From 8fd02ab944c5103caba9428a4349677e4ca8bfe7 Mon Sep 17 00:00:00 2001
From: Abhi Das <adas@redhat.com>
Date: Thu, 5 Oct 2023 13:29:40 -0500
Subject: [PATCH] squashfs-tools: CVE fixes

No code changes in this commit. A JIRA/BZ reference was missed out on an
earlier patch to fix CVE-2021-40153 that prevented the issue from being
closed out correctly. This commit simply adds that missing reference.

* Thu Oct 5 2023 Abhi Das <adas@redhat.com> - 4.4-10.git1
- CVE-2021-41072 squashfs-tools: additional write outside destination directory exploit fix
  CVE-2021-40153 squashfs-tools: unvalidated filepaths allow writing outside of destination
  rhbz#2007304 RHEL-7763

Resolves: rhbz#2007304 RHEL-7763
Signed-off-by: Abhi Das <adas@redhat.com>
---
 squashfs-tools.spec | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/squashfs-tools.spec b/squashfs-tools.spec
index 61de089..b2ce2b8 100644
--- a/squashfs-tools.spec
+++ b/squashfs-tools.spec
@@ -56,9 +56,10 @@ install -m 644 %{SOURCE2} %{buildroot}%{_mandir}/man1/unsquashfs.1
 %{_sbindir}/unsquashfs
 
 %changelog
-* Wed Sep 13 2023 Abhi Das <adas@redhat.com> - 4.4-10.git1
+* Thu Oct 5 2023 Abhi Das <adas@redhat.com> - 4.4-10.git1
 - CVE-2021-41072 squashfs-tools: additional write outside destination directory exploit fix
-  rhbz#2007304
+  CVE-2021-40153 squashfs-tools: unvalidated filepaths allow writing outside of destination
+  rhbz#2007304 RHEL-7763
 
 * Mon May 30 2022 Abhi Das <adas@redhat.com> - 4.4-9.git1
 - CVE-2021-40153 squashfs-tools: unvalidated filepaths allow writing outside of destination