* [ptxdist] [PATCH] file: upgrade to 5.19 @ 2014-09-05 5:27 Alexander Dahl 2014-09-12 8:02 ` [ptxdist] [PATCH v2 1/2] " Alexander Dahl 0 siblings, 1 reply; 4+ messages in thread From: Alexander Dahl @ 2014-09-05 5:27 UTC (permalink / raw) To: ptxdist Numerous fixes including mem leaks, regressions, CVEs, coredumps, endianess problems, and some other fixes and improvements. See upstream changelog for details. Signed-off-by: Alexander Dahl <post@lespocky.de> --- rules/file.make | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rules/file.make b/rules/file.make index c5e9771..5435a8f 100644 --- a/rules/file.make +++ b/rules/file.make @@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_FILE) += file # # Paths and names # -FILE_VERSION := 5.18 -FILE_MD5 := d420d8f2990cd344673acfbf8d76ff5a +FILE_VERSION := 5.19 +FILE_MD5 := e3526f59023f3f7d1ffa4d541335edab FILE := file-$(FILE_VERSION) FILE_SUFFIX := tar.gz FILE_URL := ftp://ftp.astron.com/pub/file/$(FILE).$(FILE_SUFFIX) -- 1.7.10.4 -- ptxdist mailing list ptxdist@pengutronix.de ^ permalink raw reply [flat|nested] 4+ messages in thread
* [ptxdist] [PATCH v2 1/2] file: upgrade to 5.19 2014-09-05 5:27 [ptxdist] [PATCH] file: upgrade to 5.19 Alexander Dahl @ 2014-09-12 8:02 ` Alexander Dahl 2014-09-12 8:02 ` [ptxdist] [PATCH v2 2/2] file: add patch with upstream commit 0641e56 to fix CVE-2014-3587 Alexander Dahl 0 siblings, 1 reply; 4+ messages in thread From: Alexander Dahl @ 2014-09-12 8:02 UTC (permalink / raw) To: ptxdist Numerous fixes including mem leaks, regressions, CVEs, coredumps, endianess problems, and some other fixes and improvements. See upstream changelog for details. Signed-off-by: Alexander Dahl <post@lespocky.de> --- rules/file.make | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rules/file.make b/rules/file.make index c5e9771..5435a8f 100644 --- a/rules/file.make +++ b/rules/file.make @@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_FILE) += file # # Paths and names # -FILE_VERSION := 5.18 -FILE_MD5 := d420d8f2990cd344673acfbf8d76ff5a +FILE_VERSION := 5.19 +FILE_MD5 := e3526f59023f3f7d1ffa4d541335edab FILE := file-$(FILE_VERSION) FILE_SUFFIX := tar.gz FILE_URL := ftp://ftp.astron.com/pub/file/$(FILE).$(FILE_SUFFIX) -- 1.7.10.4 -- ptxdist mailing list ptxdist@pengutronix.de ^ permalink raw reply [flat|nested] 4+ messages in thread
* [ptxdist] [PATCH v2 2/2] file: add patch with upstream commit 0641e56 to fix CVE-2014-3587 2014-09-12 8:02 ` [ptxdist] [PATCH v2 1/2] " Alexander Dahl @ 2014-09-12 8:02 ` Alexander Dahl 2014-09-16 9:24 ` Michael Olbrich 0 siblings, 1 reply; 4+ messages in thread From: Alexander Dahl @ 2014-09-12 8:02 UTC (permalink / raw) To: ptxdist Signed-off-by: Alexander Dahl <post@lespocky.de> --- ...p-around-Remi-Collet-at-redhat-cherry-pic.patch | 26 ++++++++++++++++++++ patches/file-5.19/series | 5 ++++ 2 files changed, 31 insertions(+) create mode 100644 patches/file-5.19/0001-Prevent-wrap-around-Remi-Collet-at-redhat-cherry-pic.patch create mode 100644 patches/file-5.19/series diff --git a/patches/file-5.19/0001-Prevent-wrap-around-Remi-Collet-at-redhat-cherry-pic.patch b/patches/file-5.19/0001-Prevent-wrap-around-Remi-Collet-at-redhat-cherry-pic.patch new file mode 100644 index 0000000..bcb141f --- /dev/null +++ b/patches/file-5.19/0001-Prevent-wrap-around-Remi-Collet-at-redhat-cherry-pic.patch @@ -0,0 +1,26 @@ +From: Christos Zoulas <christos@zoulas.com> +Date: Thu, 7 Aug 2014 09:38:35 +0000 +Subject: [PATCH] Prevent wrap around (Remi Collet at redhat) (cherry picked + from commit 0641e56be1af003aa02c7c6b0184466540637233) + +Conflicts: + src/cdf.c +--- + src/cdf.