import subversion-1.10.2-5.module+el8.6.0+15157+188c9801
This commit is contained in:
parent
34c174226a
commit
08948bd18d
41
SOURCES/subversion-1.10.2-CVE-2022-24070.patch
Normal file
41
SOURCES/subversion-1.10.2-CVE-2022-24070.patch
Normal file
@ -0,0 +1,41 @@
|
||||
--- subversion-1.10.2/subversion/libsvn_repos/authz.c
|
||||
+++ subversion-1.10.2/subversion/libsvn_repos/authz.c
|
||||
@@ -130,6 +130,30 @@
|
||||
static svn_object_pool__t *filtered_pool = NULL;
|
||||
static svn_atomic_t authz_pool_initialized = FALSE;
|
||||
|
||||
+/*
|
||||
+ * Ensure that we will initialize authz again if the pool which
|
||||
+ * our authz caches depend on is cleared.
|
||||
+ *
|
||||
+ * HTTPD may run pre/post config hooks multiple times and clear
|
||||
+ * its global configuration pool which our authz pools depend on.
|
||||
+ * This happens in a non-threaded context during HTTPD's intialization
|
||||
+ * and HTTPD's main loop, so it is safe to reset static variables here.
|
||||
+ * (And any applications which cleared this pool while SVN threads
|
||||
+ * were running would crash no matter what.)
|
||||
+ *
|
||||
+ * See issue #4880, "Use-after-free of object-pools in
|
||||
+ * subversion/libsvn_repos/authz.c when used as httpd module"
|
||||
+ */
|
||||
+static apr_status_t
|
||||
+deinit_authz(void *data)
|
||||
+{
|
||||
+ /* The two object pools run their own cleanup handlers. */
|
||||
+ authz_pool = NULL;
|
||||
+ filtered_pool = NULL;
|
||||
+ authz_pool_initialized = FALSE;
|
||||
+ return APR_SUCCESS;
|
||||
+}
|
||||
+
|
||||
/* Implements svn_atomic__err_init_func_t. */
|
||||
static svn_error_t *
|
||||
synchronized_authz_initialize(void *baton, apr_pool_t *pool)
|
||||
@@ -143,6 +167,7 @@
|
||||
SVN_ERR(svn_object_pool__create(&authz_pool, multi_threaded, pool));
|
||||
SVN_ERR(svn_object_pool__create(&filtered_pool, multi_threaded, pool));
|
||||
|
||||
+ apr_pool_cleanup_register(pool, NULL, deinit_authz, apr_pool_cleanup_null);
|
||||
return SVN_NO_ERROR;
|
||||
}
|
||||
|
@ -37,7 +37,7 @@
|
||||
Summary: A Modern Concurrent Version Control System
|
||||
Name: subversion
|
||||
Version: 1.10.2
|
||||
Release: 4%{?dist}
|
||||
Release: 5%{?dist}
|
||||
License: ASL 2.0
|
||||
Group: Development/Tools
|
||||
URL: https://subversion.apache.org/
|
||||
@ -57,6 +57,8 @@ Patch5: subversion-1.8.5-swigplWall.patch
|
||||
Patch6: subversion-1.10.2-CVE-2019-0203.patch
|
||||
Patch7: subversion-1.10.2-CVE-2018-11782.patch
|
||||
Patch8: subversion-1.10.2-CVE-2020-17525.patch
|
||||
Patch9: subversion-1.10.2-CVE-2022-24070.patch
|
||||
|
||||
BuildRequires: autoconf, libtool, texinfo, which
|
||||
BuildRequires: swig >= 1.3.24, gettext
|
||||
%if %{with bdb}
|
||||
@ -226,6 +228,7 @@ This package includes supplementary tools for use with Subversion.
|
||||
%patch6 -p1 -b .cve0203
|
||||
%patch7 -p1 -b .cve11782
|
||||
%patch8 -p1 -b .cve17525
|
||||
%patch9 -p1 -b .cve24070
|
||||
|
||||
%build
|
||||
# Regenerate the buildsystem, so that:
|
||||
@ -548,6 +551,9 @@ make check-javahl
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Wed May 04 2022 Richard Lescak <rlescak@gmail.com> - 1.10.2-5
|
||||
- add security fix for CVE-2022-24070
|
||||
|
||||
* Wed Feb 10 2021 Joe Orton <jorton@redhat.com> - 1.10.2-4
|
||||
- add security fix for CVE-2020-17525
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user