Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Yuta SATOH <nigoro.gentoo@×××××.com>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/gentoo-bsd:master commit in: sys-freebsd/freebsd-sources/, sys-freebsd/freebsd-sources/files/
Date: Sat, 31 Jan 2015 10:06:32
Message-Id: 1422698163.eb758f6a55fff9cc369b15c431540bb99e56c10b.yuta_satoh@gentoo
1 commit: eb758f6a55fff9cc369b15c431540bb99e56c10b
2 Author: Yuta SATOH <nigoro <AT> gentoo <DOT> gr <DOT> jp>
3 AuthorDate: Sat Jan 31 09:56:03 2015 +0000
4 Commit: Yuta SATOH <nigoro.gentoo <AT> 0x100 <DOT> com>
5 CommitDate: Sat Jan 31 09:56:03 2015 +0000
6 URL: http://sources.gentoo.org/gitweb/?p=proj/gentoo-bsd.git;a=commit;h=eb758f6a
7
8 freebsd-sources-10.1.0.9999-r1: security fix CVE-2014-8612, CVE-2014-8613
9
10 ---
11 sys-freebsd/freebsd-sources/Manifest | 4 +-
12 .../files/freebsd-sources-10.1-cve-2014-8612.patch | 45 ++++++++
13 .../files/freebsd-sources-10.1-cve-2014-8613.patch | 119 +++++++++++++++++++++
14 ...build => freebsd-sources-10.1.0.9999-r1.ebuild} | 4 +-
15 4 files changed, 170 insertions(+), 2 deletions(-)
16
17 diff --git a/sys-freebsd/freebsd-sources/Manifest b/sys-freebsd/freebsd-sources/Manifest
18 index 4d7802d..ff1ec0e 100644
19 --- a/sys-freebsd/freebsd-sources/Manifest
20 +++ b/sys-freebsd/freebsd-sources/Manifest
21 @@ -3,6 +3,8 @@ AUX freebsd-sources-10.0-EN-1407-pmap.patch 520 SHA256 64f3fc5765449538fecd6a911
22 AUX freebsd-sources-10.0-SA-1417-kmem.patch 10626 SHA256 217fed19e36d6febc973f2eff141e9d10ff5700122126b9097c36f9642b168e7 SHA512 0706bef96076723a92664316573c2a877e090213ea50fdde2418d8ea7d98acc76fd45832bb9b66a5af45b6fc97e9d6ab11e7aa561514a4c59ed3afce516d3581 WHIRLPOOL f06b189d12ee4dd7ccec1d84b68297d2b3e33c832440f01c94c07cf5e051e9fa8ef782c28d01f976a017941f832da0be88700575f1092498aaffb7eb931821ac
23 AUX freebsd-sources-10.0-clang34.patch 838 SHA256 2f1b02ff11ac48958857fa07168ea27f4974884cdf850f54f3c61541bf9617d2 SHA512 63403f328a2c394aefc66a6230e5c7699ca59d809780686055152f53ce5f7b86b7f2b083951e5e51d0a34ed20561f2473a22c3af8919f0336bf6f10a9db03113 WHIRLPOOL 5d0779ea5f5609f629d9751e365997ac39c2eaab3c0b8f2153b0ed17bf08896b581f3c109a51634be820f0e40b3cc18c6072b1540a1a270099263c63adfb3d67
24 AUX freebsd-sources-10.0-gentoo.patch 713 SHA256 13588f0572ba95c86beb755ce3d681c963e220694e3c0b3aae29faf05f8479da SHA512 98b8d1bf033b9bd7147f10e5bb4a39ac4883ec02ef0cc3825541ff11cb9bfe5e7722e7b8dcefe4c356f9fb0f86ec5cad6fbf9b80dbfd04149142fea5f8712d4d WHIRLPOOL 6372ec9abb566d06db174dd20785ab1768487ac2d57799fabad2d45cb77418f0e39aa0bad745c873e1c50de86a70fa80890f7f2f377f6a53f4fd5b7a6fa49edf
