import CS tar-1.34-11.el9

2026-03-30 11:08:44 -04:00 · 2026-03-30 11:08:44 -04:00 · ad0fca93da
commit ad0fca93da
parent 56458215fc
4 changed files with 2825 additions and 1 deletions
--- a/SOURCES/tar-1.34-CVE-2025-45582.patch
+++ b/SOURCES/tar-1.34-CVE-2025-45582.patch
--- a/SOURCES/tar-1.34-no-overwrite-dir-no-overwrite-even-temporarily.patch
+++ b/SOURCES/tar-1.34-no-overwrite-dir-no-overwrite-even-temporarily.patch
@ -0,0 +1,184 @@
+From 5c151e963652f695557766c8123755a95ad8ab12 Mon Sep 17 00:00:00 2001
+From: Paul Eggert <eggert@cs.ucla.edu>
+Date: Sat, 26 Jul 2025 21:41:23 -0700
+Subject: [PATCH] --no-overwrite-dir no overwrite even temporarily
+
+Problem and fix reported by Pavel Cahyna in
+https://lists.gnu.org/r/bug-tar/2025-01/msg00000.html
+* src/extract.c (extract_dir): With --no-overwrite-dir,
+skip the chmod if the directory already exists.
+* tests/extrac23.at (--no-overwrite-dir on empty directory):
+Move the part of the test that looks at a nonempty directory ...
+* tests/extrac30.at: ... to this new file, because the test now
+must be run as non-root.  Adjust the test to match the new behavior.
+* tests/Makefile.am (TESTSUITE_AT), tests/testsuite.at: Add it.
+
+(cherry picked from commit b5ecab839bdbce1757f466895f3eca956b931e23)
+---
+ src/extract.c      | 25 ------------------------
+ tests/Makefile.am  |  1 +
+ tests/extrac23.at  | 16 +---------------
+ tests/extrac30.at  | 47 ++++++++++++++++++++++++++++++++++++++++++++++
+ tests/testsuite.at |  1 +
+ 5 files changed, 50 insertions(+), 40 deletions(-)
+ create mode 100644 tests/extrac30.at
+
+diff --git a/src/extract.c b/src/extract.c
+index 80009a54..8bab30a2 100644
+--- a/src/extract.c
+++ b/src/extract.c
+@@ -1070,31 +1070,6 @@ extract_dir (char *file_name, int typeflag)
+ 		      repair_delayed_set_stat (file_name, &st);
+ 		      return 0;
+ 		    }
+-		  else if (old_files_option == NO_OVERWRITE_DIR_OLD_FILES)
+-		    {
+-		      /* Temporarily change the directory mode to a safe
+-			 value, to be able to create files in it, should
+-			 the need be.
+-		      */
+-		      mode = safe_dir_mode (&st);
+-		      status = fd_chmod(-1, file_name, mode,
+-					AT_SYMLINK_NOFOLLOW, DIRTYPE);
+-		      if (status == 0)
+-			{
+-			  /* Store the actual directory mode, to be restored
+-			     later.
+-			  */
+-			  current_stat_info.stat = st;
+-			  current_mode = mode & ~ current_umask;
+-			  current_mode_mask = MODE_RWX;
+-			  atflag = AT_SYMLINK_NOFOLLOW;
+-			  break;
+-			}
+-		      else
+-			{
+-			  chmod_error_details (file_name, mode);
+-			}
+-		    }
+ 		  break;
+ 		}
+ 	    }
+diff --git a/tests/Makefile.am b/tests/Makefile.am
+index f01ca270..b3c503dc 100644
+--- a/tests/Makefile.am
+++ b/tests/Makefile.am
+@@ -123,6 +123,7 @@ TESTSUITE_AT = \
+  extrac22.at\
+  extrac23.at\
+  extrac24.at\
+ extrac30.at\
+  filerem01.at\
+  filerem02.at\
+  dirrem01.at\
+diff --git a/tests/extrac23.at b/tests/extrac23.at
+index 84f97446..2adc2276 100644
+--- a/tests/extrac23.at
+++ b/tests/extrac23.at
+@@ -15,15 +15,12 @@
+ #
+ # You should have received a copy of the GNU General Public License
+ # along with this program.  If not, see <http://www.gnu.org/licenses/>.
+-AT_SETUP([--no-overwrite-dir])
+AT_SETUP([--no-overwrite-dir on empty directory])
+ AT_KEYWORDS([extract extrac23 no-overwrite-dir])
+ 
+ # Description: Implementation of the --no-overwrite-dir option was flawed in
+ # tar versions up to 1.32.90.  This option is intended to preserve metadata
+ # of existing directories.  In fact it worked only for non-empty directories.
+-# Moreover, if the actual directory was owned by the user tar runs as and the
+-# S_IWUSR bit was not set in its actual permissions, tar failed to create files
+-# in it.
