]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e77c0b3) | patch
procps: patch CVE-2023-4016
authorPeter Marko <peter.marko@siemens.com>
Thu, 10 Aug 2023 19:55:36 +0000 (21:55 +0200)
committerSteve Sakoman <steve@sakoman.com>
Fri, 11 Aug 2023 17:57:21 +0000 (07:57 -1000)
commit71d0683d625c09d4db5e0473a0b15a266aa787f4
tree9edbdafc82013a5b6050e6ef7a1a0a9ee68947f2tree | snapshot
parente77c0b35969ae690b390ffae682fd6552ff8aff8commit | diff
procps: patch CVE-2023-4016

Backport patch from upstream master.

There were three changes needed to apply the patch:
* move NEWS change to start of the file
* change file location from src/ps/ to ps/
* change xmalloc/xcmalloc to malloc/cmalloc

The x*malloc functions were introduced in commit in future version.
https://gitlab.com/procps-ng/procps/-/commit/584028dbe513127ef68c55aa631480454bcc26bf
They call the original function plus additionally throw error when out of memory.
https://gitlab.com/procps-ng/procps/-/blob/v4.0.3/local/xalloc.h?ref_type=tags
So this replacement is correct in context of our version.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-extended/procps/procps/CVE-2023-4016.patch [new file with mode: 0644] blob
meta/recipes-extended/procps/procps_3.3.17.bb diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core-contrib