!11 remove debug_package %{nil} to strip files and provide debug packages

From: @zhouwenpei Reviewed-by: @wu-changsheng Signed-off-by: @wu-changsheng
remove debug_package %{nil} to strip files and provide debug packages
2023-03-08 08:53:24 +00:00 · 2023-03-07 08:04:14 +00:00 · 2022-12-24 10:22:07 +00:00 · 2022-12-24 17:48:51 +08:00 · 2022-12-24 17:48:04 +08:00 · 2022-12-24 15:29:49 +08:00
4 changed files with 117 additions and 5 deletions
--- a/CVE-2021-28902-CVE-2021-28906.patch
+++ b/CVE-2021-28902-CVE-2021-28906.patch
@ -0,0 +1,65 @@
+From a3917d95d516e3de267d3cfa5d4d3715a90e8777 Mon Sep 17 00:00:00 2001
+From: Michal Vasko <mvasko@cesnet.cz>
+Date: Mon, 8 Mar 2021 14:08:05 +0100
+Subject: [PATCH] yin parser BUGFIX invalid memory access
+
+... in case there were some unresolved
+extensions.
+Fixes #1454
+Fixes #1455
+---
+ src/parser_yin.c | 13 +++++++------
+ 1 file changed, 7 insertions(+), 6 deletions(-)
+
+diff --git a/src/parser_yin.c b/src/parser_yin.c
+index 275991644..256325415 100644
+--- a/src/parser_yin.c
+++ b/src/parser_yin.c
+@@ -4572,7 +4572,7 @@ read_yin_anydata(struct lys_module *module, struct lys_node *parent, struct lyxm
+ 
+     for (r = 0; r < retval->ext_size; ++r) {
+         /* set flag, which represent LYEXT_OPT_VALID */
+-        if (retval->ext[r]->flags & LYEXT_OPT_VALID) {
+        if (retval->ext[r] && (retval->ext[r]->flags & LYEXT_OPT_VALID)) {
+             retval->flags |= LYS_VALID_EXT;
+             break;
+         }
+@@ -4794,7 +4794,7 @@ read_yin_leaf(struct lys_module *module, struct lys_node *parent, struct lyxml_e
+ 
+     for (r = 0; r < retval->ext_size; ++r) {
+         /* set flag, which represent LYEXT_OPT_VALID */
+-        if (retval->ext[r]->flags & LYEXT_OPT_VALID) {
+        if (retval->ext[r] && (retval->ext[r]->flags & LYEXT_OPT_VALID)) {
+             retval->flags |= LYS_VALID_EXT;
+             break;
+         }
+@@ -5108,7 +5108,7 @@ read_yin_leaflist(struct lys_module *module, struct lys_node *parent, struct lyx
+ 
+     for (r = 0; r < retval->ext_size; ++r) {
+         /* set flag, which represent LYEXT_OPT_VALID */
+-        if (retval->ext[r]->flags & LYEXT_OPT_VALID) {
+        if (retval->ext[r] && (retval->ext[r]->flags & LYEXT_OPT_VALID)) {
+             retval->flags |= LYS_VALID_EXT;
+             break;
+         }
+@@ -5477,7 +5477,7 @@ read_yin_list(struct lys_module *module, struct lys_node *parent, struct lyxml_e
+ 
+     for (r = 0; r < retval->ext_size; ++r) {
+         /* set flag, which represent LYEXT_OPT_VALID */
+-        if (retval->ext[r]->flags & LYEXT_OPT_VALID) {
+        if (retval->ext[r] && (retval->ext[r]->flags & LYEXT_OPT_VALID)) {
+             retval->flags |= LYS_VALID_EXT;
+             if (retval->ext[r]->flags & LYEXT_OPT_VALID_SUBTREE) {
+                 retval->flags |= LYS_VALID_EXT_SUBTREE;
+@@ -5701,8 +5701,9 @@ read_yin_container(struct lys_module *module, struct lys_node *parent, struct ly
+     }
+ 
+     for (r = 0; r < retval->ext_size; ++r) {
+-        /* set flag, which represent LYEXT_OPT_VALID */
+-        if (retval->ext[r]->flags & LYEXT_OPT_VALID) {
+        /* extension instance may not yet be resolved */
+        if (retval->ext[r] && (retval->ext[r]->flags & LYEXT_OPT_VALID)) {
+             /* set flag, which represent LYEXT_OPT_VALID */
+             retval->flags |= LYS_VALID_EXT;
+             if (retval->ext[r]->flags & LYEXT_OPT_VALID_SUBTREE) {
+                 retval->flags |= LYS_VALID_EXT_SUBTREE;
--- a/CVE-2021-28904.patch
+++ b/CVE-2021-28904.patch
@ -0,0 +1,26 @@
+From 59a0bff1a5a2f0a0eac07e4bf94d4aea9dd3708d Mon Sep 17 00:00:00 2001
+From: Michal Vasko <mvasko@cesnet.cz>
+Date: Mon, 8 Mar 2021 09:20:30 +0100
+Subject: [PATCH] plugins BUGFIX handle empty revision correctly
+
+Fixes #1451
+---
+ src/plugins.c | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/src/plugins.c b/src/plugins.c
+index 7e6fdf358..fa62ce76c 100644
+--- a/src/plugins.c
+++ b/src/plugins.c
+@@ -457,9 +457,8 @@ ext_get_plugin(const char *name, const char *module, const char *revision)
+     assert(module);
+ 
+     for (u = 0; u < ext_plugins_count; u++) {
+-        if (!strcmp(name, ext_plugins[u].name) &&
+-                !strcmp(module, ext_plugins[u].module) &&
+-                (!ext_plugins[u].revision || !strcmp(revision, ext_plugins[u].revision))) {
+        if (!strcmp(name, ext_plugins[u].name) && !strcmp(module, ext_plugins[u].module) &&
+                ((!revision && !ext_plugins[u].revision) || (revision && !strcmp(revision, ext_plugins[u].revision)))) {
+             /* we have the match */
+             return ext_plugins[u].plugin;
+         }
--- a/libyang.spec
+++ b/libyang.spec
@ -1,7 +1,6 @@
-%global debug_package %{nil}
 Name: libyang
 Version: 1.0.184
-Release: 2
+Release: 6
 Summary: YANG data modeling language library
 Url: https://github.com/CESNET/libyang
 Source: %{url}/archive/%{name}-%{version}.tar.gz
@ -10,6 +9,8 @@ License: BSD
 Patch0:	libyang-1.0.184-doc.patch
 Patch1: CVE-2021-28903.patch
 Patch2: CVE-2021-28905.patch
+Patch3: CVE-2021-28904.patch
+Patch4: CVE-2021-28902-CVE-2021-28906.patch