25 +AUX freebsd-sources-10.1-cve-2014-8612.patch 2097 SHA256 c8ade882a39dd8f65c34b175457cdd93be6eafea67ffb5f977435d48a19b6b68 SHA512 b233ae1d249bdbf516aba611d081a5a6ccaaab32f9e281cce65136c68c6a47362eac33398d6849a45e4e1c30f02a482287d6339069d29ece0aa5c4d9101e24a4 WHIRLPOOL 4713b4d896c561d47686b9f1d53a7e3c912fc58c8039529f0ae244b2cc533aabf20f386a1f9bc8632849ebd084d3739b6be55d4f39a00d484d5d230755497b69
26 +AUX freebsd-sources-10.1-cve-2014-8613.patch 4181 SHA256 61b5e717e88671ecc3da9c2b11d4c6d5ddc26f529ed19cb8ce588743cd00af9d SHA512 30deeb82af385abb0b57cc02752e72d8dda37688df99038910f04558ab064624cb576b1989ba8a7674e3a9046f9607be90596d9bdfb2f28900568291b0f96717 WHIRLPOOL 1073a364805b0ef8377dae6e3cd1665de6e4e99612549081fd794a4d92b4b4ee583a68e66f089340dc35129e3fb0bcf00b14b5b71304b6dac744d9a852530fbe
27 AUX freebsd-sources-6.0-flex-2.5.31.patch 826 SHA256 8aaf240a344106fc5434fd098eb6555a554d16513b71c95f93a93388021c3d99 SHA512 7183b1923019df12849e7d3984c4227d65275077cf95c3b0719b99dc852234eb3813db0e69e9c34bdfca45a59f7340209211d0b7a2a5074c2d1ad8ea0a3a3f64 WHIRLPOOL 620ae55a54333c55e44247aad76be467bdfa491dac646f65dc0e0b6b1a95fe8edf5087e9ed68abeac1ef6db1a91c0e673342bf44f8753b6b8a5dce889137cdcc
28 AUX freebsd-sources-6.1-ntfs.patch 1043 SHA256 2eb0e22bea267d7ac41c3dec81682d3cc1f1744316ea39342e2aaae1f2dca469 SHA512 5401b50ed93bd9155b8adc3f0d6ec81b6e48431bb950cdf468be2e918553e19cd88a1988cdad49be2a34a1db44419cb9eb7067ff0fb1feb8b3f6373aa3c262ad WHIRLPOOL bf4821beae08e002f290286bc290b2bfeac86db46c1597232f06a23e505d720e34841393d9fb4d7276ff7b98c1c133aae5d58c3ec7b8f12712b51260b981bd14
29 AUX freebsd-sources-7.0-tmpfs_whiteout_stub.patch 1015 SHA256 7857fc90c6d5ed28d848146d50ab5bcd01f79ad3480ad1335929f08e45afbc44 SHA512 9dc96b967869efd7480785977764e879bf50978b5e609867e678574f9ed1476695690832bdb725eaebc8d93e83b4a0b3fe9f23b94e2de072a6540a168b13c4a7 WHIRLPOOL 6841f24f2d3ff569ff0e7bd4d628955c9b61b41aa039bdd1e736fa82f737842101c212d8ae8961d1db335e53ba332cdbec1d021a4c57520e426926981bca4512
30 @@ -23,6 +25,6 @@ AUX freebsd-sources-9.2-gentoo.patch 716 SHA256 9a196adef145f57bf960b936f69065f6
31 AUX freebsd-sources-cve-2012-0217.patch 856 SHA256 9b752e65a29b2b9a4a1412765d69d00310c05508af1cfa6d8d3c16d545bb3ffe SHA512 b1ac18cae23b81fd5ab2fcb44bb9f9808d6eb80f52b8572b81296fdd0b18edee62460520bc753848283d67e13367bf99775a2a5c6cf0272def9cdff6ec6fa4d9 WHIRLPOOL 27e4d0647c5275b77123bef6b866ac841af4b1b547fc663f776da82a7889995eba21b930adeabf2a71b3fbe053d2af5583cbdb6e8fd16a0379d10214d24b9121
