packages/libgsasl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!5 [sync] PR-3: Fix CVE-2022-2469

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @starlet-dx 
Signed-off-by: @starlet-dx
This commit is contained in:
openeuler-ci-bot 2024-03-27 06:10:18 +00:00 committed by Gitee
commit 098fd92922
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 34 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
CVE-2022-2469.patch Normal file
View File

@ -0,0 +1,28 @@
From 796e4197f696261c1f872d7576371232330bcc30 Mon Sep 17 00:00:00 2001
From: Simon Josefsson <simon@josefsson.org>
Date: Fri, 15 Jul 2022 16:23:58 +0200
Subject: [PATCH] GSSAPI server: Boundary check gss_wrap token (read OOB).
Origin:
https://gitlab.com/gsasl/gsasl/-/commit/796e4197f696261c1f872d7576371232330bcc30
---
gssapi/server.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/gssapi/server.c b/gssapi/server.c
index 4a5dfd7..a93e454 100644
--- a/gssapi/server.c
+++ b/gssapi/server.c
@@ -225,6 +225,9 @@ _gsasl_gssapi_server_step (Gsasl_session * sctx,
FALSE, and responds with the generated output_message. The
client can then consider the server authenticated. */
+ if (bufdesc2.length < 4)
+ return GSASL_AUTHENTICATION_ERROR;
+
if ((((char *) bufdesc2.value)[0] & GSASL_QOP_AUTH) == 0)
{
/* Integrity or privacy unsupported */
--
2.33.0

8
libgsasl.spec
View File

@ -1,11 +1,12 @@
Name: libgsasl Name: libgsasl
Version: 1.10.0 Version: 1.10.0
Release: 1 Release: 2
Summary: GNU SASL library Summary: GNU SASL library
License: LGPLv2+ License: LGPLv2+
URL: https://www.gnu.org/software/gsasl/ URL: https://www.gnu.org/software/gsasl/
Source0: https://ftp.gnu.org/gnu/gsasl/%{name}-%{version}.tar.gz Source0: https://ftp.gnu.org/gnu/gsasl/%{name}-%{version}.tar.gz
Source1: https://ftp.gnu.org/gnu/gsasl/%{name}-%{version}.tar.gz.sig Source1: https://ftp.gnu.org/gnu/gsasl/%{name}-%{version}.tar.gz.sig
Patch0: CVE-2022-2469.patch
BuildRequires: gcc krb5-devel libgcrypt-devel libidn-devel libntlm-devel pkgconfig BuildRequires: gcc krb5-devel libgcrypt-devel libidn-devel libntlm-devel pkgconfig
%description %description
The library includes support for the SASL framework The library includes support for the SASL framework
@ -21,7 +22,7 @@ The %{name}-devel package contains libraries and header files for
developing applications that use %{name}. developing applications that use %{name}.
%prep %prep
%autosetup %autosetup -p1
%build %build
%configure --disable-static --disable-rpath --with-gssapi-impl=mit %configure --disable-static --disable-rpath --with-gssapi-impl=mit
@ -45,6 +46,9 @@ find %{buildroot} -name '*.la' -exec rm -f {} ';'
%{_libdir}/pkgconfig/libgsasl.pc %{_libdir}/pkgconfig/libgsasl.pc
%changelog %changelog
* Wed Mar 27 2024 yaoxin <yao_xin001@hoperun.com> - 1.10.0-2
- Fix CVE-2022-2469
* Fri Apr 28 2023 wangkai <13474090681@163.com> - 1.10.0-1 * Fri Apr 28 2023 wangkai <13474090681@163.com> - 1.10.0-1
- Update to 1.10.0 - Update to 1.10.0