Changes - j0ke.net Open Build Service

Changes of Revision 49

[-] [+]	Changed	busybox.changes
@@ -1,4 +1,9 @@ ------------------------------------------------------------------- +Sun Oct 19 20:24:42 UTC 2014 - cs@linux-administrator.com + +- added release patch busybox-1.22.1-lzop.patch + +------------------------------------------------------------------- Fri Aug 29 15:37:32 UTC 2014 - cs@linux-administrator.com - added release patch busybox-1.22.1-nc.patch
[-] [+]	Changed	busybox.spec ^
@@ -28,6 +28,7 @@ Patch202: %{name}-%{version}-date.patch Patch203: %{name}-%{version}-iplink.patch Patch204: %{name}-%{version}-nc.patch +Patch205: %{name}-%{version}-lzop.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -55,6 +56,7 @@ %patch202 -p1 %patch203 -p1 %patch204 -p1 +%patch205 -p1 %build cp -avL %{S:2} .config
[-] [+]	Added	busybox-1.22.1-lzop.patch ^
@@ -0,0 +1,66 @@ +From a9dc7c2f59dc5e92870d2d46316ea5c1f14740e3 Mon Sep 17 00:00:00 2001 +From: Denys Vlasenko <vda.linux@googlemail.com> +Date: Mon, 30 Jun 2014 10:14:34 +0200 +Subject: [PATCH] lzop: add overflow check + +See CVE-2014-4607 +http://www.openwall.com/lists/oss-security/2014/06/26/20 + +function old new delta +lzo1x_decompress_safe 1010 1031 +21 + +Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> +--- + archival/libarchive/liblzo.h \| 2 ++ + archival/libarchive/lzo1x_d.c \| 3 +++ + 2 files changed, 5 insertions(+) + +diff --git a/archival/libarchive/liblzo.h b/archival/libarchive/liblzo.h +index 843997c..4596620 100644 +--- a/archival/libarchive/liblzo.h ++++ b/archival/libarchive/liblzo.h +@@ -76,11 +76,13 @@ + # define TEST_IP (ip < ip_end) + # define NEED_IP(x) \ + if ((unsigned)(ip_end - ip) < (unsigned)(x)) goto input_overrun ++# define TEST_IV(x) if ((x) > (unsigned)0 - (511)) goto input_overrun + + # undef TEST_OP /* don't need both of the tests here / + # define TEST_OP 1 + # define NEED_OP(x) \ + if ((unsigned)(op_end - op) < (unsigned)(x)) goto output_overrun ++# define TEST_OV(x) if ((x) > (unsigned)0 - (511)) goto output_overrun + + #define HAVE_ANY_OP 1 + +diff --git a/archival/libarchive/lzo1x_d.c b/archival/libarchive/lzo1x_d.c +index 9bc1270..40b167e 100644 +--- a/archival/libarchive/lzo1x_d.c ++++ b/archival/libarchive/lzo1x_d.c +@@ -92,6 +92,7 @@ int lzo1x_decompress_safe(const uint8_t in, unsigned in_len, + ip++; + NEED_IP(1); + } ++ TEST_IV(t); + t += 15 + ip++; + } + / copy literals / +@@ -224,6 +225,7 @@ int lzo1x_decompress_safe(const uint8_t in, unsigned in_len, + ip++; + NEED_IP(1); + } ++ TEST_IV(t); + t += 31 + ip++; + } + #if defined(COPY_DICT) +@@ -265,6 +267,7 @@ int lzo1x_decompress_safe(const uint8_t in, unsigned in_len, + ip++; + NEED_IP(1); + } ++ TEST_IV(t); + t += 7 + *ip++; + } + #if defined(COPY_DICT) +-- +2.1.2 +