Fix CVE-2021-4048
This commit is contained in:
houyingchao
parent
77ed5c75e5
commit
5c836d065b
22
CVE-2021-4048-1.patch
Normal file
22
CVE-2021-4048-1.patch
Normal file
@ -0,0 +1,22 @@
|
||||
From 2be5ee3cca97a597f2ee2118808a2d5eacea050c Mon Sep 17 00:00:00 2001
|
||||
From: Martin Kroeker <martin@ruby.chemie.uni-freiburg.de>
|
||||
Date: Fri, 1 Oct 2021 11:17:21 +0200
|
||||
Subject: [PATCH] Fix out of bounds read in ?llarv (Reference-LAPACK PR 625)
|
||||
|
||||
---
|
||||
lapack-netlib/SRC/clarrv.f | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/lapack-netlib/SRC/clarrv.f b/lapack-netlib/SRC/clarrv.f
|
||||
index a45f55ac3..26a9febc8 100644
|
||||
--- a/lapack-netlib/SRC/clarrv.f
|
||||
+++ b/lapack-netlib/SRC/clarrv.f
|
||||
@@ -351,7 +351,7 @@ SUBROUTINE CLARRV( N, VL, VU, D, L, PIVMIN,
|
||||
*
|
||||
* Quick return if possible
|
||||
*
|
||||
- IF( N.LE.0 ) THEN
|
||||
+ IF( (N.LE.0) .OR. (M.LE.0) ) THEN
|
||||
RETURN
|
||||
END IF
|
||||
*
|
||||
22
CVE-2021-4048-2.patch
Normal file
22
CVE-2021-4048-2.patch
Normal file
@ -0,0 +1,22 @@
|
||||
From 337b65133df174796794871b3988cd03426e6d41 Mon Sep 17 00:00:00 2001
|
||||
From: Martin Kroeker <martin@ruby.chemie.uni-freiburg.de>
|
||||
Date: Fri, 1 Oct 2021 11:19:53 +0200
|
||||
Subject: [PATCH] Fix out of bounds read in ?llarv (Reference-LAPACK PR 625)
|
||||
|
||||
---
|
||||
lapack-netlib/SRC/zlarrv.f | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/lapack-netlib/SRC/zlarrv.f b/lapack-netlib/SRC/zlarrv.f
|
||||
index 23976dbef..8d10e3c2e 100644
|
||||
--- a/lapack-netlib/SRC/zlarrv.f
|
||||
+++ b/lapack-netlib/SRC/zlarrv.f
|
||||
@@ -351,7 +351,7 @@ SUBROUTINE ZLARRV( N, VL, VU, D, L, PIVMIN,
|
||||
*
|
||||
* Quick return if possible
|
||||
*
|
||||
- IF( N.LE.0 ) THEN
|
||||
+ IF( (N.LE.0).OR.(M.LE.0) ) THEN
|
||||
RETURN
|
||||
END IF
|
||||
*
|
||||
22
CVE-2021-4048-3.patch
Normal file
22
CVE-2021-4048-3.patch
Normal file
@ -0,0 +1,22 @@
|
||||
From ddb0ff5353637bb5f5ad060c9620e334c143e3d7 Mon Sep 17 00:00:00 2001
|
||||
From: Martin Kroeker <martin@ruby.chemie.uni-freiburg.de>
|
||||
Date: Fri, 1 Oct 2021 11:19:07 +0200
|
||||
Subject: [PATCH] Fix out of bounds read in ?llarv (Reference-LAPACK PR 625)
|
||||
|
||||
---
|
||||
lapack-netlib/SRC/slarrv.f | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/lapack-netlib/SRC/slarrv.f b/lapack-netlib/SRC/slarrv.f
|
||||
index 04519fde8..9448b2fd9 100644
|
||||
--- a/lapack-netlib/SRC/slarrv.f
|
||||
+++ b/lapack-netlib/SRC/slarrv.f
|
||||
@@ -353,7 +353,7 @@ SUBROUTINE SLARRV( N, VL, VU, D, L, PIVMIN,
