diff options
| author | Peter Marko <peter.marko@siemens.com> | 2025-07-13 11:48:12 +0200 |
|---|---|---|
| committer | Armin Kuster <akuster808@gmail.com> | 2025-08-02 13:37:04 -0400 |
| commit | 205638f9edf8e1aa1fbcf28555625fe56f2701a5 (patch) | |
| tree | 223e45bd07df6cf028d670ca84b6d62a2e3263c8 | |
| parent | 37b138014be204014ee3df784a4d1c9d0f4dba23 (diff) | |
| download | meta-openembedded-205638f9edf8e1aa1fbcf28555625fe56f2701a5.tar.gz | |
poco: patch CVE-2025-6375scarthgap-next
Pick commit mentioned in [1].
[1] https://nvd.nist.gov/vuln/detail/CVE-2025-6375
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
| -rw-r--r-- | meta-oe/recipes-support/poco/poco/CVE-2025-6375.patch | 34 | ||||
| -rw-r--r-- | meta-oe/recipes-support/poco/poco_1.12.5p2.bb | 1 |
2 files changed, 35 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/poco/poco/CVE-2025-6375.patch b/meta-oe/recipes-support/poco/poco/CVE-2025-6375.patch new file mode 100644 index 0000000000..2ec8f819f9 --- /dev/null +++ b/meta-oe/recipes-support/poco/poco/CVE-2025-6375.patch | |||
| @@ -0,0 +1,34 @@ | |||
| 1 | From 6f2f85913c191ab9ddfb8fae781f5d66afccf3bf Mon Sep 17 00:00:00 2001 | ||
| 2 | From: =?UTF-8?q?G=C3=BCnter=20Obiltschnig?= <guenter.obiltschnig@appinf.com> | ||
| 3 | Date: Wed, 16 Apr 2025 09:15:33 +0200 | ||
| 4 | Subject: [PATCH] fix(Net): A SEGV at Net/src/MultipartReader.cpp:164:1 #4915 | ||
| 5 | (move assertion out of ctor) | ||
| 6 | |||
| 7 | CVE: CVE-2025-6375 | ||
| 8 | Upstream-Status: Backport [https://github.com/pocoproject/poco/commit/6f2f85913c191ab9ddfb8fae781f5d66afccf3bf] | ||
| 9 | Signed-off-by: Peter Marko <peter.marko@siemens.com> | ||
| 10 | --- | ||
| 11 | Net/src/MultipartReader.cpp | 3 +-- | ||
| 12 | 1 file changed, 1 insertion(+), 2 deletions(-) | ||
| 13 | |||
| 14 | diff --git a/Net/src/MultipartReader.cpp b/Net/src/MultipartReader.cpp | ||
| 15 | index f3a2f2bba..f4aa27dd8 100644 | ||
| 16 | --- a/Net/src/MultipartReader.cpp | ||
| 17 | +++ b/Net/src/MultipartReader.cpp | ||
| 18 | @@ -36,7 +36,6 @@ MultipartStreamBuf::MultipartStreamBuf(std::istream& istr, const std::string& bo | ||
| 19 | _boundary(boundary), | ||
| 20 | _lastPart(false) | ||
| 21 | { | ||
| 22 | - poco_assert (!boundary.empty() && boundary.length() < STREAM_BUFFER_SIZE - 6); | ||
| 23 | } | ||
| 24 | |||
| 25 | |||
| 26 | @@ -47,7 +46,7 @@ MultipartStreamBuf::~MultipartStreamBuf() | ||
| 27 | |||
| 28 | int MultipartStreamBuf::readFromDevice(char* buffer, std::streamsize length) | ||
| 29 | { | ||
| 30 | - poco_assert_dbg (length >= _boundary.length() + 6); | ||
| 31 | + poco_assert (!_boundary.empty() && _boundary.length() < length - 6); | ||
| 32 | |||
| 33 | static const int eof = std::char_traits<char>::eof(); | ||
| 34 | std::streambuf& buf = *_istr.rdbuf(); | ||
diff --git a/meta-oe/recipes-support/poco/poco_1.12.5p2.bb b/meta-oe/recipes-support/poco/poco_1.12.5p2.bb index dc6e65b994..86e0adf522 100644 --- a/meta-oe/recipes-support/poco/poco_1.12.5p2.bb +++ b/meta-oe/recipes-support/poco/poco_1.12.5p2.bb | |||
| @@ -13,6 +13,7 @@ SRC_URI = "git://github.com/pocoproject/poco.git;branch=poco-1.12.5;protocol=htt | |||
| 13 | file://0001-cppignore.lnx-Ignore-PKCS12-and-testLaunch-test.patch \ | 13 | file://0001-cppignore.lnx-Ignore-PKCS12-and-testLaunch-test.patch \ |
| 14 | file://run-ptest \ | 14 | file://run-ptest \ |
| 15 | file://0002-fix-build-Install-cmake-files-with-resolved-ENABLE_J.patch \ | 15 | file://0002-fix-build-Install-cmake-files-with-resolved-ENABLE_J.patch \ |
| 16 | file://CVE-2025-6375.patch \ | ||
| 16 | " | 17 | " |
| 17 | SRCREV = "1d6fb3e1383e559cacbada5e3f861c0dafaf5d30" | 18 | SRCREV = "1d6fb3e1383e559cacbada5e3f861c0dafaf5d30" |
| 18 | 19 | ||