Resolves: CVE-2023-27535 - adapt the fix for RHEL 9 curl
... where USE_SSH is not defined. The problem with the backport was detected by OpenScanHub: https://cov01.lab.eng.brq2.redhat.com/covscanhub/task/279249//log/added.html
This commit is contained in:
Kamil Dudka
parent
d35c512f12
commit
40387c061f
|
|
@ -83,9 +83,9 @@ Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
|||
lib/ftp.c | 28 ++++++++++++++++++++++++++--
|
||||
lib/ftp.h | 5 +++++
|
||||
lib/setopt.c | 2 +-
|
||||
lib/url.c | 16 +++++++++++++++-
|
||||
lib/url.c | 12 ++++++++++++
|
||||
lib/urldata.h | 4 ++--
|
||||
5 files changed, 49 insertions(+), 6 deletions(-)
|
||||
5 files changed, 46 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/lib/ftp.c b/lib/ftp.c
|
||||
index 9442832..df15bc0 100644
|
||||
|
|
@ -184,17 +184,10 @@ diff --git a/lib/url.c b/lib/url.c
|
|||
index 61ba832..4e21838 100644
|
||||
--- a/lib/url.c
|
||||
+++ b/lib/url.c
|
||||
@@ -1325,10 +1325,24 @@ ConnectionExists(struct Curl_easy *data,
|
||||
}
|
||||
}
|
||||
|
||||
- if(get_protocol_family(needle->handler) == PROTO_FAMILY_SSH) {
|
||||
+#ifdef USE_SSH
|
||||
+ else if(get_protocol_family(needle->handler) == PROTO_FAMILY_SSH) {
|
||||
@@ -1329,6 +1329,18 @@ ConnectionExists(struct Curl_easy *data,
|
||||
if(!ssh_config_matches(needle, check))
|
||||
continue;
|
||||
}
|
||||
+#endif
|
||||
+#ifndef CURL_DISABLE_FTP
|
||||
+ else if(get_protocol_family(needle->handler) & PROTO_FAMILY_FTP) {
|
||||
+ /* Also match ACCOUNT, ALTERNATIVE-TO-USER, USE_SSL and CCC options */
|
||||
|
|
|
|||
|
|
@ -26,10 +26,10 @@ index 3b11b7e..cbbc7f3 100644
|
|||
+ if(needle->gssapi_delegation != check->gssapi_delegation)
|
||||
+ continue;
|
||||
+
|
||||
#ifdef USE_SSH
|
||||
else if(get_protocol_family(needle->handler) == PROTO_FAMILY_SSH) {
|
||||
if(get_protocol_family(needle->handler) == PROTO_FAMILY_SSH) {
|
||||
if(!ssh_config_matches(needle, check))
|
||||
@@ -1787,6 +1792,7 @@ static struct connectdata *allocate_conn(struct Curl_easy *data)
|
||||
continue;
|
||||
@@ -1785,6 +1790,7 @@ static struct connectdata *allocate_conn(struct Curl_easy *data)
|
||||
conn->fclosesocket = data->set.fclosesocket;
|
||||
conn->closesocket_client = data->set.closesocket_client;
|
||||
conn->lastused = Curl_now(); /* used now */
|
||||
|
|
|
|||
|
|
@ -16,12 +16,12 @@ diff --git a/lib/url.c b/lib/url.c
|
|||
index 0c31486..3b11b7e 100644
|
||||
--- a/lib/url.c
|
||||
+++ b/lib/url.c
|
||||
@@ -1331,7 +1331,7 @@ ConnectionExists(struct Curl_easy *data,
|
||||
@@ -1330,7 +1330,7 @@ ConnectionExists(struct Curl_easy *data,
|
||||
if(needle->gssapi_delegation != check->gssapi_delegation)
|
||||
continue;
|
||||
|
||||
#ifdef USE_SSH
|
||||
- else if(get_protocol_family(needle->handler) == PROTO_FAMILY_SSH) {
|
||||
+ else if(get_protocol_family(needle->handler) & PROTO_FAMILY_SSH) {
|
||||
- if(get_protocol_family(needle->handler) == PROTO_FAMILY_SSH) {
|
||||
+ if(get_protocol_family(needle->handler) & PROTO_FAMILY_SSH) {
|
||||
if(!ssh_config_matches(needle, check))
|
||||
continue;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
|
||||
Name: curl
|
||||
Version: 7.76.1
|
||||
Release: 24%{?dist}
|
||||
Release: 25%{?dist}
|
||||
License: MIT
|
||||
Source: https://curl.se/download/%{name}-%{version}.tar.xz
|
||||
|
||||
|
|
@ -517,6 +517,9 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
|
|||
%{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
|
||||
|
||||
%changelog
|
||||
* Wed Apr 12 2023 Kamil Dudka <kdudka@redhat.com> - 7.76.1-25
|
||||
- adapt the fix of CVE-2023-27535 for RHEL 9 curl
|
||||
|
||||
* Fri Mar 24 2023 Kamil Dudka <kdudka@redhat.com> - 7.76.1-24
|
||||
- fix SSH connection too eager reuse still (CVE-2023-27538)
|
||||
- fix GSS delegation too eager connection re-use (CVE-2023-27536)
|
||||
|
|
|
|||
Loading…
Reference in New Issue