rpms / podman

Clone
Source Code
GIT

Blame SOURCES/podman-CVE-2020-10696.patch

c7-alt c7-extras c7-extras-i686 c8-beta-stream-1.0 c8-beta-stream-2.0 c8-beta-stream-3.0 c8-beta-stream-4.0 c8-beta-stream-rhel8 c8-stream-1.0 c8-stream-2.0 c8-stream-3.0 c8-stream-4.0 c8-stream-rhel8 c8s c8s-stream-1.0 c8s-stream-2.0 c8s-stream-3.0 c8s-stream-4.0 c8s-stream-rhel8 c9 c9-beta c9-beta-stream-latest
  1.   a6340cd60286bb2b7078201a193900d4721cfca1
  2.   SOURCES
  3.   podman-CVE-2020-10696.patch
Blob History Raw
a6340c 
From 840e7dad513b86f454573ad415701c0199f78d30 Mon Sep 17 00:00:00 2001
a6340c 
From: TomSweeneyRedHat <tsweeney@redhat.com>
a6340c 
Date: Tue, 24 Mar 2020 20:10:22 -0400
a6340c 
Subject: [PATCH] Fix potential CVE in tarfile w/ symlink
a6340c
a6340c 
Stealing @nalind 's workaround to avoid refetching
a6340c 
content after a file read failure.  Under the right
a6340c 
circumstances that could be a symlink to a file meant
a6340c 
to overwrite a good file with bad data.
a6340c
a6340c 
Testing:
a6340c 
```
a6340c 
goodstuff
a6340c
a6340c 
[1] 14901
a6340c
a6340c 
127.0.0.1 - - [24/Mar/2020 20:15:50] "GET / HTTP/1.1" 200 -
a6340c 
127.0.0.1 - - [24/Mar/2020 20:15:50] "GET / HTTP/1.1" 200 -
a6340c 
no FROM statement found
a6340c
a6340c 
goodstuff
a6340c 
```
a6340c
a6340c 
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
a6340c 
---
a6340c 
 imagebuildah/util.go | 5 +++--
a6340c 
 1 file changed, 3 insertions(+), 2 deletions(-)
a6340c
a6340c 
diff -up a/imagebuildah/util.go.CVE-2020-10696 b/imagebuildah/util.go
a6340c 
--- a/vendor/github.com/containers//buildah/imagebuildah/util.go.CVE-2020-10696
a6340c 
+++ b/vendor/github.com/containers//buildah/imagebuildah/util.go
a6340c 
@@ -12,6 +12,7 @@ import (
a6340c
a6340c 
 	"github.com/containers/buildah"
a6340c 
 	"github.com/containers/storage/pkg/chrootarchive"
a6340c 
+	"github.com/containers/storage/pkg/ioutils"
a6340c 
 	"github.com/pkg/errors"
a6340c 
 	"github.com/sirupsen/logrus"
a6340c 
 )
a6340c 
@@ -47,7 +48,7 @@ func downloadToDirectory(url, dir string
a6340c 
 		}
a6340c 
 		dockerfile := filepath.Join(dir, "Dockerfile")
a6340c 
 		// Assume this is a Dockerfile
a6340c 
-		if err := ioutil.WriteFile(dockerfile, body, 0600); err != nil {
a6340c 
+		if err := ioutils.AtomicWriteFile(dockerfile, body, 0600); err != nil {
a6340c 
 			return errors.Wrapf(err, "Failed to write %q to %q", url, dockerfile)
a6340c 
 		}
a6340c 
 	}

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation