Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PR for CI: fast forward releng/24.05 to main #2158

Merged
merged 4 commits into from
Jul 19, 2024
Merged

PR for CI: fast forward releng/24.05 to main #2158

merged 4 commits into from
Jul 19, 2024

Conversation

brooksdavis
Copy link
Member

No description provided.

bsdjhb and others added 4 commits July 17, 2024 11:03
This requires smaller changes in socket option consumers avoiding the
need to store the original direction after calling sooptcopyin.

While here, change the in-kernel copies for sooptcopyin and
sooptcopyout to clear tags via bcopynocap() instead of bcopy().
For the height this doesn't matter unless auto_minheight is non-zero,
but for the width it does, as it would subtract off the maximum of
various things including the text width, which is clearly nonsense here.
All we want to do is compute how much space for content there is; what's
on other lines doesn't matter.

Fixes:	64f7073 ("bsddialog: Optionally truncate long mixedgauge labels and screens")
The text in the [...] is 14 characters long, but that includes the
terminator that isn't rendered, so there are only 13 visible characters
(plus the square brackets).
Copy link
Contributor

@gvnn3 gvnn3 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@brooksdavis brooksdavis merged commit b2ad856 into releng/24.05 Jul 19, 2024
35 of 47 checks passed
bsdjhb pushed a commit to bsdjhb/cheribsd that referenced this pull request Jan 28, 2025
Security fixes:
 CTSRD-CHERI#2158 rpm: calculate huge header sizes correctly
 CTSRD-CHERI#2160 util: fix out of boundary access in mktemp functions
 CTSRD-CHERI#2168 uu: stop processing if lines are too long
 CTSRD-CHERI#2174 lzop: prevent integer overflow
 CTSRD-CHERI#2172 rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696)
 CTSRD-CHERI#2175 unzip: unify EOF handling
 CTSRD-CHERI#2179 rar4: fix out of boundary access with large files
 CTSRD-CHERI#2203 rar4: fix OOB access with unicode filenames
 CTSRD-CHERI#2210 rar4: add boundary checks to rgb filter
 CTSRD-CHERI#2248 rar4: fix OOB in delta filter
 CTSRD-CHERI#2249 rar4: fix OOB in audio filter
 CTSRD-CHERI#2256 fix multiple vulnerabilities identified by SAST
 CTSRD-CHERI#2258 cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing
 CTSRD-CHERI#2265 rar5: clear 'data ready' cache on window buffer reallocs
 CTSRD-CHERI#2269 rar4: fix CVE-2024-26256 (CVE-2024-26256)

Important bugfixes:
 CTSRD-CHERI#2150 xar: fix another infinite loop and expat error handling
 CTSRD-CHERI#2173 shar: check strdup return value
 CTSRD-CHERI#2161 lha: fix integer truncation on 32-bit systems
 CTSRD-CHERI#2245 7zip: fix issue when skipping first file in 7zip archive that
       is a multiple of 65536 bytes
 CTSRD-CHERI#2259 rar5: don't try to read rediculously long names
 CTSRD-CHERI#2290 ar: fix archive entries having no type

Obtained from:	libarchive
Vendor commit: 	12ecf8418ab3595d66cdea1abadcea8b6a9d288b
CVE:		CVE-2024-20696, CVE-2024-26256
bsdjhb pushed a commit to bsdjhb/cheribsd that referenced this pull request Jan 28, 2025
Libarchive 3.7.7

Security fixes:
 CTSRD-CHERI#2158 rpm: calculate huge header sizes correctly
 CTSRD-CHERI#2160 util: fix out of boundary access in mktemp functions
 CTSRD-CHERI#2168 uu: stop processing if lines are too long
 CTSRD-CHERI#2174 lzop: prevent integer overflow
 CTSRD-CHERI#2172 rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696)
 CTSRD-CHERI#2175 unzip: unify EOF handling
 CTSRD-CHERI#2179 rar4: fix out of boundary access with large files
 CTSRD-CHERI#2203 rar4: fix OOB access with unicode filenames
 CTSRD-CHERI#2210 rar4: add boundary checks to rgb filter
 CTSRD-CHERI#2248 rar4: fix OOB in delta filter
 CTSRD-CHERI#2249 rar4: fix OOB in audio filter
 CTSRD-CHERI#2256 fix multiple vulnerabilities identified by SAST
 CTSRD-CHERI#2258 cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing
 CTSRD-CHERI#2265 rar5: clear 'data ready' cache on window buffer reallocs
 CTSRD-CHERI#2269 rar4: fix CVE-2024-26256 (CVE-2024-26256)
 #2330 iso: be more cautious about parsing ISO-9660 timestamps
 #2343 tar: clean up linkpath between entries
 #2364 tar: don't crash on truncated tar archives
 #2366 gzip: prevent a hang when processing a malformed gzip inside a gzip
 #2377 tar: fix two leaks in tar header parsing

Important bugfixes:
 CTSRD-CHERI#2096 rar5: report encrypted entries
 CTSRD-CHERI#2150 xar: fix another infinite loop and expat error handling
 CTSRD-CHERI#2173 shar: check strdup return value
 CTSRD-CHERI#2161 lha: fix integer truncation on 32-bit systems
 #2338 tar: fix memory leaks when processing symlinks or parsing pax headers
 CTSRD-CHERI#2245 7zip: fix issue when skipping first file in 7zip archive that
       is a multiple of 65536 bytes
 CTSRD-CHERI#2252 7-zip: read/write symlink paths as UTF-8
 CTSRD-CHERI#2259 rar5: don't try to read rediculously long names
 CTSRD-CHERI#2290 ar: fix archive entries having no type
 #2360 tar: fix truncation of entry pathnames in specific archives

CVE:		CVE-2024-20696, CVE-2024-26256
PR:		282047 (exp-run)
MFC after:	1 week
bsdjhb pushed a commit to bsdjhb/cheribsd that referenced this pull request Jan 28, 2025
Libarchive 3.7.7

Security fixes:
 CTSRD-CHERI#2158 rpm: calculate huge header sizes correctly
 CTSRD-CHERI#2160 util: fix out of boundary access in mktemp functions
 CTSRD-CHERI#2168 uu: stop processing if lines are too long
 CTSRD-CHERI#2174 lzop: prevent integer overflow
 CTSRD-CHERI#2172 rar4: protect copy_from_lzss_window_to_unp() (CVE-2024-20696)
 CTSRD-CHERI#2175 unzip: unify EOF handling
 CTSRD-CHERI#2179 rar4: fix out of boundary access with large files
 CTSRD-CHERI#2203 rar4: fix OOB access with unicode filenames
 CTSRD-CHERI#2210 rar4: add boundary checks to rgb filter
 CTSRD-CHERI#2248 rar4: fix OOB in delta filter
 CTSRD-CHERI#2249 rar4: fix OOB in audio filter
 CTSRD-CHERI#2256 fix multiple vulnerabilities identified by SAST
 CTSRD-CHERI#2258 cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing
 CTSRD-CHERI#2265 rar5: clear 'data ready' cache on window buffer reallocs
 CTSRD-CHERI#2269 rar4: fix CVE-2024-26256 (CVE-2024-26256)
 #2330 iso: be more cautious about parsing ISO-9660 timestamps
 #2343 tar: clean up linkpath between entries
 #2364 tar: don't crash on truncated tar archives
 #2366 gzip: prevent a hang when processing a malformed gzip inside a gzip
 #2377 tar: fix two leaks in tar header parsing

Important bugfixes:
 CTSRD-CHERI#2096 rar5: report encrypted entries
 CTSRD-CHERI#2150 xar: fix another infinite loop and expat error handling
 CTSRD-CHERI#2173 shar: check strdup return value
 CTSRD-CHERI#2161 lha: fix integer truncation on 32-bit systems
 #2338 tar: fix memory leaks when processing symlinks or parsing pax headers
 CTSRD-CHERI#2245 7zip: fix issue when skipping first file in 7zip archive that
       is a multiple of 65536 bytes
 CTSRD-CHERI#2252 7-zip: read/write symlink paths as UTF-8
 CTSRD-CHERI#2259 rar5: don't try to read rediculously long names
 CTSRD-CHERI#2290 ar: fix archive entries having no type
 #2360 tar: fix truncation of entry pathnames in specific archives

CVE:		CVE-2024-20696, CVE-2024-26256
PR:		282047 (exp-run)
MFC after:	1 week
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

4 participants