From: akuster808 <akuster808@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: Re: [PATCH][meta-networking][v2] znc: upgrade to 1.6.0
Date: Wed, 08 Jul 2015 08:37:29 -0700 [thread overview]
Message-ID: <559D43B9.2060908@gmail.com> (raw)
In-Reply-To: <1436234152-4937-1-git-send-email-rongqing.li@windriver.com>
if it is possible, can the security fix be noted?
1.4:
CVE-2014-9403
On 07/06/2015 06:55 PM, rongqing.li@windriver.com wrote:
> From: Roy Li <rongqing.li@windriver.com>
>
> Remove backport patch
> Add CSocket submodule
> Add the dependency on icu
>
> Signed-off-by: Roy Li <rongqing.li@windriver.com>
> ---
> ...-Fix-NULL-pointer-dereference-in-webadmin.patch | 58 ----------------------
> meta-networking/recipes-irc/znc/znc_git.bb | 12 ++---
> 2 files changed, 6 insertions(+), 64 deletions(-)
> delete mode 100644 meta-networking/recipes-irc/znc/znc/0001-Fix-NULL-pointer-dereference-in-webadmin.patch
>
> diff --git a/meta-networking/recipes-irc/znc/znc/0001-Fix-NULL-pointer-dereference-in-webadmin.patch b/meta-networking/recipes-irc/znc/znc/0001-Fix-NULL-pointer-dereference-in-webadmin.patch
> deleted file mode 100644
> index 68e4414..0000000
> --- a/meta-networking/recipes-irc/znc/znc/0001-Fix-NULL-pointer-dereference-in-webadmin.patch
> +++ /dev/null
> @@ -1,58 +0,0 @@
> -Subject: [PATCH] Fix NULL pointer dereference in webadmin.
> -
> -Upstream-Status: Backport
> -
> -commit 2bd410ee5570cea127233f1133ea22f25174eb28 upstream
> -
> -Triggerable by any non-admin, if webadmin is loaded.
> -
> -The only affected version is 1.0
> -
> -Thanks to ChauffeR (Simone Esposito) for reporting this.
> ----
> - modules/webadmin.cpp | 8 ++++----
> - 1 file changed, 4 insertions(+), 4 deletions(-)
> -
> -diff --git a/modules/webadmin.cpp b/modules/webadmin.cpp
> -index b793c02..816f217 100644
> ---- a/modules/webadmin.cpp
> -+++ b/modules/webadmin.cpp
> -@@ -419,7 +419,7 @@ public:
> - CIRCNetwork* pNetwork = SafeGetNetworkFromParam(WebSock);
> -
> - // Admin||Self Check
> -- if (!spSession->IsAdmin() && (!spSession->GetUser() || spSession->GetUser() != pNetwork->GetUser())) {
> -+ if (!spSession->IsAdmin() && (!spSession->GetUser() || !pNetwork || spSession->GetUser() != pNetwork->GetUser())) {
> - return false;
> - }
> -
> -@@ -448,7 +448,7 @@ public:
> - CIRCNetwork* pNetwork = SafeGetNetworkFromParam(WebSock);
> -
> - // Admin||Self Check
> -- if (!spSession->IsAdmin() && (!spSession->GetUser() || spSession->GetUser() != pNetwork->GetUser())) {
> -+ if (!spSession->IsAdmin() && (!spSession->GetUser() || !pNetwork || spSession->GetUser() != pNetwork->GetUser())) {
> - return false;
> - }
> -
> -@@ -472,7 +472,7 @@ public:
> - CIRCNetwork* pNetwork = SafeGetNetworkFromParam(WebSock);
> -
> - // Admin||Self Check
> -- if (!spSession->IsAdmin() && (!spSession->GetUser() || spSession->GetUser() != pNetwork->GetUser())) {
> -+ if (!spSession->IsAdmin() && (!spSession->GetUser() || !pNetwork || spSession->GetUser() != pNetwork->GetUser())) {
> - return false;
> - }
> -
> -@@ -486,7 +486,7 @@ public:
> - CIRCNetwork* pNetwork = SafeGetNetworkFromParam(WebSock);
> -
> - // Admin||Self Check
> -- if (!spSession->IsAdmin() && (!spSession->GetUser() || spSession->GetUser() != pNetwork->GetUser())) {
> -+ if (!spSession->IsAdmin() && (!spSession->GetUser() || !pNetwork || spSession->GetUser() != pNetwork->GetUser())) {
> - return false;
> - }
> -
> ---
> -1.8.5.2.233.g932f7e4
> -
> diff --git a/meta-networking/recipes-irc/znc/znc_git.bb b/meta-networking/recipes-irc/znc/znc_git.bb
> index 2e35e4d..f5bed08 100644
> --- a/meta-networking/recipes-irc/znc/znc_git.bb
> +++ b/meta-networking/recipes-irc/znc/znc_git.bb
> @@ -1,16 +1,16 @@
> SUMMARY = "ZNC, an advanced IRC bouncer"
> SECTION = "net"
> LICENSE = "GPLv2"
> -LIC_FILES_CHKSUM = "file://LICENSE;md5=751419260aa954499f7abaabaa882bbe"
> +LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
>
> -DEPENDS = "openssl"
> +DEPENDS = "openssl zlib icu"
>
> -PV = "1.0+git"
> +PV = "1.6.0+git"
>
> -SRCREV = "ef59c23068547c132cb678092fba9a21317fd5f2"
> -SRC_URI = "git://github.com/znc/znc.git \
> - file://0001-Fix-NULL-pointer-dereference-in-webadmin.patch \
> +SRC_URI = "git://github.com/znc/znc.git;rev=f47e8465efa4e1cd948b9caae93ac401b4355df8 \
> + git://github.com/jimloco/Csocket.git;destsuffix=git/third_party/Csocket;name=Csocket \
> "
> +SRCREV_Csocket = "07b4437396122650e5b8fb3d014e820a5decf4ee"
>
> S = "${WORKDIR}/git"
>
>
prev parent reply other threads:[~2015-07-08 15:37 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-07 1:55 [PATCH][meta-networking][v2] znc: upgrade to 1.6.0 rongqing.li
2015-07-07 7:24 ` Koen Kooi
2015-07-07 7:31 ` Rongqing Li
2015-07-08 9:39 ` Koen Kooi
2015-07-09 1:27 ` Rongqing Li
2015-07-10 14:21 ` Koen Kooi
2015-07-11 23:34 ` Khem Raj
2015-07-09 2:35 ` Rongqing Li
2015-07-11 23:38 ` Khem Raj
2015-07-08 15:37 ` akuster808 [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=559D43B9.2060908@gmail.com \
--to=akuster808@gmail.com \
--cc=openembedded-devel@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox