Revert OL modifications
This commit is contained in:
parent
13163e123a
commit
d245582aad
@ -1,36 +0,0 @@
|
||||
From d5728cb5795c966c5b5b1e0f0ac576a7e69af539 Mon Sep 17 00:00:00 2001
|
||||
From: Mincho Paskalev <minchopaskal@gmail.com>
|
||||
Date: Mon, 23 Jun 2025 11:41:37 +0300
|
||||
Subject: [PATCH] Lua script may lead to remote code execution (CVE-2025-49844)
|
||||
|
||||
Orabug: 38515582
|
||||
|
||||
Signed-off-by: Laurence Rochfort <laurence.rochfort@oracle.com>
|
||||
Reviewed-by: Alex Burmashev <alexander.burmashev@oracle.com>
|
||||
---
|
||||
deps/lua/src/lparser.c | 6 +++++-
|
||||
1 file changed, 5 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/deps/lua/src/lparser.c b/deps/lua/src/lparser.c
|
||||
index dda7488dcad..ee7d90c90d7 100644
|
||||
--- a/deps/lua/src/lparser.c
|
||||
+++ b/deps/lua/src/lparser.c
|
||||
@@ -384,13 +384,17 @@ Proto *luaY_parser (lua_State *L, ZIO *z, Mbuffer *buff, const char *name) {
|
||||
struct LexState lexstate;
|
||||
struct FuncState funcstate;
|
||||
lexstate.buff = buff;
|
||||
- luaX_setinput(L, &lexstate, z, luaS_new(L, name));
|
||||
+ TString *tname = luaS_new(L, name);
|
||||
+ setsvalue2s(L, L->top, tname);
|
||||
+ incr_top(L);
|
||||
+ luaX_setinput(L, &lexstate, z, tname);
|
||||
open_func(&lexstate, &funcstate);
|
||||
funcstate.f->is_vararg = VARARG_ISVARARG; /* main func. is always vararg */
|
||||
luaX_next(&lexstate); /* read first token */
|
||||
chunk(&lexstate);
|
||||
check(&lexstate, TK_EOS);
|
||||
close_func(&lexstate);
|
||||
+ --L->top;
|
||||
lua_assert(funcstate.prev == NULL);
|
||||
lua_assert(funcstate.f->nups == 0);
|
||||
lua_assert(lexstate.fs == NULL);
|
||||
@ -3,7 +3,7 @@
|
||||
|
||||
Name: valkey
|
||||
Version: 8.0.6
|
||||
Release: 1.0.1%{?dist}
|
||||
Release: 1%{?dist}
|
||||
Summary: A persistent key-value database
|
||||
# valkey: BSD-3-Clause
|
||||
# hiredis: BSD-3-Clause
|
||||
@ -21,7 +21,6 @@ Source8: macros.%{name}
|
||||
Source9: migrate_redis_to_valkey.sh
|
||||
|
||||
Patch1: valkey-cve-2025-27151.patch
|
||||
Patch1000: 1000-CVE-2025-49844.patch
|
||||
|
||||
BuildRequires: make
|
||||
BuildRequires: gcc
|
||||
@ -264,9 +263,6 @@ taskset -c 1 ./runtest --clients 50 --skiptest "Active defrag - AOF loading"
|
||||
|
||||
|
||||
%changelog
|
||||
* Wed Nov 05 2025 EL Errata <el-errata_ww@oracle.com> - 8.0.6-1.0.1
|
||||
- Fix for CVE-2025-49844 [Orabug: 38515582]
|
||||
|
||||
* Tue Oct 7 2025 Remi Collet <remi@fedoraproject.org> - 8.0.6-1
|
||||
- rebase to 8.0.6 for CVE-2025-49844 CVE-2025-46817 CVE-2025-46818 CVE-2025-46819
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user