linux/poky.git, branch dizzy-enea

OpenSSL: Upgrade to 1.0.1t to fix multiple CVEs

2016-05-10T08:26:16+00:00

Upgrade 1.0.1p --> 1.0.1t addresses following vulnerabilities: CVE-2016-2107 CVE-2016-2108 CVE-2016-2105 CVE-2016-2106 CVE-2016-2109 CVE-2016-2176 Reference: URL for the OpenSSL Security Advisory: https://www.openssl.org/news/secadv/20160503.txt Signed-off-by: Sona Sarmadi Signed-off-by: Tudor Florea

qemu: ide: CVE-2015-6855

2016-05-03T14:06:28+00:00

Fixes divide by zero issue. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6855 Reference to upstream patch: http://git.qemu.org/?p=qemu.git;a=commit;h=63d761388d6fea994ca498c6e7a210851a99ad93 Signed-off-by: Sona Sarmadi Signed-off-by: Tudor Florea

qemu: net: CVE-2015-5279

2016-05-03T14:06:17+00:00

Fixes heap overflow vulnerability in ne2000_receive() function. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5279 Reference to upstream patch: http://git.qemu.org/?p=qemu.git;a=commit;h=7aa2bcad0ca837dd6d4bf4fa38a80314b4a6b755 Signed-off-by: Sona Sarmadi Signed-off-by: Tudor Florea

qemu: net: CVE-2015-5278

2016-05-03T14:06:04+00:00

Avoid infinite loop when receiving packets. Reference: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5278 Reference to upstream patch: http://git.qemu.org/?p=qemu.git;a=commit;h=5a1ccdfe44946e726b4c6fda8a4493b3931a68c1 Signed-off-by: Sona Sarmadi Signed-off-by: Tudor Florea

qemu: ui: vnc: CVE-2015-5225

2016-05-03T14:05:46+00:00

Fixes heap memory corruption in vnc_refresh_server_surface. Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5225 Reference to upstream patch: http://git.qemu.org/?p=qemu.git;a=commit;h=efec4dcd2552e85ed57f276b58f09fc385727450 Signed-off-by: Sona Sarmadi Signed-off-by: Tudor Florea

qemu: Upgrade 2.1.0 to 2.4.0 to address some CVEs

2016-04-28T07:02:11+00:00

The upgrade addresses following CVEs: CVE-2015-7295 CVE-2015-7504 CVE-2015-7512 CVE-2015-8345 CVE-2015-8504 CVE-2016-1568 CVE-2016-2197 CVE-2016-2198 Signed-off-by: Sona Sarmadi Signed-off-by: Nora Björklund

bind: CVE-2016-1285 CVE-2016-1286

2016-04-07T23:34:15+00:00

CVE-2016-1285 bind: malformed packet sent to rndc can trigger assertion failure CVE-2016-1286 bind: malformed signature records for DNAME records can trigger assertion failure [YOCTO #9400] External References: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1285 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1286 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286 References to the Upstream commits and Security Advisories: CVE-2016-1285: https://kb.isc.org/article/AA-01352 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=31e4657cf246e41d4c5c890315cb6cf89a0db25a CVE-2016-1286_1: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=76c3c9fe9f3f1353b47214b8f98b3d7f53e10bc7 CVE-2016-1286_2: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=ce3cd91caee698cb144e1350c6c78292c6be6339 Signed-off-by: Sona Sarmadi Signed-off-by: Tudor Florea

bind: CVE-2015-8461

2016-04-07T22:51:52+00:00

Fixes a race condition when handling socket errors can lead to an assertion failure in resolver.c Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8461 Patch is backported from: http://git.yoctoproject.org/cgit/cgit.cgi/poky/patch /?id=12cdd6d2b3a6d351ea09799be38e6ddd4c041c17 Signed-off-by: Sona Sarmadi Signed-off-by: Tudor Florea

libxml2: CVE-2015-8710

2016-04-07T07:13:54+00:00

out-of-bounds memory access when parsing an unclosed HTML comment Link to the libxml2's bugtracker: https://bugzilla.gnome.org/show_bug.cgi?id=746048 Patch is backported from: http://git.yoctoproject.org/cgit/cgit.cgi/poky/ patch/?id=1bbf18385b76eccb2a413d72088d1ba66acaac02 Signed-off-by: Sona Sarmadi Signed-off-by: Nora Björklund

libpcre: Upgrade to libpcre 8.38

2016-03-22T23:21:31+00:00

The upgrade (libpcre_8.35 to libpcre_8.38) addresses following vulnerabilities: CVE-2015-3210 pcre: heap buffer overflow in pcre_compile2() / compile_regex() CVE-2015-3217 pcre: stack overflow in match() CVE-2015-5073 CVE-2015-8388 pcre: Buffer overflow caused by certain patterns with an unmatched closing parenthesis CVE-2015-8380 pcre: Heap-based buffer overflow in pcre_exec CVE-2015-8381 pcre: Heap Overflow in compile_regex() CVE-2015-8383 pcre: Buffer overflow caused by repeated conditional group CVE-2015-8384 pcre: Buffer overflow caused by recursive back reference by name within certain group CVE-2015-8385 pcre: Buffer overflow caused by forward reference by name to certain group CVE-2015-8386 pcre: Buffer overflow caused by lookbehind assertion CVE-2015-8387 pcre: Integer overflow in subroutine calls CVE-2015-8389 pcre: Infinite recursion in JIT compiler when processing certain patterns CVE-2015-8390 pcre: Reading from uninitialized memory when processing certain patterns CVE-2015-8392 pcre: Buffer overflow caused by certain patterns with duplicated named groups CVE-2015-8393 pcre: Information leak when running pcgrep -q on crafted binary CVE-2015-8394 pcre: Integer overflow caused by missing check for certain conditions CVE-2015-8395 pcre: Buffer overflow caused by certain references CVE-2016-1283 pcre: Heap buffer overflow in pcre_compile2 causes DoS References: http://www.pcre.org/original/changelog.txt http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?h=jethro&id=049be17b533d7c592dae8e0f33ddbae54639a776 Signed-off-by: Sona Sarmadi Signed-off-by: Tudor Florea