poky/recipes-devtools at f2e41a197fba1937383fd32cbd84c6028bebd928 - poky

mirror of https://git.yoctoproject.org/poky synced 2026-02-20 08:29:42 +01:00

Files

Yuanjie Huang ca22ef73d0 binutils: Fix CVE-2017-6965 and CVE-2017-6966

Backport upstream commit to address vulnerabilities:

CVE: CVE-2017-6965
[BZ 21137] -- https://sourceware.org/bugzilla/show_bug.cgi?id=21137

Fix readelf writing to illegal addresses whilst processing corrupt input
files containing symbol-difference relocations.

	PR binutils/21137
	* readelf.c (target_specific_reloc_handling): Add end parameter.
	Check for buffer overflow before writing relocated values.
	(apply_relocations): Pass end to target_specific_reloc_handling.

CVE: CVE-2017-6966
[BZ 21139] -- https://sourceware.org/bugzilla/show_bug.cgi?id=21139

Fix read-after-free error in readelf when processing multiple, relocated
sections in an MSP430 binary.

	PR binutils/21139
	* readelf.c (target_specific_reloc_handling): Add num_syms
	parameter.  Check for symbol table overflow before accessing
	symbol value.  If reloc pointer is NULL, discard all saved state.
	(apply_relocations): Pass num_syms to target_specific_reloc_handling.
	Call target_specific_reloc_handling with a NULL reloc pointer
	after processing all of the relocs.

(From OE-Core rev: 8c52a530ba2beb438aa47956bcec3777a1eafe5f)

Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2017-04-11 18:10:18 +01:00

apt

apt-package: Include maintenance scripts

2017-01-16 18:05:13 +00:00

autoconf

autoconf: Adjust shebang lines to remove interpreter path hardcode

2017-04-01 23:28:20 +01:00

autogen

autogen-native: fix POSIX_SHELL and perl

2017-04-10 23:00:43 +01:00

automake

automake: Adjust shebang lines to remove interpreter path hardcode

2017-04-01 23:28:20 +01:00

binutils

binutils: Fix CVE-2017-6965 and CVE-2017-6966

2017-04-11 18:10:18 +01:00

bison

bison: Remove unused bison-2.3_m4.patch

2017-03-11 16:09:14 +00:00

bootchart2

bootchart2: Allocate space on heap for collector chunks

2016-10-01 21:45:55 +01:00

btrfs-tools

btrfs-tools: update to 4.9.1

2017-03-01 23:27:09 +00:00

build-compare

build-compare: add date to PV

2017-03-17 16:53:05 +00:00

ccache

ccache: Switch to downloading xz tarball

2017-02-23 12:49:51 -08:00

cdrtools

cdrtools-native: Fix when cc is missing

2017-03-10 14:50:11 +00:00

chrpath

package_regex.inc: split the rest of the entries to their recipes

2015-12-08 10:20:52 +00:00

cmake

cmake: Backport fix to enable -Wformat-security

2017-03-17 16:53:04 +00:00

createrepo-c

dnf: move the entire dnf/rpm4 stack to Python 3

2017-03-28 08:43:13 +01:00

cve-check-tool

cve-check-tool: Use CA cert bundle in correct sysroot

2017-02-15 09:29:56 -08:00

desktop-file-utils

desktop-file-utils-native: update to 0.23

2016-07-20 10:28:46 +01:00

devel-config

Remove $COREBASE/LICENSE from LIC_FILES_CHKSUM

2016-10-28 16:15:18 +01:00

diffstat

diffstat: upgrade to 1.61

2016-02-19 01:01:24 +00:00

distcc

distcc: Don't remove users/groups in postrm

2016-11-04 12:50:54 +00:00

dmidecode

dmidecode: Explicitly set EXTRA_OEMAKE as required

2016-02-10 16:06:24 +00:00

dnf

dnf: Use lnr to create relative symlinks

2017-03-30 10:02:39 +01:00

docbook-xml

docbook-xml: correct typo "do_configre"

