[oe-commits] Chris Larson : iputils: apply patch for CVE-2010-2529

git version control git at git.openembedded.org
Fri Jan 21 18:52:31 UTC 2011 

Module: openembedded.git
Branch: master
Commit: f2f23a5c2a4ddae7aa93c759a94232456d57e327
URL:    http://gitweb.openembedded.net/?p=openembedded.git&a=commit;h=f2f23a5c2a4ddae7aa93c759a94232456d57e327

Author: Chris Larson <chris_larson at mentor.com>
Date:   Tue Jan 18 12:15:15 2011 -0500

iputils: apply patch for CVE-2010-2529

Signed-off-by: Chris Larson <chris_larson at mentor.com>

---

 recipes/iputils/files/CVE-2010-2529.patch |   34 +++++++++++++++++++++++++++++
 recipes/iputils/iputils_20071127.bb       |    3 +-
 2 files changed, 36 insertions(+), 1 deletions(-)

diff --git a/recipes/iputils/files/CVE-2010-2529.patch b/recipes/iputils/files/CVE-2010-2529.patch
new file mode 100644
index 0000000..5036700
--- /dev/null
+++ b/recipes/iputils/files/CVE-2010-2529.patch
@@ -0,0 +1,34 @@
+From b2dda4bbaa44ea296f1d75acc64cace221935d0d Mon Sep 17 00:00:00 2001
+From: YOSHIFUJI Hideaki <yoshfuji at linux-ipv6.org>
+Date: Wed, 6 Oct 2010 20:38:42 +0900
+Subject: [PATCH] ping: Fix resource consumption triggered by specially crafted ICMP Echo Reply (CVE-2010-2529)
+
+Signed-off-by: YOSHIFUJI Hideaki <yoshfuji at linux-ipv6.org>
+---
+ ping.c |    4 ++--
+ 1 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/ping.c b/ping.c
+index 4472d77..eacb29d 100644
+--- a/ping.c
++++ b/ping.c
+@@ -1032,7 +1032,7 @@ void pr_options(unsigned char * cp, int hlen)
+				i = j;
+			i -= IPOPT_MINOFF;
+			if (i <= 0)
+-				continue;
++				break;
+			if (i == old_rrlen
+			    && !strncmp((char *)cp, old_rr, i)
+			    && !(options & F_FLOOD)) {
+@@ -1069,7 +1069,7 @@ void pr_options(unsigned char * cp, int hlen)
+				i = j;
+			i -= 5;
+			if (i <= 0)
+-				continue;
++				break;
+			flags = *++cp;
+			printf("\nTS: ");
+			cp++;
+--
+1.7.2.3
diff --git a/recipes/iputils/iputils_20071127.bb b/recipes/iputils/iputils_20071127.bb
index bcb35c4..a742320 100644
--- a/recipes/iputils/iputils_20071127.bb
+++ b/recipes/iputils/iputils_20071127.bb
@@ -5,7 +5,7 @@ SECTION = "console/network"
 LICENSE ="BSD"
 DEPENDS = "docbook-utils-native sgmlspl-native"
 
-PR = "r3"
+PR = "r4"
 
 DEFAULT_PREFERENCE_angstrom = "2"
 
@@ -18,6 +18,7 @@ SRC_URI = "http://ftp.de.debian.org/debian/pool/main/i/iputils/iputils_${PV}.ori
            file://debian/targets.diff \
            file://debian/fix-tracepath-docs.diff \
            file://debian/fix-arping-timeouts.diff \
+           file://CVE-2010-2529.patch \
 "
 
 S = "${WORKDIR}/iputils_20071127.orig"

More information about the Openembedded-commits mailing list