Change-Id: Ia85e909563e63b28bf09400300c863df61dc892d
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/5444
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Alexey Makhalov <amakhalov@vmware.com>
1 | 1 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,29 @@ |
0 |
+From a642587a9c9e2dd7feacdf513c3643ce26ad3c22 Mon Sep 17 00:00:00 2001 |
|
1 |
+From: Christos Zoulas <christos@zoulas.com> |
|
2 |
+Date: Sat, 9 Jun 2018 16:00:06 +0000 |
|
3 |
+Subject: [PATCH] Avoid reading past the end of buffer (Rui Reis) |
|
4 |
+ |
|
5 |
+--- |
|
6 |
+diff --git a/src/readelf.c b/src/readelf.c |
|
7 |
+index 6738942..56f13f4 100644 |
|
8 |
+--- a/src/readelf.c |
|
9 |
+@@ -27,7 +27,7 @@ |
|
10 |
+ #include "file.h" |
|
11 |
+ |
|
12 |
+ #ifndef lint |
|
13 |
+-FILE_RCSID("@(#)$File: readelf.c,v 1.130 2017/01/29 19:34:24 christos Exp $") |
|
14 |
++FILE_RCSID("@(#)$File: readelf.c,v 1.143 2018/06/09 16:00:06 christos Exp $") |
|
15 |
+ #endif |
|
16 |
+ |
|
17 |
+ #ifdef BUILTIN_ELF |
|
18 |
+@@ -824,7 +824,8 @@ do_core_note(struct magic_set *ms, unsigned char *nbuf, uint32_t type, |
|
19 |
+ |
|
20 |
+ cname = (unsigned char *) |
|
21 |
+ &nbuf[doff + prpsoffsets(i)]; |
|
22 |
+- for (cp = cname; *cp && isprint(*cp); cp++) |
|
23 |
++ for (cp = cname; cp < nbuf + size && *cp |
|
24 |
++ && isprint(*cp); cp++) |
|
25 |
+ continue; |
|
26 |
+ /* |
|
27 |
+ * Linux apparently appends a space at the end |
... | ... |
@@ -1,7 +1,7 @@ |
1 | 1 |
Summary: Contains a utility for determining file types |
2 | 2 |
Name: file |
3 | 3 |
Version: 5.30 |
4 |
-Release: 3%{?dist} |
|
4 |
+Release: 4%{?dist} |
|
5 | 5 |
License: BSD |
6 | 6 |
URL: http://www.darwinsys.com/file |
7 | 7 |
Group: Applications/File |
... | ... |
@@ -10,6 +10,7 @@ Distribution: Photon |
10 | 10 |
Source0: ftp://ftp.astron.com/pub/file/%{name}-%{version}.tar.gz |
11 | 11 |
%define sha1 file=276051cd2c438d4e7a321c4422a5b3bc850fd747 |
12 | 12 |
Patch0: file-5.30-keep-not-stripped-last.patch |
13 |
+Patch1: 0001-Avoid-reading-past-the-end-of-buffer-Rui-Reis.patch |
|
13 | 14 |
Requires: %{name}-libs = %{version}-%{release} |
14 | 15 |
Conflicts: toybox |
15 | 16 |
%description |
... | ... |
@@ -30,6 +31,7 @@ It contains the libraries and header files to create applications. |
30 | 30 |
%prep |
31 | 31 |
%setup -q |
32 | 32 |
%patch0 -p1 |
33 |
+%patch1 -p1 |
|
33 | 34 |
%build |
34 | 35 |
./configure \ |
35 | 36 |
--prefix=%{_prefix} \ |
... | ... |
@@ -62,6 +64,8 @@ make %{?_smp_mflags} check |
62 | 62 |
%{_mandir}/*man3/* |
63 | 63 |
|
64 | 64 |
%changelog |
65 |
+* Wed Aug 01 2018 Ankit Jain <ankitja@vmware.com> 5.30-4 |
|
66 |
+- Fix for CVE-2018-10360. |
|
65 | 67 |
* Fri Dec 15 2017 Divya Thaluru <dthaluru@vmware.com> 5.30-3 |
66 | 68 |
- Added seperate package for libraries |
67 | 69 |
- Added toybox as conflict package |