file package update

Signed-off-by: basebuilder_pel7x64builder0 <basebuilder@powerel.org>
4 years ago · f276e33689
2 changed files with 36 additions and 1 deletions
--- a/SOURCES/file-5.11-CVE-2018-10360.patch
+++ b/SOURCES/file-5.11-CVE-2018-10360.patch
@ -0,0 +1,28 @@
				@@ -0,0 +1,28 @@
+From 8616080aecf07436e80a27f68c336382c1d1c22d Mon Sep 17 00:00:00 2001
+From: Christos Zoulas <christos@zoulas.com>
+Date: Sat, 9 Jun 2018 16:00:06 +0000
+Subject: [PATCH] Avoid reading past the end of buffer (Rui Reis)
+
+Upstream-commit: a642587a9c9e2dd7feacdf513c3643ce26ad3c22
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ src/readelf.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/readelf.c b/src/readelf.c
+index 3df0836..d96a538 100644
+--- a/src/readelf.c
+++ b/src/readelf.c
+@@ -966,7 +966,8 @@ core:
+ 
+ 				cname = (unsigned char *)
+ 				    &nbuf[doff + prpsoffsets(i)];
+-				for (cp = cname; *cp && isprint(*cp); cp++)
+				for (cp = cname; cp < nbuf + size && *cp
+				    && isprint(*cp); cp++)
+ 					continue;
+ 				/*
+ 				 * Linux apparently appends a space at the end
+-- 
+2.14.4
+
--- a/SPECS/file.spec
+++ b/SPECS/file.spec
@ -5,7 +5,7 @@
				@@ -5,7 +5,7 @@
 Summary: A utility for determining file types
 Name: file
 Version: 5.11
-Release: 35%{?dist}
+Release: 36%{?dist}
 License: BSD
 Group: Applications/File
 Source0: ftp://ftp.astron.com/pub/file/file-%{version}.tar.gz
@ -72,6 +72,9 @@ Patch60: file-5.11-gzip-strength.patch
				@@ -72,6 +72,9 @@ Patch60: file-5.11-gzip-strength.patch
 # fix #1562135 - do not classify groovy script as python code
 Patch61: file-5.11-python-comment.patch

+# fix out-of-bounds read via a crafted ELF file (CVE-2018-10360)
+Patch62: file-5.11-CVE-2018-10360.patch
+
 URL: http://www.darwinsys.com/file/
 Requires: file-libs = %{version}-%{release}
 BuildRequires: zlib-devel
@ -179,6 +182,7 @@ file(1) command.
				@@ -179,6 +182,7 @@ file(1) command.
 %patch59 -p1
 %patch60 -p1
 %patch61 -p1
+%patch62 -p1

 # Patches can generate *.orig files, which can't stay in the magic dir,
 # otherwise there will be problems when compiling magic file!
@ -258,6 +262,9 @@ cd python
				@@ -258,6 +262,9 @@ cd python
 %endif

 %changelog
+* Tue Aug 06 2019 Kamil Dudka <kdudka@redhat.com> - 5.11-36
+- fix out-of-bounds read via a crafted ELF file (CVE-2018-10360)
+
 * Wed Jun 06 2018 Kamil Dudka <kdudka@redhat.com> 5.11-35
 - fix #1562135 - do not classify groovy script as python code