!97 修复 CVE-2023-41080 和解决软连接指向为空

From: @wk333 Reviewed-by: @caodongxia Signed-off-by: @caodongxia
2023-09-07 07:46:24 +00:00 · 2023-09-07 07:46:24 +00:00 · a4aaf5674d
commit a4aaf5674d
parent e01b79affd f97d0f9c3c
2 changed files with 37 additions and 4 deletions
--- a/CVE-2023-41080.patch
+++ b/CVE-2023-41080.patch
@ -0,0 +1,29 @@
 From 77c0ce2d169efa248b64b992e547aad549ec906b Mon Sep 17 00:00:00 2001
 From: Mark Thomas <markt@apache.org>
 Date: Tue, 22 Aug 2023 11:31:23 -0700
 Subject: [PATCH] Avoid protocol relative redirects
 Origin: https://github.com/apache/tomcat/commit/77c0ce2d169efa248b64b992e547aad549ec906b
 ---
 .../apache/catalina/authenticator/FormAuthenticator.java    | 6 ++++++
 webapps/docs/changelog.xml                                  | 3 +++
 2 files changed, 9 insertions(+)
 diff --git a/java/org/apache/catalina/authenticator/FormAuthenticator.java b/java/org/apache/catalina/authenticator/FormAuthenticator.java
 index a57db51776b..d54cc62182e 100644
 --- a/java/org/apache/catalina/authenticator/FormAuthenticator.java
 +++ b/java/org/apache/catalina/authenticator/FormAuthenticator.java
@@ -747,6 +747,12 @@ protected String savedRequestURL(Session session) {
             sb.append('?');
             sb.append(saved.getQueryString());
         }
 +
 +        // Avoid protocol relative redirects
 +        while (sb.length() > 1 && sb.charAt(1) == '/') {
 +            sb.deleteCharAt(0);
 +        }
 +
         return sb.toString();
     }
 }
--- a/tomcat.spec
+++ b/tomcat.spec
@ -13,7 +13,7 @@
 Name:          tomcat
 Epoch:         1
 Version:       %{major_version}.%{minor_version}.%{micro_version}
-Release:       30
+Release:       31
 Summary:       Implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies
 License:       ASL 2.0
 URL:           http://tomcat.apache.org/
@ -104,6 +104,7 @@ Patch6069: CVE-2022-23181.patch
 Patch6070: CVE-2022-42252.patch
 Patch6071: CVE-2023-28708-pre.patch
 Patch6072: CVE-2023-28708.patch
 Patch6073: CVE-2023-41080.patch
 BuildRequires: ecj >= 1:4.6.1 findutils apache-commons-collections apache-commons-daemon
 BuildRequires: apache-commons-dbcp apache-commons-pool tomcat-taglibs-standard ant
@ -111,9 +112,8 @@ BuildRequires: jpackage-utils >= 0:1.7.0 java-devel >= 1:1.8.0 junit javapackage
 BuildRequires: geronimo-saaj aqute-bndlib aqute-bnd systemd-units wsdl4j geronimo-jaxrpc
 Requires:      procps jpackage-utils java-headless >= 1:1.8.0 apache-commons-daemon
-Requires:      tomcat-taglibs-standard >= 0:1.1 ecj
+Requires:      tomcat-taglibs-standard >= 0:1.1 ecj libtcnative-1-0 >= 1.2.14
-
+Requires:      apache-commons-dbcp apache-commons-pool apache-commons-collections
 Requires:      libtcnative-1-0 >= 1.2.14
 Requires(pre):    shadow-utils
 Requires(post):   chkconfig
@ -505,6 +505,10 @@ fi
 %{_javadocdir}/%{name}
 %changelog
 * Thu Sep 07 2023 wangkai <13474090681@163.com> - 1:9.0.10-31
 - Fix CVE-2023-41080
 - Add requires apache-commons-dbcp,pool,collections for fix path error
 * Mon Apr 17 2023 wangkai <13474090681@163.com> - 1:9.0.10-30
 - Fix CVE-2023-28708