reset upstream subtrees to yocto 2.6
Reset the following subtrees on thud HEAD:
poky: 87e3a9739d
meta-openembedded: 6094ae18c8
meta-security: 31dc4e7532
meta-raspberrypi: a48743dc36
meta-xilinx: c42016e2e6
Also re-apply backports that didn't make it into thud:
poky:
17726d0 systemd-systemctl-native: handle Install wildcards
meta-openembedded:
4321a5d libtinyxml2: update to 7.0.1
042f0a3 libcereal: Add native and nativesdk classes
e23284f libcereal: Allow empty package
030e8d4 rsyslog: curl-less build with fmhttp PACKAGECONFIG
179a1b9 gtest: update to 1.8.1
Squashed OpenBMC subtree compatibility updates:
meta-aspeed:
Brad Bishop (1):
aspeed: add yocto 2.6 compatibility
meta-ibm:
Brad Bishop (1):
ibm: prepare for yocto 2.6
meta-ingrasys:
Brad Bishop (1):
ingrasys: set layer compatibility to yocto 2.6
meta-openpower:
Brad Bishop (1):
openpower: set layer compatibility to yocto 2.6
meta-phosphor:
Brad Bishop (3):
phosphor: set layer compatibility to thud
phosphor: libgpg-error: drop patches
phosphor: react to fitimage artifact rename
Ed Tanous (4):
Dropbear: upgrade options for latest upgrade
yocto2.6: update openssl options
busybox: remove upstream watchdog patch
systemd: Rebase CONFIG_CGROUP_BPF patch
Change-Id: I7b1fe71cca880d0372a82d94b5fd785323e3a9e7
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
diff --git a/meta-openembedded/meta-networking/recipes-daemons/squid/files/0002-smblib-fix-buffer-over-read.patch b/meta-openembedded/meta-networking/recipes-daemons/squid/files/0002-smblib-fix-buffer-over-read.patch
new file mode 100644
index 0000000..c8f0c47
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-daemons/squid/files/0002-smblib-fix-buffer-over-read.patch
@@ -0,0 +1,39 @@
+From a6b1e0fd14311587186e40d09bff5c8c3aada2e4 Mon Sep 17 00:00:00 2001
+From: Amos Jeffries <squid3@treenet.co.nz>
+Date: Sat, 25 Jul 2015 05:53:16 -0700
+Subject: [PATCH] smblib: fix buffer over-read
+
+When parsing SMB LanManager packets with invalid protocol ID and the
+default set of Squid supported protocols. It may access memory outside
+the buffer storing protocol names.
+
+smblib is only used by already deprecated helpers which are deprecated
+due to far more significant NTLM protocol issues. It will also only
+result in packets being rejected later with invalid protocol names. So
+this is a minor bug rather than a vulnerability.
+
+ Detected by Coverity Scan. Issue 1256165
+---
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+Upstream-Status: Backport
+
+ lib/smblib/smblib-util.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/lib/smblib/smblib-util.c b/lib/smblib/smblib-util.c
+index 6139ae2..e722cbb 100644
+--- a/lib/smblib/smblib-util.c
++++ b/lib/smblib/smblib-util.c
+@@ -204,7 +204,11 @@ int SMB_Figure_Protocol(const char *dialects[], int prot_index)
+ {
+ int i;
+
+- if (dialects == SMB_Prots) { /* The jobs is easy, just index into table */
++ // prot_index may be a value outside the table SMB_Types[]
++ // which holds data at offsets 0 to 11
++ int ourType = (prot_index < 0 || prot_index > 11);
++
++ if (ourType && dialects == SMB_Prots) { /* The jobs is easy, just index into table */
+
+ return(SMB_Types[prot_index]);
+ } else { /* Search through SMB_Prots looking for a match */