CVE-2022-3606 fix

2022-12-20 15:11:59 +01:00 · 2022-12-20 15:11:59 +01:00 · 55d2a70c56
commit 55d2a70c56
parent e088fe9768
3 changed files with 8 additions and 2 deletions
--- a/.gitignore
+++ b/.gitignore
@ -12,3 +12,4 @@
 /v0.7.0.tar.gz
 /v0.8.0.tar.gz
 /v1.0.0.tar.gz
+/libbpf-Fix-null-pointer-dereference-in-find_prog_by_.patch
--- a/libbpf.spec
+++ b/libbpf.spec
@ -5,12 +5,13 @@

 Name:           %{githubname}
 Version:        %{githubver}
-Release:        3%{?dist}
+Release:        4%{?dist}
 Summary:        Libbpf library

 License:        LGPLv2 or BSD
 URL:            https://github.com/%{githubname}/%{githubname}
 Source:         https://github.com/%{githubname}/%{githubname}/archive/v%{githubver}.tar.gz
+Patch1:         libbpf-Fix-null-pointer-dereference-in-find_prog_by_.patch
 BuildRequires:  gcc elfutils-libelf-devel elfutils-devel
 BuildRequires: make

@ -49,7 +50,7 @@ developing applications that use %{name}
 	-Wl,--no-as-needed" LIBDIR=/%{_libdir} NO_PKG_CONFIG=1

 %prep
-%autosetup -n %{githubfull}
+%autosetup -n %{githubfull} -p1

 %build
 %make_build -C ./src %{make_flags}
@ -70,6 +71,9 @@ developing applications that use %{name}
 %{_libdir}/libbpf.a

 %changelog
+* Tue Dec 20 2022 Jiri Olsa <olsajiri@gmail.com> - 2:1.0.0-4
+- CVE-2022-3606 fix
+
 * Tue Nov 01 2022 Jiri Olsa <olsajiri@gmail.com> - 2:1.0.0-3
 - release 1.0.0-3

--- a/1
+++ b/1
@ -1 +1,2 @@
 SHA512 (v1.0.0.tar.gz) = e99aea1ff477114549b41c272a975169a79ffc1daf4bcaba586cd13d0fc0b23c336cb406fd8e64b73350fe16e2d423fa68a29601d15e2477955c7a92358fb7f8
+SHA512 (libbpf-Fix-null-pointer-dereference-in-find_prog_by_.patch) = 224500f3c1238f4b5a1ccef2cf807653c7d7e0639151daf201d4a199d72a8707a6914e50f9c7dee314af94ad5f72905a136c531be8e50194c026d7d3369cca64