rpms/xar/devel xar-1.5.2-CVE-2010-0055.patch, NONE, 1.1 xar.spec, 1.12, 1.13
Matthias Saou
thias at fedoraproject.org
Wed Apr 28 12:28:59 UTC 2010
Author: thias
Update of /cvs/extras/rpms/xar/devel
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv32506/devel
Modified Files:
xar.spec
Added Files:
xar-1.5.2-CVE-2010-0055.patch
Log Message:
Update EPEL branches to 1.5.2 and include fix for CVE-2010-0055 to all branches.
xar-1.5.2-CVE-2010-0055.patch:
archive.c | 38 ++++++++++++++++++++++++++++++++++++++
1 file changed, 38 insertions(+)
--- NEW FILE xar-1.5.2-CVE-2010-0055.patch ---
Index: xar/lib/archive.c
===================================================================
--- xar/lib/archive.c (revision 224)
+++ xar/lib/archive.c (revision 225)
@@ -330,6 +330,44 @@
EVP_DigestFinal(&XAR(ret)->toc_ctx, toccksum, &tlen);
+ const char *value;
+ uint64_t offset = 0;
+ uint64_t length = tlen;
+ if( xar_prop_get( XAR_FILE(ret) , "checksum/offset", &value) == 0 ) {
+ errno = 0;
+ offset = strtoull( value, (char **)NULL, 10);
+ if( errno != 0 ) {
+ xar_close(ret);
+ return NULL;
+ }
+ } else if( xar_signature_first(ret) != NULL ) {
+ // All archives that have a signature also specify the location
+ // of the checksum. If the location isn't specified, error out.
+ xar_close(ret);
+ return NULL;
+ }
+
+ XAR(ret)->heap_offset = xar_get_heap_offset(ret) + offset;
+ if( lseek(XAR(ret)->fd, XAR(ret)->heap_offset, SEEK_SET) == -1 ) {
+ xar_close(ret);
+ return NULL;
+ }
+ if( xar_prop_get( XAR_FILE(ret) , "checksum/size", &value) == 0 ) {
+ errno = 0;
+ length = strtoull( value, (char **)NULL, 10);
+ if( errno != 0 ) {
+ xar_close(ret);
+ return NULL;
+ }
+ } else if( xar_signature_first(ret) != NULL ) {
+ xar_close(ret);
+ return NULL;
+ }
+ if( length != tlen ) {
+ xar_close(ret);
+ return NULL;
+ }
+
xar_read_fd(XAR(ret)->fd, cval, tlen);
XAR(ret)->heap_offset += tlen;
if( memcmp(cval, toccksum, tlen) != 0 ) {
Index: xar.spec
===================================================================
RCS file: /cvs/extras/rpms/xar/devel/xar.spec,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -p -r1.12 -r1.13
--- xar.spec 21 Aug 2009 16:29:41 -0000 1.12
+++ xar.spec 28 Apr 2010 12:28:58 -0000 1.13
@@ -1,12 +1,13 @@
Summary: The eXtensible ARchiver
Name: xar
Version: 1.5.2
-Release: 5%{?dist}
+Release: 6%{?dist}
License: BSD
Group: Applications/Archiving
URL: http://code.google.com/p/xar/
Source: http://xar.googlecode.com/files/xar-%{version}.tar.gz
Patch0: xar-1.5-norpath.patch
+Patch1: xar-1.5.2-CVE-2010-0055.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
BuildRequires: libxml2-devel
BuildRequires: openssl-devel
@@ -37,6 +38,7 @@ Development files for the eXtensible ARc
%prep
%setup -q
%patch0 -p1 -b .norpath
+%patch1 -p1 -b .CVE-2010-0055
%build
@@ -73,6 +75,9 @@ Development files for the eXtensible ARc
%changelog
+* Wed Apr 28 2010 Matthias Saou <http://freshrpms.net/> 1.5.2-6
+- Include patch to fix CVE-2010-0055 (#570678).
+
* Fri Aug 21 2009 Tomas Mraz <tmraz at redhat.com> - 1.5.2-5
- rebuilt with new openssl
More information about the scm-commits
mailing list