lp://staging/~kentb/ubuntu/trusty/openwsman/bug-1319098
- Get this branch:
- bzr branch lp://staging/~kentb/ubuntu/trusty/openwsman/bug-1319098
Branch merges
- Jamie Strandboge: Approve
-
Diff: 607 lines (+539/-0)13 files modifieddebian/changelog (+30/-0)
debian/patches/LocalSubscriptionOpUpdate-fix-fopen.patch (+74/-0)
debian/patches/SHA512-password-fixes.patch (+82/-0)
debian/patches/increase-password-upper-limit.patch (+20/-0)
debian/patches/mem-allocation-dictionary-new-fix.patch (+58/-0)
debian/patches/mem-allocation-mem-double-newptr-fix.patch (+37/-0)
debian/patches/mem-allocation-u-error-new-fix.patch (+22/-0)
debian/patches/mem-allocation-wsman-init-plugins-fix.patch (+52/-0)
debian/patches/remove-unsafe-debug-call-from-sighup-handler.patch (+19/-0)
debian/patches/series (+11/-0)
debian/patches/ws-xml-make-default-prefix-buff-overflow-fix.patch (+29/-0)
debian/patches/wsman-get-fault-status-sanity-guard-fix.patch (+64/-0)
debian/patches/wsmc-create-request-fix-buff-overflow.patch (+41/-0)
Related bugs
Bug #1319089: Add security fixes from upstream | Undecided | Fix Released |
Related blueprints
Branch information
- Owner:
- Kent Baxley
- Status:
- Development
Recent revisions
- 18. By Kent Baxley
-
* SECURITY UPDATE: Add security fixes from upstream openwsman (LP: #1319089)
- debian/patches/ ws-xml- make-default- prefix- buff-overflow- fix.patch:
ws_xml_make_ default_ prefix( ) can overflow buf parameter via sprintf()
- debian/patches/ wsmc-create- request- fix-buff- overflow. patch:
wsmc_create_ request( ) potential buf[20] overflow via WSMAN_ACTION_RENEW
- debian/patches/ LocalSubscripti onOpUpdate- fix-fopen. patch:
address LocalSubscriptionOpUpdate( ) unchecked fopen()
- debian/patches/ wsman-get- fault-status- sanity- guard-fix. patch:
Fix incorrect order of sanity guards in wsman_get_fault_status_ from_doc( )
- debian/patches/ mem-allocation- wsman-init- plugins- fix.patch:
Fix unchecked memory allocation in wsman_init_plugins( ), p->ifc
- debian/patches/ mem-allocation- mem-double- newptr- fix.patch:
Fix unchecked memory allocation in mem_double(), newptr
- debian/patches/ mem-allocation- dictionary- new-fix. patch:
Fix unchecked memory allocation in dictionary_new(), d, d->val, d->key,
- debian/patches/ mem-allocation- u-error- new-fix. patch:
Fix unchecked memory allocation in u_error_new(), *error
- debian/patches/ remove- unsafe- debug-call- from-sighup- handler. patch:
sighup_handler( ) in wsmand.c use of unsafe functions in a signal handler
- debian/patches/ SHA512- password- fixes.patch:
Support SHA512 password encoding, use safe_cmp to prevent brute-force
attacks
- debian/patches/ increase- password- upper-limit. patch:
increase password upper limit to 128 characters (from 64) - 17. By Kent Baxley
-
Break out patch set one at a time.
Added two new fixes from upsteram (SHA512 fixes and increase password length).
Only add security-relevant patches this time. - 13. By Kent Baxley
-
* Add security fixes from upstream openwsman-2.4.4 (LP: #1319089)
* ws_xml_make_default_ prefix( ) can overflow buf parameter via sprintf()
* wsmc_create_request( ) potential buf[20] overflow via WSMAN_ACTION_RENEW
* LocalSubscriptionOpUpdate( ) unchecked fopen()
* Incorrect order of sanity guards in wsman_get_fault_status_ from_doc( )
* Unchecked memory allocation in wsman_init_plugins( ), p->ifc
* Unchecked memory allocation in mem_double(), newptr
* Unchecked memory allocation in dictionary_new(), d, d->val, d->key,
d->hash
* Unchecked memory allocation in u_error_new(), *error
* sighup_handler() in wsmand.c uses unsafe functions in a signal handler - 11. By Kent Baxley
-
* Sync with upstream 2.4.3 (LP: #1268707)
* debian/control: bump standards version to 3.9.5
* debian/patches: removed cmake-findruby.patch. FTBFS no longer occurs due to
overhauled ruby cmake file upstream. - 10. By Stefan Bader
-
* Sync with upstream 2.3.6
* debian/control: Move to standards version 3.9.2
- debian/*.install: Use relative source paths
- debian/*.conffiles: Dropped
- debian/source/ format: New: "3.0 (quilt)"
- debian/control: Add debhelper (>= 9.0.0) as build-dependency
- debian/rules: Use dh format
- debian/rules: Disable dh_auto_test. Testcases fail
- debian/rules: Override dh_auto_install to install the client config
* debian/control: Add build-dependency on cmake
* debian/control: Drop build-dependency on cdbs
* debian/control: Multi-Arch conversion for libopenwsman1 and
libwsman- clientpp1.
* debian/rules: Drop cdbs includes
* debian/rules: Drop extra build flags (not required anymore)
* debian/libopenwsman- dev.install: Don't install .a files (not built)
* debian/patches/ cmake-findruby. patch: Fix FTBS caused by a certain
usage of braces.
* debian/patches/ cmake-python- includes. patch: Need to use a different
variable which has architecture specific include path as well.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://staging/ubuntu/utopic/openwsman