32 AUX freebsd-sources-cve-2012-4576.patch 561 SHA256 c3ad42e10164eaa3d928fd11a68b5ab490981b5d4684315e7e78c582e680d6c2 SHA512 451fb9be983672fa8d85d34bf13b67e70ac4bbda44da0c16ee484349bcf4e9ad795f66c36b5216bbcf022f709727dc19760e9f23b001a5768d9fa15dbad8122a WHIRLPOOL 2f261add2b2d9014782198b564a807f1a61917e0fbe91354ce5b1a685b27e312e699b7dc799f1653c952864633be84dda110e37f74378a3c5f1c5aacacb6811d
33 EBUILD freebsd-sources-10.0.0.9999-r4.ebuild 3767 SHA256 157f4aca34c64778cb10fa0682ef2bcb71234a75d764617a2b565335a5fe0e06 SHA512 4404b0ca857ef88bad1f36238f79ee82a4806fee0207dfaa64c0e152d59f0a86450666d7fe0bff6134fdf8bffda0181f8169d68ae379d5016e49f1f4584f1fc6 WHIRLPOOL b7b8c3cf385134d59d76aa791cec0a290fd0c7c93c2d464084bdff8c4f6f074bff39a1d16ee7008d1b5024c9e75f1b78f07f33ac101a8426875e0e2a72abb0d5
34 -EBUILD freebsd-sources-10.1.0.9999.ebuild 3814 SHA256 15e88cf6f13b0e0698535339184fc44e1b8da85e07f1ac36963c670a253c5823 SHA512 c84eb19285831a9c67452a8a9f6c837f88b5d64fa6307bbc12143d70c90fb2ec70156d2fbb218e581e6e70467a3cb278c0f4359ad0706f16521ad2007cd43a22 WHIRLPOOL 3d6ebc4a1f68147cdd2845568ea750c3cdb6cdb4ddfbb2c572a0d832db5903206fbc830cbed129987036a7a123cb9a532345503998b3ba99c37c88b78c107675
35 +EBUILD freebsd-sources-10.1.0.9999-r1.ebuild 3906 SHA256 ab19bc3a80568fa08a0f155bb044d9c2e8376c47d46348beb7da74d65be71a73 SHA512 7c8dc6d0892210598e65718e59c46b43b1d37a85c3c1cc11188b8eee5220f5394caa965a02c439cd0051ce94f1525c61573bb896c207966bd112ec6f705331e8 WHIRLPOOL d9f4b5f989a9ee44b899cb129d0c3eb1dee5fc796f732a9125e7e751d4933c8068f1d45a1ffbfda71ffb5729e31888231e17333eae248b01a8b412a21d252510
36 EBUILD freebsd-sources-9.3.0.9999.ebuild 3480 SHA256 53444c2041f38e45f405f11f3ca98f833ddaec78d0ec9fd2c4d11d2826455404 SHA512 0d77fbb0c7a02d04f728f728ae89b1839fa042aa29d28189bbf82f378dd909d711f04cad5e9aab2b7ba2796dd50526475f7842664d63d09452a6359b995ef795 WHIRLPOOL 032aa9f584e58d1431d542968b927b670b40668e6350e1c3b05e38357d4da0a922ee5bdade75c1d5ca51727b3930cbe1803dec36cabcf91057e4406db2bca9a8
37 MISC metadata.xml 410 SHA256 f29a086ab076d7e7924571990c4cab73cce2aec303e10cf3be057dfa0c8b27fd SHA512 d949aac7499d418fce878c099d47713112e1856346dbf7478e95c14f37a5f2c2fbd580a21b2330712e439d5be235bc2de69ac182bd46c1727e95fbb3b081dd0f WHIRLPOOL ffc6ba7653dfa4be5d63231043a64c85a3ad2409f98b8e1f9cf03dd51edb84b1ed0add5a613e591e9f2409c92e3be08e8b3f7f2073fa45f362c19ef72ec7f63d
38
39 diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-10.1-cve-2014-8612.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-10.1-cve-2014-8612.patch
40 new file mode 100644
41 index 0000000..7c615d3
42 --- /dev/null
43 +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-10.1-cve-2014-8612.patch
44 @@ -0,0 +1,45 @@
45 +Index: sys/netinet/sctp_usrreq.c
46 +===================================================================
