import cpio-2.12-11.el8
This commit is contained in:
parent
eee8e898a9
commit
f46be6331c
@ -65,7 +65,7 @@ index e2b5f45..53dc99a 100644
|
|||||||
while (digits > 0 && value != 0);
|
while (digits > 0 && value != 0);
|
||||||
+ if (value > 0)
|
+ if (value > 0)
|
||||||
+ {
|
+ {
|
||||||
+ error (0, 0, _("%s: field width not sufficient for storing %s"),
|
+ error (1, 0, _("%s: field width not sufficient for storing %s"),
|
||||||
+ filename, fieldname);
|
+ filename, fieldname);
|
||||||
+ return 1;
|
+ return 1;
|
||||||
+ }
|
+ }
|
||||||
|
1266
SOURCES/cpio-2.13-CVE-2021-38185.patch
Normal file
1266
SOURCES/cpio-2.13-CVE-2021-38185.patch
Normal file
File diff suppressed because it is too large
Load Diff
@ -1,7 +1,7 @@
|
|||||||
Summary: A GNU archiving program
|
Summary: A GNU archiving program
|
||||||
Name: cpio
|
Name: cpio
|
||||||
Version: 2.12
|
Version: 2.12
|
||||||
Release: 10%{?dist}
|
Release: 11%{?dist}
|
||||||
License: GPLv3+
|
License: GPLv3+
|
||||||
URL: http://www.gnu.org/software/cpio/
|
URL: http://www.gnu.org/software/cpio/
|
||||||
Source: ftp://ftp.gnu.org/gnu/cpio/cpio-%{version}.tar.bz2
|
Source: ftp://ftp.gnu.org/gnu/cpio/cpio-%{version}.tar.bz2
|
||||||
@ -46,6 +46,18 @@ Patch9: cpio-2.11-retain-symlink-times.patch
|
|||||||
# https://cement.retrofitta.se/tmp/cpio-tar.patch
|
# https://cement.retrofitta.se/tmp/cpio-tar.patch
|
||||||
Patch10: cpio-2.12-improper-input-validation.patch
|
Patch10: cpio-2.12-improper-input-validation.patch
|
||||||
|
|
||||||
|
# Fixed integer overflow in ds_fgetstr()
|
||||||
|
# upstream patch (#1992511)
|
||||||
|
# https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=dd96882877721703e19272fe25034560b794061b
|
||||||
|
# https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=dfc801c44a93bed7b3951905b188823d6a0432c8
|
||||||
|
# https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=236684f6deb3178043fe72a8e2faca538fa2aae1
|
||||||
|
# https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=4d169305dcb34137dc41acc761d8703eae2c63bf
|
||||||
|
# https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=86dacfe3e060ce95d5a2c0c5ec01f6437b0b6089
|
||||||
|
# https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=7dd8ba91d8b6a2640e6c01c3e3a4234828646f23
|
||||||
|
# https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=684b7ac5767e676cda78c161aeb7fe7b45a07529
|
||||||
|
# https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=b1c85839bf1381f749dd45bf6a5a38924e3315a0
|
||||||
|
Patch11: cpio-2.13-CVE-2021-38185.patch
|
||||||
|
|
||||||
|
|
||||||
Provides: bundled(gnulib)
|
Provides: bundled(gnulib)
|
||||||
Provides: /bin/cpio
|
Provides: /bin/cpio
|
||||||
@ -72,6 +84,7 @@ Install cpio if you need a program to manage file archives.
|
|||||||
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
|
autoreconf -fi
|
||||||
export CFLAGS="$RPM_OPT_FLAGS -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE64_SOURCE -pedantic -fno-strict-aliasing -Wall $CFLAGS"
|
export CFLAGS="$RPM_OPT_FLAGS -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE64_SOURCE -pedantic -fno-strict-aliasing -Wall $CFLAGS"
|
||||||
%configure --with-rmt="%{_sysconfdir}/rmt"
|
%configure --with-rmt="%{_sysconfdir}/rmt"
|
||||||
make %{?_smp_mflags}
|
make %{?_smp_mflags}
|
||||||
@ -106,6 +119,9 @@ make check || {
|
|||||||
%{_infodir}/*.info*
|
%{_infodir}/*.info*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Sep 20 2021 Ondrej Dubaj <odubaj@redhat.com> - 2.12-11
|
||||||
|
- Fixed CVE-2021-38185 (#1992511)
|
||||||
|
|
||||||
* Thu Jan 21 2021 Ondrej Dubaj <odubaj@redhat.com> - 2.12-10
|
* Thu Jan 21 2021 Ondrej Dubaj <odubaj@redhat.com> - 2.12-10
|
||||||
- Fixed improper input validation when writing tar header fields (#1766223)
|
- Fixed improper input validation when writing tar header fields (#1766223)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user