From 6380a2f9eb7fc779e8e9a1314410776a3538ff98 Mon Sep 17 00:00:00 2001 From: shixuantong <1726671442@qq.com> Date: Fri, 29 Jul 2022 10:05:32 +0800 Subject: [PATCH] fix CVE-2021-33643 CVE-2021-33644 CVE-2021-33645 CVE-2021-33646 --- libtar.spec | 9 ++++++--- ...atch => openEuler-CVE-2021-33643-CVE-2021-33644.patch | 0 ...atch => openEuler-CVE-2021-33645-CVE-2021-33646.patch | 0 3 files changed, 6 insertions(+), 3 deletions(-) rename openEuler-Ensure-that-sz-is-greater-than-0.patch => openEuler-CVE-2021-33643-CVE-2021-33644.patch (100%) rename openEuler-fix-memory-leak.patch => openEuler-CVE-2021-33645-CVE-2021-33646.patch (100%) diff --git a/libtar.spec b/libtar.spec index dff6938..bfba2c9 100644 --- a/libtar.spec +++ b/libtar.spec @@ -1,6 +1,6 @@ Name: libtar Version: 1.2.20 -Release: 23 +Release: 24 Summary: Library for manipulating tar files from within C programs. License: BSD URL: http://repo.or.cz/libtar.git @@ -13,8 +13,8 @@ Patch3: libtar-1.2.11-bz729009.patch Patch4: libtar-1.2.20-no-static-buffer.patch Patch5: CVE-2013-4420.patch -Patch9000: openEuler-Ensure-that-sz-is-greater-than-0.patch -Patch9001: openEuler-fix-memory-leak.patch +Patch9000: openEuler-CVE-2021-33643-CVE-2021-33644.patch +Patch9001: openEuler-CVE-2021-33645-CVE-2021-33646.patch BuildRequires: libtool @@ -73,6 +73,9 @@ rm $RPM_BUILD_ROOT%{_libdir}/*.la %{_mandir}/man3/*.3* %changelog +* Fri Jul 29 2022 shixuantong - 1.2.20-24 +- fix CVE-2021-33643 CVE-2021-33644 CVE-2021-33645 CVE-2021-33646 + * Sat May 07 2022 shixuantong - 1.2.20-23 - fix memory leak diff --git a/openEuler-Ensure-that-sz-is-greater-than-0.patch b/openEuler-CVE-2021-33643-CVE-2021-33644.patch similarity index 100% rename from openEuler-Ensure-that-sz-is-greater-than-0.patch rename to openEuler-CVE-2021-33643-CVE-2021-33644.patch diff --git a/openEuler-fix-memory-leak.patch b/openEuler-CVE-2021-33645-CVE-2021-33646.patch similarity index 100% rename from openEuler-fix-memory-leak.patch rename to openEuler-CVE-2021-33645-CVE-2021-33646.patch