47 +--- sys/netinet/sctp_usrreq.c (revision 277788)
48 ++++ sys/netinet/sctp_usrreq.c (working copy)
49 +@@ -1863,8 +1863,9 @@ flags_out:
50 + SCTP_CHECK_AND_CAST(av, optval, struct sctp_stream_value, *optsize);
51 + SCTP_FIND_STCB(inp, stcb, av->assoc_id);
52 + if (stcb) {
53 +- if (stcb->asoc.ss_functions.sctp_ss_get_value(stcb, &stcb->asoc, &stcb->asoc.strmout[av->stream_id],
54 +- &av->stream_value) < 0) {
55 ++ if ((av->stream_id >= stcb->asoc.streamoutcnt) ||
56 ++ (stcb->asoc.ss_functions.sctp_ss_get_value(stcb, &stcb->asoc, &stcb->asoc.strmout[av->stream_id],
57 ++ &av->stream_value) < 0)) {
58 + SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP_USRREQ, EINVAL);
59 + error = EINVAL;
60 + } else {
61 +@@ -4032,8 +4033,9 @@ sctp_setopt(struct socket *so, int optname, void *
62 + SCTP_CHECK_AND_CAST(av, optval, struct sctp_stream_value, optsize);
63 + SCTP_FIND_STCB(inp, stcb, av->assoc_id);
64 + if (stcb) {
65 +- if (stcb->asoc.ss_functions.sctp_ss_set_value(stcb, &stcb->asoc, &stcb->asoc.strmout[av->stream_id],
66 +- av->stream_value) < 0) {
67 ++ if ((av->stream_id >= stcb->asoc.streamoutcnt) ||
68 ++ (stcb->asoc.ss_functions.sctp_ss_set_value(stcb, &stcb->asoc, &stcb->asoc.strmout[av->stream_id],
69 ++ av->stream_value) < 0)) {
70 + SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP_USRREQ, EINVAL);
71 + error = EINVAL;
72 + }
73 +@@ -4043,10 +4045,12 @@ sctp_setopt(struct socket *so, int optname, void *
74 + SCTP_INP_RLOCK(inp);
75 + LIST_FOREACH(stcb, &inp->sctp_asoc_list, sctp_tcblist) {
76 + SCTP_TCB_LOCK(stcb);
77 +- stcb->asoc.ss_functions.sctp_ss_set_value(stcb,
78 +- &stcb->asoc,
79 +- &stcb->asoc.strmout[av->stream_id],
80 +- av->stream_value);
81 ++ if (av->stream_id < stcb->asoc.streamoutcnt) {
82 ++ stcb->asoc.ss_functions.sctp_ss_set_value(stcb,
83 ++ &stcb->asoc,
84 ++ &stcb->asoc.strmout[av->stream_id],
85 ++ av->stream_value);
86 ++ }
87 + SCTP_TCB_UNLOCK(stcb);
88 + }
89 + SCTP_INP_RUNLOCK(inp);
90
91 diff --git a/sys-freebsd/freebsd-sources/files/freebsd-sources-10.1-cve-2014-8613.patch b/sys-freebsd/freebsd-sources/files/freebsd-sources-10.1-cve-2014-8613.patch
92 new file mode 100644
93 index 0000000..1e2fe91
94 --- /dev/null
95 +++ b/sys-freebsd/freebsd-sources/files/freebsd-sources-10.1-cve-2014-8613.patch
96 @@ -0,0 +1,119 @@
97 +Index: sys/netinet/sctp_input.c
98 +===================================================================
99 +--- sys/netinet/sctp_input.c (revision 277788)
100 ++++ sys/netinet/sctp_input.c (working copy)
101 +@@ -3649,6 +3649,9 @@ sctp_handle_stream_reset_response(struct sctp_tcb
102 + /* huh ? */
103 + return (0);
104 + }
