* [langdale][patch 1/3] git: ignore CVE-2023-22743
@ 2023-03-18 11:58 chee.yang.lee
2023-03-18 11:58 ` [langdale][patch 2/3] tiff: Fix CVE-2023-0795 CVE-2023-0796 CVE-2023-0797 CVE-2023-0798 CVE-2023-0799 chee.yang.lee
2023-03-18 11:58 ` [langdale][patch 3/3] go: upgrade to 1.19.7 chee.yang.lee
0 siblings, 2 replies; 3+ messages in thread
From: chee.yang.lee @ 2023-03-18 11:58 UTC (permalink / raw)
To: openembedded-core
From: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
---
meta/recipes-devtools/git/git_2.37.6.bb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/recipes-devtools/git/git_2.37.6.bb b/meta/recipes-devtools/git/git_2.37.6.bb
index e6165ca37b..302db215e2 100644
--- a/meta/recipes-devtools/git/git_2.37.6.bb
+++ b/meta/recipes-devtools/git/git_2.37.6.bb
@@ -33,6 +33,8 @@ CVE_PRODUCT = "git-scm:git"
CVE_CHECK_IGNORE += "CVE-2022-24975"
# This is specific to Git-for-Windows
CVE_CHECK_IGNORE += "CVE-2022-41953"
+# specific to Git for Windows
+CVE_CHECK_IGNORE += "CVE-2023-22743"
PACKAGECONFIG ??= "expat curl"
PACKAGECONFIG[cvsserver] = ""
--
2.37.3
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [langdale][patch 2/3] tiff: Fix CVE-2023-0795 CVE-2023-0796 CVE-2023-0797 CVE-2023-0798 CVE-2023-0799
2023-03-18 11:58 [langdale][patch 1/3] git: ignore CVE-2023-22743 chee.yang.lee
@ 2023-03-18 11:58 ` chee.yang.lee
2023-03-18 11:58 ` [langdale][patch 3/3] go: upgrade to 1.19.7 chee.yang.lee
1 sibling, 0 replies; 3+ messages in thread
From: chee.yang.lee @ 2023-03-18 11:58 UTC (permalink / raw)
To: openembedded-core
From: Chee Yang Lee <chee.yang.lee@intel.com>
import patch from ubuntu to fix multiple CVEs
http://archive.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_4.4.0-4ubuntu3.3.debian.tar.xz
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
---
.../CVE-2023-0795_0796_0797_0798_0799.patch | 154 ++++++++++++++++++
meta/recipes-multimedia/libtiff/tiff_4.4.0.bb | 1 +
2 files changed, 155 insertions(+)
create mode 100644 meta/recipes-multimedia/libtiff/files/CVE-2023-0795_0796_0797_0798_0799.patch
diff --git a/meta/recipes-multimedia/libtiff/files/CVE-2023-0795_0796_0797_0798_0799.patch b/meta/recipes-multimedia/libtiff/files/CVE-2023-0795_0796_0797_0798_0799.patch
new file mode 100644
index 0000000000..926df680b3
--- /dev/null
+++ b/meta/recipes-multimedia/libtiff/files/CVE-2023-0795_0796_0797_0798_0799.patch
@@ -0,0 +1,154 @@
+From: Markus Koschany <apo@debian.org>
+Date: Tue, 21 Feb 2023 14:26:43 +0100
+Subject: CVE-2023-0795
+
+This is also the fix for CVE-2023-0796, CVE-2023-0797, CVE-2023-0798,
+CVE-2023-0799.