2017-02-23 12:49:50 -08:00

dosfstools

meta: start to ignore the largefile distro feature

2017-03-08 11:52:56 +00:00

dpkg

dpkg: Add PACKAGECONFIG for liblzma and enable it

2017-04-01 23:28:19 +01:00

e2fsprogs

e2fsprogs: Fix wrong error code after optimization

2017-03-22 11:35:21 +00:00

elfutils

elfutils: fix building elfutils-native with GCC7

2017-04-10 23:00:43 +01:00

expect

expect: resolve string formatting issues

2017-03-24 23:43:32 +00:00

fdisk

gptfdisk: fix support for 'large' drives

2017-01-31 14:43:01 +00:00

file

Revert "file: update SRCREV for 5.30 to fix fetch fail on missing commit"

2017-03-21 22:39:17 +00:00

flex

Revert "flex: upgrade to 2.6.2"

2017-03-01 23:27:06 +00:00

gcc

gcc-6.3: backport fix of check for empty string in ubsan.c

2017-04-10 23:00:43 +01:00

gdb

gdb: don't bundle bfd.info -- leave that to binutils.

2017-03-17 16:53:04 +00:00

git

git: 2.11.0 -> 2.11.1

2017-02-15 20:06:43 -08:00

gnu-config

meta: rename perl-native-runtime

2016-01-11 23:26:31 +00:00

go-native: Install bootstrap binaries with 1.4 suffix

2017-03-22 11:35:21 +00:00

guile

guile: do_configure: fix "Argument list too long"

2017-04-10 23:00:43 +01:00

help2man

help2man-native: upgrade to 1.47.4

2016-06-15 08:35:02 +01:00

i2c-tools

i2c-tools: point SRC_URI at Yocto source mirrors

2016-02-04 23:39:02 +00:00

icecc-create-env

icecc-create-env-native: add SUMMARY and tweak DESCRIPTION

2014-01-02 12:50:23 +00:00

icon-naming-utils

icon-naming-utils: separate B and S

2015-01-16 23:08:27 +00:00

intltool

intltool: Allow nativesdk variant to build

2017-01-20 11:53:49 +00:00

json-c

json-c: add BBCLASSEXTEND for native and nativesdk

2016-10-05 10:10:10 +01:00

kconfig-frontends

kconfig-frontends: fetch source from git

2017-03-01 23:27:09 +00:00

libcomps

dnf: move the entire dnf/rpm4 stack to Python 3

2017-03-28 08:43:13 +01:00

libdnf

dnf: move the entire dnf/rpm4 stack to Python 3

2017-03-28 08:43:13 +01:00

librepo

dnf: move the entire dnf/rpm4 stack to Python 3

2017-03-28 08:43:13 +01:00

libtool

Switch to Recipe Specific Sysroots

2017-01-23 12:05:17 +00:00

m4: do_configure: fix "Argument list too long"

2017-04-10 23:00:43 +01:00

make

recipes: Move out stale GPLv2 versions to a seperate layer

2017-03-07 20:05:31 +00:00

makedevs

makedevs: don't restrict device node paths to 40 characters

2016-09-16 15:24:02 +01:00

mkelfimage

mkelfimage: fix compile issues

2016-05-25 07:50:17 +01:00

mklibs

mklibs-native: 0.1.41 -> 0.1.43

2017-02-15 20:06:43 -08:00

mmc

mmc-utils: Reduce duplication in MIPS variants.

