| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A directory traversal flaw was reported in patch:
References:
http://www.openwall.com/lists/oss-security/2015/01/18/6
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775227
https://bugzilla.redhat.com/show_bug.cgi?id=1182154
[YOCTO #7182]
(From OE-Core rev: 4c389880dc9c6221344f7aed221fe8356e8c2056)
(From OE-Core rev: e2032c5788f7a77aa0e4e8545b550551c23a25fb)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
|
|
| |
This fix a build issue for qemu package
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This back ported patch fixes CVE-2013-1752 for
ftplib,imaplib,nntplib and poplib
References:
http://bugs.python.org/issue16038
http://bugs.python.org/issue16039
http://bugs.python.org/issue16040
http://bugs.python.org/issue16041
https://access.redhat.com/security/cve/CVE-2013-1752
The ftplib,imaplib,nntplib and poplib modules doesn't limit the amount
of read data in its call to readline().
The modules should be modified to use limited readline() with _MAXLINE.
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This back ported patch fixes CVE-2013-1752 for httplib
References:
http://bugs.python.org/issue16037
https://access.redhat.com/security/cve/CVE-2013-1752
The httplib module / package can read arbitrary amounts of data
from its socket when it's parsing the HTTP header. This may lead
to issues when a user connects to a broken HTTP server or
something that isn't a HTTP at all
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
| |
|
|
|
|
|
|
|
|
| |
Patches explain the issue in detail but this is exposed
with gcc 4.9 in binutils 2.24
This is from upstream daisy [474ea6b826b53cb1e4e01a262683091f6c9d9309 ]
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
| |
|
|
|
|
|
|
|
|
| |
Fixes insufficient parameter validation during ram load
Reference
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7840
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2015-3456, fdc: out-of-bounds fifo buffer memory access
CVE-2014-5263, missing field list terminator in vmstate_xhci_event
CVE-2014-3689, vmware_vga: insufficient parameter validation in rectangle
functions
CVE-2014-7815, vnc: insufficient bits_per_pixel from the client sanitization
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3456
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5263
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3689
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7815
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
| |
|
|
|
|
|
|
|
| |
Fixes a NULL pointer deref in sosendto()
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3640
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes buffer() integer overflow leading to out of bounds read
This bug is only an issue if offset and size arguments are untrusted.
The buffer() was removed from Python 3 and hence Python 3 was not
affected by this issue.
Reference
http://openwall.com/lists/oss-security/2014/09/25/47
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The upgrade addresses following CVEs:
CVE-2014-0222
CVE-2014-0223
CVE-2014-0142
CVE-2014-0143
CVE-2014-0144
CVE-2014-0145
CVE-2014-0146
CVE-2014-0147
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
|
|
|
|
|
|
| |
Fixes input sanitization errors.
References
http://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=f66e6ce4
http://www.ocert.org/advisories/ocert-2015-002.html
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is related to "SSLv3 POODLE vulnerability" CVE-2014-3566
Building python without SSLv3 support when openssl is built without
any support for SSLv3 (e.g. by adding EXTRA_OECONF = " -no-ssl3" in
the openssl recipes).
Backport from:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768611#22
[python2.7-nossl3.patch] only Modules/_ssl.c is backported.
References:
https://bugzilla.yoctoproject.org/show_bug.cgi?id=7015
https://bugzilla.yoctoproject.org/show_bug.cgi?id=6843
http://bugs.python.org/issue22638
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix for _json module arbitrary process memory read vulnerability
http://bugs.python.org/issue21529
Python 2 and 3 are susceptible to arbitrary process memory reading
by a user or adversary due to a bug in the _json module caused by
insufficient bounds checking.
The sole prerequisites of this attack are that the attacker is able to control
or influence the two parameters of the default scanstring function: the string
to be decoded and the index. The bug is caused by allowing the user to supply
a negative index value. The index value is then used directly as an index to
an array in the C code; internally the address of the array and its index are
added to each other in order to yield the address of the value that is desired.
However, by supplying a negative index value and adding this to the address of
the array, the processor's register value wraps around and the calculated value
will point to a position in memory which isn't within the bounds of the
supplied string, causing the function to access other parts of the process
memory.
Signed-off-by: Benjamin Peterson <benjamin@python.org> Applied to
python-native recipe in order to fix the above mentioned vulnerability.
Upstream-Status: Backport
Signed-off-by: Daniel BORNAZ <daniel.bornaz@enea.com>
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
directory traversal in read_long_names()
Reference
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9447
Upstream commit with the analysis:
https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
directory traversal in read_long_names()
Reference
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9447
Upstream commit with the analysis:
https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
|
|
|
|
|
|
| |
Fixes an out of bounds memory access flaw
in Qemu's IDE device model
Reference
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2894
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
CVE-2014-8484
CVE-2014-8485
CVE-2014-8501
CVE-2014-8502
CVE-2014-8503
CVE-2014-8504
CVE-2014-8737
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
|
Migrated from the internal git server on the daisy-enea branch
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
