ | 8 | file://CVE-2023-29491.patch \ |
9 | file://CVE-2023-50495.patch \ | ||
9 | " | 10 | " |
10 | # commit id corresponds to the revision in package version | 11 | # commit id corresponds to the revision in package version |
11 | SRCREV = "a669013cd5e9d6434e5301348ea51baf306c93c4" | 12 | SRCREV = "a669013cd5e9d6434e5301348ea51baf306c93c4" |
diff --git a/meta/recipes-devtools/go/go-1.14.inc b/meta/recipes-devtools/go/go-1.14.inc index 4fbf9d7590..9c7ceda891 100644 --- a/meta/recipes-devtools/go/go-1.14.inc +++ b/meta/recipes-devtools/go/go-1.14.inc | |||
@@ -88,6 +88,10 @@ SRC_URI += "\ | |||
88 | file://CVE-2023-45287-pre2.patch \ | 88 | file://CVE-2023-45287-pre2.patch \ |
89 | file://CVE-2023-45287-pre3.patch \ | 89 | file://CVE-2023-45287-pre3.patch \ |
90 | file://CVE-2023-45287.patch \ | 90 | file://CVE-2023-45287.patch \ |
91 | file://CVE-2023-45289.patch \ | ||
92 | file://CVE-2023-45290.patch \ | ||
93 | file://CVE-2024-24785.patch \ | ||
94 | file://CVE-2024-24784.patch \ | ||
91 | " | 95 | " |
92 | 96 | ||
93 | SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch" | 97 | SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch" |
diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2023-45289.patch b/meta/recipes-devtools/go/go-1.14/CVE-2023-45289.patch new file mode 100644 index 0000000000..13d3510504 --- /dev/null +++ b/meta/recipes-devtools/go/go-1.14/CVE-2023-45289.patch | |||
@@ -0,0 +1,121 @@ | |||
1 | From 20586c0dbe03d144f914155f879fa5ee287591a1 Mon Sep 17 00:00:00 2001 | ||
2 | From: Damien Neil <dneil@google.com> | ||
3 | Date: Thu, 11 Jan 2024 11:31:57 -0800 | ||
4 | Subject: [PATCH] [release-branch.go1.21] net/http, net/http/cookiejar: avoid | ||
5 | subdomain matches on IPv6 zones | ||
6 | |||
7 | When deciding whether to forward cookies or sensitive headers | ||
8 | across a redirect, do not attempt to interpret an IPv6 address | ||
9 | as a domain name. | ||
10 | |||
11 | Avoids a case where a maliciously-crafted redirect to an | ||
12 | IPv6 address with a scoped addressing zone could be | ||
13 | misinterpreted as a within-domain redirect. For example, | ||
14 | we could interpret "::1%.www.example.com" as a subdomain | ||
15 | of "www.example.com". | ||
16 | |||
17 | Thanks to Juho Nurminen of Mattermost for reporting this issue. | ||
18 | |||
19 | Fixes CVE-2023-45289 | ||
20 | Fixes #65385 | ||
21 | For #65065 | ||
22 | |||
23 | Change-Id: I8f463f59f0e700c8a18733d2b264a8bcb3a19599 | ||
24 | Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2131938 | ||
25 | Reviewed-by: Tatiana Bradley <tatianabradley@google.com> | ||
26 | Reviewed-by: Roland Shoemaker <bracewell@google.com> | ||
27 | Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2173775 | ||
28 | Reviewed-by: Carlos Amedee <amedee@google.com> | ||
29 | Reviewed-on: https://go-review.googlesource.com/c/go/+/569239 | ||
30 | Reviewed-by: Carlos Amedee <carlos@golang.org> | ||
31 | Auto-Submit: Michael Knyszek <mknyszek@google.com> | ||
32 | TryBot-Bypass: Michael Knyszek <mknyszek@google.com> | ||
33 | |||
34 | Upstream-Status: Backport [https://github.com/golang/go/commit/20586c0dbe03d144f914155f879fa5ee287591a1] | ||
35 | CVE: CVE-2023-45289 | ||
36 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
37 | --- | ||
38 | src/net/http/client.go | 6 ++++++ | ||
39 | src/net/http/client_test.go | 1 + | ||
40 | src/net/http/cookiejar/jar.go | 7 +++++++ | ||
41 | src/net/http/cookiejar/jar_test.go | 10 ++++++++++ | ||
42 | 4 files changed, 24 insertions(+) | ||
43 | |||
44 | diff --git a/src/net/http/client.go b/src/net/http/client.go | ||
45 | index a496f1c..2031834 100644 | ||
46 | --- a/src/net/http/client.go | ||
47 | +++ b/src/net/http/client.go | ||
48 | @@ -973,6 +973,12 @@ func isDomainOrSubdomain(sub, parent string) bool { | ||
49 | if sub == parent { | ||
50 | return true | ||
51 | } | ||
52 | + // If sub contains a :, it's probably an IPv6 address (and is definitely not a hostname). | ||
53 | + // Don't check the suffix in this case, to avoid matching the contents of a IPv6 zone. | ||
54 | + // For example, "::1%.www.example.com" is not a subdomain of "www.example.com". | ||
55 | + if strings.ContainsAny(sub, ":%") { | ||
56 | + return false | ||
57 | + } | ||
58 | // If sub is "foo.example.com" and parent is "example.com", | ||
59 | // that means sub must end in "."+parent. | ||
60 | // Do it without allocating. | ||
61 | diff --git a/src/net/http/client_test.go b/src/net/http/client_test.go | ||
62 | index 2b4f53f..442fe35 100644 | ||
63 | --- a/src/net/http/client_test.go | ||
64 | +++ b/src/net/http/client_test.go | ||
65 | @@ -1703,6 +1703,7 @@ func TestShouldCopyHeaderOnRedirect(t *testing.T) { | ||
66 | {"cookie2", "http://foo.com/", "http://bar.com/", false}, | ||
67 | {"authorization", "http://foo.com/", "http://bar.com/", false}, | ||
68 | {"www-authenticate", "http://foo.com/", "http://bar.com/", false}, | ||
69 | + {"authorization", "http://foo.com/", "http://[::1%25.foo.com]/", false}, | ||
70 | |||
71 | // But subdomains should work: | ||
72 | {"www-authenticate", "http://foo.com/", "http://foo.com/", true}, | ||
73 | diff --git a/src/net/http/cookiejar/jar.go b/src/net/http/cookiejar/jar.go | ||
74 | index 9f19917..18cbfc2 100644 | ||
75 | --- a/src/net/http/cookiejar/jar.go | ||
76 | +++ b/src/net/http/cookiejar/jar.go | ||
77 | @@ -356,6 +356,13 @@ func jarKey(host string, psl PublicSuffixList) string { | ||
78 | |||
79 | // isIP reports whether host is an IP address. | ||
80 | func isIP(host string) bool { | ||
81 | + if strings.ContainsAny(host, ":%") { | ||
82 | + // Probable IPv6 address. | ||
83 | + // Hostnames can't contain : or %, so this is definitely not a valid host. | ||
84 | + // Treating it as an IP is the more conservative option, and avoids the risk | ||
85 | + // of interpeting ::1%.www.example.com as a subtomain of www.example.com. | ||
86 | + return true | ||
87 | + } | ||
88 | return net.ParseIP(host) != nil | ||
89 | } | ||
90 | |||
91 | diff --git a/src/net/http/cookiejar/jar_test.go b/src/net/http/cookiejar/jar_test.go | ||
92 | index 47fb1ab..fd8d40e 100644 | ||
93 | --- a/src/net/http/cookiejar/jar_test.go | ||
94 | +++ b/src/net/http/cookiejar/jar_test.go | ||
95 | @@ -251,6 +251,7 @@ var isIPTests = map[string]bool{ | ||
96 | "127.0.0.1": true, | ||
97 | "1.2.3.4": true, | ||
98 | "2001:4860:0:2001::68": true, | ||
99 | + "::1%zone": true, | ||
100 | "example.com": false, | ||
101 | "1.1.1.300": false, | ||
102 | "www.foo.bar.net": false, | ||
103 | @@ -613,6 +614,15 @@ var basicsTests = [...]jarTest{ | ||
104 | {"http://www.host.test:1234/", "a=1"}, | ||
105 | }, | ||
106 | }, | ||
107 | + { | ||
108 | + "IPv6 zone is not treated as a host.", | ||
109 | + "https://example.com/", | ||
110 | + []string{"a=1"}, | ||
111 | + "a=1", | ||
112 | + []query{ | ||
113 | + {"https://[::1%25.example.com]:80/", ""}, | ||
114 | + }, | ||
115 | + }, | ||
116 | } | ||
117 | |||
118 | func TestBasics(t *testing.T) { | ||
119 | -- | ||
120 | 2.25.1 | ||
121 | |||
diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2023-45290.patch b/meta/recipes-devtools/go/go-1.14/CVE-2023-45290.patch new file mode 100644 index 0000000000..ddc2f67c96 --- /dev/null +++ b/meta/recipes-devtools/go/go-1.14/CVE-2023-45290.patch | |||
@@ -0,0 +1,271 @@ | |||
1 | From bf80213b121074f4ad9b449410a4d13bae5e9be0 Mon Sep 17 00:00:00 2001 | ||
2 | From: Damien Neil <dneil@google.com> | ||
3 | Date: Tue, 16 Jan 2024 15:37:52 -0800 | ||
4 | Subject: [PATCH] [release-branch.go1.21] net/textproto, mime/multipart: avoid | ||
5 | unbounded read in MIME header | ||
6 | |||
7 | mime/multipart.Reader.ReadForm allows specifying the maximum amount | ||
8 | of memory that will be consumed by the form. While this limit is | ||
9 | correctly applied to the parsed form data structure, it was not | ||
10 | being applied to individual header lines in a form. | ||
11 | |||
12 | For example, when presented with a form containing a header line | ||
13 | that never ends, ReadForm will continue to read the line until it | ||
14 | runs out of memory. | ||
15 | |||
16 | Limit the amount of data consumed when reading a header. | ||
17 | |||
18 | Fixes CVE-2023-45290 | ||
19 | Fixes #65389 | ||
20 | For #65383 | ||
21 | |||
22 | Change-Id: I7f9264d25752009e95f6b2c80e3d76aaf321d658 | ||
23 | Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2134435 | ||
24 | Reviewed-by: Roland Shoemaker <bracewell@google.com> | ||
25 | Reviewed-by: Tatiana Bradley <tatianabradley@google.com> | ||
26 | Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2173776 | ||
27 | Reviewed-by: Carlos Amedee <amedee@google.com> | ||
28 | Reviewed-on: https://go-review.googlesource.com/c/go/+/569240 | ||
29 | Auto-Submit: Michael Knyszek <mknyszek@google.com> | ||
30 | LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> | ||
31 | Reviewed-by: Carlos Amedee <carlos@golang.org> | ||
32 | |||
33 | Upstream-Status: Backport [https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0] | ||
34 | CVE: CVE-2023-45290 | ||
35 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
36 | --- | ||
37 | src/mime/multipart/formdata_test.go | 42 +++++++++++++++++++++++++ | ||
38 | src/net/textproto/reader.go | 48 ++++++++++++++++++++--------- | ||
39 | src/net/textproto/reader_test.go | 12 ++++++++ | ||
40 | 3 files changed, 87 insertions(+), 15 deletions(-) | ||
41 | |||
42 | diff --git a/src/mime/multipart/formdata_test.go b/src/mime/multipart/formdata_test.go | ||
43 | index c78eeb7..f729da6 100644 | ||
44 | --- a/src/mime/multipart/formdata_test.go | ||
45 | +++ b/src/mime/multipart/formdata_test.go | ||
46 | @@ -421,6 +421,48 @@ func TestReadFormLimits(t *testing.T) { | ||
47 | } | ||
48 | } | ||
49 | |||
50 | +func TestReadFormEndlessHeaderLine(t *testing.T) { | ||
51 | + for _, test := range []struct { | ||
52 | + name string | ||
53 | + prefix string | ||
54 | + }{{ | ||
55 | + name: "name", | ||
56 | + prefix: "X-", | ||
57 | + }, { | ||
58 | + name: "value", | ||
59 | + prefix: "X-Header: ", | ||
60 | + }, { | ||
61 | + name: "continuation", | ||
62 | + prefix: "X-Header: foo\r\n ", | ||
63 | + }} { | ||
64 | + t.Run(test.name, func(t *testing.T) { | ||
65 | + const eol = "\r\n" | ||
66 | + s := `--boundary` + eol | ||
67 | + s += `Content-Disposition: form-data; name="a"` + eol | ||
68 | + s += `Content-Type: text/plain` + eol | ||
69 | + s += test.prefix | ||
70 | + fr := io.MultiReader( | ||
71 | + strings.NewReader(s), | ||
72 | + neverendingReader('X'), | ||
73 | + ) | ||
74 | + r := NewReader(fr, "boundary") | ||
75 | + _, err := r.ReadForm(1 << 20) | ||
76 | + if err != ErrMessageTooLarge { | ||
77 | + t.Fatalf("ReadForm(1 << 20): %v, want ErrMessageTooLarge", err) | ||
78 | + } | ||
79 | + }) | ||
80 | + } | ||
81 | +} | ||
82 | + | ||
83 | +type neverendingReader byte | ||
84 | + | ||
85 | +func (r neverendingReader) Read(p []byte) (n int, err error) { | ||
86 | + for i := range p { | ||
87 | + p[i] = byte(r) | ||
88 | + } | ||
89 | + return len(p), nil | ||
90 | +} | ||
91 | + | ||
92 | func BenchmarkReadForm(b *testing.B) { | ||
93 | for _, test := range []struct { | ||
94 | name string | ||
95 | diff --git a/src/net/textproto/reader.go b/src/net/textproto/reader.go | ||
96 | index ad2d777..cea6613 100644 | ||
97 | --- a/src/net/textproto/reader.go | ||
98 | +++ b/src/net/textproto/reader.go | ||
99 | @@ -17,6 +17,10 @@ import ( | ||
100 | "sync" | ||
101 | ) | ||
102 | |||
103 | +// TODO: This should be a distinguishable error (ErrMessageTooLarge) | ||
104 | +// to allow mime/multipart to detect it. | ||
105 | +var errMessageTooLarge = errors.New("message too large") | ||
106 | + | ||
107 | // A Reader implements convenience methods for reading requests | ||
108 | // or responses from a text protocol network connection. | ||
109 | type Reader struct { | ||
110 | @@ -38,13 +42,13 @@ func NewReader(r *bufio.Reader) *Reader { | ||
111 | // ReadLine reads a single line from r, | ||
112 | // eliding the final \n or \r\n from the returned string. | ||
113 | func (r *Reader) ReadLine() (string, error) { | ||
114 | - line, err := r.readLineSlice() | ||
115 | + line, err := r.readLineSlice(-1) | ||
116 | return string(line), err | ||
117 | } | ||
118 | |||
119 | // ReadLineBytes is like ReadLine but returns a []byte instead of a string. | ||
120 | func (r *Reader) ReadLineBytes() ([]byte, error) { | ||
121 | - line, err := r.readLineSlice() | ||
122 | + line, err := r.readLineSlice(-1) | ||
123 | if line != nil { | ||
124 | buf := make([]byte, len(line)) | ||
125 | copy(buf, line) | ||
126 | @@ -53,7 +57,10 @@ func (r *Reader) ReadLineBytes() ([]byte, error) { | ||
127 | return line, err | ||
128 | } | ||
129 | |||
130 | -func (r *Reader) readLineSlice() ([]byte, error) { | ||
131 | +// readLineSlice reads a single line from r, | ||
132 | +// up to lim bytes long (or unlimited if lim is less than 0), | ||
133 | +// eliding the final \r or \r\n from the returned string. | ||
134 | +func (r *Reader) readLineSlice(lim int64) ([]byte, error) { | ||
135 | r.closeDot() | ||
136 | var line []byte | ||
137 | for { | ||
138 | @@ -61,6 +68,9 @@ func (r *Reader) readLineSlice() ([]byte, error) { | ||
139 | if err != nil { | ||
140 | return nil, err | ||
141 | } | ||
142 | + if lim >= 0 && int64(len(line))+int64(len(l)) > lim { | ||
143 | + return nil, errMessageTooLarge | ||
144 | + } | ||
145 | // Avoid the copy if the first call produced a full line. | ||
146 | if line == nil && !more { | ||
147 | return l, nil | ||
148 | @@ -93,7 +103,7 @@ func (r *Reader) readLineSlice() ([]byte, error) { | ||
149 | // A line consisting of only white space is never continued. | ||
150 | // | ||
151 | func (r *Reader) ReadContinuedLine() (string, error) { | ||
152 | - line, err := r.readContinuedLineSlice(noValidation) | ||
153 | + line, err := r.readContinuedLineSlice(-1, noValidation) | ||
154 | return string(line), err | ||
155 | } | ||
156 | |||
157 | @@ -114,7 +124,7 @@ func trim(s []byte) []byte { | ||
158 | // ReadContinuedLineBytes is like ReadContinuedLine but | ||
159 | // returns a []byte instead of a string. | ||
160 | func (r *Reader) ReadContinuedLineBytes() ([]byte, error) { | ||
161 | - line, err := r.readContinuedLineSlice(noValidation) | ||
162 | + line, err := r.readContinuedLineSlice(-1, noValidation) | ||
163 | if line != nil { | ||
164 | buf := make([]byte, len(line)) | ||
165 | copy(buf, line) | ||
166 | @@ -127,13 +137,14 @@ func (r *Reader) ReadContinuedLineBytes() ([]byte, error) { | ||
167 | // returning a byte slice with all lines. The validateFirstLine function | ||
168 | // is run on the first read line, and if it returns an error then this | ||
169 | // error is returned from readContinuedLineSlice. | ||
170 | -func (r *Reader) readContinuedLineSlice(validateFirstLine func([]byte) error) ([]byte, error) { | ||
171 | +// It reads up to lim bytes of data (or unlimited if lim is less than 0). | ||
172 | +func (r *Reader) readContinuedLineSlice(lim int64, validateFirstLine func([]byte) error) ([]byte, error) { | ||
173 | if validateFirstLine == nil { | ||
174 | return nil, fmt.Errorf("missing validateFirstLine func") | ||
175 | } | ||
176 | |||
177 | // Read the first line. | ||
178 | - line, err := r.readLineSlice() | ||
179 | + line, err := r.readLineSlice(lim) | ||
180 | if err != nil { | ||
181 | return nil, err | ||
182 | } | ||
183 | @@ -161,13 +172,21 @@ func (r *Reader) readContinuedLineSlice(validateFirstLine func([]byte) error) ([ | ||
184 | // copy the slice into buf. | ||
185 | r.buf = append(r.buf[:0], trim(line)...) | ||
186 | |||
187 | + if lim < 0 { | ||
188 | + lim = math.MaxInt64 | ||
189 | + } | ||
190 | + lim -= int64(len(r.buf)) | ||
191 | + | ||
192 | // Read continuation lines. | ||
193 | for r.skipSpace() > 0 { | ||
194 | - line, err := r.readLineSlice() | ||
195 | + r.buf = append(r.buf, ' ') | ||
196 | + if int64(len(r.buf)) >= lim { | ||
197 | + return nil, errMessageTooLarge | ||
198 | + } | ||
199 | + line, err := r.readLineSlice(lim - int64(len(r.buf))) | ||
200 | if err != nil { | ||
201 | break | ||
202 | } | ||
203 | - r.buf = append(r.buf, ' ') | ||
204 | r.buf = append(r.buf, trim(line)...) | ||
205 | } | ||
206 | return r.buf, nil | ||
207 | @@ -512,7 +531,8 @@ func readMIMEHeader(r *Reader, maxMemory, maxHeaders int64) (MIMEHeader, error) | ||
208 | |||
209 | // The first line cannot start with a leading space. | ||
210 | if buf, err := r.R.Peek(1); err == nil && (buf[0] == ' ' || buf[0] == '\t') { | ||
211 | - line, err := r.readLineSlice() | ||
212 | + const errorLimit = 80 // arbitrary limit on how much of the line we'll quote | ||
213 | + line, err := r.readLineSlice(errorLimit) | ||
214 | if err != nil { | ||
215 | return m, err | ||
216 | } | ||
217 | @@ -520,7 +540,7 @@ func readMIMEHeader(r *Reader, maxMemory, maxHeaders int64) (MIMEHeader, error) | ||
218 | } | ||
219 | |||
220 | for { | ||
221 | - kv, err := r.readContinuedLineSlice(mustHaveFieldNameColon) | ||
222 | + kv, err := r.readContinuedLineSlice(maxMemory, mustHaveFieldNameColon) | ||
223 | if len(kv) == 0 { | ||
224 | return m, err | ||
225 | } | ||
226 | @@ -541,7 +561,7 @@ func readMIMEHeader(r *Reader, maxMemory, maxHeaders int64) (MIMEHeader, error) | ||
227 | |||
228 | maxHeaders-- | ||
229 | if maxHeaders < 0 { | ||
230 | - return nil, errors.New("message too large") | ||
231 | + return nil, errMessageTooLarge | ||
232 | } | ||
233 | |||
234 | // backport 5c55ac9bf1e5f779220294c843526536605f42ab | ||
235 | @@ -567,9 +587,7 @@ func readMIMEHeader(r *Reader, maxMemory, maxHeaders int64) (MIMEHeader, error) | ||
236 | } | ||
237 | maxMemory -= int64(len(value)) | ||
238 | if maxMemory < 0 { | ||
239 | - // TODO: This should be a distinguishable error (ErrMessageTooLarge) | ||
240 | - // to allow mime/multipart to detect it. | ||
241 | - return m, errors.New("message too large") | ||
242 | + return m, errMessageTooLarge | ||
243 | } | ||
244 | if vv == nil && len(strs) > 0 { | ||
245 | // More than likely this will be a single-element key. | ||
246 | diff --git a/src/net/textproto/reader_test.go b/src/net/textproto/reader_test.go | ||
247 | index 3ae0de1..db1ed91 100644 | ||
248 | --- a/src/net/textproto/reader_test.go | ||
249 | +++ b/src/net/textproto/reader_test.go | ||
250 | @@ -34,6 +34,18 @@ func TestReadLine(t *testing.T) { | ||
251 | } | ||
252 | } | ||
253 | |||
254 | +func TestReadLineLongLine(t *testing.T) { | ||
255 | + line := strings.Repeat("12345", 10000) | ||
256 | + r := reader(line + "\r\n") | ||
257 | + s, err := r.ReadLine() | ||
258 | + if err != nil { | ||
259 | + t.Fatalf("Line 1: %v", err) | ||
260 | + } | ||
261 | + if s != line { | ||
262 | + t.Fatalf("%v-byte line does not match expected %v-byte line", len(s), len(line)) | ||
263 | + } | ||
264 | +} | ||
265 | + | ||
266 | func TestReadContinuedLine(t *testing.T) { | ||
267 | r := reader("line1\nline\n 2\nline3\n") | ||
268 | s, err := r.ReadContinuedLine() | ||
269 | -- | ||
270 | 2.25.1 | ||
271 | |||
diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2024-24784.patch b/meta/recipes-devtools/go/go-1.14/CVE-2024-24784.patch new file mode 100644 index 0000000000..e9d9d972b9 --- /dev/null +++ b/meta/recipes-devtools/go/go-1.14/CVE-2024-24784.patch | |||
@@ -0,0 +1,205 @@ | |||
1 | From 5330cd225ba54c7dc78c1b46dcdf61a4671a632c Mon Sep 17 00:00:00 2001 | ||
2 | From: Roland Shoemaker <bracewell@google.com> | ||
3 | Date: Wed, 10 Jan 2024 11:02:14 -0800 | ||
4 | Subject: [PATCH] [release-branch.go1.22] net/mail: properly handle special | ||
5 | characters in phrase and obs-phrase | ||
6 | |||
7 | Fixes a couple of misalignments with RFC 5322 which introduce | ||
8 | significant diffs between (mostly) conformant parsers. | ||
9 | |||
10 | This change reverts the changes made in CL50911, which allowed certain | ||
11 | special RFC 5322 characters to appear unquoted in the "phrase" syntax. | ||
12 | It is unclear why this change was made in the first place, and created | ||
13 | a divergence from comformant parsers. In particular this resulted in | ||
14 | treating comments in display names incorrectly. | ||
15 | |||
16 | Additionally properly handle trailing malformed comments in the group | ||
17 | syntax. | ||
18 | |||
19 | For #65083 | ||
20 | Fixed #65849 | ||
21 | |||
22 | Change-Id: I00dddc044c6ae3381154e43236632604c390f672 | ||
23 | Reviewed-on: https://go-review.googlesource.com/c/go/+/555596 | ||
24 | Reviewed-by: Damien Neil <dneil@google.com> | ||
25 | LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> | ||
26 | Reviewed-on: https://go-review.googlesource.com/c/go/+/566215 | ||
27 | Reviewed-by: Carlos Amedee <carlos@golang.org> | ||
28 | |||
29 | Upstream-Status: Backport [https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c] | ||
30 | CVE: CVE-2024-24784 | ||
31 | Signed-off-by: Ashish Sharma <asharma@mvista.com> | ||
32 | |||
33 | src/net/mail/message.go | 30 +++++++++++++++------------ | ||
34 | src/net/mail/message_test.go | 40 ++++++++++++++++++++++++++---------- | ||
35 | 2 files changed, 46 insertions(+), 24 deletions(-) | ||
36 | |||
37 | diff --git a/src/net/mail/message.go b/src/net/mail/message.go | ||
38 | index af516fc30f470..fc2a9e46f811b 100644 | ||
39 | --- a/src/net/mail/message.go | ||
40 | +++ b/src/net/mail/message.go | ||
41 | @@ -280,7 +280,7 @@ func (a *Address) String() string { | ||
42 | // Add quotes if needed | ||
43 | quoteLocal := false | ||
44 | for i, r := range local { | ||
45 | - if isAtext(r, false, false) { | ||
46 | + if isAtext(r, false) { | ||
47 | continue | ||
48 | } | ||
49 | if r == '.' { | ||
50 | @@ -444,7 +444,7 @@ func (p *addrParser) parseAddress(handleGroup bool) ([]*Address, error) { | ||
51 | if !p.consume('<') { | ||
52 | atext := true | ||
53 | for _, r := range displayName { | ||
54 | - if !isAtext(r, true, false) { | ||
55 | + if !isAtext(r, true) { | ||
56 | atext = false | ||
57 | break | ||
58 | } | ||
59 | @@ -479,7 +479,9 @@ func (p *addrParser) consumeGroupList() ([]*Address, error) { | ||
60 | // handle empty group. | ||
61 | p.skipSpace() | ||
62 | if p.consume(';') { | ||
63 | - p.skipCFWS() | ||
64 | + if !p.skipCFWS() { | ||
65 | + return nil, errors.New("mail: misformatted parenthetical comment") | ||
66 | + } | ||
67 | return group, nil | ||
68 | } | ||
69 | |||
70 | @@ -496,7 +498,9 @@ func (p *addrParser) consumeGroupList() ([]*Address, error) { | ||