+ #
+ # Reported by: Michael Kaufmann <mail@michael-kaufmann.ch>
+ # References: <20200207112934.Horde.anXzYhAj2CHiwUrw5CuT0G-@webmail.michael-kaufmann.ch>,
+@@ -38,21 +35,10 @@ chmod 777 dir
+ tar -xf a.tar --no-overwrite-dir
+ genfile --stat=mode.777 dir
+ 
+-# Test if temprorary permissions are set correctly to allow the owner
+-# to write to the directory.
+-genfile --file dir/file
+-tar cf a.tar dir
+-rm dir/file
+-chmod 400 dir
+-tar -xf a.tar --no-overwrite-dir
+-genfile --stat=mode.777 dir
+-chmod 700 dir
+ find dir
+ ],
+ [0],
+ [777
+-400
+ dir
+-dir/file
+ ])
+ AT_CLEANUP
+diff --git a/tests/extrac30.at b/tests/extrac30.at
+new file mode 100644
+index 00000000..8c879c95
+--- /dev/null
+++ b/tests/extrac30.at
+@@ -0,0 +1,47 @@
+# Test suite for GNU tar.                             -*- Autotest -*-
+# Copyright 2020-2025 Free Software Foundation, Inc.
+#
+# This file is part of GNU tar.
+#
+# GNU tar is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# GNU tar is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+AT_SETUP([--no-overwrite-dir on unwritable directory])
+AT_KEYWORDS([extract extrac30 no-overwrite-dir])
+
+# Make sure that tar does not change permissions on directories if
+# --no-overwrite-dir tells it not to, not even temporarily.
+
+AT_TAR_CHECK([
+AT_UNPRIVILEGED_PREREQ
+
+# Test that the user cannot write to a unwritable directory
+# if --no-overwrite-dir is used.
+mkdir dir
+chmod 755 dir
+genfile --file dir/file
+tar cf a.tar dir
+rm dir/file
+chmod 555 dir
+tar -xf a.tar --no-overwrite-dir
+genfile --stat=mode.777 dir
+chmod 755 dir
+find dir
+],
+[0],
+[555
+dir
+],
+[tar: dir/file: Cannot open: Permission denied
+tar: Exiting with failure status due to previous errors
+])
+AT_CLEANUP
+diff --git a/tests/testsuite.at b/tests/testsuite.at
+index 775e765a..b11ee50e 100644
+--- a/tests/testsuite.at
+++ b/tests/testsuite.at
+@@ -345,6 +345,7 @@ m4_include([extrac21.at])
+ m4_include([extrac22.at])
+ m4_include([extrac23.at])
+ m4_include([extrac24.at])
+m4_include([extrac30.at])
+ 
+ m4_include([backup01.at])
+ 
+-- 
+2.39.5
+
--- a/SOURCES/tar-1.34-tar-one-top-level-DIR-must-be-relative.patch
+++ b/SOURCES/tar-1.34-tar-one-top-level-DIR-must-be-relative.patch
@ -0,0 +1,66 @@
+diff --git a/NEWS b/NEWS
+index 464def57..41a3c4e2 100644
+--- a/NEWS
+++ b/NEWS
+@@ -1,8 +1,13 @@
+-GNU tar NEWS - User visible changes. 2025-12-05
+GNU tar NEWS - User visible changes. 2026-02-23
+ Please send GNU tar bug reports to <bug-tar@gnu.org>
+ 
+ version 1.35.90 (git)
+ 
+* Changes to behavior
+
+** --one-top-level=DIR now requires DIR to be relative.
+   Previously this restriction was alluded to in the manual but not enforced.
+
+ * Bug fixes
+ 
+ ** When extracting, tar no longer follows symbolic links to targets
+diff --git a/doc/tar.texi b/doc/tar.texi
+index cd57fde5..59720f13 100644
+--- a/doc/tar.texi
+++ b/doc/tar.texi
+@@ -3221,10 +3221,14 @@ directory.
+ @opsummary{one-top-level}
+ @item --one-top-level[=@var{dir}]
+ Tells @command{tar} to create a new directory beneath the extraction directory
+-(or the one passed to @option{-C}) and use it to guard against
+-tarbombs.  In the absence of @var{dir} argument, the name of the new directory
+-will be equal to the base name of the archive (file name minus the
+-archive suffix, if recognized).  Any member names that do not begin
+(or the one passed to @option{-C}) and use it to prevent @command{tar}
+from modifying files outside that directory.
+If @var{dir} is present, it must be a relative file name.
+If it is absent, the name of the new directory
+is the base name of the archive minus any recognized archive suffix.
+If multiple @option{-C} options are present,
+each has its own subdirectory with the same name.
