From 64e07f7fd359a666b49cbc13075ff286e2ee3287 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 15 Nov 2022 02:01:25 -0500 Subject: [PATCH] import rsync-3.2.3-18.el9 --- ...patch => rsync-3.1.3-cve-2018-25032.patch} | 0 SOURCES/rsync-3.2.3-atimes.patch | 48 +++++++++++++++++++ SOURCES/rsync-3.2.3-cve-2022-37434.patch | 16 +++++++ SOURCES/rsync-3.2.3-segfault.patch | 24 ++++++++++ SOURCES/rsync-3.2.3-xattr.patch | 38 +++++++++++++++ SPECS/rsync.spec | 47 ++++++++++++++---- 6 files changed, 164 insertions(+), 9 deletions(-) rename SOURCES/{rsync-3.2.3-cve-2018-25032.patch => rsync-3.1.3-cve-2018-25032.patch} (100%) create mode 100644 SOURCES/rsync-3.2.3-atimes.patch create mode 100644 SOURCES/rsync-3.2.3-cve-2022-37434.patch create mode 100644 SOURCES/rsync-3.2.3-segfault.patch create mode 100644 SOURCES/rsync-3.2.3-xattr.patch diff --git a/SOURCES/rsync-3.2.3-cve-2018-25032.patch b/SOURCES/rsync-3.1.3-cve-2018-25032.patch similarity index 100% rename from SOURCES/rsync-3.2.3-cve-2018-25032.patch rename to SOURCES/rsync-3.1.3-cve-2018-25032.patch diff --git a/SOURCES/rsync-3.2.3-atimes.patch b/SOURCES/rsync-3.2.3-atimes.patch new file mode 100644 index 0000000..aeba803 --- /dev/null +++ b/SOURCES/rsync-3.2.3-atimes.patch @@ -0,0 +1,48 @@ +diff --git a/rsync.c b/rsync.c +index bcecac63..ff9489be 100644 +--- a/rsync.c ++++ b/rsync.c +@@ -63,8 +63,7 @@ extern char *iconv_opt; + #define UPDATED_ATIME (1<<3) + #define UPDATED_ACLS (1<<4) + #define UPDATED_MODE (1<<5) +- +-#define UPDATED_TIMES (UPDATED_MTIME|UPDATED_ATIME) ++#define UPDATED_CRTIME (1<<6) + + #ifdef ICONV_CONST + iconv_t ic_chck = (iconv_t)-1; +@@ -576,10 +575,11 @@ int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp, + set_xattr(fname, file, fnamecmp, sxp); + #endif + +- if (!preserve_times +- || (!(preserve_times & PRESERVE_DIR_TIMES) && S_ISDIR(sxp->st.st_mode)) +- || (!(preserve_times & PRESERVE_LINK_TIMES) && S_ISLNK(sxp->st.st_mode))) +- flags |= ATTRS_SKIP_MTIME | ATTRS_SKIP_ATIME; ++ if (!preserve_times) ++ flags |= ATTRS_SKIP_MTIME | (atimes_ndx ? 0 : ATTRS_SKIP_ATIME) | (crtimes_ndx ? 0 : ATTRS_SKIP_CRTIME); ++ else if ((!(preserve_times & PRESERVE_DIR_TIMES) && S_ISDIR(sxp->st.st_mode)) ++ || (!(preserve_times & PRESERVE_LINK_TIMES) && S_ISLNK(sxp->st.st_mode))) ++ flags |= ATTRS_SKIP_MTIME | ATTRS_SKIP_ATIME | ATTRS_SKIP_CRTIME; + else if (sxp != &sx2) + memcpy(&sx2.st, &sxp->st, sizeof (sx2.st)); + if (!atimes_ndx || S_ISDIR(sxp->st.st_mode)) +@@ -606,7 +606,7 @@ int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp, + updated |= UPDATED_ATIME; + } + } +- if (updated & UPDATED_TIMES) { ++ if (updated & (UPDATED_MTIME|UPDATED_ATIME)) { + int ret = set_times(fname, &sx2.st); + if (ret < 0) { + rsyserr(FERROR_XFER, errno, "failed to set times on %s", +@@ -614,7 +614,7 @@ int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp, + goto cleanup; + } + if (ret > 0) { /* ret == 1 if symlink could not be set */ +- updated &= ~UPDATED_TIMES; ++ updated &= ~(UPDATED_MTIME|UPDATED_ATIME); + file->flags |= FLAG_TIME_FAILED; + } + } diff --git a/SOURCES/rsync-3.2.3-cve-2022-37434.patch