diff options
| author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2018-10-16 10:47:12 +0800 |
|---|---|---|
| committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2018-11-18 20:46:35 -0500 |
| commit | 6f8dcde58e2226d5a46f41ab53225134d0e60b4e (patch) | |
| tree | dfbdf8de08982b93dfd42921b548cffc73b4a153 /poky/meta/recipes-support/curl/curl/CVE-2018-14618.patch | |
| parent | 10719a5be4799cf3961bdb4754cb389e8e45ede5 (diff) | |
| download | talos-openbmc-6f8dcde58e2226d5a46f41ab53225134d0e60b4e.tar.gz talos-openbmc-6f8dcde58e2226d5a46f41ab53225134d0e60b4e.zip | |
poky: sumo refresh d240b885f2..eebbc00b25
Update poky to sumo HEAD.
Anuj Mittal (1):
perl: skip tests that are not useful
Armin Kuster (4):
tzcode-native: updatet to 2018e
tzdata: update to 2018e
tzcode: update to 2018f
tzdata: update to 2018f
Bruce Ashfield (10):
kernel-yocto/cfg: configuration warning fixes
linux-yocto/4.14/4.18: address kernel configuration warnings
linux-yocto: configuration warning fixes
linux-yocto: tweak RTC configuration
linux-yocto/4.14: fix kernel configuration audit warnings
linux-yocto/4.14: update to v4.14.71
linux-yocto: enable pci and CRYPTO_DEV_VIRTIO
linux-yocto/4.14: fix beaglebone configuration warnings
linux-yocto-rt: fixup 4.14 merge issues
linux-yocto/4.14: update to v4.14.76
Changqing Li (1):
apt: update SRC_URI
Chen Qi (2):
python: backport patch to fix CVE-2018-1000802
python: backport patch to fix CVE-2018-14647
Dan McGregor (2):
os-release: move to nonarch_libdir
base-files: change permissions on /sys and /proc
Derek Straka (1):
python: update to version 2.7.15
Grygorii Tertychnyi (2):
cve-check: Allow multiple entries in CVE_PRODUCT
curl: extend CVE_PRODUCT
Hongxu Jia (2):
valgrind: fix compile ptest failure on mips32
nasm: fix CVE-2018-1000667
Hongzhi.Song (1):
linux-yocto-rt: Add paravirt_kvm support for qemux86-64
Jagadeesh Krishnanjanappa (1):
valgrind: fix ptest compilation for PowerPC64
Peter Kjellerstedt (1):
curl: Include the complete license information
Richard Purdie (2):
yocto-uninative: Upgrade to verson 2.3 which includes glibc 2.28
oeqa/selftest/runtime_test: Ensure we build/use gnupg-native
Ross Burton (2):
python: clean up ptest
python: don't use runtime checks to identify float endianism
Zhixiong Chi (1):
curl: CVE-2018-14618
Change-Id: I4b7aa481ed2a57c3551c4a45d30350f2376444cc
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'poky/meta/recipes-support/curl/curl/CVE-2018-14618.patch')
| -rw-r--r-- | poky/meta/recipes-support/curl/curl/CVE-2018-14618.patch | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/poky/meta/recipes-support/curl/curl/CVE-2018-14618.patch b/poky/meta/recipes-support/curl/curl/CVE-2018-14618.patch new file mode 100644 index 000000000..db07b436d --- /dev/null +++ b/poky/meta/recipes-support/curl/curl/CVE-2018-14618.patch @@ -0,0 +1,37 @@ +From 57d299a499155d4b327e341c6024e293b0418243 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg <daniel@haxx.se> +Date: Mon, 13 Aug 2018 10:35:52 +0200 +Subject: [PATCH] Curl_ntlm_core_mk_nt_hash: return error on too long password + +... since it would cause an integer overflow if longer than (max size_t +/ 2). + +This is CVE-2018-14618 + +Bug: https://curl.haxx.se/docs/CVE-2018-14618.html +Closes #2756 +Reported-by: Zhaoyang Wu + +CVE: CVE-2018-14618 +Upstream-Status: Backport +Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> +--- + lib/curl_ntlm_core.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/lib/curl_ntlm_core.c b/lib/curl_ntlm_core.c +index e27cab353c..922e85a926 100644 +--- a/lib/curl_ntlm_core.c ++++ b/lib/curl_ntlm_core.c +@@ -557,8 +557,11 @@ CURLcode Curl_ntlm_core_mk_nt_hash(struct Curl_easy *data, + unsigned char *ntbuffer /* 21 bytes */) + { + size_t len = strlen(password); +- unsigned char *pw = len ? malloc(len * 2) : strdup(""); ++ unsigned char *pw; + CURLcode result; ++ if(len > SIZE_T_MAX/2) /* avoid integer overflow */ ++ return CURLE_OUT_OF_MEMORY; ++ pw = len ? malloc(len * 2) : strdup(""); + if(!pw) + return CURLE_OUT_OF_MEMORY; |
