cifs-utils: upgrade 6.14 -> 6.15

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 88ea7fc012f3edcb7ee7b22330826d285f0319b7) Adapted to Kirkstone. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
author: wangmy <wangmy@fujitsu.com> 2022-04-29 16:01:10 +0800
committer: Gyorgy Sarvari <skandigraun@gmail.com> 2025-09-29 20:15:31 +0200
commit: 84268712554b87399aecd1d5e64c415ad0930ff8 (patch)
tree: 9d257e0468beb35f82fd00948af8284c4df0368d /meta-networking
parent: d42bb883dd40807a0f3ce4d2494fbd4824cb596e (diff)
download: meta-openembedded-84268712554b87399aecd1d5e64c415ad0930ff8.tar.gz
3 files changed, 2 insertions, 93 deletions
diff --git a/meta-networking/recipes-support/cifs/cifs-utils_6.14.bb b/meta-networking/recipes-support/cifs/cifs-utils_6.15.bb
index 516e467ee4..a009a26cc2 100644
--- a/meta-networking/recipes-support/cifs/cifs-utils_6.14.bb
+++ b/meta-networking/recipes-support/cifs/cifs-utils_6.15.bb
@@ -4,11 +4,8 @@ SECTION = "otherosfs"
 LICENSE = "GPL-3.0-only & LGPL-3.0-only"
 LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
-SRCREV = "8c06dce7d596e478c20bc54bdcec87ad97f80a1b"
+SRCREV = "58ca03f183b375cb723097a241bc2fc2254dab21"
-SRC_URI = "git://git.samba.org/cifs-utils.git;branch=master \
+SRC_URI = "git://git.samba.org/cifs-utils.git;branch=master"
-           file://CVE-2022-27239.patch \
-           file://CVE-2022-29869.patch \
-"
 S = "${WORKDIR}/git"
 DEPENDS += "libtalloc"
diff --git a/meta-networking/recipes-support/cifs/files/CVE-2022-27239.patch b/meta-networking/recipes-support/cifs/files/CVE-2022-27239.patch
deleted file mode 100644
index 77f6745abe..0000000000
--- a/meta-networking/recipes-support/cifs/files/CVE-2022-27239.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 007c07fd91b6d42f8bd45187cf78ebb06801139d Mon Sep 17 00:00:00 2001
-From: Jeffrey Bencteux <jbe@improsec.com>
-Date: Thu, 17 Mar 2022 12:58:52 -0400
-Subject: [PATCH] CVE-2022-27239: mount.cifs: fix length check for ip option
- parsing
-Previous check was true whatever the length of the input string was,
-leading to a buffer overflow in the subsequent strcpy call.
-Bug: https://bugzilla.samba.org/show_bug.cgi?id=15025
-Signed-off-by: Jeffrey Bencteux <jbe@improsec.com>
-Reviewed-by: David Disseldorp <ddiss@suse.de>
-Upstream-Status: Backport [ https://git.samba.org/?p=cifs-utils.git;a=commit;h=007c07fd91b6d42f8bd45187cf78ebb06801139d]
-CVE: CVE-2022-27239
-Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
---
- mount.cifs.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-diff --git a/mount.cifs.c b/mount.cifs.c
-index 84274c9..3a6b449 100644
--- a/mount.cifs.c
-+++ b/mount.cifs.c
-@@ -926,9 +926,10 @@ parse_options(const char *data, struct parsed_mount_info *parsed_info)
-                        if (!value || !*value) {
-                                fprintf(stderr,
-                                        "target ip address argument missing\n");
-                       } else if (strnlen(value, MAX_ADDRESS_LEN) <=
-+                       } else if (strnlen(value, MAX_ADDRESS_LEN) <
-                                MAX_ADDRESS_LEN) {
-                               strcpy(parsed_info->addrlist, value);
-+                               strlcpy(parsed_info->addrlist, value,
-+                                       MAX_ADDRESS_LEN);
-                                if (parsed_info->verboseflag)
-                                        fprintf(stderr,
-                                                "ip address %s override specified\n",
-- 
-2.34.1
diff --git a/meta-networking/recipes-support/cifs/files/CVE-2022-29869.patch b/meta-networking/recipes-support/cifs/files/CVE-2022-29869.patch
deleted file mode 100644
index f0c3f37dec..0000000000
--- a/meta-networking/recipes-support/cifs/files/CVE-2022-29869.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From 8acc963a2e7e9d63fe1f2e7f73f5a03f83d9c379 Mon Sep 17 00:00:00 2001
-From: Jeffrey Bencteux <jbe@improsec.com>
-Date: Sat, 19 Mar 2022 13:41:15 -0400
-Subject: [PATCH] mount.cifs: fix verbose messages on option parsing
-When verbose logging is enabled, invalid credentials file lines may be
-dumped to stderr. This may lead to information disclosure in particular
-conditions when the credentials file given is sensitive and contains '='
-signs.