71 | return nil, errors.New("mail: misformatted parenthetical comment") | ||
72 | } | ||
73 | if p.consume(';') { | ||
74 | - p.skipCFWS() | ||
75 | + if !p.skipCFWS() { | ||
76 | + return nil, errors.New("mail: misformatted parenthetical comment") | ||
77 | + } | ||
78 | break | ||
79 | } | ||
80 | if !p.consume(',') { | ||
81 | @@ -566,6 +570,12 @@ func (p *addrParser) consumePhrase() (phrase string, err error) { | ||
82 | var words []string | ||
83 | var isPrevEncoded bool | ||
84 | for { | ||
85 | + // obs-phrase allows CFWS after one word | ||
86 | + if len(words) > 0 { | ||
87 | + if !p.skipCFWS() { | ||
88 | + return "", errors.New("mail: misformatted parenthetical comment") | ||
89 | + } | ||
90 | + } | ||
91 | // word = atom / quoted-string | ||
92 | var word string | ||
93 | p.skipSpace() | ||
94 | @@ -661,7 +671,6 @@ Loop: | ||
95 | // If dot is true, consumeAtom parses an RFC 5322 dot-atom instead. | ||
96 | // If permissive is true, consumeAtom will not fail on: | ||
97 | // - leading/trailing/double dots in the atom (see golang.org/issue/4938) | ||
98 | -// - special characters (RFC 5322 3.2.3) except '<', '>', ':' and '"' (see golang.org/issue/21018) | ||
99 | func (p *addrParser) consumeAtom(dot bool, permissive bool) (atom string, err error) { | ||
100 | i := 0 | ||
101 | |||
102 | @@ -672,7 +681,7 @@ Loop: | ||
103 | case size == 1 && r == utf8.RuneError: | ||
104 | return "", fmt.Errorf("mail: invalid utf-8 in address: %q", p.s) | ||
105 | |||
106 | - case size == 0 || !isAtext(r, dot, permissive): | ||
107 | + case size == 0 || !isAtext(r, dot): | ||
108 | break Loop | ||
109 | |||
110 | default: | ||
111 | @@ -850,18 +859,13 @@ func (e charsetError) Error() string { | ||
112 | |||
113 | // isAtext reports whether r is an RFC 5322 atext character. | ||
114 | // If dot is true, period is included. | ||
115 | -// If permissive is true, RFC 5322 3.2.3 specials is included, | ||
116 | -// except '<', '>', ':' and '"'. | ||
117 | -func isAtext(r rune, dot, permissive bool) bool { | ||
118 | +func isAtext(r rune, dot bool) bool { | ||
119 | switch r { | ||
120 | case '.': | ||
121 | return dot | ||
122 | |||
123 | // RFC 5322 3.2.3. specials | ||
124 | - case '(', ')', '[', ']', ';', '@', '\\', ',': | ||
125 | - return permissive | ||
126 | - | ||
127 | - case '<', '>', '"', ':': | ||
128 | + case '(', ')', '<', '>', '[', ']', ':', ';', '@', '\\', ',', '"': // RFC 5322 3.2.3. specials | ||
129 | return false | ||
130 | } | ||
131 | return isVchar(r) | ||
132 | diff --git a/src/net/mail/message_test.go b/src/net/mail/message_test.go | ||
133 | index 1e1bb4092f659..1f2f62afbf406 100644 | ||
134 | --- a/src/net/mail/message_test.go | ||
135 | +++ b/src/net/mail/message_test.go | ||
136 | @@ -385,8 +385,11 @@ func TestAddressParsingError(t *testing.T) { | ||
137 | 13: {"group not closed: null@example.com", "expected comma"}, | ||
138 | 14: {"group: first@example.com, second@example.com;", "group with multiple addresses"}, | ||
139 | 15: {"john.doe", "missing '@' or angle-addr"}, | ||
140 | - 16: {"john.doe@", "no angle-addr"}, | ||
141 | + 16: {"john.doe@", "missing '@' or angle-addr"}, | ||
142 | 17: {"John Doe@foo.bar", "no angle-addr"}, | ||
143 | + 18: {" group: null@example.com; (asd", "misformatted parenthetical comment"}, | ||
144 | + 19: {" group: ; (asd", "misformatted parenthetical comment"}, | ||
145 | + 20: {`(John) Doe <jdoe@machine.example>`, "missing word in phrase:"}, | ||
146 | } | ||
147 | |||
148 | for i, tc := range mustErrTestCases { | ||
149 | @@ -436,24 +439,19 @@ func TestAddressParsing(t *testing.T) { | ||
150 | Address: "john.q.public@example.com", | ||
151 | }}, | ||
152 | }, | ||
153 | - { | ||
154 | - `"John (middle) Doe" <jdoe@machine.example>`, | ||
155 | - []*Address{{ | ||
156 | - Name: "John (middle) Doe", | ||
157 | - Address: "jdoe@machine.example", | ||
158 | - }}, | ||
159 | - }, | ||
160 | + // Comment in display name | ||
161 | { | ||
162 | `John (middle) Doe <jdoe@machine.example>`, | ||
163 | []*Address{{ | ||
164 | - Name: "John (middle) Doe", | ||
165 | + Name: "John Doe", | ||
166 | Address: "jdoe@machine.example", | ||
167 | }}, | ||
168 | }, | ||
169 | + // Display name is quoted string, so comment is not a comment | ||
170 | { | ||
171 | - `John !@M@! Doe <jdoe@machine.example>`, | ||
172 | + `"John (middle) Doe" <jdoe@machine.example>`, | ||
173 | []*Address{{ | ||
174 | - Name: "John !@M@! Doe", | ||
175 | + Name: "John (middle) Doe", | ||
176 | Address: "jdoe@machine.example", | ||
177 | }}, | ||
178 | }, | ||
179 | @@ -788,6 +786,26 @@ func TestAddressParsing(t *testing.T) { | ||
180 | }, | ||
181 | }, | ||
182 | }, | ||
183 | + // Comment in group display name | ||
184 | + { | ||
185 | + `group (comment:): a@example.com, b@example.com;`, | ||
186 | + []*Address{ | ||
187 | + { | ||
188 | + Address: "a@example.com", | ||
189 | + }, | ||
190 | + { | ||
191 | + Address: "b@example.com", | ||
192 | + }, | ||
193 | + }, | ||
194 | + }, | ||
195 | + { | ||
196 | + `x(:"):"@a.example;("@b.example;`, | ||
197 | + []*Address{ | ||
198 | + { | ||
199 | + Address: `@a.example;(@b.example`, | ||
200 | + }, | ||
201 | + }, | ||
202 | + }, | ||
203 | } | ||
204 | for _, test := range tests { | ||
205 | if len(test.exp) == 1 { | ||
diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2024-24785.patch b/meta/recipes-devtools/go/go-1.14/CVE-2024-24785.patch new file mode 100644 index 0000000000..1398a2ca48 --- /dev/null +++ b/meta/recipes-devtools/go/go-1.14/CVE-2024-24785.patch | |||
@@ -0,0 +1,197 @@ | |||
1 | From 3643147a29352ca2894fd5d0d2069bc4b4335a7e Mon Sep 17 00:00:00 2001 | ||
2 | From: Roland Shoemaker <roland@golang.org> | ||
3 | Date: Wed, 14 Feb 2024 17:18:36 -0800 | ||
4 | Subject: [PATCH] [release-branch.go1.21] html/template: escape additional | ||
5 | tokens in MarshalJSON errors | ||
6 | |||
7 | Escape "</script" and "<!--" in errors returned from MarshalJSON errors | ||
8 | when attempting to marshal types in script blocks. This prevents any | ||
9 | user controlled content from prematurely terminating the script block. | ||
10 | |||
11 | Updates #65697 | ||
12 | Fixes #65968 | ||
13 | |||
14 | Change-Id: Icf0e26c54ea7d9c1deed0bff11b6506c99ddef1b | ||
15 | Reviewed-on: https://go-review.googlesource.com/c/go/+/564196 | ||
16 | LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> | ||
17 | Reviewed-by: Damien Neil <dneil@google.com> | ||
18 | (cherry picked from commit ccbc725f2d678255df1bd326fa511a492aa3a0aa) | ||
19 | Reviewed-on: https://go-review.googlesource.com/c/go/+/567515 | ||
20 | Reviewed-by: Carlos Amedee <carlos@golang.org> | ||
21 | |||
22 | Upstream-Status: Backport [https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e] | ||
23 | CVE: CVE-2024-24785 | ||
24 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
25 | --- | ||
26 | src/html/template/js.go | 22 ++++++++- | ||
27 | src/html/template/js_test.go | 96 ++++++++++++++++++++---------------- | ||
28 | 2 files changed, 74 insertions(+), 44 deletions(-) | ||
29 | |||
30 | diff --git a/src/html/template/js.go b/src/html/template/js.go | ||
31 | index 35994f0..4d3b25d 100644 | ||
32 | --- a/src/html/template/js.go | ||
33 | +++ b/src/html/template/js.go | ||
34 | @@ -171,13 +171,31 @@ func jsValEscaper(args ...interface{}) string { | ||
35 | // cyclic data. This may be an unacceptable DoS risk. | ||
36 | b, err := json.Marshal(a) | ||
37 | if err != nil { | ||
38 | - // Put a space before comment so that if it is flush against | ||
39 | + // While the standard JSON marshaller does not include user controlled | ||
40 | + // information in the error message, if a type has a MarshalJSON method, | ||
41 | + // the content of the error message is not guaranteed. Since we insert | ||
42 | + // the error into the template, as part of a comment, we attempt to | ||
43 | + // prevent the error from either terminating the comment, or the script | ||
44 | + // block itself. | ||
45 | + // | ||
46 | + // In particular we: | ||
47 | + // * replace "*/" comment end tokens with "* /", which does not | ||
48 | + // terminate the comment | ||
49 | + // * replace "</script" with "\x3C/script", and "<!--" with | ||
50 | + // "\x3C!--", which prevents confusing script block termination | ||
51 | + // semantics | ||
52 | + // | ||
53 | + // We also put a space before the comment so that if it is flush against | ||
54 | // a division operator it is not turned into a line comment: | ||
55 | // x/{{y}} | ||
56 | // turning into | ||
57 | // x//* error marshaling y: | ||
58 | // second line of error message */null | ||
59 | - return fmt.Sprintf(" /* %s */null ", strings.ReplaceAll(err.Error(), "*/", "* /")) | ||
60 | + errStr := err.Error() | ||
61 | + errStr = strings.ReplaceAll(errStr, "*/", "* /") | ||
62 | + errStr = strings.ReplaceAll(errStr, "</script", `\x3C/script`) | ||
63 | + errStr = strings.ReplaceAll(errStr, "<!--", `\x3C!--`) | ||
64 | + return fmt.Sprintf(" /* %s */null ", errStr) | ||
65 | } | ||
66 | |||
67 | // TODO: maybe post-process output to prevent it from containing | ||
68 | diff --git a/src/html/template/js_test.go b/src/html/template/js_test.go | ||
69 | index de9ef28..3fc3baf 100644 | ||
70 | --- a/src/html/template/js_test.go | ||
71 | +++ b/src/html/template/js_test.go | ||
72 | @@ -5,6 +5,7 @@ | ||
73 | package template | ||
74 | |||
75 | import ( | ||
76 | + "errors" | ||
77 | "bytes" | ||
78 | "math" | ||
79 | "strings" | ||
80 | @@ -104,61 +105,72 @@ func TestNextJsCtx(t *testing.T) { | ||
81 | } | ||
82 | } | ||
83 | |||
84 | +type jsonErrType struct{} | ||
85 | + | ||
86 | +func (e *jsonErrType) MarshalJSON() ([]byte, error) { | ||
87 | + return nil, errors.New("beep */ boop </script blip <!--") | ||
88 | +} | ||
89 | + | ||
90 | func TestJSValEscaper(t *testing.T) { | ||
91 | tests := []struct { | ||
92 | - x interface{} | ||
93 | - js string | ||
94 | + x interface{} | ||
95 | + js string | ||
96 | + skipNest bool | ||
97 | }{ | ||
98 | - {int(42), " 42 "}, | ||
99 | - {uint(42), " 42 "}, | ||
100 | - {int16(42), " 42 "}, | ||
101 | - {uint16(42), " 42 "}, | ||
102 | - {int32(-42), " -42 "}, | ||
103 | - {uint32(42), " 42 "}, | ||
104 | - {int16(-42), " -42 "}, | ||
105 | - {uint16(42), " 42 "}, | ||
106 | - {int64(-42), " -42 "}, | ||
107 | - {uint64(42), " 42 "}, | ||
108 | - {uint64(1) << 53, " 9007199254740992 "}, | ||
109 | + {int(42), " 42 ", false}, | ||
110 | + {uint(42), " 42 ", false}, | ||
111 | + {int16(42), " 42 ", false}, | ||
112 | + {uint16(42), " 42 ", false}, | ||
113 | + {int32(-42), " -42 ", false}, | ||
114 | + {uint32(42), " 42 ", false}, | ||
115 | + {int16(-42), " -42 ", false}, | ||
116 | + {uint16(42), " 42 ", false}, | ||
117 | + {int64(-42), " -42 ", false}, | ||
118 | + {uint64(42), " 42 ", false}, | ||
119 | + {uint64(1) << 53, " 9007199254740992 ", false}, | ||
120 | // ulp(1 << 53) > 1 so this loses precision in JS | ||
121 | // but it is still a representable integer literal. | ||
122 | - {uint64(1)<<53 + 1, " 9007199254740993 "}, | ||
123 | - {float32(1.0), " 1 "}, | ||
124 | - {float32(-1.0), " -1 "}, | ||
125 | - {float32(0.5), " 0.5 "}, | ||
126 | - {float32(-0.5), " -0.5 "}, | ||
127 | - {float32(1.0) / float32(256), " 0.00390625 "}, | ||
128 | - {float32(0), " 0 "}, | ||
129 | - {math.Copysign(0, -1), " -0 "}, | ||
130 | - {float64(1.0), " 1 "}, | ||
131 | - {float64(-1.0), " -1 "}, | ||
132 | - {float64(0.5), " 0.5 "}, | ||
133 | - {float64(-0.5), " -0.5 "}, | ||
134 | - {float64(0), " 0 "}, | ||
135 | - {math.Copysign(0, -1), " -0 "}, | ||
136 | - {"", `""`}, | ||
137 | - {"foo", `"foo"`}, | ||
138 | + {uint64(1)<<53 + 1, " 9007199254740993 ", false}, | ||
139 | + {float32(1.0), " 1 ", false}, | ||
140 | + {float32(-1.0), " -1 ", false}, | ||
141 | + {float32(0.5), " 0.5 ", false}, | ||
142 | + {float32(-0.5), " -0.5 ", false}, | ||
143 | + {float32(1.0) / float32(256), " 0.00390625 ", false}, | ||
144 | + {float32(0), " 0 ", false}, | ||
145 | + {math.Copysign(0, -1), " -0 ", false}, | ||
146 | + {float64(1.0), " 1 ", false}, | ||
147 | + {float64(-1.0), " -1 ", false}, | ||
148 | + {float64(0.5), " 0.5 ", false}, | ||
149 | + {float64(-0.5), " -0.5 ", false}, | ||
150 | + {float64(0), " 0 ", false}, | ||
151 | + {math.Copysign(0, -1), " -0 ", false}, | ||
152 | + {"", `""`, false}, | ||
153 | + {"foo", `"foo"`, false}, | ||
154 | // Newlines. | ||
155 | - {"\r\n\u2028\u2029", `"\r\n\u2028\u2029"`}, | ||
156 | + {"\r\n\u2028\u2029", `"\r\n\u2028\u2029"`, false}, | ||
157 | // "\v" == "v" on IE 6 so use "\u000b" instead. | ||
158 | - {"\t\x0b", `"\t\u000b"`}, | ||
159 | - {struct{ X, Y int }{1, 2}, `{"X":1,"Y":2}`}, | ||
160 | - {[]interface{}{}, "[]"}, | ||
161 | - {[]interface{}{42, "foo", nil}, `[42,"foo",null]`}, | ||
162 | - {[]string{"<!--", "</script>", "-->"}, `["\u003c!--","\u003c/script\u003e","--\u003e"]`}, | ||
163 | - {"<!--", `"\u003c!--"`}, | ||
164 | - {"-->", `"--\u003e"`}, | ||
165 | - {"<![CDATA[", `"\u003c![CDATA["`}, | ||
166 | - {"]]>", `"]]\u003e"`}, | ||
167 | - {"</script", `"\u003c/script"`}, | ||
168 | - {"\U0001D11E", "\"\U0001D11E\""}, // or "\uD834\uDD1E" | ||
169 | - {nil, " null "}, | ||
170 | + {"\t\x0b", `"\t\u000b"`, false}, | ||
171 | + {struct{ X, Y int }{1, 2}, `{"X":1,"Y":2}`, false}, | ||
172 | + {[]interface{}{}, "[]", false}, | ||
173 | + {[]interface{}{42, "foo", nil}, `[42,"foo",null]`, false}, | ||
174 | + {[]string{"<!--", "</script>", "-->"}, `["\u003c!--","\u003c/script\u003e","--\u003e"]`, false}, | ||
175 | + {"<!--", `"\u003c!--"`, false}, | ||
176 | + {"-->", `"--\u003e"`, false}, | ||
177 | + {"<![CDATA[", `"\u003c![CDATA["`, false}, | ||
178 | + {"]]>", `"]]\u003e"`, false}, | ||
179 | + {"</script", `"\u003c/script"`, false}, | ||
180 | + {"\U0001D11E", "\"\U0001D11E\"", false}, // or "\uD834\uDD1E" | ||
181 | + {nil, " null ", false}, | ||
182 | + {&jsonErrType{}, " /* json: error calling MarshalJSON for type *template.jsonErrType: beep * / boop \\x3C/script blip \\x3C!-- */null ", true}, | ||
183 | } | ||
184 | |||
185 | for _, test := range tests { | ||
186 | if js := jsValEscaper(test.x); js != test.js { | ||
187 | t.Errorf("%+v: want\n\t%q\ngot\n\t%q", test.x, test.js, js) | ||
188 | } | ||
189 | + if test.skipNest { | ||
190 | + continue | ||
191 | + } | ||
192 | // Make sure that escaping corner cases are not broken | ||
193 | // by nesting. | ||
194 | a := []interface{}{test.x} | ||
195 | -- | ||
196 | 2.25.1 | ||
197 | |||
diff --git a/meta/recipes-devtools/valgrind/valgrind/remove-for-all b/meta/recipes-devtools/valgrind/valgrind/remove-for-all index 9b8db093df..88a11ca332 100644 --- a/meta/recipes-devtools/valgrind/valgrind/remove-for-all +++ b/meta/recipes-devtools/valgrind/valgrind/remove-for-all | |||
@@ -1,3 +1,4 @@ | |||
1 | drd/tests/bar_bad | 1 | drd/tests/bar_bad |
2 | drd/tests/bar_bad_xml | 2 | drd/tests/bar_bad_xml |
3 | gdbserver_tests/hginfo | 3 | gdbserver_tests/hginfo |
4 | memcheck/tests/linux/timerfd-syscall | ||
diff --git a/meta/recipes-extended/shadow/files/CVE-2023-4641.patch b/meta/recipes-extended/shadow/files/CVE-2023-4641.patch new file mode 100644 index 0000000000..75dbbad299 --- /dev/null +++ b/meta/recipes-extended/shadow/files/CVE-2023-4641.patch | |||
@@ -0,0 +1,146 @@ | |||
1 | From 51731b01fd9a608397da22b7b9164e4996f3d4c6 Mon Sep 17 00:00:00 2001 | ||
2 | From: Alejandro Colomar <alx@kernel.org> | ||
3 | Date: Sat, 10 Jun 2023 16:20:05 +0200 | ||
4 | Subject: [PATCH] gpasswd(1): Fix password leak | ||
5 | |||
6 | CVE: CVE-2023-4641 | ||
7 | Upstream-Status: Backport [https://github.com/shadow-maint/shadow/commit/65c88a43a23c2391dcc90c0abda3e839e9c57904] | ||
8 | |||
9 | How to trigger this password leak? | ||
10 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
11 | |||
12 | When gpasswd(1) asks for the new password, it asks twice (as is usual | ||
13 | for confirming the new password). Each of those 2 password prompts | ||
14 | uses agetpass() to get the password. If the second agetpass() fails, | ||
15 | the first password, which has been copied into the 'static' buffer | ||
16 | 'pass' via STRFCPY(), wasn't being zeroed. | ||
17 | |||
18 | agetpass() is defined in <./libmisc/agetpass.c> (around line 91), and | ||
19 | can fail for any of the following reasons: | ||
20 | |||
21 | - malloc(3) or readpassphrase(3) failure. | ||
22 | |||
23 | These are going to be difficult to trigger. Maybe getting the system | ||
24 | to the limits of memory utilization at that exact point, so that the | ||
25 | next malloc(3) gets ENOMEM, and possibly even the OOM is triggered. | ||
26 | About readpassphrase(3), ENFILE and EINTR seem the only plausible | ||
27 | ones, and EINTR probably requires privilege or being the same user; | ||
28 | but I wouldn't discard ENFILE so easily, if a process starts opening | ||
29 | files. | ||
30 | |||
31 | - The password is longer than PASS_MAX. | ||
32 | |||
33 | The is plausible with physical access. However, at that point, a | ||
34 | keylogger will be a much simpler attack. | ||
35 | |||
36 | And, the attacker must be able to know when the second password is being | ||
37 | introduced, which is not going to be easy. | ||
38 | |||
39 | How to read the password after the leak? | ||
40 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
41 | |||
42 | Provoking the leak yourself at the right point by entering a very long | ||
43 | password is easy, and inspecting the process stack at that point should | ||
44 | be doable. Try to find some consistent patterns. | ||
45 | |||
46 | Then, search for those patterns in free memory, right after the victim | ||
47 | leaks their password. | ||
48 | |||
49 | Once you get the leak, a program should read all the free memory | ||
50 | searching for patterns that gpasswd(1) leaves nearby the leaked | ||
51 | password. | ||
52 | |||
53 | On 6/10/23 03:14, Seth Arnold wrote: | ||
54 | > An attacker process wouldn't be able to use malloc(3) for this task. | ||
55 | > There's a handful of tools available for userspace to allocate memory: | ||
56 | > | ||
57 | > - brk / sbrk | ||
58 | > - mmap MAP_ANONYMOUS | ||
59 | > - mmap /dev/zero | ||
60 | > - mmap some other file | ||
61 | > - shm_open | ||
62 | > - shmget | ||
63 | > | ||
64 | > Most of these return only pages of zeros to a process. Using mmap of an | ||
65 | > existing file, you can get some of the contents of the file demand-loaded | ||
66 | > into the memory space on the first use. | ||
67 | > | ||
68 | > The MAP_UNINITIALIZED flag only works if the kernel was compiled with | ||
69 | > CONFIG_MMAP_ALLOW_UNINITIALIZED. This is rare. | ||
70 | > | ||
71 | > malloc(3) doesn't zero memory, to our collective frustration, but all the | ||
72 | > garbage in the allocations is from previous allocations in the current | ||
73 | > process. It isn't leftover from other processes. | ||
74 | > | ||
75 | > The avenues available for reading the memory: | ||
76 | > - /dev/mem and /dev/kmem (requires root, not available with Secure Boot) | ||
77 | > - /proc/pid/mem (requires ptrace privileges, mediated by YAMA) | ||
78 | > - ptrace (requires ptrace privileges, mediated by YAMA) | ||
79 | > - causing memory to be swapped to disk, and then inspecting the swap | ||
80 | > | ||
81 | > These all require a certain amount of privileges. | ||
82 | |||
83 | How to fix it? | ||
84 | ~~~~~~~~~~~~~~ | ||
85 | |||
86 | memzero(), which internally calls explicit_bzero(3), or whatever | ||
87 | alternative the system provides with a slightly different name, will | ||
88 | make sure that the buffer is zeroed in memory, and optimizations are not | ||
89 | allowed to impede this zeroing. | ||
90 | |||
91 | This is not really 100% effective, since compilers may place copies of | ||
92 | the string somewhere hidden in the stack. Those copies won't get zeroed | ||
93 | by explicit_bzero(3). However, that's arguably a compiler bug, since | ||
94 | compilers should make everything possible to avoid optimizing strings | ||
95 | that are later passed to explicit_bzero(3). But we all know that | ||
96 | sometimes it's impossible to have perfect knowledge in the compiler, so | ||
97 | this is plausible. Nevertheless, there's nothing we can do against such | ||
98 | issues, except minimizing the time such passwords are stored in plain | ||
99 | text. | ||
100 | |||
101 | Security concerns | ||
102 | ~~~~~~~~~~~~~~~~~ | ||
103 | |||
104 | We believe this isn't easy to exploit. Nevertheless, and since the fix | ||
105 | is trivial, this fix should probably be applied soon, and backported to | ||
106 | all supported distributions, to prevent someone else having more | ||
107 | imagination than us to find a way. | ||
108 | |||
109 | Affected versions | ||
110 | ~~~~~~~~~~~~~~~~~ | ||
111 | |||
112 | All. Bug introduced in shadow 19990709. That's the second commit in | ||
113 | the git history. | ||
114 | |||
115 | Fixes: 45c6603cc86c ("[svn-upgrade] Integrating new upstream version, shadow (19990709)") | ||
116 | Reported-by: Alejandro Colomar <alx@kernel.org> | ||
117 | Cc: Serge Hallyn <serge@hallyn.com> | ||
118 | Cc: Iker Pedrosa <ipedrosa@redhat.com> | ||
119 | Cc: Seth Arnold <seth.arnold@canonical.com> | ||
120 | Cc: Christian Brauner <christian@brauner.io> | ||
121 | Cc: Balint Reczey <rbalint@debian.org> | ||
122 | Cc: Sam James <sam@gentoo.org> | ||
123 | Cc: David Runge <dvzrv@archlinux.org> | ||
124 | Cc: Andreas Jaeger <aj@suse.de> | ||
125 | Cc: <~hallyn/shadow@lists.sr.ht> | ||
126 | Signed-off-by: Alejandro Colomar <alx@kernel.org> | ||
127 | Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com> | ||
128 | --- | ||
129 | src/gpasswd.c | 1 + | ||
130 | 1 file changed, 1 insertion(+) | ||
131 | |||
132 | diff --git a/src/gpasswd.c b/src/gpasswd.c | ||
133 | index 4d75af96..a698b32a 100644 | ||
134 | --- a/src/gpasswd.c | ||
135 | +++ b/src/gpasswd.c | ||
136 | @@ -918,6 +918,7 @@ static void change_passwd (struct group *gr) | ||
137 | strzero (cp); | ||
138 | cp = getpass (_("Re-enter new password: ")); | ||
139 | if (NULL == cp) { | ||
140 | + memzero (pass, sizeof pass); | ||
141 | exit (1); | ||
142 | } | ||
143 | |||
144 | -- | ||
145 | 2.42.0 | ||
146 | |||
diff --git a/meta/recipes-extended/shadow/shadow.inc b/meta/recipes-extended/shadow/shadow.inc index 2ecab5073d..c16292c38a 100644 --- a/meta/recipes-extended/shadow/shadow.inc +++ b/meta/recipes-extended/shadow/shadow.inc | |||
@@ -16,6 +16,7 @@ SRC_URI = "https://github.com/shadow-maint/shadow/releases/download/${PV}/${BP}. | |||
16 | file://shadow-relaxed-usernames.patch \ | 16 | file://shadow-relaxed-usernames.patch \ |
17 | file://CVE-2023-29383.patch \ | 17 | file://CVE-2023-29383.patch \ |
18 | file://0001-Overhaul-valid_field.patch \ | 18 | file://0001-Overhaul-valid_field.patch \ |
19 | file://CVE-2023-4641.patch \ | ||
19 | " | 20 | " |
20 | 21 | ||
21 | SRC_URI_append_class-target = " \ | 22 | SRC_URI_append_class-target = " \ |
diff --git a/meta/recipes-extended/tar/tar/CVE-2023-39804.patch b/meta/recipes-extended/tar/tar/CVE-2023-39804.patch new file mode 100644 index 0000000000..f550928540 --- /dev/null +++ b/meta/recipes-extended/tar/tar/CVE-2023-39804.patch | |||
@@ -0,0 +1,64 @@ | |||
1 | From a339f05cd269013fa133d2f148d73f6f7d4247e4 Mon Sep 17 00:00:00 2001 | ||
2 | From: Sergey Poznyakoff <gray@gnu.org> | ||
3 | Date: Sat, 28 Aug 2021 16:02:12 +0300 | ||
4 | Subject: Fix handling of extended header prefixes | ||
5 | |||
6 | * src/xheader.c (locate_handler): Recognize prefix keywords only | ||
7 | when followed by a dot. | ||
8 | (xattr_decoder): Use xmalloc/xstrdup instead of alloc | ||
9 | |||
10 | Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/tar.git/commit/?id=a339f05cd269013fa133d2f148d73f6f7d4247e4] | ||
11 | CVE: CVE-2023-39804 | ||
12 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
13 | --- | ||
14 | src/xheader.c | 17 +++++++++-------- | ||
15 | 1 file changed, 9 insertions(+), 8 deletions(-) | ||
16 | |||
17 | diff --git a/src/xheader.c b/src/xheader.c | ||
18 | index 4f8b2b2..3cd694d 100644 | ||
19 | --- a/src/xheader.c | ||
20 | +++ b/src/xheader.c | ||
21 | @@ -637,11 +637,11 @@ static struct xhdr_tab const * | ||
22 | locate_handler (char const *keyword) | ||
23 | { | ||
24 | struct xhdr_tab const *p; | ||
25 | - | ||
26 | for (p = xhdr_tab; p->keyword; p++) | ||
27 | if (p->prefix) | ||
28 | { | ||
29 | - if (strncmp (p->keyword, keyword, strlen(p->keyword)) == 0) | ||
30 | + size_t kwlen = strlen (p->keyword); | ||
31 | + if (keyword[kwlen] == '.' && strncmp (p->keyword, keyword, kwlen) == 0) | ||
32 | return p; | ||
33 | } | ||
34 | else | ||
35 | @@ -1716,19 +1716,20 @@ xattr_decoder (struct tar_stat_info *st, | ||
36 | char const *keyword, char const *arg, size_t size) | ||
37 | { | ||
38 | char *xstr, *xkey; | ||
39 | - | ||
40 | + | ||
41 | /* copy keyword */ | ||
42 | - size_t klen_raw = strlen (keyword); | ||
43 | - xkey = alloca (klen_raw + 1); | ||
44 | - memcpy (xkey, keyword, klen_raw + 1) /* including null-terminating */; | ||
45 | + xkey = xstrdup (keyword); | ||
46 | |||
47 | /* copy value */ | ||
48 | - xstr = alloca (size + 1); | ||
49 | + xstr = xmalloc (size + 1); | ||
50 | memcpy (xstr, arg, size + 1); /* separator included, for GNU tar '\n' */; | ||
51 | |||
52 | xattr_decode_keyword (xkey); | ||
53 | |||
54 | - xheader_xattr_add (st, xkey + strlen("SCHILY.xattr."), xstr, size); | ||
55 | + xheader_xattr_add (st, xkey + strlen ("SCHILY.xattr."), xstr, size); | ||
56 | + | ||
57 | + free (xkey); | ||
58 | + free (xstr); | ||
59 | } | ||
60 | |||
61 | static void | ||
62 | -- | ||
63 | cgit v1.1 | ||
64 | |||
diff --git a/meta/recipes-extended/tar/tar_1.32.bb b/meta/recipes-extended/tar/tar_1.32.bb index 1246f01256..9297480e85 100644 --- a/meta/recipes-extended/tar/tar_1.32.bb +++ b/meta/recipes-extended/tar/tar_1.32.bb | |||
@@ -6,10 +6,13 @@ SECTION = "base" | |||
6 | LICENSE = "GPLv3" | 6 | LICENSE = "GPLv3" |
7 | LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" | 7 | LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" |
8 | 8 | ||
9 | PR = "r1" | ||
10 | |||
9 | SRC_URI = "${GNU_MIRROR}/tar/tar-${PV}.tar.bz2 \ | 11 | SRC_URI = "${GNU_MIRROR}/tar/tar-${PV}.tar.bz2 \ |
10 | file://musl_dirent.patch \ | 12 | file://musl_dirent.patch \ |
11 | file://CVE-2021-20193.patch \ | 13 | file://CVE-2021-20193.patch \ |
12 | file://CVE-2022-48303.patch \ | 14 | file://CVE-2022-48303.patch \ |
15 | file://CVE-2023-39804.patch \ | ||
13 | " | 16 | " |
14 | 17 | ||
15 | SRC_URI[md5sum] = "17917356fff5cb4bd3cd5a6c3e727b05" | 18 | SRC_URI[md5sum] = "17917356fff5cb4bd3cd5a6c3e727b05" |
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31080.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31080.patch new file mode 100644 index 0000000000..da735efb2b --- /dev/null +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31080.patch | |||
@@ -0,0 +1,49 @@ | |||
1 | From 96798fc1967491c80a4d0c8d9e0a80586cb2152b Mon Sep 17 00:00:00 2001 | ||
2 | From: Alan Coopersmith <alan.coopersmith@oracle.com> | ||
3 | Date: Fri, 22 Mar 2024 18:51:45 -0700 | ||
4 | Subject: [PATCH] Xi: ProcXIGetSelectedEvents needs to use unswapped length to | ||
5 | send reply | ||
6 | |||
7 | CVE-2024-31080 | ||
8 | |||
9 | Reported-by: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=69762 | ||
10 | Fixes: 53e821ab4 ("Xi: add request processing for XIGetSelectedEvents.") | ||
11 | Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> | ||
12 | Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1463> | ||
13 | |||
14 | Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/96798fc1967491c80a4d0c8d9e0a80586cb2152b] | ||
15 | CVE: CVE-2024-31080 | ||
16 | Signed-off-by: Ashish Sharma <asharma@mvista.com> | ||
17 | |||
18 | Xi/xiselectev.c | 5 ++++- | ||
19 | 1 file changed, 4 insertions(+), 1 deletion(-) | ||
20 | |||
21 | diff --git a/Xi/xiselectev.c b/Xi/xiselectev.c | ||
22 | index edcb8a0d36..ac14949871 100644 | ||
23 | --- a/Xi/xiselectev.c | ||
24 | +++ b/Xi/xiselectev.c | ||
25 | @@ -349,6 +349,7 @@ ProcXIGetSelectedEvents(ClientPtr client) | ||
26 | InputClientsPtr others = NULL; | ||
27 | xXIEventMask *evmask = NULL; | ||
28 | DeviceIntPtr dev; | ||
29 | + uint32_t length; | ||
30 | |||
31 | REQUEST(xXIGetSelectedEventsReq); | ||
32 | REQUEST_SIZE_MATCH(xXIGetSelectedEventsReq); | ||
33 | @@ -418,10 +419,12 @@ ProcXIGetSelectedEvents(ClientPtr client) | ||
34 | } | ||
35 | } | ||
36 | |||
37 | + /* save the value before SRepXIGetSelectedEvents swaps it */ | ||
38 | + length = reply.length; | ||
39 | WriteReplyToClient(client, sizeof(xXIGetSelectedEventsReply), &reply); | ||
40 | |||
41 | if (reply.num_masks) | ||
42 | - WriteToClient(client, reply.length * 4, buffer); | ||
43 | + WriteToClient(client, length * 4, buffer); | ||
44 | |||
45 | free(buffer); | ||
46 | return Success; | ||
47 | -- | ||
48 | GitLab | ||
49 | |||
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31081.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31081.patch new file mode 100644 index 0000000000..d2c551a0e5 --- /dev/null +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2024-31081.patch | |||
@@ -0,0 +1,47 @@ | |||
1 | From 3e77295f888c67fc7645db5d0c00926a29ffecee Mon Sep 17 00:00:00 2001 | ||
2 | From: Alan Coopersmith <alan.coopersmith@oracle.com> | ||
3 | Date: Fri, 22 Mar 2024 18:56:27 -0700 | ||
4 | Subject: [PATCH] Xi: ProcXIPassiveGrabDevice needs to use unswapped length to | ||
5 | send reply | ||
6 | |||
7 | CVE-2024-31081 | ||
8 | |||
9 | Fixes: d220d6907 ("Xi: add GrabButton and GrabKeysym code.") | ||
10 | Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> | ||
11 | Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/1463> | ||
12 | |||
13 | Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/3e77295f888c67fc7645db5d0c00926a29ffecee] | ||
14 | CVE: CVE-2024-31081 | ||
15 | Signed-off-by: Ashish Sharma <asharma@mvista.com> | ||
16 | |||
17 | Xi/xipassivegrab.c | 5 ++++- | ||
18 | 1 file changed, 4 insertions(+), 1 deletion(-) | ||
19 | |||
20 | diff --git a/Xi/xipassivegrab.c b/Xi/xipassivegrab.c | ||
21 | index c9ac2f8553..896233bec2 100644 | ||
22 | --- a/Xi/xipassivegrab.c | ||
23 | +++ b/Xi/xipassivegrab.c | ||
24 | @@ -93,6 +93,7 @@ ProcXIPassiveGrabDevice(ClientPtr client) | ||
25 | GrabParameters param; | ||
26 | void *tmp; | ||
27 | int mask_len; | ||
28 | + uint32_t length; | ||
29 | |||
30 | REQUEST(xXIPassiveGrabDeviceReq); | ||
31 | REQUEST_FIXED_SIZE(xXIPassiveGrabDeviceReq, | ||
32 | @@ -247,9 +248,11 @@ ProcXIPassiveGrabDevice(ClientPtr client) | ||
33 | } | ||
34 | } | ||
35 | |||
36 | + /* save the value before SRepXIPassiveGrabDevice swaps it */ | ||
37 | + length = rep.length; | ||
38 | WriteReplyToClient(client, sizeof(rep), &rep); | ||
39 | if (rep.num_modifiers) | ||
40 | - WriteToClient(client, rep.length * 4, modifiers_failed); | ||
41 | + WriteToClient(client, length * 4, modifiers_failed); | ||
42 | |||
43 | out: | ||
44 | free(modifiers_failed); | ||
45 | -- | ||
46 | GitLab | ||
47 | |||
diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.14.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.14.bb index d6c6c5bd45..04a6e734ef 100644 --- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.14.bb +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.14.bb | |||
@@ -30,6 +30,8 @@ SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.pat | |||
30 | file://CVE-2024-21886-2.patch \ | 30 | file://CVE-2024-21886-2.patch \ |
31 | file://CVE-2024-0408.patch \ | 31 | file://CVE-2024-0408.patch \ |
32 | file://CVE-2024-0409.patch \ | 32 | file://CVE-2024-0409.patch \ |
33 | file://CVE-2024-31081.patch \ | ||
34 | file://CVE-2024-31080.patch \ | ||
33 | " | 35 | " |
34 | SRC_URI[md5sum] = "453fc86aac8c629b3a5b77e8dcca30bf" | 36 | SRC_URI[md5sum] = "453fc86aac8c629b3a5b77e8dcca30bf" |
35 | SRC_URI[sha256sum] = "54b199c9280ff8bf0f73a54a759645bd0eeeda7255d1c99310d5b7595f3ac066" | 37 | SRC_URI[sha256sum] = "54b199c9280ff8bf0f73a54a759645bd0eeeda7255d1c99310d5b7595f3ac066" |
diff --git a/meta/recipes-kernel/linux/cve-exclusion_5.4.inc b/meta/recipes-kernel/linux/cve-exclusion_5.4.inc index 79caff7c6c..b0b33bcc1d 100644 --- a/meta/recipes-kernel/linux/cve-exclusion_5.4.inc +++ b/meta/recipes-kernel/linux/cve-exclusion_5.4.inc | |||
@@ -1,9 +1,9 @@ | |||
1 | 1 | ||
2 | # Auto-generated CVE metadata, DO NOT EDIT BY HAND. | 2 | # Auto-generated CVE metadata, DO NOT EDIT BY HAND. |
3 | # Generated at 2024-02-21 03:40:25.997343 for version 5.4.268 | 3 | # Generated at 2024-04-14 04:45:05.585211 for version 5.4.273 |
4 | 4 | ||
5 | python check_kernel_cve_status_version() { | 5 | python check_kernel_cve_status_version() { |
6 | this_version = "5.4.268" | 6 | this_version = "5.4.273" |
7 | kernel_version = d.getVar("LINUX_VERSION") | 7 | kernel_version = d.getVar("LINUX_VERSION") |
8 | if kernel_version != this_version: | 8 | if kernel_version != this_version: |
9 | bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) | 9 | bb.warn("Kernel CVE status needs updating: generated for %s but kernel is %s" % (this_version, kernel_version)) |
@@ -4296,6 +4296,12 @@ CVE_CHECK_WHITELIST += "CVE-2019-25044" | |||
4296 | # fixed-version: Fixed after version 5.1 | 4296 | # fixed-version: Fixed after version 5.1 |
4297 | CVE_CHECK_WHITELIST += "CVE-2019-25045" | 4297 | CVE_CHECK_WHITELIST += "CVE-2019-25045" |
4298 | 4298 | ||
4299 | # fixed-version: Fixed after version 5.0 | ||
4300 | CVE_CHECK_WHITELIST += "CVE-2019-25160" | ||
4301 | |||
4302 | # cpe-stable-backport: Backported in 5.4.211 | ||
4303 | CVE_CHECK_WHITELIST += "CVE-2019-25162" | ||
4304 | |||
4299 | # cpe-stable-backport: Backported in 5.4.19 | 4305 | # cpe-stable-backport: Backported in 5.4.19 |
4300 | CVE_CHECK_WHITELIST += "CVE-2019-3016" | 4306 | CVE_CHECK_WHITELIST += "CVE-2019-3016" |
4301 | 4307 | ||
@@ -4972,6 +4978,43 @@ CVE_CHECK_WHITELIST += "CVE-2020-36694" | |||
4972 | # cpe-stable-backport: Backported in 5.4.62 | 4978 | # cpe-stable-backport: Backported in 5.4.62 |
4973 | CVE_CHECK_WHITELIST += "CVE-2020-36766" | 4979 | CVE_CHECK_WHITELIST += "CVE-2020-36766" |
4974 | 4980 | ||
4981 | # cpe-stable-backport: Backported in 5.4.189 | ||
4982 | CVE_CHECK_WHITELIST += "CVE-2020-36775" | ||
4983 | |||
4984 | # fixed-version: only affects 5.8rc4 onwards | ||
4985 | CVE_CHECK_WHITELIST += "CVE-2020-36776" | ||
4986 | |||
4987 | # cpe-stable-backport: Backported in 5.4.118 | ||
4988 | CVE_CHECK_WHITELIST += "CVE-2020-36777" | ||
4989 | |||
4990 | # fixed-version: only affects 5.6rc1 onwards | ||
4991 | CVE_CHECK_WHITELIST += "CVE-2020-36778" | ||
4992 | |||
4993 | # fixed-version: only affects 5.6rc1 onwards | ||
4994 | CVE_CHECK_WHITELIST += "CVE-2020-36779" | ||
4995 | |||
4996 | # cpe-stable-backport: Backported in 5.4.119 | ||
4997 | CVE_CHECK_WHITELIST += "CVE-2020-36780" | ||
4998 | |||
4999 | # CVE-2020-36781 needs backporting (fixed from 5.13rc1) | ||
5000 | |||
5001 | # cpe-stable-backport: Backported in 5.4.119 | ||
5002 | CVE_CHECK_WHITELIST += "CVE-2020-36782" | ||
5003 | |||
5004 | # cpe-stable-backport: Backported in 5.4.119 | ||
5005 | CVE_CHECK_WHITELIST += "CVE-2020-36783" | ||
5006 | |||
5007 | # CVE-2020-36784 needs backporting (fixed from 5.13rc1) | ||
5008 | |||
5009 | # fixed-version: only affects 5.8rc1 onwards | ||
5010 | CVE_CHECK_WHITELIST += "CVE-2020-36785" | ||
5011 | |||
5012 | # fixed-version: only affects 5.10rc1 onwards | ||
5013 | CVE_CHECK_WHITELIST += "CVE-2020-36786" | ||
5014 | |||
5015 | # cpe-stable-backport: Backported in 5.4.119 | ||
5016 | CVE_CHECK_WHITELIST += "CVE-2020-36787" | ||
5017 | |||
4975 | # cpe-stable-backport: Backported in 5.4.143 | 5018 | # cpe-stable-backport: Backported in 5.4.143 |
4976 | CVE_CHECK_WHITELIST += "CVE-2020-3702" | 5019 | CVE_CHECK_WHITELIST += "CVE-2020-3702" |
4977 | 5020 | ||
@@ -5674,6 +5717,765 @@ CVE_CHECK_WHITELIST += "CVE-2021-45868" | |||
5674 | # fixed-version: only affects 5.7rc1 onwards | 5717 | # fixed-version: only affects 5.7rc1 onwards |
5675 | CVE_CHECK_WHITELIST += "CVE-2021-46283" | 5718 | CVE_CHECK_WHITELIST += "CVE-2021-46283" |
5676 | 5719 | ||
5720 | # cpe-stable-backport: Backported in 5.4.112 | ||
5721 | CVE_CHECK_WHITELIST += "CVE-2021-46904" | ||
5722 | |||
5723 | # fixed-version: only affects 5.12rc7 onwards | ||
5724 | CVE_CHECK_WHITELIST += "CVE-2021-46905" | ||
5725 | |||
5726 | # cpe-stable-backport: Backported in 5.4.127 | ||
5727 | CVE_CHECK_WHITELIST += "CVE-2021-46906" | ||
5728 | |||
5729 | # CVE-2021-46908 needs backporting (fixed from 5.12rc8) | ||
5730 | |||
5731 | # cpe-stable-backport: Backported in 5.4.114 | ||
5732 | CVE_CHECK_WHITELIST += "CVE-2021-46909" | ||
5733 | |||
5734 | # fixed-version: only affects 5.11rc1 onwards | ||
5735 | CVE_CHECK_WHITELIST += "CVE-2021-46910" | ||
5736 | |||
5737 | # fixed-version: only affects 5.7rc1 onwards | ||
5738 | CVE_CHECK_WHITELIST += "CVE-2021-46911" | ||
5739 | |||
5740 | # fixed-version: only affects 5.7rc1 onwards | ||
5741 | CVE_CHECK_WHITELIST += "CVE-2021-46912" | ||
5742 | |||
5743 | # fixed-version: only affects 5.7rc1 onwards | ||
5744 | CVE_CHECK_WHITELIST += "CVE-2021-46913" | ||
5745 | |||
5746 | # fixed-version: only affects 5.9rc1 onwards | ||
5747 | CVE_CHECK_WHITELIST += "CVE-2021-46914" | ||
5748 | |||
5749 | # cpe-stable-backport: Backported in 5.4.114 | ||
5750 | CVE_CHECK_WHITELIST += "CVE-2021-46915" | ||
5751 | |||
5752 | # fixed-version: only affects 5.11rc1 onwards | ||
5753 | CVE_CHECK_WHITELIST += "CVE-2021-46916" | ||
5754 | |||
5755 | # fixed-version: only affects 5.8rc6 onwards | ||
5756 | CVE_CHECK_WHITELIST += "CVE-2021-46917" | ||
5757 | |||
5758 | # fixed-version: only affects 5.11rc1 onwards | ||
5759 | CVE_CHECK_WHITELIST += "CVE-2021-46918" | ||
5760 | |||
5761 | # fixed-version: only affects 5.6rc1 onwards | ||
5762 | CVE_CHECK_WHITELIST += "CVE-2021-46919" | ||
5763 | |||
5764 | # fixed-version: only affects 5.6rc1 onwards | ||
5765 | CVE_CHECK_WHITELIST += "CVE-2021-46920" | ||
5766 | |||
5767 | # cpe-stable-backport: Backported in 5.4.115 | ||
5768 | CVE_CHECK_WHITELIST += "CVE-2021-46921" | ||
5769 | |||
5770 | # fixed-version: only affects 5.12rc1 onwards | ||
5771 | CVE_CHECK_WHITELIST += "CVE-2021-46922" | ||
5772 | |||
5773 | # fixed-version: only affects 5.12rc1 onwards | ||
5774 | CVE_CHECK_WHITELIST += "CVE-2021-46923" | ||
5775 | |||
5776 | # cpe-stable-backport: Backported in 5.4.170 | ||
5777 | CVE_CHECK_WHITELIST += "CVE-2021-46924" | ||
5778 | |||
5779 | # CVE-2021-46925 needs backporting (fixed from 5.16rc8) | ||
5780 | |||
5781 | # CVE-2021-46926 needs backporting (fixed from 5.16rc7) | ||
5782 | |||
5783 | # fixed-version: only affects 5.15rc1 onwards | ||
5784 | CVE_CHECK_WHITELIST += "CVE-2021-46927" | ||
5785 | |||
5786 | # CVE-2021-46928 needs backporting (fixed from 5.16rc7) | ||
5787 | |||
5788 | # cpe-stable-backport: Backported in 5.4.170 | ||
5789 | CVE_CHECK_WHITELIST += "CVE-2021-46929" | ||
5790 | |||
5791 | # cpe-stable-backport: Backported in 5.4.170 | ||
5792 | CVE_CHECK_WHITELIST += "CVE-2021-46930" | ||
5793 | |||
5794 | # fixed-version: only affects 5.7rc1 onwards | ||
5795 | CVE_CHECK_WHITELIST += "CVE-2021-46931" | ||
5796 | |||
5797 | # cpe-stable-backport: Backported in 5.4.170 | ||
5798 | CVE_CHECK_WHITELIST += "CVE-2021-46932" | ||
5799 | |||
5800 | # cpe-stable-backport: Backported in 5.4.170 | ||
5801 | CVE_CHECK_WHITELIST += "CVE-2021-46933" | ||
5802 | |||
5803 | # cpe-stable-backport: Backported in 5.4.170 | ||
5804 | CVE_CHECK_WHITELIST += "CVE-2021-46934" | ||
5805 | |||
5806 | # cpe-stable-backport: Backported in 5.4.170 | ||
5807 | CVE_CHECK_WHITELIST += "CVE-2021-46935" | ||
5808 | |||
5809 | # cpe-stable-backport: Backported in 5.4.170 | ||
5810 | CVE_CHECK_WHITELIST += "CVE-2021-46936" | ||
5811 | |||
5812 | # fixed-version: only affects 5.15rc1 onwards | ||
5813 | CVE_CHECK_WHITELIST += "CVE-2021-46937" | ||
5814 | |||
5815 | # cpe-stable-backport: Backported in 5.4.118 | ||
5816 | CVE_CHECK_WHITELIST += "CVE-2021-46938" | ||
5817 | |||
5818 | # cpe-stable-backport: Backported in 5.4.118 | ||
5819 | CVE_CHECK_WHITELIST += "CVE-2021-46939" | ||
5820 | |||
5821 | # fixed-version: only affects 5.10rc4 onwards | ||
5822 | CVE_CHECK_WHITELIST += "CVE-2021-46940" | ||
5823 | |||
5824 | # CVE-2021-46941 needs backporting (fixed from 5.13rc1) | ||
5825 | |||
5826 | # fixed-version: only affects 5.12rc1 onwards | ||
5827 | CVE_CHECK_WHITELIST += "CVE-2021-46942" | ||
5828 | |||
5829 | # cpe-stable-backport: Backported in 5.4.118 | ||
5830 | CVE_CHECK_WHITELIST += "CVE-2021-46943" | ||
5831 | |||
5832 | # cpe-stable-backport: Backported in 5.4.118 | ||
5833 | CVE_CHECK_WHITELIST += "CVE-2021-46944" | ||
5834 | |||
5835 | # fixed-version: only affects 5.11rc1 onwards | ||
5836 | CVE_CHECK_WHITELIST += "CVE-2021-46945" | ||
5837 | |||
5838 | # fixed-version: only affects 5.12rc1 onwards | ||
5839 | CVE_CHECK_WHITELIST += "CVE-2021-46947" | ||
5840 | |||
5841 | # fixed-version: only affects 5.10rc1 onwards | ||
5842 | CVE_CHECK_WHITELIST += "CVE-2021-46948" | ||
5843 | |||
5844 | # fixed-version: only affects 5.10rc1 onwards | ||
5845 | CVE_CHECK_WHITELIST += "CVE-2021-46949" | ||
5846 | |||
5847 | # cpe-stable-backport: Backported in 5.4.118 | ||
5848 | CVE_CHECK_WHITELIST += "CVE-2021-46950" | ||
5849 | |||
5850 | # cpe-stable-backport: Backported in 5.4.118 | ||
5851 | CVE_CHECK_WHITELIST += "CVE-2021-46951" | ||
5852 | |||
5853 | # CVE-2021-46952 needs backporting (fixed from 5.13rc1) | ||
5854 | |||
5855 | # cpe-stable-backport: Backported in 5.4.118 | ||
5856 | CVE_CHECK_WHITELIST += "CVE-2021-46953" | ||
5857 | |||
5858 | # fixed-version: only affects 5.11rc1 onwards | ||
5859 | CVE_CHECK_WHITELIST += "CVE-2021-46954" | ||
5860 | |||
5861 | # cpe-stable-backport: Backported in 5.4.118 | ||
5862 | CVE_CHECK_WHITELIST += "CVE-2021-46955" | ||
5863 | |||
5864 | # cpe-stable-backport: Backported in 5.4.118 | ||
5865 | CVE_CHECK_WHITELIST += "CVE-2021-46956" | ||
5866 | |||
5867 | # fixed-version: only affects 5.12rc1 onwards | ||
5868 | CVE_CHECK_WHITELIST += "CVE-2021-46957" | ||
5869 | |||
5870 | # fixed-version: only affects 5.7rc4 onwards | ||
5871 | CVE_CHECK_WHITELIST += "CVE-2021-46958" | ||
5872 | |||
5873 | # CVE-2021-46959 needs backporting (fixed from 5.13rc1) | ||
5874 | |||
5875 | # cpe-stable-backport: Backported in 5.4.118 | ||
5876 | CVE_CHECK_WHITELIST += "CVE-2021-46960" | ||
5877 | |||
5878 | # cpe-stable-backport: Backported in 5.4.118 | ||
5879 | CVE_CHECK_WHITELIST += "CVE-2021-46961" | ||
5880 | |||
5881 | # cpe-stable-backport: Backported in 5.4.118 | ||
5882 | CVE_CHECK_WHITELIST += "CVE-2021-46962" | ||
5883 | |||
5884 | # fixed-version: only affects 5.5rc1 onwards | ||
5885 | CVE_CHECK_WHITELIST += "CVE-2021-46963" | ||
5886 | |||
5887 | # fixed-version: only affects 5.11rc1 onwards | ||
5888 | CVE_CHECK_WHITELIST += "CVE-2021-46964" | ||
5889 | |||
5890 | # CVE-2021-46965 needs backporting (fixed from 5.13rc1) | ||
5891 | |||
5892 | # cpe-stable-backport: Backported in 5.4.118 | ||
5893 | CVE_CHECK_WHITELIST += "CVE-2021-46966" | ||
5894 | |||
5895 | # fixed-version: only affects 5.8rc1 onwards | ||
5896 | CVE_CHECK_WHITELIST += "CVE-2021-46967" | ||
5897 | |||
5898 | # fixed-version: only affects 5.10rc3 onwards | ||
5899 | CVE_CHECK_WHITELIST += "CVE-2021-46968" | ||
5900 | |||
5901 | # CVE-2021-46969 needs backporting (fixed from 5.13rc1) | ||
5902 | |||
5903 | # CVE-2021-46970 needs backporting (fixed from 5.13rc1) | ||
5904 | |||
5905 | # cpe-stable-backport: Backported in 5.4.117 | ||
5906 | CVE_CHECK_WHITELIST += "CVE-2021-46971" | ||
5907 | |||
5908 | # fixed-version: only affects 5.8rc1 onwards | ||
5909 | CVE_CHECK_WHITELIST += "CVE-2021-46972" | ||
5910 | |||
5911 | # fixed-version: only affects 5.8rc1 onwards | ||
5912 | CVE_CHECK_WHITELIST += "CVE-2021-46973" | ||
5913 | |||
5914 | # cpe-stable-backport: Backported in 5.4.117 | ||
5915 | CVE_CHECK_WHITELIST += "CVE-2021-46974" | ||
5916 | |||
5917 | # fixed-version: only affects 5.8rc1 onwards | ||
5918 | CVE_CHECK_WHITELIST += "CVE-2021-46976" | ||
5919 | |||
5920 | # fixed-version: only affects 5.5rc1 onwards | ||
5921 | CVE_CHECK_WHITELIST += "CVE-2021-46977" | ||
5922 | |||
5923 | # fixed-version: only affects 5.11rc3 onwards | ||
5924 | CVE_CHECK_WHITELIST += "CVE-2021-46978" | ||
5925 | |||
5926 | # fixed-version: only affects 5.11rc1 onwards | ||
5927 | CVE_CHECK_WHITELIST += "CVE-2021-46979" | ||
5928 | |||
5929 | # fixed-version: only affects 5.8rc1 onwards | ||
5930 | CVE_CHECK_WHITELIST += "CVE-2021-46980" | ||
5931 | |||
5932 | # cpe-stable-backport: Backported in 5.4.120 | ||
5933 | CVE_CHECK_WHITELIST += "CVE-2021-46981" | ||
5934 | |||
5935 | # CVE-2021-46982 needs backporting (fixed from 5.13rc2) | ||
5936 | |||
5937 | # fixed-version: only affects 5.9rc1 onwards | ||
5938 | CVE_CHECK_WHITELIST += "CVE-2021-46983" | ||
5939 | |||
5940 | # cpe-stable-backport: Backported in 5.4.120 | ||
5941 | CVE_CHECK_WHITELIST += "CVE-2021-46984" | ||
5942 | |||
5943 | # fixed-version: only affects 5.12rc5 onwards | ||
5944 | CVE_CHECK_WHITELIST += "CVE-2021-46985" | ||
5945 | |||
5946 | # fixed-version: only affects 5.10rc1 onwards | ||
5947 | CVE_CHECK_WHITELIST += "CVE-2021-46986" | ||
5948 | |||
5949 | # fixed-version: only affects 5.9rc1 onwards | ||
5950 | CVE_CHECK_WHITELIST += "CVE-2021-46987" | ||
5951 | |||
5952 | # cpe-stable-backport: Backported in 5.4.120 | ||
5953 | CVE_CHECK_WHITELIST += "CVE-2021-46988" | ||
5954 | |||
5955 | # cpe-stable-backport: Backported in 5.4.120 | ||
5956 | CVE_CHECK_WHITELIST += "CVE-2021-46989" | ||
5957 | |||
5958 | # fixed-version: only affects 5.10rc5 onwards | ||
5959 | CVE_CHECK_WHITELIST += "CVE-2021-46990" | ||
5960 | |||
5961 | # cpe-stable-backport: Backported in 5.4.120 | ||
5962 | CVE_CHECK_WHITELIST += "CVE-2021-46991" | ||
5963 | |||
5964 | # cpe-stable-backport: Backported in 5.4.120 | ||
5965 | CVE_CHECK_WHITELIST += "CVE-2021-46992" | ||
5966 | |||
5967 | # cpe-stable-backport: Backported in 5.4.120 | ||
5968 | CVE_CHECK_WHITELIST += "CVE-2021-46993" | ||
5969 | |||
5970 | # fixed-version: only affects 5.5rc1 onwards | ||
5971 | CVE_CHECK_WHITELIST += "CVE-2021-46994" | ||
5972 | |||
5973 | # fixed-version: only affects 5.12rc1 onwards | ||
5974 | CVE_CHECK_WHITELIST += "CVE-2021-46995" | ||
5975 | |||
5976 | # fixed-version: only affects 5.10rc1 onwards | ||
5977 | CVE_CHECK_WHITELIST += "CVE-2021-46996" | ||
5978 | |||
5979 | # fixed-version: only affects 5.10rc7 onwards | ||
5980 | CVE_CHECK_WHITELIST += "CVE-2021-46997" | ||
5981 | |||
5982 | # cpe-stable-backport: Backported in 5.4.120 | ||
5983 | CVE_CHECK_WHITELIST += "CVE-2021-46998" | ||
5984 | |||
5985 | # fixed-version: only affects 5.7rc3 onwards | ||
5986 | CVE_CHECK_WHITELIST += "CVE-2021-46999" | ||
5987 | |||
5988 | # fixed-version: only affects 5.8rc1 onwards | ||
5989 | CVE_CHECK_WHITELIST += "CVE-2021-47000" | ||
5990 | |||
5991 | # fixed-version: only affects 5.5rc1 onwards | ||
5992 | CVE_CHECK_WHITELIST += "CVE-2021-47001" | ||
5993 | |||
5994 | # fixed-version: only affects 5.11rc1 onwards | ||
5995 | CVE_CHECK_WHITELIST += "CVE-2021-47002" | ||
5996 | |||
5997 | # fixed-version: only affects 5.11 onwards | ||
5998 | CVE_CHECK_WHITELIST += "CVE-2021-47003" | ||
5999 | |||
6000 | # CVE-2021-47004 needs backporting (fixed from 5.13rc1) | ||
6001 | |||
6002 | # CVE-2021-47005 needs backporting (fixed from 5.13rc1) | ||
6003 | |||
6004 | # cpe-stable-backport: Backported in 5.4.120 | ||
6005 | CVE_CHECK_WHITELIST += "CVE-2021-47006" | ||
6006 | |||
6007 | # fixed-version: only affects 5.8rc1 onwards | ||
6008 | CVE_CHECK_WHITELIST += "CVE-2021-47007" | ||
6009 | |||
6010 | # fixed-version: only affects 5.11rc1 onwards | ||
6011 | CVE_CHECK_WHITELIST += "CVE-2021-47008" | ||
6012 | |||
6013 | # fixed-version: only affects 5.12rc1 onwards | ||
6014 | CVE_CHECK_WHITELIST += "CVE-2021-47009" | ||
6015 | |||
6016 | # cpe-stable-backport: Backported in 5.4.119 | ||
6017 | CVE_CHECK_WHITELIST += "CVE-2021-47010" | ||
6018 | |||
6019 | # fixed-version: only affects 5.11rc5 onwards | ||
6020 | CVE_CHECK_WHITELIST += "CVE-2021-47011" | ||
6021 | |||
6022 | # cpe-stable-backport: Backported in 5.4.119 | ||
6023 | CVE_CHECK_WHITELIST += "CVE-2021-47012" | ||
6024 | |||
6025 | # cpe-stable-backport: Backported in 5.4.119 | ||
6026 | CVE_CHECK_WHITELIST += "CVE-2021-47013" | ||
6027 | |||
6028 | # fixed-version: only affects 5.8rc7 onwards | ||
6029 | CVE_CHECK_WHITELIST += "CVE-2021-47014" | ||
6030 | |||
6031 | # cpe-stable-backport: Backported in 5.4.119 | ||
6032 | CVE_CHECK_WHITELIST += "CVE-2021-47015" | ||
6033 | |||
6034 | # cpe-stable-backport: Backported in 5.4.119 | ||
6035 | CVE_CHECK_WHITELIST += "CVE-2021-47016" | ||
6036 | |||
6037 | # fixed-version: only affects 5.8rc1 onwards | ||
6038 | CVE_CHECK_WHITELIST += "CVE-2021-47017" | ||
6039 | |||
6040 | # fixed-version: only affects 5.5rc1 onwards | ||
6041 | CVE_CHECK_WHITELIST += "CVE-2021-47018" | ||
6042 | |||
6043 | # fixed-version: only affects 5.12rc1 onwards | ||
6044 | CVE_CHECK_WHITELIST += "CVE-2021-47019" | ||
6045 | |||
6046 | # cpe-stable-backport: Backported in 5.4.119 | ||
6047 | CVE_CHECK_WHITELIST += "CVE-2021-47020" | ||
6048 | |||
6049 | # fixed-version: only affects 5.12rc1 onwards | ||
6050 | CVE_CHECK_WHITELIST += "CVE-2021-47021" | ||
6051 | |||
6052 | # fixed-version: only affects 5.12rc1 onwards | ||
6053 | CVE_CHECK_WHITELIST += "CVE-2021-47022" | ||
6054 | |||
6055 | # fixed-version: only affects 5.10rc1 onwards | ||
6056 | CVE_CHECK_WHITELIST += "CVE-2021-47023" | ||
6057 | |||
6058 | # CVE-2021-47024 needs backporting (fixed from 5.13rc1) | ||
6059 | |||
6060 | # fixed-version: only affects 5.12rc1 onwards | ||
6061 | CVE_CHECK_WHITELIST += "CVE-2021-47025" | ||
6062 | |||
6063 | # fixed-version: only affects 5.8rc1 onwards | ||
6064 | CVE_CHECK_WHITELIST += "CVE-2021-47026" | ||
6065 | |||
6066 | # fixed-version: only affects 5.12rc1 onwards | ||
6067 | CVE_CHECK_WHITELIST += "CVE-2021-47027" | ||
6068 | |||
6069 | # CVE-2021-47028 needs backporting (fixed from 5.13rc1) | ||
6070 | |||
6071 | # fixed-version: only affects 5.12rc1 onwards | ||
6072 | CVE_CHECK_WHITELIST += "CVE-2021-47029" | ||
6073 | |||
6074 | # fixed-version: only affects 5.12rc1 onwards | ||
6075 | CVE_CHECK_WHITELIST += "CVE-2021-47030" | ||
6076 | |||
6077 | # fixed-version: only affects 5.12rc1 onwards | ||
6078 | CVE_CHECK_WHITELIST += "CVE-2021-47031" | ||
6079 | |||
6080 | # fixed-version: only affects 5.10rc1 onwards | ||
6081 | CVE_CHECK_WHITELIST += "CVE-2021-47032" | ||
6082 | |||
6083 | # fixed-version: only affects 5.10rc1 onwards | ||
6084 | CVE_CHECK_WHITELIST += "CVE-2021-47033" | ||
6085 | |||
6086 | # cpe-stable-backport: Backported in 5.4.119 | ||
6087 | CVE_CHECK_WHITELIST += "CVE-2021-47034" | ||
6088 | |||
6089 | # fixed-version: only affects 5.6rc1 onwards | ||
6090 | CVE_CHECK_WHITELIST += "CVE-2021-47035" | ||
6091 | |||
6092 | # fixed-version: only affects 5.6rc1 onwards | ||
6093 | CVE_CHECK_WHITELIST += "CVE-2021-47036" | ||
6094 | |||
6095 | # fixed-version: only affects 5.10rc1 onwards | ||
6096 | CVE_CHECK_WHITELIST += "CVE-2021-47037" | ||
6097 | |||
6098 | # fixed-version: only affects 5.7rc1 onwards | ||
6099 | CVE_CHECK_WHITELIST += "CVE-2021-47038" | ||
6100 | |||
6101 | # fixed-version: only affects 5.11rc1 onwards | ||
6102 | CVE_CHECK_WHITELIST += "CVE-2021-47039" | ||
6103 | |||
6104 | # fixed-version: only affects 5.8rc1 onwards | ||
6105 | CVE_CHECK_WHITELIST += "CVE-2021-47040" | ||
6106 | |||
6107 | # cpe-stable-backport: Backported in 5.4.119 | ||
6108 | CVE_CHECK_WHITELIST += "CVE-2021-47041" | ||
6109 | |||
6110 | # fixed-version: only affects 5.12rc1 onwards | ||
6111 | CVE_CHECK_WHITELIST += "CVE-2021-47042" | ||
6112 | |||
6113 | # fixed-version: only affects 5.5rc1 onwards | ||
6114 | CVE_CHECK_WHITELIST += "CVE-2021-47043" | ||
6115 | |||
6116 | # fixed-version: only affects 5.10rc1 onwards | ||
6117 | CVE_CHECK_WHITELIST += "CVE-2021-47044" | ||
6118 | |||
6119 | # fixed-version: only affects 5.11rc1 onwards | ||
6120 | CVE_CHECK_WHITELIST += "CVE-2021-47045" | ||
6121 | |||
6122 | # CVE-2021-47046 needs backporting (fixed from 5.13rc1) | ||
6123 | |||
6124 | # fixed-version: only affects 5.10rc1 onwards | ||
6125 | CVE_CHECK_WHITELIST += "CVE-2021-47047" | ||
6126 | |||
6127 | # fixed-version: only affects 5.10rc1 onwards | ||
6128 | CVE_CHECK_WHITELIST += "CVE-2021-47048" | ||
6129 | |||
6130 | # CVE-2021-47049 needs backporting (fixed from 5.13rc1) | ||
6131 | |||
6132 | # fixed-version: only affects 5.9rc1 onwards | ||
6133 | CVE_CHECK_WHITELIST += "CVE-2021-47050" | ||
6134 | |||
6135 | # cpe-stable-backport: Backported in 5.4.119 | ||
6136 | CVE_CHECK_WHITELIST += "CVE-2021-47051" | ||
6137 | |||
6138 | # CVE-2021-47052 needs backporting (fixed from 5.13rc1) | ||
6139 | |||
6140 | # fixed-version: only affects 5.10rc1 onwards | ||
6141 | CVE_CHECK_WHITELIST += "CVE-2021-47053" | ||
6142 | |||
6143 | # cpe-stable-backport: Backported in 5.4.119 | ||
6144 | CVE_CHECK_WHITELIST += "CVE-2021-47054" | ||
6145 | |||
6146 | # fixed-version: only affects 5.9rc1 onwards | ||
6147 | CVE_CHECK_WHITELIST += "CVE-2021-47055" | ||
6148 | |||
6149 | # cpe-stable-backport: Backported in 5.4.119 | ||
6150 | CVE_CHECK_WHITELIST += "CVE-2021-47056" | ||
6151 | |||
6152 | # fixed-version: only affects 5.10rc1 onwards | ||
6153 | CVE_CHECK_WHITELIST += "CVE-2021-47057" | ||
6154 | |||
6155 | # fixed-version: only affects 5.11rc3 onwards | ||
6156 | CVE_CHECK_WHITELIST += "CVE-2021-47058" | ||
6157 | |||
6158 | # CVE-2021-47059 needs backporting (fixed from 5.13rc1) | ||
6159 | |||
6160 | # fixed-version: only affects 5.9rc5 onwards | ||
6161 | CVE_CHECK_WHITELIST += "CVE-2021-47060" | ||
6162 | |||
6163 | # fixed-version: only affects 5.9rc5 onwards | ||
6164 | CVE_CHECK_WHITELIST += "CVE-2021-47061" | ||
6165 | |||
6166 | # fixed-version: only affects 5.11rc1 onwards | ||
6167 | CVE_CHECK_WHITELIST += "CVE-2021-47062" | ||
6168 | |||
6169 | # CVE-2021-47063 needs backporting (fixed from 5.13rc1) | ||
6170 | |||
6171 | # fixed-version: only affects 5.10rc1 onwards | ||
6172 | CVE_CHECK_WHITELIST += "CVE-2021-47064" | ||
6173 | |||
6174 | # cpe-stable-backport: Backported in 5.4.119 | ||
6175 | CVE_CHECK_WHITELIST += "CVE-2021-47065" | ||
6176 | |||
6177 | # fixed-version: only affects 5.10rc1 onwards | ||
6178 | CVE_CHECK_WHITELIST += "CVE-2021-47066" | ||
6179 | |||
6180 | # fixed-version: only affects 5.5rc1 onwards | ||
6181 | CVE_CHECK_WHITELIST += "CVE-2021-47067" | ||
6182 | |||
6183 | # fixed-version: only affects 5.12rc7 onwards | ||
6184 | CVE_CHECK_WHITELIST += "CVE-2021-47068" | ||
6185 | |||
6186 | # fixed-version: only affects 5.6rc1 onwards | ||
6187 | CVE_CHECK_WHITELIST += "CVE-2021-47069" | ||
6188 | |||
6189 | # CVE-2021-47070 needs backporting (fixed from 5.13rc3) | ||
6190 | |||
6191 | # cpe-stable-backport: Backported in 5.4.122 | ||
6192 | CVE_CHECK_WHITELIST += "CVE-2021-47071" | ||
6193 | |||
6194 | # fixed-version: only affects 5.12rc1 onwards | ||
6195 | CVE_CHECK_WHITELIST += "CVE-2021-47072" | ||
6196 | |||
6197 | # cpe-stable-backport: Backported in 5.4.122 | ||
6198 | CVE_CHECK_WHITELIST += "CVE-2021-47073" | ||
6199 | |||
6200 | # CVE-2021-47074 needs backporting (fixed from 5.13rc3) | ||
6201 | |||
6202 | # CVE-2021-47075 needs backporting (fixed from 5.13rc3) | ||
6203 | |||
6204 | # CVE-2021-47076 needs backporting (fixed from 5.13rc3) | ||
6205 | |||
6206 | # CVE-2021-47077 needs backporting (fixed from 5.13rc3) | ||
6207 | |||
6208 | # cpe-stable-backport: Backported in 5.4.122 | ||
6209 | CVE_CHECK_WHITELIST += "CVE-2021-47078" | ||
6210 | |||
6211 | # fixed-version: only affects 5.12rc1 onwards | ||
6212 | CVE_CHECK_WHITELIST += "CVE-2021-47079" | ||
6213 | |||
6214 | # fixed-version: only affects 5.10rc1 onwards | ||
6215 | CVE_CHECK_WHITELIST += "CVE-2021-47080" | ||
6216 | |||
6217 | # fixed-version: only affects 5.12rc1 onwards | ||
6218 | CVE_CHECK_WHITELIST += "CVE-2021-47081" | ||
6219 | |||
6220 | # cpe-stable-backport: Backported in 5.4.240 | ||
6221 | CVE_CHECK_WHITELIST += "CVE-2021-47082" | ||
6222 | |||
6223 | # cpe-stable-backport: Backported in 5.4.169 | ||
6224 | CVE_CHECK_WHITELIST += "CVE-2021-47083" | ||
6225 | |||
6226 | # cpe-stable-backport: Backported in 5.4.169 | ||
6227 | CVE_CHECK_WHITELIST += "CVE-2021-47086" | ||
6228 | |||
6229 | # fixed-version: only affects 5.14rc5 onwards | ||
6230 | CVE_CHECK_WHITELIST += "CVE-2021-47087" | ||
6231 | |||
6232 | # fixed-version: only affects 5.15rc1 onwards | ||
6233 | CVE_CHECK_WHITELIST += "CVE-2021-47088" | ||
6234 | |||
6235 | # fixed-version: only affects 5.12rc1 onwards | ||
6236 | CVE_CHECK_WHITELIST += "CVE-2021-47089" | ||
6237 | |||
6238 | # fixed-version: only affects 5.10rc1 onwards | ||
6239 | CVE_CHECK_WHITELIST += "CVE-2021-47090" | ||
6240 | |||
6241 | # fixed-version: only affects 5.10rc1 onwards | ||
6242 | CVE_CHECK_WHITELIST += "CVE-2021-47091" | ||
6243 | |||
6244 | # fixed-version: only affects 5.15rc4 onwards | ||
6245 | CVE_CHECK_WHITELIST += "CVE-2021-47092" | ||
6246 | |||
6247 | # fixed-version: only affects 5.9 onwards | ||
6248 | CVE_CHECK_WHITELIST += "CVE-2021-47093" | ||
6249 | |||
6250 | # fixed-version: only affects 5.10rc1 onwards | ||
6251 | CVE_CHECK_WHITELIST += "CVE-2021-47094" | ||
6252 | |||
6253 | # cpe-stable-backport: Backported in 5.4.169 | ||
6254 | CVE_CHECK_WHITELIST += "CVE-2021-47095" | ||
6255 | |||
6256 | # fixed-version: only affects 5.15rc4 onwards | ||
6257 | CVE_CHECK_WHITELIST += "CVE-2021-47096" | ||
6258 | |||
6259 | # fixed-version: only affects 5.11rc1 onwards | ||
6260 | CVE_CHECK_WHITELIST += "CVE-2021-47097" | ||
6261 | |||
6262 | # fixed-version: only affects 5.14rc1 onwards | ||
6263 | CVE_CHECK_WHITELIST += "CVE-2021-47098" | ||
6264 | |||
6265 | # fixed-version: only affects 5.13rc1 onwards | ||
6266 | CVE_CHECK_WHITELIST += "CVE-2021-47099" | ||
6267 | |||
6268 | # cpe-stable-backport: Backported in 5.4.169 | ||
6269 | CVE_CHECK_WHITELIST += "CVE-2021-47100" | ||
6270 | |||
6271 | # CVE-2021-47101 needs backporting (fixed from 5.16rc7) | ||
6272 | |||
6273 | # fixed-version: only affects 5.14rc1 onwards | ||
6274 | CVE_CHECK_WHITELIST += "CVE-2021-47102" | ||
6275 | |||
6276 | # cpe-stable-backport: Backported in 5.4.220 | ||
6277 | CVE_CHECK_WHITELIST += "CVE-2021-47103" | ||
6278 | |||
6279 | # fixed-version: only affects 5.15 onwards | ||
6280 | CVE_CHECK_WHITELIST += "CVE-2021-47104" | ||
6281 | |||
6282 | # fixed-version: only affects 5.5rc1 onwards | ||
6283 | CVE_CHECK_WHITELIST += "CVE-2021-47105" | ||
6284 | |||
6285 | # fixed-version: only affects 5.13rc1 onwards | ||
6286 | CVE_CHECK_WHITELIST += "CVE-2021-47106" | ||
6287 | |||
6288 | # fixed-version: only affects 5.13rc1 onwards | ||
6289 | CVE_CHECK_WHITELIST += "CVE-2021-47107" | ||
6290 | |||
6291 | # fixed-version: only affects 5.14rc1 onwards | ||
6292 | CVE_CHECK_WHITELIST += "CVE-2021-47108" | ||
6293 | |||
6294 | # cpe-stable-backport: Backported in 5.4.125 | ||
6295 | CVE_CHECK_WHITELIST += "CVE-2021-47109" | ||
6296 | |||
6297 | # cpe-stable-backport: Backported in 5.4.125 | ||
6298 | CVE_CHECK_WHITELIST += "CVE-2021-47110" | ||
6299 | |||
6300 | # fixed-version: only affects 5.5rc1 onwards | ||
6301 | CVE_CHECK_WHITELIST += "CVE-2021-47111" | ||
6302 | |||
6303 | # cpe-stable-backport: Backported in 5.4.125 | ||
6304 | CVE_CHECK_WHITELIST += "CVE-2021-47112" | ||
6305 | |||
6306 | # CVE-2021-47113 needs backporting (fixed from 5.13rc5) | ||
6307 | |||
6308 | # cpe-stable-backport: Backported in 5.4.125 | ||
6309 | CVE_CHECK_WHITELIST += "CVE-2021-47114" | ||
6310 | |||
6311 | # CVE-2021-47116 needs backporting (fixed from 5.13rc5) | ||
6312 | |||
6313 | # cpe-stable-backport: Backported in 5.4.125 | ||
6314 | CVE_CHECK_WHITELIST += "CVE-2021-47117" | ||
6315 | |||
6316 | # cpe-stable-backport: Backported in 5.4.125 | ||
6317 | CVE_CHECK_WHITELIST += "CVE-2021-47118" | ||
6318 | |||
6319 | # CVE-2021-47119 needs backporting (fixed from 5.13rc5) | ||
6320 | |||
6321 | # cpe-stable-backport: Backported in 5.4.125 | ||
6322 | CVE_CHECK_WHITELIST += "CVE-2021-47120" | ||
6323 | |||
6324 | # cpe-stable-backport: Backported in 5.4.125 | ||
6325 | CVE_CHECK_WHITELIST += "CVE-2021-47121" | ||
6326 | |||
6327 | # cpe-stable-backport: Backported in 5.4.125 | ||
6328 | CVE_CHECK_WHITELIST += "CVE-2021-47122" | ||
6329 | |||
6330 | # fixed-version: only affects 5.11rc1 onwards | ||
6331 | CVE_CHECK_WHITELIST += "CVE-2021-47123" | ||
6332 | |||
6333 | # CVE-2021-47124 needs backporting (fixed from 5.13rc2) | ||
6334 | |||
6335 | # CVE-2021-47125 needs backporting (fixed from 5.13rc5) | ||
6336 | |||
6337 | # cpe-stable-backport: Backported in 5.4.125 | ||
6338 | CVE_CHECK_WHITELIST += "CVE-2021-47126" | ||
6339 | |||
6340 | # fixed-version: only affects 5.12rc1 onwards | ||
6341 | CVE_CHECK_WHITELIST += "CVE-2021-47127" | ||
6342 | |||
6343 | # CVE-2021-47128 needs backporting (fixed from 5.13rc5) | ||
6344 | |||
6345 | # cpe-stable-backport: Backported in 5.4.125 | ||
6346 | CVE_CHECK_WHITELIST += "CVE-2021-47129" | ||
6347 | |||
6348 | # fixed-version: only affects 5.8rc1 onwards | ||
6349 | CVE_CHECK_WHITELIST += "CVE-2021-47130" | ||
6350 | |||
6351 | # CVE-2021-47131 needs backporting (fixed from 5.13rc5) | ||
6352 | |||
6353 | # fixed-version: only affects 5.12rc1 onwards | ||
6354 | CVE_CHECK_WHITELIST += "CVE-2021-47132" | ||
6355 | |||
6356 | # CVE-2021-47133 needs backporting (fixed from 5.13rc5) | ||
6357 | |||
6358 | # fixed-version: only affects 5.10rc1 onwards | ||
6359 | CVE_CHECK_WHITELIST += "CVE-2021-47134" | ||
6360 | |||
6361 | # CVE-2021-47135 needs backporting (fixed from 5.13rc5) | ||
6362 | |||
6363 | # CVE-2021-47136 needs backporting (fixed from 5.13rc4) | ||
6364 | |||
6365 | # cpe-stable-backport: Backported in 5.4.124 | ||
6366 | CVE_CHECK_WHITELIST += "CVE-2021-47137" | ||
6367 | |||
6368 | # cpe-stable-backport: Backported in 5.4.124 | ||
6369 | CVE_CHECK_WHITELIST += "CVE-2021-47138" | ||
6370 | |||
6371 | # fixed-version: only affects 5.6rc1 onwards | ||
6372 | CVE_CHECK_WHITELIST += "CVE-2021-47139" | ||
6373 | |||
6374 | # CVE-2021-47140 needs backporting (fixed from 5.13rc4) | ||
6375 | |||
6376 | # cpe-stable-backport: Backported in 5.4.124 | ||
6377 | CVE_CHECK_WHITELIST += "CVE-2021-47141" | ||
6378 | |||
6379 | # cpe-stable-backport: Backported in 5.4.124 | ||
6380 | CVE_CHECK_WHITELIST += "CVE-2021-47142" | ||
6381 | |||
6382 | # CVE-2021-47143 needs backporting (fixed from 5.13rc4) | ||
6383 | |||
6384 | # cpe-stable-backport: Backported in 5.4.124 | ||
6385 | CVE_CHECK_WHITELIST += "CVE-2021-47144" | ||
6386 | |||
6387 | # cpe-stable-backport: Backported in 5.4.124 | ||
6388 | CVE_CHECK_WHITELIST += "CVE-2021-47145" | ||
6389 | |||
6390 | # cpe-stable-backport: Backported in 5.4.124 | ||
6391 | CVE_CHECK_WHITELIST += "CVE-2021-47146" | ||
6392 | |||
6393 | # CVE-2021-47147 needs backporting (fixed from 5.13rc4) | ||
6394 | |||
6395 | # fixed-version: only affects 5.12rc1 onwards | ||
6396 | CVE_CHECK_WHITELIST += "CVE-2021-47148" | ||
6397 | |||
6398 | # cpe-stable-backport: Backported in 5.4.124 | ||
6399 | CVE_CHECK_WHITELIST += "CVE-2021-47149" | ||
6400 | |||
6401 | # cpe-stable-backport: Backported in 5.4.124 | ||
6402 | CVE_CHECK_WHITELIST += "CVE-2021-47150" | ||
6403 | |||
6404 | # CVE-2021-47151 needs backporting (fixed from 5.13rc4) | ||
6405 | |||
6406 | # fixed-version: only affects 5.7rc1 onwards | ||
6407 | CVE_CHECK_WHITELIST += "CVE-2021-47152" | ||
6408 | |||
6409 | # cpe-stable-backport: Backported in 5.4.124 | ||
6410 | CVE_CHECK_WHITELIST += "CVE-2021-47153" | ||
6411 | |||
6412 | # CVE-2021-47158 needs backporting (fixed from 5.13rc4) | ||
6413 | |||
6414 | # cpe-stable-backport: Backported in 5.4.124 | ||
6415 | CVE_CHECK_WHITELIST += "CVE-2021-47159" | ||
6416 | |||
6417 | # cpe-stable-backport: Backported in 5.4.124 | ||
6418 | CVE_CHECK_WHITELIST += "CVE-2021-47160" | ||
6419 | |||
6420 | # cpe-stable-backport: Backported in 5.4.124 | ||
6421 | CVE_CHECK_WHITELIST += "CVE-2021-47161" | ||
6422 | |||
6423 | # cpe-stable-backport: Backported in 5.4.124 | ||
6424 | CVE_CHECK_WHITELIST += "CVE-2021-47162" | ||
6425 | |||
6426 | # cpe-stable-backport: Backported in 5.4.124 | ||
6427 | CVE_CHECK_WHITELIST += "CVE-2021-47163" | ||
6428 | |||
6429 | # fixed-version: only affects 5.8rc1 onwards | ||
6430 | CVE_CHECK_WHITELIST += "CVE-2021-47164" | ||
6431 | |||
6432 | # cpe-stable-backport: Backported in 5.4.124 | ||
6433 | CVE_CHECK_WHITELIST += "CVE-2021-47165" | ||
6434 | |||
6435 | # cpe-stable-backport: Backported in 5.4.124 | ||
6436 | CVE_CHECK_WHITELIST += "CVE-2021-47166" | ||
6437 | |||
6438 | # cpe-stable-backport: Backported in 5.4.124 | ||
6439 | CVE_CHECK_WHITELIST += "CVE-2021-47167" | ||
6440 | |||
6441 | # cpe-stable-backport: Backported in 5.4.124 | ||
6442 | CVE_CHECK_WHITELIST += "CVE-2021-47168" | ||
6443 | |||
6444 | # cpe-stable-backport: Backported in 5.4.124 | ||
6445 | CVE_CHECK_WHITELIST += "CVE-2021-47169" | ||
6446 | |||
6447 | # cpe-stable-backport: Backported in 5.4.124 | ||
6448 | CVE_CHECK_WHITELIST += "CVE-2021-47170" | ||
6449 | |||
6450 | # cpe-stable-backport: Backported in 5.4.124 | ||
6451 | CVE_CHECK_WHITELIST += "CVE-2021-47171" | ||
6452 | |||
6453 | # cpe-stable-backport: Backported in 5.4.124 | ||
6454 | CVE_CHECK_WHITELIST += "CVE-2021-47172" | ||
6455 | |||
6456 | # cpe-stable-backport: Backported in 5.4.124 | ||
6457 | CVE_CHECK_WHITELIST += "CVE-2021-47173" | ||
6458 | |||
6459 | # fixed-version: only affects 5.7rc1 onwards | ||
6460 | CVE_CHECK_WHITELIST += "CVE-2021-47174" | ||
6461 | |||
6462 | # CVE-2021-47175 needs backporting (fixed from 5.13rc4) | ||
6463 | |||
6464 | # fixed-version: only affects 5.11rc1 onwards | ||
6465 | CVE_CHECK_WHITELIST += "CVE-2021-47176" | ||
6466 | |||
6467 | # cpe-stable-backport: Backported in 5.4.124 | ||
6468 | CVE_CHECK_WHITELIST += "CVE-2021-47177" | ||
6469 | |||
6470 | # fixed-version: only affects 5.11rc1 onwards | ||
6471 | CVE_CHECK_WHITELIST += "CVE-2021-47178" | ||
6472 | |||
6473 | # cpe-stable-backport: Backported in 5.4.124 | ||
6474 | CVE_CHECK_WHITELIST += "CVE-2021-47179" | ||
6475 | |||
6476 | # cpe-stable-backport: Backported in 5.4.123 | ||
6477 | CVE_CHECK_WHITELIST += "CVE-2021-47180" | ||
6478 | |||
5677 | # cpe-stable-backport: Backported in 5.4.184 | 6479 | # cpe-stable-backport: Backported in 5.4.184 |
5678 | CVE_CHECK_WHITELIST += "CVE-2022-0001" | 6480 | CVE_CHECK_WHITELIST += "CVE-2022-0001" |
5679 | 6481 | ||
@@ -6595,6 +7397,19 @@ CVE_CHECK_WHITELIST += "CVE-2022-48502" | |||
6595 | # cpe-stable-backport: Backported in 5.4.196 | 7397 | # cpe-stable-backport: Backported in 5.4.196 |
6596 | CVE_CHECK_WHITELIST += "CVE-2022-48619" | 7398 | CVE_CHECK_WHITELIST += "CVE-2022-48619" |
6597 | 7399 | ||
7400 | # cpe-stable-backport: Backported in 5.4.179 | ||
7401 | CVE_CHECK_WHITELIST += "CVE-2022-48626" | ||
7402 | |||
