inetutils: upgrade 2.3 -> 2.4

Message ID	1667453448-28192-5-git-send-email-wangmy@fujitsu.com
State	Accepted, archived
Commit	fec6ec179b97b768d32fbd782338450edc1a5344
Headers	show Return-Path: <wangmy@fujitsu.com> ip: 195.245.231.1, mailfrom: wangmy@fujitsu.com) From: <wangmy@fujitsu.com> To: <openembedded-core@lists.openembedded.org> CC: Wang Mingyu <wangmy@fujitsu.com> Subject: [OE-core] [PATCH] inetutils: upgrade 2.3 -> 2.4 Date: Thu, 3 Nov 2022 13:30:48 +0800 Message-ID: <1667453448-28192-5-git-send-email-wangmy@fujitsu.com> In-Reply-To: <1667453448-28192-1-git-send-email-wangmy@fujitsu.com> References: <1667453448-28192-1-git-send-email-wangmy@fujitsu.com> MIME-Version: 1.0 Content-Type: text/plain
Series	inetutils: upgrade 2.3 -> 2.4 \| expand inetutils: upgrade 2.3 -> 2.4

Message ID

1667453448-28192-5-git-send-email-wangmy@fujitsu.com

State

Accepted, archived

Commit

fec6ec179b97b768d32fbd782338450edc1a5344

Headers

From: <wangmy@fujitsu.com>
To: <openembedded-core@lists.openembedded.org>
CC: Wang Mingyu <wangmy@fujitsu.com>
Subject: [OE-core] [PATCH] inetutils: upgrade 2.3 -> 2.4
Date: Thu, 3 Nov 2022 13:30:48 +0800
Message-ID: <1667453448-28192-5-git-send-email-wangmy@fujitsu.com>
In-Reply-To: <1667453448-28192-1-git-send-email-wangmy@fujitsu.com>
References: <1667453448-28192-1-git-send-email-wangmy@fujitsu.com>
MIME-Version: 1.0
Content-Type: text/plain

Series

inetutils: upgrade 2.3 -> 2.4 | expand

Commit Message

Mingyu Wang (Fujitsu) Nov. 3, 2022, 5:30 a.m. UTC

From: Wang Mingyu <wangmy@fujitsu.com>

CVE-2022-39028.patch
removed since it's included in 2.4

Changelog:
==========
ifconfig
------------
Support specifying prefix netmask lengths in -A.
Hurd: tell pfinet translator interfaces to configure

ftp
----------
Avoid crash caused by signed integer overflow resulting in out-of-bounds buffer access.
Avoid crash caused by heap buffer overflow.
Avoid crash caused by NULL pointer dereference.
Avoid crash caused by infinite macro recursion.

telnetd
-----------
Avoid crash on 0xff 0xf7 (IAC EC) or 0xff 0xf8 (IAC EL).  CVE-2022-39028

telnet
-----------
Fix a buffer overflow problem.  CVE-2019-0053

tftp
-----------
Avoid crashing when given unexpected or invalid commands from tty.
Various bugs fixes, internal improvements and clean ups.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
---
 .../inetutils/inetutils/CVE-2022-39028.patch  | 54 -------------------
 .../{inetutils_2.3.bb => inetutils_2.4.bb}    |  3 +-
 2 files changed, 1 insertion(+), 56 deletions(-)
 delete mode 100644 meta/recipes-connectivity/inetutils/inetutils/CVE-2022-39028.patch
 rename meta/recipes-connectivity/inetutils/{inetutils_2.3.bb => inetutils_2.4.bb} (98%)

