[PATCH 1/5] ptpd: disable libpcap detection via pcap-config

[PATCH 1/5] ptpd: disable libpcap detection via pcap-config

[Armin Kuster]

From: Stefan Agner <stefan@agner.ch>

When the host system provides pcap-config, the configure scripts
detect that and add a bogous CPPFLAG:

checking for pcap-config... /usr/bin/pcap-config
checking if we want to build with libpcap support... yes, pcap-config
...
PCAP_CPPFLAGS =  -I/usr/include

Which down the line can lead to compile errors due to wrong headers
being included. Fix this issue by using --with-pcap-config=no which
prevents detection using pcap-config but does "guessing", which works
fine for OE.

Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 meta-networking/recipes-daemons/ptpd/ptpd_2.3.1-rc2.bb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta-networking/recipes-daemons/ptpd/ptpd_2.3.1-rc2.bb b/meta-networking/recipes-daemons/ptpd/ptpd_2.3.1-rc2.bb
index db74e44..b6abfee 100644
--- a/meta-networking/recipes-daemons/ptpd/ptpd_2.3.1-rc2.bb
+++ b/meta-networking/recipes-daemons/ptpd/ptpd_2.3.1-rc2.bb
@@ -8,7 +8,7 @@ SECTION = "network"
 LICENSE = "BSD"
 LIC_FILES_CHKSUM = "file://README;md5=2452033fe374283f29579898663b1aa8"
 
-DEPENDS = "libpcap"
+DEPENDS = "linux-libc-headers libpcap"
 
 inherit autotools
 
@@ -30,7 +30,7 @@ S = "${WORKDIR}/ptpd-${PV}"
 
 EXTRA_OEMAKE = ""
 
-EXTRA_OECONF += "--disable-snmp"
+EXTRA_OECONF += "--disable-snmp --with-pcap-config=no"
 
 do_install() {
     install -d ${D}${bindir} ${D}${mandir}/man8
-- 
1.9.1

[PATCH 0/5] meta-oe Dizzy-next

[Armin Kuster]

please consider these patches for meta-openembedded dizzy-next

The following changes since commit 5b6f39ce325d490fc382d5d59c5b8b9d5fa38b38:

  gsoap: fold .inc and -native into one recipe (2015-04-29 19:24:09 +0200)

are available in the git repository at:

  git://github.com/akuster/meta-openembedded akuster/dizzy-next
  https://github.com/akuster/meta-openembedded/tree/akuster/dizz-next

Hugo Vasconcelos Saldanha (1):
  libssh2: fix CVE-2015-1782

Roy Li (2):
  mariadb: Security Advisory -CVE-2015-2305
  ipsec-tools: Security Advisory - CVE-2015-4047

Stefan Agner (1):
  ptpd: disable libpcap detection via pcap-config

Tudor Florea (1):
  fuse: fix for CVE-2015-3202 Privilege Escalation

 ...fix_exec_environment_for_mount_and_umount.patch |  63 +++++++++++
 .../recipes-support/fuse/fuse_2.9.3.bb             |   1 +
 .../recipes-daemons/ptpd/ptpd_2.3.1-rc2.bb         |   4 +-
 .../ipsec-tools/fix-CVE-2015-4047.patch            |  36 +++++++
 .../ipsec-tools/ipsec-tools_0.8.2.bb               |   1 +
 .../libssh2/libssh2-1.4.3/CVE-2015-1782.patch      | 115 +++++++++++++++++++++
 meta-oe/recipes-support/libssh2/libssh2_1.4.3.bb   |   4 +-
 .../mysql/mariadb/fix-CVE-2015-2305.patch          |  43 ++++++++
 meta-oe/recipes-support/mysql/mariadb_5.5.39.inc   |   1 +
 9 files changed, 265 insertions(+), 3 deletions(-)
 create mode 100644 meta-filesystems/recipes-support/fuse/files/001-fix_exec_environment_for_mount_and_umount.patch
 create mode 100644 meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch
 create mode 100644 meta-oe/recipes-support/libssh2/libssh2-1.4.3/CVE-2015-1782.patch
 create mode 100644 meta-oe/recipes-support/mysql/mariadb/fix-CVE-2015-2305.patch