+
+Bug-Debian: https://bugs.debian.org/1031632
+Origin: https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68
+
+CVE: CVE-2023-0795 CVE-2023-0796 CVE-2023-0797 CVE-2023-0798 CVE-2023-0799
+Upstream-Status: Backport [import from ubuntu debian/patches/CVE-2023-0795.patch http://archive.ubuntu.com/ubuntu/pool/main/t/tiff/tiff_4.4.0-4ubuntu3.3.debian.tar.xz ]
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+---
+ tools/tiffcrop.c | 51 ++++++++++++++++++++++++++++++---------------------
+ 1 file changed, 30 insertions(+), 21 deletions(-)
+
+--- tiff-4.4.0.orig/tools/tiffcrop.c
++++ tiff-4.4.0/tools/tiffcrop.c
+@@ -269,7 +269,6 @@ struct region {
+ uint32_t width; /* width in pixels */
+ uint32_t length; /* length in pixels */
+ uint32_t buffsize; /* size of buffer needed to hold the cropped region */
+- unsigned char *buffptr; /* address of start of the region */
+ };
+
+ /* Cropping parameters from command line and image data
+@@ -524,7 +523,7 @@ static int rotateContigSamples24bits(uin
+ static int rotateContigSamples32bits(uint16_t, uint16_t, uint16_t, uint32_t,
+ uint32_t, uint32_t, uint8_t *, uint8_t *);
+ static int rotateImage(uint16_t, struct image_data *, uint32_t *, uint32_t *,
+- unsigned char **);
++ unsigned char **, int);
+ static int mirrorImage(uint16_t, uint16_t, uint16_t, uint32_t, uint32_t,
+ unsigned char *);
+ static int invertImage(uint16_t, uint16_t, uint16_t, uint32_t, uint32_t,
+@@ -5219,7 +5218,6 @@ initCropMasks (struct crop_mask *cps)
+ cps->regionlist[i].width = 0;
+ cps->regionlist[i].length = 0;
+ cps->regionlist[i].buffsize = 0;
+- cps->regionlist[i].buffptr = NULL;
+ cps->zonelist[i].position = 0;
+ cps->zonelist[i].total = 0;
+ }
+@@ -6551,8 +6549,13 @@ static int correct_orientation(struct i
+ (uint16_t) (image->adjustments & ROTATE_ANY));
+ return (-1);
+ }
+-
+- if (rotateImage(rotation, image, &image->width, &image->length, work_buff_ptr))
++
++ /* Dummy variable in order not to switch two times the
++ * image->width,->length within rotateImage(),
++ * but switch xres, yres there. */
++ uint32_t width = image->width;
++ uint32_t length = image->length;
++ if (rotateImage(rotation, image, &width, &length, work_buff_ptr, TRUE))
+ {
+ TIFFError ("correct_orientation", "Unable to rotate image");
+ return (-1);
+@@ -6661,7 +6664,6 @@ extractCompositeRegions(struct image_dat
+ /* These should not be needed for composite images */
+ crop->regionlist[i].width = crop_width;
+ crop->regionlist[i].length = crop_length;
+- crop->regionlist[i].buffptr = crop_buff;
+
+ src_rowsize = ((img_width * bps * spp) + 7) / 8;
+ dst_rowsize = (((crop_width * bps * count) + 7) / 8);
+@@ -6900,7 +6902,6 @@ extractSeparateRegion(struct image_data
+
+ crop->regionlist[region].width = crop_width;
+ crop->regionlist[region].length = crop_length;
+- crop->regionlist[region].buffptr = crop_buff;
+
+ src = read_buff;
+ dst = crop_buff;
+@@ -7778,7 +7779,7 @@ processCropSelections(struct image_data
+ if (crop->crop_mode & CROP_ROTATE) /* rotate should be last as it can reallocate the buffer */
+ {
+ if (rotateImage(crop->rotation, image, &crop->combined_width,
+- &crop->combined_length, &crop_buff))
++ &crop->combined_length, &crop_buff, FALSE))
+ {
+ TIFFError("processCropSelections",
+ "Failed to rotate composite regions by %"PRIu32" degrees", crop->rotation);
+@@ -7888,7 +7889,7 @@ processCropSelections(struct image_data
+ * ToDo: Therefore rotateImage() and its usage has to be reworked (e.g. like mirrorImage()) !!
