Accepting request 977689 from home:susnux:branches:network:samba:STABLE

Update to version 6.15 for CVE-2022-27239 OBS-URL: https://build.opensuse.org/request/show/977689 OBS-URL: https://build.opensuse.org/package/show/network:samba:STABLE/cifs-utils?expand=0&rev=198
2022-05-17 14:50:31 +00:00 · 2022-05-17 14:50:31 +00:00 · 6d5a4df918
commit 6d5a4df918
parent 7c16331f0a
6 changed files with 30 additions and 21 deletions
--- a/cifs-utils-6.14.tar.bz2
+++ b/cifs-utils-6.14.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:6609e8074b5421295ff012a31f02ccd9a058415c619c81362ebb788dbf0756b8
-size 416593
--- a/cifs-utils-6.14.tar.bz2.asc
+++ b/cifs-utils-6.14.tar.bz2.asc
@ -1,17 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-Version: GnuPG v2
-
-iQIcBAABCAAGBQJhTRMsAAoJEN9bqdMGQtWgK6sP/0uimVcnqGm4O8uzzJfHtpUA
-aQSeaVlDIM4boR+LcNCkKqdbLkgxxM/4Wd3J/Utc0jieriggWPxpduVi8ACsY4I3
-9CpxrscOMUOaFe7Zf30ePDaAXDYBcTUMtamM7zE5R7qtpdgC7dnnmhxhL9hq4Kry
-YeM4bJW4Fq0uTkAa980WD7HTML5o7/WS29ZtmsRiYEiIVRdBTrpPr/4/gPXtv8HD
-kCdlExz6mAYKmifLm9QSqtdaV9rS+8WEQJwf72mTT4L400Eb81FnMhslhNjXDU3Q
-aHC+guz1WCXv/HuIATf6lH/EWcfK0mE2ygYi2TaLcazooiUg7U07uLlbwnqmsrWR
-e3MVFv3fD1ZRE/Td6Xos6+QPgMJ0VCXxyq2GYHnQ7lQJXqWUuhBHpbP78r8/j1c7
-URiWDh0LoAPbY3Rge6wh5INk3L3XJGFLPDx6O6HEg/rCUo8xKduE/pFv6Fnrv2G+
-/LQjd15C+Fx6OnAUklvTKj2va4phe+pM2opKMn2aQ9IJJWA29LFcCzTx9jQiHGA0
-BkvOn6jQVelscqyLoZFgbaophjW0xoZ143tz4Xx1mUhpyKEdZpfIRzmw9IoSHhIp
-UfdIswcOYWK5SEjT6pRpG7rI23bZxrxLnx1pxsaeeELOQDinjskZnxGEYisxsRCr
-LRG9Cv0qbq8VPwbKxACT
-=ukcP
-----END PGP SIGNATURE-----
--- a/cifs-utils-6.15.tar.bz2
+++ b/cifs-utils-6.15.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:a7b6940e93250c1676a6fa66b6ead91b78cd43a5fee99cc462459c8b9cf1e6f4
+size 416592
--- a/cifs-utils-6.15.tar.bz2.asc
+++ b/cifs-utils-6.15.tar.bz2.asc
@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2
+
+iQIcBAABCAAGBQJibF2XAAoJEN9bqdMGQtWgWREQAIRoGBUwRVE0V5Or8qL49wAb
+fAsF67oKztLdzwMAFoiPOwVWdLKjyJJwKQ1c8bXNqsh3lFLQAXDRTknCOpopp1+G
+IRHTTihpJbD6jctjnvScgQmVBDvM08jorg8wNu3+dBD6Vk8UlxAADzgmWN4b/0pH
+ymglw1CW/puaiNza/l3+hWnsG7Ak1T/kg5lap3vV63tVi/drO7LEXRo3peesEJSx
+TTifETrIMziE3vAixBKc+6NA1yfYIuEkXQpxHOfD84NCB/wd/KZO2PstQDkxk6aJ
+rE3Yj5i/aKpvSRUByB/ccynSh2OWc5HSpkgpTju/QjKY+keOMziqkcrNkYJThO2I
+aogguOyfihCdZczrfG6pneDTw/QdS92MJijMxGqNY/Yxq0jRntfOA83pTDSq5o8V
+24p9noO2Vq66p0LFctl8Vl6M+N/VdQrHR1Rb60MEbStaOBLyvM5AAal3IdA8dEMQ
+PZZaUP/I2ySH9BmR7UzvFcI+viL5l8DYcdD5D404EfrEg5vK3jJF2G2SMwirCSDP
+CU4BedX1TBFxbPSb4hEN6OEC1i48OmIV2SZyY1SZddXh4tULX8OsTeGQ7moHsfoA
+49PZmddKTuBAA9LQ3916JxK8pLFlqCcY/aZhlfxxktyVh5P+PLQ1gwx3CGBWtQBU
+vGy2dD76KS6PBH6PQYsJ
+=V1B/
+-----END PGP SIGNATURE-----
--- a/cifs-utils.changes
+++ b/cifs-utils.changes
@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Tue May 17 09:11:59 UTC 2022 - Ferdinand Thiessen <rpm@fthiessen.de>
+
+- Update to version 6.15
+  * CVE-2022-27239: mount.cifs: fix length check for ip option parsing
+    Previous check was true whatever the length of the input string was,
+    leading to a buffer overflow in the subsequent strcpy call.
+  * mount.cifs: fix verbose messages on option parsing
+
 -------------------------------------------------------------------
 Mon Jan 17 09:22:17 UTC 2022 - Enzo Matsumiya <ematsumiya@suse.de>

--- a/cifs-utils.spec
+++ b/cifs-utils.spec
@ -21,7 +21,7 @@
 %endif

 Name:           cifs-utils
-Version:        6.14
+Version:        6.15
 Release:        0
 Summary:        Utilities for doing and managing mounts of the Linux CIFS filesystem
 License:        GPL-3.0-or-later