From 41f9c1a59bdeb689a686f77782bea42718d8982d Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 27 Sep 2022 16:09:26 -0400 Subject: [PATCH] import pcre2-10.32-3.el8_6 --- SOURCES/pcre2-10.32-Fix-CVE-2022-1586 | 21 +++++++++++++++++++++ SPECS/pcre2.spec | 11 ++++++++++- 2 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 SOURCES/pcre2-10.32-Fix-CVE-2022-1586 diff --git a/SOURCES/pcre2-10.32-Fix-CVE-2022-1586 b/SOURCES/pcre2-10.32-Fix-CVE-2022-1586 new file mode 100644 index 0000000..8a5b2d9 --- /dev/null +++ b/SOURCES/pcre2-10.32-Fix-CVE-2022-1586 @@ -0,0 +1,21 @@ +--- pcre2-10.32/src/pcre2_jit_compile.c.old 2022-05-13 09:13:06.188574517 +0000 ++++ pcre2-10.32/src/pcre2_jit_compile.c 2022-05-13 09:27:57.189574517 +0000 +@@ -6494,7 +6494,7 @@ while (*cc != XCL_END) + { + SLJIT_ASSERT(*cc == XCL_PROP || *cc == XCL_NOTPROP); + cc++; +- if (*cc == PT_CLIST) ++ if (*cc == PT_CLIST && cc[-1] == XCL_PROP) + { + other_cases = PRIV(ucd_caseless_sets) + cc[1]; + while (*other_cases != NOTACHAR) +--- pcre2-10.32/src/pcre2_jit_test.c.old 2022-05-13 09:29:27.531574517 +0000 ++++ pcre2-10.32/src/pcre2_jit_test.c 2022-05-13 09:32:50.666574517 +0000 +@@ -397,6 +397,7 @@ static struct regression_test_case regre + { MUP, A, 0, 0 | F_PROPERTY, "[\xc3\xa2-\xc3\xa6\xc3\x81-\xc3\x84\xe2\x80\xa8-\xe2\x80\xa9\xe6\x92\xad\\p{Zs}]{2,}", "\xe2\x80\xa7\xe2\x80\xa9\xe6\x92\xad \xe6\x92\xae" }, + { MUP, A, 0, 0 | F_PROPERTY, "[\\P{L&}]{2}[^\xc2\x85-\xc2\x89\\p{Ll}\\p{Lu}]{2}", "\xc3\xa9\xe6\x92\xad.a\xe6\x92\xad|\xc2\x8a#" }, + { PCRE2_UCP, 0, 0, 0 | F_PROPERTY, "[a-b\\s]{2,5}[^a]", "AB baaa" }, ++ { CMUP, 0, 0, 0, "[^S]\\B", "\xe2\x80\x8a" }, + + /* Possible empty brackets. */ + { MU, A, 0, 0, "(?:|ab||bc|a)+d", "abcxabcabd" }, diff --git a/SPECS/pcre2.spec b/SPECS/pcre2.spec index df3f0aa..99f43bc 100644 --- a/SPECS/pcre2.spec +++ b/SPECS/pcre2.spec @@ -9,7 +9,7 @@ #%%global rcversion RC1 Name: pcre2 Version: 10.32 -Release: %{?rcversion:0.}2%{?rcversion:.%rcversion}%{?dist} +Release: %{?rcversion:0.}3%{?rcversion:.%rcversion}%{?dist} %global myversion %{version}%{?rcversion:-%rcversion} Summary: Perl-compatible regular expression library # the library: BSD with exceptions @@ -68,6 +68,11 @@ Patch5: pcre2-10.32-Fix-crash-when-X-is-used-without-UTF-in-JIT.patch # 2/2 Fix CVE-2019-20454 (a crash when \X is used without UTF mode in a JIT), # upstream bug #2399, bug #1734468, in upstream after 10.33 Patch6: pcre2-10.32-Forgot-this-file-in-previous-commit.-Fixes-JIT-non-U.patch +# Fix CVE-2022-1586 (Out-of-bounds read in compile_xclass_matchingpath) +# Downstream patch backport +# Ref: https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a +# https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c +Patch7: pcre2-10.32-Fix-CVE-2022-1586 BuildRequires: autoconf BuildRequires: automake BuildRequires: coreutils @@ -150,6 +155,7 @@ Utilities demonstrating PCRE2 capabilities like pcre2grep or pcre2test. %patch4 -p1 %patch5 -p1 %patch6 -p1 +%patch7 -p1 # Because of multilib patch libtoolize --copy --force autoreconf -vif @@ -251,6 +257,9 @@ make %{?_smp_mflags} check VERBOSE=yes %{_mandir}/man1/pcre2test.* %changelog +* Fri May 13 2022 Lukas Javorsky - 10.32-3 +- Resolves: CVE-2022-1586 + * Mon May 13 2019 Petr Pisar - 10.32-2 - Fix CVE-2019-20454 (a crash when \X is used without UTF mode in a JIT) (bug #1734468)