+ */
+ if (rotateImage(crop->rotation, image, &crop->regionlist[i].width,
+- &crop->regionlist[i].length, &crop_buff))
++ &crop->regionlist[i].length, &crop_buff, FALSE))
+ {
+ TIFFError("processCropSelections",
+ "Failed to rotate crop region by %"PRIu16" degrees", crop->rotation);
+@@ -8020,7 +8021,7 @@ createCroppedImage(struct image_data *im
+ if (crop->crop_mode & CROP_ROTATE) /* rotate should be last as it can reallocate the buffer */
+ {
+ if (rotateImage(crop->rotation, image, &crop->combined_width,
+- &crop->combined_length, crop_buff_ptr))
++ &crop->combined_length, crop_buff_ptr, TRUE))
+ {
+ TIFFError("createCroppedImage",
+ "Failed to rotate image or cropped selection by %"PRIu16" degrees", crop->rotation);
+@@ -8683,7 +8684,7 @@ rotateContigSamples32bits(uint16_t rotat
+ /* Rotate an image by a multiple of 90 degrees clockwise */
+ static int
+ rotateImage(uint16_t rotation, struct image_data *image, uint32_t *img_width,
+- uint32_t *img_length, unsigned char **ibuff_ptr)
++ uint32_t *img_length, unsigned char **ibuff_ptr, int rot_image_params)
+ {
+ int shift_width;
+ uint32_t bytes_per_pixel, bytes_per_sample;
+@@ -8874,11 +8875,15 @@ rotateImage(uint16_t rotation, struct im
+
+ *img_width = length;
+ *img_length = width;
+- image->width = length;
+- image->length = width;
+- res_temp = image->xres;
+- image->xres = image->yres;
+- image->yres = res_temp;
++ /* Only toggle image parameters if whole input image is rotated. */
++ if (rot_image_params)
++ {
++ image->width = length;
++ image->length = width;
++ res_temp = image->xres;
++ image->xres = image->yres;
++ image->yres = res_temp;
++ }
+ break;
+
+ case 270: if ((bps % 8) == 0) /* byte aligned data */
+@@ -8951,11 +8956,15 @@ rotateImage(uint16_t rotation, struct im
+
+ *img_width = length;
+ *img_length = width;
+- image->width = length;
+- image->length = width;
+- res_temp = image->xres;
+- image->xres = image->yres;
+- image->yres = res_temp;
++ /* Only toggle image parameters if whole input image is rotated. */
++ if (rot_image_params)
++ {
++ image->width = length;
++ image->length = width;
++ res_temp = image->xres;
++ image->xres = image->yres;
++ image->yres = res_temp;
++ }
+ break;
+ default:
+ break;
diff --git a/meta/recipes-multimedia/libtiff/tiff_4.4.0.bb b/meta/recipes-multimedia/libtiff/tiff_4.4.0.bb
index 3b42dbe4a5..9df3c5a015 100644
--- a/meta/recipes-multimedia/libtiff/tiff_4.4.0.bb
+++ b/meta/recipes-multimedia/libtiff/tiff_4.4.0.bb
@@ -19,6 +19,7 @@ SRC_URI = "http://download.osgeo.org/libtiff/tiff-${PV}.tar.gz \
file://0001-tiffcrop-subroutines-require-a-larger-buffer-fixes-2.patch \
file://CVE-2022-48281.patch \
file://CVE-2023-0800_0801_0802_0803_0804.patch \
+ file://CVE-2023-0795_0796_0797_0798_0799.patch \
"
SRC_URI[sha256sum] = "917223b37538959aca3b790d2d73aa6e626b688e02dcda272aec24c2f498abed"
--
2.37.3
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [langdale][patch 3/3] go: upgrade to 1.19.7
2023-03-18 11:58 [langdale][patch 1/3] git: ignore CVE-2023-22743 chee.yang.lee
2023-03-18 11:58 ` [langdale][patch 2/3] tiff: Fix CVE-2023-0795 CVE-2023-0796 CVE-2023-0797 CVE-2023-0798 CVE-2023-0799 chee.yang.lee
@ 2023-03-18 11:58 ` chee.yang.lee
1 sibling, 0 replies; 3+ messages in thread
From: chee.yang.lee @ 2023-03-18 11:58 UTC (permalink / raw)
To: openembedded-core
From: Chee Yang Lee <chee.yang.lee@intel.com>
upgrade include fix for CVE-2022-41722 CVE-2022-41723 CVE-2022-41724
CVE-2022-41725 CVE-2023-24532
Release notes:
go1.19.5 (released 2023-01-10) includes fixes to the compiler, the
linker, and the crypto/x509, net/http, sync/atomic, and syscall
packages. See the Go 1.19.5 milestone on our issue tracker for details.
