* [PATCH][meta-oe] libcroco: update to 0.6.13
@ 2019-04-22 22:54 Oleksandr Kravchuk
0 siblings, 0 replies; only message in thread
From: Oleksandr Kravchuk @ 2019-04-22 22:54 UTC (permalink / raw)
To: openembedded-core; +Cc: Oleksandr Kravchuk
Removed patches were upstreamed.
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
---
.../libcroco/libcroco/CVE-2017-7960.patch | 56 -------------------
.../libcroco/libcroco/CVE-2017-7961.patch | 45 ---------------
...{libcroco_0.6.12.bb => libcroco_0.6.13.bb} | 8 +--
3 files changed, 2 insertions(+), 107 deletions(-)
delete mode 100644 meta/recipes-support/libcroco/libcroco/CVE-2017-7960.patch
delete mode 100644 meta/recipes-support/libcroco/libcroco/CVE-2017-7961.patch
rename meta/recipes-support/libcroco/{libcroco_0.6.12.bb => libcroco_0.6.13.bb} (72%)
diff --git a/meta/recipes-support/libcroco/libcroco/CVE-2017-7960.patch b/meta/recipes-support/libcroco/libcroco/CVE-2017-7960.patch
deleted file mode 100644
index f6f43c3d26..0000000000
--- a/meta/recipes-support/libcroco/libcroco/CVE-2017-7960.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-input: check end of input before reading a byte
-
-When reading bytes we weren't check that the index wasn't
-out of bound and this could produce an invalid read which
-could deal to a security bug.
-
-Upstream-Status: Backport[https://gitlab.gnome.org/GNOME/libcroco/
- commit/898e3a8c8c0314d2e6b106809a8e3e93cf9d4394]
-
-CVE: CVE-2017-7960
-
-Signed-off-by: Changqing Li <changqing.li@windriver.com>
-
-diff --git a/src/cr-input.c b/src/cr-input.c
-index 49000b1f5f07fe057135f1b8fc69bdcf9613e300..3b63a88ee3b1c56778e58172d147d958951bf099 100644
---- a/src/cr-input.c
-+++ b/src/cr-input.c
-@@ -256,7 +256,7 @@ cr_input_new_from_uri (const gchar * a_file_uri, enum CREncoding a_enc)
- *we should free buf here because it's own by CRInput.
- *(see the last parameter of cr_input_new_from_buf().
- */
-- buf = NULL ;
-+ buf = NULL;
- }
-
- cleanup:
-@@ -404,6 +404,8 @@ cr_input_get_nb_bytes_left (CRInput const * a_this)
- enum CRStatus
- cr_input_read_byte (CRInput * a_this, guchar * a_byte)
- {
-+ gulong nb_bytes_left = 0;
-+
- g_return_val_if_fail (a_this && PRIVATE (a_this)
- && a_byte, CR_BAD_PARAM_ERROR);
-
-@@ -413,6 +415,12 @@ cr_input_read_byte (CRInput * a_this, guchar * a_byte)
- if (PRIVATE (a_this)->end_of_input == TRUE)
- return CR_END_OF_INPUT_ERROR;
-
-+ nb_bytes_left = cr_input_get_nb_bytes_left (a_this);
-+
-+ if (nb_bytes_left < 1) {
-+ return CR_END_OF_INPUT_ERROR;
-+ }
-+
- *a_byte = PRIVATE (a_this)->in_buf[PRIVATE (a_this)->next_byte_index];
-
- if (PRIVATE (a_this)->nb_bytes -
-@@ -477,7 +485,6 @@ cr_input_read_char (CRInput * a_this, guint32 * a_char)
- if (*a_char == '\n') {
- PRIVATE (a_this)->end_of_line = TRUE;
- }
--
- }
-
- return status;
diff --git a/meta/recipes-support/libcroco/libcroco/CVE-2017-7961.patch b/meta/recipes-support/libcroco/libcroco/CVE-2017-7961.patch
deleted file mode 100644
index 35471ec7ee..0000000000
--- a/meta/recipes-support/libcroco/libcroco/CVE-2017-7961.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-CVE: CVE-2017-7961
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-
-From 9ad72875e9f08e4c519ef63d44cdbd94aa9504f7 Mon Sep 17 00:00:00 2001
-From: Ignacio Casal Quinteiro <qignacio@amazon.com>
-Date: Sun, 16 Apr 2017 13:56:09 +0200
-Subject: [PATCH] tknzr: support only max long rgb values
-
-This fixes a possible out of bound when reading rgbs which
-are longer than the support MAXLONG
----
- src/cr-tknzr.c | 10 ++++++++++
- 1 file changed, 10 insertions(+)
-
-diff --git a/src/cr-tknzr.c b/src/cr-tknzr.c
-index 1a7cfeb..1548c35 100644
---- a/src/cr-tknzr.c
-+++ b/src/cr-tknzr.c
-@@ -1279,6 +1279,11 @@ cr_tknzr_parse_rgb (CRTknzr * a_this, CRRgb ** a_rgb)
- status = cr_tknzr_parse_num (a_this, &num);
- ENSURE_PARSING_COND ((status == CR_OK) && (num != NULL));
-
-+ if (num->val > G_MAXLONG) {
-+ status = CR_PARSING_ERROR;
-+ goto error;
-+ }
-+
- red = num->val;
- cr_num_destroy (num);
- num = NULL;
-@@ -1298,6 +1303,11 @@ cr_tknzr_parse_rgb (CRTknzr * a_this, CRRgb ** a_rgb)
- status = cr_tknzr_parse_num (a_this, &num);
- ENSURE_PARSING_COND ((status == CR_OK) && (num != NULL));
-
-+ if (num->val > G_MAXLONG) {
-+ status = CR_PARSING_ERROR;
-+ goto error;
-+ }
-+
- PEEK_BYTE (a_this, 1, &next_bytes[0]);
- if (next_bytes[0] == '%') {
- SKIP_CHARS (a_this, 1);
---
-2.18.1
diff --git a/meta/recipes-support/libcroco/libcroco_0.6.12.bb b/meta/recipes-support/libcroco/libcroco_0.6.13.bb
similarity index 72%
rename from meta/recipes-support/libcroco/libcroco_0.6.12.bb
rename to meta/recipes-support/libcroco/libcroco_0.6.13.bb
index f95a583134..9171a9de5c 100644
--- a/meta/recipes-support/libcroco/libcroco_0.6.12.bb
+++ b/meta/recipes-support/libcroco/libcroco_0.6.13.bb
@@ -16,9 +16,5 @@ BINCONFIG = "${bindir}/croco-0.6-config"
inherit gnomebase gtk-doc binconfig-disabled
-SRC_URI += "file://CVE-2017-7960.patch \
- file://CVE-2017-7961.patch \
- "
-
-SRC_URI[archive.md5sum] = "bc0984fce078ba2ce29f9500c6b9ddce"
-SRC_URI[archive.sha256sum] = "ddc4b5546c9fb4280a5017e2707fbd4839034ed1aba5b7d4372212f34f84f860"
+SRC_URI[archive.md5sum] = "c80c5a8385011a0260dce6bd0da93dce"
+SRC_URI[archive.sha256sum] = "767ec234ae7aa684695b3a735548224888132e063f92db585759b422570621d4"
--
2.17.1
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2019-04-22 22:54 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-04-22 22:54 [PATCH][meta-oe] libcroco: update to 0.6.13 Oleksandr Kravchuk
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.