From 8a04fc4628058926b00d510a2c8c07ce27bf5d3a Mon Sep 17 00:00:00 2001
From: eabdullin <ed.abdullin.1@gmail.com>
Date: Tue, 15 Jul 2025 07:52:41 +0000
Subject: [PATCH] import UBI socat-1.7.4.1-2.el8_10

---
 SOURCES/socat-1.7.4.4-CVE-2024-54661.patch | 22 ++++++++++++++++++++++
 SPECS/socat.spec                           | 11 ++++++++++-
 2 files changed, 32 insertions(+), 1 deletion(-)
 create mode 100644 SOURCES/socat-1.7.4.4-CVE-2024-54661.patch

diff --git a/SOURCES/socat-1.7.4.4-CVE-2024-54661.patch b/SOURCES/socat-1.7.4.4-CVE-2024-54661.patch
new file mode 100644
index 0000000..a1e1658
--- /dev/null
+++ b/SOURCES/socat-1.7.4.4-CVE-2024-54661.patch
@@ -0,0 +1,22 @@
+http://www.dest-unreach.org/socat/contrib/socat-secadv9.html
+
+--- socat-1.8.0.1/readline.sh	2019-04-04 10:59:55.000000000 +0200
++++ socat-1.8.0.2/readline.sh	2024-12-06 11:44:17.376502570 +0100
+@@ -22,9 +22,15 @@
+ else
+     HISTOPT=
+ fi
+-mkdir -p /tmp/$USER || exit 1
+ #
+ #
+ 
+-exec socat -d readline"$HISTOPT",noecho='[Pp]assword:' exec:"$PROGRAM",sigint,pty,setsid,ctty,raw,echo=0,stderr 2>/tmp/$USER/stderr2
++if test -w .; then
++    STDERR=./socat-readline.${1##*/}.log
++    rm -f $STDERR
++else
++    STDERR=/dev/null
++fi
++
++exec socat -d readline"$HISTOPT",noecho='[Pp]assword:' exec:"$PROGRAM",sigint,pty,setsid,ctty,raw,echo=0,stderr 2>$STDERR
+ 
diff --git a/SPECS/socat.spec b/SPECS/socat.spec
index 41440b0..84640bd 100644
--- a/SPECS/socat.spec
+++ b/SPECS/socat.spec
@@ -3,12 +3,14 @@
 Summary: Bidirectional data relay between two data channels ('netcat++')
 Name: socat
 Version: 1.7.4.1
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: GPLv2
 Url:  http://www.dest-unreach.org/socat/
 Source: http://www.dest-unreach.org/socat/download/%{name}-%{version}.tar.gz
 Group: Applications/Internet
 
+Patch1: socat-1.7.4.4-CVE-2024-54661.patch
+
 BuildRequires: openssl-devel readline-devel ncurses-devel
 BuildRequires: autoconf kernel-headers > 2.6.18
 # for make test
@@ -27,6 +29,8 @@ line editor (readline), a program, or a combination of two of these.
 iconv -f iso8859-1 -t utf-8 CHANGES > CHANGES.utf8
 mv CHANGES.utf8 CHANGES
 
+%autopatch -p1
+
 %build
 %configure  \
         --enable-help --enable-stdio \
@@ -65,6 +69,11 @@ export OD_C=/usr/bin/od
 %doc %{_mandir}/man1/*
 
 %changelog
+* Tue Jun  3 2025 Stepan Broz <sbroz@redhat.com> - 1.7.4.1-2
+- add fix for CVE-2024-54661
+  Resolves: RHEL-70095
+- switch to autopatch, remove unused patches
+
 * Tue Mar 30 2021 Paul Wouters <pwouters@redhat.com> - 1.7.4.1-1
 - Resolves: rhbz#1805132 socat does not recognize IP addresses of the SAN extensions in ssl mode
 - Resolves: rhbz#1870279 Transfer via socat fails with openssl enabled