2 files changed, 1 insertions, 56 deletions
diff --git a/meta/recipes-connectivity/inetutils/inetutils/CVE-2022-39028.patch b/meta/recipes-connectivity/inetutils/inetutils/CVE-2022-39028.patch
deleted file mode 100644
index 3b07515c7b..0000000000
--- a/meta/recipes-connectivity/inetutils/inetutils/CVE-2022-39028.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From d52349fa1b6baac77ffa2c74769636aa2ece2ec5 Mon Sep 17 00:00:00 2001
-From: Erik Auerswald <auerswal@unix-ag.uni-kl.de>
-Date: Sat, 3 Sep 2022 16:58:16 +0200
-Subject: [PATCH] telnetd: Handle early IAC EC or IAC EL receipt
-Fix telnetd crash if the first two bytes of a new connection
-are 0xff 0xf7 (IAC EC) or 0xff 0xf8 (IAC EL).
-The problem was reported in:
-<https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html>.
-* NEWS: Mention fix.
-* telnetd/state.c (telrcv): Handle zero slctab[SLC_EC].sptr and
-zero slctab[SLC_EL].sptr.
-CVE: CVE-2022-39028
-Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=fae8263e467380483c28513c0e5fac143e46f94f]
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
- telnetd/state.c | 12 +++++++++---
- 1 file changed, 9 insertions(+), 3 deletions(-)
-diff --git a/telnetd/state.c b/telnetd/state.c
-index ffc6cba..c2d760f 100644
--- a/telnetd/state.c
-+++ b/telnetd/state.c
-@@ -312,15 +312,21 @@ telrcv (void)
-            case EC:
-            case EL:
-              {
-               cc_t ch;
-+               cc_t ch = (cc_t) (_POSIX_VDISABLE);
- 
-                DEBUG (debug_options, 1, printoption ("td: recv IAC", c));
-                ptyflush ();    /* half-hearted */
-                init_termbuf ();
-                if (c == EC)
-                 ch = *slctab[SLC_EC].sptr;
-+                 {
-+                   if (slctab[SLC_EC].sptr)
-+                     ch = *slctab[SLC_EC].sptr;
-+                 }
-                else
-                 ch = *slctab[SLC_EL].sptr;
-+                 {
-+                   if (slctab[SLC_EL].sptr)
-+                     ch = *slctab[SLC_EL].sptr;
-+                 }
-                if (ch != (cc_t) (_POSIX_VDISABLE))
-                  pty_output_byte ((unsigned char) ch);
-                break;
-- 
-2.37.3
diff --git a/meta/recipes-connectivity/inetutils/inetutils_2.3.bb b/meta/recipes-connectivity/inetutils/inetutils_2.4.bb
index 2fce84374d..6519331141 100644
--- a/meta/recipes-connectivity/inetutils/inetutils_2.3.bb
+++ b/meta/recipes-connectivity/inetutils/inetutils_2.4.bb
@@ -10,7 +10,7 @@ LICENSE = "GPL-3.0-only"
 LIC_FILES_CHKSUM = "file://COPYING;md5=0c7051aef9219dc7237f206c5c4179a7"
-SRC_URI[sha256sum] = "0b01bb08e29623c4e3b940f233c961451d9af8c5066301add76a52a95d51772c"
+SRC_URI[sha256sum] = "1789d6b1b1a57dfe2a7ab7b533ee9f5dfd9cbf5b59bb1bb3c2612ed08d0f68b2"
 SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \
           file://inetutils-1.8-0001-printf-parse-pull-in-features.h-for-__GLIBC__.patch \
           file://inetutils-1.8-0003-wchar.patch \
@@ -21,7 +21,6 @@ SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \
           file://tftpd.xinetd.inetutils \
           file://inetutils-1.9-PATH_PROCNET_DEV.patch \
           file://inetutils-only-check-pam_appl.h-when-pam-enabled.patch \
-           file://CVE-2022-39028.patch \
 "
 inherit autotools gettext update-alternatives texinfo

diff --git a/meta/recipes-connectivity/inetutils/inetutils/CVE-2022-39028.patch b/meta/recipes-connectivity/inetutils/inetutils/CVE-2022-39028.patch deleted file mode 100644 index 3b07515c7b..0000000000 --- a/meta/recipes-connectivity/inetutils/inetutils/CVE-2022-39028.patch +++ /dev/null
@@ -1,54 +0,0 @@
1	From d52349fa1b6baac77ffa2c74769636aa2ece2ec5 Mon Sep 17 00:00:00 2001
2	From: Erik Auerswald <auerswal@unix-ag.uni-kl.de>
3	Date: Sat, 3 Sep 2022 16:58:16 +0200
4	Subject: [PATCH] telnetd: Handle early IAC EC or IAC EL receipt
5
6	Fix telnetd crash if the first two bytes of a new connection
7	are 0xff 0xf7 (IAC EC) or 0xff 0xf8 (IAC EL).
8
9	The problem was reported in:
10	<https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html>.
11
12	* NEWS: Mention fix.
13	* telnetd/state.c (telrcv): Handle zero slctab[SLC_EC].sptr and
14	zero slctab[SLC_EL].sptr.
15
16	CVE: CVE-2022-39028
17	Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=fae8263e467380483c28513c0e5fac143e46f94f]
18	Signed-off-by: Khem Raj <raj.khem@gmail.com>
19	---
20	telnetd/state.c \| 12 +++++++++---
21	1 file changed, 9 insertions(+), 3 deletions(-)
22
23	diff --git a/telnetd/state.c b/telnetd/state.c
24	index ffc6cba..c2d760f 100644
25	--- a/telnetd/state.c
26	+++ b/telnetd/state.c
27	@@ -312,15 +312,21 @@ telrcv (void)
28	case EC:
29	case EL:
30	{
31	- cc_t ch;
32	+ cc_t ch = (cc_t) (_POSIX_VDISABLE);
33
34	DEBUG (debug_options, 1, printoption ("td: recv IAC", c));
35	ptyflush (); /* half-hearted */
36	init_termbuf ();
37	if (c == EC)
38	- ch = *slctab[SLC_EC].sptr;
39	+ {
40	+ if (slctab[SLC_EC].sptr)
41	+ ch = *slctab[SLC_EC].sptr;
42	+ }
43	else
44	- ch = *slctab[SLC_EL].sptr;
45	+ {
46	+ if (slctab[SLC_EL].sptr)
47	+ ch = *slctab[SLC_EL].sptr;
48	+ }
49	if (ch != (cc_t) (_POSIX_VDISABLE))
50	pty_output_byte ((unsigned char) ch);
51	break;
52	--
53	2.37.3
54


diff --git a/meta/recipes-connectivity/inetutils/inetutils_2.3.bb b/meta/recipes-connectivity/inetutils/inetutils_2.4.bb index 2fce84374d..6519331141 100644 --- a/meta/recipes-connectivity/inetutils/inetutils_2.3.bb +++ b/meta/recipes-connectivity/inetutils/inetutils_2.4.bb
@@ -10,7 +10,7 @@ LICENSE = "GPL-3.0-only"
10		10
11	LIC_FILES_CHKSUM = "file://COPYING;md5=0c7051aef9219dc7237f206c5c4179a7"	11	LIC_FILES_CHKSUM = "file://COPYING;md5=0c7051aef9219dc7237f206c5c4179a7"
12		12
13	SRC_URI[sha256sum] = "0b01bb08e29623c4e3b940f233c961451d9af8c5066301add76a52a95d51772c"	13	SRC_URI[sha256sum] = "1789d6b1b1a57dfe2a7ab7b533ee9f5dfd9cbf5b59bb1bb3c2612ed08d0f68b2"
14	SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \	14	SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \
15	file://inetutils-1.8-0001-printf-parse-pull-in-features.h-for-__GLIBC__.patch \	15	file://inetutils-1.8-0001-printf-parse-pull-in-features.h-for-__GLIBC__.patch \
16	file://inetutils-1.8-0003-wchar.patch \	16	file://inetutils-1.8-0003-wchar.patch \
@@ -21,7 +21,6 @@ SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \
21	file://tftpd.xinetd.inetutils \	21	file://tftpd.xinetd.inetutils \
22	file://inetutils-1.9-PATH_PROCNET_DEV.patch \	22	file://inetutils-1.9-PATH_PROCNET_DEV.patch \
23	file://inetutils-only-check-pam_appl.h-when-pam-enabled.patch \	23	file://inetutils-only-check-pam_appl.h-when-pam-enabled.patch \
24	file://CVE-2022-39028.patch \
25	"	24	"
26		25
27	inherit autotools gettext update-alternatives texinfo	26	inherit autotools gettext update-alternatives texinfo