 Requires:  pcre
 BuildRequires:  cmake
@ -43,7 +44,7 @@ Summary:    Development files for libyang-cpp
 Requires:   libyang-cpp%{?_isa} = %{version}-%{release}
 Requires:   pcre-devel

-%package -n python3-libyang
+%package -n python3-yang
 Summary:    Python3 bindings for libyang
 Requires:   libyang-cpp%{?_isa} = %{version}-%{release}
 %{?python_provide:%python_provide python3-libyang}
@ -54,7 +55,7 @@ Bindings of libyang library to C++ language.
 %description -n libyang-cpp-devel
 Headers of bindings to c++ language.

-%description -n python3-libyang
+%description -n python3-yang
 Bindings of libyang library to python language.

 %description devel
@ -122,12 +123,28 @@ cp -r doc/html %{buildroot}/%{_docdir}/libyang/html
 %{_libdir}/pkgconfig/libyang-cpp.pc
 %dir %{_includedir}/libyang/

-%files -n python3-libyang
+%files -n python3-yang
 %{python3_sitearch}/yang.py
 %{python3_sitearch}/_yang.so
 %{python3_sitearch}/__pycache__/yang*

 %changelog
+* Tue Mar 07 2023 zhouwenpei <zhouwenpei@h-partners.com> - 1.0.184-6
+- remove debug_package %{nil} to strip files and provide debug packages
+
+* Sat Dec 24 2022 qisen <qisen@huawei.com> - 1.0.184-5
+- addyaml
+
+* Wed Aug 25 2021 orange-snn <songnannan2@huawei.com> - 1.0.184-4
+- change the python3 package name to python3-pyang from python3-libyang
+
+* Tue Jun 29 2021 anaonymous_z <zhangrui182@huawei.com> - 1.0.184-3
+- Type:CVE
+- ID:NA
+- SUG:NA
+- DESC: fix CVE-2021-28902 CVE-2021-28906
+        CVE-2021-28904
+
 * Mon Jun 28 2021 zhuqingfu <zhuqingfu1@huawei.com> - 1.0.184-2
 - Add patch CVE-2021-28905

--- a/libyang.yaml
+++ b/libyang.yaml
@ -0,0 +1,4 @@
+version_control: github
+src_repo: CESNET/libyang
+tag_prefix: ^v
+seperator: "."
Author	SHA1	Message	Date
openeuler-ci-bot	7115ab3618	!11 remove debug_package %{nil} to strip files and provide debug packages From: @zhouwenpei Reviewed-by: @wu-changsheng Signed-off-by: @wu-changsheng	2023-03-08 08:53:24 +00:00
zhouwenpei	74082f00a4	remove debug_package %{nil} to strip files and provide debug packages	2023-03-07 08:04:14 +00:00
openeuler-ci-bot	f97302bc13	!9 add yaml From: @foreson Reviewed-by: @wu-changsheng Signed-off-by: @wu-changsheng	2022-12-24 10:22:07 +00:00
foreson	2d4de82898	Merge branch 'master' of https://gitee.com/foreson/libyang	2022-12-24 17:48:51 +08:00
foreson	b2e10f1f35	add yaml	2022-12-24 17:48:04 +08:00
foreson	4fa5e91fbb	add yaml	2022-12-24 15:29:49 +08:00
openeuler-ci-bot	d0534d6692	!5 change the python3 package name to python3-pyang from python3-libyang From: @orange-snn Reviewed-by: @hubble_zhu Signed-off-by: @hubble_zhu	2021-08-26 03:16:06 +00:00
orange-snn	4a617349f1	change the python3 package name to python3-pyang from python3-libyang	2021-08-25 17:24:50 +08:00
openeuler-ci-bot	872478880e	!4 fix CVE-2021-28902 CVE-2021-28904 CVE-2021-28906 From: @anonymous_z Reviewed-by: @hubble_zhu Signed-off-by: @hubble_zhu	2021-06-29 06:36:52 +00:00
anonymous_z	9fd71b4a68	fix CVE-2021-28902 CVE-2021-28904 CVE-2021-28906	2021-06-29 10:46:10 +08:00