go1.19.6 (released 2023-02-14) includes security fixes to the
crypto/tls, mime/multipart, net/http, and path/filepath packages, as
well as bug fixes to the go command, the linker, the runtime, and the
crypto/x509, net/http, and time packages. See the Go 1.19.6 milestone on
our issue tracker for details.
go1.19.7 (released 2023-03-07) includes a security fix to the
crypto/elliptic package, as well as bug fixes to the linker, the
runtime, and the crypto/x509 and syscall packages. See the Go 1.19.7
milestone on our issue tracker for details.
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
---
meta/recipes-devtools/go/{go-1.19.4.inc => go-1.19.7.inc} | 2 +-
...{go-binary-native_1.19.4.bb => go-binary-native_1.19.7.bb} | 4 ++--
...o-cross-canadian_1.19.4.bb => go-cross-canadian_1.19.7.bb} | 0
.../go/{go-cross_1.19.4.bb => go-cross_1.19.7.bb} | 0
.../go/{go-crosssdk_1.19.4.bb => go-crosssdk_1.19.7.bb} | 0
.../go/{go-native_1.19.4.bb => go-native_1.19.7.bb} | 0
.../go/{go-runtime_1.19.4.bb => go-runtime_1.19.7.bb} | 0
meta/recipes-devtools/go/{go_1.19.4.bb => go_1.19.7.bb} | 0
8 files changed, 3 insertions(+), 3 deletions(-)
rename meta/recipes-devtools/go/{go-1.19.4.inc => go-1.19.7.inc} (89%)
rename meta/recipes-devtools/go/{go-binary-native_1.19.4.bb => go-binary-native_1.19.7.bb} (84%)
rename meta/recipes-devtools/go/{go-cross-canadian_1.19.4.bb => go-cross-canadian_1.19.7.bb} (100%)
rename meta/recipes-devtools/go/{go-cross_1.19.4.bb => go-cross_1.19.7.bb} (100%)
rename meta/recipes-devtools/go/{go-crosssdk_1.19.4.bb => go-crosssdk_1.19.7.bb} (100%)
rename meta/recipes-devtools/go/{go-native_1.19.4.bb => go-native_1.19.7.bb} (100%)
rename meta/recipes-devtools/go/{go-runtime_1.19.4.bb => go-runtime_1.19.7.bb} (100%)
rename meta/recipes-devtools/go/{go_1.19.4.bb => go_1.19.7.bb} (100%)
diff --git a/meta/recipes-devtools/go/go-1.19.4.inc b/meta/recipes-devtools/go/go-1.19.7.inc
similarity index 89%
rename from meta/recipes-devtools/go/go-1.19.4.inc
rename to meta/recipes-devtools/go/go-1.19.7.inc
index 49349ba6ec..7d76f34bdf 100644
--- a/meta/recipes-devtools/go/go-1.19.4.inc
+++ b/meta/recipes-devtools/go/go-1.19.7.inc
@@ -15,4 +15,4 @@ SRC_URI += "\
file://0001-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \
file://filter-build-paths.patch \
"
-SRC_URI[main.sha256sum] = "eda74db4ac494800a3e66ee784e495bfbb9b8e535df924a8b01b1a8028b7f368"
+SRC_URI[main.sha256sum] = "775bdf285ceaba940da8a2fe20122500efd7a0b65dbcee85247854a8d7402633"
diff --git a/meta/recipes-devtools/go/go-binary-native_1.19.4.bb b/meta/recipes-devtools/go/go-binary-native_1.19.7.bb
similarity index 84%
rename from meta/recipes-devtools/go/go-binary-native_1.19.4.bb
rename to meta/recipes-devtools/go/go-binary-native_1.19.7.bb
index f1208d183a..0e2c8f1b24 100644
--- a/meta/recipes-devtools/go/go-binary-native_1.19.4.bb
+++ b/meta/recipes-devtools/go/go-binary-native_1.19.7.bb
@@ -9,8 +9,8 @@ PROVIDES = "go-native"
# Checksums available at https://go.dev/dl/
SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}"
-SRC_URI[go_linux_amd64.sha256sum] = "c9c08f783325c4cf840a94333159cc937f05f75d36a8b307951d5bd959cf2ab8"
-SRC_URI[go_linux_arm64.sha256sum] = "9df122d6baf6f2275270306b92af3b09d7973fb1259257e284dba33c0db14f1b"
+SRC_URI[go_linux_amd64.sha256sum] = "7a75720c9b066ae1750f6bcc7052aba70fa3813f4223199ee2a2315fd3eb533d"
+SRC_URI[go_linux_arm64.sha256sum] = "071ea7bf386fdd08df524859b878d99fc359e491e7ad65c1c1cc55b67972c882"
UPSTREAM_CHECK_URI = "https://golang.org/dl/"
UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux"
diff --git a/meta/recipes-devtools/go/go-cross-canadian_1.19.4.bb b/meta/recipes-devtools/go/go-cross-canadian_1.19.7.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-cross-canadian_1.19.4.bb
rename to meta/recipes-devtools/go/go-cross-canadian_1.19.7.bb
diff --git a/meta/recipes-devtools/go/go-cross_1.19.4.bb b/meta/recipes-devtools/go/go-cross_1.19.7.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-cross_1.19.4.bb
rename to meta/recipes-devtools/go/go-cross_1.19.7.bb
diff --git a/meta/recipes-devtools/go/go-crosssdk_1.19.4.bb b/meta/recipes-devtools/go/go-crosssdk_1.19.7.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-crosssdk_1.19.4.bb
rename to meta/recipes-devtools/go/go-crosssdk_1.19.7.bb
diff --git a/meta/recipes-devtools/go/go-native_1.19.4.bb b/meta/recipes-devtools/go/go-native_1.19.7.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-native_1.19.4.bb
rename to meta/recipes-devtools/go/go-native_1.19.7.bb
diff --git a/meta/recipes-devtools/go/go-runtime_1.19.4.bb b/meta/recipes-devtools/go/go-runtime_1.19.7.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-runtime_1.19.4.bb
rename to meta/recipes-devtools/go/go-runtime_1.19.7.bb
diff --git a/meta/recipes-devtools/go/go_1.19.4.bb b/meta/recipes-devtools/go/go_1.19.7.bb
similarity index 100%
rename from meta/recipes-devtools/go/go_1.19.4.bb
rename to meta/recipes-devtools/go/go_1.19.7.bb
--
2.37.3
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-03-18 11:59 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-03-18 11:58 [langdale][patch 1/3] git: ignore CVE-2023-22743 chee.yang.lee
2023-03-18 11:58 ` [langdale][patch 2/3] tiff: Fix CVE-2023-0795 CVE-2023-0796 CVE-2023-0797 CVE-2023-0798 CVE-2023-0799 chee.yang.lee
2023-03-18 11:58 ` [langdale][patch 3/3] go: upgrade to 1.19.7 chee.yang.lee
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.