* [meta-networking][PATCH] netkit-rsh: security fixes
@ 2019-04-15 6:58 Yi Zhao
0 siblings, 0 replies; only message in thread
From: Yi Zhao @ 2019-04-15 6:58 UTC (permalink / raw)
To: openembedded-devel
Fix CVE-2019-7282, CVE-2019-7283
References:
https://nvd.nist.gov/vuln/detail/CVE-2019-7282
https://nvd.nist.gov/vuln/detail/CVE-2019-7283
Patch from:
https://sources.debian.org/src/netkit-rsh/0.17-20/debian/patches/fix-CVE-2018-20685-and-CVE-2019-6111.patch
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
.../CVE-2019-7282-and-CVE-2019-7283.patch | 33 ++++++++++++++++++++++
.../recipes-netkit/netkit-rsh/netkit-rsh_0.17.bb | 1 +
2 files changed, 34 insertions(+)
create mode 100644 meta-networking/recipes-netkit/netkit-rsh/netkit-rsh/CVE-2019-7282-and-CVE-2019-7283.patch
diff --git a/meta-networking/recipes-netkit/netkit-rsh/netkit-rsh/CVE-2019-7282-and-CVE-2019-7283.patch b/meta-networking/recipes-netkit/netkit-rsh/netkit-rsh/CVE-2019-7282-and-CVE-2019-7283.patch
new file mode 100644
index 0000000..4381f5b
--- /dev/null
+++ b/meta-networking/recipes-netkit/netkit-rsh/netkit-rsh/CVE-2019-7282-and-CVE-2019-7283.patch
@@ -0,0 +1,33 @@
+From a7831a16c3e0e1463d5eb08a58af152cb75ca976 Mon Sep 17 00:00:00 2001
+From: Yi Zhao <yi.zhao@windriver.com>
+Date: Mon, 15 Apr 2019 06:05:58 +0000
+Subject: [PATCH] Fix CVE-2019-7282 and CVE-2019-7283
+
+Description: Fix CVE-2018-20685 and CVE-2019-6111
+Bug-Debian: https://bugs.debian.org/920486
+Origin: https://github.com/openssh/openssh-portable/commit/6010c0303a422a9c5fa8860c061bf7105eb7f8b2#diff-9f340c228413d5a9a9206ea2ed2bc624R1114
+
+Upstream-Status: Backport [Debian]
+[https://sources.debian.org/src/netkit-rsh/0.17-20/debian/patches/fix-CVE-2018-20685-and-CVE-2019-6111.patch]
+
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+---
+ rcp/rcp.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/rcp/rcp.c b/rcp/rcp.c
+index ca61c18..77d8ff8 100644
+--- a/rcp/rcp.c
++++ b/rcp/rcp.c
+@@ -740,6 +740,11 @@ sink(int argc, char *argv[])
+ size = size * 10 + (*cp++ - '0');
+ if (*cp++ != ' ')
+ SCREWUP("size not delimited");
++ if (*cp == '\0' || strchr(cp, '/') != NULL ||
++ strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) {
++ error("error: unexpected filename: %s", cp);
++ exit(1);
++ }
+ if (targisdir) {
+ static char *namebuf;
+ static int cursize;
diff --git a/meta-networking/recipes-netkit/netkit-rsh/netkit-rsh_0.17.bb b/meta-networking/recipes-netkit/netkit-rsh/netkit-rsh_0.17.bb
index d034cd8..6f203c5 100644
--- a/meta-networking/recipes-netkit/netkit-rsh/netkit-rsh_0.17.bb
+++ b/meta-networking/recipes-netkit/netkit-rsh/netkit-rsh_0.17.bb
@@ -16,6 +16,7 @@ SRC_URI = "${DEBIAN_MIRROR}/main/n/netkit-rsh/netkit-rsh_${PV}.orig.tar.gz;name=
file://netkit-rsh-0.17-rexec-ipv6.patch \
file://fix-host-variable.patch \
file://fixup_wait3_api_change.patch \
+ file://CVE-2019-7282-and-CVE-2019-7283.patch \
"
SRC_URI[archive.md5sum] = "65f5f28e2fe22d9ad8b17bb9a10df096"
--
2.7.4
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2019-04-15 6:59 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-04-15 6:58 [meta-networking][PATCH] netkit-rsh: security fixes Yi Zhao
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.