NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
56,854 Commits 5 Branches 387 Tags 141 MiB
44fdcdea49
Commit Graph

18 Commits

Author SHA1 Message Date
Fabrice Fontaine
baa28856f1 package/cryptsetup: security bump to version 2.3.4 
Fix CVE-2020-14382: A vulnerability was found in upstream release
cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code,
that is effectively invoked on every device/image presenting itself as
LUKS2 container. The bug is in segments validation code in file
'lib/luks2/luks2_json_metadata.c' in function
hdr_validate_segments(struct crypt_device *cd, json_object *hdr_jobj)
where the code does not check for possible overflow on memory allocation
used for intervals array (see statement "intervals = malloc(first_backup
* sizeof(*intervals));"). Due to the bug, library can be *tricked* to
expect such allocation was successful but for far less memory then
originally expected. Later it may read data FROM image crafted by an
attacker and actually write such data BEYOND allocated memory.

https://mirrors.edge.kernel.org/pub/linux/utils/cryptsetup/v2.3/v2.3.4-ReleaseNotes

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
 2020-10-25 15:54:20 +01:00
Fabrice Fontaine
a727574101 package/cryptsetup: bump to version 2.3.3 
- Update indentation in hash file (two spaces)
- Send patch upstream

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
 2020-06-21 23:04:47 +02:00
Pascal de Bruijn
d9c0899753 package/cryptsetup: update to version 2.2.2 
Signed-off-by: Pascal de Bruijn <p.debruijn@unilogic.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
 2020-01-10 23:00:44 +01:00
Baruch Siach
0bd2a1739e package/cryptsetup: bump to version 2.0.6 
Cc: Martin Hicks <mort@bork.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2019-01-16 20:58:25 +01:00
Baruch Siach
ae83389eed cryptsetup: bump to version 2.0.4 
libblkid is a new optional dependency. Upstream "strongly discourages"
build without libblkid support. So enable libblkid unconditionally.

Cc: Martin Hicks <mort@bork.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
 2018-08-18 11:23:54 +02:00
Marcin Niestroj
dffbda3853 package/cryptsetup: bump version to 2.0.3 
Signed-off-by: Marcin Niestroj <m.niestroj@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
 2018-07-25 18:14:15 +02:00
Baruch Siach
5b85b59709 cryptsetup: bump to version 2.0.2 
Cc: Martin Hicks <mort@bork.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Acked-by: Martin Hicks <mort@bork.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2018-03-13 22:11:27 +01:00
Baruch Siach
de7bd25bfa cryptsetup: bump to version 2.0.0 
Add the now mandatory json-c depencecy. Propagate to reverse
dependencies.

Drop the no longer needed patch.

Add license files hashes.

[Peter: propagate _HAS_SYNC_4 dependency to comments as pointed out by
	Thomas]
Cc: Martin Hicks <mort@bork.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2017-12-22 15:38:26 +01:00
Vicente Olivert Riera
accc675f2b cryptsetup: bump version to 1.7.5 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2017-05-08 21:02:37 +02:00
Vicente Olivert Riera
fa52abc036 cryptsetup: bump version to 1.7.4 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2017-03-15 21:42:12 +01:00
Vicente Olivert Riera
10189569ca cryptsetup: bump version to 1.7.3 
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-11-16 16:02:55 +01:00
Gustavo Zacarias
8e1abc0bcd cryptsetup: bump to version 1.7.2 
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2016-06-05 22:15:35 +02:00
Gustavo Zacarias
22f19a1cbf cryptsetup: bump to version 1.7.1 
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2016-02-29 21:45:11 +01:00
Baruch Siach
8058e622b5 cryptsetup: fix hash source link 
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2015-11-14 23:04:14 +01:00
Gustavo Zacarias
5f11f5d541 cryptsetup: bump to version 1.7.0 
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2015-11-13 13:46:07 +01:00
Gustavo Zacarias
e24dfe8ba2 cryptsetup: bump to version 1.6.8 
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 2015-10-02 21:49:21 +02:00
Baruch Siach
dd5aa60abd cryptsetup: bump to version 1.6.7 
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2015-07-02 23:43:01 +02:00
Gustavo Zacarias
40c341da78 cryptsetup: bump to version 1.6.6 
Drop upstream patch, add hash file, switch to kernel.org mirror.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
 2014-10-29 21:41:54 +01:00