| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
Fixes Heap buffer overflow in xmlParseMisc
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7500
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
Fixes buffer overread with HTML parser in push mode in xmlSAX2TextNode [NEEDINFO].
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8242
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes out-of-bounds heap read when parsing file with unfinished
xml declaration.
Reference:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8317
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes an overflow vulnerability causing applications which
pass long strings to the catopen function to crash or,
potentially execute arbitrary code.
(From OE-Core rev: af20e323932caba8883c91dac610e1ba2b3d4ab5)
Rferences:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8779
Upstream bug: https://sourceware.org/bugzilla/show_bug.cgi?id=17905
CVE assignment: http://seclists.org/oss-sec/2016/q1/153
Reference to the upstream fix:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=
0f58539030e436449f79189b6edab17d7479796e
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes integer overflow in hcreate and hcreate_r.
References:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8778
Upstream bug: https://sourceware.org/bugzilla/show_bug.cgi?id=18240
CVE assignment: http://seclists.org/oss-sec/2016/q1/153
Upstream fix:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=287de30e170cb765ed326d23d22791a81aab6e0f
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or
libc6) before 2.23 allows local users to bypass a pointer-guarding protection
mechanism via a zero value of the LD_POINTER_GUARD environment variable.
(From OE-Core rev: 22570ba08d7c6157aec58764c73b1134405b0252)
References:
https://sourceware.org/bugzilla/show_bug.cgi?id=18928
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8777
Reproducing steps available at:
http://hmarco.org/bugs/glibc_ptr_mangle_weakness.html
CVE request: http://seclists.org/oss-sec/2015/q3/504
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It was found that out-of-range time values passed to the strftime function may
cause it to crash, leading to a denial of service, or potentially disclosure
information.
(From OE-Core rev: b9bc001ee834e4f8f756a2eaf2671aac3324b0ee)
References:
Upstream bug: https://sourceware.org/bugzilla/show_bug.cgi?id=18985
CVE assignment: http://seclists.org/oss-sec/2016/q1/153
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8776
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A stack overflow vulnerability was found in nan* functions that could cause
applications which process long strings with the nan function to crash or,
potentially, execute arbitrary code.
(From OE-Core rev: fd3da8178c8c06b549dbc19ecec40e98ab934d49)
References:
Upstream bug: https://sourceware.org/bugzilla/show_bug.cgi?id=16962
CVE assignment: http://seclists.org/oss-sec/2016/q1/153
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes double free flaw in certificate DN decoding.
(Add back the patch inappropriately removed)
References:
http://www.gnutls.org/security.html#GNUTLS-SA-2015-3
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-6251
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6251
Upstream fix:
https://gitlab.com/gnutls/gnutls/commit/
272854367efc130fbd4f1a51840d80c630214e12
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes following CVEs:
CVE-2016-0777 OpenSSH: Client Information leak due to use of roaming
connection feature
CVE-2016-0778 OpenSSH: Client buffer-overflow when using roaming
connections
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778
Backported from:
http://git.yoctoproject.org/cgit/cgit.cgi/poky/patch/
?id=9845a542a76156adb5aef6fd33ad5bc5777acf64
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A buffer size check used to guard against overflow could
cause named to exit with an INSIST failure In apl_42.c.
References:
https://kb.isc.org/article/AA-01335
https://kb.isc.org/article/AA-00913
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8704
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
| |
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes double free flaw in certificate DN decoding.
References:
http://www.gnutls.org/security.html#GNUTLS-SA-2015-3
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-6251
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6251
Upstream fix:
https://gitlab.com/gnutls/gnutls/commit/
272854367efc130fbd4f1a51840d80c630214e12
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes a denial of service in BIND.
An error in the parsing of incoming responses allows some
records with an incorrect class to be accepted by BIND
instead of being rejected as malformed. This can trigger
a REQUIRE assertion failure when those records are subsequently
cached.
References:
http://www.openwall.com/lists/oss-security/2015/12/15/14
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000
https://bugzilla.redhat.com/attachment.cgi?id=1105581
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Huimin She <huimin.she@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes following vulnerabilities:
Certificate verify crash with missing PSS parameter (CVE-2015-3194)
X509_ATTRIBUTE memory leak (CVE-2015-3195)
References:
https://openssl.org/news/secadv/20151203.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream bug (contains reproducer):
https://bugzilla.gnome.org/show_bug.cgi?id=756263
Upstream patch:
https://git.gnome.org/browse/libxml2/commit/?id=
ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes DoS when parsing specially crafted XML document
if XZ support is enabled.
References:
https://bugzilla.gnome.org/show_bug.cgi?id=757466
Upstream correction:
https://git.gnome.org/browse/libxml2/commit/?id=
f0709e3ca8f8947f2d91ed34e92e38a4c23eae63
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
three security fixes.
(From OE-Core rev: d3af844b05e566c2188fc3145e66a9826fed0ec8)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes heap-based buffer overflow in xmlParseConditionalSections().
Upstream patch:
https://git.gnome.org/browse/libxml2/commit/
?id=9b8512337d14c8ddf662fcb98b0135f225a1c489
Upstream bug:
https://bugzilla.gnome.org/show_bug.cgi?id=756456
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2015-7696: Fixes a heap overflow triggered by unzipping a file with password
CVE-2015-7697: Fixes a denial of service with a file that never finishes unzipping
References:
http://www.openwall.com/lists/oss-security/2015/10/11/5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7696
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7697
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes a heap buffer overflow in glibc wscanf.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1472
https://sourceware.org/ml/libc-alpha/2015-02/msg00119.html
http://openwall.com/lists/oss-security/2015/02/04/1
Reference to upstream fix:
https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;
h=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
| |
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
| |
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|