Accepting request 887071 from GNOME:Next
- Add avahi-CVE-2021-3468.patch: avoid infinite loop by handling HUP event in client_work (boo#1184521 CVE-2021-3468). https://github.com/lathiat/avahi/pull/330 OBS-URL: https://build.opensuse.org/request/show/887071 OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/avahi?expand=0&rev=184
This commit is contained in:
parent
bdcdeadf85
commit
77b1b60360
40
avahi-CVE-2021-3468.patch
Normal file
40
avahi-CVE-2021-3468.patch
Normal file
@ -0,0 +1,40 @@
|
||||
From 447affe29991ee99c6b9732fc5f2c1048a611d3b Mon Sep 17 00:00:00 2001
|
||||
From: Riccardo Schirone <sirmy15@gmail.com>
|
||||
Date: Fri, 26 Mar 2021 11:50:24 +0100
|
||||
Subject: [PATCH] Avoid infinite-loop in avahi-daemon by handling HUP event in
|
||||
client_work
|
||||
|
||||
If a client fills the input buffer, client_work() disables the
|
||||
AVAHI_WATCH_IN event, thus preventing the function from executing the
|
||||
`read` syscall the next times it is called. However, if the client then
|
||||
terminates the connection, the socket file descriptor receives a HUP
|
||||
event, which is not handled, thus the kernel keeps marking the HUP event
|
||||
as occurring. While iterating over the file descriptors that triggered
|
||||
an event, the client file descriptor will keep having the HUP event and
|
||||
the client_work() function is always called with AVAHI_WATCH_HUP but
|
||||
without nothing being done, thus entering an infinite loop.
|
||||
|
||||
See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984938
|
||||
---
|
||||
avahi-daemon/simple-protocol.c | 5 +++++
|
||||
1 file changed, 5 insertions(+)
|
||||
|
||||
diff --git a/avahi-daemon/simple-protocol.c b/avahi-daemon/simple-protocol.c
|
||||
index 3e0ebb1..6c0274d 100644
|
||||
--- a/avahi-daemon/simple-protocol.c
|
||||
+++ b/avahi-daemon/simple-protocol.c
|
||||
@@ -424,6 +424,11 @@ static void client_work(AvahiWatch *watch, AVAHI_GCC_UNUSED int fd, AvahiWatchEv
|
||||
}
|
||||
}
|
||||
|
||||
+ if (events & AVAHI_WATCH_HUP) {
|
||||
+ client_free(c);
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
c->server->poll_api->watch_update(
|
||||
watch,
|
||||
(c->outbuf_length > 0 ? AVAHI_WATCH_OUT : 0) |
|
||||
--
|
||||
2.31.1
|
||||
|
@ -77,6 +77,8 @@ Patch4: avahi-daemon-check-dns-suse.patch
|
||||
Patch19: avahi-0.6.32-suppress-resolv-conf-warning.patch
|
||||
# PATCH-FIX-UPSTREAM add-IT_PROG_INTLTOOL.patch alarrosa@suse.com -- add IT_PROG_INTLTOOL so intltool works
|
||||
Patch20: add-IT_PROG_INTLTOOL.patch
|
||||
# PATCH-FIX-UPSTREAM avahi-CVE-2021-3468.patch boo#1184521 mgorse@suse.com -- avoid infinite loop by handling HUP event in client_work.
|
||||
Patch21: avahi-CVE-2021-3468.patch
|
||||
BuildRequires: fdupes
|
||||
BuildRequires: gcc-c++
|
||||
BuildRequires: gdbm-devel
|
||||
@ -261,6 +263,7 @@ Avahi is an implementation of the DNS Service Discovery and Multicast
|
||||
DNS specifications for Zeroconf Computing.
|
||||
|
||||
%else
|
||||
|
||||
%package -n python3-avahi
|
||||
Summary: A set of Avahi utilities written in Python
|
||||
Group: Development/Languages/Python
|
||||
@ -404,6 +407,7 @@ Avahi is an implementation of the DNS Service Discovery and Multicast
|
||||
DNS specifications for Zeroconf Computing.
