[0/6,master] Fix various CVE

Submitted by Mark Hatle on Dec. 5, 2013, 11:52 p.m.

Details

Message ID cover.1386287394.git.mark.hatle@windriver.com
State New
Headers show

Pull-request

git://git.yoctoproject.org/poky-contrib mhatle/master-CVE

Commit Message

Mark Hatle Dec. 5, 2013, 11:52 p.m.
Each of the patches in this set fix various CVE items.  This is the matching
set for the dora commits sent earlier, only for master.  They all still apply.

The following changes since commit 300760193c6bcfd20f1d4908f912bebd53e86281:

  tcl: fix tclConfig.sh to point to the correct private headers (2013-12-05 16:48:17 +0000)

are available in the git repository at:

  git://git.yoctoproject.org/poky-contrib mhatle/master-CVE
  http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=mhatle/master-CVE

Baogen Shang (2):
  libtiff: CVE-2013-4232
  libtiff: CVE-2013-4243

Li Wang (1):
  xinetd: CVE-2013-4342

Ming Liu (1):
  libtiff: fix CVE-2013-1960

Yue Tao (2):
  acpid: CVE-2011-1159
  icu: CVE-2013-2924

 meta/recipes-bsp/acpid/acpid.inc                   |   3 +-
 .../acpid/acpid/set_socket_noblock.patch           |  10 ++
 .../xinetd/xinetd/xinetd-CVE-2013-4342.patch       |  32 +++++
 meta/recipes-extended/xinetd/xinetd_2.3.15.bb      |   1 +
 .../libtiff/files/libtiff-CVE-2013-1960.patch      | 151 +++++++++++++++++++++
 .../libtiff/files/libtiff-CVE-2013-4232.patch      |  15 ++
 .../libtiff/files/libtiff-CVE-2013-4243.patch      |  40 ++++++
 meta/recipes-multimedia/libtiff/tiff_4.0.3.bb      |   5 +-
 ...fer_length_check_to_UTF_16_or_32_detector.patch |  33 +++++
 meta/recipes-support/icu/icu_51.2.bb               |   1 +
 10 files changed, 289 insertions(+), 2 deletions(-)
 create mode 100644 meta/recipes-bsp/acpid/acpid/set_socket_noblock.patch
 create mode 100644 meta/recipes-extended/xinetd/xinetd/xinetd-CVE-2013-4342.patch
 create mode 100644 meta/recipes-multimedia/libtiff/files/libtiff-CVE-2013-1960.patch
 create mode 100644 meta/recipes-multimedia/libtiff/files/libtiff-CVE-2013-4232.patch
 create mode 100644 meta/recipes-multimedia/libtiff/files/libtiff-CVE-2013-4243.patch
 create mode 100644 meta/recipes-support/icu/icu-51.2/add_buffer_length_check_to_UTF_16_or_32_detector.patch