From 5d9b12b903023d9dfc69df4af391289c76623719 Mon Sep 17 00:00:00 2001 From: wangkerong Date: Mon, 29 Aug 2022 11:01:35 +0800 Subject: [PATCH] fix CVE-2021-42523 --- backport-0001-CVE-2021-42523.patch | 36 ++++++++++++++++++++++++++++++ backport-0002-CVE-2021-42523.patch | 25 +++++++++++++++++++++ colord.spec | 8 ++++++- 3 files changed, 68 insertions(+), 1 deletion(-) create mode 100644 backport-0001-CVE-2021-42523.patch create mode 100644 backport-0002-CVE-2021-42523.patch diff --git a/backport-0001-CVE-2021-42523.patch b/backport-0001-CVE-2021-42523.patch new file mode 100644 index 0000000..0c62c7d --- /dev/null +++ b/backport-0001-CVE-2021-42523.patch @@ -0,0 +1,36 @@ +From 6a54706b39e41b47edb3186e5ac6151007a88626 Mon Sep 17 00:00:00 2001 +From: Zero0one1 +Date: Thu, 1 Apr 2021 21:16:56 +0800 +Subject: [PATCH] Fix the potential memory leakage in issue + https://github.com/hughsie/colord/issues/110 by setting the 5th paramerter of + sqlite3_exec() to NULL + +Conflict:NA +Reference:https://github.com/hughsie/colord/pull/130/commits/6a54706b39e41b47edb3186e5ac6151007a88626 +--- + src/cd-device-db.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/cd-device-db.c b/src/cd-device-db.c +index a212c83d..8da1a4a9 100644 +--- a/src/cd-device-db.c ++++ b/src/cd-device-db.c +@@ -79,7 +79,7 @@ cd_device_db_load (CdDeviceDb *ddb, + + /* check devices */ + rc = sqlite3_exec (priv->db, "SELECT * FROM devices LIMIT 1", +- NULL, NULL, &error_msg); ++ NULL, NULL, NULL); + if (rc != SQLITE_OK) { + g_debug ("CdDeviceDb: creating table to repair: %s", error_msg); + sqlite3_free (error_msg); +@@ -91,7 +91,7 @@ cd_device_db_load (CdDeviceDb *ddb, + + /* check properties version 2 */ + rc = sqlite3_exec (priv->db, "SELECT * FROM properties_v2 LIMIT 1", +- NULL, NULL, &error_msg); ++ NULL, NULL, NULL); + if (rc != SQLITE_OK) { + statement = "CREATE TABLE properties_v2 (" + "device_id TEXT," + diff --git a/backport-0002-CVE-2021-42523.patch b/backport-0002-CVE-2021-42523.patch new file mode 100644 index 0000000..44fee9c --- /dev/null +++ b/backport-0002-CVE-2021-42523.patch @@ -0,0 +1,25 @@ +From 2ca40d1732bb233a8a6da59a3413abb92aebf8e1 Mon Sep 17 00:00:00 2001 +From: Zero0one1 +Date: Fri, 2 Apr 2021 13:48:17 +0800 +Subject: [PATCH] Leave the used error_msg unchanged + +Conflict:NA +Reference:https://github.com/hughsie/colord/pull/130/commits/2ca40d1732bb233a8a6da59a3413abb92aebf8e1 +--- + src/cd-device-db.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/cd-device-db.c b/src/cd-device-db.c +index 8da1a4a9..3ae44ef2 100644 +--- a/src/cd-device-db.c ++++ b/src/cd-device-db.c +@@ -79,7 +79,7 @@ cd_device_db_load (CdDeviceDb *ddb, + + /* check devices */ + rc = sqlite3_exec (priv->db, "SELECT * FROM devices LIMIT 1", +- NULL, NULL, NULL); ++ NULL, NULL, &error_msg); + if (rc != SQLITE_OK) { + g_debug ("CdDeviceDb: creating table to repair: %s", error_msg); + sqlite3_free (error_msg); + diff --git a/colord.spec b/colord.spec index 01d3bd5..f72fa61 100644 --- a/colord.spec +++ b/colord.spec @@ -1,11 +1,14 @@ Name: colord Version: 1.4.5 -Release: 2 +Release: 3 Summary: A system activated daemon License: GPLv2+ and LGPLv2+ URL: https://www.freedesktop.org/software/colord/ Source0: https://www.freedesktop.org/software/colord/releases/%{name}-%{version}.tar.xz +Patch6000: backport-0001-CVE-2021-42523.patch +Patch6001: backport-0002-CVE-2021-42523.patch + BuildRequires: color-filesystem dbus-devel docbook5-style-xsl gettext glib2-devel BuildRequires: gobject-introspection-devel gtk-doc libgudev1-devel BuildRequires: libxslt meson sqlite-devel systemd systemd-devel vala-tools @@ -168,6 +171,9 @@ exit 0 %{_datadir}/man/man1/*.1.gz %changelog +* Mon Aug 29 2022 wangkerong - 1.4.5-3 +- fix CVE-2021-42523 + * Mon Mar 28 2022 wangkerong - 1.4.5-2 - enable test case