Browse code
Fix CVE-2018-16845
Change-Id: I788613f10507e7041a1a75c7dac2a851d38c7a3c
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/6780
Tested-by: michellew <michellew@vmware.com>
Reviewed-by: Anish Swaminathan <anishs@vmware.com>
smaliakkal authored on 2019/02/22 09:47:32Showing 2 changed files
| 1 | 1 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,17 @@ |
| 0 |
+diff -ru a/src/http/modules/ngx_http_mp4_module.c b/src/http/modules/ngx_http_mp4_module.c |
|
| 1 |
+--- a/src/http/modules/ngx_http_mp4_module.c 2018-03-20 15:58:32.000000000 +0000 |
|
| 2 |
+@@ -942,6 +942,13 @@ |
|
| 3 |
+ atom_size = ngx_mp4_get_64value(atom_header + 8); |
|
| 4 |
+ atom_header_size = sizeof(ngx_mp4_atom_header64_t); |
|
| 5 |
+ |
|
| 6 |
++ if (atom_size < sizeof(ngx_mp4_atom_header64_t)) {
|
|
| 7 |
++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, |
|
| 8 |
++ "\"%s\" mp4 atom is too small:%uL", |
|
| 9 |
++ mp4->file.name.data, atom_size); |
|
| 10 |
++ return NGX_ERROR; |
|
| 11 |
++ } |
|
| 12 |
++ |
|
| 13 |
+ } else {
|
|
| 14 |
+ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, |
|
| 15 |
+ "\"%s\" mp4 atom is too small:%uL", |
| ... | ... |
@@ -1,7 +1,7 @@ |
| 1 | 1 |
Summary: High-performance HTTP server and reverse proxy |
| 2 | 2 |
Name: nginx |
| 3 | 3 |
Version: 1.15.3 |
| 4 |
-Release: 3%{?dist}
|
|
| 4 |
+Release: 4%{?dist}
|
|
| 5 | 5 |
License: BSD-2-Clause |
| 6 | 6 |
URL: http://nginx.org/download/nginx-%{version}.tar.gz
|
| 7 | 7 |
Group: Applications/System |
| ... | ... |
@@ -12,6 +12,7 @@ Source0: %{name}-%{version}.tar.gz
|
| 12 | 12 |
Source1: nginx.service |
| 13 | 13 |
Source2: nginx-njs-0.2.1.tar.gz |
| 14 | 14 |
%define sha1 nginx-njs=fd8c3f2d219f175be958796e3beaa17f3b465126 |
| 15 |
+Patch0: nginx-CVE-2018-16845.patch |
|
| 15 | 16 |
BuildRequires: openssl-devel |
| 16 | 17 |
BuildRequires: pcre-devel |
| 17 | 18 |
BuildRequires: which |
| ... | ... |
@@ -20,13 +21,14 @@ NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as |
| 20 | 20 |
|
| 21 | 21 |
%prep |
| 22 | 22 |
%setup -q |
| 23 |
+%patch0 -p1 |
|
| 23 | 24 |
pushd ../ |
| 24 | 25 |
mkdir nginx-njs |
| 25 | 26 |
tar -C nginx-njs -xf %{SOURCE2}
|
| 26 | 27 |
popd |
| 27 | 28 |
|
| 28 | 29 |
%build |
| 29 |
-./configure \ |
|
| 30 |
+sh configure \ |
|
| 30 | 31 |
--prefix=%{_sysconfdir}//nginx \
|
| 31 | 32 |
--sbin-path=/usr/sbin/nginx \ |
| 32 | 33 |
--conf-path=/etc/nginx/nginx.conf \ |
| ... | ... |
@@ -75,6 +77,8 @@ install -p -m 0644 %{SOURCE1} %{buildroot}/usr/lib/systemd/system/nginx.service
|
| 75 | 75 |
%{_var}/log/nginx
|
| 76 | 76 |
|
| 77 | 77 |
%changelog |
| 78 |
+* Thu Feb 21 2019 Siju Maliakkal <smaliakkal@vmware.com> 1.15.3-4 |
|
| 79 |
+- Fix CVE-2018-16845 |
|
| 78 | 80 |
* Wed Nov 07 2018 Ajay Kaher <akaher@vmware.com> 1.15.3-3 |
| 79 | 81 |
- mark config files as non replaceable on upgrade. |
| 80 | 82 |
* Mon Sep 17 2018 Keerthana K <keerthanak@vmware.com> 1.15.3-2 |