7403 | # CVE-2022-48627 needs backporting (fixed from 5.19rc7) | ||
7404 | |||
7405 | # CVE-2022-48628 needs backporting (fixed from 6.6rc1) | ||
7406 | |||
7407 | # cpe-stable-backport: Backported in 5.4.187 | ||
7408 | CVE_CHECK_WHITELIST += "CVE-2022-48629" | ||
7409 | |||
7410 | # fixed-version: only affects 5.17 onwards | ||
7411 | CVE_CHECK_WHITELIST += "CVE-2022-48630" | ||
7412 | |||
6598 | # fixed-version: Fixed after version 5.0rc1 | 7413 | # fixed-version: Fixed after version 5.0rc1 |
6599 | CVE_CHECK_WHITELIST += "CVE-2023-0030" | 7414 | CVE_CHECK_WHITELIST += "CVE-2023-0030" |
6600 | 7415 | ||
@@ -6940,6 +7755,8 @@ CVE_CHECK_WHITELIST += "CVE-2023-28466" | |||
6940 | # cpe-stable-backport: Backported in 5.4.213 | 7755 | # cpe-stable-backport: Backported in 5.4.213 |
6941 | CVE_CHECK_WHITELIST += "CVE-2023-2860" | 7756 | CVE_CHECK_WHITELIST += "CVE-2023-2860" |
6942 | 7757 | ||
7758 | # CVE-2023-28746 needs backporting (fixed from 6.9rc1) | ||
7759 | |||
6943 | # cpe-stable-backport: Backported in 5.4.133 | 7760 | # cpe-stable-backport: Backported in 5.4.133 |
6944 | CVE_CHECK_WHITELIST += "CVE-2023-28772" | 7761 | CVE_CHECK_WHITELIST += "CVE-2023-28772" |
6945 | 7762 | ||
@@ -7339,7 +8156,7 @@ CVE_CHECK_WHITELIST += "CVE-2023-46838" | |||
7339 | # fixed-version: only affects 5.10rc1 onwards | 8156 | # fixed-version: only affects 5.10rc1 onwards |
7340 | CVE_CHECK_WHITELIST += "CVE-2023-46862" | 8157 | CVE_CHECK_WHITELIST += "CVE-2023-46862" |
7341 | 8158 | ||
7342 | # CVE-2023-47233 has no known resolution | 8159 | # CVE-2023-47233 needs backporting (fixed from 6.9rc1) |
7343 | 8160 | ||
7344 | # fixed-version: only affects 5.7rc1 onwards | 8161 | # fixed-version: only affects 5.7rc1 onwards |
7345 | CVE_CHECK_WHITELIST += "CVE-2023-4732" | 8162 | CVE_CHECK_WHITELIST += "CVE-2023-4732" |
@@ -7383,6 +8200,471 @@ CVE_CHECK_WHITELIST += "CVE-2023-5197" | |||
7383 | # cpe-stable-backport: Backported in 5.4.267 | 8200 | # cpe-stable-backport: Backported in 5.4.267 |
7384 | CVE_CHECK_WHITELIST += "CVE-2023-52340" | 8201 | CVE_CHECK_WHITELIST += "CVE-2023-52340" |
7385 | 8202 | ||
8203 | # CVE-2023-52429 needs backporting (fixed from 6.8rc3) | ||
8204 | |||
8205 | # fixed-version: only affects 6.5rc6 onwards | ||
8206 | CVE_CHECK_WHITELIST += "CVE-2023-52433" | ||
8207 | |||
8208 | # CVE-2023-52434 needs backporting (fixed from 6.7rc6) | ||
8209 | |||
8210 | # cpe-stable-backport: Backported in 5.4.269 | ||
8211 | CVE_CHECK_WHITELIST += "CVE-2023-52435" | ||
8212 | |||
8213 | # cpe-stable-backport: Backported in 5.4.268 | ||
8214 | CVE_CHECK_WHITELIST += "CVE-2023-52436" | ||
8215 | |||
8216 | # cpe-stable-backport: Backported in 5.4.268 | ||
8217 | CVE_CHECK_WHITELIST += "CVE-2023-52438" | ||
8218 | |||
8219 | # cpe-stable-backport: Backported in 5.4.268 | ||
8220 | CVE_CHECK_WHITELIST += "CVE-2023-52439" | ||
8221 | |||
8222 | # fixed-version: only affects 5.17rc4 onwards | ||
8223 | CVE_CHECK_WHITELIST += "CVE-2023-52440" | ||
8224 | |||
8225 | # fixed-version: only affects 5.15rc1 onwards | ||
8226 | CVE_CHECK_WHITELIST += "CVE-2023-52441" | ||
8227 | |||
8228 | # CVE-2023-52442 needs backporting (fixed from 6.5rc4) | ||
8229 | |||
8230 | # cpe-stable-backport: Backported in 5.4.268 | ||
8231 | CVE_CHECK_WHITELIST += "CVE-2023-52443" | ||
8232 | |||
8233 | # cpe-stable-backport: Backported in 5.4.268 | ||
8234 | CVE_CHECK_WHITELIST += "CVE-2023-52444" | ||
8235 | |||
8236 | # cpe-stable-backport: Backported in 5.4.268 | ||
8237 | CVE_CHECK_WHITELIST += "CVE-2023-52445" | ||
8238 | |||
8239 | # fixed-version: only affects 6.2rc1 onwards | ||
8240 | CVE_CHECK_WHITELIST += "CVE-2023-52446" | ||
8241 | |||
8242 | # fixed-version: only affects 5.9rc1 onwards | ||
8243 | CVE_CHECK_WHITELIST += "CVE-2023-52447" | ||
8244 | |||
8245 | # cpe-stable-backport: Backported in 5.4.268 | ||
8246 | CVE_CHECK_WHITELIST += "CVE-2023-52448" | ||
8247 | |||
8248 | # cpe-stable-backport: Backported in 5.4.268 | ||
8249 | CVE_CHECK_WHITELIST += "CVE-2023-52449" | ||
8250 | |||
8251 | # fixed-version: only affects 6.2rc1 onwards | ||
8252 | CVE_CHECK_WHITELIST += "CVE-2023-52450" | ||
8253 | |||
8254 | # cpe-stable-backport: Backported in 5.4.268 | ||
8255 | CVE_CHECK_WHITELIST += "CVE-2023-52451" | ||
8256 | |||
8257 | # fixed-version: only affects 5.12rc1 onwards | ||
8258 | CVE_CHECK_WHITELIST += "CVE-2023-52452" | ||
8259 | |||
8260 | # fixed-version: only affects 6.2rc1 onwards | ||
8261 | CVE_CHECK_WHITELIST += "CVE-2023-52453" | ||
8262 | |||
8263 | # cpe-stable-backport: Backported in 5.4.268 | ||
8264 | CVE_CHECK_WHITELIST += "CVE-2023-52454" | ||
8265 | |||
8266 | # fixed-version: only affects 6.3rc1 onwards | ||
8267 | CVE_CHECK_WHITELIST += "CVE-2023-52455" | ||
8268 | |||
8269 | # fixed-version: only affects 5.9rc1 onwards | ||
8270 | CVE_CHECK_WHITELIST += "CVE-2023-52456" | ||
8271 | |||
8272 | # fixed-version: only affects 6.1rc6 onwards | ||
8273 | CVE_CHECK_WHITELIST += "CVE-2023-52457" | ||
8274 | |||
8275 | # CVE-2023-52458 needs backporting (fixed from 6.8rc1) | ||
8276 | |||
8277 | # fixed-version: only affects 6.6rc1 onwards | ||
8278 | CVE_CHECK_WHITELIST += "CVE-2023-52459" | ||
8279 | |||
8280 | # fixed-version: only affects 6.7rc1 onwards | ||
8281 | CVE_CHECK_WHITELIST += "CVE-2023-52460" | ||
8282 | |||
8283 | # fixed-version: only affects 6.7rc1 onwards | ||
8284 | CVE_CHECK_WHITELIST += "CVE-2023-52461" | ||
8285 | |||
8286 | # fixed-version: only affects 5.16rc1 onwards | ||
8287 | CVE_CHECK_WHITELIST += "CVE-2023-52462" | ||
8288 | |||
8289 | # fixed-version: only affects 5.8rc7 onwards | ||
8290 | CVE_CHECK_WHITELIST += "CVE-2023-52463" | ||
8291 | |||
8292 | # cpe-stable-backport: Backported in 5.4.268 | ||
8293 | CVE_CHECK_WHITELIST += "CVE-2023-52464" | ||
8294 | |||
8295 | # fixed-version: only affects 6.5rc1 onwards | ||
8296 | CVE_CHECK_WHITELIST += "CVE-2023-52465" | ||
8297 | |||
8298 | # fixed-version: only affects 5.9rc1 onwards | ||
8299 | CVE_CHECK_WHITELIST += "CVE-2023-52467" | ||
8300 | |||
8301 | # fixed-version: only affects 6.4rc1 onwards | ||
8302 | CVE_CHECK_WHITELIST += "CVE-2023-52468" | ||
8303 | |||
8304 | # cpe-stable-backport: Backported in 5.4.268 | ||
8305 | CVE_CHECK_WHITELIST += "CVE-2023-52469" | ||
8306 | |||
8307 | # cpe-stable-backport: Backported in 5.4.268 | ||
8308 | CVE_CHECK_WHITELIST += "CVE-2023-52470" | ||
8309 | |||
8310 | # fixed-version: only affects 6.7rc1 onwards | ||
8311 | CVE_CHECK_WHITELIST += "CVE-2023-52471" | ||
8312 | |||
8313 | # fixed-version: only affects 6.5rc1 onwards | ||
8314 | CVE_CHECK_WHITELIST += "CVE-2023-52472" | ||
8315 | |||
8316 | # fixed-version: only affects 6.4rc1 onwards | ||
8317 | CVE_CHECK_WHITELIST += "CVE-2023-52473" | ||
8318 | |||
8319 | # CVE-2023-52474 needs backporting (fixed from 6.4rc1) | ||
8320 | |||
8321 | # cpe-stable-backport: Backported in 5.4.259 | ||
8322 | CVE_CHECK_WHITELIST += "CVE-2023-52475" | ||
8323 | |||
8324 | # CVE-2023-52476 needs backporting (fixed from 6.6rc6) | ||
8325 | |||
8326 | # cpe-stable-backport: Backported in 5.4.259 | ||
8327 | CVE_CHECK_WHITELIST += "CVE-2023-52477" | ||
8328 | |||
8329 | # cpe-stable-backport: Backported in 5.4.259 | ||
8330 | CVE_CHECK_WHITELIST += "CVE-2023-52478" | ||
8331 | |||
8332 | # CVE-2023-52479 needs backporting (fixed from 6.6rc5) | ||
8333 | |||
8334 | # CVE-2023-52480 needs backporting (fixed from 6.6rc5) | ||
8335 | |||
8336 | # CVE-2023-52481 needs backporting (fixed from 6.6rc5) | ||
8337 | |||
8338 | # CVE-2023-52482 needs backporting (fixed from 6.6rc4) | ||
8339 | |||
8340 | # fixed-version: only affects 5.15rc1 onwards | ||
8341 | CVE_CHECK_WHITELIST += "CVE-2023-52483" | ||
8342 | |||
8343 | # CVE-2023-52484 needs backporting (fixed from 6.6rc5) | ||
8344 | |||
8345 | # CVE-2023-52485 needs backporting (fixed from 6.8rc1) | ||
8346 | |||
8347 | # cpe-stable-backport: Backported in 5.4.269 | ||
8348 | CVE_CHECK_WHITELIST += "CVE-2023-52486" | ||
8349 | |||
8350 | # fixed-version: only affects 6.5rc1 onwards | ||
8351 | CVE_CHECK_WHITELIST += "CVE-2023-52487" | ||
8352 | |||
8353 | # CVE-2023-52488 needs backporting (fixed from 6.8rc1) | ||
8354 | |||
8355 | # CVE-2023-52489 needs backporting (fixed from 6.8rc1) | ||
8356 | |||
8357 | # fixed-version: only affects 6.3rc1 onwards | ||
8358 | CVE_CHECK_WHITELIST += "CVE-2023-52490" | ||
8359 | |||
8360 | # CVE-2023-52491 needs backporting (fixed from 6.8rc1) | ||
8361 | |||
8362 | # fixed-version: only affects 5.6rc1 onwards | ||
8363 | CVE_CHECK_WHITELIST += "CVE-2023-52492" | ||
8364 | |||
8365 | # fixed-version: only affects 5.7rc1 onwards | ||
8366 | CVE_CHECK_WHITELIST += "CVE-2023-52493" | ||
8367 | |||
8368 | # fixed-version: only affects 5.13rc1 onwards | ||
8369 | CVE_CHECK_WHITELIST += "CVE-2023-52494" | ||
8370 | |||
8371 | # fixed-version: only affects 6.3rc1 onwards | ||
8372 | CVE_CHECK_WHITELIST += "CVE-2023-52495" | ||
8373 | |||
8374 | # CVE-2023-52497 needs backporting (fixed from 6.8rc1) | ||
8375 | |||
8376 | # CVE-2023-52498 needs backporting (fixed from 6.8rc1) | ||
8377 | |||
8378 | # fixed-version: only affects 5.12rc1 onwards | ||
8379 | CVE_CHECK_WHITELIST += "CVE-2023-52499" | ||
8380 | |||
8381 | # CVE-2023-52500 needs backporting (fixed from 6.6rc2) | ||
8382 | |||
8383 | # CVE-2023-52501 needs backporting (fixed from 6.6rc2) | ||
8384 | |||
8385 | # cpe-stable-backport: Backported in 5.4.259 | ||
8386 | CVE_CHECK_WHITELIST += "CVE-2023-52502" | ||
8387 | |||
8388 | # fixed-version: only affects 5.6rc1 onwards | ||
8389 | CVE_CHECK_WHITELIST += "CVE-2023-52503" | ||
8390 | |||
8391 | # cpe-stable-backport: Backported in 5.4.270 | ||
8392 | CVE_CHECK_WHITELIST += "CVE-2023-52504" | ||
8393 | |||
8394 | # fixed-version: only affects 5.18rc1 onwards | ||
8395 | CVE_CHECK_WHITELIST += "CVE-2023-52505" | ||
8396 | |||
8397 | # CVE-2023-52506 needs backporting (fixed from 6.6rc3) | ||
8398 | |||
8399 | # cpe-stable-backport: Backported in 5.4.259 | ||
8400 | CVE_CHECK_WHITELIST += "CVE-2023-52507" | ||
8401 | |||
8402 | # CVE-2023-52508 needs backporting (fixed from 6.6rc2) | ||
8403 | |||
8404 | # cpe-stable-backport: Backported in 5.4.259 | ||
8405 | CVE_CHECK_WHITELIST += "CVE-2023-52509" | ||
8406 | |||
8407 | # cpe-stable-backport: Backported in 5.4.259 | ||
8408 | CVE_CHECK_WHITELIST += "CVE-2023-52510" | ||
8409 | |||
8410 | # CVE-2023-52511 needs backporting (fixed from 6.6rc1) | ||
8411 | |||
8412 | # fixed-version: only affects 5.18rc1 onwards | ||
8413 | CVE_CHECK_WHITELIST += "CVE-2023-52512" | ||
8414 | |||
8415 | # cpe-stable-backport: Backported in 5.4.258 | ||
8416 | CVE_CHECK_WHITELIST += "CVE-2023-52513" | ||
8417 | |||
8418 | # CVE-2023-52515 needs backporting (fixed from 6.6rc5) | ||
8419 | |||
8420 | # CVE-2023-52516 needs backporting (fixed from 6.6rc1) | ||
8421 | |||
8422 | # CVE-2023-52517 needs backporting (fixed from 6.6rc1) | ||
8423 | |||
8424 | # fixed-version: only affects 5.16rc1 onwards | ||
8425 | CVE_CHECK_WHITELIST += "CVE-2023-52518" | ||
8426 | |||
8427 | # CVE-2023-52519 needs backporting (fixed from 6.6rc5) | ||
8428 | |||
8429 | # fixed-version: only affects 5.14rc1 onwards | ||
8430 | CVE_CHECK_WHITELIST += "CVE-2023-52520" | ||
8431 | |||
8432 | # cpe-stable-backport: Backported in 5.4.258 | ||
8433 | CVE_CHECK_WHITELIST += "CVE-2023-52522" | ||
8434 | |||
8435 | # fixed-version: only affects 5.13rc1 onwards | ||
8436 | CVE_CHECK_WHITELIST += "CVE-2023-52523" | ||
8437 | |||
8438 | # fixed-version: only affects 6.5rc1 onwards | ||
8439 | CVE_CHECK_WHITELIST += "CVE-2023-52524" | ||
8440 | |||
8441 | # fixed-version: only affects 6.6rc1 onwards | ||
8442 | CVE_CHECK_WHITELIST += "CVE-2023-52525" | ||
8443 | |||
8444 | # fixed-version: only affects 6.1rc1 onwards | ||
8445 | CVE_CHECK_WHITELIST += "CVE-2023-52526" | ||
8446 | |||
8447 | # cpe-stable-backport: Backported in 5.4.258 | ||
8448 | CVE_CHECK_WHITELIST += "CVE-2023-52527" | ||
8449 | |||
8450 | # cpe-stable-backport: Backported in 5.4.258 | ||
8451 | CVE_CHECK_WHITELIST += "CVE-2023-52528" | ||
8452 | |||
8453 | # fixed-version: only affects 5.14rc1 onwards | ||
8454 | CVE_CHECK_WHITELIST += "CVE-2023-52529" | ||
8455 | |||
8456 | # CVE-2023-52530 needs backporting (fixed from 6.6rc5) | ||
8457 | |||
8458 | # CVE-2023-52531 needs backporting (fixed from 6.6rc5) | ||
8459 | |||
8460 | # CVE-2023-52532 needs backporting (fixed from 6.6rc5) | ||
8461 | |||
8462 | # CVE-2023-52559 needs backporting (fixed from 6.6rc5) | ||
8463 | |||
8464 | # fixed-version: only affects 5.16rc5 onwards | ||
8465 | CVE_CHECK_WHITELIST += "CVE-2023-52560" | ||
8466 | |||
8467 | # CVE-2023-52561 needs backporting (fixed from 6.6rc1) | ||
8468 | |||
8469 | # fixed-version: only affects 6.0rc4 onwards | ||
8470 | CVE_CHECK_WHITELIST += "CVE-2023-52562" | ||
8471 | |||
8472 | # CVE-2023-52563 needs backporting (fixed from 6.6rc3) | ||
8473 | |||
8474 | # fixed-version: only affects 6.5rc4 onwards | ||
8475 | CVE_CHECK_WHITELIST += "CVE-2023-52564" | ||
8476 | |||
8477 | # CVE-2023-52565 needs backporting (fixed from 6.6rc3) | ||
8478 | |||
8479 | # cpe-stable-backport: Backported in 5.4.258 | ||
8480 | CVE_CHECK_WHITELIST += "CVE-2023-52566" | ||
8481 | |||
8482 | # fixed-version: only affects 6.4rc1 onwards | ||
8483 | CVE_CHECK_WHITELIST += "CVE-2023-52567" | ||
8484 | |||
8485 | # CVE-2023-52568 needs backporting (fixed from 6.6rc4) | ||
8486 | |||
8487 | # CVE-2023-52569 needs backporting (fixed from 6.6rc2) | ||
8488 | |||
8489 | # fixed-version: only affects 6.1rc1 onwards | ||
8490 | CVE_CHECK_WHITELIST += "CVE-2023-52570" | ||
8491 | |||
8492 | # CVE-2023-52571 needs backporting (fixed from 6.6rc4) | ||
8493 | |||
8494 | # CVE-2023-52572 needs backporting (fixed from 6.6rc3) | ||
8495 | |||
8496 | # cpe-stable-backport: Backported in 5.4.258 | ||
8497 | CVE_CHECK_WHITELIST += "CVE-2023-52573" | ||
8498 | |||
8499 | # cpe-stable-backport: Backported in 5.4.258 | ||
8500 | CVE_CHECK_WHITELIST += "CVE-2023-52574" | ||
8501 | |||
8502 | # fixed-version: only affects 6.5rc6 onwards | ||
8503 | CVE_CHECK_WHITELIST += "CVE-2023-52575" | ||
8504 | |||
8505 | # fixed-version: only affects 5.13rc1 onwards | ||
8506 | CVE_CHECK_WHITELIST += "CVE-2023-52576" | ||
8507 | |||
8508 | # fixed-version: only affects 6.6rc1 onwards | ||
8509 | CVE_CHECK_WHITELIST += "CVE-2023-52577" | ||
8510 | |||
8511 | # cpe-stable-backport: Backported in 5.4.258 | ||
8512 | CVE_CHECK_WHITELIST += "CVE-2023-52578" | ||
8513 | |||
8514 | # fixed-version: only affects 5.12rc1 onwards | ||
8515 | CVE_CHECK_WHITELIST += "CVE-2023-52580" | ||
8516 | |||
8517 | # fixed-version: only affects 6.5rc6 onwards | ||
8518 | CVE_CHECK_WHITELIST += "CVE-2023-52581" | ||
8519 | |||
8520 | # fixed-version: only affects 5.13rc1 onwards | ||
8521 | CVE_CHECK_WHITELIST += "CVE-2023-52582" | ||
8522 | |||
8523 | # cpe-stable-backport: Backported in 5.4.269 | ||
8524 | CVE_CHECK_WHITELIST += "CVE-2023-52583" | ||
8525 | |||
8526 | # CVE-2023-52584 needs backporting (fixed from 6.8rc1) | ||
8527 | |||
8528 | # CVE-2023-52585 needs backporting (fixed from 6.8rc1) | ||
8529 | |||
8530 | # CVE-2023-52586 needs backporting (fixed from 6.8rc1) | ||
8531 | |||
8532 | # cpe-stable-backport: Backported in 5.4.269 | ||
8533 | CVE_CHECK_WHITELIST += "CVE-2023-52587" | ||
8534 | |||
8535 | # CVE-2023-52588 needs backporting (fixed from 6.8rc1) | ||
8536 | |||
8537 | # CVE-2023-52589 needs backporting (fixed from 6.8rc1) | ||
8538 | |||
8539 | # CVE-2023-52590 needs backporting (fixed from 6.8rc1) | ||
8540 | |||
8541 | # CVE-2023-52591 needs backporting (fixed from 6.8rc1) | ||
8542 | |||
8543 | # CVE-2023-52593 needs backporting (fixed from 6.8rc1) | ||
8544 | |||
8545 | # cpe-stable-backport: Backported in 5.4.269 | ||
8546 | CVE_CHECK_WHITELIST += "CVE-2023-52594" | ||
8547 | |||
8548 | # cpe-stable-backport: Backported in 5.4.269 | ||
8549 | CVE_CHECK_WHITELIST += "CVE-2023-52595" | ||
8550 | |||
8551 | # CVE-2023-52596 needs backporting (fixed from 6.8rc1) | ||
8552 | |||
8553 | # cpe-stable-backport: Backported in 5.4.269 | ||
8554 | CVE_CHECK_WHITELIST += "CVE-2023-52597" | ||
8555 | |||
8556 | # cpe-stable-backport: Backported in 5.4.269 | ||
8557 | CVE_CHECK_WHITELIST += "CVE-2023-52598" | ||
8558 | |||
8559 | # cpe-stable-backport: Backported in 5.4.269 | ||
8560 | CVE_CHECK_WHITELIST += "CVE-2023-52599" | ||
8561 | |||
8562 | # cpe-stable-backport: Backported in 5.4.269 | ||
8563 | CVE_CHECK_WHITELIST += "CVE-2023-52600" | ||
8564 | |||
8565 | # cpe-stable-backport: Backported in 5.4.269 | ||
8566 | CVE_CHECK_WHITELIST += "CVE-2023-52601" | ||
8567 | |||
8568 | # cpe-stable-backport: Backported in 5.4.269 | ||
8569 | CVE_CHECK_WHITELIST += "CVE-2023-52602" | ||
8570 | |||
8571 | # cpe-stable-backport: Backported in 5.4.269 | ||
8572 | CVE_CHECK_WHITELIST += "CVE-2023-52603" | ||
8573 | |||
8574 | # cpe-stable-backport: Backported in 5.4.269 | ||
8575 | CVE_CHECK_WHITELIST += "CVE-2023-52604" | ||
8576 | |||
8577 | # cpe-stable-backport: Backported in 5.4.269 | ||
8578 | CVE_CHECK_WHITELIST += "CVE-2023-52606" | ||
8579 | |||
8580 | # cpe-stable-backport: Backported in 5.4.269 | ||
8581 | CVE_CHECK_WHITELIST += "CVE-2023-52607" | ||
8582 | |||
8583 | # fixed-version: only affects 5.7rc1 onwards | ||
8584 | CVE_CHECK_WHITELIST += "CVE-2023-52608" | ||
8585 | |||
8586 | # cpe-stable-backport: Backported in 5.4.268 | ||
8587 | CVE_CHECK_WHITELIST += "CVE-2023-52609" | ||
8588 | |||
8589 | # CVE-2023-52610 needs backporting (fixed from 6.8rc1) | ||
8590 | |||
8591 | # fixed-version: only affects 6.4rc1 onwards | ||
8592 | CVE_CHECK_WHITELIST += "CVE-2023-52611" | ||
8593 | |||
8594 | # cpe-stable-backport: Backported in 5.4.268 | ||
8595 | CVE_CHECK_WHITELIST += "CVE-2023-52612" | ||
8596 | |||
8597 | # fixed-version: only affects 6.6rc1 onwards | ||
8598 | CVE_CHECK_WHITELIST += "CVE-2023-52613" | ||
8599 | |||
8600 | # CVE-2023-52614 needs backporting (fixed from 6.8rc1) | ||
8601 | |||
8602 | # cpe-stable-backport: Backported in 5.4.269 | ||
8603 | CVE_CHECK_WHITELIST += "CVE-2023-52615" | ||
8604 | |||
8605 | # fixed-version: only affects 5.10rc1 onwards | ||
8606 | CVE_CHECK_WHITELIST += "CVE-2023-52616" | ||
8607 | |||
8608 | # cpe-stable-backport: Backported in 5.4.269 | ||
8609 | CVE_CHECK_WHITELIST += "CVE-2023-52617" | ||
8610 | |||
8611 | # CVE-2023-52618 needs backporting (fixed from 6.8rc1) | ||
8612 | |||
8613 | # cpe-stable-backport: Backported in 5.4.269 | ||
8614 | CVE_CHECK_WHITELIST += "CVE-2023-52619" | ||
8615 | |||
8616 | # CVE-2023-52620 needs backporting (fixed from 6.4) | ||
8617 | |||
8618 | # CVE-2023-52621 needs backporting (fixed from 6.8rc1) | ||
8619 | |||
8620 | # cpe-stable-backport: Backported in 5.4.269 | ||
8621 | CVE_CHECK_WHITELIST += "CVE-2023-52622" | ||
8622 | |||
8623 | # cpe-stable-backport: Backported in 5.4.269 | ||
8624 | CVE_CHECK_WHITELIST += "CVE-2023-52623" | ||
8625 | |||
8626 | # CVE-2023-52624 needs backporting (fixed from 6.8rc1) | ||
8627 | |||
8628 | # CVE-2023-52625 needs backporting (fixed from 6.8rc1) | ||
8629 | |||
8630 | # fixed-version: only affects 6.7rc2 onwards | ||
8631 | CVE_CHECK_WHITELIST += "CVE-2023-52626" | ||
8632 | |||
8633 | # fixed-version: only affects 5.6rc1 onwards | ||
8634 | CVE_CHECK_WHITELIST += "CVE-2023-52627" | ||
8635 | |||
8636 | # CVE-2023-52628 needs backporting (fixed from 6.6rc1) | ||
8637 | |||
8638 | # CVE-2023-52629 needs backporting (fixed from 6.6rc1) | ||
8639 | |||
8640 | # fixed-version: only affects 5.10rc1 onwards | ||
8641 | CVE_CHECK_WHITELIST += "CVE-2023-52630" | ||
8642 | |||
8643 | # fixed-version: only affects 5.15rc1 onwards | ||
8644 | CVE_CHECK_WHITELIST += "CVE-2023-52631" | ||
8645 | |||
8646 | # CVE-2023-52632 needs backporting (fixed from 6.8rc1) | ||
8647 | |||
8648 | # CVE-2023-52633 needs backporting (fixed from 6.8rc1) | ||
8649 | |||
8650 | # CVE-2023-52634 needs backporting (fixed from 6.8rc1) | ||
8651 | |||
8652 | # CVE-2023-52635 needs backporting (fixed from 6.8rc1) | ||
8653 | |||
8654 | # fixed-version: only affects 6.6rc1 onwards | ||
8655 | CVE_CHECK_WHITELIST += "CVE-2023-52636" | ||
8656 | |||
8657 | # cpe-stable-backport: Backported in 5.4.269 | ||
8658 | CVE_CHECK_WHITELIST += "CVE-2023-52637" | ||
8659 | |||
8660 | # CVE-2023-52638 needs backporting (fixed from 6.8rc5) | ||
8661 | |||
8662 | # CVE-2023-52639 needs backporting (fixed from 6.8rc4) | ||
8663 | |||
8664 | # CVE-2023-52640 needs backporting (fixed from 6.8rc4) | ||
8665 | |||
8666 | # CVE-2023-52641 needs backporting (fixed from 6.8rc4) | ||
8667 | |||
7386 | # fixed-version: only affects 6.1rc1 onwards | 8668 | # fixed-version: only affects 6.1rc1 onwards |
7387 | CVE_CHECK_WHITELIST += "CVE-2023-5345" | 8669 | CVE_CHECK_WHITELIST += "CVE-2023-5345" |
7388 | 8670 | ||
@@ -7417,16 +8699,19 @@ CVE_CHECK_WHITELIST += "CVE-2023-6200" | |||
7417 | 8699 | ||
7418 | # CVE-2023-6240 has no known resolution | 8700 | # CVE-2023-6240 has no known resolution |
7419 | 8701 | ||
7420 | # CVE-2023-6270 has no known resolution | 8702 | # cpe-stable-backport: Backported in 5.4.273 |
8703 | CVE_CHECK_WHITELIST += "CVE-2023-6270" | ||
7421 | 8704 | ||
7422 | # CVE-2023-6356 has no known resolution | 8705 | # cpe-stable-backport: Backported in 5.4.268 |
8706 | CVE_CHECK_WHITELIST += "CVE-2023-6356" | ||
7423 | 8707 | ||
7424 | # fixed-version: only affects 6.1rc1 onwards | 8708 | # fixed-version: only affects 6.1rc1 onwards |
7425 | CVE_CHECK_WHITELIST += "CVE-2023-6531" | 8709 | CVE_CHECK_WHITELIST += "CVE-2023-6531" |
7426 | 8710 | ||
7427 | # CVE-2023-6535 has no known resolution | 8711 | # CVE-2023-6535 has no known resolution |
7428 | 8712 | ||
7429 | # CVE-2023-6536 has no known resolution | 8713 | # cpe-stable-backport: Backported in 5.4.268 |
8714 | CVE_CHECK_WHITELIST += "CVE-2023-6536" | ||
7430 | 8715 | ||
7431 | # CVE-2023-6546 needs backporting (fixed from 6.5rc7) | 8716 | # CVE-2023-6546 needs backporting (fixed from 6.5rc7) |
7432 | 8717 | ||
@@ -7455,7 +8740,8 @@ CVE_CHECK_WHITELIST += "CVE-2023-6931" | |||
7455 | # cpe-stable-backport: Backported in 5.4.263 | 8740 | # cpe-stable-backport: Backported in 5.4.263 |
7456 | CVE_CHECK_WHITELIST += "CVE-2023-6932" | 8741 | CVE_CHECK_WHITELIST += "CVE-2023-6932" |
7457 | 8742 | ||
7458 | # CVE-2023-7042 has no known resolution | 8743 | # cpe-stable-backport: Backported in 5.4.273 |