|
||||
|
||||
# This is the avahi-discover command, only provided for the primary python3 flavor
|
||||
|
||||
%package -n python3-avahi-gtk
|
||||
Summary: A set of Avahi utilities written in Python Using python-gtk
|
||||
Group: Development/Languages/Python
|
||||
@ -514,6 +518,7 @@ translation-update-upstream
|
||||
%patch4
|
||||
%patch19 -p1
|
||||
%patch20 -p1
|
||||
%patch21 -p1
|
||||
|
||||
%if !%{build_core}
|
||||
# Replace all .la references from local .la files to installed versions
|
||||
@ -798,6 +803,7 @@ find %{_localstatedir}/lib/avahi-autoipd -user avahi -exec chown avahi-autoipd:a
|
||||
%postun -n python-avahi
|
||||
%python_uninstall_alternative avahi-bookmarks
|
||||
%else
|
||||
|
||||
%post -n python3-avahi
|
||||
%python_install_alternative avahi-bookmarks avahi-bookmarks.1
|
||||
|
||||
@ -974,6 +980,7 @@ find %{_localstatedir}/lib/avahi-autoipd -user avahi -exec chown avahi-autoipd:a
|
||||
%if %{build_core}
|
||||
%files -n avahi-mono
|
||||
%else
|
||||
|
||||
%files
|
||||
%endif
|
||||
%defattr(-,root,root)
|
||||
|
@ -77,6 +77,8 @@ Patch4: avahi-daemon-check-dns-suse.patch
|
||||
Patch19: avahi-0.6.32-suppress-resolv-conf-warning.patch
|
||||
# PATCH-FIX-UPSTREAM add-IT_PROG_INTLTOOL.patch alarrosa@suse.com -- add IT_PROG_INTLTOOL so intltool works
|
||||
Patch20: add-IT_PROG_INTLTOOL.patch
|
||||
# PATCH-FIX-UPSTREAM avahi-CVE-2021-3468.patch boo#1184521 mgorse@suse.com -- avoid infinite loop by handling HUP event in client_work.
|
||||
Patch21: avahi-CVE-2021-3468.patch
|
||||
BuildRequires: fdupes
|
||||
BuildRequires: gcc-c++
|
||||
BuildRequires: gdbm-devel
|
||||
@ -260,6 +262,7 @@ Avahi is an implementation of the DNS Service Discovery and Multicast
|
||||
DNS specifications for Zeroconf Computing.
|
||||
|
||||
%else
|
||||
|
||||
%package -n python3-avahi
|
||||
Summary: A set of Avahi utilities written in Python
|
||||
Group: Development/Languages/Python
|
||||
@ -403,6 +406,7 @@ Avahi is an implementation of the DNS Service Discovery and Multicast
|
||||
DNS specifications for Zeroconf Computing.
|
||||
|
||||
# This is the avahi-discover command, only provided for the primary python3 flavor
|
||||
|
||||
%package -n python3-avahi-gtk
|
||||
Summary: A set of Avahi utilities written in Python Using python-gtk
|
||||
Group: Development/Languages/Python
|
||||
@ -451,7 +455,6 @@ DNS specifications for Zeroconf Computing.
|
||||
%if %{build_mono}
|
||||
%package -n avahi-mono
|
||||
Summary: Mono Bindings for avahi, the D-BUS Service for Zeroconf and Bonjour
|
||||
License: LGPL-2.1-or-later
|
||||
Group: Development/Languages/Mono
|
||||
Requires: gtk-sharp2
|
||||
Requires: libavahi-client%{avahi_client_sover} >= %{version}
|
||||
@ -514,6 +517,7 @@ translation-update-upstream
|
||||
%patch4
|
||||
%patch19 -p1
|
||||
%patch20 -p1
|
||||
%patch21 -p1
|
||||
|
||||
%if !%{build_core}
|
||||
# Replace all .la references from local .la files to installed versions
|
||||
@ -798,6 +802,7 @@ find %{_localstatedir}/lib/avahi-autoipd -user avahi -exec chown avahi-autoipd:a
|
||||
%postun -n python-avahi
|
||||
%python_uninstall_alternative avahi-bookmarks
|
||||
%else
|
||||
|
||||
%post -n python3-avahi
|
||||
%python_install_alternative avahi-bookmarks avahi-bookmarks.1
|
||||
|
||||
@ -974,6 +979,7 @@ find %{_localstatedir}/lib/avahi-autoipd -user avahi -exec chown avahi-autoipd:a
|
||||
%if %{build_core}
|
||||
%files -n avahi-mono
|
||||
%else
|
||||
|
||||
%files
|
||||
%endif
|
||||
%defattr(-,root,root)
|
||||
|
@ -77,6 +77,8 @@ Patch4: avahi-daemon-check-dns-suse.patch
|
||||
Patch19: avahi-0.6.32-suppress-resolv-conf-warning.patch
|
||||
# PATCH-FIX-UPSTREAM add-IT_PROG_INTLTOOL.patch alarrosa@suse.com -- add IT_PROG_INTLTOOL so intltool works
|
||||
Patch20: add-IT_PROG_INTLTOOL.patch
|
||||
# PATCH-FIX-UPSTREAM avahi-CVE-2021-3468.patch boo#1184521 mgorse@suse.com -- avoid infinite loop by handling HUP event in client_work.
|
||||
Patch21: avahi-CVE-2021-3468.patch
|
||||
BuildRequires: fdupes
|
||||
BuildRequires: gcc-c++
|
||||
BuildRequires: gdbm-devel
|
||||
@ -261,6 +263,7 @@ Avahi is an implementation of the DNS Service Discovery and Multicast
|
||||
DNS specifications for Zeroconf Computing.
