Update to 3.1.2

- Fix CVE-2013-0211: read buffer overflow on 64-bit systems (#927105)
2013-03-28 16:13:55 +01:00 · 2013-03-28 16:13:55 +01:00 · 7e034d8731
commit 7e034d8731
parent a748932bcf
4 changed files with 48 additions and 5 deletions
--- a/.gitignore
+++ b/.gitignore
@ -5,3 +5,4 @@ libarchive-2.8.4.tar.gz
 /libarchive-3.0.4.tar.gz
 /v3.1.1.tar.gz
 /libarchive-3.1.1.tar.gz
+/libarchive-3.1.2.tar.gz
--- a/libarchive-3.1.3-CVE-2013-0211_read_buffer_overflow.patch
+++ b/libarchive-3.1.3-CVE-2013-0211_read_buffer_overflow.patch
@ -0,0 +1,32 @@
+From 22531545514043e04633e1c015c7540b9de9dbe4 Mon Sep 17 00:00:00 2001
+From: Tim Kientzle <kientzle@acm.org>
+Date: Fri, 22 Mar 2013 23:48:41 -0700
+Subject: [PATCH] Limit write requests to at most INT_MAX. This prevents a
+ certain common programming error (passing -1 to write) from leading to other
+ problems deeper in the library.
+
+---
+ libarchive/archive_write.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/libarchive/archive_write.c b/libarchive/archive_write.c
+index eede5e0..be85621 100644
+--- a/libarchive/archive_write.c
+++ b/libarchive/archive_write.c
+@@ -673,8 +673,13 @@ static ssize_t
+ _archive_write_data(struct archive *_a, const void *buff, size_t s)
+ {
+ 	struct archive_write *a = (struct archive_write *)_a;
+	const size_t max_write = INT_MAX;
+
+ 	archive_check_magic(&a->archive, ARCHIVE_WRITE_MAGIC,
+ 	    ARCHIVE_STATE_DATA, "archive_write_data");
+	/* In particular, this catches attempts to pass negative values. */
+	if (s > max_write)
+		s = max_write;
+ 	archive_clear_error(&a->archive);
+ 	return ((a->format_write_data)(a, buff, s));
+ }
+-- 
+1.8.1
+
--- a/libarchive.spec
+++ b/libarchive.spec
@ -1,12 +1,12 @@
 Name:           libarchive
-Version:        3.1.1
-Release:        2%{?dist}
+Version:        3.1.2
+Release:        1%{?dist}
 Summary:        A library for handling streaming archive formats

 Group:          System Environment/Libraries
 License:        BSD
-URL:            http://libarchive.github.com/
-Source0:        https://github.com/libarchive/libarchive/archive/%{name}-%{version}.tar.gz
+URL:            http://www.libarchive.org/
+Source0:        http://www.libarchive.org/downloads/%{name}-%{version}.tar.gz
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)


@ -25,6 +25,11 @@ BuildRequires: libunistring-devel
 BuildRequires: automake autoconf libtool


+# CVE-2013-0211 libarchive: read buffer overflow on 64-bit systems
+# https://bugzilla.redhat.com/show_bug.cgi?id=927105
+Patch0: libarchive-3.1.3-CVE-2013-0211_read_buffer_overflow.patch
+
+
 %description
 Libarchive is a programming library that can create and read several different
 streaming archive formats, including most popular tar variants, several cpio
@ -61,6 +66,7 @@ libarchive packages.

 %prep
 %setup -q -n %{name}-%{version}
+%patch0 -p1 -b .CVE-2013-0211


 %build
@ -119,6 +125,10 @@ rm -rf $RPM_BUILD_ROOT


 %changelog
+* Thu Mar 28 2013 Tomas Bzatek <tbzatek@redhat.com> - 3.1.2-1
+- Update to 3.1.2
+- Fix CVE-2013-0211: read buffer overflow on 64-bit systems (#927105)
+
 * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.1.1-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild

--- a/2
+++ b/2
@ -1 +1 @@
-b482463d73370bdbe8e234095a6ef6c9  libarchive-3.1.1.tar.gz
+efad5a503f66329bb9d2f4308b5de98a  libarchive-3.1.2.tar.gz