8744 | CVE_CHECK_WHITELIST += "CVE-2023-7042" | ||
7459 | 8745 | ||
7460 | # cpe-stable-backport: Backported in 5.4.235 | 8746 | # cpe-stable-backport: Backported in 5.4.235 |
7461 | CVE_CHECK_WHITELIST += "CVE-2023-7192" | 8747 | CVE_CHECK_WHITELIST += "CVE-2023-7192" |
@@ -7463,7 +8749,8 @@ CVE_CHECK_WHITELIST += "CVE-2023-7192" | |||
7463 | # fixed-version: only affects 6.5rc6 onwards | 8749 | # fixed-version: only affects 6.5rc6 onwards |
7464 | CVE_CHECK_WHITELIST += "CVE-2024-0193" | 8750 | CVE_CHECK_WHITELIST += "CVE-2024-0193" |
7465 | 8751 | ||
7466 | # CVE-2024-0340 needs backporting (fixed from 6.4rc6) | 8752 | # cpe-stable-backport: Backported in 5.4.269 |
8753 | CVE_CHECK_WHITELIST += "CVE-2024-0340" | ||
7467 | 8754 | ||
7468 | # fixed-version: only affects 6.2rc1 onwards | 8755 | # fixed-version: only affects 6.2rc1 onwards |
7469 | CVE_CHECK_WHITELIST += "CVE-2024-0443" | 8756 | CVE_CHECK_WHITELIST += "CVE-2024-0443" |
@@ -7481,7 +8768,8 @@ CVE_CHECK_WHITELIST += "CVE-2024-0582" | |||
7481 | # cpe-stable-backport: Backported in 5.4.263 | 8768 | # cpe-stable-backport: Backported in 5.4.263 |
7482 | CVE_CHECK_WHITELIST += "CVE-2024-0584" | 8769 | CVE_CHECK_WHITELIST += "CVE-2024-0584" |
7483 | 8770 | ||
7484 | # CVE-2024-0607 needs backporting (fixed from 6.7rc2) | 8771 | # cpe-stable-backport: Backported in 5.4.269 |
8772 | CVE_CHECK_WHITELIST += "CVE-2024-0607" | ||
7485 | 8773 | ||
7486 | # fixed-version: only affects 5.13rc1 onwards | 8774 | # fixed-version: only affects 5.13rc1 onwards |
7487 | CVE_CHECK_WHITELIST += "CVE-2024-0639" | 8775 | CVE_CHECK_WHITELIST += "CVE-2024-0639" |
@@ -7495,37 +8783,47 @@ CVE_CHECK_WHITELIST += "CVE-2024-0646" | |||
7495 | # cpe-stable-backport: Backported in 5.4.243 | 8783 | # cpe-stable-backport: Backported in 5.4.243 |
7496 | CVE_CHECK_WHITELIST += "CVE-2024-0775" | 8784 | CVE_CHECK_WHITELIST += "CVE-2024-0775" |
7497 | 8785 | ||
7498 | # CVE-2024-0841 has no known resolution | 8786 | # cpe-stable-backport: Backported in 5.4.271 |
8787 | CVE_CHECK_WHITELIST += "CVE-2024-0841" | ||
7499 | 8788 | ||
7500 | # fixed-version: only affects 5.13rc1 onwards | 8789 | # fixed-version: only affects 5.13rc1 onwards |
7501 | CVE_CHECK_WHITELIST += "CVE-2024-1085" | 8790 | CVE_CHECK_WHITELIST += "CVE-2024-1085" |
7502 | 8791 | ||
7503 | # CVE-2024-1086 needs backporting (fixed from 6.8rc2) | 8792 | # cpe-stable-backport: Backported in 5.4.269 |
8793 | CVE_CHECK_WHITELIST += "CVE-2024-1086" | ||
8794 | |||
8795 | # CVE-2024-1151 needs backporting (fixed from 6.8rc5) | ||
7504 | 8796 | ||
7505 | # CVE-2024-1312 needs backporting (fixed from 6.5rc4) | 8797 | # CVE-2024-1312 needs backporting (fixed from 6.5rc4) |
7506 | 8798 | ||
7507 | # CVE-2024-21803 has no known resolution | 8799 | # CVE-2024-21803 has no known resolution |
7508 | 8800 | ||
7509 | # CVE-2024-22099 has no known resolution | 8801 | # CVE-2024-2193 has no known resolution |
8802 | |||
8803 | # cpe-stable-backport: Backported in 5.4.273 | ||
8804 | CVE_CHECK_WHITELIST += "CVE-2024-22099" | ||
7510 | 8805 | ||
7511 | # CVE-2024-22386 has no known resolution | 8806 | # CVE-2024-22386 has no known resolution |
7512 | 8807 | ||
7513 | # fixed-version: only affects 5.15rc1 onwards | 8808 | # fixed-version: only affects 5.15rc1 onwards |
7514 | CVE_CHECK_WHITELIST += "CVE-2024-22705" | 8809 | CVE_CHECK_WHITELIST += "CVE-2024-22705" |
7515 | 8810 | ||
7516 | # CVE-2024-23196 has no known resolution | 8811 | # cpe-stable-backport: Backported in 5.4.255 |
8812 | CVE_CHECK_WHITELIST += "CVE-2024-23196" | ||
7517 | 8813 | ||
7518 | # CVE-2024-23307 has no known resolution | 8814 | # CVE-2024-23307 needs backporting (fixed from 6.9rc1) |
7519 | 8815 | ||
7520 | # CVE-2024-23848 has no known resolution | 8816 | # CVE-2024-23848 has no known resolution |
7521 | 8817 | ||
7522 | # CVE-2024-23849 needs backporting (fixed from 6.8rc2) | 8818 | # cpe-stable-backport: Backported in 5.4.269 |
8819 | CVE_CHECK_WHITELIST += "CVE-2024-23849" | ||
7523 | 8820 | ||
7524 | # CVE-2024-23850 has no known resolution | 8821 | # fixed-version: only affects 5.9rc1 onwards |
8822 | CVE_CHECK_WHITELIST += "CVE-2024-23850" | ||
7525 | 8823 | ||
7526 | # CVE-2024-23851 has no known resolution | 8824 | # CVE-2024-23851 needs backporting (fixed from 6.8rc3) |
7527 | 8825 | ||
7528 | # CVE-2024-24855 has no known resolution | 8826 | # CVE-2024-24855 needs backporting (fixed from 6.5rc2) |
7529 | 8827 | ||
7530 | # CVE-2024-24857 has no known resolution | 8828 | # CVE-2024-24857 has no known resolution |
7531 | 8829 | ||
@@ -7533,9 +8831,615 @@ CVE_CHECK_WHITELIST += "CVE-2024-22705" | |||
7533 | 8831 | ||
7534 | # CVE-2024-24859 has no known resolution | 8832 | # CVE-2024-24859 has no known resolution |
7535 | 8833 | ||
7536 | # CVE-2024-24860 has no known resolution | 8834 | # CVE-2024-24860 needs backporting (fixed from 6.8rc1) |
7537 | 8835 | ||
7538 | # CVE-2024-24861 has no known resolution | 8836 | # CVE-2024-24861 needs backporting (fixed from 6.9rc1) |
7539 | 8837 | ||
7540 | # CVE-2024-24864 has no known resolution | 8838 | # CVE-2024-24864 has no known resolution |
7541 | 8839 | ||
8840 | # CVE-2024-25739 has no known resolution | ||
8841 | |||
8842 | # CVE-2024-25740 has no known resolution | ||
8843 | |||
8844 | # CVE-2024-25741 has no known resolution | ||
8845 | |||
8846 | # CVE-2024-25744 needs backporting (fixed from 6.7rc5) | ||
8847 | |||
8848 | # fixed-version: only affects 6.5rc4 onwards | ||
8849 | CVE_CHECK_WHITELIST += "CVE-2024-26581" | ||
8850 | |||
8851 | # fixed-version: only affects 6.0rc1 onwards | ||
8852 | CVE_CHECK_WHITELIST += "CVE-2024-26582" | ||
8853 | |||
8854 | # fixed-version: only affects 5.7 onwards | ||
8855 | CVE_CHECK_WHITELIST += "CVE-2024-26583" | ||
8856 | |||
8857 | # CVE-2024-26584 needs backporting (fixed from 6.8rc5) | ||
8858 | |||
8859 | # CVE-2024-26585 needs backporting (fixed from 6.8rc5) | ||
8860 | |||
8861 | # CVE-2024-26586 needs backporting (fixed from 6.8rc1) | ||
8862 | |||
8863 | # fixed-version: only affects 6.6rc1 onwards | ||
8864 | CVE_CHECK_WHITELIST += "CVE-2024-26587" | ||
8865 | |||
8866 | # fixed-version: only affects 6.1rc3 onwards | ||
8867 | CVE_CHECK_WHITELIST += "CVE-2024-26588" | ||
8868 | |||
8869 | # CVE-2024-26589 needs backporting (fixed from 6.8rc1) | ||
8870 | |||
8871 | # fixed-version: only affects 5.16rc1 onwards | ||
8872 | CVE_CHECK_WHITELIST += "CVE-2024-26590" | ||
8873 | |||
8874 | # fixed-version: only affects 5.13rc1 onwards | ||
8875 | CVE_CHECK_WHITELIST += "CVE-2024-26591" | ||
8876 | |||
8877 | # CVE-2024-26592 needs backporting (fixed from 6.8rc1) | ||
8878 | |||
8879 | # cpe-stable-backport: Backported in 5.4.269 | ||
8880 | CVE_CHECK_WHITELIST += "CVE-2024-26593" | ||
8881 | |||
8882 | # CVE-2024-26594 needs backporting (fixed from 6.8rc1) | ||
8883 | |||
8884 | # CVE-2024-26595 needs backporting (fixed from 6.8rc1) | ||
8885 | |||
8886 | # fixed-version: only affects 6.1rc1 onwards | ||
8887 | CVE_CHECK_WHITELIST += "CVE-2024-26596" | ||
8888 | |||
8889 | # cpe-stable-backport: Backported in 5.4.268 | ||
8890 | CVE_CHECK_WHITELIST += "CVE-2024-26597" | ||
8891 | |||
8892 | # cpe-stable-backport: Backported in 5.4.269 | ||
8893 | CVE_CHECK_WHITELIST += "CVE-2024-26598" | ||
8894 | |||
8895 | # fixed-version: only affects 5.17rc1 onwards | ||
8896 | CVE_CHECK_WHITELIST += "CVE-2024-26599" | ||
8897 | |||
8898 | # cpe-stable-backport: Backported in 5.4.269 | ||
8899 | CVE_CHECK_WHITELIST += "CVE-2024-26600" | ||
8900 | |||
8901 | # fixed-version: only affects 5.11rc1 onwards | ||
8902 | CVE_CHECK_WHITELIST += "CVE-2024-26601" | ||
8903 | |||
8904 | # cpe-stable-backport: Backported in 5.4.269 | ||
8905 | CVE_CHECK_WHITELIST += "CVE-2024-26602" | ||
8906 | |||
8907 | # fixed-version: only affects 5.14rc1 onwards | ||
8908 | CVE_CHECK_WHITELIST += "CVE-2024-26603" | ||
8909 | |||
8910 | # fixed-version: only affects 6.6rc1 onwards | ||
8911 | CVE_CHECK_WHITELIST += "CVE-2024-26604" | ||
8912 | |||
8913 | # fixed-version: only affects 6.7 onwards | ||
8914 | CVE_CHECK_WHITELIST += "CVE-2024-26605" | ||
8915 | |||
8916 | # cpe-stable-backport: Backported in 5.4.269 | ||
8917 | CVE_CHECK_WHITELIST += "CVE-2024-26606" | ||
8918 | |||
8919 | # CVE-2024-26607 needs backporting (fixed from 6.8rc2) | ||
8920 | |||
8921 | # fixed-version: only affects 5.15rc1 onwards | ||
8922 | CVE_CHECK_WHITELIST += "CVE-2024-26608" | ||
8923 | |||
8924 | # fixed-version: only affects 5.5rc1 onwards | ||
8925 | CVE_CHECK_WHITELIST += "CVE-2024-26610" | ||
8926 | |||
8927 | # fixed-version: only affects 6.6rc1 onwards | ||
8928 | CVE_CHECK_WHITELIST += "CVE-2024-26611" | ||
8929 | |||
8930 | # fixed-version: only affects 5.17rc1 onwards | ||
8931 | CVE_CHECK_WHITELIST += "CVE-2024-26612" | ||
8932 | |||
8933 | # CVE-2024-26614 needs backporting (fixed from 6.8rc2) | ||
8934 | |||
8935 | # cpe-stable-backport: Backported in 5.4.269 | ||
8936 | CVE_CHECK_WHITELIST += "CVE-2024-26615" | ||
8937 | |||
8938 | # fixed-version: only affects 6.4rc1 onwards | ||
8939 | CVE_CHECK_WHITELIST += "CVE-2024-26616" | ||
8940 | |||
8941 | # fixed-version: only affects 6.7rc1 onwards | ||
8942 | CVE_CHECK_WHITELIST += "CVE-2024-26617" | ||
8943 | |||
8944 | # fixed-version: only affects 6.5rc7 onwards | ||
8945 | CVE_CHECK_WHITELIST += "CVE-2024-26618" | ||
8946 | |||
8947 | # fixed-version: only affects 6.7rc5 onwards | ||
8948 | CVE_CHECK_WHITELIST += "CVE-2024-26619" | ||
8949 | |||
8950 | # fixed-version: only affects 6.0rc1 onwards | ||
8951 | CVE_CHECK_WHITELIST += "CVE-2024-26620" | ||
8952 | |||
8953 | # fixed-version: only affects 6.7 onwards | ||
8954 | CVE_CHECK_WHITELIST += "CVE-2024-26621" | ||
8955 | |||
8956 | # CVE-2024-26622 needs backporting (fixed from 6.8rc7) | ||
8957 | |||
8958 | # CVE-2024-26623 needs backporting (fixed from 6.8rc3) | ||
8959 | |||
8960 | # cpe-stable-backport: Backported in 5.4.269 | ||
8961 | CVE_CHECK_WHITELIST += "CVE-2024-26625" | ||
8962 | |||
8963 | # fixed-version: only affects 6.8rc1 onwards | ||
8964 | CVE_CHECK_WHITELIST += "CVE-2024-26626" | ||
8965 | |||
8966 | # CVE-2024-26627 needs backporting (fixed from 6.8rc3) | ||
8967 | |||
8968 | # fixed-version: only affects 5.19rc1 onwards | ||
8969 | CVE_CHECK_WHITELIST += "CVE-2024-26629" | ||
8970 | |||
8971 | # fixed-version: only affects 6.5rc1 onwards | ||
8972 | CVE_CHECK_WHITELIST += "CVE-2024-26630" | ||
8973 | |||
8974 | # fixed-version: only affects 5.13rc1 onwards | ||
8975 | CVE_CHECK_WHITELIST += "CVE-2024-26631" | ||
8976 | |||
8977 | # fixed-version: only affects 5.17rc1 onwards | ||
8978 | CVE_CHECK_WHITELIST += "CVE-2024-26632" | ||
8979 | |||
8980 | # cpe-stable-backport: Backported in 5.4.268 | ||
8981 | CVE_CHECK_WHITELIST += "CVE-2024-26633" | ||
8982 | |||
8983 | # fixed-version: only affects 6.6rc7 onwards | ||
8984 | CVE_CHECK_WHITELIST += "CVE-2024-26634" | ||
8985 | |||
8986 | # cpe-stable-backport: Backported in 5.4.269 | ||
8987 | CVE_CHECK_WHITELIST += "CVE-2024-26635" | ||
8988 | |||
8989 | # cpe-stable-backport: Backported in 5.4.269 | ||
8990 | CVE_CHECK_WHITELIST += "CVE-2024-26636" | ||
8991 | |||
8992 | # fixed-version: only affects 6.7 onwards | ||
8993 | CVE_CHECK_WHITELIST += "CVE-2024-26637" | ||
8994 | |||
8995 | # fixed-version: only affects 5.19rc1 onwards | ||
8996 | CVE_CHECK_WHITELIST += "CVE-2024-26638" | ||
8997 | |||
8998 | # fixed-version: only affects 6.8rc1 onwards | ||
8999 | CVE_CHECK_WHITELIST += "CVE-2024-26639" | ||
9000 | |||
9001 | # CVE-2024-26640 needs backporting (fixed from 6.8rc3) | ||
9002 | |||
9003 | # CVE-2024-26641 needs backporting (fixed from 6.8rc3) | ||
9004 | |||
9005 | # CVE-2024-26642 needs backporting (fixed from 6.8) | ||
9006 | |||
9007 | # fixed-version: only affects 6.5rc6 onwards | ||
9008 | CVE_CHECK_WHITELIST += "CVE-2024-26643" | ||
9009 | |||
9010 | # CVE-2024-26644 needs backporting (fixed from 6.8rc2) | ||
9011 | |||
9012 | # cpe-stable-backport: Backported in 5.4.269 | ||
9013 | CVE_CHECK_WHITELIST += "CVE-2024-26645" | ||
9014 | |||
9015 | # CVE-2024-26646 needs backporting (fixed from 6.8rc1) | ||
9016 | |||
9017 | # CVE-2024-26647 needs backporting (fixed from 6.8rc1) | ||
9018 | |||
9019 | # CVE-2024-26648 needs backporting (fixed from 6.8rc1) | ||
9020 | |||
9021 | # fixed-version: only affects 6.3rc1 onwards | ||
9022 | CVE_CHECK_WHITELIST += "CVE-2024-26649" | ||
9023 | |||
9024 | # CVE-2024-26650 needs backporting (fixed from 6.8rc2) | ||
9025 | |||
9026 | # cpe-stable-backport: Backported in 5.4.273 | ||
9027 | CVE_CHECK_WHITELIST += "CVE-2024-26651" | ||
9028 | |||
9029 | # fixed-version: only affects 6.4rc1 onwards | ||
9030 | CVE_CHECK_WHITELIST += "CVE-2024-26652" | ||
9031 | |||
9032 | # fixed-version: only affects 6.7rc1 onwards | ||
9033 | CVE_CHECK_WHITELIST += "CVE-2024-26653" | ||
9034 | |||
9035 | # CVE-2024-26654 needs backporting (fixed from 6.9rc2) | ||
9036 | |||
9037 | # CVE-2024-26655 needs backporting (fixed from 6.9rc2) | ||
9038 | |||
9039 | # CVE-2024-26656 needs backporting (fixed from 6.9rc1) | ||
9040 | |||
9041 | # fixed-version: only affects 6.7rc1 onwards | ||
9042 | CVE_CHECK_WHITELIST += "CVE-2024-26657" | ||
9043 | |||
9044 | # CVE-2024-26658 needs backporting (fixed from 6.8rc1) | ||
9045 | |||
9046 | # CVE-2024-26659 needs backporting (fixed from 6.8rc3) | ||
9047 | |||
9048 | # fixed-version: only affects 5.11rc1 onwards | ||
9049 | CVE_CHECK_WHITELIST += "CVE-2024-26660" | ||
9050 | |||
9051 | # fixed-version: only affects 5.9rc1 onwards | ||
9052 | CVE_CHECK_WHITELIST += "CVE-2024-26661" | ||
9053 | |||
9054 | # fixed-version: only affects 5.9rc1 onwards | ||
9055 | CVE_CHECK_WHITELIST += "CVE-2024-26662" | ||
9056 | |||
9057 | # cpe-stable-backport: Backported in 5.4.269 | ||
9058 | CVE_CHECK_WHITELIST += "CVE-2024-26663" | ||
9059 | |||
9060 | # cpe-stable-backport: Backported in 5.4.269 | ||
9061 | CVE_CHECK_WHITELIST += "CVE-2024-26664" | ||
9062 | |||
9063 | # fixed-version: only affects 5.9rc1 onwards | ||
9064 | CVE_CHECK_WHITELIST += "CVE-2024-26665" | ||
9065 | |||
9066 | # fixed-version: only affects 6.5rc1 onwards | ||
9067 | CVE_CHECK_WHITELIST += "CVE-2024-26666" | ||
9068 | |||
9069 | # fixed-version: only affects 5.19rc1 onwards | ||
9070 | CVE_CHECK_WHITELIST += "CVE-2024-26667" | ||
9071 | |||
9072 | # CVE-2024-26668 needs backporting (fixed from 6.8rc2) | ||
9073 | |||
9074 | # CVE-2024-26669 needs backporting (fixed from 6.8rc2) | ||
9075 | |||
9076 | # fixed-version: only affects 6.6rc5 onwards | ||
9077 | CVE_CHECK_WHITELIST += "CVE-2024-26670" | ||
9078 | |||
9079 | # cpe-stable-backport: Backported in 5.4.269 | ||
9080 | CVE_CHECK_WHITELIST += "CVE-2024-26671" | ||
9081 | |||
9082 | # CVE-2024-26672 needs backporting (fixed from 6.8rc1) | ||
9083 | |||
9084 | # cpe-stable-backport: Backported in 5.4.269 | ||
9085 | CVE_CHECK_WHITELIST += "CVE-2024-26673" | ||
9086 | |||
9087 | # fixed-version: only affects 6.4rc1 onwards | ||
9088 | CVE_CHECK_WHITELIST += "CVE-2024-26674" | ||
9089 | |||
9090 | # cpe-stable-backport: Backported in 5.4.269 | ||
9091 | CVE_CHECK_WHITELIST += "CVE-2024-26675" | ||
9092 | |||
9093 | # CVE-2024-26676 needs backporting (fixed from 6.8rc4) | ||
9094 | |||
9095 | # CVE-2024-26677 needs backporting (fixed from 6.8rc4) | ||
9096 | |||
9097 | # fixed-version: only affects 6.7rc1 onwards | ||
9098 | CVE_CHECK_WHITELIST += "CVE-2024-26678" | ||
9099 | |||
9100 | # cpe-stable-backport: Backported in 5.4.269 | ||
9101 | CVE_CHECK_WHITELIST += "CVE-2024-26679" | ||
9102 | |||
9103 | # fixed-version: only affects 5.5rc1 onwards | ||
9104 | CVE_CHECK_WHITELIST += "CVE-2024-26680" | ||
9105 | |||
9106 | # fixed-version: only affects 6.0rc1 onwards | ||
9107 | CVE_CHECK_WHITELIST += "CVE-2024-26681" | ||
9108 | |||
9109 | # fixed-version: only affects 6.7rc1 onwards | ||
9110 | CVE_CHECK_WHITELIST += "CVE-2024-26682" | ||
9111 | |||
9112 | # fixed-version: only affects 6.7rc1 onwards | ||
9113 | CVE_CHECK_WHITELIST += "CVE-2024-26683" | ||
9114 | |||
9115 | # cpe-stable-backport: Backported in 5.4.269 | ||
9116 | CVE_CHECK_WHITELIST += "CVE-2024-26684" | ||
9117 | |||
9118 | # cpe-stable-backport: Backported in 5.4.269 | ||
9119 | CVE_CHECK_WHITELIST += "CVE-2024-26685" | ||
9120 | |||
9121 | # CVE-2024-26686 needs backporting (fixed from 6.8rc4) | ||
9122 | |||
9123 | # CVE-2024-26687 needs backporting (fixed from 6.8rc5) | ||
9124 | |||
9125 | # cpe-stable-backport: Backported in 5.4.271 | ||
9126 | CVE_CHECK_WHITELIST += "CVE-2024-26688" | ||
9127 | |||
9128 | # CVE-2024-26689 needs backporting (fixed from 6.8rc4) | ||
9129 | |||
9130 | # fixed-version: only affects 6.6rc1 onwards | ||
9131 | CVE_CHECK_WHITELIST += "CVE-2024-26690" | ||
9132 | |||
9133 | # CVE-2024-26691 needs backporting (fixed from 6.8rc5) | ||
9134 | |||
9135 | # fixed-version: only affects 6.3rc1 onwards | ||
9136 | CVE_CHECK_WHITELIST += "CVE-2024-26692" | ||
9137 | |||
9138 | # fixed-version: only affects 6.4rc1 onwards | ||
9139 | CVE_CHECK_WHITELIST += "CVE-2024-26693" | ||
9140 | |||
9141 | # fixed-version: only affects 6.4rc1 onwards | ||
9142 | CVE_CHECK_WHITELIST += "CVE-2024-26694" | ||
9143 | |||
9144 | # fixed-version: only affects 6.0rc1 onwards | ||
9145 | CVE_CHECK_WHITELIST += "CVE-2024-26695" | ||
9146 | |||
9147 | # cpe-stable-backport: Backported in 5.4.269 | ||
9148 | CVE_CHECK_WHITELIST += "CVE-2024-26696" | ||
9149 | |||
9150 | # cpe-stable-backport: Backported in 5.4.269 | ||
9151 | CVE_CHECK_WHITELIST += "CVE-2024-26697" | ||
9152 | |||
9153 | # fixed-version: only affects 5.8rc1 onwards | ||
9154 | CVE_CHECK_WHITELIST += "CVE-2024-26698" | ||
9155 | |||
9156 | # CVE-2024-26699 needs backporting (fixed from 6.8rc5) | ||
9157 | |||
9158 | # CVE-2024-26700 needs backporting (fixed from 6.8rc4) | ||
9159 | |||
9160 | # cpe-stable-backport: Backported in 5.4.269 | ||
9161 | CVE_CHECK_WHITELIST += "CVE-2024-26702" | ||
9162 | |||
9163 | # fixed-version: only affects 6.5rc1 onwards | ||
9164 | CVE_CHECK_WHITELIST += "CVE-2024-26703" | ||
9165 | |||
9166 | # cpe-stable-backport: Backported in 5.4.269 | ||
9167 | CVE_CHECK_WHITELIST += "CVE-2024-26704" | ||
9168 | |||
9169 | # fixed-version: only affects 6.6rc2 onwards | ||
9170 | CVE_CHECK_WHITELIST += "CVE-2024-26705" | ||
9171 | |||
9172 | # CVE-2024-26706 needs backporting (fixed from 6.8rc3) | ||
9173 | |||
9174 | # fixed-version: only affects 5.9rc1 onwards | ||
9175 | CVE_CHECK_WHITELIST += "CVE-2024-26707" | ||
9176 | |||
9177 | # fixed-version: only affects 6.2rc1 onwards | ||
9178 | CVE_CHECK_WHITELIST += "CVE-2024-26708" | ||
9179 | |||
9180 | # fixed-version: only affects 6.7rc1 onwards | ||
9181 | CVE_CHECK_WHITELIST += "CVE-2024-26709" | ||
9182 | |||
9183 | # fixed-version: only affects 6.8rc1 onwards | ||
9184 | CVE_CHECK_WHITELIST += "CVE-2024-26710" | ||
9185 | |||
9186 | # fixed-version: only affects 6.2rc1 onwards | ||
9187 | CVE_CHECK_WHITELIST += "CVE-2024-26711" | ||
9188 | |||
9189 | # CVE-2024-26712 needs backporting (fixed from 6.8rc5) | ||
9190 | |||
9191 | # CVE-2024-26713 needs backporting (fixed from 6.8rc5) | ||
9192 | |||
9193 | # fixed-version: only affects 5.15rc1 onwards | ||
9194 | CVE_CHECK_WHITELIST += "CVE-2024-26714" | ||
9195 | |||
9196 | # CVE-2024-26715 needs backporting (fixed from 6.8rc3) | ||
9197 | |||
9198 | # fixed-version: only affects 6.5rc1 onwards | ||
9199 | CVE_CHECK_WHITELIST += "CVE-2024-26716" | ||
9200 | |||
9201 | # fixed-version: only affects 5.12rc1 onwards | ||
9202 | CVE_CHECK_WHITELIST += "CVE-2024-26717" | ||
9203 | |||
9204 | # fixed-version: only affects 5.9rc1 onwards | ||
9205 | CVE_CHECK_WHITELIST += "CVE-2024-26718" | ||
9206 | |||
9207 | # CVE-2024-26719 needs backporting (fixed from 6.8rc3) | ||
9208 | |||
9209 | # cpe-stable-backport: Backported in 5.4.269 | ||
9210 | CVE_CHECK_WHITELIST += "CVE-2024-26720" | ||
9211 | |||
9212 | # fixed-version: only affects 6.7rc1 onwards | ||
9213 | CVE_CHECK_WHITELIST += "CVE-2024-26721" | ||
9214 | |||
9215 | # fixed-version: only affects 6.7rc5 onwards | ||
9216 | CVE_CHECK_WHITELIST += "CVE-2024-26722" | ||
9217 | |||
9218 | # fixed-version: only affects 6.1rc1 onwards | ||
9219 | CVE_CHECK_WHITELIST += "CVE-2024-26723" | ||
9220 | |||
9221 | # fixed-version: only affects 6.7rc1 onwards | ||
9222 | CVE_CHECK_WHITELIST += "CVE-2024-26724" | ||
9223 | |||
9224 | # fixed-version: only affects 6.7rc1 onwards | ||
9225 | CVE_CHECK_WHITELIST += "CVE-2024-26725" | ||
9226 | |||
9227 | # CVE-2024-26726 needs backporting (fixed from 6.8rc5) | ||
9228 | |||
9229 | # fixed-version: only affects 5.9rc1 onwards | ||
9230 | CVE_CHECK_WHITELIST += "CVE-2024-26727" | ||
9231 | |||
9232 | # fixed-version: only affects 6.7rc1 onwards | ||
9233 | CVE_CHECK_WHITELIST += "CVE-2024-26728" | ||
9234 | |||
9235 | # fixed-version: only affects 6.7rc1 onwards | ||
9236 | CVE_CHECK_WHITELIST += "CVE-2024-26729" | ||
9237 | |||
9238 | # fixed-version: only affects 6.6rc1 onwards | ||
9239 | CVE_CHECK_WHITELIST += "CVE-2024-26730" | ||
9240 | |||
9241 | # fixed-version: only affects 6.4rc4 onwards | ||
9242 | CVE_CHECK_WHITELIST += "CVE-2024-26731" | ||
9243 | |||
9244 | # fixed-version: only affects 6.7rc1 onwards | ||
9245 | CVE_CHECK_WHITELIST += "CVE-2024-26732" | ||
9246 | |||
9247 | # CVE-2024-26733 needs backporting (fixed from 6.8rc6) | ||
9248 | |||
9249 | # fixed-version: only affects 6.3rc1 onwards | ||
9250 | CVE_CHECK_WHITELIST += "CVE-2024-26734" | ||
9251 | |||
9252 | # cpe-stable-backport: Backported in 5.4.270 | ||
9253 | CVE_CHECK_WHITELIST += "CVE-2024-26735" | ||
9254 | |||
9255 | # cpe-stable-backport: Backported in 5.4.270 | ||
9256 | CVE_CHECK_WHITELIST += "CVE-2024-26736" | ||
9257 | |||
9258 | # fixed-version: only affects 5.15rc1 onwards | ||
9259 | CVE_CHECK_WHITELIST += "CVE-2024-26737" | ||
9260 | |||
9261 | # CVE-2024-26738 needs backporting (fixed from 6.8rc6) | ||
9262 | |||
9263 | # CVE-2024-26739 needs backporting (fixed from 6.8rc6) | ||
9264 | |||
9265 | # CVE-2024-26740 needs backporting (fixed from 6.8rc6) | ||
9266 | |||
9267 | # fixed-version: only affects 6.1rc1 onwards | ||
9268 | CVE_CHECK_WHITELIST += "CVE-2024-26741" | ||
9269 | |||
9270 | # fixed-version: only affects 6.0rc1 onwards | ||
9271 | CVE_CHECK_WHITELIST += "CVE-2024-26742" | ||
9272 | |||
9273 | # CVE-2024-26743 needs backporting (fixed from 6.8rc6) | ||
