Fix CVE-2023-41040
This commit is contained in:
starlet-dx
parent
4e662f085e
commit
407c0e8fff
28
CVE-2023-41040.patch
Normal file
28
CVE-2023-41040.patch
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
From 64ebb9fcdfbe48d5d61141a557691fd91f1e88d6 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Facundo Tuesca <facundo.tuesca@trailofbits.com>
|
||||||
|
Date: Tue, 5 Sep 2023 09:51:50 +0200
|
||||||
|
Subject: [PATCH] Fix CVE-2023-41040
|
||||||
|
|
||||||
|
This change adds a check during reference resolving to see if it
|
||||||
|
contains an up-level reference ('..'). If it does, it raises an
|
||||||
|
exception.
|
||||||
|
|
||||||
|
This fixes CVE-2023-41040, which allows an attacker to access files
|
||||||
|
outside the repository's directory.
|
||||||
|
---
|
||||||
|
git/refs/symbolic.py | 2 ++
|
||||||
|
1 file changed, 2 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/git/refs/symbolic.py b/git/refs/symbolic.py
|
||||||
|
index 33c3bf15b..5c293aa7b 100644
|
||||||
|
--- a/git/refs/symbolic.py
|
||||||
|
+++ b/git/refs/symbolic.py
|
||||||
|
@@ -168,6 +168,8 @@ def _get_ref_info_helper(
|
||||||
|
"""Return: (str(sha), str(target_ref_path)) if available, the sha the file at
|
||||||
|
rela_path points to, or None. target_ref_path is the reference we
|
||||||
|
point to, or None"""
|
||||||
|
+ if ".." in str(ref_path):
|
||||||
|
+ raise ValueError(f"Invalid reference '{ref_path}'")
|
||||||
|
tokens: Union[None, List[str], Tuple[str, str]] = None
|
||||||
|
repodir = _git_dir(repo, ref_path)
|
||||||
|
try:
|
||||||
@ -1,11 +1,13 @@
|
|||||||
%global _empty_manifest_terminate_build 0
|
%global _empty_manifest_terminate_build 0
|
||||||
Name: python-GitPython
|
Name: python-GitPython
|
||||||
Version: 3.1.32
|
Version: 3.1.32
|
||||||
Release: 1
|
Release: 2
|
||||||
Summary: GitPython is a python library used to interact with Git repositories
|
Summary: GitPython is a python library used to interact with Git repositories
|
||||||
License: BSD-3-Clause
|
License: BSD-3-Clause
|
||||||
URL: https://github.com/gitpython-developers/GitPython
|
URL: https://github.com/gitpython-developers/GitPython
|
||||||
Source0: https://files.pythonhosted.org/packages/5f/11/2b0f60686dbda49028cec8c66bd18a5e82c96d92eef4bc34961e35bb3762/GitPython-3.1.32.tar.gz
|
Source0: https://files.pythonhosted.org/packages/5f/11/2b0f60686dbda49028cec8c66bd18a5e82c96d92eef4bc34961e35bb3762/GitPython-3.1.32.tar.gz
|
||||||
|
# https://github.com/gitpython-developers/GitPython/commit/64ebb9fcdfbe48d5d61141a557691fd91f1e88d6
|
||||||
|
Patch0: CVE-2023-41040.patch
|
||||||
BuildArch: noarch
|
BuildArch: noarch
|
||||||
|
|
||||||
%description
|
%description
|
||||||
@ -38,7 +40,7 @@ GitPython is a python library used to interact with git repositories,
|
|||||||
high-level like git-porcelain, or low-level like git-plumbing.
|
high-level like git-porcelain, or low-level like git-plumbing.
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%autosetup -n GitPython-%{version}
|
%autosetup -n GitPython-%{version} -p1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%py3_build
|
%py3_build
|
||||||
@ -81,6 +83,9 @@ mv %{buildroot}/doclist.lst .
|
|||||||
%{_docdir}/*
|
%{_docdir}/*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Sep 11 2023 yaoxin <yao_xin001@hoperun.com> - 3.1.32-2
|
||||||
|
- Fix CVE-2023-41040
|
||||||
|
|
||||||
* Tue Jul 18 2023 sunhui <sunhui@kylinos.cn> - 3.1.32-1
|
* Tue Jul 18 2023 sunhui <sunhui@kylinos.cn> - 3.1.32-1
|
||||||
- Update package to version 3.1.32
|
- Update package to version 3.1.32
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user