poky/recipes-devtools at c90540df8b72bf9fe342bb39b3029ede39be2aeb - poky

mirror of https://git.yoctoproject.org/poky synced 2026-02-14 04:33:03 +01:00

Files

Yuanjie Huang 1693b28967 binutils: Fix CVE-2017-6965 and CVE-2017-6966

Backport upstream commit to address vulnerabilities:

CVE: CVE-2017-6965
[BZ 21137] -- https://sourceware.org/bugzilla/show_bug.cgi?id=21137

Fix readelf writing to illegal addresses whilst processing corrupt input
files containing symbol-difference relocations.

	PR binutils/21137
	* readelf.c (target_specific_reloc_handling): Add end parameter.
	Check for buffer overflow before writing relocated values.
	(apply_relocations): Pass end to target_specific_reloc_handling.

CVE: CVE-2017-6966
[BZ 21139] -- https://sourceware.org/bugzilla/show_bug.cgi?id=21139

Fix read-after-free error in readelf when processing multiple, relocated
sections in an MSP430 binary.

	PR binutils/21139
	* readelf.c (target_specific_reloc_handling): Add num_syms
	parameter.  Check for symbol table overflow before accessing
	symbol value.  If reloc pointer is NULL, discard all saved state.
	(apply_relocations): Pass num_syms to target_specific_reloc_handling.
	Call target_specific_reloc_handling with a NULL reloc pointer
	after processing all of the relocs.

(From OE-Core rev: 477afc5634698d6c5cdb6d7705a31d859495695d)

Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2017-05-18 13:07:33 +01:00

apt

meta: cleanup d.getVar(var, 1)

2016-09-14 22:22:07 +01:00

autoconf

autoconf: remove upstreamed patch

2016-09-08 00:32:43 +01:00

autogen

autogen-native: fix script error when processing libguile

2016-07-08 09:57:24 +01:00

automake

automake: drop the Python scriptlets to determine Python's directories

2016-06-03 13:13:28 +01:00

binutils

binutils: Fix CVE-2017-6965 and CVE-2017-6966

2017-05-18 13:07:33 +01:00

bison

bison/gettext: add --with-bisonlocaledir to assign BISON_LOCALEDIR

2016-02-28 11:32:58 +00:00

bootchart2

bootchart2: Allocate space on heap for collector chunks

2016-10-01 21:45:55 +01:00

btrfs-tools

btrfs-tools: update to 4.7.1

2016-09-03 09:58:37 +01:00

build-compare

build-compare: improve deb and ipk checking

2016-07-26 08:56:28 +01:00

ccache

ccache: 3.2.4 -> 3.2.5

2016-07-26 08:56:26 +01:00

cdrtools

cdrtools-native: Explicitly set EXTRA_OEMAKE as required

2016-02-11 12:27:43 +00:00

chrpath

package_regex.inc: split the rest of the entries to their recipes

2015-12-08 10:20:52 +00:00

cmake

cmake: improve CMAKE_SYSTEM_PROCESSOR assignment in nativesdk

2016-10-15 10:01:42 +01:00

cve-check-tool

cve-check-tool: report progress when downloading CVE database

2016-09-30 16:51:15 +01:00

desktop-file-utils

desktop-file-utils-native: update to 0.23

2016-07-20 10:28:46 +01:00

devel-config

recipes: convert remaining SUMMARY/DESCRIPTION cosmetic issues

2014-02-17 15:28:59 +00:00

diffstat

diffstat: upgrade to 1.61

2016-02-19 01:01:24 +00:00

distcc

distcc: Disable GTK UI by default

2016-06-12 23:47:18 +01:00

dmidecode

dmidecode: Explicitly set EXTRA_OEMAKE as required

2016-02-10 16:06:24 +00:00

docbook-dsssl-stylesheets

package_regex.inc: split sourceforge related entries to their own recipes

2015-12-08 10:20:52 +00:00

docbook-sgml-dtd

package_regex.inc: split entries which blacklist specific versions to their recipes

2015-12-08 10:20:52 +00:00

docbook-utils

docbook-utils-native: Unbreak the build after source and build dir split

2013-03-25 20:51:19 +00:00

docbook-xml

docbook-xml-dtd4: use snapshot.debian.org for SRC_URI

2016-08-01 11:47:14 +01:00

dosfstools

dosfstools: Upgrade 3.0.28 -> 4.0

2016-06-03 13:13:30 +01:00

dpkg

dpkg: Only set DEB_HOST_ARCH in target case

2016-09-28 10:16:04 +01:00

e2fsprogs

e2fsprogs: have configure expand @mkdir_p@

2017-03-14 15:20:42 +00:00

elfutils

meta: update patch metadata

2016-07-08 09:57:24 +01:00

expect

meta: Drop now pointless manual -dbg packaging

2015-12-16 11:56:30 +00:00

fdisk

gptfdisk: Explicitly set EXTRA_OEMAKE as required

2016-02-10 16:06:24 +00:00

file

Revert "file: update SRCREV for 5.28 to fix fetch fail on missing commit"

2017-03-21 22:39:46 +00:00

flex

flex: Backport buffer overflow fix

2016-10-11 08:27:27 +01:00

gcc

libgcc-common: Don't apply symlinks for nativesdk

2017-01-11 17:21:46 +00:00

gdb

gdb-cross-canadian: Depend on nativesdk-python3-importlib

2017-03-14 15:20:12 +00:00

git

git: 2.9.2 -> 2.9.3

2016-08-25 23:03:45 +01:00

gnu-config

meta: rename perl-native-runtime

2016-01-11 23:26:31 +00:00

guile

guile: remove dangling patch

2016-08-10 10:46:29 +01:00

guilt

guilt-native: set PV in the recipe to allow upstream version check

2015-08-01 07:34:08 +01:00

help2man

help2man-native: upgrade to 1.47.4

2016-06-15 08:35:02 +01:00

i2c-tools

i2c-tools: point SRC_URI at Yocto source mirrors

2016-02-04 23:39:02 +00:00

icecc-create-env

icecc-create-env-native: add SUMMARY and tweak DESCRIPTION

2014-01-02 12:50:23 +00:00

icon-naming-utils

icon-naming-utils: separate B and S

2015-01-16 23:08:27 +00:00

intltool

intltool: bump serial for aclocal --install

2016-08-10 10:46:28 +01:00

json-c

json-c: add BBCLASSEXTEND for native and nativesdk

2016-10-05 10:10:10 +01:00

kconfig-frontends

meta: cleanup d.getVar(var, 1)

2016-09-14 22:22:07 +01:00

libtool

libtool: Use SYSROOT_DIRS_BLACKLIST to exclude dirs from the sysroot

2016-05-13 13:41:28 +01:00

linuxdoc-tools

linuxdoc-tools: use snapshot.debian.org for SRC_URI

2016-08-01 11:47:14 +01:00

m4: Drop unused/unreferenced patch

2015-12-18 12:18:19 +00:00

make

meta: update patch metadata

2016-07-08 09:57:24 +01:00

makedevs

makedevs: don't restrict device node paths to 40 characters

2016-09-16 15:24:02 +01:00

mkelfimage

mkelfimage: fix compile issues

2016-05-25 07:50:17 +01:00

mklibs

mklibs-native: update broken SRC_URI

2016-10-09 12:31:40 +01:00

mmc

mmc-utils: update to latest git version

2016-05-14 23:05:12 +01:00

mtd

mtd-utils: build also for nativesdk

2016-07-12 23:10:14 +01:00

mtools

mtools: Patch out a useless sanity check

2016-06-03 13:13:30 +01:00

nasm

nasm: 2.11.08 -> 2.12.02

2016-08-25 23:03:45 +01:00

openjade

openjade/sgml-common: Add sstate postrm commands

2016-09-16 15:24:02 +01:00

opensp

guile, mailx, gcc, opensp, gstreamer1.0-libav, libunwind: disable thumb where it fails for qemuarm