-- 
1.9.1

[PATCH 2/5] libssh2: fix CVE-2015-1782

[Armin Kuster]

From: Hugo Vasconcelos Saldanha <hugo.saldanha@aker.com.br>

Refer to: http://www.libssh2.org/adv_20150311.html

Signed-off-by: Hugo Vasconcelos Saldanha <hugo.saldanha@aker.com.br>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../libssh2/libssh2-1.4.3/CVE-2015-1782.patch      | 115 +++++++++++++++++++++
 meta-oe/recipes-support/libssh2/libssh2_1.4.3.bb   |   4 +-
 2 files changed, 118 insertions(+), 1 deletion(-)
 create mode 100644 meta-oe/recipes-support/libssh2/libssh2-1.4.3/CVE-2015-1782.patch

diff --git a/meta-oe/recipes-support/libssh2/libssh2-1.4.3/CVE-2015-1782.patch b/meta-oe/recipes-support/libssh2/libssh2-1.4.3/CVE-2015-1782.patch
new file mode 100644
index 0000000..5f4a7c7
--- /dev/null
+++ b/meta-oe/recipes-support/libssh2/libssh2-1.4.3/CVE-2015-1782.patch
@@ -0,0 +1,115 @@
+From c7f66cca285033da9b8c9de8eceff52d7b3c3ef3 Mon Sep 17 00:00:00 2001
+From: Mariusz Ziulek <mzet@owasp.org>
+Date: Sat, 21 Feb 2015 23:31:36 +0100
+Subject: [PATCH] kex: bail out on rubbish in the incoming packet
+
+Upstream-Status: Backport
+
+Signed-off-by: Hugo Vasconcelos Saldanha <hugo.saldanha@aker.com.br>
+
+---
+ src/kex.c | 73 +++++++++++++++++++++++++++++++++++----------------------------
+ 1 file changed, 41 insertions(+), 32 deletions(-)
+
+diff --git a/src/kex.c b/src/kex.c
+index fa4c4e1..ad7498a 100644
+--- a/src/kex.c
++++ b/src/kex.c
+@@ -1547,10 +1547,34 @@ static int kex_agree_comp(LIBSSH2_SESSION *session,
+ 
+ /* TODO: When in server mode we need to turn this logic on its head
+  * The Client gets to make the final call on "agreed methods"
+  */
+ 
++/*
++ * kex_string_pair() extracts a string from the packet and makes sure it fits
++ * within the given packet.
++ */
++static int kex_string_pair(unsigned char **sp,   /* parsing position */
++                           unsigned char *data,  /* start pointer to packet */
++                           size_t data_len,      /* size of total packet */
++                           size_t *lenp,         /* length of the string */
++                           unsigned char **strp) /* pointer to string start */
++{
++    unsigned char *s = *sp;
++    *lenp = _libssh2_ntohu32(s);
++
++    /* the length of the string must fit within the current pointer and the
++       end of the packet */
++    if (*lenp > (data_len - (s - data) -4))
++        return 1;
++    *strp = s + 4;
++    s += 4 + *lenp;
++
++    *sp = s;
++    return 0;
++}
++
+ /* kex_agree_methods
+  * Decide which specific method to use of the methods offered by each party
+  */
+ static int kex_agree_methods(LIBSSH2_SESSION * session, unsigned char *data,
