From b90be9f1f55909b15ef5298883461e560e62f2d3 Mon Sep 17 00:00:00 2001 From: Kamil Dudka Date: Fri, 27 May 2022 17:33:17 +0200 Subject: [PATCH] Related: CVE-2022-1348 - lockState: do not print `error:` when exit code is unaffected --- 0004-logrotate-3.18.0-CVE-2022-1348.patch | 37 +++++++++++++++++++++-- logrotate.spec | 5 ++- 2 files changed, 39 insertions(+), 3 deletions(-) diff --git a/0004-logrotate-3.18.0-CVE-2022-1348.patch b/0004-logrotate-3.18.0-CVE-2022-1348.patch index f58759e..332e4ee 100644 --- a/0004-logrotate-3.18.0-CVE-2022-1348.patch +++ b/0004-logrotate-3.18.0-CVE-2022-1348.patch @@ -1,7 +1,7 @@ From 53e0dc4a8ddcb169b0ba36472de03f4366f45159 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= Date: Tue, 29 Mar 2022 21:06:54 +0200 -Subject: [PATCH 1/2] skip locking if state file is world-readable +Subject: [PATCH 1/3] skip locking if state file is world-readable Fixes: CVE-2022-1348 - potential DoS from unprivileged users via the state file Bug: https://bugzilla.redhat.com/CVE-2022-1348 @@ -159,7 +159,7 @@ index 0000000..ac93900 From 0d2d770cc5aa7bf14e84a2832249eeeb391b0b8a Mon Sep 17 00:00:00 2001 From: Kamil Dudka Date: Wed, 25 May 2022 09:55:02 +0200 -Subject: [PATCH 2/2] drop world-readable permission on state file +Subject: [PATCH 2/3] drop world-readable permission on state file ... even when ACLs are enabled. This is a follow-up to the fix of CVE-2022-1348. It has no impact on security but makes the state @@ -218,3 +218,36 @@ index 62d606b..06b255a 100755 -- 2.35.3 + +From 105ed9f433a3aaf1aec93318aa9c8811b59d7b23 Mon Sep 17 00:00:00 2001 +From: Kamil Dudka +Date: Fri, 27 May 2022 09:56:07 +0200 +Subject: [PATCH 3/3] lockState: do not print `error:` when exit code is + unaffected + +Closes: https://github.com/logrotate/logrotate/pull/448 + +Upstream-commit: 31cf1099ab8514dfcae5a980bc77352edd5292f8 +Signed-off-by: Kamil Dudka +--- + logrotate.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/logrotate.c b/logrotate.c +index 27deaf3..77db8c2 100644 +--- a/logrotate.c ++++ b/logrotate.c +@@ -2942,8 +2942,8 @@ static int lockState(const char *stateFilename, int skip_state_lock) + } + + if (sb.st_mode & S_IROTH) { +- message(MESS_ERROR, "state file %s is world-readable and thus can" +- " be locked from other unprivileged users." ++ message(MESS_NORMAL, "warning: state file %s is world-readable" ++ " and thus can be locked from other unprivileged users." + " Skipping lock acquisition...\n", + stateFilename); + close(lockFd); +-- +2.35.3 + diff --git a/logrotate.spec b/logrotate.spec index 37e7efe..7e051c2 100644 --- a/logrotate.spec +++ b/logrotate.spec @@ -1,7 +1,7 @@ Summary: Rotates, compresses, removes and mails system log files Name: logrotate Version: 3.18.0 -Release: 6%{?dist} +Release: 7%{?dist} License: GPLv2+ URL: https://github.com/logrotate/logrotate Source0: https://github.com/logrotate/logrotate/releases/download/%{version}/logrotate-%{version}.tar.xz @@ -119,6 +119,9 @@ fi %config(noreplace) %{_sysconfdir}/rwtab.d/logrotate %changelog +* Fri May 27 2022 Kamil Dudka - 3.18.0-7 +- lockState: do not print `error:` when exit code is unaffected (#2090926) + * Wed May 25 2022 Kamil Dudka - 3.18.0-6 - fix potential DoS from unprivileged users via the state file (CVE-2022-1348)