RHEL-8.10.0: lscpu, blkid, logger, lslogins (2.32.1-46)

Resolves: RHEL-16070 RHEL-18451 RHEL-6274

0100-logger-initialize-socket-credentials-control-union.patch

@@ -0,0 +1,29 @@
+From ca39305530067a55fb151167ba2a085a167c780e Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Mon, 26 Jun 2023 11:56:23 +0200
+Subject: logger: initialize socket credentials control union
+
+Addresses: https://issues.redhat.com/browse/RHEL-18451
+Upstream: http://github.com/util-linux/util-linux/commit/3a4d70419c97f64f60c0eda4720e64d17b3b071
+Addresses: https://github.com/util-linux/util-linux/issues/2336
+Signed-off-by: Karel Zak <kzak@redhat.com>
+---
+ misc-utils/logger.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/misc-utils/logger.c b/misc-utils/logger.c
+index c20ef05f1..3f7b05a44 100644
+--- a/misc-utils/logger.c
++++ b/misc-utils/logger.c
+@@ -457,7 +457,7 @@ static void write_output(struct logger_ctl *ctl, const char *const msg)
+ 		union {
+ 			struct cmsghdr cmh;
+ 			char   control[CMSG_SPACE(sizeof(struct ucred))];
+-		} cbuf;
++		} cbuf = { .control = { 0 } };
+ #endif
+ 
+ 		/* 4) add extra \n to make sure message is terminated */
+-- 
+2.43.0
+

0101-libblkid-hfs-fix-label-use-fuzzing.patch

@@ -0,0 +1,32 @@
+From f16b5e8bb95471a27b52e46f2357168dabba67d5 Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Thu, 2 Jun 2022 16:02:54 +0200
+Subject: libblkid: (hfs) fix label use [fuzzing]
+
+Addresses: https://issues.redhat.com/browse/RHEL-16070
+Upstream: http://github.com/util-linux/util-linux/commit/74e48269ee9a15e230e25d0e3d2e50f5b0ba2b04
+Reported-by: Thibault Guittet <tguittet@redhat.com>
+Signed-off-by: Karel Zak <kzak@redhat.com>
+---
+ libblkid/src/superblocks/hfs.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/libblkid/src/superblocks/hfs.c b/libblkid/src/superblocks/hfs.c
+index 185c42c92..4552c1e6a 100644
+--- a/libblkid/src/superblocks/hfs.c
++++ b/libblkid/src/superblocks/hfs.c
+@@ -173,7 +173,10 @@ static int probe_hfs(blkid_probe pr, const struct blkid_idmag *mag)
+ 
+ 	hfs_set_uuid(pr, hfs->finder_info.id, sizeof(hfs->finder_info.id));
+ 
+-	blkid_probe_set_label(pr, hfs->label, hfs->label_len);
++	size = hfs->label_len;
++	if ((size_t) size > sizeof(hfs->label))
++		size = sizeof(hfs->label);
++	blkid_probe_set_label(pr, hfs->label, size);
+ 	return 0;
+ }
+ 
+-- 
+2.43.0
+

0102-libblkid-bsd-fix-buffer-pointer-use-fuzzing.patch

@@ -0,0 +1,29 @@
+From ba63ed8d306b5d1fa5ced1b13fa59d575e345ebf Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Thu, 2 Jun 2022 16:02:54 +0200
+Subject: libblkid: (bsd) fix buffer pointer use [fuzzing]
+
+Addresses: https://issues.redhat.com/browse/RHEL-16070
+Upstream: http://github.com/util-linux/util-linux/commit/0a0630133055c3b3daa3072a3fd9944a1a149401
+Reported-by: Thibault Guittet <tguittet@redhat.com>
+Signed-off-by: Karel Zak <kzak@redhat.com>
+---
+ libblkid/src/partitions/bsd.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libblkid/src/partitions/bsd.c b/libblkid/src/partitions/bsd.c
+index c74517334..7a0b23195 100644
+--- a/libblkid/src/partitions/bsd.c
++++ b/libblkid/src/partitions/bsd.c
+@@ -50,7 +50,7 @@ static int probe_bsd_pt(blkid_probe pr, const struct blkid_idmag *mag)
+ 		goto nothing;
+ 	}
+ 
+-	l = (struct bsd_disklabel *) data + BLKID_MAG_LASTOFFSET(mag);
++	l = (struct bsd_disklabel *) (data + BLKID_MAG_LASTOFFSET(mag));
+ 
+ 	ls = blkid_probe_get_partlist(pr);
+ 	if (!ls)
+-- 
+2.43.0
+

0103-libblkid-probe-fix-size-and-offset-overflows-fuzzing.patch

@@ -0,0 +1,56 @@
+From fb4a413e67e0d4f24ad23ece37f206d198601741 Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Thu, 2 Jun 2022 16:02:54 +0200
+Subject: libblkid: (probe) fix size and offset overflows [fuzzing]
+
+Addresses: https://issues.redhat.com/browse/RHEL-16070
+Upstream: http://github.com/util-linux/util-linux/commit/106de261469e1001243d5b81ed895762fb34b2ba
+Reported-by: Thibault Guittet <tguittet@redhat.com>
+Signed-off-by: Karel Zak <kzak@redhat.com>
+---
+ libblkid/src/probe.c | 17 ++++++++++++++---
+ 1 file changed, 14 insertions(+), 3 deletions(-)
+
+diff --git a/libblkid/src/probe.c b/libblkid/src/probe.c
+index 49a62c47f..d36dce4c9 100644
+--- a/libblkid/src/probe.c
++++ b/libblkid/src/probe.c
+@@ -613,6 +613,11 @@ static int hide_buffer(blkid_probe pr, uint64_t off, uint64_t len)
+ 	struct list_head *p;
+ 	int ct = 0;
+ 
++	if (UINT64_MAX - len < off) {
++		DBG(BUFFER, ul_debug("\t  hide-buffer overflow (ignore)"));
++		return -EINVAL;
++	}
++
+ 	list_for_each(p, &pr->buffers) {
+ 		struct blkid_bufinfo *x =
+ 			list_entry(p, struct blkid_bufinfo, bufs);
+@@ -648,14 +653,20 @@ unsigned char *blkid_probe_get_buffer(blkid_probe pr, uint64_t off, uint64_t len
+ 	DBG(BUFFER, ul_debug("\t>>>> off=%ju, real-off=%ju (probe <%ju..%ju>, len=%ju",
+ 				off, real_off, pr->off, pr->off + pr->size, len));
+ 	*/
+-
+ 	if (pr->size == 0) {
+ 		errno = EINVAL;
+ 		return NULL;
+ 	}
+ 
+-	if (len == 0 || (!S_ISCHR(pr->mode) && pr->off + pr->size < real_off + len)) {
+-		DBG(BUFFER, ul_debug("\t  ignore: request out of probing area"));
++	if (UINT64_MAX - len < off || UINT64_MAX - len < real_off) {
++		DBG(BUFFER, ul_debug("\t  read-buffer overflow (ignore)"));
++		return NULL;
++	}
++
++	if (len == 0
++	    || (!S_ISCHR(pr->mode) && (pr->size < off || pr->size < len))
++	    || (!S_ISCHR(pr->mode) && (pr->off + pr->size < real_off + len))) {
++		DBG(BUFFER, ul_debug("\t  read-buffer out of probing area (ignore)"));
+ 		errno = 0;
+ 		return NULL;
+ 	}
+-- 
+2.43.0
+

