From: Ankur Tyagi <[email protected]> Details: https://nvd.nist.gov/vuln/detail/CVE-2025-63938
Signed-off-by: Ankur Tyagi <[email protected]> --- .../tinyproxy/tinyproxy/CVE-2025-63938.patch | 42 +++++++++++++++++++ .../tinyproxy/tinyproxy_1.11.1.bb | 1 + 2 files changed, 43 insertions(+) create mode 100644 meta-networking/recipes-support/tinyproxy/tinyproxy/CVE-2025-63938.patch diff --git a/meta-networking/recipes-support/tinyproxy/tinyproxy/CVE-2025-63938.patch b/meta-networking/recipes-support/tinyproxy/tinyproxy/CVE-2025-63938.patch new file mode 100644 index 0000000000..27b1440b23 --- /dev/null +++ b/meta-networking/recipes-support/tinyproxy/tinyproxy/CVE-2025-63938.patch @@ -0,0 +1,42 @@ +From a8167245203adb6cae66f04e4d493a4710b993ae Mon Sep 17 00:00:00 2001 +From: rofl0r <[email protected]> +Date: Fri, 17 Oct 2025 22:57:39 +0000 +Subject: [PATCH] reqs: fix integer overflow in port number processing + +closes #586 + +CVE: CVE-2025-63938 +Upstream-Status: Backport [https://github.com/tinyproxy/tinyproxy/commit/3c0fde94981b025271ffa1788ae425257841bf5a] +(cherry picked from commit 3c0fde94981b025271ffa1788ae425257841bf5a) +Signed-off-by: Ankur Tyagi <[email protected]> +--- + src/reqs.c | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +diff --git a/src/reqs.c b/src/reqs.c +index 705ce11..b6a7d27 100644 +--- a/src/reqs.c ++++ b/src/reqs.c +@@ -174,7 +174,7 @@ static int strip_return_port (char *host) + { + char *ptr1; + char *ptr2; +- int port; ++ unsigned port; + + ptr1 = strrchr (host, ':'); + if (ptr1 == NULL) +@@ -186,8 +186,11 @@ static int strip_return_port (char *host) + return 0; + + *ptr1++ = '\0'; +- if (sscanf (ptr1, "%d", &port) != 1) /* one conversion required */ +- return 0; ++ ++ port = atoi(ptr1); ++ /* check that port string is in the valid range 1-0xffff) */ ++ if(strlen(ptr1) > 5 || (port & 0xffff0000)) return 0; ++ + return port; + } + diff --git a/meta-networking/recipes-support/tinyproxy/tinyproxy_1.11.1.bb b/meta-networking/recipes-support/tinyproxy/tinyproxy_1.11.1.bb index 8aff50fac8..00e25254a8 100644 --- a/meta-networking/recipes-support/tinyproxy/tinyproxy_1.11.1.bb +++ b/meta-networking/recipes-support/tinyproxy/tinyproxy_1.11.1.bb @@ -9,6 +9,7 @@ SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BP}.tar.gz file://tinyproxy.conf \ file://CVE-2022-40468.patch \ file://0001-CVE-2023-49606.patch \ + file://CVE-2025-63938.patch \ " SRC_URI[sha256sum] = "1574acf7ba83c703a89e98bb2758a4ed9fda456f092624b33cfcf0ce2d3b2047"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#123288): https://lists.openembedded.org/g/openembedded-devel/message/123288 Mute This Topic: https://lists.openembedded.org/mt/117172373/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
