From: Vijay Anusuri <vanus...@mvista.com> ChangeLog: https://git.libssh.org/projects/libssh.git/tree/CHANGELOG?h=libssh-0.10.4
Drop CVE-2020-16135.patch Ref: https://git.openembedded.org/meta-openembedded-contrib/commit/?h=stable/nanbield-nut&id=4b7e4341327e867208bfc3d8ba1954af66641e60 Signed-off-by: Vijay Anusuri <vanus...@mvista.com> --- .../libssh/libssh/CVE-2020-16135.patch | 44 ------------------- .../{libssh_0.8.9.bb => libssh_0.10.4.bb} | 16 ++----- 2 files changed, 3 insertions(+), 57 deletions(-) delete mode 100644 meta-oe/recipes-support/libssh/libssh/CVE-2020-16135.patch rename meta-oe/recipes-support/libssh/{libssh_0.8.9.bb => libssh_0.10.4.bb} (62%) diff --git a/meta-oe/recipes-support/libssh/libssh/CVE-2020-16135.patch b/meta-oe/recipes-support/libssh/libssh/CVE-2020-16135.patch deleted file mode 100644 index 63b78688d..000000000 --- a/meta-oe/recipes-support/libssh/libssh/CVE-2020-16135.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 0a9268a60f2d3748ca69bde5651f20e72761058c Mon Sep 17 00:00:00 2001 -From: Andreas Schneider <a...@cryptomilk.org> -Date: Wed, 3 Jun 2020 10:04:09 +0200 -Subject: CVE-2020-16135: Add missing NULL check for ssh_buffer_new() - -Add a missing NULL check for the pointer returned by ssh_buffer_new() in -sftpserver.c. - -Thanks to Ramin Farajpour Cami for spotting this. - -Fixes T232 - -Signed-off-by: Andreas Schneider <a...@cryptomilk.org> -Reviewed-by: Anderson Toshiyuki Sasaki <ansas...@redhat.com> -Reviewed-by: Jakub Jelen <jje...@redhat.com> -(cherry picked from commit 533d881b0f4b24c72b35ecc97fa35d295d063e53) - -Upstream-Status: Backport [https://git.libssh.org/projects/libssh.git/patch/?id=0a9268a60f2d3748ca69bde5651f20e72761058c] -CVE: CVE-2020-16135 -Signed-off-by: Hitendra Prajapati <hprajap...@mvista.com> ---- - src/sftpserver.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/src/sftpserver.c b/src/sftpserver.c -index 1717aa417..1af8a0e76 100644 ---- a/src/sftpserver.c -+++ b/src/sftpserver.c -@@ -64,6 +64,12 @@ sftp_client_message sftp_get_client_message(sftp_session sftp) { - - /* take a copy of the whole packet */ - msg->complete_message = ssh_buffer_new(); -+ if (msg->complete_message == NULL) { -+ ssh_set_error_oom(session); -+ sftp_client_message_free(msg); -+ return NULL; -+ } -+ - ssh_buffer_add_data(msg->complete_message, - ssh_buffer_get(payload), - ssh_buffer_get_len(payload)); --- -2.25.1 - diff --git a/meta-oe/recipes-support/libssh/libssh_0.8.9.bb b/meta-oe/recipes-support/libssh/libssh_0.10.4.bb similarity index 62% rename from meta-oe/recipes-support/libssh/libssh_0.8.9.bb rename to meta-oe/recipes-support/libssh/libssh_0.10.4.bb index 061f13912..3a57a728a 100644 --- a/meta-oe/recipes-support/libssh/libssh_0.8.9.bb +++ b/meta-oe/recipes-support/libssh/libssh_0.10.4.bb @@ -6,10 +6,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=dabb4958b830e5df11d2b0ed8ea255a0" DEPENDS = "zlib openssl" -SRC_URI = "git://git.libssh.org/projects/libssh.git;protocol=https;branch=stable-0.8 \ - file://CVE-2020-16135.patch \ - " -SRCREV = "04685a74df9ce1db1bc116a83a0da78b4f4fa1f8" +SRC_URI = "git://git.libssh.org/projects/libssh.git;protocol=https;branch=stable-0.10" +SRCREV = "e8322817a9e5aaef0698d779ddd467a209a85d85" S = "${WORKDIR}/git" @@ -25,15 +23,7 @@ EXTRA_OECMAKE = " \ -DWITH_PCAP=1 \ -DWITH_SFTP=1 \ -DWITH_ZLIB=1 \ - -DLIB_SUFFIX=${@d.getVar('baselib').replace('lib', '')} \ + -DWITH_EXAMPLES=0 \ " -do_configure:prepend () { - # Disable building of examples - sed -i -e '/add_subdirectory(examples)/s/^/#DONOTWANT/' ${S}/CMakeLists.txt \ - || bbfatal "Failed to disable examples" -} - -TOOLCHAIN = "gcc" - BBCLASSEXTEND = "native nativesdk" -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#107650): https://lists.openembedded.org/g/openembedded-devel/message/107650 Mute This Topic: https://lists.openembedded.org/mt/103278127/21656 Group Owner: openembedded-devel+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
