From 7f78335ceab31941913234421d4a348f885473c5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karel=20Kl=C3=AD=C4=8D?= Date: Fri, 22 Jan 2010 09:05:33 +0000 Subject: [PATCH] Fixed CVE-2010-0001 --- gzip-1.3.12-cve-2010-0001.patch | 14 ++++++++++++ gzip.spec | 40 +++++++++++++++++++-------------- 2 files changed, 37 insertions(+), 17 deletions(-) create mode 100644 gzip-1.3.12-cve-2010-0001.patch diff --git a/gzip-1.3.12-cve-2010-0001.patch b/gzip-1.3.12-cve-2010-0001.patch new file mode 100644 index 0000000..b4b8b8e --- /dev/null +++ b/gzip-1.3.12-cve-2010-0001.patch @@ -0,0 +1,14 @@ +diff -up gzip-1.3.12/inflate.c.cve-2010-0001 gzip-1.3.12/inflate.c +diff -up gzip-1.3.12/unlzw.c.cve-2010-0001 gzip-1.3.12/unlzw.c +--- gzip-1.3.12/unlzw.c.cve-2010-0001 2006-12-11 19:54:39.000000000 +0100 ++++ gzip-1.3.12/unlzw.c 2010-01-14 14:38:58.408250047 +0100 +@@ -248,7 +248,8 @@ int unlzw(in, out) + int o; + + resetbuf: +- e = insize-(o = (posbits>>3)); ++ o = posbits >> 3; ++ e = o <= insize ? insize - o : 0; + + for (i = 0 ; i < e ; ++i) { + inbuf[i] = inbuf[i+o]; diff --git a/gzip.spec b/gzip.spec index bdb7da5..cb62f06 100644 --- a/gzip.spec +++ b/gzip.spec @@ -1,21 +1,23 @@ Summary: The GNU data compression program Name: gzip Version: 1.3.13 -Release: 1%{?dist} +Release: 2%{?dist} # info pages are under GFDL license License: GPLv3+ and GFDL Group: Applications/File Source: http://ftp.gnu.org/gnu/gzip/gzip-%{version}.tar.gz Patch0: gzip-1.3.12-openbsd-owl-tmp.patch Patch1: gzip-1.3.5-zforce.patch -Patch3: gzip-1.3.9-stderr.patch -Patch4: gzip-1.3.10-zgreppipe.patch -Patch5: gzip-1.3.13-rsync.patch -Patch7: gzip-1.3.9-addsuffix.patch -Patch14: gzip-1.3.5-cve-2006-4338.patch -Patch15: gzip-1.3.13-cve-2006-4337.patch -Patch16: gzip-1.3.5-cve-2006-4337_len.patch -Patch18: gzip-1.3.12-zdiff.patch +Patch2: gzip-1.3.9-stderr.patch +Patch3: gzip-1.3.10-zgreppipe.patch +Patch4: gzip-1.3.13-rsync.patch +Patch5: gzip-1.3.9-addsuffix.patch +Patch6: gzip-1.3.5-cve-2006-4338.patch +Patch7: gzip-1.3.13-cve-2006-4337.patch +Patch8: gzip-1.3.5-cve-2006-4337_len.patch +Patch9: gzip-1.3.12-zdiff.patch +# Fixed in upstream code. +Patch10: gzip-1.3.12-cve-2010-0001.patch URL: http://www.gzip.org/ Requires: /sbin/install-info Requires: mktemp less @@ -33,14 +35,15 @@ very commonly used data compression program. %setup -q %patch0 -p1 -b .owl-tmp %patch1 -p1 -b .zforce -%patch3 -p1 -b .stderr -%patch4 -p1 -b .nixi -%patch5 -p1 -b .rsync -%patch7 -p1 -b .addsuffix -%patch14 -p1 -b .4338 -%patch15 -p1 -b .4337 -%patch16 -p1 -b .4337l -%patch18 -p1 -b .ret +%patch2 -p1 -b .stderr +%patch3 -p1 -b .nixi +%patch4 -p1 -b .rsync +%patch5 -p1 -b .addsuffix +%patch6 -p1 -b .4338 +%patch7 -p1 -b .4337 +%patch8 -p1 -b .4337l +%patch9 -p1 -b .ret +%patch10 -p1 -b .cve-2010-0001 %build export DEFS="NO_ASM" @@ -92,6 +95,9 @@ fi %{_infodir}/gzip.info* %changelog +* Fri Jan 22 2010 Karel Klic - 1.3.13-2 +- Fixed CVE-2010-0001 (rhbz#554418) + * Tue Dec 1 2009 Karel Klic - 1.3.13-1 - New upstream version - Updated license from GPLv2 to GPLv3+