0104-timeutils-match-today-day-and-this-year-correctly.patch

@@ -0,0 +1,89 @@
+From db254673510a49c1ad2ac154f72687bc5ff3ece3 Mon Sep 17 00:00:00 2001
+From: Sami Kerola <kerolasa@iki.fi>
+Date: Sat, 5 Jan 2019 21:32:23 +0000
+Subject: timeutils: match today day and this year correctly
+
+Assumption all years since 1970 have been exactly 365 days long has it's
+problems when leap years happen.  Lets use struct tm fields that are
+provided by localtime_r(), making year and day to be correctly compared even
+when it's late new years eve somewhere else than UTC-0.
+
+Addresses: https://issues.redhat.com/browse/RHEL-6274
+Upstream: http://github.com/util-linux/util-linux/commit/d393c00c6cd57ef7f122f4e1730b3c410b6084cb
+Signed-off-by: Sami Kerola <kerolasa@iki.fi>
+---
+ include/timeutils.h |  3 ---
+ lib/timeutils.c     | 27 +++++++++++++++------------
+ 2 files changed, 15 insertions(+), 15 deletions(-)
+
+diff --git a/include/timeutils.h b/include/timeutils.h
+index f1540a183..eec840085 100644
+--- a/include/timeutils.h
++++ b/include/timeutils.h
+@@ -83,9 +83,6 @@ int strtime_iso(const time_t *t, int flags, char *buf, size_t bufsz);
+ 
+ #define UL_SHORTTIME_THISYEAR_HHMM (1 << 1)
+ 
+-int time_is_today(const time_t *t, struct timeval *now);
+-int time_is_thisyear(const time_t *t, struct timeval *now);
+-
+ int strtime_short(const time_t *t, struct timeval *now, int flags, char *buf, size_t bufsz);
+ 
+ #ifndef HAVE_TIMEGM
+diff --git a/lib/timeutils.c b/lib/timeutils.c
+index 9c286aebc..d403ced90 100644
+--- a/lib/timeutils.c
++++ b/lib/timeutils.c
+@@ -503,34 +503,37 @@ int strtime_iso(const time_t *t, int flags, char *buf, size_t bufsz)
+ }
+ 
+ /* relative time functions */
+-int time_is_today(const time_t *t, struct timeval *now)
++static inline int time_is_thisyear(struct tm const *const tm,
++				   struct tm const *const tmnow)
+ {
+-	if (now->tv_sec == 0)
+-		gettimeofday(now, NULL);
+-	return *t / (3600 * 24) == now->tv_sec / (3600 * 24);
++	return tm->tm_year == tmnow->tm_year;
+ }
+ 
+-int time_is_thisyear(const time_t *t, struct timeval *now)
++static inline int time_is_today(struct tm const *const tm,
++				struct tm const *const tmnow)
+ {
+-	if (now->tv_sec == 0)
+-		gettimeofday(now, NULL);
+-	return *t / (3600 * 24 * 365) == now->tv_sec / (3600 * 24 * 365);
++	return (tm->tm_yday == tmnow->tm_yday &&
++		time_is_thisyear(tm, tmnow));
+ }
+ 
+ int strtime_short(const time_t *t, struct timeval *now, int flags, char *buf, size_t bufsz)
+ {
+-        struct tm tm;
++	struct tm tm, tmnow;
+ 	int rc = 0;
+ 
+-        localtime_r(t, &tm);
++	if (now->tv_sec == 0)
++		gettimeofday(now, NULL);
++
++	localtime_r(t, &tm);
++	localtime_r(&now->tv_sec, &tmnow);
+ 
+-	if (time_is_today(t, now)) {
++	if (time_is_today(&tm, &tmnow)) {
+ 		rc = snprintf(buf, bufsz, "%02d:%02d", tm.tm_hour, tm.tm_min);
+ 		if (rc < 0 || (size_t) rc > bufsz)
+ 			return -1;
+ 		rc = 1;
+ 
+-	} else if (time_is_thisyear(t, now)) {
++	} else if (time_is_thisyear(&tm, &tmnow)) {
+ 		if (flags & UL_SHORTTIME_THISYEAR_HHMM)
+ 			rc = strftime(buf, bufsz, "%b%d/%H:%M", &tm);
+ 		else
+-- 
+2.43.0
+

util-linux.spec

@@ -2,7 +2,7 @@
 Summary: A collection of basic system utilities
 Name: util-linux
 Version: 2.32.1
-Release: 45%{?dist}
+Release: 46%{?dist}
 License: GPLv2 and GPLv2+ and LGPLv2+ and BSD with advertising and Public Domain
 Group: System Environment/Base
 URL: http://en.wikipedia.org/wiki/Util-linux
@@ -296,6 +296,15 @@ Patch98: 0098-wall-do-not-error-for-ttys-that-do-not-exist.patch
 ###
 # RHEL-13741 - lscpu: avoid EBUSY on cpuinfo_max_freq
 Patch99: 0099-lscpu-avoid-EBUSY-on-cpuinfo_max_freq.patch
+# RHEL-18451 - logger: initialize socket credentials control union
+Patch100: 0100-logger-initialize-socket-credentials-control-union.patch
+# RHEL-16070 - util-linux: issues in libblkid
+Patch101: 0101-libblkid-hfs-fix-label-use-fuzzing.patch
+Patch102: 0102-libblkid-bsd-fix-buffer-pointer-use-fuzzing.patch
+Patch103: 0103-libblkid-probe-fix-size-and-offset-overflows-fuzzing.patch
+# RHEL-6274 - lslogins incorrect account expiration field
+Patch104: 0104-timeutils-match-today-day-and-this-year-correctly.patch
+
 
 
 %description
@@ -1145,6 +1154,12 @@ fi
 %{_libdir}/python*/site-packages/libmount/
 
 %changelog
+* Thu Feb 08 2024 Karel Zak <kzak@redhat.com> 2.32.1-46
+- fix RHEL-13741 - lscpu: avoid EBUSY on cpuinfo_max_freq
+- fix RHEL-18451 - logger: initialize socket credentials control union
+- fix RHEL-16070 - util-linux: issues in libblkid
+- fix RHEL-6274 - lslogins incorrect account expiration field
+
 * Tue Jan 30 2024 Karel Zak <kzak@redhat.com> 2.32.1-45
 - increment release number