Please version properly your patches, this should have been v2. Also please resend the whole series because now, I have to go and cherry-pick patches from v1 because 5/5 doesn't apply standalone.
You hsould not push this work on the maintainers. On 16/11/2023 11:44:50+0000, Meenali Gupta via lists.openembedded.org wrote: > From: Meenali Gupta <[email protected]> > > A vulnerability was found in Avahi. A reachable assertion exists > in the avahi_rdata_parse() function. > > Signed-off-by: Meenali Gupta <[email protected]> > --- > meta/recipes-connectivity/avahi/avahi_0.8.bb | 1 + > .../avahi/files/CVE-2023-38472.patch | 46 +++++++++++++++++++ > 2 files changed, 47 insertions(+) > create mode 100644 meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch > > diff --git a/meta/recipes-connectivity/avahi/avahi_0.8.bb > b/meta/recipes-connectivity/avahi/avahi_0.8.bb > index 9c903d6868..84eb1c554d 100644 > --- a/meta/recipes-connectivity/avahi/avahi_0.8.bb > +++ b/meta/recipes-connectivity/avahi/avahi_0.8.bb > @@ -29,6 +29,7 @@ SRC_URI = > "${GITHUB_BASE_URI}/download/v${PV}/avahi-${PV}.tar.gz \ > file://CVE-2023-38469.patch \ > file://CVE-2023-38470.patch \ > file://CVE-2023-38471.patch \ > + file://CVE-2023-38472.patch \ > " > > GITHUB_BASE_URI = "https://github.com/lathiat/avahi/releases/"; > diff --git a/meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch > b/meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch > new file mode 100644 > index 0000000000..a1de8e2a5a > --- /dev/null > +++ b/meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch > @@ -0,0 +1,46 @@ > +From 8cf606779dc356768afc6b70e53f2808a9655143 Mon Sep 17 00:00:00 2001 > +From: Michal Sekletar <[email protected]> > +Date: Thu, 19 Oct 2023 17:36:44 +0200 > +Subject: [PATCH] avahi: core: make sure there is rdata to process before > + parsing it > + > +Fixes #452 > + > +Upstream-Status: Backport > [https://github.com/lathiat/avahi/commit/b024ae5749f4aeba03478e6391687c3c9c8dee40] > +CVE: CVE-2023-38472 > + > +Signed-off-by: Meenali Gupta <[email protected]> > +--- > + avahi-client/client-test.c | 3 +++ > + avahi-daemon/dbus-entry-group.c | 2 +- > + 2 files changed, 4 insertions(+), 1 deletion(-) > + > +diff --git a/avahi-client/client-test.c b/avahi-client/client-test.c > +index 7d04a6a..57750a4 100644 > +--- a/avahi-client/client-test.c > ++++ b/avahi-client/client-test.c > +@@ -258,6 +258,9 @@ int main (AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED > char *argv[]) { > + printf("%s\n", avahi_strerror(avahi_entry_group_add_service (group, > AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "Lathiat's Site", "_http._tcp", NULL, > NULL, 80, "foo=bar", NULL))); > + printf("add_record: %d\n", avahi_entry_group_add_record (group, > AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", 0x01, 0x10, 120, "\5booya", > 6)); > + > ++ error = avahi_entry_group_add_record (group, AVAHI_IF_UNSPEC, > AVAHI_PROTO_UNSPEC, 0, "TestX", 0x01, 0x10, 120, "", 0); > ++ assert(error != AVAHI_OK); > ++ > + avahi_entry_group_commit (group); > + > + domain = avahi_domain_browser_new (avahi, AVAHI_IF_UNSPEC, > AVAHI_PROTO_UNSPEC, NULL, AVAHI_DOMAIN_BROWSER_BROWSE, 0, > avahi_domain_browser_callback, (char*) "omghai3u"); > +diff --git a/avahi-daemon/dbus-entry-group.c > b/avahi-daemon/dbus-entry-group.c > +index 4e879a5..aa23d4b 100644 > +--- a/avahi-daemon/dbus-entry-group.c > ++++ b/avahi-daemon/dbus-entry-group.c > +@@ -340,7 +340,7 @@ DBusHandlerResult > avahi_dbus_msg_entry_group_impl(DBusConnection *c, DBusMessage > + if (!(r = avahi_record_new_full (name, clazz, type, ttl))) > + return avahi_dbus_respond_error(c, m, AVAHI_ERR_NO_MEMORY, > NULL); > + > +- if (avahi_rdata_parse (r, rdata, size) < 0) { > ++ if (!rdata || avahi_rdata_parse (r, rdata, size) < 0) { > + avahi_record_unref (r); > + return avahi_dbus_respond_error(c, m, AVAHI_ERR_INVALID_RDATA, > NULL); > + } > +-- > +2.40.0 > -- > 2.40.0 > > > > -- Alexandre Belloni, co-owner and COO, Bootlin Embedded Linux and Kernel engineering https://bootlin.com
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#190802): https://lists.openembedded.org/g/openembedded-core/message/190802 Mute This Topic: https://lists.openembedded.org/mt/102625030/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
