Rebase bpftrace to 0.20.4

This patch release contains a proper fix for CVE-2024-2313, allowing unprivileged users loading of compromised linux headers. Resolves: RHEL-28765 CVE: CVE-2024-2313 Signed-off-by: Viktor Malik <vmalik@redhat.com>
2024-05-30 07:56:32 +02:00 · 2024-05-30 07:56:32 +02:00 · 8df28341fa
commit 8df28341fa
parent e402818776
4 changed files with 8 additions and 2 deletions
--- a/.gitignore
+++ b/.gitignore
@ -15,3 +15,4 @@
 /bpftrace-0.17.0.tar.gz
 /bpftrace-0.19.1.tar.gz
 /bpftrace-0.20.3.tar.gz
+/bpftrace-0.20.4.tar.gz
--- a/bpftrace-0.20.4-RHEL-aarch64-fixes-statsnoop-and-opensnoop.patch
+++ b/bpftrace-0.20.4-RHEL-aarch64-fixes-statsnoop-and-opensnoop.patch
--- a/bpftrace.spec
+++ b/bpftrace.spec
@ -1,5 +1,5 @@
 Name:           bpftrace
-Version:        0.20.3
+Version:        0.20.4
 Release:        1%{?dist}
 Summary:        High-level tracing language for Linux eBPF
 License:        ASL 2.0
@ -93,6 +93,11 @@ find %{buildroot}%{_datadir}/%{name}/tools -type f -exec \
 %exclude %{_datadir}/%{name}/tools/old

 %changelog
+* Thu May 30 2024 Viktor Malik <vmalik@redhat.com> - 0.20.4-1
+- Rebase on bpftrace 0.20.4
+- Fix CVE allowing unprivileged users loading of compromised linux headers
+  (RHEL-28765, CVE-2024-2313)
+
 * Fri May 03 2024 Viktor Malik <vmalik@redhat.com>  - 0.20.3-1
 - Rebase on bpftrace 0.20.3 (RHEL-30779)
 - Fix CVE allowing unprivileged users loading of compromised linux headers
--- a/2
+++ b/2
@ -1,2 +1,2 @@
-SHA512 (bpftrace-0.20.3.tar.gz) = 218a1bfac7e1a2b7eef5b0ed3e7403eed4bc932f2aa03c5f4c8924246c09088f5074ab3d54031e582cb4f8e7d0c7df1bb30007c2421c44d2c2506364f0ba5a0e
+SHA512 (bpftrace-0.20.4.tar.gz) = a8d5b5bd7d35f9bb308cd7d0ae4eaee899312d3e6540164d3b29eac61159983ea01350311f53b7b6c5023844bde9a2cd3a2d50459116261a536c0e6e52963462
 SHA512 (cereal-1.3.2.tar.gz) = 98d306d6292789129675f1c5c5aedcb90cfcc1029c4482893a8f9b23f3c9755e5ed4762d7a528f215345cae6392e87cd8d89467115b6f031b41c8673d6b4b109