reset upstream subtrees to yocto 2.6
Reset the following subtrees on thud HEAD:
poky: 87e3a9739d
meta-openembedded: 6094ae18c8
meta-security: 31dc4e7532
meta-raspberrypi: a48743dc36
meta-xilinx: c42016e2e6
Also re-apply backports that didn't make it into thud:
poky:
17726d0 systemd-systemctl-native: handle Install wildcards
meta-openembedded:
4321a5d libtinyxml2: update to 7.0.1
042f0a3 libcereal: Add native and nativesdk classes
e23284f libcereal: Allow empty package
030e8d4 rsyslog: curl-less build with fmhttp PACKAGECONFIG
179a1b9 gtest: update to 1.8.1
Squashed OpenBMC subtree compatibility updates:
meta-aspeed:
Brad Bishop (1):
aspeed: add yocto 2.6 compatibility
meta-ibm:
Brad Bishop (1):
ibm: prepare for yocto 2.6
meta-ingrasys:
Brad Bishop (1):
ingrasys: set layer compatibility to yocto 2.6
meta-openpower:
Brad Bishop (1):
openpower: set layer compatibility to yocto 2.6
meta-phosphor:
Brad Bishop (3):
phosphor: set layer compatibility to thud
phosphor: libgpg-error: drop patches
phosphor: react to fitimage artifact rename
Ed Tanous (4):
Dropbear: upgrade options for latest upgrade
yocto2.6: update openssl options
busybox: remove upstream watchdog patch
systemd: Rebase CONFIG_CGROUP_BPF patch
Change-Id: I7b1fe71cca880d0372a82d94b5fd785323e3a9e7
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
diff --git a/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-17360.patch b/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-17360.patch
new file mode 100644
index 0000000..cef10a7
--- /dev/null
+++ b/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-17360.patch
@@ -0,0 +1,65 @@
+From cf93e9c2cf8f8b2566f8fc86e961592b51b5980d Mon Sep 17 00:00:00 2001
+From: Alan Modra <amodra@gmail.com>
+Date: Thu, 20 Sep 2018 18:23:17 +0930
+Subject: [PATCH] PR23685, buffer overflow
+
+ PR 23685
+ * peXXigen.c (pe_print_edata): Correct export address table
+ overflow checks. Check dataoff against section size too.
+
+CVE: CVE-2018-17360
+Upstream-Status: Backport
+Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
+---
+ bfd/ChangeLog | 6 ++++++
+ bfd/peXXigen.c | 11 ++++++-----
+ 2 files changed, 12 insertions(+), 5 deletions(-)
+
+diff --git a/bfd/ChangeLog b/bfd/ChangeLog
+index fef5479..81b9e56 100644
+--- a/bfd/ChangeLog
++++ b/bfd/ChangeLog
+@@ -1,5 +1,11 @@
+ 2018-09-20 Alan Modra <amodra@gmail.com>
+
++ PR 23685
++ * peXXigen.c (pe_print_edata): Correct export address table
++ overflow checks. Check dataoff against section size too.
++
++2018-09-20 Alan Modra <amodra@gmail.com>
++
+ PR 23686
+ * dwarf2.c (read_section): Error when attempting to malloc
+ "(bfd_size_type) -1".
+diff --git a/bfd/peXXigen.c b/bfd/peXXigen.c
+index 598f2ca..1645ef4 100644
+--- a/bfd/peXXigen.c
++++ b/bfd/peXXigen.c
+@@ -1661,7 +1661,8 @@ pe_print_edata (bfd * abfd, void * vfile)
+
+ dataoff = addr - section->vma;
+ datasize = extra->DataDirectory[PE_EXPORT_TABLE].Size;
+- if (datasize > section->size - dataoff)
++ if (dataoff > section->size
++ || datasize > section->size - dataoff)
+ {
+ fprintf (file,
+ _("\nThere is an export table in %s, but it does not fit into that section\n"),
+@@ -1778,11 +1779,11 @@ pe_print_edata (bfd * abfd, void * vfile)
+ edt.base);
+
+ /* PR 17512: Handle corrupt PE binaries. */
+- if (edt.eat_addr + (edt.num_functions * 4) - adj >= datasize
++ /* PR 17512 file: 140-165018-0.004. */
++ if (edt.eat_addr - adj >= datasize
+ /* PR 17512: file: 092b1829 */
+- || (edt.num_functions * 4) < edt.num_functions
+- /* PR 17512 file: 140-165018-0.004. */
+- || data + edt.eat_addr - adj < data)
++ || (edt.num_functions + 1) * 4 < edt.num_functions
++ || edt.eat_addr - adj + (edt.num_functions + 1) * 4 > datasize)
+ fprintf (file, _("\tInvalid Export Address Table rva (0x%lx) or entry count (0x%lx)\n"),
+ (long) edt.eat_addr,
+ (long) edt.num_functions);
+--
+2.9.3