diff --git a/meta/recipes-connectivity/inetutils/inetutils/CVE-2022-39028.patch b/meta/recipes-connectivity/inetutils/inetutils/CVE-2022-39028.patch
deleted file mode 100644
index 3b07515c7b..0000000000
--- a/meta/recipes-connectivity/inetutils/inetutils/CVE-2022-39028.patch
+++ /dev/null
@@ -1,54 +0,0 @@ 
-From d52349fa1b6baac77ffa2c74769636aa2ece2ec5 Mon Sep 17 00:00:00 2001
-From: Erik Auerswald <auerswal@unix-ag.uni-kl.de>
-Date: Sat, 3 Sep 2022 16:58:16 +0200
-Subject: [PATCH] telnetd: Handle early IAC EC or IAC EL receipt
-
-Fix telnetd crash if the first two bytes of a new connection
-are 0xff 0xf7 (IAC EC) or 0xff 0xf8 (IAC EL).
-
-The problem was reported in:
-<https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html>.
-
-* NEWS: Mention fix.
-* telnetd/state.c (telrcv): Handle zero slctab[SLC_EC].sptr and
-zero slctab[SLC_EL].sptr.
-
-CVE: CVE-2022-39028
-Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=fae8263e467380483c28513c0e5fac143e46f94f]
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- telnetd/state.c | 12 +++++++++---
- 1 file changed, 9 insertions(+), 3 deletions(-)
-
-diff --git a/telnetd/state.c b/telnetd/state.c
-index ffc6cba..c2d760f 100644
---- a/telnetd/state.c
-+++ b/telnetd/state.c
-@@ -312,15 +312,21 @@ telrcv (void)
- 	    case EC:
- 	    case EL:
- 	      {
--		cc_t ch;
-+		cc_t ch = (cc_t) (_POSIX_VDISABLE);
- 
- 		DEBUG (debug_options, 1, printoption ("td: recv IAC", c));
- 		ptyflush ();	/* half-hearted */
- 		init_termbuf ();
- 		if (c == EC)
--		  ch = *slctab[SLC_EC].sptr;
-+		  {
-+		    if (slctab[SLC_EC].sptr)
-+		      ch = *slctab[SLC_EC].sptr;
-+		  }
- 		else
--		  ch = *slctab[SLC_EL].sptr;
-+		  {
-+		    if (slctab[SLC_EL].sptr)
-+		      ch = *slctab[SLC_EL].sptr;
-+		  }
- 		if (ch != (cc_t) (_POSIX_VDISABLE))
- 		  pty_output_byte ((unsigned char) ch);
- 		break;
--- 
-2.37.3
-
diff --git a/meta/recipes-connectivity/inetutils/inetutils_2.3.bb b/meta/recipes-connectivity/inetutils/inetutils_2.4.bb
similarity index 98%
rename from meta/recipes-connectivity/inetutils/inetutils_2.3.bb
rename to meta/recipes-connectivity/inetutils/inetutils_2.4.bb
index 2fce84374d..6519331141 100644
--- a/meta/recipes-connectivity/inetutils/inetutils_2.3.bb
+++ b/meta/recipes-connectivity/inetutils/inetutils_2.4.bb
@@ -10,7 +10,7 @@  LICENSE = "GPL-3.0-only"
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=0c7051aef9219dc7237f206c5c4179a7"
 
-SRC_URI[sha256sum] = "0b01bb08e29623c4e3b940f233c961451d9af8c5066301add76a52a95d51772c"
+SRC_URI[sha256sum] = "1789d6b1b1a57dfe2a7ab7b533ee9f5dfd9cbf5b59bb1bb3c2612ed08d0f68b2"
 SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \
            file://inetutils-1.8-0001-printf-parse-pull-in-features.h-for-__GLIBC__.patch \
            file://inetutils-1.8-0003-wchar.patch \
@@ -21,7 +21,6 @@  SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \
            file://tftpd.xinetd.inetutils \
            file://inetutils-1.9-PATH_PROCNET_DEV.patch \
            file://inetutils-only-check-pam_appl.h-when-pam-enabled.patch \
-           file://CVE-2022-39028.patch \
 "
 
 inherit autotools gettext update-alternatives texinfo

inetutils: upgrade 2.3 -> 2.4

Commit Message

Patch