b/SOURCES/rsync-3.2.3-cve-2022-37434.patch new file mode 100644 index 0000000..2f8ec42 --- /dev/null +++ b/SOURCES/rsync-3.2.3-cve-2022-37434.patch @@ -0,0 +1,16 @@ +diff --git a/zlib/inflate.c b/zlib/inflate.c +index e43abd9..bd33c19 100644 +--- a/zlib/inflate.c ++++ b/zlib/inflate.c +@@ -740,8 +740,9 @@ int flush; + if (copy > have) copy = have; + if (copy) { + if (state->head != Z_NULL && +- state->head->extra != Z_NULL) { +- len = state->head->extra_len - state->length; ++ state->head->extra != Z_NULL && ++ (len = state->head->extra_len - state->length) < ++ state->head->extra_max) { + zmemcpy(state->head->extra + len, next, + len + copy > state->head->extra_max ? + state->head->extra_max - len : copy); diff --git a/SOURCES/rsync-3.2.3-segfault.patch b/SOURCES/rsync-3.2.3-segfault.patch new file mode 100644 index 0000000..7240f6a --- /dev/null +++ b/SOURCES/rsync-3.2.3-segfault.patch @@ -0,0 +1,24 @@ +From f5a9a1013873580d0ad2ae4f5c5038c324d71bfe Mon Sep 17 00:00:00 2001 +From: Wayne Davison +Date: Mon, 21 Feb 2022 14:19:31 -0800 +Subject: [PATCH] Fix possible array deref using invalid index. + +--- + copy-devices.diff | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/patches/copy-devices.diff b/patches/copy-devices.diff +index 797d046..4138474 100644 +--- a/patches/copy-devices.diff ++++ b/patches/copy-devices.diff +@@ -111,8 +111,8 @@ diff --git a/rsync.c b/rsync.c + if (iflags & ITEM_TRANSFER) { + int i = ndx - cur_flist->ndx_start; + - if (i < 0 || !S_ISREG(cur_flist->files[i]->mode)) { +-+ struct file_struct *file = cur_flist->files[i]; +-+ if (i < 0 || !(S_ISREG(file->mode) || (copy_devices && IS_DEVICE(file->mode)))) { +++ if (i < 0 +++ || !(S_ISREG(cur_flist->files[i]->mode) || (copy_devices && IS_DEVICE(cur_flist->files[i]->mode)))) { + rprintf(FERROR, + "received request to transfer non-regular file: %d [%s]\n", + ndx, who_am_i()); diff --git a/SOURCES/rsync-3.2.3-xattr.patch b/SOURCES/rsync-3.2.3-xattr.patch new file mode 100644 index 0000000..91b77c2 --- /dev/null +++ b/SOURCES/rsync-3.2.3-xattr.patch @@ -0,0 +1,38 @@ +diff --git a/xattrs.c b/xattrs.c +index 508649c0..3c549192 100644 +--- a/xattrs.c ++++ b/xattrs.c +@@ -1055,7 +1055,7 @@ int set_xattr(const char *fname, const struct file_struct *file, const char *fna + { + rsync_xa_list *glst = rsync_xal_l.items; + item_list *lst; +- int ndx; ++ int ndx, added_write_perm = 0; + + if (dry_run) + return 1; /* FIXME: --dry-run needs to compute this value */ +@@ -1084,10 +1084,23 @@ int set_xattr(const char *fname, const struct file_struct *file, const char *fna + } + #endif + ++ /* If the target file lacks write permission, we try to add it ++ * temporarily so we can change the extended attributes. */ ++ if (!am_root ++#ifdef SUPPORT_LINKS ++ && !S_ISLNK(sxp->st.st_mode) ++#endif ++ && access(fname, W_OK) < 0 ++ && do_chmod(fname, (sxp->st.st_mode & CHMOD_BITS) | S_IWUSR) == 0) ++ added_write_perm = 1; ++ + ndx = F_XATTR(file); + glst += ndx; + lst = &glst->xa_items; +- return rsync_xal_set(fname, lst, fnamecmp, sxp); ++ int return_value = rsync_xal_set(fname, lst, fnamecmp, sxp); ++ if (added_write_perm) /* remove the temporary write permission */ ++ do_chmod(fname, sxp->st.st_mode); ++ return return_value; + } + + #ifdef SUPPORT_ACLS diff --git a/SPECS/rsync.spec b/SPECS/rsync.spec index da08fed..f82c30f 100644 --- a/SPECS/rsync.spec +++ b/SPECS/rsync.spec @@ -10,7 +10,7 @@ Summary: A program for synchronizing files over a network Name: rsync Version: 3.2.3 -Release: 9%{?dist}.2 +Release: 18%{?dist} URL: https://rsync.samba.org/ Source0: https://download.samba.org/pub/rsync/src/rsync-%{version}%{?prerelease}.tar.gz @@ -35,8 +35,12 @@ Patch0: rsync-3.2.2-ssl-verify-hostname.patch Patch1: rsync-3.2.2-runtests.patch Patch2: rsync-3.2.3-lchmod.patch Patch3: rsync-3.2.3-append-mode.patch -Patch4: rsync-3.2.3-cve-2018-25032.patch -Patch5: rsync-3.2.3-cve-2022-29154.patch +Patch4: rsync-3.2.3-xattr.patch +Patch5: rsync-3.2.3-segfault.patch +Patch6: rsync-3.2.3-atimes.patch +Patch7: rsync-3.1.3-cve-2018-25032.patch +Patch8: rsync-3.2.3-cve-2022-37434.patch +Patch9: rsync-3.2.3-cve-2022-29154.patch %description Rsync uses a reliable algorithm to bring remote and host files into @@ -74,8 +78,12 @@ patch -p1 -i patches/copy-devices.diff %patch1 -p1 -b .runtests %patch2 -p1 -b .lchmod %patch3 -p1 -b .append-mode -%patch4 -p1 -b .cve-2018-25032 -%patch5 -p1 -b .cve-2022-29154 +%patch4 -p1 -b .xattr +%patch5 -p1 -b .segfault +%patch6 -p1 -b .atimes +%patch7 -p1 -b .cve-2018-25032 +%patch8 -p1 -b .cve-2022-37434 +%patch9 -p1 -b .cve-2022-29154 %build %configure --disable-xxhash @@ -122,11 +130,32 @@ install -D -m644 %{SOURCE6} $RPM_BUILD_ROOT/%{_unitdir}/rsyncd@.service %systemd_postun_with_restart rsyncd.service %changelog -* Mon Aug 15 2022 Michal Ruprich - 3.2.3-9.2 -- Resolves: #2111176 - remote arbitrary files write inside the directories of connecting peers +* Thu Aug 25 2022 Michal Ruprich - 3.2.3-18 +- Resolves: #2111177 - remote arbitrary files write inside the directories of connecting peers -* Thu Apr 21 2022 Michal Ruprich - 3.2.3-9.1 -- Resolves: #2074784 - A flaw found in zlib v1.2.2.2 through zlib v1.2.11 when compressing certain inputs +* Thu Aug 18 2022 Michal Ruprich - 3.2.3-17 +- Resolves: #2116669 - zlib: a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field + +* Wed May 18 2022 Michal Ruprich - 3.2.3-16 +- Related: #2081296 - Adding ci.fmf for separation of testing results + +* Wed May 18 2022 Michal Ruprich - 3.2.3-15 +- Related: #2081296 - Disabling STI + +* Wed May 18 2022 Michal Ruprich - 3.2.3-14 +- Resolves: #2071514 - A flaw found in zlib when compressing (not decompressing) certain inputs + +* Wed May 11 2022 Michal Ruprich - 3.2.3-13 +- Resolves: #2079639 - rsync --atimes doesn't work + +* Tue May 03 2022 Michal Ruprich - 3.2.3-12 +- Resolves: #2081296 - Enable fmf tests in centos stream + +* Tue Apr 26 2022 Michal Ruprich - 3.2.3-11 +- Resolves: #2053198 - rsync segmentation fault + +* Fri Apr 22 2022 Michal Ruprich - 3.2.3-10 +- Resolves: #2077431 - Read-only files that have changed xattrs fail to allow xattr changes * Tue Aug 10 2021 Mohan Boddu - 3.2.3-9 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags