import cyrus-sasl-2.1.27-6.el8_5
This commit is contained in:
parent
489acc6fdc
commit
db7c5fb638
@ -0,0 +1,82 @@
|
|||||||
|
From 37f2e0f0658d78a1496dc277f402f8b577ce6aae Mon Sep 17 00:00:00 2001
|
||||||
|
From: Klaus Espenlaub <klaus@espenlaub.com>
|
||||||
|
Date: Tue, 8 Feb 2022 20:34:40 +0000
|
||||||
|
Subject: [PATCH] CVE-2022-24407 Escape password for SQL insert/update
|
||||||
|
commands.
|
||||||
|
|
||||||
|
Signed-off-by: Klaus Espenlaub <klaus@espenlaub.com>
|
||||||
|
---
|
||||||
|
plugins/sql.c | 26 +++++++++++++++++++++++---
|
||||||
|
1 file changed, 23 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/plugins/sql.c b/plugins/sql.c
|
||||||
|
index 31b54a78..6ac81c2f 100644
|
||||||
|
--- a/plugins/sql.c
|
||||||
|
+++ b/plugins/sql.c
|
||||||
|
@@ -1151,6 +1151,7 @@ static int sql_auxprop_store(void *glob_context,
|
||||||
|
char *statement = NULL;
|
||||||
|
char *escap_userid = NULL;
|
||||||
|
char *escap_realm = NULL;
|
||||||
|
+ char *escap_passwd = NULL;
|
||||||
|
const char *cmd;
|
||||||
|
|
||||||
|
sql_settings_t *settings;
|
||||||
|
@@ -1222,6 +1223,11 @@ static int sql_auxprop_store(void *glob_context,
|
||||||
|
"Unable to begin transaction\n");
|
||||||
|
}
|
||||||
|
for (cur = to_store; ret == SASL_OK && cur->name; cur++) {
|
||||||
|
+ /* Free the buffer, current content is from previous loop. */
|
||||||
|
+ if (escap_passwd) {
|
||||||
|
+ sparams->utils->free(escap_passwd);
|
||||||
|
+ escap_passwd = NULL;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
if (cur->name[0] == '*') {
|
||||||
|
continue;
|
||||||
|
@@ -1243,19 +1249,32 @@ static int sql_auxprop_store(void *glob_context,
|
||||||
|
}
|
||||||
|
sparams->utils->free(statement);
|
||||||
|
|
||||||
|
+ if (cur->values[0]) {
|
||||||
|
+ escap_passwd = (char *)sparams->utils->malloc(strlen(cur->values[0])*2+1);
|
||||||
|
+ if (!escap_passwd) {
|
||||||
|
+ ret = SASL_NOMEM;
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
+ settings->sql_engine->sql_escape_str(escap_passwd, cur->values[0]);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
/* create a statement that we will use */
|
||||||
|
statement = sql_create_statement(cmd, cur->name, escap_userid,
|
||||||
|
escap_realm,
|
||||||
|
- cur->values && cur->values[0] ?
|
||||||
|
- cur->values[0] : SQL_NULL_VALUE,
|
||||||
|
+ escap_passwd ?
|
||||||
|
+ escap_passwd : SQL_NULL_VALUE,
|
||||||
|
sparams->utils);
|
||||||
|
+ if (!statement) {
|
||||||
|
+ ret = SASL_NOMEM;
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
{
|
||||||
|
char *log_statement =
|
||||||
|
sql_create_statement(cmd, cur->name,
|
||||||
|
escap_userid,
|
||||||
|
escap_realm,
|
||||||
|
- cur->values && cur->values[0] ?
|
||||||
|
+ escap_passwd ?
