From 84268712554b87399aecd1d5e64c415ad0930ff8 Mon Sep 17 00:00:00 2001 From: wangmy Date: Fri, 29 Apr 2022 16:01:10 +0800 Subject: [PATCH] cifs-utils: upgrade 6.14 -> 6.15 Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit 88ea7fc012f3edcb7ee7b22330826d285f0319b7) Adapted to Kirkstone. Signed-off-by: Gyorgy Sarvari --- ...{cifs-utils_6.14.bb => cifs-utils_6.15.bb} | 7 +-- .../cifs/files/CVE-2022-27239.patch | 40 ---------------- .../cifs/files/CVE-2022-29869.patch | 48 ------------------- 3 files changed, 2 insertions(+), 93 deletions(-) rename meta-networking/recipes-support/cifs/{cifs-utils_6.14.bb => cifs-utils_6.15.bb} (90%) delete mode 100644 meta-networking/recipes-support/cifs/files/CVE-2022-27239.patch delete mode 100644 meta-networking/recipes-support/cifs/files/CVE-2022-29869.patch diff --git a/meta-networking/recipes-support/cifs/cifs-utils_6.14.bb b/meta-networking/recipes-support/cifs/cifs-utils_6.15.bb similarity index 90% rename from meta-networking/recipes-support/cifs/cifs-utils_6.14.bb rename to meta-networking/recipes-support/cifs/cifs-utils_6.15.bb index 516e467ee4..a009a26cc2 100644 --- a/meta-networking/recipes-support/cifs/cifs-utils_6.14.bb +++ b/meta-networking/recipes-support/cifs/cifs-utils_6.15.bb @@ -4,11 +4,8 @@ SECTION = "otherosfs" LICENSE = "GPL-3.0-only & LGPL-3.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" -SRCREV = "8c06dce7d596e478c20bc54bdcec87ad97f80a1b" -SRC_URI = "git://git.samba.org/cifs-utils.git;branch=master \ - file://CVE-2022-27239.patch \ - file://CVE-2022-29869.patch \ -" +SRCREV = "58ca03f183b375cb723097a241bc2fc2254dab21" +SRC_URI = "git://git.samba.org/cifs-utils.git;branch=master" S = "${WORKDIR}/git" DEPENDS += "libtalloc" diff --git a/meta-networking/recipes-support/cifs/files/CVE-2022-27239.patch b/meta-networking/recipes-support/cifs/files/CVE-2022-27239.patch deleted file mode 100644 index 77f6745abe..0000000000 --- a/meta-networking/recipes-support/cifs/files/CVE-2022-27239.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 007c07fd91b6d42f8bd45187cf78ebb06801139d Mon Sep 17 00:00:00 2001 -From: Jeffrey Bencteux -Date: Thu, 17 Mar 2022 12:58:52 -0400 -Subject: [PATCH] CVE-2022-27239: mount.cifs: fix length check for ip option - parsing - -Previous check was true whatever the length of the input string was, -leading to a buffer overflow in the subsequent strcpy call. - -Bug: https://bugzilla.samba.org/show_bug.cgi?id=15025 - -Signed-off-by: Jeffrey Bencteux -Reviewed-by: David Disseldorp - -Upstream-Status: Backport [ https://git.samba.org/?p=cifs-utils.git;a=commit;h=007c07fd91b6d42f8bd45187cf78ebb06801139d] -CVE: CVE-2022-27239 -Signed-off-by: Lee Chee Yang ---- - mount.cifs.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/mount.cifs.c b/mount.cifs.c -index 84274c9..3a6b449 100644 ---- a/mount.cifs.c -+++ b/mount.cifs.c -@@ -926,9 +926,10 @@ parse_options(const char *data, struct parsed_mount_info *parsed_info) - if (!value || !*value) { - fprintf(stderr, - "target ip address argument missing\n"); -- } else if (strnlen(value, MAX_ADDRESS_LEN) <= -+ } else if (strnlen(value, MAX_ADDRESS_LEN) < - MAX_ADDRESS_LEN) { -- strcpy(parsed_info->addrlist, value); -+ strlcpy(parsed_info->addrlist, value, -+ MAX_ADDRESS_LEN); - if (parsed_info->verboseflag) - fprintf(stderr, - "ip address %s override specified\n", --- -2.34.1 diff --git a/meta-networking/recipes-support/cifs/files/CVE-2022-29869.patch b/meta-networking/recipes-support/cifs/files/CVE-2022-29869.patch deleted file mode 100644 index f0c3f37dec..0000000000 --- a/meta-networking/recipes-support/cifs/files/CVE-2022-29869.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 8acc963a2e7e9d63fe1f2e7f73f5a03f83d9c379 Mon Sep 17 00:00:00 2001 -From: Jeffrey Bencteux -Date: Sat, 19 Mar 2022 13:41:15 -0400 -Subject: [PATCH] mount.cifs: fix verbose messages on option parsing - -When verbose logging is enabled, invalid credentials file lines may be -dumped to stderr. This may lead to information disclosure in particular -conditions when the credentials file given is sensitive and contains '=' -signs. - -Bug: https://bugzilla.samba.org/show_bug.cgi?id=15026 - -Signed-off-by: Jeffrey Bencteux -Reviewed-by: David Disseldorp - -Upstream-Status: Backport [https://git.samba.org/?p=cifs-utils.git;a=commit;h=8acc963a2e7e9d63fe1f2e7f73f5a03f83d9c379] -CVE: CVE-2022-29869 -Signed-off-by: Lee Chee Yang ---- - mount.cifs.c | 6 +----- - 1 file changed, 1 insertion(+), 5 deletions(-) - -diff --git a/mount.cifs.c b/mount.cifs.c -index 3a6b449..2278995 100644 ---- a/mount.cifs.c -+++ b/mount.cifs.c -@@ -628,17 +628,13 @@ static int open_cred_file(char *file_name, - goto return_i; - break; - case CRED_DOM: -- if (parsed_info->verboseflag) -- fprintf(stderr, "domain=%s\n", -- temp_val); - strlcpy(parsed_info->domain, temp_val, - sizeof(parsed_info->domain)); - break; - case CRED_UNPARSEABLE: - if (parsed_info->verboseflag) - fprintf(stderr, "Credential formatted " -- "incorrectly: %s\n", -- temp_val ? temp_val : "(null)"); -+ "incorrectly\n"); - break; - } - } --- -2.34.1 -