9274 | |||
9275 | # CVE-2024-26744 needs backporting (fixed from 6.8rc6) | ||
9276 | |||
9277 | # CVE-2024-26745 needs backporting (fixed from 6.8rc7) | ||
9278 | |||
9279 | # fixed-version: only affects 6.4rc1 onwards | ||
9280 | CVE_CHECK_WHITELIST += "CVE-2024-26746" | ||
9281 | |||
9282 | # CVE-2024-26747 needs backporting (fixed from 6.8rc6) | ||
9283 | |||
9284 | # cpe-stable-backport: Backported in 5.4.270 | ||
9285 | CVE_CHECK_WHITELIST += "CVE-2024-26748" | ||
9286 | |||
9287 | # cpe-stable-backport: Backported in 5.4.270 | ||
9288 | CVE_CHECK_WHITELIST += "CVE-2024-26749" | ||
9289 | |||
9290 | # fixed-version: only affects 6.8rc5 onwards | ||
9291 | CVE_CHECK_WHITELIST += "CVE-2024-26750" | ||
9292 | |||
9293 | # cpe-stable-backport: Backported in 5.4.270 | ||
9294 | CVE_CHECK_WHITELIST += "CVE-2024-26751" | ||
9295 | |||
9296 | # cpe-stable-backport: Backported in 5.4.270 | ||
9297 | CVE_CHECK_WHITELIST += "CVE-2024-26752" | ||
9298 | |||
9299 | # fixed-version: only affects 5.18rc1 onwards | ||
9300 | CVE_CHECK_WHITELIST += "CVE-2024-26753" | ||
9301 | |||
9302 | # cpe-stable-backport: Backported in 5.4.270 | ||
9303 | CVE_CHECK_WHITELIST += "CVE-2024-26754" | ||
9304 | |||
9305 | # fixed-version: only affects 6.7rc1 onwards | ||
9306 | CVE_CHECK_WHITELIST += "CVE-2024-26755" | ||
9307 | |||
9308 | # CVE-2024-26756 needs backporting (fixed from 6.8rc6) | ||
9309 | |||
9310 | # CVE-2024-26757 needs backporting (fixed from 6.8rc6) | ||
9311 | |||
9312 | # CVE-2024-26758 needs backporting (fixed from 6.8rc6) | ||
9313 | |||
9314 | # CVE-2024-26759 needs backporting (fixed from 6.8rc6) | ||
9315 | |||
9316 | # fixed-version: only affects 5.19rc1 onwards | ||
9317 | CVE_CHECK_WHITELIST += "CVE-2024-26760" | ||
9318 | |||
9319 | # fixed-version: only affects 5.19rc1 onwards | ||
9320 | CVE_CHECK_WHITELIST += "CVE-2024-26761" | ||
9321 | |||
9322 | # fixed-version: only affects 6.7rc1 onwards | ||
9323 | CVE_CHECK_WHITELIST += "CVE-2024-26762" | ||
9324 | |||
9325 | # cpe-stable-backport: Backported in 5.4.270 | ||
9326 | CVE_CHECK_WHITELIST += "CVE-2024-26763" | ||
9327 | |||
9328 | # cpe-stable-backport: Backported in 5.4.270 | ||
9329 | CVE_CHECK_WHITELIST += "CVE-2024-26764" | ||
9330 | |||
9331 | # CVE-2024-26765 needs backporting (fixed from 6.8rc6) | ||
9332 | |||
9333 | # cpe-stable-backport: Backported in 5.4.270 | ||
9334 | CVE_CHECK_WHITELIST += "CVE-2024-26766" | ||
9335 | |||
9336 | # CVE-2024-26767 needs backporting (fixed from 6.8rc5) | ||
9337 | |||
9338 | # CVE-2024-26768 needs backporting (fixed from 6.8rc4) | ||
9339 | |||
9340 | # CVE-2024-26769 needs backporting (fixed from 6.8rc3) | ||
9341 | |||
9342 | # CVE-2024-26770 needs backporting (fixed from 6.8rc3) | ||
9343 | |||
9344 | # CVE-2024-26771 needs backporting (fixed from 6.8rc3) | ||
9345 | |||
9346 | # cpe-stable-backport: Backported in 5.4.270 | ||
9347 | CVE_CHECK_WHITELIST += "CVE-2024-26772" | ||
9348 | |||
9349 | # cpe-stable-backport: Backported in 5.4.270 | ||
9350 | CVE_CHECK_WHITELIST += "CVE-2024-26773" | ||
9351 | |||
9352 | # CVE-2024-26774 needs backporting (fixed from 6.8rc3) | ||
9353 | |||
9354 | # CVE-2024-26775 needs backporting (fixed from 6.8rc2) | ||
9355 | |||
9356 | # CVE-2024-26776 needs backporting (fixed from 6.8rc2) | ||
9357 | |||
9358 | # cpe-stable-backport: Backported in 5.4.270 | ||
9359 | CVE_CHECK_WHITELIST += "CVE-2024-26777" | ||
9360 | |||
9361 | # cpe-stable-backport: Backported in 5.4.270 | ||
9362 | CVE_CHECK_WHITELIST += "CVE-2024-26778" | ||
9363 | |||
9364 | # cpe-stable-backport: Backported in 5.4.270 | ||
9365 | CVE_CHECK_WHITELIST += "CVE-2024-26779" | ||
9366 | |||
9367 | # fixed-version: only affects 6.8rc4 onwards | ||
9368 | CVE_CHECK_WHITELIST += "CVE-2024-26780" | ||
9369 | |||
9370 | # fixed-version: only affects 6.8rc6 onwards | ||
9371 | CVE_CHECK_WHITELIST += "CVE-2024-26781" | ||
9372 | |||
9373 | # fixed-version: only affects 5.6rc1 onwards | ||
9374 | CVE_CHECK_WHITELIST += "CVE-2024-26782" | ||
9375 | |||
9376 | # fixed-version: only affects 5.18rc1 onwards | ||
9377 | CVE_CHECK_WHITELIST += "CVE-2024-26783" | ||
9378 | |||
9379 | # CVE-2024-26784 needs backporting (fixed from 6.8rc7) | ||
9380 | |||
9381 | # fixed-version: only affects 6.6rc1 onwards | ||
9382 | CVE_CHECK_WHITELIST += "CVE-2024-26785" | ||
9383 | |||
9384 | # fixed-version: only affects 6.6rc1 onwards | ||
9385 | CVE_CHECK_WHITELIST += "CVE-2024-26786" | ||
9386 | |||
9387 | # CVE-2024-26787 needs backporting (fixed from 6.8rc7) | ||
9388 | |||
9389 | # cpe-stable-backport: Backported in 5.4.271 | ||
9390 | CVE_CHECK_WHITELIST += "CVE-2024-26788" | ||
9391 | |||
9392 | # CVE-2024-26789 needs backporting (fixed from 6.8rc7) | ||
9393 | |||
9394 | # cpe-stable-backport: Backported in 5.4.271 | ||
9395 | CVE_CHECK_WHITELIST += "CVE-2024-26790" | ||
9396 | |||
9397 | # cpe-stable-backport: Backported in 5.4.271 | ||
9398 | CVE_CHECK_WHITELIST += "CVE-2024-26791" | ||
9399 | |||
9400 | # fixed-version: only affects 6.8rc4 onwards | ||
9401 | CVE_CHECK_WHITELIST += "CVE-2024-26792" | ||
9402 | |||
9403 | # cpe-stable-backport: Backported in 5.4.271 | ||
9404 | CVE_CHECK_WHITELIST += "CVE-2024-26793" | ||
9405 | |||
9406 | # fixed-version: only affects 6.8rc6 onwards | ||
9407 | CVE_CHECK_WHITELIST += "CVE-2024-26794" | ||
9408 | |||
9409 | # CVE-2024-26795 needs backporting (fixed from 6.8rc7) | ||
9410 | |||
9411 | # fixed-version: only affects 6.6rc1 onwards | ||
9412 | CVE_CHECK_WHITELIST += "CVE-2024-26796" | ||
9413 | |||
9414 | # CVE-2024-26797 needs backporting (fixed from 6.8rc7) | ||
9415 | |||
9416 | # CVE-2024-26798 needs backporting (fixed from 6.8rc7) | ||
9417 | |||
9418 | # fixed-version: only affects 5.18rc1 onwards | ||
9419 | CVE_CHECK_WHITELIST += "CVE-2024-26799" | ||
9420 | |||
9421 | # fixed-version: only affects 6.8rc5 onwards | ||
9422 | CVE_CHECK_WHITELIST += "CVE-2024-26800" | ||
9423 | |||
9424 | # cpe-stable-backport: Backported in 5.4.271 | ||
9425 | CVE_CHECK_WHITELIST += "CVE-2024-26801" | ||
9426 | |||
9427 | # CVE-2024-26802 needs backporting (fixed from 6.8rc7) | ||
9428 | |||
9429 | # CVE-2024-26803 needs backporting (fixed from 6.8rc7) | ||
9430 | |||
9431 | # cpe-stable-backport: Backported in 5.4.271 | ||
9432 | CVE_CHECK_WHITELIST += "CVE-2024-26804" | ||
9433 | |||
9434 | # cpe-stable-backport: Backported in 5.4.271 | ||
9435 | CVE_CHECK_WHITELIST += "CVE-2024-26805" | ||
9436 | |||
9437 | # CVE-2024-26806 needs backporting (fixed from 6.8rc7) | ||
9438 | |||
9439 | # fixed-version: only affects 6.4rc1 onwards | ||
9440 | CVE_CHECK_WHITELIST += "CVE-2024-26807" | ||
9441 | |||
9442 | # CVE-2024-26808 needs backporting (fixed from 6.8rc2) | ||
9443 | |||
9444 | # CVE-2024-26809 needs backporting (fixed from 6.9rc1) | ||
9445 | |||
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb index e3a971cbe3..f912304858 100644 --- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb +++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb | |||
@@ -11,13 +11,13 @@ python () { | |||
11 | raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") | 11 | raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") |
12 | } | 12 | } |
13 | 13 | ||
14 | SRCREV_machine ?= "1a529c784c773e07e2e7a743cf92d99d5f64b175" | 14 | SRCREV_machine ?= "c93e75bc334ba00df2d66411a0d79c4378cf4af8" |
15 | SRCREV_meta ?= "c841eec84cf56e6b837f12a359c35c5dfb26da5f" | 15 | SRCREV_meta ?= "ecd382f3477fae022ad1881e4c39e810cdc3c760" |
16 | 16 | ||
17 | SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ | 17 | SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ |
18 | git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}" | 18 | git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}" |
19 | 19 | ||
20 | LINUX_VERSION ?= "5.4.268" | 20 | LINUX_VERSION ?= "5.4.273" |
21 | 21 | ||
22 | LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814" | 22 | LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814" |
23 | 23 | ||
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb index 00a32019d9..2f94782471 100644 --- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb +++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb | |||
@@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig" | |||
6 | 6 | ||
7 | require recipes-kernel/linux/linux-yocto.inc | 7 | require recipes-kernel/linux/linux-yocto.inc |
8 | 8 | ||
9 | LINUX_VERSION ?= "5.4.268" | 9 | LINUX_VERSION ?= "5.4.273" |
10 | LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814" | 10 | LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814" |
11 | 11 | ||
12 | DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" | 12 | DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" |
@@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native" | |||
15 | KMETA = "kernel-meta" | 15 | KMETA = "kernel-meta" |
16 | KCONF_BSP_AUDIT_LEVEL = "2" | 16 | KCONF_BSP_AUDIT_LEVEL = "2" |
17 | 17 | ||
18 | SRCREV_machine_qemuarm ?= "19870769466f545dbfacc448a212acb0dd1324a4" | 18 | SRCREV_machine_qemuarm ?= "d29f3f3a932319053ad24d84b087b0a57908c1bc" |
19 | SRCREV_machine ?= "b0ebc762e3ecbc4f0338456767a5901fce805155" | 19 | SRCREV_machine ?= "b6480d09d84d09e7560daa5c1d73917292ae30c0" |
20 | SRCREV_meta ?= "c841eec84cf56e6b837f12a359c35c5dfb26da5f" | 20 | SRCREV_meta ?= "ecd382f3477fae022ad1881e4c39e810cdc3c760" |
21 | 21 | ||
22 | PV = "${LINUX_VERSION}+git${SRCPV}" | 22 | PV = "${LINUX_VERSION}+git${SRCPV}" |
23 | 23 | ||
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb index 2a30cf6a4d..108043bd98 100644 --- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb +++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb | |||
@@ -13,16 +13,16 @@ KBRANCH_qemux86 ?= "v5.4/standard/base" | |||
13 | KBRANCH_qemux86-64 ?= "v5.4/standard/base" | 13 | KBRANCH_qemux86-64 ?= "v5.4/standard/base" |
14 | KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64" | 14 | KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64" |
15 | 15 | ||
16 | SRCREV_machine_qemuarm ?= "a1fa03030adf951abcd2fc5c44f6133352e452da" | 16 | SRCREV_machine_qemuarm ?= "b7e0891bf4b281c4e29b86f708e10a3339670acc" |
17 | SRCREV_machine_qemuarm64 ?= "31006b756f0b4b686b0fe4fad0f122ad427756de" | 17 | SRCREV_machine_qemuarm64 ?= "ff75f0c7beb167391f0285dd2993394cd143a8a7" |
18 | SRCREV_machine_qemumips ?= "199be2c0b3869c13ea32737a316e51eca1a3cd6f" | 18 | SRCREV_machine_qemumips ?= "650e43a19e625d1db9d8245cda27db7b86990398" |
19 | SRCREV_machine_qemuppc ?= "f1575e20066e5f61c363e7fccdcdf8b8ae23a8f3" | 19 | SRCREV_machine_qemuppc ?= "0fb6546a09f90befecb11cd0f10274276e8a3021" |
20 | SRCREV_machine_qemuriscv64 ?= "698e12267b8f334a5f6a2024e4b9b1f8a95a05ac" | 20 | SRCREV_machine_qemuriscv64 ?= "fe901e2f4b156e9cf7ddb03f479f7339d28e398b" |
21 | SRCREV_machine_qemux86 ?= "698e12267b8f334a5f6a2024e4b9b1f8a95a05ac" | 21 | SRCREV_machine_qemux86 ?= "fe901e2f4b156e9cf7ddb03f479f7339d28e398b" |
22 | SRCREV_machine_qemux86-64 ?= "698e12267b8f334a5f6a2024e4b9b1f8a95a05ac" | 22 | SRCREV_machine_qemux86-64 ?= "fe901e2f4b156e9cf7ddb03f479f7339d28e398b" |
23 | SRCREV_machine_qemumips64 ?= "a9c1d19cd3d1d0df846cd419cd75cf59995f89eb" | 23 | SRCREV_machine_qemumips64 ?= "f59947f338319b1741db5dfac34f08399561ab25" |
24 | SRCREV_machine ?= "698e12267b8f334a5f6a2024e4b9b1f8a95a05ac" | 24 | SRCREV_machine ?= "fe901e2f4b156e9cf7ddb03f479f7339d28e398b" |
25 | SRCREV_meta ?= "c841eec84cf56e6b837f12a359c35c5dfb26da5f" | 25 | SRCREV_meta ?= "ecd382f3477fae022ad1881e4c39e810cdc3c760" |
26 | 26 | ||
27 | # remap qemuarm to qemuarma15 for the 5.4 kernel | 27 | # remap qemuarm to qemuarma15 for the 5.4 kernel |
28 | # KMACHINE_qemuarm ?= "qemuarma15" | 28 | # KMACHINE_qemuarm ?= "qemuarma15" |
@@ -31,7 +31,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA | |||
31 | git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}" | 31 | git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}" |
32 | 32 | ||
33 | LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814" | 33 | LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814" |
34 | LINUX_VERSION ?= "5.4.268" | 34 | LINUX_VERSION ?= "5.4.273" |
35 | 35 | ||
36 | DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" | 36 | DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" |
37 | DEPENDS += "openssl-native util-linux-native" | 37 | DEPENDS += "openssl-native util-linux-native" |
diff --git a/meta/recipes-kernel/perf/perf.bb b/meta/recipes-kernel/perf/perf.bb index 91bf648caa..42621e47d3 100644 --- a/meta/recipes-kernel/perf/perf.bb +++ b/meta/recipes-kernel/perf/perf.bb | |||
@@ -9,7 +9,7 @@ HOMEPAGE = "https://perf.wiki.kernel.org/index.php/Main_Page" | |||
9 | 9 | ||
10 | LICENSE = "GPLv2" | 10 | LICENSE = "GPLv2" |
11 | 11 | ||
12 | PR = "r9" | 12 | PR = "r10" |
13 | 13 | ||
14 | PACKAGECONFIG ??= "scripting tui libunwind" | 14 | PACKAGECONFIG ??= "scripting tui libunwind" |
15 | PACKAGECONFIG[dwarf] = ",NO_DWARF=1" | 15 | PACKAGECONFIG[dwarf] = ",NO_DWARF=1" |
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2023-52356.patch b/meta/recipes-multimedia/libtiff/files/CVE-2023-52356.patch new file mode 100644 index 0000000000..1b651e6529 --- /dev/null +++ b/meta/recipes-multimedia/libtiff/files/CVE-2023-52356.patch | |||
@@ -0,0 +1,53 @@ | |||
1 | [Ubuntu note: Backport of the following patch from upstream, with a few changes | ||
2 | to match the current version of the file in the present Ubuntu release: | ||
3 | . using TIFFErrorExt instead of TIFFErrorExtR (the latter did not exist yet); | ||
4 | -- Rodrigo Figueiredo Zaiden] | ||
5 | |||
6 | Backport of: | ||
7 | |||
8 | From 51558511bdbbcffdce534db21dbaf5d54b31638a Mon Sep 17 00:00:00 2001 | ||
9 | From: Even Rouault <even.rouault@spatialys.com> | ||
10 | Date: Tue, 31 Oct 2023 15:58:41 +0100 | ||
11 | Subject: [PATCH] TIFFReadRGBAStrip/TIFFReadRGBATile: add more validation of | ||
12 | col/row (fixes #622) | ||
13 | |||
14 | Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/tiff/tree/debian/patches/CVE-2023-52356.patch?h=ubuntu/focal-security | ||
15 | Upstream commit https://gitlab.com/libtiff/libtiff/-/commit/51558511bdbbcffdce534db21dbaf5d54b31638a] | ||
16 | CVE: CVE-2023-52356 | ||
17 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
18 | --- | ||
19 | libtiff/tif_getimage.c | 15 +++++++++++++++ | ||
20 | 1 file changed, 15 insertions(+) | ||
21 | |||
22 | |||
23 | --- tiff-4.1.0+git191117.orig/libtiff/tif_getimage.c | ||
24 | +++ tiff-4.1.0+git191117/libtiff/tif_getimage.c | ||
25 | @@ -2926,6 +2926,13 @@ TIFFReadRGBAStripExt(TIFF* tif, uint32 r | ||
26 | } | ||
27 | |||
28 | if (TIFFRGBAImageOK(tif, emsg) && TIFFRGBAImageBegin(&img, tif, stop_on_error, emsg)) { | ||
29 | + if (row >= img.height) | ||
30 | + { | ||
31 | + TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), | ||
32 | + "Invalid row passed to TIFFReadRGBAStrip()."); | ||
33 | + TIFFRGBAImageEnd(&img); | ||
34 | + return (0); | ||
35 | + } | ||
36 | |||
37 | img.row_offset = row; | ||
38 | img.col_offset = 0; | ||
39 | @@ -3002,6 +3009,14 @@ TIFFReadRGBATileExt(TIFF* tif, uint32 co | ||
40 | return( 0 ); | ||
41 | } | ||
42 | |||
43 | + if (col >= img.width || row >= img.height) | ||
44 | + { | ||
45 | + TIFFErrorExt(tif->tif_clientdata, TIFFFileName(tif), | ||
46 | + "Invalid row/col passed to TIFFReadRGBATile()."); | ||
47 | + TIFFRGBAImageEnd(&img); | ||
48 | + return (0); | ||
49 | + } | ||
50 | + | ||
51 | /* | ||
52 | * The TIFFRGBAImageGet() function doesn't allow us to get off the | ||
53 | * edge of the image, even to fill an otherwise valid tile. So we | ||
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2023-6277-1.patch b/meta/recipes-multimedia/libtiff/files/CVE-2023-6277-1.patch new file mode 100644 index 0000000000..e955b3f2e4 --- /dev/null +++ b/meta/recipes-multimedia/libtiff/files/CVE-2023-6277-1.patch | |||
@@ -0,0 +1,191 @@ | |||
1 | [Ubuntu note: Backport of the following patch from upstream, with a few changes | ||
2 | to match the current version of the file in the present Ubuntu release: | ||
3 | . included inttypes.h header to support PRIu32 and PRIu64; | ||
4 | . using TIFFWarningExt instead of TIFFWarningExtR (the latter did not exist yet); | ||
5 | . using uint64 instead of uint64_t to preserve the current code usage; | ||
6 | . calling _TIFFfree(data) instead of _TIFFfreeExt(tif, data) (the latter did not exist yet); | ||
7 | . calls to the check size, that is the idea of the patch, were added before | ||
8 | _TIFFCheckMalloc and may note match the original patch methods; | ||
9 | -- Rodrigo Figueiredo Zaiden] | ||
10 | |||
11 | Backport of: | ||
12 | |||
13 | From 5320c9d89c054fa805d037d84c57da874470b01a Mon Sep 17 00:00:00 2001 | ||
14 | From: Su Laus <sulau@freenet.de> | ||
15 | Date: Tue, 31 Oct 2023 15:43:29 +0000 | ||
16 | Subject: [PATCH] Prevent some out-of-memory attacks | ||
17 | |||
18 | Some small fuzzer files fake large amounts of data and provoke out-of-memory situations. For non-compressed data content / tags, out-of-memory can be prevented by comparing with the file size. | ||
19 | |||
20 | At image reading, data size of some tags / data structures (StripByteCounts, StripOffsets, StripArray, TIFF directory) is compared with file size to prevent provoked out-of-memory attacks. | ||
21 | |||
22 | See issue https://gitlab.com/libtiff/libtiff/-/issues/614#note_1602683857 | ||
23 | |||
24 | Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/tiff/tree/debian/patches/CVE-2023-6277-1.patch?h=ubuntu/focal-security | ||
25 | Upstream commit https://gitlab.com/libtiff/libtiff/-/commit/5320c9d89c054fa805d037d84c57da874470b01a] | ||
26 | CVE: CVE-2023-6277 | ||
27 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
28 | --- | ||
29 | libtiff/tif_dirread.c | 92 ++++++++++++++++++++++++++++++++++++++++++- | ||
30 | 1 file changed, 90 insertions(+), 2 deletions(-) | ||
31 | |||
32 | --- tiff-4.1.0+git191117.orig/libtiff/tif_dirread.c | ||
33 | +++ tiff-4.1.0+git191117/libtiff/tif_dirread.c | ||
34 | @@ -37,6 +37,7 @@ | ||
35 | #include "tiffiop.h" | ||
36 | #include <float.h> | ||
37 | #include <stdlib.h> | ||
38 | +#include <inttypes.h> | ||
39 | |||
40 | #define FAILED_FII ((uint32) -1) | ||
41 | |||
42 | @@ -863,6 +864,21 @@ static enum TIFFReadDirEntryErr TIFFRead | ||
43 | datasize=(*count)*typesize; | ||
44 | assert((tmsize_t)datasize>0); | ||
45 | |||
46 | + /* Before allocating a huge amount of memory for corrupted files, check if | ||
47 | + * size of requested memory is not greater than file size. | ||
48 | + */ | ||
49 | + uint64 filesize = TIFFGetFileSize(tif); | ||
50 | + if (datasize > filesize) | ||
51 | + { | ||
52 | + TIFFWarningExt(tif->tif_clientdata, "ReadDirEntryArray", | ||
53 | + "Requested memory size for tag %d (0x%x) %" PRIu32 | ||
54 | + " is greather than filesize %" PRIu64 | ||
55 | + ". Memory not allocated, tag not read", | ||
56 | + direntry->tdir_tag, direntry->tdir_tag, datasize, | ||
57 | + filesize); | ||
58 | + return (TIFFReadDirEntryErrAlloc); | ||
59 | + } | ||
60 | + | ||
61 | if( isMapped(tif) && datasize > (uint32)tif->tif_size ) | ||
62 | return TIFFReadDirEntryErrIo; | ||
63 | |||
64 | @@ -4534,6 +4550,20 @@ EstimateStripByteCounts(TIFF* tif, TIFFD | ||
65 | if( !_TIFFFillStrilesInternal( tif, 0 ) ) | ||
66 | return -1; | ||
67 | |||
68 | + /* Before allocating a huge amount of memory for corrupted files, check if | ||
69 | + * size of requested memory is not greater than file size. */ | ||
70 | + uint64 filesize = TIFFGetFileSize(tif); | ||
71 | + uint64 allocsize = (uint64)td->td_nstrips * sizeof(uint64); | ||
72 | + if (allocsize > filesize) | ||
73 | + { | ||
74 | + TIFFWarningExt(tif->tif_clientdata, module, | ||
75 | + "Requested memory size for StripByteCounts of %" PRIu64 | ||
76 | + " is greather than filesize %" PRIu64 | ||
77 | + ". Memory not allocated", | ||
78 | + allocsize, filesize); | ||
79 | + return -1; | ||
80 | + } | ||
81 | + | ||
82 | if (td->td_stripbytecount_p) | ||
83 | _TIFFfree(td->td_stripbytecount_p); | ||
84 | td->td_stripbytecount_p = (uint64*) | ||
85 | @@ -4544,9 +4574,7 @@ EstimateStripByteCounts(TIFF* tif, TIFFD | ||
86 | |||
87 | if (td->td_compression != COMPRESSION_NONE) { | ||
88 | uint64 space; | ||
89 | - uint64 filesize; | ||
90 | uint16 n; | ||
91 | - filesize = TIFFGetFileSize(tif); | ||
92 | if (!(tif->tif_flags&TIFF_BIGTIFF)) | ||
93 | space=sizeof(TIFFHeaderClassic)+2+dircount*12+4; | ||
94 | else | ||
95 | @@ -4854,6 +4882,20 @@ TIFFFetchDirectory(TIFF* tif, uint64 dir | ||
96 | dircount16 = (uint16)dircount64; | ||
97 | dirsize = 20; | ||
98 | } | ||
99 | + /* Before allocating a huge amount of memory for corrupted files, check | ||
100 | + * if size of requested memory is not greater than file size. */ | ||
101 | + uint64 filesize = TIFFGetFileSize(tif); | ||
102 | + uint64 allocsize = (uint64)dircount16 * dirsize; | ||
103 | + if (allocsize > filesize) | ||
104 | + { | ||
105 | + TIFFWarningExt( | ||
106 | + tif->tif_clientdata, module, | ||
107 | + "Requested memory size for TIFF directory of %" PRIu64 | ||
108 | + " is greather than filesize %" PRIu64 | ||
109 | + ". Memory not allocated, TIFF directory not read", | ||
110 | + allocsize, filesize); | ||
111 | + return 0; | ||
112 | + } | ||
113 | origdir = _TIFFCheckMalloc(tif, dircount16, | ||
114 | dirsize, "to read TIFF directory"); | ||
115 | if (origdir == NULL) | ||
116 | @@ -4957,6 +4999,20 @@ TIFFFetchDirectory(TIFF* tif, uint64 dir | ||
117 | "Sanity check on directory count failed, zero tag directories not supported"); | ||
118 | return 0; | ||
119 | } | ||
120 | + /* Before allocating a huge amount of memory for corrupted files, check | ||
121 | + * if size of requested memory is not greater than file size. */ | ||
122 | + uint64 filesize = TIFFGetFileSize(tif); | ||
123 | + uint64 allocsize = (uint64)dircount16 * dirsize; | ||
124 | + if (allocsize > filesize) | ||
125 | + { | ||
126 | + TIFFWarningExt( | ||
127 | + tif->tif_clientdata, module, | ||
128 | + "Requested memory size for TIFF directory of %" PRIu64 | ||
129 | + " is greather than filesize %" PRIu64 | ||
130 | + ". Memory not allocated, TIFF directory not read", | ||
131 | + allocsize, filesize); | ||
132 | + return 0; | ||
133 | + } | ||
134 | origdir = _TIFFCheckMalloc(tif, dircount16, | ||
135 | dirsize, | ||
136 | "to read TIFF directory"); | ||
