From: Peter Marko <[email protected]> Take patch from Debian. https://sources.debian.org/data/main/p/procmail/3.22-20%2Bdeb7u1/debian/patches/CVE-2014-3618.patch
Signed-off-by: Peter Marko <[email protected]> Signed-off-by: Khem Raj <[email protected]> (cherry picked from commit 8378820dab0b6955fb0e2b27f24a1626f9124e5b) [Fixup for styhead context] Signed-off-by: Armin Kuster <[email protected]> --- .../procmail/procmail/CVE-2014-3618.patch | 29 +++++++++++++++++++ .../recipes-support/procmail/procmail_3.22.bb | 4 ++- 2 files changed, 32 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-support/procmail/procmail/CVE-2014-3618.patch diff --git a/meta-oe/recipes-support/procmail/procmail/CVE-2014-3618.patch b/meta-oe/recipes-support/procmail/procmail/CVE-2014-3618.patch new file mode 100644 index 0000000000..b041924361 --- /dev/null +++ b/meta-oe/recipes-support/procmail/procmail/CVE-2014-3618.patch @@ -0,0 +1,29 @@ +Description: Fix heap-overflow in formail + CVE-2014-3618: Heap-overflow in formail when processing + specially-crafted email headers. +Origin: http://www.openwall.com/lists/oss-security/2014/09/03/8 +Bug-Debian: https://bugs.debian.org/704675 +Bug-Debian: https://bugs.debian.org/760443 +Forwarded: not-needed +Last-Update: 2014-09-04 + +CVE: CVE-2014-3618 +Upstream-Status: Inactive-Upstream [lastrelease: 2001] +Signed-off-by: Peter Marko <[email protected]> + +--- a/src/formisc.c ++++ b/src/formisc.c +@@ -84,12 +84,11 @@ normal: *target++= *start++; + case '"':*target++=delim='"';start++; + } + ;{ int i; +- do ++ while(*start) + if((i= *target++= *start++)==delim) /* corresponding delimiter? */ + break; + else if(i=='\\'&&*start) /* skip quoted character */ + *target++= *start++; +- while(*start); /* anything? */ + } + hitspc=2; + } diff --git a/meta-oe/recipes-support/procmail/procmail_3.22.bb b/meta-oe/recipes-support/procmail/procmail_3.22.bb index abb87f9935..4806bf5f80 100644 --- a/meta-oe/recipes-support/procmail/procmail_3.22.bb +++ b/meta-oe/recipes-support/procmail/procmail_3.22.bb @@ -12,7 +12,9 @@ SRC_URI = "http://www.ring.gr.jp/archives/net/mail/${BPN}/${BP}.tar.gz \ file://from-debian-to-fix-compile-errors.patch \ file://from-debian-to-modify-parameters.patch \ file://from-debian-to-fix-man-file.patch \ - file://man-file-mailstat.1-from-debian.patch" + file://man-file-mailstat.1-from-debian.patch \ + file://CVE-2014-3618.patch \ +" SRC_URI[md5sum] = "1678ea99b973eb77eda4ecf6acae53f1" SRC_URI[sha256sum] = "087c75b34dd33d8b9df5afe9e42801c9395f4bf373a784d9bc97153b0062e117" -- 2.43.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#115091): https://lists.openembedded.org/g/openembedded-devel/message/115091 Mute This Topic: https://lists.openembedded.org/mt/110810776/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
