rpms / cyrus-sasl

Clone
Source Code
GIT

#1 import cyrus-sasl-2.1.27-6.el8_5
Closed 2 years ago by carlwgeorge. Opened 2 years ago by sbonazzo.
rpms/ sbonazzo/cyrus-sasl c8s  into  c8s

file added
+82 
@@ -0,0 +1,82 @@ 
 

+ From 37f2e0f0658d78a1496dc277f402f8b577ce6aae Mon Sep 17 00:00:00 2001
 

+ From: Klaus Espenlaub <klaus@espenlaub.com>
 

+ Date: Tue, 8 Feb 2022 20:34:40 +0000
 

+ Subject: [PATCH] CVE-2022-24407 Escape password for SQL insert/update
 

+  commands.
 

+ 

+ Signed-off-by: Klaus Espenlaub <klaus@espenlaub.com>
 

+ ---
 

+  plugins/sql.c | 26 +++++++++++++++++++++++---
 

+  1 file changed, 23 insertions(+), 3 deletions(-)
 

+ 

+ diff --git a/plugins/sql.c b/plugins/sql.c
 

+ index 31b54a78..6ac81c2f 100644
 

+ --- a/plugins/sql.c
 

+ +++ b/plugins/sql.c
 

+ @@ -1151,6 +1151,7 @@ static int sql_auxprop_store(void *glob_context,
 

+      char *statement = NULL;
 

+      char *escap_userid = NULL;
 

+      char *escap_realm = NULL;
 

+ +    char *escap_passwd = NULL;
 

+      const char *cmd;
 

+      

+      sql_settings_t *settings;
 

+ @@ -1222,6 +1223,11 @@ static int sql_auxprop_store(void *glob_context,
 

+  			    "Unable to begin transaction\n");
 

+      }
 

+      for (cur = to_store; ret == SASL_OK && cur->name; cur++) {
 

+ +	/* Free the buffer, current content is from previous loop. */
 

+ +	if (escap_passwd) {
 

+ +	    sparams->utils->free(escap_passwd);
 

+ +	    escap_passwd = NULL;
 

+ +	}
 

+  

+  	if (cur->name[0] == '*') {
 

+  	    continue;
 

+ @@ -1243,19 +1249,32 @@ static int sql_auxprop_store(void *glob_context,
 

+  	}
 

+  	sparams->utils->free(statement);
 

+  

+ +	if (cur->values[0]) {
 

+ +	    escap_passwd = (char *)sparams->utils->malloc(strlen(cur->values[0])*2+1);
 

+ +	    if (!escap_passwd) {
 

+ +		ret = SASL_NOMEM;
 

+ +		break;
 

+ +	    }
 

+ +	    settings->sql_engine->sql_escape_str(escap_passwd, cur->values[0]);
 

+ +	}
 

+ +
 

+  	/* create a statement that we will use */
 

+  	statement = sql_create_statement(cmd, cur->name, escap_userid,
 

+  					 escap_realm,
 

+ -					 cur->values && cur->values[0] ?
 

+ -					 cur->values[0] : SQL_NULL_VALUE,
 

+ +					 escap_passwd ?
 

+ +					 escap_passwd : SQL_NULL_VALUE,
 

+  					 sparams->utils);
 

+ +	if (!statement) {
 

+ +	    ret = SASL_NOMEM;
 

+ +	    break;
 

+ +	}
 

+  	

+  	{
 

+  	    char *log_statement =
 

+  		sql_create_statement(cmd, cur->name,
 

+  				     escap_userid,
 

+  				     escap_realm,
 

+ -				     cur->values && cur->values[0] ?
 

+ +				     escap_passwd ?
 

+  				     "<omitted>" : SQL_NULL_VALUE,
 

+  				     sparams->utils);
 

+  	    sparams->utils->log(sparams->utils->conn, SASL_LOG_DEBUG,
 

+ @@ -1288,6 +1307,7 @@ static int sql_auxprop_store(void *glob_context,
 

+    done:
 

+      if (escap_userid) sparams->utils->free(escap_userid);
 

+      if (escap_realm) sparams->utils->free(escap_realm);
 

+ +    if (escap_passwd) sparams->utils->free(escap_passwd);
 

+      if (conn) settings->sql_engine->sql_close(conn);
 

+      if (userid) sparams->utils->free(userid);
 

+      if (realm) sparams->utils->free(realm);
 

+ -- 

+ 2.25.1
 

+

file modified
+8 -1 
@@ -8,7 +8,7 @@ 
 

  Summary: The Cyrus SASL library
 

  Name: cyrus-sasl
 

  Version: 2.1.27
 

- Release: 5%{?dist}
 

+ Release: 6%{?dist}
 

  License: BSD with advertising
 

  Group: System Environment/Libraries
 

  # Source0 originally comes from https://www.cyrusimap.org/releases/;
 
@@ -36,6 +36,8 @@ 
 

  Patch833: cyrus-sasl-2.1.27-Add-support-for-setting-max-ssf-0-to-GSS-SPNEGO.patch
 

  Patch834: cyrus-sasl-2.1.27-Emit-debug-log-only-in-case-of-errors.patch
 

  

+ Patch900: 0001-CVE-2022-24407-Escape-password-for-SQL-insert-update.patch
 

+ 

  Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 

  BuildRequires: autoconf, automake, libtool, gdbm-devel, groff
 

  BuildRequires: krb5-devel >= 1.2.2, openssl-devel, pam-devel, pkgconfig
 
@@ -173,6 +175,7 @@ 
 

  %patch832 -p1 -b .gssapi_cbs
 

  %patch833 -p1 -b .maxssf0
 

  %patch834 -p1 -b .nolog
 

+ %patch900 -p1 -b .CVE-2022-24407
 

  

  %build
 

  # reconfigure
 
@@ -406,6 +409,10 @@ 
 

  %{_sbindir}/sasl2-shared-mechlist
 

  

  %changelog
 

+ * Thu Feb 17 2022 Simo Sorce <simo@redhat.com> - 2.1.27-6
 

+ - Fix for CVE-2022-24407
 

+ - Resolves: rhbz#2055846
 

+ 

  * Tue May  5 2020 Simo Sorce <simo@redhat.com> - 2.1.27-5
 

  - Reduce excessive GSSAPI plugin logging
 

  - Resolves: rhbz#1274734

Align with c8

Thanks but it's unnecessary, we can build from the c8 branch and tag it for the c8s compose.

Pull-Request has been closed by carlwgeorge
2 years ago
Metadata
None
No Tags
Changes Summary 2
+82
file added
SOURCES/0001-CVE-2022-24407-Escape-password-for-SQL-insert-update.patch
+8 -1
file changed
SPECS/cyrus-sasl.spec

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation