Browse code
patch : Apply patch for CVE-2018-6951
Change-Id: I12a711bb051ab657c34c7d359f6c483548840d86
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/5016
Reviewed-by: Sharath George
Tested-by: Sharath George
Xiaolin Li authored on 2018/04/18 06:35:24Showing 2 changed files
| 1 | 1 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,29 @@ |
| 0 |
+From f290f48a621867084884bfff87f8093c15195e6a Mon Sep 17 00:00:00 2001 |
|
| 1 |
+From: Andreas Gruenbacher <agruen@gnu.org> |
|
| 2 |
+Date: Mon, 12 Feb 2018 16:48:24 +0100 |
|
| 3 |
+Subject: Fix segfault with mangled rename patch |
|
| 4 |
+ |
|
| 5 |
+http://savannah.gnu.org/bugs/?53132 |
|
| 6 |
+* src/pch.c (intuit_diff_type): Ensure that two filenames are specified |
|
| 7 |
+for renames and copies (fix the existing check). |
|
| 8 |
+--- |
|
| 9 |
+ src/pch.c | 3 ++- |
|
| 10 |
+ 1 file changed, 2 insertions(+), 1 deletion(-) |
|
| 11 |
+ |
|
| 12 |
+diff --git a/src/pch.c b/src/pch.c |
|
| 13 |
+index ff9ed2c..bc6278c 100644 |
|
| 14 |
+--- a/src/pch.c |
|
| 15 |
+@@ -974,7 +974,8 @@ intuit_diff_type (bool need_header, mode_t *p_file_type) |
|
| 16 |
+ if ((pch_rename () || pch_copy ()) |
|
| 17 |
+ && ! inname |
|
| 18 |
+ && ! ((i == OLD || i == NEW) && |
|
| 19 |
+- p_name[! reverse] && |
|
| 20 |
++ p_name[reverse] && p_name[! reverse] && |
|
| 21 |
++ name_is_valid (p_name[reverse]) && |
|
| 22 |
+ name_is_valid (p_name[! reverse]))) |
|
| 23 |
+ {
|
|
| 24 |
+ say ("Cannot %s file without two valid file names\n", pch_rename () ? "rename" : "copy");
|
|
| 25 |
+-- |
|
| 26 |
+cgit v1.0-41-gc330 |
|
| 27 |
+ |
| ... | ... |
@@ -1,23 +1,26 @@ |
| 1 |
-Summary: Program for modifying or creating files |
|
| 2 |
-Name: patch |
|
| 3 |
-Version: 2.7.5 |
|
| 4 |
-Release: 4%{?dist}
|
|
| 5 |
-License: GPLv3+ |
|
| 6 |
-URL: http://www.gnu.org/software/%{name}
|
|
| 7 |
-Source0: ftp://ftp.gnu.org/gnu/patch/%{name}-%{version}.tar.gz
|
|
| 8 |
-%define sha1 patch=04d23f6e48e95efb07d12ccf44d1f35fb210f457 |
|
| 9 |
-Group: Development/Tools |
|
| 10 |
-Vendor: VMware, Inc. |
|
| 11 |
-Distribution: Photon |
|
| 1 |
+Summary: Program for modifying or creating files |
|
| 2 |
+Name: patch |
|
| 3 |
+Version: 2.7.5 |
|
| 4 |
+Release: 5%{?dist}
|
|
| 5 |
+License: GPLv3+ |
|
| 6 |
+URL: http://www.gnu.org/software/%{name}
|
|
| 7 |
+Source0: ftp://ftp.gnu.org/gnu/patch/%{name}-%{version}.tar.gz
|
|
| 8 |
+%define sha1 patch=04d23f6e48e95efb07d12ccf44d1f35fb210f457 |
|
| 9 |
+Patch0: patch-CVE-2018-6951.patch |
|
| 10 |
+Group: Development/Tools |
|
| 11 |
+Vendor: VMware, Inc. |
|
| 12 |
+Distribution: Photon |
|
| 12 | 13 |
%description |
| 13 | 14 |
Program for modifying or creating files by applying a patch |
| 14 | 15 |
file typically created by the diff program. |
| 15 | 16 |
%prep |
| 16 | 17 |
%setup -q |
| 18 |
+%patch0 -p1 |
|
| 19 |
+ |
|
| 17 | 20 |
%build |
| 18 | 21 |
./configure \ |
| 19 |
- --prefix=%{_prefix} \
|
|
| 20 |
- --disable-silent-rules |
|
| 22 |
+ --prefix=%{_prefix} \
|
|
| 23 |
+ --disable-silent-rules |
|
| 21 | 24 |
make %{?_smp_mflags}
|
| 22 | 25 |
%install |
| 23 | 26 |
make DESTDIR=%{buildroot} install
|
| ... | ... |
@@ -29,6 +32,8 @@ make %{?_smp_mflags} check
|
| 29 | 29 |
%{_bindir}/*
|
| 30 | 30 |
%{_mandir}/*/*
|
| 31 | 31 |
%changelog |
| 32 |
+* Tue Apr 17 2018 Xiaolin Li <xiaolinl@vmware.com> 2.7.5-5 |
|
| 33 |
+- Apply patch for CVE-2018-6951 |
|
| 32 | 34 |
* Fri Apr 28 2017 Divya Thaluru <dthaluru@vmware.com> 2.7.5-4 |
| 33 | 35 |
- Fixed ulimit in test script |
| 34 | 36 |
* Fri Oct 07 2016 ChangLee <changlee@vmware.com> 2.7.5-3 |