mirrors/poky - poky - zepto initiative

mirrors/poky

Fork 0

mirror of https://git.yoctoproject.org/poky synced 2026-02-07 01:06:37 +01:00

Commit Graph

Author	SHA1	Message	Date
Joe Slater	c63480c960	ruby: fix CVE-2017-922{6-9} CVE-2017-9226 : check too big code point value for single byte CVE-2017-9227 : access to invalid address by reg->dmin value CVE-2017-9228 : invalid state(CCS_VALUE) in parse_char_class() CVE-2017-9229 : access to invalid address by reg->dmax value (From OE-Core rev: f15f01edbaa431829a50053d07ed6d6b333584c7) (From OE-Core rev: 4077e088b6e750c4143a59c5d89258ab682ed96b) Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-09-11 22:15:58 +01:00
Joe Slater	62e244d713	ruby: fix CVE-2017-9224 Use DATA_ENSURE(1) before access. (From OE-Core rev: 9db907a0bd331c47c4882b82f9f1d2a7ef1f6d1f) (From OE-Core rev: 7ba25f0d8d95ece5f5d56ace5b1e9c8c797efbc0) Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Fixed up to get to apply Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-09-11 22:15:58 +01:00
Leonardo Sandoval	db9b183d5c	ruby: upgrade 2.3.3 -> 2.4.0 Two LIC_FILES_CHKSUM checksums changed (COPYING and LEGAL) but LICENSE remains the same. (From OE-Core rev: 2bbad067b6b928d4615df938d0e41fa84e451c15) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-03-01 23:27:11 +00:00

Author

SHA1

Message

Date

Joe Slater

c63480c960

ruby: fix CVE-2017-922{6-9}

CVE-2017-9226 : check too big code point value for single byte
CVE-2017-9227 : access to invalid address by reg->dmin value
CVE-2017-9228 : invalid state(CCS_VALUE) in parse_char_class()
CVE-2017-9229 : access to invalid address by reg->dmax value

(From OE-Core rev: f15f01edbaa431829a50053d07ed6d6b333584c7)

(From OE-Core rev: 4077e088b6e750c4143a59c5d89258ab682ed96b)

Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2017-09-11 22:15:58 +01:00

Joe Slater

62e244d713

ruby: fix CVE-2017-9224

Use DATA_ENSURE(1) before access.

(From OE-Core rev: 9db907a0bd331c47c4882b82f9f1d2a7ef1f6d1f)

(From OE-Core rev: 7ba25f0d8d95ece5f5d56ace5b1e9c8c797efbc0)

Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Fixed up to get to apply

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2017-09-11 22:15:58 +01:00

Leonardo Sandoval

db9b183d5c

ruby: upgrade 2.3.3 -> 2.4.0

Two LIC_FILES_CHKSUM checksums changed (COPYING and LEGAL) but LICENSE remains
the same.

(From OE-Core rev: 2bbad067b6b928d4615df938d0e41fa84e451c15)

Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2017-03-01 23:27:11 +00:00

3 Commits