From 5c22bb7affdee01e3e8cc414850bb712c61a0e0e Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Aug 06 2019 08:29:05 +0000 Subject: import patch-2.7.1-11.el7 --- diff --git a/SOURCES/patch-2.7.1-CVE-2016-10713.patch b/SOURCES/patch-2.7.1-CVE-2016-10713.patch new file mode 100644 index 0000000..17f8ebc --- /dev/null +++ b/SOURCES/patch-2.7.1-CVE-2016-10713.patch @@ -0,0 +1,12 @@ +diff -up patch-2.7.1/src/pch.c.me patch-2.7.1/src/pch.c +--- patch-2.7.1/src/pch.c.me 2018-11-22 14:09:28.099973290 +0100 ++++ patch-2.7.1/src/pch.c 2018-11-22 14:17:57.741797271 +0100 +@@ -2278,7 +2278,7 @@ pfetch (lin line) + bool + pch_write_line (lin line, FILE *file) + { +- bool after_newline = p_line[line][p_len[line] - 1] == '\n'; ++ bool after_newline = (p_len[line] > 0) && (p_line[line][p_len[line] - 1] == '\n'); + if (! fwrite (p_line[line], sizeof (*p_line[line]), p_len[line], file)) + write_fatal (); + return after_newline; diff --git a/SOURCES/patch-2.7.1-CVE-2018-6952.patch b/SOURCES/patch-2.7.1-CVE-2018-6952.patch new file mode 100644 index 0000000..70fd8e3 --- /dev/null +++ b/SOURCES/patch-2.7.1-CVE-2018-6952.patch @@ -0,0 +1,12 @@ +diff -up patch-2.7.1/src/pch.c.me patch-2.7.1/src/pch.c +--- patch-2.7.1/src/pch.c.me 2018-11-22 14:09:28.099973290 +0100 ++++ patch-2.7.1/src/pch.c 2018-11-22 16:41:02.966632693 +0100 +@@ -2113,7 +2113,7 @@ pch_swap (void) + } + if (p_efake >= 0) { /* fix non-freeable ptr range */ + if (p_efake <= i) +- n = p_end - i + 1; ++ n = p_end - p_ptrn_lines; + else + n = -i; + p_efake += n; diff --git a/SOURCES/patch-2.7.1-newmode.patch b/SOURCES/patch-2.7.1-newmode.patch new file mode 100644 index 0000000..4c7a1cc --- /dev/null +++ b/SOURCES/patch-2.7.1-newmode.patch @@ -0,0 +1,16 @@ +diff -up patch-2.7.1/src/patch.c.newmode patch-2.7.1/src/patch.c +--- patch-2.7.1/src/patch.c.newmode 2018-11-26 15:23:49.990764455 +0100 ++++ patch-2.7.1/src/patch.c 2018-11-26 15:27:55.307567239 +0100 +@@ -560,8 +560,11 @@ main (int argc, char **argv) + } + + if (inerrno) +- set_file_attributes (TMPOUTNAME, attr, NULL, NULL, ++ { ++ if (set_mode) attr |= FA_MODE; ++ set_file_attributes (TMPOUTNAME, attr, NULL, NULL, + mode, &new_time); ++ } + else + { + attr |= FA_IDS | FA_MODE | FA_XATTRS; diff --git a/SOURCES/patch-selinux.patch b/SOURCES/patch-selinux.patch index 0ed8bcd..aa6ed03 100644 --- a/SOURCES/patch-selinux.patch +++ b/SOURCES/patch-selinux.patch @@ -1,6 +1,6 @@ diff -up patch-2.7.1/src/common.h.selinux patch-2.7.1/src/common.h ---- patch-2.7.1/src/common.h.selinux 2012-09-28 15:00:04.000000000 +0100 -+++ patch-2.7.1/src/common.h 2012-10-18 17:53:43.735748614 +0100 +--- patch-2.7.1/src/common.h.selinux 2012-09-28 16:00:04.000000000 +0200 ++++ patch-2.7.1/src/common.h 2018-11-26 15:41:05.747151852 +0100 @@ -30,6 +30,8 @@ #include #include @@ -19,8 +19,8 @@ diff -up patch-2.7.1/src/common.h.selinux patch-2.7.1/src/common.h XTERN bool posixly_correct; diff -up patch-2.7.1/src/inp.c.selinux patch-2.7.1/src/inp.c ---- patch-2.7.1/src/inp.c.selinux 2012-09-19 02:07:31.000000000 +0100 -+++ patch-2.7.1/src/inp.c 2012-10-18 17:53:43.736748619 +0100 +--- patch-2.7.1/src/inp.c.selinux 2012-09-19 03:07:31.000000000 +0200 ++++ patch-2.7.1/src/inp.c 2018-11-26 15:41:05.747151852 +0100 @@ -138,7 +138,7 @@ get_input_file (char const *filename, ch char *getbuf; @@ -48,8 +48,8 @@ diff -up patch-2.7.1/src/inp.c.selinux patch-2.7.1/src/inp.c else if (! ((S_ISREG (file_type) || S_ISLNK (file_type)) && (file_type & S_IFMT) == (instat.st_mode & S_IFMT))) diff -up patch-2.7.1/src/Makefile.am.selinux patch-2.7.1/src/Makefile.am ---- patch-2.7.1/src/Makefile.am.selinux 2012-09-14 10:15:41.000000000 +0100 -+++ patch-2.7.1/src/Makefile.am 2012-10-18 17:53:43.736748619 +0100 +--- patch-2.7.1/src/Makefile.am.selinux 2012-09-14 11:15:41.000000000 +0200 ++++ patch-2.7.1/src/Makefile.am 2018-11-26 15:41:05.747151852 +0100 @@ -34,7 +34,7 @@ patch_SOURCES = \ AM_CPPFLAGS = -I$(top_builddir)/lib -I$(top_srcdir)/lib @@ -60,8 +60,8 @@ diff -up patch-2.7.1/src/Makefile.am.selinux patch-2.7.1/src/Makefile.am if ENABLE_MERGE patch_SOURCES += merge.c diff -up patch-2.7.1/src/Makefile.in.selinux patch-2.7.1/src/Makefile.in ---- patch-2.7.1/src/Makefile.in.selinux 2012-09-28 17:41:31.000000000 +0100 -+++ patch-2.7.1/src/Makefile.in 2012-10-18 17:53:43.736748619 +0100 +--- patch-2.7.1/src/Makefile.in.selinux 2012-09-28 18:41:31.000000000 +0200 ++++ patch-2.7.1/src/Makefile.in 2018-11-26 15:41:05.748151855 +0100 @@ -981,7 +981,7 @@ patch_SOURCES = bestmatch.h common.h inp AM_CPPFLAGS = -I$(top_builddir)/lib -I$(top_srcdir)/lib \ $(am__append_2) @@ -72,9 +72,9 @@ diff -up patch-2.7.1/src/Makefile.in.selinux patch-2.7.1/src/Makefile.in all: all-am diff -up patch-2.7.1/src/patch.c.selinux patch-2.7.1/src/patch.c ---- patch-2.7.1/src/patch.c.selinux 2012-09-28 11:43:12.000000000 +0100 -+++ patch-2.7.1/src/patch.c 2012-10-18 17:57:41.708586721 +0100 -@@ -256,19 +256,19 @@ main (int argc, char **argv) +--- patch-2.7.1/src/patch.c.selinux 2018-11-26 15:41:05.746151849 +0100 ++++ patch-2.7.1/src/patch.c 2018-11-26 15:42:11.784367497 +0100 +@@ -257,19 +257,19 @@ main (int argc, char **argv) if (! strcmp (inname, outname)) { if (inerrno == -1) @@ -97,8 +97,8 @@ diff -up patch-2.7.1/src/patch.c.selinux patch-2.7.1/src/patch.c inerrno = -1; } if (! outerrno) -@@ -563,7 +563,7 @@ main (int argc, char **argv) - mode, &new_time); +@@ -567,7 +567,7 @@ main (int argc, char **argv) + } else { - attr |= FA_IDS | FA_MODE | FA_XATTRS; @@ -106,7 +106,7 @@ diff -up patch-2.7.1/src/patch.c.selinux patch-2.7.1/src/patch.c set_file_attributes (TMPOUTNAME, attr, inname, &instat, mode, &new_time); } -@@ -623,7 +623,7 @@ main (int argc, char **argv) +@@ -627,7 +627,7 @@ main (int argc, char **argv) struct stat oldst; int olderrno; @@ -115,7 +115,7 @@ diff -up patch-2.7.1/src/patch.c.selinux patch-2.7.1/src/patch.c if (olderrno && olderrno != ENOENT) write_fatal (); if (! olderrno && lookup_file_id (&oldst) == CREATED) -@@ -1749,7 +1749,7 @@ delete_file_later (const char *name, con +@@ -1754,7 +1754,7 @@ delete_file_later (const char *name, con if (! st) { @@ -125,8 +125,8 @@ diff -up patch-2.7.1/src/patch.c.selinux patch-2.7.1/src/patch.c st = &st_tmp; } diff -up patch-2.7.1/src/pch.c.selinux patch-2.7.1/src/pch.c ---- patch-2.7.1/src/pch.c.selinux 2012-09-22 18:44:33.000000000 +0100 -+++ patch-2.7.1/src/pch.c 2012-10-18 18:04:28.619008832 +0100 +--- patch-2.7.1/src/pch.c.selinux 2018-11-26 15:41:05.744151842 +0100 ++++ patch-2.7.1/src/pch.c 2018-11-26 15:41:05.749151858 +0100 @@ -1,6 +1,6 @@ /* reading patches */ @@ -135,7 +135,7 @@ diff -up patch-2.7.1/src/pch.c.selinux patch-2.7.1/src/pch.c Copyright (C) 1990-1993, 1997-2003, 2006, 2009-2012 Free Software Foundation, Inc. -@@ -293,7 +293,7 @@ there_is_another_patch (bool need_header +@@ -294,7 +294,7 @@ there_is_another_patch (bool need_header { inname = savebuf (buf, t - buf); inname[t - buf - 1] = 0; @@ -144,7 +144,7 @@ diff -up patch-2.7.1/src/pch.c.selinux patch-2.7.1/src/pch.c if (inerrno) { perror (inname); -@@ -468,6 +468,7 @@ intuit_diff_type (bool need_header, mode +@@ -469,6 +469,7 @@ intuit_diff_type (bool need_header, mode bool extended_headers = false; enum nametype i; struct stat st[3]; @@ -152,7 +152,7 @@ diff -up patch-2.7.1/src/pch.c.selinux patch-2.7.1/src/pch.c int stat_errno[3]; int version_controlled[3]; enum diff retval; -@@ -507,6 +508,7 @@ intuit_diff_type (bool need_header, mode +@@ -508,6 +509,7 @@ intuit_diff_type (bool need_header, mode version_controlled[OLD] = -1; version_controlled[NEW] = -1; version_controlled[INDEX] = -1; @@ -160,7 +160,7 @@ diff -up patch-2.7.1/src/pch.c.selinux patch-2.7.1/src/pch.c p_rfc934_nesting = 0; p_timestamp[OLD].tv_sec = p_timestamp[NEW].tv_sec = -1; p_says_nonexistent[OLD] = p_says_nonexistent[NEW] = 0; -@@ -914,7 +916,7 @@ intuit_diff_type (bool need_header, mode +@@ -915,7 +917,7 @@ intuit_diff_type (bool need_header, mode } else { @@ -169,7 +169,7 @@ diff -up patch-2.7.1/src/pch.c.selinux patch-2.7.1/src/pch.c if (! stat_errno[i]) { if (lookup_file_id (&st[i]) == DELETE_LATER) -@@ -953,7 +955,7 @@ intuit_diff_type (bool need_header, mode +@@ -954,7 +956,7 @@ intuit_diff_type (bool need_header, mode if (cs) { if (version_get (p_name[i], cs, false, readonly, @@ -178,7 +178,7 @@ diff -up patch-2.7.1/src/pch.c.selinux patch-2.7.1/src/pch.c stat_errno[i] = 0; else version_controlled[i] = 0; -@@ -1006,7 +1008,7 @@ intuit_diff_type (bool need_header, mode +@@ -1007,7 +1009,7 @@ intuit_diff_type (bool need_header, mode { if (inname) { @@ -187,7 +187,7 @@ diff -up patch-2.7.1/src/pch.c.selinux patch-2.7.1/src/pch.c if (inerrno || (instat.st_mode & S_IFMT) == file_type) maybe_reverse (inname, inerrno, inerrno || instat.st_size == 0); } -@@ -1019,8 +1021,14 @@ intuit_diff_type (bool need_header, mode +@@ -1020,8 +1022,14 @@ intuit_diff_type (bool need_header, mode inerrno = stat_errno[i]; invc = version_controlled[i]; instat = st[i]; @@ -203,8 +203,8 @@ diff -up patch-2.7.1/src/pch.c.selinux patch-2.7.1/src/pch.c } diff -up patch-2.7.1/src/util.c.selinux patch-2.7.1/src/util.c ---- patch-2.7.1/src/util.c.selinux 2012-09-22 21:09:10.000000000 +0100 -+++ patch-2.7.1/src/util.c 2012-10-18 18:23:51.358951905 +0100 +--- patch-2.7.1/src/util.c.selinux 2012-09-22 22:09:10.000000000 +0200 ++++ patch-2.7.1/src/util.c 2018-11-26 15:41:05.749151858 +0100 @@ -294,6 +294,19 @@ set_file_attributes (char const *to, enu S_ISLNK (mode) ? "symbolic link" : "file", quotearg (to)); @@ -288,8 +288,8 @@ diff -up patch-2.7.1/src/util.c.selinux patch-2.7.1/src/util.c + return errno; } diff -up patch-2.7.1/src/util.h.selinux patch-2.7.1/src/util.h ---- patch-2.7.1/src/util.h.selinux 2012-09-21 21:21:16.000000000 +0100 -+++ patch-2.7.1/src/util.h 2012-10-18 18:02:38.923626167 +0100 +--- patch-2.7.1/src/util.h.selinux 2012-09-21 22:21:16.000000000 +0200 ++++ patch-2.7.1/src/util.h 2018-11-26 15:41:05.749151858 +0100 @@ -45,7 +45,7 @@ char *parse_name (char const *, int, cha char *savebuf (char const *, size_t); char *savestr (char const *); diff --git a/SPECS/patch.spec b/SPECS/patch.spec index d08a69c..f73c83f 100644 --- a/SPECS/patch.spec +++ b/SPECS/patch.spec @@ -1,7 +1,9 @@ +%global gnulib_ver 20120926 + Summary: Utility for modifying/upgrading files Name: patch Version: 2.7.1 -Release: 10%{?dist} +Release: 11%{?dist} License: GPLv3+ URL: http://www.gnu.org/software/patch/patch.html Group: Development/Tools @@ -10,6 +12,9 @@ Patch1: patch-remove-empty-dir.patch Patch2: patch-args.patch Patch3: patch-args-segfault.patch Patch4: patch-2.7.1-CVE-2018-1000156.patch +Patch5: patch-2.7.1-CVE-2016-10713.patch +Patch6: patch-2.7.1-CVE-2018-6952.patch +Patch7: patch-2.7.1-newmode.patch Patch100: patch-selinux.patch Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -18,6 +23,8 @@ BuildRequires: libattr-devel BuildRequires: ed BuildRequires: automake autoconf +Provides: bundled(gnulib) = %{gnulib_ver} + %description The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the @@ -43,6 +50,15 @@ applications. # CVE-2018-1000156, Malicious patch files cause ed to execute arbitrary commands %patch4 -p1 -b .CVE-2018-1000156 +# CVE-2016-10713, Out-of-bounds access in pch_write_line function +%patch5 -p1 -b .CVE-2016-10713 + +# CVE-2018-6952, Double free of memory +%patch6 -p1 -b .CVE-2018-6952 + +# honor the new file mode +%patch7 -p1 -b .newmode + # SELinux support. %patch100 -p1 -b .selinux @@ -71,6 +87,12 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/*/* %changelog +* Thu Nov 22 2018 Than Ngo - 2.7.1-11 +- Fixed CVE-2016-10713 - Out-of-bounds access in pch_write_line function +- Fixed CVE-2018-6952 - Double free of memory +- Resolves: #1626473, honor new file mode 100755 when applying patches +- Resolves: #1653294, Added virtual provides for bundled gnulib library + * Fri Apr 13 2018 Than Ngo - 2.7.1-10 - Fixed Coverity reported issues