From 1c7d6584a7811b7785ae5c1e378f14b5ba0971cf Mon Sep 17 00:00:00 2001
From: takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp>
Date: Mon, 2 Nov 2020 11:07:33 +0900
Subject: basesystem-jj recipes

---
 .../qemu/qemu/CVE-2018-16867.patch                 | 49 ----------------------
 1 file changed, 49 deletions(-)
 delete mode 100644 external/poky/meta/recipes-devtools/qemu/qemu/CVE-2018-16867.patch

(limited to 'external/poky/meta/recipes-devtools/qemu/qemu/CVE-2018-16867.patch')

diff --git a/external/poky/meta/recipes-devtools/qemu/qemu/CVE-2018-16867.patch b/external/poky/meta/recipes-devtools/qemu/qemu/CVE-2018-16867.patch
deleted file mode 100644
index 644459e5..00000000
--- a/external/poky/meta/recipes-devtools/qemu/qemu/CVE-2018-16867.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From 61f87388af0af72ad61dee00ddd267b8047049f2 Mon Sep 17 00:00:00 2001
-From: Gerd Hoffmann <kraxel@redhat.com>
-Date: Mon, 3 Dec 2018 11:10:45 +0100
-Subject: [PATCH] usb-mtp: outlaw slashes in filenames
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Slash is unix directory separator, so they are not allowed in filenames.
-Note this also stops the classic escape via "../".
-
-Fixes: CVE-2018-16867
-Reported-by: Michael Hanselmann <public@hansmi.ch>
-Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
-Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
-Message-id: 20181203101045.27976-3-kraxel@redhat.com
-(cherry picked from commit c52d46e041b42bb1ee6f692e00a0abe37a9659f6)
-Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
-
-Upstream-Status: Backport
-CVE: CVE-2018-16867
-Affects: < 3.1.0
-
-Signed-off-by: Armin Kuster <akuster@mvista.com>
-
----
- hw/usb/dev-mtp.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/hw/usb/dev-mtp.c b/hw/usb/dev-mtp.c
-index 1ded7ac..899c8a3 100644
---- a/hw/usb/dev-mtp.c
-+++ b/hw/usb/dev-mtp.c
-@@ -1667,6 +1667,12 @@ static void usb_mtp_write_metadata(MTPState *s)
- 
-     utf16_to_str(dataset->length, dataset->filename, filename);
- 
-+    if (strchr(filename, '/')) {
-+        usb_mtp_queue_result(s, RES_PARAMETER_NOT_SUPPORTED, d->trans,
-+                             0, 0, 0, 0);
-+        return;
-+    }
-+
-     o = usb_mtp_object_lookup_name(p, filename, dataset->length);
-     if (o != NULL) {
-         next_handle = o->handle;
--- 
-2.7.4
-
-- 
cgit 1.2.3-korg