|
||||
|
||||
%else
|
||||
|
||||
%package -n python3-avahi
|
||||
Summary: A set of Avahi utilities written in Python
|
||||
Group: Development/Languages/Python
|
||||
@ -404,6 +407,7 @@ Avahi is an implementation of the DNS Service Discovery and Multicast
|
||||
DNS specifications for Zeroconf Computing.
|
||||
|
||||
# This is the avahi-discover command, only provided for the primary python3 flavor
|
||||
|
||||
%package -n python3-avahi-gtk
|
||||
Summary: A set of Avahi utilities written in Python Using python-gtk
|
||||
Group: Development/Languages/Python
|
||||
@ -514,6 +518,7 @@ translation-update-upstream
|
||||
%patch4
|
||||
%patch19 -p1
|
||||
%patch20 -p1
|
||||
%patch21 -p1
|
||||
|
||||
%if !%{build_core}
|
||||
# Replace all .la references from local .la files to installed versions
|
||||
@ -798,6 +803,7 @@ find %{_localstatedir}/lib/avahi-autoipd -user avahi -exec chown avahi-autoipd:a
|
||||
%postun -n python-avahi
|
||||
%python_uninstall_alternative avahi-bookmarks
|
||||
%else
|
||||
|
||||
%post -n python3-avahi
|
||||
%python_install_alternative avahi-bookmarks avahi-bookmarks.1
|
||||
|
||||
@ -974,6 +980,7 @@ find %{_localstatedir}/lib/avahi-autoipd -user avahi -exec chown avahi-autoipd:a
|
||||
%if %{build_core}
|
||||
%files -n avahi-mono
|
||||
%else
|
||||
|
||||
%files
|
||||
%endif
|
||||
%defattr(-,root,root)
|
||||
|
@ -1,3 +1,10 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Apr 20 16:17:54 UTC 2021 - Michael Gorse <mgorse@suse.com>
|
||||
|
||||
- Add avahi-CVE-2021-3468.patch: avoid infinite loop by handling
|
||||
HUP event in client_work (boo#1184521 CVE-2021-3468).
|
||||
https://github.com/lathiat/avahi/pull/330
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Feb 16 22:37:35 UTC 2021 - Michael Gorse <mgorse@suse.com>
|
||||
|
||||
|
@ -79,6 +79,8 @@ Patch4: avahi-daemon-check-dns-suse.patch
|
||||
Patch19: avahi-0.6.32-suppress-resolv-conf-warning.patch
|
||||
# PATCH-FIX-UPSTREAM add-IT_PROG_INTLTOOL.patch alarrosa@suse.com -- add IT_PROG_INTLTOOL so intltool works
|
||||
Patch20: add-IT_PROG_INTLTOOL.patch
|
||||
# PATCH-FIX-UPSTREAM avahi-CVE-2021-3468.patch boo#1184521 mgorse@suse.com -- avoid infinite loop by handling HUP event in client_work.
|
||||
Patch21: avahi-CVE-2021-3468.patch
|
||||
BuildRequires: fdupes
|
||||
BuildRequires: gcc-c++
|
||||
BuildRequires: gdbm-devel
|
||||
@ -263,6 +265,7 @@ Avahi is an implementation of the DNS Service Discovery and Multicast
|
||||
DNS specifications for Zeroconf Computing.
|
||||
|
||||
%else
|
||||
|
||||
%package -n python3-avahi
|
||||
Summary: A set of Avahi utilities written in Python
|
||||
Group: Development/Languages/Python
|
||||
@ -406,6 +409,7 @@ Avahi is an implementation of the DNS Service Discovery and Multicast
|
||||
DNS specifications for Zeroconf Computing.
|
||||
|
||||
# This is the avahi-discover command, only provided for the primary python3 flavor
|
||||
|
||||
%package -n python3-avahi-gtk
|
||||
Summary: A set of Avahi utilities written in Python Using python-gtk
|
||||
Group: Development/Languages/Python
|
||||
@ -509,6 +513,7 @@ translation-update-upstream
|
||||
%patch4
|
||||
%patch19 -p1
|
||||
%patch20 -p1
|
||||
%patch21 -p1
|
||||
|
||||
%if !%{build_core}
|
||||
# Replace all .la references from local .la files to installed versions
|
||||
@ -793,6 +798,7 @@ find %{_localstatedir}/lib/avahi-autoipd -user avahi -exec chown avahi-autoipd:a
|
||||
%postun -n python-avahi
|
||||
%python_uninstall_alternative avahi-bookmarks
|
||||
%else
|
||||
|
||||
%post -n python3-avahi
|
||||
%python_install_alternative avahi-bookmarks avahi-bookmarks.1
|
||||
|
||||
@ -969,6 +975,7 @@ find %{_localstatedir}/lib/avahi-autoipd -user avahi -exec chown avahi-autoipd:a
|
||||
%if %{build_core}
|
||||
%files -n avahi-mono
|
||||
%else
|
||||
|
||||
%files
|
||||
%endif
|
||||
%defattr(-,root,root)
|
||||
|
Loading…
Reference in New Issue
Block a user