105 ++ if (ntohs(respin->ph.param_length) < sizeof(struct sctp_stream_reset_response_tsn)) {
106 ++ return (0);
107 ++ }
108 + if (action == SCTP_STREAM_RESET_RESULT_PERFORMED) {
109 + resp = (struct sctp_stream_reset_response_tsn *)respin;
110 + asoc->stream_reset_outstanding--;
111 +@@ -4037,7 +4040,7 @@ __attribute__((noinline))
112 + sctp_handle_stream_reset(struct sctp_tcb *stcb, struct mbuf *m, int offset,
113 + struct sctp_chunkhdr *ch_req)
114 + {
115 +- int chk_length, param_len, ptype;
116 ++ uint16_t remaining_length, param_len, ptype;
117 + struct sctp_paramhdr pstore;
118 + uint8_t cstore[SCTP_CHUNK_BUFFER_SIZE];
119 + uint32_t seq = 0;
120 +@@ -4050,7 +4053,7 @@ __attribute__((noinline))
121 + int num_param = 0;
122 +
123 + /* now it may be a reset or a reset-response */
124 +- chk_length = ntohs(ch_req->chunk_length);
125 ++ remaining_length = ntohs(ch_req->chunk_length) - sizeof(struct sctp_chunkhdr);
126 +
127 + /* setup for adding the response */
128 + sctp_alloc_a_chunk(stcb, chk);
129 +@@ -4088,20 +4091,27 @@ strres_nochunk:
130 + ch->chunk_length = htons(chk->send_size);
131 + SCTP_BUF_LEN(chk->data) = SCTP_SIZE32(chk->send_size);
132 + offset += sizeof(struct sctp_chunkhdr);
133 +- while ((size_t)chk_length >= sizeof(struct sctp_stream_reset_tsn_request)) {
134 ++ while (remaining_length >= sizeof(struct sctp_paramhdr)) {
135 + ph = (struct sctp_paramhdr *)sctp_m_getptr(m, offset, sizeof(pstore), (uint8_t *) & pstore);
136 +- if (ph == NULL)
137 ++ if (ph == NULL) {
138 ++ /* TSNH */
139 + break;
140 ++ }
141 + param_len = ntohs(ph->param_length);
142 +- if (param_len < (int)sizeof(struct sctp_stream_reset_tsn_request)) {
143 +- /* bad param */
144 ++ if ((param_len > remaining_length) ||
145 ++ (param_len < (sizeof(struct sctp_paramhdr) + sizeof(uint32_t)))) {
146 ++ /* bad parameter length */
147 + break;
148 + }
149 +- ph = (struct sctp_paramhdr *)sctp_m_getptr(m, offset, min(param_len, (int)sizeof(cstore)),
150 ++ ph = (struct sctp_paramhdr *)sctp_m_getptr(m, offset, min(param_len, sizeof(cstore)),
151 + (uint8_t *) & cstore);
152 ++ if (ph == NULL) {
153 ++ /* TSNH */
154 ++ break;
155 ++ }
156 + ptype = ntohs(ph->param_type);
157 + num_param++;
158 +- if (param_len > (int)sizeof(cstore)) {
159 ++ if (param_len > sizeof(cstore)) {
160 + trunc = 1;
161 + } else {
162 + trunc = 0;
163 +@@ -4113,6 +4123,9 @@ strres_nochunk:
164 + if (ptype == SCTP_STR_RESET_OUT_REQUEST) {
165 + struct sctp_stream_reset_out_request *req_out;
166 +
167 ++ if (param_len < sizeof(struct sctp_stream_reset_out_request)) {
168 ++ break;
169 ++ }
170 + req_out = (struct sctp_stream_reset_out_request *)ph;
