From 01ee6f890f6ee9f9077cdd61b6bcf87cca5afc18 Mon Sep 17 00:00:00 2001 From: DistroBaker Date: Mon, 11 Jan 2021 12:19:07 +0000 Subject: [PATCH] Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/raptor2.git#7854f39a86c4bf78f17a7df289d5d0ea3da75dac --- ...aptor2-malformed-input-file-can-lead.patch | 33 +++++++++++++++++++ raptor2.spec | 8 ++++- 2 files changed, 40 insertions(+), 1 deletion(-) create mode 100644 0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch diff --git a/0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch b/0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch new file mode 100644 index 0000000..1fb279d --- /dev/null +++ b/0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch @@ -0,0 +1,33 @@ +From a549457461874157c8c8e8e8a6e0eec06da4fbd0 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= +Date: Tue, 24 Nov 2020 10:30:20 +0000 +Subject: [PATCH] CVE-2020-25713 raptor2: malformed input file can lead to a + segfault + +due to an out of bounds array access in +raptor_xml_writer_start_element_common + +See: +https://bugs.mageia.org/show_bug.cgi?id=27605 +https://www.openwall.com/lists/oss-security/2020/11/13/1 +https://gerrit.libreoffice.org/c/core/+/106249 +--- + src/raptor_xml_writer.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/raptor_xml_writer.c b/src/raptor_xml_writer.c +index 56993dc3..4426d38c 100644 +--- a/src/raptor_xml_writer.c ++++ b/src/raptor_xml_writer.c +@@ -227,7 +227,7 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer, + + /* check it wasn't an earlier declaration too */ + for(j = 0; j < nspace_declarations_count; j++) +- if(nspace_declarations[j].nspace == element->attributes[j]->nspace) { ++ if(nspace_declarations[j].nspace == element->attributes[i]->nspace) { + declare_me = 0; + break; + } +-- +2.28.0 + diff --git a/raptor2.spec b/raptor2.spec index 81ab5b2..611bb29 100644 --- a/raptor2.spec +++ b/raptor2.spec @@ -2,7 +2,7 @@ Summary: RDF Parser Toolkit for Redland Name: raptor2 Version: 2.0.15 -Release: 26%{?dist} +Release: 27%{?dist} License: GPLv2+ or LGPLv2+ or ASL 2.0 Source: http://download.librdf.org/source/raptor2-%{version}.tar.gz @@ -11,9 +11,12 @@ URL: http://librdf.org/raptor/ ## upstream patches # https://github.com/dajobe/raptor/commit/590681e546cd9aa18d57dc2ea1858cb734a3863f Patch1: 0001-Calcualte-max-nspace-declarations-correctly-for-XML-.patch +# https://bugs.librdf.org/mantis/view.php?id=650 +Patch2: 0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch ## upstreamable patches +BuildRequires: make BuildRequires: gcc-c++ BuildRequires: curl-devel BuildRequires: gtk-doc @@ -98,6 +101,9 @@ make check %changelog +* Mon Jan 11 2021 Caolán McNamara - 2.0.15-27 +- Resolves: rhbz#1900686 CVE-2020-25713 malformed input file can lead to a segfault + * Mon Aug 10 2020 Caolán McNamara - 2.0.15-26 - Resolves: rhbz#1560206 drop requirement on yajl