[oe-commits] Fan Xin : wpa-supplicant: Fix CVE-2015-4141, CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146
git at git.openembedded.org
git at git.openembedded.org
Tue Sep 1 20:40:45 UTC 2015
Module: openembedded-core.git
Branch: fido
Commit: b236c0882d62d8aa722117a54c1ff9edec7f5a6d
URL: http://git.openembedded.org/?p=openembedded-core.git&a=commit;h=b236c0882d62d8aa722117a54c1ff9edec7f5a6d
Author: Fan Xin <fan.xin at jp.fujitsu.com>
Date: Wed Aug 5 11:41:32 2015 +0900
wpa-supplicant: Fix CVE-2015-4141, CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146
wpa-supplicant: backport patch to fix CVE-2015-4141,
CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146
Backport patch to fix CVE-2015-4141, CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146.
This patch is originally from:
For CVE-2015-4141:
http://w1.fi/security/2015-2/0001-WPS-Fix-HTTP-chunked-transfer-encoding-parser.patch
For CVE-2015-4143:
http://w1.fi/security/2015-4/0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch
http://w1.fi/security/2015-4/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch
For CVE-2015-4144 and CVE-2015-4145:
http://w1.fi/security/2015-4/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
http://w1.fi/security/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
For CVE-2015-4146:
http://w1.fi/security/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
(From OE-Core master rev: ce16e95de05db24e4e4132660d793cc7b1d890b9)
Signed-off-by: Fan Xin <fan.xin at jp.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>
Signed-off-by: Joshua Lock <joshua.lock at collabora.co.uk>
---
.../wpa-supplicant/wpa-supplicant.inc | 6 ++
...r-Fix-payload-length-validation-for-Commi.patch | 77 ++++++++++++++++++++++
...Fix-HTTP-chunked-transfer-encoding-parser.patch | 53 +++++++++++++++
...ver-Fix-payload-length-validation-for-Com.patch | 70 ++++++++++++++++++++
...r-Fix-Total-Length-parsing-for-fragment-r.patch | 56 ++++++++++++++++
...ver-Fix-Total-Length-parsing-for-fragment.patch | 54 +++++++++++++++
...eer-Fix-asymmetric-fragmentation-behavior.patch | 36 ++++++++++
7 files changed, 352 insertions(+)
Diff: http://git.openembedded.org/?p=openembedded-core.git/?a=commitdiff;h=b236c0882d62d8aa722117a54c1ff9edec7f5a6d
More information about the Openembedded-commits
mailing list