Backport patches from upstream community

2022-11-23 02:59:41 +00:00 · 2022-11-23 02:59:41 +00:00 · f035421fd5
commit f035421fd5
parent 8dc184e086
3 changed files with 60 additions and 1 deletions
--- a/backport-Fix-incorrect-SHA384-512-digest-calculation.patch
+++ b/backport-Fix-incorrect-SHA384-512-digest-calculation.patch
@ -0,0 +1,29 @@
+From e4f08157b6693b956fe9c7c987bc3eeac1abb2cc Mon Sep 17 00:00:00 2001
+From: Tim Shearer <timtimminz@gmail.com>
+Date: Tue, 2 Aug 2022 08:48:32 -0400
+Subject: [PATCH] Fix incorrect SHA384/512 digest calculation.
+
+Resolves an issue where certain message sizes result in an incorrect
+checksum. Specifically, when:
+(n*8) mod 1024 == 896
+where n is the file size in bytes.
+---
+ lib/util/sha2.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/util/sha2.c b/lib/util/sha2.c
+index b7a28cca8..f769f77f2 100644
+--- a/lib/util/sha2.c
+++ b/lib/util/sha2.c
+@@ -490,7 +490,7 @@ SHA512Pad(SHA2_CTX *ctx)
+ 	SHA512Update(ctx, (uint8_t *)"\200", 1);
+ 
+ 	/* Pad message such that the resulting length modulo 1024 is 896. */
+-	while ((ctx->count[0] & 1008) != 896)
+	while ((ctx->count[0] & 1016) != 896)
+ 		SHA512Update(ctx, (uint8_t *)"\0", 1);
+ 
+ 	/* Append length of message in bits and do final SHA512Transform(). */
+-- 
+2.33.0
+
--- a/backport-sudo_passwd_verify-zero-out-des_pass-before-returnin.patch
+++ b/backport-sudo_passwd_verify-zero-out-des_pass-before-returnin.patch
@ -0,0 +1,25 @@
+From 9f948224acb911cbec1ed9041887c1fe62c59877 Mon Sep 17 00:00:00 2001
+From: "Todd C. Miller" <Todd.Miller@sudo.ws>
+Date: Tue, 8 Nov 2022 13:17:11 -0700
+Subject: [PATCH] sudo_passwd_verify: zero out des_pass before returning.
+
+---
+ plugins/sudoers/auth/passwd.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/plugins/sudoers/auth/passwd.c b/plugins/sudoers/auth/passwd.c
+index 636c07bab..89da96ff6 100644
+--- a/plugins/sudoers/auth/passwd.c
+++ b/plugins/sudoers/auth/passwd.c
+@@ -95,6 +95,8 @@ sudo_passwd_verify(struct passwd *pw, const char *pass, sudo_auth *auth, struct
+ 	    matched = !strcmp(pw_epasswd, epass);
+     }
+ 
+    explicit_bzero(des_pass, sizeof(des_pass));
+
+     debug_return_int(matched ? AUTH_SUCCESS : AUTH_FAILURE);
+ }
+ #else
+-- 
+2.33.0
+
--- a/sudo.spec
+++ b/sudo.spec
@ -1,6 +1,6 @@
 Name: sudo
 Version: 1.9.8p2
-Release: 4
+Release: 5
 Summary: Allows restricted root access for specified users
 License: ISC
 URL: http://www.courtesan.com/sudo/
@ -14,6 +14,8 @@ Patch0: backport-0001-CVE-2022-37434.patch
 Patch1: backport-0002-CVE-2022-37434.patch
 Patch2: backport-CVE-2022-33070.patch
 Patch3: backport-Fix-CVE-2022-43995-potential-heap-overflow-for-passwords.patch
+Patch4: backport-Fix-incorrect-SHA384-512-digest-calculation.patch
+Patch5: backport-sudo_passwd_verify-zero-out-des_pass-before-returnin.patch

 Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Requires: pam
@ -155,6 +157,9 @@ install -p -c -m 0644 %{SOURCE3} $RPM_BUILD_ROOT/etc/pam.d/sudo-i
 %exclude %{_pkgdocdir}/ChangeLog

 %changelog
+* Wed Nov 23 2022 wangyu <wangyu283@huawei.com> - 1.9.8p2-5
+- Backport patches from upstream community
+
 * Sat Nov 5 2022 wangyu <wangyu283@huawei.com> - 1.9.8p2-4
 - Fix CVE-2022-43995