+                              unsigned data_len)
+@@ -1566,42 +1590,27 @@ static int kex_agree_methods(LIBSSH2_SESSION * session, unsigned char *data,
+ 
+     /* Skip cookie, don't worry, it's preserved in the kexinit field */
+     s += 16;
+ 
+     /* Locate each string */
+-    kex_len = _libssh2_ntohu32(s);
+-    kex = s + 4;
+-    s += 4 + kex_len;
+-    hostkey_len = _libssh2_ntohu32(s);
+-    hostkey = s + 4;
+-    s += 4 + hostkey_len;
+-    crypt_cs_len = _libssh2_ntohu32(s);
+-    crypt_cs = s + 4;
+-    s += 4 + crypt_cs_len;
+-    crypt_sc_len = _libssh2_ntohu32(s);
+-    crypt_sc = s + 4;
+-    s += 4 + crypt_sc_len;
+-    mac_cs_len = _libssh2_ntohu32(s);
+-    mac_cs = s + 4;
+-    s += 4 + mac_cs_len;
+-    mac_sc_len = _libssh2_ntohu32(s);
+-    mac_sc = s + 4;
+-    s += 4 + mac_sc_len;
+-    comp_cs_len = _libssh2_ntohu32(s);
+-    comp_cs = s + 4;
+-    s += 4 + comp_cs_len;
+-    comp_sc_len = _libssh2_ntohu32(s);
+-    comp_sc = s + 4;
+-#if 0
+-    s += 4 + comp_sc_len;
+-    lang_cs_len = _libssh2_ntohu32(s);
+-    lang_cs = s + 4;
+-    s += 4 + lang_cs_len;
+-    lang_sc_len = _libssh2_ntohu32(s);
+-    lang_sc = s + 4;
+-    s += 4 + lang_sc_len;
+-#endif
++    if(kex_string_pair(&s, data, data_len, &kex_len, &kex))
++       return -1;
++    if(kex_string_pair(&s, data, data_len, &hostkey_len, &hostkey))
++       return -1;
++    if(kex_string_pair(&s, data, data_len, &crypt_cs_len, &crypt_cs))
++       return -1;
++    if(kex_string_pair(&s, data, data_len, &crypt_sc_len, &crypt_sc))
++       return -1;
++    if(kex_string_pair(&s, data, data_len, &mac_cs_len, &mac_cs))
++       return -1;
++    if(kex_string_pair(&s, data, data_len, &mac_sc_len, &mac_sc))
++       return -1;
++    if(kex_string_pair(&s, data, data_len, &comp_cs_len, &comp_cs))
++       return -1;
++    if(kex_string_pair(&s, data, data_len, &comp_sc_len, &comp_sc))
++       return -1;
++
+     /* If the server sent an optimistic packet, assume that it guessed wrong.
+      * If the guess is determined to be right (by kex_agree_kex_hostkey)
+      * This flag will be reset to zero so that it's not ignored */
+     session->burn_optimistic_kexinit = *(s++);
+     /* Next uint32 in packet is all zeros (reserved) */
+-- 
+2.1.4
+
diff --git a/meta-oe/recipes-support/libssh2/libssh2_1.4.3.bb b/meta-oe/recipes-support/libssh2/libssh2_1.4.3.bb
index b537663..9af0f7f 100644
--- a/meta-oe/recipes-support/libssh2/libssh2_1.4.3.bb
+++ b/meta-oe/recipes-support/libssh2/libssh2_1.4.3.bb
@@ -7,7 +7,9 @@ DEPENDS = "zlib openssl"
 LICENSE = "BSD"
 LIC_FILES_CHKSUM = "file://COPYING;md5=d00afe44f336a79a2ca7e1681ce14509"
 