|
||||||
|
"<omitted>" : SQL_NULL_VALUE,
|
||||||
|
sparams->utils);
|
||||||
|
sparams->utils->log(sparams->utils->conn, SASL_LOG_DEBUG,
|
||||||
|
@@ -1288,6 +1307,7 @@ static int sql_auxprop_store(void *glob_context,
|
||||||
|
done:
|
||||||
|
if (escap_userid) sparams->utils->free(escap_userid);
|
||||||
|
if (escap_realm) sparams->utils->free(escap_realm);
|
||||||
|
+ if (escap_passwd) sparams->utils->free(escap_passwd);
|
||||||
|
if (conn) settings->sql_engine->sql_close(conn);
|
||||||
|
if (userid) sparams->utils->free(userid);
|
||||||
|
if (realm) sparams->utils->free(realm);
|
||||||
|
--
|
||||||
|
2.25.1
|
||||||
|
|
@ -8,7 +8,7 @@
|
|||||||
Summary: The Cyrus SASL library
|
Summary: The Cyrus SASL library
|
||||||
Name: cyrus-sasl
|
Name: cyrus-sasl
|
||||||
Version: 2.1.27
|
Version: 2.1.27
|
||||||
Release: 5%{?dist}
|
Release: 6%{?dist}
|
||||||
License: BSD with advertising
|
License: BSD with advertising
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
# Source0 originally comes from https://www.cyrusimap.org/releases/;
|
# Source0 originally comes from https://www.cyrusimap.org/releases/;
|
||||||
@ -36,6 +36,8 @@ Patch832: cyrus-sasl-2.1.27-Add-Channel-Binding-support-for-GSSAPI-GSS-SPNEGO.pa
|
|||||||
Patch833: cyrus-sasl-2.1.27-Add-support-for-setting-max-ssf-0-to-GSS-SPNEGO.patch
|
Patch833: cyrus-sasl-2.1.27-Add-support-for-setting-max-ssf-0-to-GSS-SPNEGO.patch
|
||||||
Patch834: cyrus-sasl-2.1.27-Emit-debug-log-only-in-case-of-errors.patch
|
Patch834: cyrus-sasl-2.1.27-Emit-debug-log-only-in-case-of-errors.patch
|
||||||
|
|
||||||
|
Patch900: 0001-CVE-2022-24407-Escape-password-for-SQL-insert-update.patch
|
||||||
|
|
||||||
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||||
BuildRequires: autoconf, automake, libtool, gdbm-devel, groff
|
BuildRequires: autoconf, automake, libtool, gdbm-devel, groff
|
||||||
BuildRequires: krb5-devel >= 1.2.2, openssl-devel, pam-devel, pkgconfig
|
BuildRequires: krb5-devel >= 1.2.2, openssl-devel, pam-devel, pkgconfig
|
||||||
@ -173,6 +175,7 @@ the GS2 authentication scheme.
|
|||||||
%patch832 -p1 -b .gssapi_cbs
|
%patch832 -p1 -b .gssapi_cbs
|
||||||
%patch833 -p1 -b .maxssf0
|
%patch833 -p1 -b .maxssf0
|
||||||
%patch834 -p1 -b .nolog
|
%patch834 -p1 -b .nolog
|
||||||
|
%patch900 -p1 -b .CVE-2022-24407
|
||||||
|
|
||||||
%build
|
%build
|
||||||
# reconfigure
|
# reconfigure
|
||||||
@ -406,6 +409,10 @@ getent passwd %{username} >/dev/null || useradd -r -g %{username} -d %{homedir}
|
|||||||
%{_sbindir}/sasl2-shared-mechlist
|
%{_sbindir}/sasl2-shared-mechlist
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Feb 17 2022 Simo Sorce <simo@redhat.com> - 2.1.27-6
|
||||||
|
- Fix for CVE-2022-24407
|
||||||
|
- Resolves: rhbz#2055846
|
||||||
|
|
||||||
* Tue May 5 2020 Simo Sorce <simo@redhat.com> - 2.1.27-5
|
* Tue May 5 2020 Simo Sorce <simo@redhat.com> - 2.1.27-5
|
||||||
- Reduce excessive GSSAPI plugin logging
|
- Reduce excessive GSSAPI plugin logging
|
||||||
- Resolves: rhbz#1274734
|
- Resolves: rhbz#1274734
|
||||||
|
Loading…
Reference in New Issue
Block a user