inetutils: upgrade 2.3 -> 2.4

CVE-2022-39028.patch removed since it's included in 2.4 Changelog: ========== ifconfig ------------ Support specifying prefix netmask lengths in -A. Hurd: tell pfinet translator interfaces to configure ftp ---------- Avoid crash caused by signed integer overflow resulting in out-of-bounds buffer access. Avoid crash caused by heap buffer overflow. Avoid crash caused by NULL pointer dereference. Avoid crash caused by infinite macro recursion. telnetd ----------- Avoid crash on 0xff 0xf7 (IAC EC) or 0xff 0xf8 (IAC EL). CVE-2022-39028 telnet ----------- Fix a buffer overflow problem. CVE-2019-0053 tftp ----------- Avoid crashing when given unexpected or invalid commands from tty. Various bugs fixes, internal improvements and clean ups. (From OE-Core rev: b8d39056f58ac6a2264b432c95fd7012babe5164) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit fec6ec179b97b768d32fbd782338450edc1a5344) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-05-05 07:39:49 +02:00 · 2022-11-03 13:30:48 +08:00
parent 90246ed04b
commit 71cb87f0e3
2 changed files with 1 additions and 56 deletions
--- a/meta/recipes-connectivity/inetutils/inetutils/CVE-2022-39028.patch
+++ b/meta/recipes-connectivity/inetutils/inetutils/CVE-2022-39028.patch
@@ -1,54 +0,0 @@
 From d52349fa1b6baac77ffa2c74769636aa2ece2ec5 Mon Sep 17 00:00:00 2001
 From: Erik Auerswald <auerswal@unix-ag.uni-kl.de>
 Date: Sat, 3 Sep 2022 16:58:16 +0200
 Subject: [PATCH] telnetd: Handle early IAC EC or IAC EL receipt
 Fix telnetd crash if the first two bytes of a new connection
 are 0xff 0xf7 (IAC EC) or 0xff 0xf8 (IAC EL).
 The problem was reported in:
 <https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html>.
 * NEWS: Mention fix.
 * telnetd/state.c (telrcv): Handle zero slctab[SLC_EC].sptr and
 zero slctab[SLC_EL].sptr.
 CVE: CVE-2022-39028
 Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=fae8263e467380483c28513c0e5fac143e46f94f]
 Signed-off-by: Khem Raj <raj.khem@gmail.com>
 ---
 telnetd/state.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)
 diff --git a/telnetd/state.c b/telnetd/state.c
 index ffc6cba..c2d760f 100644
 --- a/telnetd/state.c
 +++ b/telnetd/state.c
@@ -312,15 +312,21 @@ telrcv (void)
 	    case EC:
 	    case EL:
 	      {
 -		cc_t ch;
 +		cc_t ch = (cc_t) (_POSIX_VDISABLE);
 		DEBUG (debug_options, 1, printoption ("td: recv IAC", c));
 		ptyflush ();	/* half-hearted */
 		init_termbuf ();
 		if (c == EC)
 -		  ch = *slctab[SLC_EC].sptr;
 +		  {
 +		    if (slctab[SLC_EC].sptr)
 +		      ch = *slctab[SLC_EC].sptr;
 +		  }
 		else
 -		  ch = *slctab[SLC_EL].sptr;
 +		  {
 +		    if (slctab[SLC_EL].sptr)
 +		      ch = *slctab[SLC_EL].sptr;
 +		  }
 		if (ch != (cc_t) (_POSIX_VDISABLE))
 		  pty_output_byte ((unsigned char) ch);
 		break;
 -- 
 2.37.3
--- a/meta/recipes-connectivity/inetutils/inetutils_2.4.bb
+++ b/meta/recipes-connectivity/inetutils/inetutils_2.4.bb
@@ -10,7 +10,7 @@ LICENSE = "GPL-3.0-only"
 LIC_FILES_CHKSUM = "file://COPYING;md5=0c7051aef9219dc7237f206c5c4179a7"
-SRC_URI[sha256sum] = "0b01bb08e29623c4e3b940f233c961451d9af8c5066301add76a52a95d51772c"
+SRC_URI[sha256sum] = "1789d6b1b1a57dfe2a7ab7b533ee9f5dfd9cbf5b59bb1bb3c2612ed08d0f68b2"
 SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \
           file://inetutils-1.8-0001-printf-parse-pull-in-features.h-for-__GLIBC__.patch \
           file://inetutils-1.8-0003-wchar.patch \
@@ -21,7 +21,6 @@ SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \
           file://tftpd.xinetd.inetutils \
           file://inetutils-1.9-PATH_PROCNET_DEV.patch \
           file://inetutils-only-check-pam_appl.h-when-pam-enabled.patch \
           file://CVE-2022-39028.patch \
 "
 inherit autotools gettext update-alternatives texinfo