summaryrefslogtreecommitdiffstats
path: root/meta-networking
diff options
context:
space:
mode:
authorAnkur Tyagi <ankur.tyagi85@gmail.com>2026-01-09 22:28:40 +1300
committerAnuj Mittal <anuj.mittal@oss.qualcomm.com>2026-01-12 08:12:13 +0530
commitdf26bbaabaeb46dc88576966cd61bec1acc63a2d (patch)
tree815111056a9701d6954f4cdd59d30a3b5cb18204 /meta-networking
parente90c455347d5500ceced87cfcf68a84cb8b75fe1 (diff)
downloadmeta-openembedded-df26bbaabaeb46dc88576966cd61bec1acc63a2d.tar.gz
tinyproxy: patch CVE-2025-63938
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-63938 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Diffstat (limited to 'meta-networking')
-rw-r--r--meta-networking/recipes-support/tinyproxy/tinyproxy/CVE-2025-63938.patch42
-rw-r--r--meta-networking/recipes-support/tinyproxy/tinyproxy_1.11.1.bb1
2 files changed, 43 insertions, 0 deletions
diff --git a/meta-networking/recipes-support/tinyproxy/tinyproxy/CVE-2025-63938.patch b/meta-networking/recipes-support/tinyproxy/tinyproxy/CVE-2025-63938.patch
new file mode 100644
index 0000000000..27b1440b23
--- /dev/null
+++ b/meta-networking/recipes-support/tinyproxy/tinyproxy/CVE-2025-63938.patch
@@ -0,0 +1,42 @@
1From a8167245203adb6cae66f04e4d493a4710b993ae Mon Sep 17 00:00:00 2001
2From: rofl0r <rofl0r@users.noreply.github.com>
3Date: Fri, 17 Oct 2025 22:57:39 +0000
4Subject: [PATCH] reqs: fix integer overflow in port number processing
5
6closes #586
7
8CVE: CVE-2025-63938
9Upstream-Status: Backport [https://github.com/tinyproxy/tinyproxy/commit/3c0fde94981b025271ffa1788ae425257841bf5a]
10(cherry picked from commit 3c0fde94981b025271ffa1788ae425257841bf5a)
11Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
12---
13 src/reqs.c | 9 ++++++---
14 1 file changed, 6 insertions(+), 3 deletions(-)
15
16diff --git a/src/reqs.c b/src/reqs.c
17index 705ce11..b6a7d27 100644
18--- a/src/reqs.c
19+++ b/src/reqs.c
20@@ -174,7 +174,7 @@ static int strip_return_port (char *host)
21 {
22 char *ptr1;
23 char *ptr2;
24- int port;
25+ unsigned port;
26
27 ptr1 = strrchr (host, ':');
28 if (ptr1 == NULL)
29@@ -186,8 +186,11 @@ static int strip_return_port (char *host)
30 return 0;
31
32 *ptr1++ = '\0';
33- if (sscanf (ptr1, "%d", &port) != 1) /* one conversion required */
34- return 0;
35+
36+ port = atoi(ptr1);
37+ /* check that port string is in the valid range 1-0xffff) */
38+ if(strlen(ptr1) > 5 || (port & 0xffff0000)) return 0;
39+
40 return port;
41 }
42
diff --git a/meta-networking/recipes-support/tinyproxy/tinyproxy_1.11.1.bb b/meta-networking/recipes-support/tinyproxy/tinyproxy_1.11.1.bb
index 8aff50fac8..5c159f3f22 100644
--- a/meta-networking/recipes-support/tinyproxy/tinyproxy_1.11.1.bb
+++ b/meta-networking/recipes-support/tinyproxy/tinyproxy_1.11.1.bb
@@ -9,6 +9,7 @@ SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BP}.tar.gz
9 file://tinyproxy.conf \ 9 file://tinyproxy.conf \
10 file://CVE-2022-40468.patch \ 10 file://CVE-2022-40468.patch \
11 file://0001-CVE-2023-49606.patch \ 11 file://0001-CVE-2023-49606.patch \
12 file://CVE-2025-63938.patch \
12 " 13 "
13 14
14SRC_URI[sha256sum] = "1574acf7ba83c703a89e98bb2758a4ed9fda456f092624b33cfcf0ce2d3b2047" 15SRC_URI[sha256sum] = "1574acf7ba83c703a89e98bb2758a4ed9fda456f092624b33cfcf0ce2d3b2047"