137 | @@ -5000,6 +5056,8 @@ TIFFFetchDirectory(TIFF* tif, uint64 dir | ||
138 | } | ||
139 | } | ||
140 | } | ||
141 | + /* No check against filesize needed here because "dir" should have same size | ||
142 | + * than "origdir" checked above. */ | ||
143 | dir = (TIFFDirEntry*)_TIFFCheckMalloc(tif, dircount16, | ||
144 | sizeof(TIFFDirEntry), | ||
145 | "to read TIFF directory"); | ||
146 | @@ -5769,7 +5827,20 @@ TIFFFetchStripThing(TIFF* tif, TIFFDirEn | ||
147 | _TIFFfree(data); | ||
148 | return(0); | ||
149 | } | ||
150 | - | ||
151 | + /* Before allocating a huge amount of memory for corrupted files, check | ||
152 | + * if size of requested memory is not greater than file size. */ | ||
153 | + uint64 filesize = TIFFGetFileSize(tif); | ||
154 | + uint64 allocsize = (uint64)nstrips * sizeof(uint64); | ||
155 | + if (allocsize > filesize) | ||
156 | + { | ||
157 | + TIFFWarningExt(tif->tif_clientdata, module, | ||
158 | + "Requested memory size for StripArray of %" PRIu64 | ||
159 | + " is greather than filesize %" PRIu64 | ||
160 | + ". Memory not allocated", | ||
161 | + allocsize, filesize); | ||
162 | + _TIFFfree(data); | ||
163 | + return (0); | ||
164 | + } | ||
165 | resizeddata=(uint64*)_TIFFCheckMalloc(tif,nstrips,sizeof(uint64),"for strip array"); | ||
166 | if (resizeddata==0) { | ||
167 | _TIFFfree(data); | ||
168 | @@ -5865,6 +5936,23 @@ static void allocChoppedUpStripArrays(TI | ||
169 | } | ||
170 | bytecount = last_offset + last_bytecount - offset; | ||
171 | |||
172 | + /* Before allocating a huge amount of memory for corrupted files, check if | ||
173 | + * size of StripByteCount and StripOffset tags is not greater than | ||
174 | + * file size. | ||
175 | + */ | ||
176 | + uint64 allocsize = (uint64)nstrips * sizeof(uint64) * 2; | ||
177 | + uint64 filesize = TIFFGetFileSize(tif); | ||
178 | + if (allocsize > filesize) | ||
179 | + { | ||
180 | + TIFFWarningExt(tif->tif_clientdata, "allocChoppedUpStripArrays", | ||
181 | + "Requested memory size for StripByteCount and " | ||
182 | + "StripOffsets %" PRIu64 | ||
183 | + " is greather than filesize %" PRIu64 | ||
184 | + ". Memory not allocated", | ||
185 | + allocsize, filesize); | ||
186 | + return; | ||
187 | + } | ||
188 | + | ||
189 | newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64), | ||
190 | "for chopped \"StripByteCounts\" array"); | ||
191 | newoffsets = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64), | ||
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2023-6277-2.patch b/meta/recipes-multimedia/libtiff/files/CVE-2023-6277-2.patch new file mode 100644 index 0000000000..644b3fdb3f --- /dev/null +++ b/meta/recipes-multimedia/libtiff/files/CVE-2023-6277-2.patch | |||
@@ -0,0 +1,152 @@ | |||
1 | [Ubuntu note: Backport of the following patch from upstream, with a few changes | ||
2 | to match the current version of the file in the present Ubuntu release: | ||
3 | . using TIFFWarningExt instead of TIFFWarningExtR (the latter did not exist yet); | ||
4 | . using uint64 instead of uint64_t to preserve the current code usage; | ||
5 | -- Rodrigo Figueiredo Zaiden] | ||
6 | |||
7 | Backport of: | ||
8 | |||
9 | From 0b025324711213a75e38b52f7e7ba60235f108aa Mon Sep 17 00:00:00 2001 | ||
10 | From: Even Rouault <even.rouault@spatialys.com> | ||
11 | Date: Tue, 31 Oct 2023 19:47:22 +0100 | ||
12 | Subject: [PATCH] tif_dirread.c: only issue TIFFGetFileSize() for large enough | ||
13 | RAM requests | ||
14 | |||
15 | Ammends 5320c9d89c054fa805d037d84c57da874470b01a | ||
16 | |||
17 | This fixes a performance regression caught by the GDAL regression test | ||
18 | suite. | ||
19 | |||
20 | Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/tiff/tree/debian/patches/CVE-2023-6277-2.patch?h=ubuntu/focal-security | ||
21 | Upstream commit https://gitlab.com/libtiff/libtiff/-/commit/0b025324711213a75e38b52f7e7ba60235f108aa] | ||
22 | CVE: CVE-2023-6277 | ||
23 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
24 | --- | ||
25 | libtiff/tif_dirread.c | 83 +++++++++++++++++++++++++------------------ | ||
26 | 1 file changed, 48 insertions(+), 35 deletions(-) | ||
27 | |||
28 | --- tiff-4.1.0+git191117.orig/libtiff/tif_dirread.c | ||
29 | +++ tiff-4.1.0+git191117/libtiff/tif_dirread.c | ||
30 | @@ -864,19 +864,22 @@ static enum TIFFReadDirEntryErr TIFFRead | ||
31 | datasize=(*count)*typesize; | ||
32 | assert((tmsize_t)datasize>0); | ||
33 | |||
34 | - /* Before allocating a huge amount of memory for corrupted files, check if | ||
35 | - * size of requested memory is not greater than file size. | ||
36 | - */ | ||
37 | - uint64 filesize = TIFFGetFileSize(tif); | ||
38 | - if (datasize > filesize) | ||
39 | + if (datasize > 100 * 1024 * 1024) | ||
40 | { | ||
41 | - TIFFWarningExt(tif->tif_clientdata, "ReadDirEntryArray", | ||
42 | - "Requested memory size for tag %d (0x%x) %" PRIu32 | ||
43 | - " is greather than filesize %" PRIu64 | ||
44 | - ". Memory not allocated, tag not read", | ||
45 | - direntry->tdir_tag, direntry->tdir_tag, datasize, | ||
46 | - filesize); | ||
47 | - return (TIFFReadDirEntryErrAlloc); | ||
48 | + /* Before allocating a huge amount of memory for corrupted files, check | ||
49 | + * if size of requested memory is not greater than file size. | ||
50 | + */ | ||
51 | + const uint64 filesize = TIFFGetFileSize(tif); | ||
52 | + if (datasize > filesize) | ||
53 | + { | ||
54 | + TIFFWarningExt(tif->tif_clientdata, "ReadDirEntryArray", | ||
55 | + "Requested memory size for tag %d (0x%x) %" PRIu32 | ||
56 | + " is greater than filesize %" PRIu64 | ||
57 | + ". Memory not allocated, tag not read", | ||
58 | + direntry->tdir_tag, direntry->tdir_tag, datasize, | ||
59 | + filesize); | ||
60 | + return (TIFFReadDirEntryErrAlloc); | ||
61 | + } | ||
62 | } | ||
63 | |||
64 | if( isMapped(tif) && datasize > (uint32)tif->tif_size ) | ||
65 | @@ -4550,18 +4553,22 @@ EstimateStripByteCounts(TIFF* tif, TIFFD | ||
66 | if( !_TIFFFillStrilesInternal( tif, 0 ) ) | ||
67 | return -1; | ||
68 | |||
69 | - /* Before allocating a huge amount of memory for corrupted files, check if | ||
70 | - * size of requested memory is not greater than file size. */ | ||
71 | - uint64 filesize = TIFFGetFileSize(tif); | ||
72 | - uint64 allocsize = (uint64)td->td_nstrips * sizeof(uint64); | ||
73 | - if (allocsize > filesize) | ||
74 | + const uint64 allocsize = (uint64)td->td_nstrips * sizeof(uint64); | ||
75 | + uint64 filesize = 0; | ||
76 | + if (allocsize > 100 * 1024 * 1024) | ||
77 | { | ||
78 | - TIFFWarningExt(tif->tif_clientdata, module, | ||
79 | - "Requested memory size for StripByteCounts of %" PRIu64 | ||
80 | - " is greather than filesize %" PRIu64 | ||
81 | - ". Memory not allocated", | ||
82 | - allocsize, filesize); | ||
83 | - return -1; | ||
84 | + /* Before allocating a huge amount of memory for corrupted files, check | ||
85 | + * if size of requested memory is not greater than file size. */ | ||
86 | + filesize = TIFFGetFileSize(tif); | ||
87 | + if (allocsize > filesize) | ||
88 | + { | ||
89 | + TIFFWarningExt( | ||
90 | + tif->tif_clientdata, module, | ||
91 | + "Requested memory size for StripByteCounts of %" PRIu64 | ||
92 | + " is greater than filesize %" PRIu64 ". Memory not allocated", | ||
93 | + allocsize, filesize); | ||
94 | + return -1; | ||
95 | + } | ||
96 | } | ||
97 | |||
98 | if (td->td_stripbytecount_p) | ||
99 | @@ -4608,11 +4615,13 @@ EstimateStripByteCounts(TIFF* tif, TIFFD | ||
100 | return -1; | ||
101 | space+=datasize; | ||
102 | } | ||
103 | + if (filesize == 0) | ||
104 | + filesize = TIFFGetFileSize(tif); | ||
105 | if( filesize < space ) | ||
106 | - /* we should perhaps return in error ? */ | ||
107 | - space = filesize; | ||
108 | - else | ||
109 | - space = filesize - space; | ||
110 | + /* we should perhaps return in error ? */ | ||
111 | + space = filesize; | ||
112 | + else | ||
113 | + space = filesize - space; | ||
114 | if (td->td_planarconfig == PLANARCONFIG_SEPARATE) | ||
115 | space /= td->td_samplesperpixel; | ||
116 | for (strip = 0; strip < td->td_nstrips; strip++) | ||
117 | @@ -4882,19 +4891,23 @@ TIFFFetchDirectory(TIFF* tif, uint64 dir | ||
118 | dircount16 = (uint16)dircount64; | ||
119 | dirsize = 20; | ||
120 | } | ||
121 | - /* Before allocating a huge amount of memory for corrupted files, check | ||
122 | - * if size of requested memory is not greater than file size. */ | ||
123 | - uint64 filesize = TIFFGetFileSize(tif); | ||
124 | - uint64 allocsize = (uint64)dircount16 * dirsize; | ||
125 | - if (allocsize > filesize) | ||
126 | + const uint64 allocsize = (uint64)dircount16 * dirsize; | ||
127 | + if (allocsize > 100 * 1024 * 1024) | ||
128 | { | ||
129 | - TIFFWarningExt( | ||
130 | - tif->tif_clientdata, module, | ||
131 | - "Requested memory size for TIFF directory of %" PRIu64 | ||
132 | - " is greather than filesize %" PRIu64 | ||
133 | - ". Memory not allocated, TIFF directory not read", | ||
134 | - allocsize, filesize); | ||
135 | - return 0; | ||
136 | + /* Before allocating a huge amount of memory for corrupted files, | ||
137 | + * check if size of requested memory is not greater than file size. | ||
138 | + */ | ||
139 | + const uint64 filesize = TIFFGetFileSize(tif); | ||
140 | + if (allocsize > filesize) | ||
141 | + { | ||
142 | + TIFFWarningExt( | ||
143 | + tif->tif_clientdata, module, | ||
144 | + "Requested memory size for TIFF directory of %" PRIu64 | ||
145 | + " is greater than filesize %" PRIu64 | ||
146 | + ". Memory not allocated, TIFF directory not read", | ||
147 | + allocsize, filesize); | ||
148 | + return 0; | ||
149 | + } | ||
150 | } | ||
151 | origdir = _TIFFCheckMalloc(tif, dircount16, | ||
152 | dirsize, "to read TIFF directory"); | ||
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2023-6277-3.patch b/meta/recipes-multimedia/libtiff/files/CVE-2023-6277-3.patch new file mode 100644 index 0000000000..ed7d7e7b96 --- /dev/null +++ b/meta/recipes-multimedia/libtiff/files/CVE-2023-6277-3.patch | |||
@@ -0,0 +1,46 @@ | |||
1 | Backport of: | ||
2 | |||
3 | From de7bfd7d4377c266f81849579f696fa1ad5ba6c3 Mon Sep 17 00:00:00 2001 | ||
4 | From: Even Rouault <even.rouault@spatialys.com> | ||
5 | Date: Tue, 31 Oct 2023 20:13:45 +0100 | ||
6 | Subject: [PATCH] TIFFFetchDirectory(): remove useless allocsize vs filesize | ||
7 | check | ||
8 | |||
9 | CoverityScan rightly points that the max value for dircount16 * dirsize | ||
10 | is 4096 * 20. That's small enough not to do any check | ||
11 | |||
12 | Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/tiff/tree/debian/patches/CVE-2023-6277-3.patch?h=ubuntu/focal-security | ||
13 | Upstream commit https://gitlab.com/libtiff/libtiff/-/commit/de7bfd7d4377c266f81849579f696fa1ad5ba6c3] | ||
14 | CVE: CVE-2023-6277 | ||
15 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
16 | --- | ||
17 | libtiff/tif_dirread.c | 18 ------------------ | ||
18 | 1 file changed, 18 deletions(-) | ||
19 | |||
20 | --- tiff-4.1.0+git191117.orig/libtiff/tif_dirread.c | ||
21 | +++ tiff-4.1.0+git191117/libtiff/tif_dirread.c | ||
22 | @@ -4891,24 +4891,6 @@ TIFFFetchDirectory(TIFF* tif, uint64 dir | ||
23 | dircount16 = (uint16)dircount64; | ||
24 | dirsize = 20; | ||
25 | } | ||
26 | - const uint64 allocsize = (uint64)dircount16 * dirsize; | ||
27 | - if (allocsize > 100 * 1024 * 1024) | ||
28 | - { | ||
29 | - /* Before allocating a huge amount of memory for corrupted files, | ||
30 | - * check if size of requested memory is not greater than file size. | ||
31 | - */ | ||
32 | - const uint64 filesize = TIFFGetFileSize(tif); | ||
33 | - if (allocsize > filesize) | ||
34 | - { | ||
35 | - TIFFWarningExt( | ||
36 | - tif->tif_clientdata, module, | ||
37 | - "Requested memory size for TIFF directory of %" PRIu64 | ||
38 | - " is greater than filesize %" PRIu64 | ||
39 | - ". Memory not allocated, TIFF directory not read", | ||
40 | - allocsize, filesize); | ||
41 | - return 0; | ||
42 | - } | ||
43 | - } | ||
44 | origdir = _TIFFCheckMalloc(tif, dircount16, | ||
45 | dirsize, "to read TIFF directory"); | ||
46 | if (origdir == NULL) | ||
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2023-6277-4.patch b/meta/recipes-multimedia/libtiff/files/CVE-2023-6277-4.patch new file mode 100644 index 0000000000..1a43fd3230 --- /dev/null +++ b/meta/recipes-multimedia/libtiff/files/CVE-2023-6277-4.patch | |||
@@ -0,0 +1,94 @@ | |||
1 | [Ubuntu note: Backport of the following patch from upstream, with a few changes | ||
2 | to match the current version of the file in the present Ubuntu release: | ||
3 | . using TIFFWarningExt instead of TIFFWarningExtR (the latter did not exist yet); | ||
4 | . using uint64 instead of uint64_t to preserve the current code usage; | ||
5 | . calling _TIFFfree(data) instead of _TIFFfreeExt(tif, data) (the latter did not exist yet); | ||
6 | -- Rodrigo Figueiredo Zaiden] | ||
7 | |||
8 | Backport of: | ||
9 | |||
10 | From dbb825a8312f30e63a06c272010967d51af5c35a Mon Sep 17 00:00:00 2001 | ||
11 | From: Even Rouault <even.rouault@spatialys.com> | ||
12 | Date: Tue, 31 Oct 2023 21:30:58 +0100 | ||
13 | Subject: [PATCH] tif_dirread.c: only issue TIFFGetFileSize() for large enough | ||
14 | RAM requests | ||
15 | |||
16 | Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/tiff/tree/debian/patches/CVE-2023-6277-4.patch?h=ubuntu/focal-security | ||
17 | Upstream commit https://gitlab.com/libtiff/libtiff/-/commit/dbb825a8312f30e63a06c272010967d51af5c35a] | ||
18 | CVE: CVE-2023-6277 | ||
19 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
20 | --- | ||
21 | libtiff/tif_dirread.c | 54 +++++++++++++++++++++++++------------------ | ||
22 | 1 file changed, 31 insertions(+), 23 deletions(-) | ||
23 | |||
24 | --- tiff-4.1.0+git191117.orig/libtiff/tif_dirread.c | ||
25 | +++ tiff-4.1.0+git191117/libtiff/tif_dirread.c | ||
26 | @@ -5822,19 +5822,24 @@ TIFFFetchStripThing(TIFF* tif, TIFFDirEn | ||
27 | _TIFFfree(data); | ||
28 | return(0); | ||
29 | } | ||
30 | - /* Before allocating a huge amount of memory for corrupted files, check | ||
31 | - * if size of requested memory is not greater than file size. */ | ||
32 | - uint64 filesize = TIFFGetFileSize(tif); | ||
33 | - uint64 allocsize = (uint64)nstrips * sizeof(uint64); | ||
34 | - if (allocsize > filesize) | ||
35 | + const uint64 allocsize = (uint64)nstrips * sizeof(uint64); | ||
36 | + if (allocsize > 100 * 1024 * 1024) | ||
37 | { | ||
38 | - TIFFWarningExt(tif->tif_clientdata, module, | ||
39 | - "Requested memory size for StripArray of %" PRIu64 | ||
40 | - " is greather than filesize %" PRIu64 | ||
41 | - ". Memory not allocated", | ||
42 | - allocsize, filesize); | ||
43 | - _TIFFfree(data); | ||
44 | - return (0); | ||
45 | + /* Before allocating a huge amount of memory for corrupted files, | ||
46 | + * check if size of requested memory is not greater than file size. | ||
47 | + */ | ||
48 | + const uint64 filesize = TIFFGetFileSize(tif); | ||
49 | + if (allocsize > filesize) | ||
50 | + { | ||
51 | + TIFFWarningExt( | ||
52 | + tif->tif_clientdata, module, | ||
53 | + "Requested memory size for StripArray of %" PRIu64 | ||
54 | + " is greater than filesize %" PRIu64 | ||
55 | + ". Memory not allocated", | ||
56 | + allocsize, filesize); | ||
57 | + _TIFFfree(data); | ||
58 | + return (0); | ||
59 | + } | ||
60 | } | ||
61 | resizeddata=(uint64*)_TIFFCheckMalloc(tif,nstrips,sizeof(uint64),"for strip array"); | ||
62 | if (resizeddata==0) { | ||
63 | @@ -5935,17 +5940,20 @@ static void allocChoppedUpStripArrays(TI | ||
64 | * size of StripByteCount and StripOffset tags is not greater than | ||
65 | * file size. | ||
66 | */ | ||
67 | - uint64 allocsize = (uint64)nstrips * sizeof(uint64) * 2; | ||
68 | - uint64 filesize = TIFFGetFileSize(tif); | ||
69 | - if (allocsize > filesize) | ||
70 | - { | ||
71 | - TIFFWarningExt(tif->tif_clientdata, "allocChoppedUpStripArrays", | ||
72 | - "Requested memory size for StripByteCount and " | ||
73 | - "StripOffsets %" PRIu64 | ||
74 | - " is greather than filesize %" PRIu64 | ||
75 | - ". Memory not allocated", | ||
76 | - allocsize, filesize); | ||
77 | - return; | ||
78 | + const uint64 allocsize = (uint64)nstrips * sizeof(uint64) * 2; | ||
79 | + if (allocsize > 100 * 1024 * 1024) | ||
80 | + { | ||
81 | + const uint64 filesize = TIFFGetFileSize(tif); | ||
82 | + if (allocsize > filesize) | ||
83 | + { | ||
84 | + TIFFWarningExt(tif->tif_clientdata, "allocChoppedUpStripArrays", | ||
85 | + "Requested memory size for StripByteCount and " | ||
86 | + "StripOffsets %" PRIu64 | ||
87 | + " is greater than filesize %" PRIu64 | ||
88 | + ". Memory not allocated", | ||
89 | + allocsize, filesize); | ||
90 | + return; | ||
91 | + } | ||
92 | } | ||
93 | |||
94 | newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64), | ||
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.1.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.1.0.bb index c739f3a7fa..7efaba3a38 100644 --- a/meta/recipes-multimedia/libtiff/tiff_4.1.0.bb +++ b/meta/recipes-multimedia/libtiff/tiff_4.1.0.bb | |||
@@ -49,6 +49,11 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \ | |||
49 | file://CVE-2023-41175.patch \ | 49 | file://CVE-2023-41175.patch \ |
50 | file://CVE-2022-40090.patch \ | 50 | file://CVE-2022-40090.patch \ |
51 | file://CVE-2023-6228.patch \ | 51 | file://CVE-2023-6228.patch \ |
52 | file://CVE-2023-6277-1.patch \ | ||
53 | file://CVE-2023-6277-2.patch \ | ||
54 | file://CVE-2023-6277-3.patch \ | ||
55 | file://CVE-2023-6277-4.patch \ | ||
56 | file://CVE-2023-52356.patch \ | ||
52 | " | 57 | " |
53 | SRC_URI[md5sum] = "2165e7aba557463acc0664e71a3ed424" | 58 | SRC_URI[md5sum] = "2165e7aba557463acc0664e71a3ed424" |
54 | SRC_URI[sha256sum] = "5d29f32517dadb6dbcd1255ea5bbc93a2b54b94fbf83653b4d65c7d6775b8634" | 59 | SRC_URI[sha256sum] = "5d29f32517dadb6dbcd1255ea5bbc93a2b54b94fbf83653b4d65c7d6775b8634" |
diff --git a/meta/recipes-support/curl/curl/CVE-2024-2398.patch b/meta/recipes-support/curl/curl/CVE-2024-2398.patch new file mode 100644 index 0000000000..a3840336f0 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2024-2398.patch | |||
@@ -0,0 +1,88 @@ | |||
1 | Backport of: | ||
2 | |||
3 | From deca8039991886a559b67bcd6701db800a5cf764 Mon Sep 17 00:00:00 2001 | ||
4 | From: Stefan Eissing <stefan@eissing.org> | ||
5 | Date: Wed, 6 Mar 2024 09:36:08 +0100 | ||
6 | Subject: [PATCH] http2: push headers better cleanup | ||
7 | |||
8 | - provide common cleanup method for push headers | ||
9 | |||
10 | Closes #13054 | ||
11 | |||
12 | Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/curl/tree/debian/patches/CVE-2024-2398.patch?h=ubuntu/focal-security | ||
13 | Upstream commit https://github.com/curl/curl/commit/deca8039991886a559b67bcd6701db800a5cf764] | ||
14 | CVE: CVE-2024-2398 | ||
15 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
16 | --- | ||
17 | lib/http2.c | 34 +++++++++++++++------------------- | ||
18 | 1 file changed, 15 insertions(+), 19 deletions(-) | ||
19 | |||
20 | --- a/lib/http2.c | ||
21 | +++ b/lib/http2.c | ||
22 | @@ -515,6 +515,15 @@ static struct Curl_easy *duphandle(struc | ||
23 | } | ||
24 | |||
25 | |||
26 | +static void free_push_headers(struct HTTP *stream) | ||
27 | +{ | ||
28 | + size_t i; | ||
29 | + for(i = 0; i<stream->push_headers_used; i++) | ||
30 | + free(stream->push_headers[i]); | ||
31 | + Curl_safefree(stream->push_headers); | ||
32 | + stream->push_headers_used = 0; | ||
33 | +} | ||
34 | + | ||
35 | static int push_promise(struct Curl_easy *data, | ||
36 | struct connectdata *conn, | ||
37 | const nghttp2_push_promise *frame) | ||
38 | @@ -528,7 +537,6 @@ static int push_promise(struct Curl_easy | ||
39 | struct curl_pushheaders heads; | ||
40 | CURLMcode rc; | ||
41 | struct http_conn *httpc; | ||
42 | - size_t i; | ||
43 | /* clone the parent */ | ||
44 | struct Curl_easy *newhandle = duphandle(data); | ||
45 | if(!newhandle) { | ||
46 | @@ -557,11 +565,7 @@ static int push_promise(struct Curl_easy | ||
47 | Curl_set_in_callback(data, false); | ||
48 | |||
49 | /* free the headers again */ | ||
50 | - for(i = 0; i<stream->push_headers_used; i++) | ||
51 | - free(stream->push_headers[i]); | ||
52 | - free(stream->push_headers); | ||
53 | - stream->push_headers = NULL; | ||
54 | - stream->push_headers_used = 0; | ||
55 | + free_push_headers(stream); | ||
56 | |||
57 | if(rv) { | ||
58 | /* denied, kill off the new handle again */ | ||
59 | @@ -995,10 +999,10 @@ static int on_header(nghttp2_session *se | ||
60 | stream->push_headers_alloc) { | ||
61 | char **headp; | ||
62 | stream->push_headers_alloc *= 2; | ||
63 | - headp = Curl_saferealloc(stream->push_headers, | ||
64 | - stream->push_headers_alloc * sizeof(char *)); | ||
65 | + headp = realloc(stream->push_headers, | ||
66 | + stream->push_headers_alloc * sizeof(char *)); | ||
67 | if(!headp) { | ||
68 | - stream->push_headers = NULL; | ||
69 | + free_push_headers(stream); | ||
70 | return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE; | ||
71 | } | ||
72 | stream->push_headers = headp; | ||
73 | @@ -1179,14 +1183,7 @@ void Curl_http2_done(struct Curl_easy *d | ||
74 | if(http->header_recvbuf) { | ||
75 | Curl_add_buffer_free(&http->header_recvbuf); | ||
76 | Curl_add_buffer_free(&http->trailer_recvbuf); | ||
77 | - if(http->push_headers) { | ||
78 | - /* if they weren't used and then freed before */ | ||
79 | - for(; http->push_headers_used > 0; --http->push_headers_used) { | ||
80 | - free(http->push_headers[http->push_headers_used - 1]); | ||
81 | - } | ||
82 | - free(http->push_headers); | ||
83 | - http->push_headers = NULL; | ||
84 | - } | ||
85 | + free_push_headers(http); | ||
86 | } | ||
87 | |||
88 | if(!httpc->h2) /* not HTTP/2 ? */ | ||
diff --git a/meta/recipes-support/curl/curl_7.69.1.bb b/meta/recipes-support/curl/curl_7.69.1.bb index 980b4224a8..2f351d585a 100644 --- a/meta/recipes-support/curl/curl_7.69.1.bb +++ b/meta/recipes-support/curl/curl_7.69.1.bb | |||
@@ -58,6 +58,7 @@ SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \ | |||
58 | file://CVE-2023-28321.patch \ | 58 | file://CVE-2023-28321.patch \ |
59 | file://CVE-2023-28322.patch \ | 59 | file://CVE-2023-28322.patch \ |
60 | file://CVE-2023-46218.patch \ | 60 | file://CVE-2023-46218.patch \ |
61 | file://CVE-2024-2398.patch \ | ||
61 | " | 62 | " |
62 | 63 | ||
63 | SRC_URI[md5sum] = "ec5fc263f898a3dfef08e805f1ecca42" | 64 | SRC_URI[md5sum] = "ec5fc263f898a3dfef08e805f1ecca42" |