From 2deaf576c8344a6abb1857fecea042ad9deab903 Mon Sep 17 00:00:00 2001 From: eabdullin Date: Fri, 31 May 2024 17:09:13 +0000 Subject: [PATCH] Import from AlmaLinux stable repository --- .sgpio.metadata | 1 - SOURCES/sgpio-1.2-buffer-overflow.patch | 11 +++++++++++ SPECS/sgpio.spec | 10 +++++++++- 3 files changed, 20 insertions(+), 2 deletions(-) delete mode 100644 .sgpio.metadata create mode 100644 SOURCES/sgpio-1.2-buffer-overflow.patch diff --git a/.sgpio.metadata b/.sgpio.metadata deleted file mode 100644 index 7d0c752..0000000 --- a/.sgpio.metadata +++ /dev/null @@ -1 +0,0 @@ -dc5f0343a3e54ca91a97ecc100011196a0a7cfb7 SOURCES/sgpio-1.2-0.10-src.tar.gz diff --git a/SOURCES/sgpio-1.2-buffer-overflow.patch b/SOURCES/sgpio-1.2-buffer-overflow.patch new file mode 100644 index 0000000..9a277d8 --- /dev/null +++ b/SOURCES/sgpio-1.2-buffer-overflow.patch @@ -0,0 +1,11 @@ +--- sgpio/sgpio.c ++++ sgpio/sgpio.c +@@ -126,7 +126,7 @@ + int id; + int host_port; + int init; +- char name[7]; ++ char name[5 /* prefix */ + 10 /* port number */ + 1 /* terminator */]; + }; + + /* structure for the disks associated with the led structure */ diff --git a/SPECS/sgpio.spec b/SPECS/sgpio.spec index 025e9fe..8152ba9 100644 --- a/SPECS/sgpio.spec +++ b/SPECS/sgpio.spec @@ -1,7 +1,7 @@ Summary: SGPIO captive backplane tool Name: sgpio Version: 1.2.0.10 -Release: 21%{?dist} +Release: 23%{?dist} License: GPLv2+ Group: System Environment/Base URL: http://sources.redhat.com/lvm2/wiki/DMRAID_Eventing @@ -10,6 +10,7 @@ Source: sgpio-1.2-0.10-src.tar.gz #Source: http://sources.redhat.com/lvm2/wiki/DMRAID_Eventing?action=AttachFile&do=get&target=sgpio-1.2.tgz Patch0: sgpio-1.2-makefile.patch Patch1: sgpio-1.2-coverity.patch +Patch2: sgpio-1.2-buffer-overflow.patch BuildRequires: dos2unix %description @@ -20,6 +21,7 @@ Intel SGPIO enclosure management utility dos2unix --keepdate Makefile README %patch0 -p1 -b .makefile %patch1 -p1 -b .coverity +%patch2 -p1 -b .buffer-overflow chmod a-x * %build @@ -36,6 +38,12 @@ make install INSTALL="%{__install} -p" DESTDIR=$RPM_BUILD_ROOT SBIN_DIR=$RPM_BUI %{_mandir}/man1/sgpio.* %changelog +* Fri Oct 27 2023 Lukáš Zaoral - 1.2.0.10-23 +- rebuild for updated gating.yaml + +* Mon Oct 09 2023 Lukáš Zaoral - 1.2.0.10-22 +- fix buffer overflow with high port numbers (RHEL-11034) + * Mon Feb 26 2018 Jan Synáček - 1.2.0.10-21 - use distribution LDFLAGS during build (#1548559)