-SRC_URI = "http://www.libssh2.org/download/${BP}.tar.gz"
+SRC_URI = "http://www.libssh2.org/download/${BP}.tar.gz \
+           file://CVE-2015-1782.patch \
+"
 SRC_URI[md5sum] = "071004c60c5d6f90354ad1b701013a0b"
 SRC_URI[sha256sum] = "eac6f85f9df9db2e6386906a6227eb2cd7b3245739561cad7d6dc1d5d021b96d"
 
-- 
1.9.1

[PATCH 3/5] mariadb: Security Advisory -CVE-2015-2305

[Armin Kuster]

From: Roy Li <rongqing.li@windriver.com>

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2305

Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>

Conflicts:
	meta-oe/recipes-support/mysql/mariadb_5.5.39.inc
---
 .../mysql/mariadb/fix-CVE-2015-2305.patch          | 43 ++++++++++++++++++++++
 meta-oe/recipes-support/mysql/mariadb_5.5.39.inc   |  1 +
 2 files changed, 44 insertions(+)
 create mode 100644 meta-oe/recipes-support/mysql/mariadb/fix-CVE-2015-2305.patch

diff --git a/meta-oe/recipes-support/mysql/mariadb/fix-CVE-2015-2305.patch b/meta-oe/recipes-support/mysql/mariadb/fix-CVE-2015-2305.patch
new file mode 100644
index 0000000..2d1b467
--- /dev/null
+++ b/meta-oe/recipes-support/mysql/mariadb/fix-CVE-2015-2305.patch
@@ -0,0 +1,43 @@
+From f5c1d00a9ceb61acfe038dcf2ec0236c2939328c Mon Sep 17 00:00:00 2001
+From: Roy Li <rongqing.li@windriver.com>
+Date: Mon, 1 Jun 2015 15:31:48 +0800
+Subject: [PATCH] From 70bc2965604b6b8aaf260049e64c708dddf85334 Mon Sep 17
+ 00:00:00 2001 From: Gary Houston <ghouston@arglist.com> Date: Wed, 25 Feb
+ 2015 13:29:03 +1100 Subject: [PATCH] Bug fix for integer overflow in regcomp
+ for excessively long  pattern strings. CERT Vulnerability Note VU#695940.
+ Found by Guido Vranken.
+
+Upsteam-Status: Backport
+
+https://bugzilla.suse.com/attachment.cgi?id=627001
+
+Signed-off-by: Roy Li <rongqing.li@windriver.com>
+---
+ regex/regcomp.c | 11 ++++++++++-
+ 1 file changed, 10 insertions(+), 1 deletion(-)
+
+diff --git a/regex/regcomp.c b/regex/regcomp.c
+index abc1817..31e57c1 100644
+--- a/regex/regcomp.c
++++ b/regex/regcomp.c
+@@ -138,7 +138,16 @@ struct cclass cclasses[CCLASS_LAST+1]= {
+ 							(NC-1)*sizeof(cat_t));
+ 	if (g == NULL)
+ 		return(REG_ESPACE);
+-	p->ssize = (long) (len/(size_t)2*(size_t)3 + (size_t)1); /* ugh */
++	{
++	  /* Patched for CERT Vulnerability Note VU#695940, Feb 2015. */
++	  size_t new_ssize = len/(size_t)2*(size_t)3 + (size_t)1; /* ugh */
++	  if (new_ssize < len || new_ssize > LONG_MAX / sizeof(sop)) {
++	    free((char *) g);
++	    return REG_INVARG;
++	  }
++	  p->ssize = new_ssize;
++	}
++
+ 	p->strip = (sop *)malloc(p->ssize * sizeof(sop));
+ 	p->slen = 0;
+ 	if (p->strip == NULL) {
+-- 
+1.9.1
+
diff --git a/meta-oe/recipes-support/mysql/mariadb_5.5.39.inc b/meta-oe/recipes-support/mysql/mariadb_5.5.39.inc
index ae2e92b..bf15163 100644
--- a/meta-oe/recipes-support/mysql/mariadb_5.5.39.inc
+++ b/meta-oe/recipes-support/mysql/mariadb_5.5.39.inc
@@ -10,6 +10,7 @@ SRC_URI = "http://mirror.stshosting.co.uk/mariadb/mariadb-${PV}/source/mariadb-$
            file://fix-mysqlclient-r-version.patch \
            file://my.cnf \
            file://mysqld.service \
+           file://fix-CVE-2015-2305.patch \
           "
 
 SRC_URI[md5sum] = "917a807d8cf2c8ef9deedd2a89b6decd"
-- 
1.9.1

[PATCH 4/5] ipsec-tools: Security Advisory - CVE-2015-4047

[Armin Kuster]

From: Roy Li <rongqing.li@windriver.com>

This fixed the CVE-2015-4047:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4047

Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>

Conflicts:
	meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb
---
 .../ipsec-tools/fix-CVE-2015-4047.patch            | 36 ++++++++++++++++++++++
 .../ipsec-tools/ipsec-tools_0.8.2.bb               |  1 +
 2 files changed, 37 insertions(+)
 create mode 100644 meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch

diff --git a/meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch b/meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch
new file mode 100644
index 0000000..5286376
--- /dev/null
+++ b/meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch
@@ -0,0 +1,36 @@
+[PATCH] fix CVE-2015-4047
+
+Upstream-Status: Backport
+
+http://www.openwall.com/lists/oss-security/2015/05/20/1
+
+racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause
+a denial of service (NULL pointer dereference and IKE daemon crash) via
+a series of crafted UDP requests.
+
+https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4047
+
+Signed-off-by: Roy Li <rongqing.li@windriver.com>
+---
+ src/racoon/gssapi.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/src/racoon/gssapi.c b/src/racoon/gssapi.c
+index e64b201..1ad3b42 100644
+--- a/src/racoon/gssapi.c
++++ b/src/racoon/gssapi.c
+@@ -192,6 +192,11 @@ gssapi_init(struct ph1handle *iph1)
+ 	gss_name_t princ, canon_princ;
+ 	OM_uint32 maj_stat, min_stat;
+ 
++	if (iph1->rmconf == NULL) {
++	        plog(LLV_ERROR, LOCATION, NULL, "no remote config\n");
++	        return -1;
++	}
++
+ 	gps = racoon_calloc(1, sizeof (struct gssapi_ph1_state));
+ 	if (gps == NULL) {
+ 		plog(LLV_ERROR, LOCATION, NULL, "racoon_calloc failed\n");
+-- 
+1.9.1
+
diff --git a/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb b/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb
index 8cc55ef..c526820 100644
--- a/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb
+++ b/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb
@@ -15,6 +15,7 @@ SRC_URI = "ftp://ftp.netbsd.org/pub/NetBSD/misc/ipsec-tools/0.8/ipsec-tools-${PV
            file://racoon-check-invalid-ivm.patch \
            file://glibc-2.20.patch \
            file://racoon-Resend-UPDATE-message-when-received-EINTR-message.patch \
+           file://fix-CVE-2015-4047.patch \
           "
 SRC_URI[md5sum] = "d53ec14a0a3ece64e09e5e34b3350b41"
 SRC_URI[sha256sum] = "8eb6b38716e2f3a8a72f1f549c9444c2bc28d52c9536792690564c74fe722f2d"
-- 
1.9.1

[PATCH 5/5] fuse: fix for CVE-2015-3202 Privilege Escalation

[Armin Kuster]

From: Tudor Florea <tudor.florea@enea.com>

fusermount in FUSE before 2.9.3-15 does not properly clear the environment before
invoking (1) mount or (2) umount as root, which allows local users to write
to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is
used by mount's debugging feature.

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3202
http://www.openwall.com/lists/oss-security/2015/05/21/9

Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 ...fix_exec_environment_for_mount_and_umount.patch | 63 ++++++++++++++++++++++
 .../recipes-support/fuse/fuse_2.9.3.bb             |  1 +
 2 files changed, 64 insertions(+)
 create mode 100644 meta-filesystems/recipes-support/fuse/files/001-fix_exec_environment_for_mount_and_umount.patch

diff --git a/meta-filesystems/recipes-support/fuse/files/001-fix_exec_environment_for_mount_and_umount.patch b/meta-filesystems/recipes-support/fuse/files/001-fix_exec_environment_for_mount_and_umount.patch
new file mode 100644
index 0000000..8332bfb
--- /dev/null
+++ b/meta-filesystems/recipes-support/fuse/files/001-fix_exec_environment_for_mount_and_umount.patch
@@ -0,0 +1,63 @@
+From cfe13b7a217075ae741c018da50cd600e5330de2 Mon Sep 17 00:00:00 2001
+From: Miklos Szeredi <mszeredi@suse.cz>
+Date: Fri, 22 May 2015 10:58:43 +0200
+Subject: [PATCH] libfuse: fix exec environment for mount and umount
+
+Found by Tavis Ormandy (CVE-2015-3202).
+
+Upstream-Status: Submitted
+Signed-off-by: Tudor Florea <tudor.florea@enea.com>
+
+---
+--- a/lib/mount_util.c
++++ b/lib/mount_util.c
+@@ -95,10 +95,12 @@ static int add_mount(const char *prognam
+ 		goto out_restore;
+ 	}
+ 	if (res == 0) {
++		char *env = NULL;
++
+ 		sigprocmask(SIG_SETMASK, &oldmask, NULL);
+ 		setuid(geteuid());
+-		execl("/bin/mount", "/bin/mount", "--no-canonicalize", "-i",
+-		      "-f", "-t", type, "-o", opts, fsname, mnt, NULL);
++		execle("/bin/mount", "/bin/mount", "--no-canonicalize", "-i",
++		       "-f", "-t", type, "-o", opts, fsname, mnt, NULL, &env);
+ 		fprintf(stderr, "%s: failed to execute /bin/mount: %s\n",
+ 			progname, strerror(errno));
+ 		exit(1);
+@@ -146,10 +148,17 @@ static int exec_umount(const char *progn
+ 		goto out_restore;
+ 	}
+ 	if (res == 0) {
++		char *env = NULL;
++
+ 		sigprocmask(SIG_SETMASK, &oldmask, NULL);
+ 		setuid(geteuid());
+-		execl("/bin/umount", "/bin/umount", "-i", rel_mnt,
+-		      lazy ? "-l" : NULL, NULL);
++		if (lazy) {
++			execle("/bin/umount", "/bin/umount", "-i", rel_mnt,
++			       "-l", NULL, &env);
++		} else {
++			execle("/bin/umount", "/bin/umount", "-i", rel_mnt,
++			       NULL, &env);
++		}
+ 		fprintf(stderr, "%s: failed to execute /bin/umount: %s\n",
+ 			progname, strerror(errno));
+ 		exit(1);
+@@ -205,10 +214,12 @@ static int remove_mount(const char *prog
+ 		goto out_restore;
+ 	}
+ 	if (res == 0) {
++		char *env = NULL;
++
+ 		sigprocmask(SIG_SETMASK, &oldmask, NULL);
+ 		setuid(geteuid());
+-		execl("/bin/umount", "/bin/umount", "--no-canonicalize", "-i",
+-		      "--fake", mnt, NULL);
++		execle("/bin/umount", "/bin/umount", "--no-canonicalize", "-i",
++		       "--fake", mnt, NULL, &env);
+ 		fprintf(stderr, "%s: failed to execute /bin/umount: %s\n",
+ 			progname, strerror(errno));
+ 		exit(1);
diff --git a/meta-filesystems/recipes-support/fuse/fuse_2.9.3.bb b/meta-filesystems/recipes-support/fuse/fuse_2.9.3.bb
index 60fea87..2e2f7a1 100644
--- a/meta-filesystems/recipes-support/fuse/fuse_2.9.3.bb
+++ b/meta-filesystems/recipes-support/fuse/fuse_2.9.3.bb
@@ -13,6 +13,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
 SRC_URI = "${SOURCEFORGE_MIRROR}/fuse/fuse-${PV}.tar.gz \
            file://gold-unversioned-symbol.patch \
            file://aarch64.patch \
+           file://001-fix_exec_environment_for_mount_and_umount.patch \
 "
 SRC_URI[md5sum] = "33cae22ca50311446400daf8a6255c6a"
 SRC_URI[sha256sum] = "0beb83eaf2c5e50730fc553406ef124d77bc02c64854631bdfc86bfd6437391c"
-- 
1.9.1

Re: [PATCH 0/5] meta-oe Dizzy-next

[Martin Jansa]

[-- Attachment #1: Type: text/plain, Size: 2109 bytes --]

On Mon, Jul 20, 2015 at 09:56:35PM -0700, Armin Kuster wrote:
> please consider these patches for meta-openembedded dizzy-next
> 
> The following changes since commit 5b6f39ce325d490fc382d5d59c5b8b9d5fa38b38:
> 
>   gsoap: fold .inc and -native into one recipe (2015-04-29 19:24:09 +0200)
> 
> are available in the git repository at:
> 
>   git://github.com/akuster/meta-openembedded akuster/dizzy-next
>   https://github.com/akuster/meta-openembedded/tree/akuster/dizz-next

Merged to dizzy-next.

For some reason "y" is missing in your https github link, are you
generating the cover manually?

