Bump buildroot to version 2018.02.8

This commit is contained in:
2018-12-05 23:24:57 +01:00
parent 32918ded24
commit 5598b1b762
238 changed files with 6567 additions and 2450 deletions

View File

@@ -0,0 +1,38 @@
From 01ca2053bbea09f35b958c8cc7631e15469acb79 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 19 Oct 2018 12:12:33 +0200
Subject: dhcp6: make sure we have enough space for the DHCP6 option header
Fixes a vulnerability originally discovered by Felix Wilhelm from
Google.
CVE-2018-15688
LP: #1795921
https://bugzilla.redhat.com/show_bug.cgi?id=1639067
(cherry picked from commit 4dac5eaba4e419b29c97da38a8b1f82336c2c892)
Patch downloaded from upstream commit:
https://cgit.freedesktop.org/NetworkManager/NetworkManager/commit/?id=01ca2053bbea09f35b958c8cc7631e15469acb79
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
---
src/systemd/src/libsystemd-network/dhcp6-option.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/systemd/src/libsystemd-network/dhcp6-option.c b/src/systemd/src/libsystemd-network/dhcp6-option.c
index d178fe2..9027c14 100644
--- a/src/systemd/src/libsystemd-network/dhcp6-option.c
+++ b/src/systemd/src/libsystemd-network/dhcp6-option.c
@@ -108,7 +108,7 @@ int dhcp6_option_append_ia(uint8_t **buf, size_t *buflen, const DHCP6IA *ia) {
return -EINVAL;
}
- if (*buflen < len)
+ if (*buflen < offsetof(DHCP6Option, data) + len)
return -ENOBUFS;
ia_hdr = *buf;
--
cgit v1.1