+Any member names that do not begin
+ with that directory name (after
+ transformations from @option{--transform} and
+ @option{--strip-components}) will be prefixed with it.  Recognized
+diff --git a/src/tar.c b/src/tar.c
+index 26cf745c..a814e319 100644
+--- a/src/tar.c
+++ b/src/tar.c
+@@ -2578,7 +2578,7 @@ decode_options (int argc, char **argv)
+ 	    one_top_level_option = false;
+ 	}
+ 
+-      if (one_top_level_option && !one_top_level_dir)
+      if (!one_top_level_dir && one_top_level_option)
+ 	{
+ 	  /* If the user wants to guarantee that everything is under one
+ 	     directory, determine its name now and let it be created later.  */
+@@ -2591,6 +2591,10 @@ decode_options (int argc, char **argv)
+ 			  _("Cannot deduce top-level directory name; "
+ 			    "please set it explicitly with --one-top-level=DIR")));
+ 	}
+
+      if (one_top_level_dir && !IS_RELATIVE_FILE_NAME (one_top_level_dir))
+	USAGE_ERROR ((0, 0,
+		     _("--one-top-level=DIR must use a relative file name")));
+     }
+ 
+   /* If ready to unlink hierarchies, so we are for simpler files.  */
--- a/SPECS/tar.spec
+++ b/SPECS/tar.spec
@ -5,7 +5,7 @@ Summary: GNU file archiving program
 Name: tar
 Epoch: 2
 Version: 1.34
-Release: 7%{?dist}
+Release: 11%{?dist}
 License: GPLv3+
 URL: https://www.gnu.org/software/tar/

@ -23,6 +23,35 @@ Patch11: tar-1.30-padding-zeros.patch
 Patch12: tar-1.30-disk-read-error.patch
 Patch13: tar-1.34-CVE-2022-48303.patch
 Patch14: tar-1.34-Warn-file-changed-as-we-read-it-less-often.patch
+# Source: https://cgit.git.savannah.gnu.org/cgit/tar.git/diff/?id=4e742fc8674064a9fa00d4483d06aca48d5b0463
+Patch22: tar-1.34-no-overwrite-dir-no-overwrite-even-temporarily.patch
+#tar commits from upstream
+# 56fb4a96ca43c247261b8c04dd65592f990f98ac
+# 7c241126f14975c7f5df4268b434f276fc7f8842
+# bdd773d028cd21f9b76b8cc306c57e0db3607e82
+# cdb586803b762d9021db2ae8bf5dad3f9b8e4f77
+# 915a8077af12a3eaf7800dbb1a4259783d9933ca
+# 8fca2d35e88d10f0ddcb36720e88f40ac57f67f0
+# e1445cfdf0dfd2f792532afc1eb18b01523dbfb4
+# 75b03fdff48916bd0654677ed21379bdb0db016d
+# 8767b1c84a910cce562059abad5bbf14e72434a0
+#Gnulib commits from upstream to bring openat2 support
+# 0b97ffdf32bdab909d02449043447237273df75e
+# c706216fec5a509bf9b1214892de01aa9303ade0
+# c6502cda83752ff2235d2064c213e7a9e2214201
+# 5746cd1cdbb2caf0e321ea79041885fc7ef22423
+# 3d23c8df2582a6b0e44e048d431ecb00a14667ec
+# a209366ed34eca8ede481ec1b1c4e22f614c448d
+# 8e85114bf1d51d9ea54a89f058c3a2cfa0c19c5e
+# 6bff6c3741209e933e721e81e1b5c5abdbd4389a
+# 24d2acd301cea7cde1928c84f926a54707e945d5
+# 4e1fa851f4f43f749d18b83500757f5bcf1f47bd
+# 20074698382b7e4f049f52bbdeaf6a39508a8601
+# d1aeb7388926e045bdec0f7934c5522c4745f02c
+# 45b6e6898d1f931bfca41d961289bd6ac33238e5
+# e54b645fc6b8422562327443bda575c65d931fbd
+Patch23: tar-1.34-CVE-2025-45582.patch
+Patch24: tar-1.34-tar-one-top-level-DIR-must-be-relative.patch

 BuildRequires: make
 BuildRequires:  gcc
@ -117,6 +146,24 @@ make check || (


 %changelog
+* Mon Feb 23 2026 Pavel Cahyna <pcahyna@redhat.com> - 2:1.34-11
+- Add upstream patch to improve error message for --one-top-level
+  with absolute path (unsupported as a result of CVE-2025-45582 fix)
+
+* Mon Jan 12 2026 Pavel Cahyna <pcahyna@redhat.com> - 2:1.34-10
+- Backport fix for regression in the --no-overwrite-dir option
+  Upstream commit 4e742fc8674064a9fa00d4483d06aca48d5b0463, discussed
+  in https://www.mail-archive.com/bug-tar@gnu.org/msg06445.html
+
+* Fri Dec 19 2025 Pavel Cahyna <pcahyna@redhat.com> - 2:1.34-9
+- Fix the last patch to solve a regression with -x and --xattrs: RHEL-136277
+  also, fix another tiny mistake in the patch (w/o visible consequences)
+
+* Fri Dec 12 2025 Pavel Cahyna <pcahyna@redhat.com> - 2:1.34-8
+- Backport upstream changes to jailify extraction directory
+  Includes related gnulib changes to add openat2
+  Fixes CVE-2025-45582
+
 * Thu Aug 15 2024 Lukas Nykryn <lnykryn@redhat.com> - 2:1.34-7
 - Warn “file changed as we read it” less often