2015-12-01 21:32:06 +00:00

opkg

opkg: upgrade to v0.3.3

2016-07-20 10:28:49 +01:00

opkg-utils

opkg-utils: update SRCREV

2016-06-07 15:22:37 +01:00

orc

orc: enable gtk-doc

2016-09-09 12:12:22 +01:00

ossp-uuid

ossp-uuid: use snapshot.debian.org for SRC_URI

2016-08-01 11:47:14 +01:00

packagegroups

packagegroup-core-device-devel: add binutils-symlinks

2016-06-16 11:11:40 +01:00

patch

meta: Fix Upstream-Status statements

2015-09-12 23:01:53 +01:00

patchelf

patchelf: Update to version 0.9

2016-09-15 12:15:07 +01:00

pax-utils

pax-utils: upgrade to 1.1.6

2016-06-15 08:35:03 +01:00

perl

perl: Fix ptest update hash of ExtUtils/Liblist/Kid.pm in customized.dat

2017-01-11 17:21:43 +00:00

pkgconfig

pkgconfig: Update AM_GLIB_GNU_GETTEXT macro

2016-05-17 21:19:30 +01:00

postinst-intercept

postinst-intercept: rename recipe for nativesdk only

2014-11-20 14:08:14 +00:00

prelink

prelink: Manipulate library paths to match the target system library setup

2016-09-28 10:16:03 +01:00

pseudo

pseudo: include fix for xattr corruption

2017-01-11 17:21:43 +00:00

python

python-3.5-manifest: Add imp to importlib

2017-03-14 15:20:12 +00:00

python-numpy

python-numpy: remove dangling patch

2016-08-10 10:46:29 +01:00

qemu

qemu: update run-ptest script

2017-01-11 17:21:41 +00:00

quilt

quilt/acl/attc/sed: Fix use of tar's --exclude option for tar >= 1.29

2016-08-10 10:46:31 +01:00

remake

make, remake: make them properly exclude each other

2016-03-28 15:55:48 +01:00

rpm

rpm: support customizing gpg command line

2017-03-14 15:21:07 +00:00

rsync

rsync: control ipv6 support based on DISTRO_FEATURES

2016-09-03 23:45:53 +01:00

ruby

ruby: obey LDFLAGS for the link of libruby

2016-05-14 23:05:11 +01:00

run-postinsts

run-postinsts: Correct comment misspelling, "rpm-posinsts".

2016-07-08 09:57:24 +01:00

sgml-common

openjade/sgml-common: Add sstate postrm commands

2016-09-16 15:24:02 +01:00

sgmlspl

package_regex.inc: split GITTAGREGEX entries into recipe files

2015-12-08 10:20:51 +00:00

squashfs-tools

squashfs-tools: Define FNM_EXTMATCH if not defined

2015-12-12 23:42:55 +00:00

strace

strace: Fix build with mips/mips64 on musl

2016-08-10 10:46:32 +01:00

subversion

subversion: Fix issues in LDFLAGS sed manipulation

2017-01-11 17:21:44 +00:00

swig

swig: move to Python 3

2016-06-03 13:13:27 +01:00

syslinux

syslinux: remove LDFLAGS manipulation

2016-02-04 23:39:03 +00:00

systemd-bootchart

systemd: upgrade to 230

2016-07-01 16:22:43 +01:00

tcf-agent

tcf-agent: update to 1.4_neon_bugfix branch

2016-08-01 11:47:13 +01:00

tcltk

tcl: 8.6.5 -> 8.6.6

2016-08-04 15:22:23 +01:00

unfs3

unfs3: Simplify simultaneous usage of "_append" and "+="

2016-08-25 23:03:48 +01:00

unifdef

unifdef: upgrade to 2.11

2015-12-16 12:12:15 +00:00

vala

meta: cleanup d.getVar(var, 1)

2016-09-14 22:22:07 +01:00

valgrind

valgrind: make ld-XXX.so strlen intercept optional

2017-01-11 17:21:46 +00:00

xmlto

xmlto: Add libxslt to native DEPENDS

2016-10-07 16:43:57 +01:00

yasm

yasm: 1.2.0 -> 1.3.0

2015-06-11 23:59:15 +01:00

zisofs-tools

Revert "zisofs-tools-native: Add missing dependency on zlib-native"

2014-03-31 23:04:35 +01:00