171 + num_req++;
172 + if (stcb->asoc.stream_reset_outstanding) {
173 +@@ -4126,6 +4139,9 @@ strres_nochunk:
174 + } else if (ptype == SCTP_STR_RESET_ADD_OUT_STREAMS) {
175 + struct sctp_stream_reset_add_strm *str_add;
176 +
177 ++ if (param_len < sizeof(struct sctp_stream_reset_add_strm)) {
178 ++ break;
179 ++ }
180 + str_add = (struct sctp_stream_reset_add_strm *)ph;
181 + num_req++;
182 + sctp_handle_str_reset_add_strm(stcb, chk, str_add);
183 +@@ -4132,6 +4148,9 @@ strres_nochunk:
184 + } else if (ptype == SCTP_STR_RESET_ADD_IN_STREAMS) {
185 + struct sctp_stream_reset_add_strm *str_add;
186 +
187 ++ if (param_len < sizeof(struct sctp_stream_reset_add_strm)) {
188 ++ break;
189 ++ }
190 + str_add = (struct sctp_stream_reset_add_strm *)ph;
191 + num_req++;
192 + sctp_handle_str_reset_add_out_strm(stcb, chk, str_add);
193 +@@ -4156,6 +4175,9 @@ strres_nochunk:
194 + struct sctp_stream_reset_response *resp;
195 + uint32_t result;
196 +
197 ++ if (param_len < sizeof(struct sctp_stream_reset_response)) {
198 ++ break;
199 ++ }
200 + resp = (struct sctp_stream_reset_response *)ph;
201 + seq = ntohl(resp->response_seq);
202 + result = ntohl(resp->result);
203 +@@ -4167,7 +4189,11 @@ strres_nochunk:
204 + break;
205 + }
206 + offset += SCTP_SIZE32(param_len);
207 +- chk_length -= SCTP_SIZE32(param_len);
208 ++ if (remaining_length >= SCTP_SIZE32(param_len)) {
209 ++ remaining_length -= SCTP_SIZE32(param_len);
210 ++ } else {
211 ++ remaining_length = 0;
212 ++ }
213 + }
214 + if (num_req == 0) {
215 + /* we have no response free the stuff */
216
217 diff --git a/sys-freebsd/freebsd-sources/freebsd-sources-10.1.0.9999.ebuild b/sys-freebsd/freebsd-sources/freebsd-sources-10.1.0.9999-r1.ebuild
218 similarity index 96%
219 rename from sys-freebsd/freebsd-sources/freebsd-sources-10.1.0.9999.ebuild
220 rename to sys-freebsd/freebsd-sources/freebsd-sources-10.1.0.9999-r1.ebuild
221 index 0e7a8df..fce83da 100644
222 --- a/sys-freebsd/freebsd-sources/freebsd-sources-10.1.0.9999.ebuild
223 +++ b/sys-freebsd/freebsd-sources/freebsd-sources-10.1.0.9999-r1.ebuild
224 @@ -42,7 +42,9 @@ PATCHES=( "${FILESDIR}/${PN}-9.0-disable-optimization.patch"
225 "${FILESDIR}/${PN}-8.0-subnet-route-pr40133.patch"
226 "${FILESDIR}/${PN}-7.1-includes.patch"
227 "${FILESDIR}/${PN}-9.0-sysctluint.patch"
228 - "${FILESDIR}/${PN}-9.2-gentoo-gcc.patch" )
229 + "${FILESDIR}/${PN}-9.2-gentoo-gcc.patch"
230 + "${FILESDIR}/${PN}-10.1-cve-2014-8612.patch"
231 + "${FILESDIR}/${PN}-10.1-cve-2014-8613.patch" )
232
233 pkg_setup() {
234 # Force set CC=clang. when using gcc, aesni fails to build.
Report Message
Find on MARC Find on Google Groups