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/cdf.c b/src/cdf.c +index 106fc7a..bc94cb9 100644 +--- a/src/cdf.c ++++ b/src/cdf.c +@@ -824,6 +824,10 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h, + q = (const uint8_t *)(const void *) + ((const char *)(const void *)p + ofs + - 2 * sizeof(uint32_t)); ++ if (q < p) { ++ DPRINTF(("Wrapped around %p < %p\n", q, p)); ++ goto out; ++ } + if (q > e) { + DPRINTF(("Ran of the end %p > %p\n", q, e)); + goto out; diff --git a/patches/file-5.19/series b/patches/file-5.19/series new file mode 100644 index 0000000..eacd4da --- /dev/null +++ b/patches/file-5.19/series @@ -0,0 +1,5 @@ +# generated by git-ptx-patches +#tag:base --start-number 1 +#tag:upstream --start-number 1 +0001-Prevent-wrap-around-Remi-Collet-at-redhat-cherry-pic.patch +# 5d28e91bad86a7562482bbcb752de1f1 - git-ptx-patches magic -- 1.7.10.4 -- ptxdist mailing list ptxdist@pengutronix.de ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [ptxdist] [PATCH v2 2/2] file: add patch with upstream commit 0641e56 to fix CVE-2014-3587 2014-09-12 8:02 ` [ptxdist] [PATCH v2 2/2] file: add patch with upstream commit 0641e56 to fix CVE-2014-3587 Alexander Dahl @ 2014-09-16 9:24 ` Michael Olbrich 0 siblings, 0 replies; 4+ messages in thread From: Michael Olbrich @ 2014-09-16 9:24 UTC (permalink / raw) To: ptxdist On Fri, Sep 12, 2014 at 10:02:52AM +0200, Alexander Dahl wrote: > > Signed-off-by: Alexander Dahl <post@lespocky.de> Thanks, both applied. Michael > --- > ...p-around-Remi-Collet-at-redhat-cherry-pic.patch | 26 ++++++++++++++++++++ > patches/file-5.19/series | 5 ++++ > 2 files changed, 31 insertions(+) > create mode 100644 patches/file-5.19/0001-Prevent-wrap-around-Remi-Collet-at-redhat-cherry-pic.patch > create mode 100644 patches/file-5.19/series > > diff --git a/patches/file-5.19/0001-Prevent-wrap-around-Remi-Collet-at-redhat-cherry-pic.patch b/patches/file-5.19/0001-Prevent-wrap-around-Remi-Collet-at-redhat-cherry-pic.patch > new file mode 100644 > index 0000000..bcb141f > --- /dev/null > +++ b/patches/file-5.19/0001-Prevent-wrap-around-Remi-Collet-at-redhat-cherry-pic.patch > @@ -0,0 +1,26 @@ > +From: Christos Zoulas <christos@zoulas.com> > +Date: Thu, 7 Aug 2014 09:38:35 +0000 > +Subject: [PATCH] Prevent wrap around (Remi Collet at redhat) (cherry picked > + from commit 0641e56be1af003aa02c7c6b0184466540637233) > + > +Conflicts: > + src/cdf.c > +--- > + src/cdf.c | 4 ++++ > + 1 file changed, 4 insertions(+) > + > +diff --git a/src/cdf.c b/src/cdf.c > +index 106fc7a..bc94cb9 100644 > +--- a/src/cdf.c > ++++ b/src/cdf.c > +@@ -824,6 +824,10 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h, > + q = (const uint8_t *)(const void *) > + ((const char *)(const void *)p + ofs > + - 2 * sizeof(uint32_t)); > ++ if (q < p) { > ++ DPRINTF(("Wrapped around %p < %p\n", q, p)); > ++ goto out; > ++ } > + if (q > e) { > + DPRINTF(("Ran of the end %p > %p\n", q, e)); > + goto out; > diff --git a/patches/file-5.19/series b/patches/file-5.19/series > new file mode 100644 > index 0000000..eacd4da > --- /dev/null > +++ b/patches/file-5.19/series > @@ -0,0 +1,5 @@ > +# generated by git-ptx-patches > +#tag:base --start-number 1 > +#tag:upstream --start-number 1 > +0001-Prevent-wrap-around-Remi-Collet-at-redhat-cherry-pic.patch > +# 5d28e91bad86a7562482bbcb752de1f1 - git-ptx-patches magic > -- > 1.7.10.4 > > > -- > ptxdist mailing list > ptxdist@pengutronix.de > -- Pengutronix e.K. | | Industrial Linux Solutions | http://www.pengutronix.de/ | Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 | -- ptxdist mailing list ptxdist@pengutronix.de ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2014-09-16 9:24 UTC | newest] Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2014-09-05 5:27 [ptxdist] [PATCH] file: upgrade to 5.19 Alexander Dahl 2014-09-12 8:02 ` [ptxdist] [PATCH v2 1/2] " Alexander Dahl 2014-09-12 8:02 ` [ptxdist] [PATCH v2 2/2] file: add patch with upstream commit 0641e56 to fix CVE-2014-3587 Alexander Dahl 2014-09-16 9:24 ` Michael Olbrich
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox