* [PATCH 0/1] rsync (GPLv2): fix security vulnerability CVE-2007-4091
@ 2011-05-10 2:54 Dexuan Cui
2011-05-10 2:54 ` [PATCH 1/1] " Dexuan Cui
0 siblings, 1 reply; 7+ messages in thread
From: Dexuan Cui @ 2011-05-10 2:54 UTC (permalink / raw)
To: openembedded-core
From: Dexuan Cui <dexuan.cui@intel.com>
The patch is from https://issues.rpath.com/browse/RPL-1647 and is used to
address http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4091
Pull URL: git://git.pokylinux.org/poky-contrib.git
Branch: dcui/master
Browse: http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=dcui/master
Thanks,
Dexuan Cui <dexuan.cui@intel.com>
---
Dexuan Cui (1):
rsync (GPLv2): fix security vulnerability CVE-2007-4091
.../rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch | 70 ++++++++++++++++++++
meta/recipes-devtools/rsync/rsync_2.6.9.bb | 3 +-
2 files changed, 72 insertions(+), 1 deletions(-)
create mode 100644 meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
--
1.7.2
^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH 1/1] rsync (GPLv2): fix security vulnerability CVE-2007-4091
2011-05-10 2:54 [PATCH 0/1] rsync (GPLv2): fix security vulnerability CVE-2007-4091 Dexuan Cui
@ 2011-05-10 2:54 ` Dexuan Cui
2011-05-10 5:01 ` Saul Wold
2011-05-10 17:53 ` Saul Wold
0 siblings, 2 replies; 7+ messages in thread
From: Dexuan Cui @ 2011-05-10 2:54 UTC (permalink / raw)
To: openembedded-core
From: Dexuan Cui <dexuan.cui@intel.com>
Added a patch to fix
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4091
Signed-off-by: Dexuan Cui <dexuan.cui@intel.com>
---
.../rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch | 70 ++++++++++++++++++++
meta/recipes-devtools/rsync/rsync_2.6.9.bb | 3 +-
2 files changed, 72 insertions(+), 1 deletions(-)
create mode 100644 meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
diff --git a/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch b/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
new file mode 100644
index 0000000..f054452
--- /dev/null
+++ b/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
@@ -0,0 +1,70 @@
+Upstream-Status: Backport [ The patch is rsync-2.6.9 specific ]
+
+The patch is from https://issues.rpath.com/browse/RPL-1647 and is used to
+address http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4091
+
+Date: Tue May 10 10:07:36 2011 +0800
+Dexuan Cui <dexuan.cui@intel.com>
+
+diff --git a/sender.c b/sender.c
+index 6fcaa65..053a8f1 100644
+--- a/sender.c
++++ b/sender.c
+@@ -123,6 +123,7 @@ void successful_send(int ndx)
+ char fname[MAXPATHLEN];
+ struct file_struct *file;
+ unsigned int offset;
++ size_t l = 0;
+
+ if (ndx < 0 || ndx >= the_file_list->count)
+ return;
+@@ -133,6 +134,20 @@ void successful_send(int ndx)
+ file->dir.root, "/", NULL);
+ } else
+ offset = 0;
++
++ l = offset + 1;
++ if (file) {
++ if (file->dirname)
++ l += strlen(file->dirname);
++ if (file->basename)
++ l += strlen(file->basename);
++ }
++
++ if (l >= sizeof(fname)) {
++ rprintf(FERROR, "Overlong pathname\n");
++ exit_cleanup(RERR_FILESELECT);
++ }
++
+ f_name(file, fname + offset);
+ if (remove_source_files) {
+ if (do_unlink(fname) == 0) {
+@@ -224,6 +239,7 @@ void send_files(struct file_list *flist, int f_out, int f_in)
+ enum logcode log_code = log_before_transfer ? FLOG : FINFO;
+ int f_xfer = write_batch < 0 ? batch_fd : f_out;
+ int i, j;
++ size_t l = 0;
+
+ if (verbose > 2)
+ rprintf(FINFO, "send_files starting\n");
+@@ -259,6 +275,20 @@ void send_files(struct file_list *flist, int f_out, int f_in)
+ fname[offset++] = '/';
+ } else
+ offset = 0;
++
++ l = offset + 1;
++ if (file) {
++ if (file->dirname)
++ l += strlen(file->dirname);
++ if (file->basename)
++ l += strlen(file->basename);
++ }
++
++ if (l >= sizeof(fname)) {
++ rprintf(FERROR, "Overlong pathname\n");
++ exit_cleanup(RERR_FILESELECT);
++ }
++
+ fname2 = f_name(file, fname + offset);
+
+ if (verbose > 2)
diff --git a/meta/recipes-devtools/rsync/rsync_2.6.9.bb b/meta/recipes-devtools/rsync/rsync_2.6.9.bb
index 4337982..17c18a4 100644
--- a/meta/recipes-devtools/rsync/rsync_2.6.9.bb
+++ b/meta/recipes-devtools/rsync/rsync_2.6.9.bb
@@ -8,6 +8,7 @@ PRIORITY = "optional"
DEPENDS = "popt"
SRC_URI = "http://rsync.samba.org/ftp/rsync/src/rsync-${PV}.tar.gz \
+ file://rsync-2.6.9-fname-obo.patch \
file://rsyncd.conf"
inherit autotools
@@ -22,4 +23,4 @@ EXTRA_OEMAKE='STRIP=""'
LICENSE = "GPLv2+"
LIC_FILES_CHKSUM = "file://COPYING;md5=6d5a9d4c4d3af25cd68fd83e8a8cb09c"
-PR = "r2"
+PR = "r3"
--
1.7.2
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH 1/1] rsync (GPLv2): fix security vulnerability CVE-2007-4091
2011-05-10 2:54 ` [PATCH 1/1] " Dexuan Cui
@ 2011-05-10 5:01 ` Saul Wold
2011-05-10 5:03 ` He, Qing
2011-05-10 17:53 ` Saul Wold
1 sibling, 1 reply; 7+ messages in thread
From: Saul Wold @ 2011-05-10 5:01 UTC (permalink / raw)
To: Patches and discussions about the oe-core layer
On 05/09/2011 07:54 PM, Dexuan Cui wrote:
> From: Dexuan Cui<dexuan.cui@intel.com>
>
> Added a patch to fix
> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4091
>
This is missing a [YOCTO #bugid], please add and resend. (update branch
is OK).
Sau!
> Signed-off-by: Dexuan Cui<dexuan.cui@intel.com>
> ---
> .../rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch | 70 ++++++++++++++++++++
> meta/recipes-devtools/rsync/rsync_2.6.9.bb | 3 +-
> 2 files changed, 72 insertions(+), 1 deletions(-)
> create mode 100644 meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
>
> diff --git a/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch b/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
> new file mode 100644
> index 0000000..f054452
> --- /dev/null
> +++ b/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
> @@ -0,0 +1,70 @@
> +Upstream-Status: Backport [ The patch is rsync-2.6.9 specific ]
> +
> +The patch is from https://issues.rpath.com/browse/RPL-1647 and is used to
> +address http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4091
> +
> +Date: Tue May 10 10:07:36 2011 +0800
> +Dexuan Cui<dexuan.cui@intel.com>
> +
> +diff --git a/sender.c b/sender.c
> +index 6fcaa65..053a8f1 100644
> +--- a/sender.c
> ++++ b/sender.c
> +@@ -123,6 +123,7 @@ void successful_send(int ndx)
> + char fname[MAXPATHLEN];
> + struct file_struct *file;
> + unsigned int offset;
> ++ size_t l = 0;
> +
> + if (ndx< 0 || ndx>= the_file_list->count)
> + return;
> +@@ -133,6 +134,20 @@ void successful_send(int ndx)
> + file->dir.root, "/", NULL);
> + } else
> + offset = 0;
> ++
> ++ l = offset + 1;
> ++ if (file) {
> ++ if (file->dirname)
> ++ l += strlen(file->dirname);
> ++ if (file->basename)
> ++ l += strlen(file->basename);
> ++ }
> ++
> ++ if (l>= sizeof(fname)) {
> ++ rprintf(FERROR, "Overlong pathname\n");
> ++ exit_cleanup(RERR_FILESELECT);
> ++ }
> ++
> + f_name(file, fname + offset);
> + if (remove_source_files) {
> + if (do_unlink(fname) == 0) {
> +@@ -224,6 +239,7 @@ void send_files(struct file_list *flist, int f_out, int f_in)
> + enum logcode log_code = log_before_transfer ? FLOG : FINFO;
> + int f_xfer = write_batch< 0 ? batch_fd : f_out;
> + int i, j;
> ++ size_t l = 0;
> +
> + if (verbose> 2)
> + rprintf(FINFO, "send_files starting\n");
> +@@ -259,6 +275,20 @@ void send_files(struct file_list *flist, int f_out, int f_in)
> + fname[offset++] = '/';
> + } else
> + offset = 0;
> ++
> ++ l = offset + 1;
> ++ if (file) {
> ++ if (file->dirname)
> ++ l += strlen(file->dirname);
> ++ if (file->basename)
> ++ l += strlen(file->basename);
> ++ }
> ++
> ++ if (l>= sizeof(fname)) {
> ++ rprintf(FERROR, "Overlong pathname\n");
> ++ exit_cleanup(RERR_FILESELECT);
> ++ }
> ++
> + fname2 = f_name(file, fname + offset);
> +
> + if (verbose> 2)
> diff --git a/meta/recipes-devtools/rsync/rsync_2.6.9.bb b/meta/recipes-devtools/rsync/rsync_2.6.9.bb
> index 4337982..17c18a4 100644
> --- a/meta/recipes-devtools/rsync/rsync_2.6.9.bb
> +++ b/meta/recipes-devtools/rsync/rsync_2.6.9.bb
> @@ -8,6 +8,7 @@ PRIORITY = "optional"
> DEPENDS = "popt"
>
> SRC_URI = "http://rsync.samba.org/ftp/rsync/src/rsync-${PV}.tar.gz \
> + file://rsync-2.6.9-fname-obo.patch \
> file://rsyncd.conf"
>
> inherit autotools
> @@ -22,4 +23,4 @@ EXTRA_OEMAKE='STRIP=""'
> LICENSE = "GPLv2+"
> LIC_FILES_CHKSUM = "file://COPYING;md5=6d5a9d4c4d3af25cd68fd83e8a8cb09c"
>
> -PR = "r2"
> +PR = "r3"
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 1/1] rsync (GPLv2): fix security vulnerability CVE-2007-4091
2011-05-10 5:01 ` Saul Wold
@ 2011-05-10 5:03 ` He, Qing
2011-05-10 5:05 ` Saul Wold
0 siblings, 1 reply; 7+ messages in thread
From: He, Qing @ 2011-05-10 5:03 UTC (permalink / raw)
To: Patches and discussions about the oe-core layer
>-----Original Message-----
>From: openembedded-core-bounces@lists.openembedded.org
>[mailto:openembedded-core-bounces@lists.openembedded.org] On Behalf Of Saul
>Wold
>Sent: 2011年5月10日 13:02
>To: Patches and discussions about the oe-core layer
>Subject: Re: [OE-core] [PATCH 1/1] rsync (GPLv2): fix security vulnerability
>CVE-2007-4091
>
>On 05/09/2011 07:54 PM, Dexuan Cui wrote:
>> From: Dexuan Cui<dexuan.cui@intel.com>
>>
>> Added a patch to fix
>> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4091
>>
>This is missing a [YOCTO #bugid], please add and resend. (update branch
>is OK).
Saul,
Before the other two CVEs are specifically addressed, I don't think we can call a close on this bug.
Thanks,
Qing
>
>Sau!
>
>> Signed-off-by: Dexuan Cui<dexuan.cui@intel.com>
>> ---
>> .../rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch | 70
>++++++++++++++++++++
>> meta/recipes-devtools/rsync/rsync_2.6.9.bb | 3 +-
>> 2 files changed, 72 insertions(+), 1 deletions(-)
>> create mode 100644
>meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
>>
>> diff --git a/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
>b/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
>> new file mode 100644
>> index 0000000..f054452
>> --- /dev/null
>> +++ b/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
>> @@ -0,0 +1,70 @@
>> +Upstream-Status: Backport [ The patch is rsync-2.6.9 specific ]
>> +
>> +The patch is from https://issues.rpath.com/browse/RPL-1647 and is used to
>> +address http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4091
>> +
>> +Date: Tue May 10 10:07:36 2011 +0800
>> +Dexuan Cui<dexuan.cui@intel.com>
>> +
>> +diff --git a/sender.c b/sender.c
>> +index 6fcaa65..053a8f1 100644
>> +--- a/sender.c
>> ++++ b/sender.c
>> +@@ -123,6 +123,7 @@ void successful_send(int ndx)
>> + char fname[MAXPATHLEN];
>> + struct file_struct *file;
>> + unsigned int offset;
>> ++ size_t l = 0;
>> +
>> + if (ndx< 0 || ndx>= the_file_list->count)
>> + return;
>> +@@ -133,6 +134,20 @@ void successful_send(int ndx)
>> + file->dir.root, "/", NULL);
>> + } else
>> + offset = 0;
>> ++
>> ++ l = offset + 1;
>> ++ if (file) {
>> ++ if (file->dirname)
>> ++ l += strlen(file->dirname);
>> ++ if (file->basename)
>> ++ l += strlen(file->basename);
>> ++ }
>> ++
>> ++ if (l>= sizeof(fname)) {
>> ++ rprintf(FERROR, "Overlong pathname\n");
>> ++ exit_cleanup(RERR_FILESELECT);
>> ++ }
>> ++
>> + f_name(file, fname + offset);
>> + if (remove_source_files) {
>> + if (do_unlink(fname) == 0) {
>> +@@ -224,6 +239,7 @@ void send_files(struct file_list *flist, int f_out, int f_in)
>> + enum logcode log_code = log_before_transfer ? FLOG : FINFO;
>> + int f_xfer = write_batch< 0 ? batch_fd : f_out;
>> + int i, j;
>> ++ size_t l = 0;
>> +
>> + if (verbose> 2)
>> + rprintf(FINFO, "send_files starting\n");
>> +@@ -259,6 +275,20 @@ void send_files(struct file_list *flist, int f_out, int f_in)
>> + fname[offset++] = '/';
>> + } else
>> + offset = 0;
>> ++
>> ++ l = offset + 1;
>> ++ if (file) {
>> ++ if (file->dirname)
>> ++ l += strlen(file->dirname);
>> ++ if (file->basename)
>> ++ l += strlen(file->basename);
>> ++ }
>> ++
>> ++ if (l>= sizeof(fname)) {
>> ++ rprintf(FERROR, "Overlong pathname\n");
>> ++ exit_cleanup(RERR_FILESELECT);
>> ++ }
>> ++
>> + fname2 = f_name(file, fname + offset);
>> +
>> + if (verbose> 2)
>> diff --git a/meta/recipes-devtools/rsync/rsync_2.6.9.bb
>b/meta/recipes-devtools/rsync/rsync_2.6.9.bb
>> index 4337982..17c18a4 100644
>> --- a/meta/recipes-devtools/rsync/rsync_2.6.9.bb
>> +++ b/meta/recipes-devtools/rsync/rsync_2.6.9.bb
>> @@ -8,6 +8,7 @@ PRIORITY = "optional"
>> DEPENDS = "popt"
>>
>> SRC_URI = "http://rsync.samba.org/ftp/rsync/src/rsync-${PV}.tar.gz \
>> + file://rsync-2.6.9-fname-obo.patch \
>> file://rsyncd.conf"
>>
>> inherit autotools
>> @@ -22,4 +23,4 @@ EXTRA_OEMAKE='STRIP=""'
>> LICENSE = "GPLv2+"
>> LIC_FILES_CHKSUM =
>"file://COPYING;md5=6d5a9d4c4d3af25cd68fd83e8a8cb09c"
>>
>> -PR = "r2"
>> +PR = "r3"
>
>_______________________________________________
>Openembedded-core mailing list
>Openembedded-core@lists.openembedded.org
>http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 1/1] rsync (GPLv2): fix security vulnerability CVE-2007-4091
2011-05-10 5:03 ` He, Qing
@ 2011-05-10 5:05 ` Saul Wold
2011-05-10 5:18 ` Cui, Dexuan
0 siblings, 1 reply; 7+ messages in thread
From: Saul Wold @ 2011-05-10 5:05 UTC (permalink / raw)
To: Patches and discussions about the oe-core layer
On 05/09/2011 10:03 PM, He, Qing wrote:
>> -----Original Message-----
>> From: openembedded-core-bounces@lists.openembedded.org
>> [mailto:openembedded-core-bounces@lists.openembedded.org] On Behalf Of Saul
>> Wold
>> Sent: 2011年5月10日 13:02
>> To: Patches and discussions about the oe-core layer
>> Subject: Re: [OE-core] [PATCH 1/1] rsync (GPLv2): fix security vulnerability
>> CVE-2007-4091
>>
>> On 05/09/2011 07:54 PM, Dexuan Cui wrote:
>>> From: Dexuan Cui<dexuan.cui@intel.com>
>>>
>>> Added a patch to fix
>>> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4091
>>>
>> This is missing a [YOCTO #bugid], please add and resend. (update branch
>> is OK).
>
> Saul,
> Before the other two CVEs are specifically addressed, I don't think we can call a close on this bug.
>
Yes, that's true, but it's important to know that this patch addresses a
part of that bug.
Sau!
> Thanks,
> Qing
>
>>
>> Sau!
>>
>>> Signed-off-by: Dexuan Cui<dexuan.cui@intel.com>
>>> ---
>>> .../rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch | 70
>> ++++++++++++++++++++
>>> meta/recipes-devtools/rsync/rsync_2.6.9.bb | 3 +-
>>> 2 files changed, 72 insertions(+), 1 deletions(-)
>>> create mode 100644
>> meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
>>>
>>> diff --git a/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
>> b/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
>>> new file mode 100644
>>> index 0000000..f054452
>>> --- /dev/null
>>> +++ b/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
>>> @@ -0,0 +1,70 @@
>>> +Upstream-Status: Backport [ The patch is rsync-2.6.9 specific ]
>>> +
>>> +The patch is from https://issues.rpath.com/browse/RPL-1647 and is used to
>>> +address http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4091
>>> +
>>> +Date: Tue May 10 10:07:36 2011 +0800
>>> +Dexuan Cui<dexuan.cui@intel.com>
>>> +
>>> +diff --git a/sender.c b/sender.c
>>> +index 6fcaa65..053a8f1 100644
>>> +--- a/sender.c
>>> ++++ b/sender.c
>>> +@@ -123,6 +123,7 @@ void successful_send(int ndx)
>>> + char fname[MAXPATHLEN];
>>> + struct file_struct *file;
>>> + unsigned int offset;
>>> ++ size_t l = 0;
>>> +
>>> + if (ndx< 0 || ndx>= the_file_list->count)
>>> + return;
>>> +@@ -133,6 +134,20 @@ void successful_send(int ndx)
>>> + file->dir.root, "/", NULL);
>>> + } else
>>> + offset = 0;
>>> ++
>>> ++ l = offset + 1;
>>> ++ if (file) {
>>> ++ if (file->dirname)
>>> ++ l += strlen(file->dirname);
>>> ++ if (file->basename)
>>> ++ l += strlen(file->basename);
>>> ++ }
>>> ++
>>> ++ if (l>= sizeof(fname)) {
>>> ++ rprintf(FERROR, "Overlong pathname\n");
>>> ++ exit_cleanup(RERR_FILESELECT);
>>> ++ }
>>> ++
>>> + f_name(file, fname + offset);
>>> + if (remove_source_files) {
>>> + if (do_unlink(fname) == 0) {
>>> +@@ -224,6 +239,7 @@ void send_files(struct file_list *flist, int f_out, int f_in)
>>> + enum logcode log_code = log_before_transfer ? FLOG : FINFO;
>>> + int f_xfer = write_batch< 0 ? batch_fd : f_out;
>>> + int i, j;
>>> ++ size_t l = 0;
>>> +
>>> + if (verbose> 2)
>>> + rprintf(FINFO, "send_files starting\n");
>>> +@@ -259,6 +275,20 @@ void send_files(struct file_list *flist, int f_out, int f_in)
>>> + fname[offset++] = '/';
>>> + } else
>>> + offset = 0;
>>> ++
>>> ++ l = offset + 1;
>>> ++ if (file) {
>>> ++ if (file->dirname)
>>> ++ l += strlen(file->dirname);
>>> ++ if (file->basename)
>>> ++ l += strlen(file->basename);
>>> ++ }
>>> ++
>>> ++ if (l>= sizeof(fname)) {
>>> ++ rprintf(FERROR, "Overlong pathname\n");
>>> ++ exit_cleanup(RERR_FILESELECT);
>>> ++ }
>>> ++
>>> + fname2 = f_name(file, fname + offset);
>>> +
>>> + if (verbose> 2)
>>> diff --git a/meta/recipes-devtools/rsync/rsync_2.6.9.bb
>> b/meta/recipes-devtools/rsync/rsync_2.6.9.bb
>>> index 4337982..17c18a4 100644
>>> --- a/meta/recipes-devtools/rsync/rsync_2.6.9.bb
>>> +++ b/meta/recipes-devtools/rsync/rsync_2.6.9.bb
>>> @@ -8,6 +8,7 @@ PRIORITY = "optional"
>>> DEPENDS = "popt"
>>>
>>> SRC_URI = "http://rsync.samba.org/ftp/rsync/src/rsync-${PV}.tar.gz \
>>> + file://rsync-2.6.9-fname-obo.patch \
>>> file://rsyncd.conf"
>>>
>>> inherit autotools
>>> @@ -22,4 +23,4 @@ EXTRA_OEMAKE='STRIP=""'
>>> LICENSE = "GPLv2+"
>>> LIC_FILES_CHKSUM =
>> "file://COPYING;md5=6d5a9d4c4d3af25cd68fd83e8a8cb09c"
>>>
>>> -PR = "r2"
>>> +PR = "r3"
>>
>> _______________________________________________
>> Openembedded-core mailing list
>> Openembedded-core@lists.openembedded.org
>> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core@lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 1/1] rsync (GPLv2): fix security vulnerability CVE-2007-4091
2011-05-10 5:05 ` Saul Wold
@ 2011-05-10 5:18 ` Cui, Dexuan
0 siblings, 0 replies; 7+ messages in thread
From: Cui, Dexuan @ 2011-05-10 5:18 UTC (permalink / raw)
To: 'Patches and discussions about the oe-core layer'
Saul Wold wrote:
> On 05/09/2011 10:03 PM, He, Qing wrote:
>>> -----Original Message-----
>>> From: openembedded-core-bounces@lists.openembedded.org
>>> [mailto:openembedded-core-bounces@lists.openembedded.org] On Behalf
>>> Of Saul Wold Sent: 2011年5月10日 13:02
>>> To: Patches and discussions about the oe-core layer
>>> Subject: Re: [OE-core] [PATCH 1/1] rsync (GPLv2): fix security
>>> vulnerability CVE-2007-4091
>>>
>>> On 05/09/2011 07:54 PM, Dexuan Cui wrote:
>>>> From: Dexuan Cui<dexuan.cui@intel.com>
>>>>
>>>> Added a patch to fix
>>>> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4091
>>>>
>>> This is missing a [YOCTO #bugid], please add and resend. (update
>>> branch
>>> is OK).
>>
>> Saul,
>> Before the other two CVEs are specifically addressed, I don't think
>> we can call a close on this bug.
>>
> Yes, that's true, but it's important to know that this patch
> addresses a part of that bug.
Hi Saul,
I added "[YOCTO #984] is partially fixed by this commit" and did "git push" just now.
Please use the same branch
http://git.pokylinux.org/cgit/cgit.cgi/poky-contrib/commit/?h=dcui/master&id=898ce2ddf774646796af5c8700130916afe6dbc1
Thanks,
-- Dexuan
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 1/1] rsync (GPLv2): fix security vulnerability CVE-2007-4091
2011-05-10 2:54 ` [PATCH 1/1] " Dexuan Cui
2011-05-10 5:01 ` Saul Wold
@ 2011-05-10 17:53 ` Saul Wold
1 sibling, 0 replies; 7+ messages in thread
From: Saul Wold @ 2011-05-10 17:53 UTC (permalink / raw)
To: Patches and discussions about the oe-core layer
On 05/09/2011 07:54 PM, Dexuan Cui wrote:
> From: Dexuan Cui<dexuan.cui@intel.com>
>
> Added a patch to fix
> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4091
>
> Signed-off-by: Dexuan Cui<dexuan.cui@intel.com>
> ---
> .../rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch | 70 ++++++++++++++++++++
> meta/recipes-devtools/rsync/rsync_2.6.9.bb | 3 +-
> 2 files changed, 72 insertions(+), 1 deletions(-)
> create mode 100644 meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
>
> diff --git a/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch b/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
> new file mode 100644
> index 0000000..f054452
> --- /dev/null
> +++ b/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
> @@ -0,0 +1,70 @@
> +Upstream-Status: Backport [ The patch is rsync-2.6.9 specific ]
> +
> +The patch is from https://issues.rpath.com/browse/RPL-1647 and is used to
> +address http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4091
> +
> +Date: Tue May 10 10:07:36 2011 +0800
> +Dexuan Cui<dexuan.cui@intel.com>
> +
> +diff --git a/sender.c b/sender.c
> +index 6fcaa65..053a8f1 100644
> +--- a/sender.c
> ++++ b/sender.c
> +@@ -123,6 +123,7 @@ void successful_send(int ndx)
> + char fname[MAXPATHLEN];
> + struct file_struct *file;
> + unsigned int offset;
> ++ size_t l = 0;
> +
> + if (ndx< 0 || ndx>= the_file_list->count)
> + return;
> +@@ -133,6 +134,20 @@ void successful_send(int ndx)
> + file->dir.root, "/", NULL);
> + } else
> + offset = 0;
> ++
> ++ l = offset + 1;
> ++ if (file) {
> ++ if (file->dirname)
> ++ l += strlen(file->dirname);
> ++ if (file->basename)
> ++ l += strlen(file->basename);
> ++ }
> ++
> ++ if (l>= sizeof(fname)) {
> ++ rprintf(FERROR, "Overlong pathname\n");
> ++ exit_cleanup(RERR_FILESELECT);
> ++ }
> ++
> + f_name(file, fname + offset);
> + if (remove_source_files) {
> + if (do_unlink(fname) == 0) {
> +@@ -224,6 +239,7 @@ void send_files(struct file_list *flist, int f_out, int f_in)
> + enum logcode log_code = log_before_transfer ? FLOG : FINFO;
> + int f_xfer = write_batch< 0 ? batch_fd : f_out;
> + int i, j;
> ++ size_t l = 0;
> +
> + if (verbose> 2)
> + rprintf(FINFO, "send_files starting\n");
> +@@ -259,6 +275,20 @@ void send_files(struct file_list *flist, int f_out, int f_in)
> + fname[offset++] = '/';
> + } else
> + offset = 0;
> ++
> ++ l = offset + 1;
> ++ if (file) {
> ++ if (file->dirname)
> ++ l += strlen(file->dirname);
> ++ if (file->basename)
> ++ l += strlen(file->basename);
> ++ }
> ++
> ++ if (l>= sizeof(fname)) {
> ++ rprintf(FERROR, "Overlong pathname\n");
> ++ exit_cleanup(RERR_FILESELECT);
> ++ }
> ++
> + fname2 = f_name(file, fname + offset);
> +
> + if (verbose> 2)
> diff --git a/meta/recipes-devtools/rsync/rsync_2.6.9.bb b/meta/recipes-devtools/rsync/rsync_2.6.9.bb
> index 4337982..17c18a4 100644
> --- a/meta/recipes-devtools/rsync/rsync_2.6.9.bb
> +++ b/meta/recipes-devtools/rsync/rsync_2.6.9.bb
> @@ -8,6 +8,7 @@ PRIORITY = "optional"
> DEPENDS = "popt"
>
> SRC_URI = "http://rsync.samba.org/ftp/rsync/src/rsync-${PV}.tar.gz \
> + file://rsync-2.6.9-fname-obo.patch \
> file://rsyncd.conf"
>
> inherit autotools
> @@ -22,4 +23,4 @@ EXTRA_OEMAKE='STRIP=""'
> LICENSE = "GPLv2+"
> LIC_FILES_CHKSUM = "file://COPYING;md5=6d5a9d4c4d3af25cd68fd83e8a8cb09c"
>
> -PR = "r2"
> +PR = "r3"
Merged into oe-core and poky/master and staged for Bernard
Thanks
Sau!
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2011-05-10 17:56 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-05-10 2:54 [PATCH 0/1] rsync (GPLv2): fix security vulnerability CVE-2007-4091 Dexuan Cui
2011-05-10 2:54 ` [PATCH 1/1] " Dexuan Cui
2011-05-10 5:01 ` Saul Wold
2011-05-10 5:03 ` He, Qing
2011-05-10 5:05 ` Saul Wold
2011-05-10 5:18 ` Cui, Dexuan
2011-05-10 17:53 ` Saul Wold
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.