-Bug: https://bugzilla.samba.org/show_bug.cgi?id=15026
-Signed-off-by: Jeffrey Bencteux <jbe@improsec.com>
-Reviewed-by: David Disseldorp <ddiss@suse.de>
-Upstream-Status: Backport [https://git.samba.org/?p=cifs-utils.git;a=commit;h=8acc963a2e7e9d63fe1f2e7f73f5a03f83d9c379]
-CVE: CVE-2022-29869
-Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
---
- mount.cifs.c | 6 +-----
- 1 file changed, 1 insertion(+), 5 deletions(-)
-diff --git a/mount.cifs.c b/mount.cifs.c
-index 3a6b449..2278995 100644
--- a/mount.cifs.c
-+++ b/mount.cifs.c
-@@ -628,17 +628,13 @@ static int open_cred_file(char *file_name,
-                                goto return_i;
-                        break;
-                case CRED_DOM:
-                       if (parsed_info->verboseflag)
-                               fprintf(stderr, "domain=%s\n",
-                                       temp_val);
-                        strlcpy(parsed_info->domain, temp_val,
-                                sizeof(parsed_info->domain));
-                        break;
-                case CRED_UNPARSEABLE:
-                        if (parsed_info->verboseflag)
-                                fprintf(stderr, "Credential formatted "
-                                       "incorrectly: %s\n",
-                                       temp_val ? temp_val : "(null)");
-+                                       "incorrectly\n");
-                        break;
-                }
-        }
-- 
-2.34.1
author	wangmy <wangmy@fujitsu.com>	2022-04-29 16:01:10 +0800
committer	Gyorgy Sarvari <skandigraun@gmail.com>	2025-09-29 20:15:31 +0200
commit	84268712554b87399aecd1d5e64c415ad0930ff8 (patch)
tree	9d257e0468beb35f82fd00948af8284c4df0368d /meta-networking
parent	d42bb883dd40807a0f3ce4d2494fbd4824cb596e (diff)
download	meta-openembedded-84268712554b87399aecd1d5e64c415ad0930ff8.tar.gz

diff --git a/meta-networking/recipes-support/cifs/cifs-utils_6.14.bb b/meta-networking/recipes-support/cifs/cifs-utils_6.15.bb index 516e467ee4..a009a26cc2 100644 --- a/meta-networking/recipes-support/cifs/cifs-utils_6.14.bb +++ b/meta-networking/recipes-support/cifs/cifs-utils_6.15.bb
@@ -4,11 +4,8 @@ SECTION = "otherosfs"
4	LICENSE = "GPL-3.0-only & LGPL-3.0-only"	4	LICENSE = "GPL-3.0-only & LGPL-3.0-only"
5	LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"	5	LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
6		6
7	SRCREV = "8c06dce7d596e478c20bc54bdcec87ad97f80a1b"	7	SRCREV = "58ca03f183b375cb723097a241bc2fc2254dab21"
8	SRC_URI = "git://git.samba.org/cifs-utils.git;branch=master \	8	SRC_URI = "git://git.samba.org/cifs-utils.git;branch=master"
9	file://CVE-2022-27239.patch \
10	file://CVE-2022-29869.patch \
11	"
12		9
13	S = "${WORKDIR}/git"	10	S = "${WORKDIR}/git"
14	DEPENDS += "libtalloc"	11	DEPENDS += "libtalloc"


diff --git a/meta-networking/recipes-support/cifs/files/CVE-2022-27239.patch b/meta-networking/recipes-support/cifs/files/CVE-2022-27239.patch deleted file mode 100644 index 77f6745abe..0000000000 --- a/meta-networking/recipes-support/cifs/files/CVE-2022-27239.patch +++ /dev/null
@@ -1,40 +0,0 @@
1	From 007c07fd91b6d42f8bd45187cf78ebb06801139d Mon Sep 17 00:00:00 2001
2	From: Jeffrey Bencteux <jbe@improsec.com>
3	Date: Thu, 17 Mar 2022 12:58:52 -0400
4	Subject: [PATCH] CVE-2022-27239: mount.cifs: fix length check for ip option
5	parsing
6
7	Previous check was true whatever the length of the input string was,
8	leading to a buffer overflow in the subsequent strcpy call.