2016-11-15 15:19:53 +00:00

mtd

mtd-utils: refresh patches now merged upstream

2017-04-11 18:10:18 +01:00

mtools

recipes: Move out stale GPLv2 versions to a seperate layer

2017-03-07 20:05:31 +00:00

nasm

nasm: remove COMPATIBLE_HOST

2017-03-31 10:10:29 +01:00

opkg

run-postinsts: simplify the logic of whether to install it to images

2017-03-14 14:42:17 +00:00

opkg-utils

opkg-utils: Remove unused patches

2017-03-16 22:11:32 +00:00

orc

orc: Upgrade 0.4.25 -> 0.4.26

2016-11-06 23:35:34 +00:00

ossp-uuid

ossp-uuid: use snapshot.debian.org for SRC_URI

2016-08-01 11:47:14 +01:00

packagegroups

packagegroup-core-device-devel: add binutils-symlinks

2016-06-16 11:11:40 +01:00

patch

recipes: Move out stale GPLv2 versions to a seperate layer

2017-03-07 20:05:31 +00:00

patchelf

patchelf: Fix issues with the 'hole' in binaries approach

2017-03-07 20:05:31 +00:00

pax-utils

meta: start to ignore the largefile distro feature

2017-03-08 11:52:56 +00:00

perl

perl-native: Bring build dependencies inline with target perl package

2017-04-01 08:14:57 +01:00

pkgconfig

pkgconfig: specify --disable-indirect-deps to configure

2017-03-11 16:09:14 +00:00

postinst-intercept

Remove LIC_FILES_CHKSUM from recipes without SRC_URI

2016-10-28 16:15:21 +01:00

prelink

meta: remove True option to getVar calls

2016-12-16 10:23:23 +00:00

pseudo

pseudo: update to 1.8.2

2017-02-15 20:06:41 -08:00

python

python2/3: Move config/Makefile from core package to dev package

2017-04-11 18:10:18 +01:00

python-numpy

python-numpy: Use MIPS MACHINE_OVERRIDES to reduce duplication

2016-11-30 15:48:07 +00:00

qemu

qemu: use python2.7 instead of python2

2017-04-10 23:00:43 +01:00

quilt

quilt: Fix paths for patch and perl

2017-04-05 23:22:13 +01:00

remake

make, remake: make them properly exclude each other

2016-03-28 15:55:48 +01:00

rpm

dnf: move the entire dnf/rpm4 stack to Python 3

2017-03-28 08:43:13 +01:00

rsync

recipes: Move out stale GPLv2 versions to a seperate layer

2017-03-07 20:05:31 +00:00

ruby

ruby: upgrade 2.3.3 -> 2.4.0

2017-03-01 23:27:11 +00:00

run-postinsts

run-postinsts: Print message before running deferred postinst scripts

2016-12-08 10:31:30 +00:00

squashfs-tools

squashfs-tools: Define FNM_EXTMATCH if not defined

2015-12-12 23:42:55 +00:00

strace

strace: 4.15 -> 4.16

2017-03-01 23:27:06 +00:00

subversion

Revert "subversion: fix "svnadmin create" fail on x86"

2016-12-22 08:50:16 +00:00

swig

swig: upgrade to 3.0.12

2017-02-23 12:49:51 -08:00

syslinux

syslinux: fix build with glibc-2.25

2017-03-01 23:27:07 +00:00

systemd-bootchart

systemd-bootchart: upgrade to 231

2017-01-16 18:05:12 +00:00

tcf-agent

tcf-agent: update to 1.4_neon_bugfix branch

2016-08-01 11:47:13 +01:00

tcltk

tcl: fix sed in do_install()

2017-02-23 12:49:50 -08:00

unfs3

unfs3: Switch to using mirror tarball instead of subversion

2017-01-26 10:44:27 +00:00

unifdef

unifdef: add UPSTREAM_CHECK_REGEX to filter out development snapshots

2017-02-23 12:49:51 -08:00

vala

vala: update to 0.34.4

2016-12-17 09:57:04 +00:00

valgrind

valgrind: set ac_cv_path_PERL to /usr/bin/env perl

2017-04-10 23:00:43 +01:00

xmlto

xmlto: replace fedorahosted.org SRC_URI with pagure.io source

2017-04-05 23:22:12 +01:00

yasm

yasm: Set CCLD_FOR_BUILD to ensure BUILD_CC is used

2017-03-11 16:09:13 +00:00

zisofs-tools

Revert "zisofs-tools-native: Add missing dependency on zlib-native"

2014-03-31 23:04:35 +01:00