> Hugo Vasconcelos Saldanha (1):
>   libssh2: fix CVE-2015-1782
> 
> Roy Li (2):
>   mariadb: Security Advisory -CVE-2015-2305
>   ipsec-tools: Security Advisory - CVE-2015-4047
> 
> Stefan Agner (1):
>   ptpd: disable libpcap detection via pcap-config
> 
> Tudor Florea (1):
>   fuse: fix for CVE-2015-3202 Privilege Escalation
> 
>  ...fix_exec_environment_for_mount_and_umount.patch |  63 +++++++++++
>  .../recipes-support/fuse/fuse_2.9.3.bb             |   1 +
>  .../recipes-daemons/ptpd/ptpd_2.3.1-rc2.bb         |   4 +-
>  .../ipsec-tools/fix-CVE-2015-4047.patch            |  36 +++++++
>  .../ipsec-tools/ipsec-tools_0.8.2.bb               |   1 +
>  .../libssh2/libssh2-1.4.3/CVE-2015-1782.patch      | 115 +++++++++++++++++++++
>  meta-oe/recipes-support/libssh2/libssh2_1.4.3.bb   |   4 +-
>  .../mysql/mariadb/fix-CVE-2015-2305.patch          |  43 ++++++++
>  meta-oe/recipes-support/mysql/mariadb_5.5.39.inc   |   1 +
>  9 files changed, 265 insertions(+), 3 deletions(-)
>  create mode 100644 meta-filesystems/recipes-support/fuse/files/001-fix_exec_environment_for_mount_and_umount.patch
>  create mode 100644 meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch
>  create mode 100644 meta-oe/recipes-support/libssh2/libssh2-1.4.3/CVE-2015-1782.patch
>  create mode 100644 meta-oe/recipes-support/mysql/mariadb/fix-CVE-2015-2305.patch
> 
> -- 
> 1.9.1
> 

-- 
Martin 'JaMa' Jansa     jabber: Martin.Jansa@gmail.com

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 188 bytes --]

Re: [PATCH 0/5] meta-oe Dizzy-next

[akuster808]

On 07/27/2015 09:16 AM, Martin Jansa wrote:
> On Mon, Jul 20, 2015 at 09:56:35PM -0700, Armin Kuster wrote:
>> please consider these patches for meta-openembedded dizzy-next
>>
>> The following changes since commit 5b6f39ce325d490fc382d5d59c5b8b9d5fa38b38:
>>
>>    gsoap: fold .inc and -native into one recipe (2015-04-29 19:24:09 +0200)
>>
>> are available in the git repository at:
>>
>>    git://github.com/akuster/meta-openembedded akuster/dizzy-next
>>    https://github.com/akuster/meta-openembedded/tree/akuster/dizz-next
>
> Merged to dizzy-next.
>
> For some reason "y" is missing in your https github link, are you
> generating the cover manually?
>

That is weird. I used the scripts Poky provides. Its possible I deleted 
it when editing the cover letter?

thanks,
Armin
>> Hugo Vasconcelos Saldanha (1):
>>    libssh2: fix CVE-2015-1782
>>
>> Roy Li (2):
>>    mariadb: Security Advisory -CVE-2015-2305
>>    ipsec-tools: Security Advisory - CVE-2015-4047
>>
>> Stefan Agner (1):
>>    ptpd: disable libpcap detection via pcap-config
>>
>> Tudor Florea (1):
>>    fuse: fix for CVE-2015-3202 Privilege Escalation
>>
>>   ...fix_exec_environment_for_mount_and_umount.patch |  63 +++++++++++
>>   .../recipes-support/fuse/fuse_2.9.3.bb             |   1 +
>>   .../recipes-daemons/ptpd/ptpd_2.3.1-rc2.bb         |   4 +-
>>   .../ipsec-tools/fix-CVE-2015-4047.patch            |  36 +++++++
>>   .../ipsec-tools/ipsec-tools_0.8.2.bb               |   1 +
>>   .../libssh2/libssh2-1.4.3/CVE-2015-1782.patch      | 115 +++++++++++++++++++++
>>   meta-oe/recipes-support/libssh2/libssh2_1.4.3.bb   |   4 +-
>>   .../mysql/mariadb/fix-CVE-2015-2305.patch          |  43 ++++++++
>>   meta-oe/recipes-support/mysql/mariadb_5.5.39.inc   |   1 +
>>   9 files changed, 265 insertions(+), 3 deletions(-)
>>   create mode 100644 meta-filesystems/recipes-support/fuse/files/001-fix_exec_environment_for_mount_and_umount.patch
>>   create mode 100644 meta-networking/recipes-support/ipsec-tools/ipsec-tools/fix-CVE-2015-4047.patch
>>   create mode 100644 meta-oe/recipes-support/libssh2/libssh2-1.4.3/CVE-2015-1782.patch
>>   create mode 100644 meta-oe/recipes-support/mysql/mariadb/fix-CVE-2015-2305.patch
>>
>> --
>> 1.9.1
>>
>