9
10	Bug: https://bugzilla.samba.org/show_bug.cgi?id=15025
11
12	Signed-off-by: Jeffrey Bencteux <jbe@improsec.com>
13	Reviewed-by: David Disseldorp <ddiss@suse.de>
14
15	Upstream-Status: Backport [ https://git.samba.org/?p=cifs-utils.git;a=commit;h=007c07fd91b6d42f8bd45187cf78ebb06801139d]
16	CVE: CVE-2022-27239
17	Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
18	---
19	mount.cifs.c \| 5 +++--
20	1 file changed, 3 insertions(+), 2 deletions(-)
21
22	diff --git a/mount.cifs.c b/mount.cifs.c
23	index 84274c9..3a6b449 100644
24	--- a/mount.cifs.c
25	+++ b/mount.cifs.c
26	@@ -926,9 +926,10 @@ parse_options(const char data, struct parsed_mount_info parsed_info)
27	if (!value \|\| !*value) {
28	fprintf(stderr,
29	"target ip address argument missing\n");
30	- } else if (strnlen(value, MAX_ADDRESS_LEN) <=
31	+ } else if (strnlen(value, MAX_ADDRESS_LEN) <
32	MAX_ADDRESS_LEN) {
33	- strcpy(parsed_info->addrlist, value);
34	+ strlcpy(parsed_info->addrlist, value,
35	+ MAX_ADDRESS_LEN);
36	if (parsed_info->verboseflag)
37	fprintf(stderr,
38	"ip address %s override specified\n",
39	--
40	2.34.1


diff --git a/meta-networking/recipes-support/cifs/files/CVE-2022-29869.patch b/meta-networking/recipes-support/cifs/files/CVE-2022-29869.patch deleted file mode 100644 index f0c3f37dec..0000000000 --- a/meta-networking/recipes-support/cifs/files/CVE-2022-29869.patch +++ /dev/null
@@ -1,48 +0,0 @@
1	From 8acc963a2e7e9d63fe1f2e7f73f5a03f83d9c379 Mon Sep 17 00:00:00 2001
2	From: Jeffrey Bencteux <jbe@improsec.com>
3	Date: Sat, 19 Mar 2022 13:41:15 -0400
4	Subject: [PATCH] mount.cifs: fix verbose messages on option parsing
5
6	When verbose logging is enabled, invalid credentials file lines may be
7	dumped to stderr. This may lead to information disclosure in particular
8	conditions when the credentials file given is sensitive and contains '='
9	signs.
10
11	Bug: https://bugzilla.samba.org/show_bug.cgi?id=15026
12
13	Signed-off-by: Jeffrey Bencteux <jbe@improsec.com>
14	Reviewed-by: David Disseldorp <ddiss@suse.de>
15
16	Upstream-Status: Backport [https://git.samba.org/?p=cifs-utils.git;a=commit;h=8acc963a2e7e9d63fe1f2e7f73f5a03f83d9c379]
17	CVE: CVE-2022-29869
18	Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
19	---
20	mount.cifs.c \| 6 +-----
21	1 file changed, 1 insertion(+), 5 deletions(-)
22
23	diff --git a/mount.cifs.c b/mount.cifs.c
24	index 3a6b449..2278995 100644
25	--- a/mount.cifs.c
26	+++ b/mount.cifs.c
27	@@ -628,17 +628,13 @@ static int open_cred_file(char *file_name,
28	goto return_i;
29	break;
30	case CRED_DOM:
31	- if (parsed_info->verboseflag)
32	- fprintf(stderr, "domain=%s\n",
33	- temp_val);
34	strlcpy(parsed_info->domain, temp_val,
35	sizeof(parsed_info->domain));
36	break;
37	case CRED_UNPARSEABLE:
38	if (parsed_info->verboseflag)
39	fprintf(stderr, "Credential formatted "
40	- "incorrectly: %s\n",
41	- temp_val ? temp_val : "(null)");
42	+ "incorrectly\n");
43	break;
44	}
45	}
46	--
47	2.34.1
48