|
||||
*
|
||||
* Quick return if possible
|
||||
*
|
||||
- IF( N.LE.0 ) THEN
|
||||
+ IF( (N.LE.0).OR.(M.LE.0) ) THEN
|
||||
RETURN
|
||||
END IF
|
||||
*
|
||||
22
CVE-2021-4048-4.patch
Normal file
22
CVE-2021-4048-4.patch
Normal file
@ -0,0 +1,22 @@
|
||||
From fe497efa0510466fd93578aaf9da1ad8ed4edbe7 Mon Sep 17 00:00:00 2001
|
||||
From: Martin Kroeker <martin@ruby.chemie.uni-freiburg.de>
|
||||
Date: Fri, 1 Oct 2021 11:18:20 +0200
|
||||
Subject: [PATCH] Fix out of bounds read in ?llarv (Reference-LAPACK PR 625)
|
||||
|
||||
---
|
||||
lapack-netlib/SRC/dlarrv.f | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/lapack-netlib/SRC/dlarrv.f b/lapack-netlib/SRC/dlarrv.f
|
||||
index 4a59a2bbf..a1c6e9c9d 100644
|
||||
--- a/lapack-netlib/SRC/dlarrv.f
|
||||
+++ b/lapack-netlib/SRC/dlarrv.f
|
||||
@@ -353,7 +353,7 @@ SUBROUTINE DLARRV( N, VL, VU, D, L, PIVMIN,
|
||||
*
|
||||
* Quick return if possible
|
||||
*
|
||||
- IF( N.LE.0 ) THEN
|
||||
+ IF( (N.LE.0).OR.(M.LE.0) ) THEN
|
||||
RETURN
|
||||
END IF
|
||||
*
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
Name: openblas
|
||||
Version: 0.3.13
|
||||
Release: 3
|
||||
Release: 4
|
||||
Summary: An optimized BLAS library based on GotoBLAS2 1.13 BSD version
|
||||
License: BSD
|
||||
URL: https://github.com/xianyi/OpenBLAS/
|
||||
@ -10,6 +10,10 @@ Source0: https://github.com/xianyi/OpenBLAS/archive/v%{version}/openblas-
|
||||
Patch0000: openblas-0.2.15-system_lapack.patch
|
||||
Patch0001: openblas-0.2.5-libname.patch
|
||||
Patch0002: openblas-0.3.7-tests.patch
|
||||
Patch0003: CVE-2021-4048-1.patch
|
||||
Patch0004: CVE-2021-4048-2.patch
|
||||
Patch0005: CVE-2021-4048-3.patch
|
||||
Patch0006: CVE-2021-4048-4.patch
|
||||
Requires: %{name}-devel = %{version}-%{release}
|
||||
BuildRequires: gcc gcc-gfortran perl-devel gcc-c++
|
||||
|
||||
@ -57,6 +61,10 @@ cd OpenBLAS-%{version}
|
||||
%endif
|
||||
%patch0001 -p1 -b .libname
|
||||
%patch0002 -p1 -b .tests
|
||||
%patch0003 -p1
|
||||
%patch0004 -p1
|
||||
%patch0005 -p1
|
||||
%patch0006 -p1
|
||||
|
||||
# Set source permissions
|
||||
find -name \*.f -exec chmod 644 {} \;
|
||||
@ -351,6 +359,9 @@ rm -rf %{buildroot}%{_libdir}/pkgconfig
|
||||
%{_libdir}/lib%{name}*64_.so
|
||||
|
||||
%changelog
|
||||
* Mon Dec 20 2021 houyingchao <houyingchao@huawei.com>- 0.3.13-4
|
||||
- Fix CVE-2021-4048
|
||||
|
||||
* Fri Oct 15 2021 zhangweiguo <zhangweiguo2@huawei.com> -0.3.13-3
|
||||
- Disable CPP_THREAD_SAFETY_TEST
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user