ALP-pool/apr
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sync from SUSE:ALP:Source:Standard:1.0 apr revision 467b58ebee89ef4f5b61273148027616

Browse Source
This commit is contained in:
Adrian Schröter 2024-11-29 10:11:40 +01:00
parent 5e95642159
commit 6b56eca753
3 changed files with 62 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
apr-CVE-2023-49582.patch Normal file
View File

@ -0,0 +1,52 @@
diff --git a/shmem/unix/shm.c b/shmem/unix/shm.c
index 096884d99d..ea9b94277b 100644
--- a/shmem/unix/shm.c
+++ b/shmem/unix/shm.c
@@ -287,10 +287,9 @@ APR_DECLARE(apr_status_t) apr_shm_create(apr_shm_t **m,
status = APR_SUCCESS;
#if APR_USE_SHMEM_MMAP_TMP
- /* FIXME: Is APR_OS_DEFAULT sufficient? */
- status = apr_file_open(&file, filename,
- APR_READ | APR_WRITE | APR_CREATE | APR_EXCL,
- APR_OS_DEFAULT, pool);
+ status = apr_file_open(&file, filename,
+ APR_FOPEN_READ | APR_FOPEN_WRITE | APR_FOPEN_CREATE | APR_FOPEN_EXCL,
+ APR_FPROT_UREAD | APR_FPROT_UWRITE, pool);
if (status != APR_SUCCESS) {
return status;
}
@@ -319,8 +318,7 @@ APR_DECLARE(apr_status_t) apr_shm_create(apr_shm_t **m,
}
#endif /* APR_USE_SHMEM_MMAP_TMP */
#if APR_USE_SHMEM_MMAP_SHM
- /* FIXME: SysV uses 0600... should we? */
- tmpfd = shm_open(shm_name, O_RDWR | O_CREAT | O_EXCL, 0644);
+ tmpfd = shm_open(shm_name, O_RDWR | O_CREAT | O_EXCL, 0600);
if (tmpfd == -1) {
return errno;
}
@@ -361,10 +359,9 @@ APR_DECLARE(apr_status_t) apr_shm_create(apr_shm_t **m,
#elif APR_USE_SHMEM_SHMGET
new_m->realsize = reqsize;
- /* FIXME: APR_OS_DEFAULT is too permissive, switch to 600 I think. */
- status = apr_file_open(&file, filename,
+ status = apr_file_open(&file, filename,
APR_FOPEN_WRITE | APR_FOPEN_CREATE | APR_FOPEN_EXCL,
- APR_OS_DEFAULT, pool);
+ APR_FPROT_UREAD | APR_FPROT_UWRITE, pool);
if (status != APR_SUCCESS) {
return status;
}
@@ -555,8 +552,7 @@ APR_DECLARE(apr_status_t) apr_shm_attach(apr_shm_t **m,
#if APR_USE_SHMEM_MMAP_SHM
const char *shm_name = make_shm_open_safe_name(filename, pool);
- /* FIXME: SysV uses 0600... should we? */
- tmpfd = shm_open(shm_name, O_RDWR, 0644);
+ tmpfd = shm_open(shm_name, O_RDWR, 0600);
if (tmpfd == -1) {
return errno;
}

8
apr.changes
View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Wed Sep 18 08:52:31 UTC 2024 - pgajdos@suse.com
- security update
- added patches
fix CVE-2023-49582 [bsc#1229783], unexpected lax shared memory permissions
+ apr-CVE-2023-49582.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Apr 20 10:29:07 UTC 2023 - pgajdos@suse.com Thu Apr 20 10:29:07 UTC 2023 - pgajdos@suse.com

2
apr.spec
View File

@ -34,6 +34,8 @@ Patch5: apr-visibility.patch
Patch9: apr-proc-mutex-map-anon.patch Patch9: apr-proc-mutex-map-anon.patch
# prevent random failures of the testsuite (sendfile test) # prevent random failures of the testsuite (sendfile test)
Patch10: apr-test-sendfile-timeout.patch Patch10: apr-test-sendfile-timeout.patch
# CVE-2023-49582 [bsc#1229783], unexpected lax shared memory permissions
Patch11: apr-CVE-2023-49582.patch
BuildRequires: doxygen BuildRequires: doxygen
BuildRequires: fdupes BuildRequires: fdupes
BuildRequires: libuuid-devel BuildRequires: libuuid-devel