Accepting request 1248746 from Archiving

OBS-URL: https://build.opensuse.org/request/show/1248746 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=55
2025-02-27 13:50:05 +00:00 · 2025-02-27 13:50:05 +00:00 · 46304d1730
commit 46304d1730
parent ef93d764e9 875ebe6f8b
3 changed files with 41 additions and 1 deletions
--- a/CVE-2024-57970.patch
+++ b/CVE-2024-57970.patch
@ -0,0 +1,31 @@
+From ca233156bfecef7fe713fe7bb86decfda728e364 Mon Sep 17 00:00:00 2001
+From: Tim Kientzle <kientzle@acm.org>
+Date: Wed, 4 Dec 2024 10:41:12 -0800
+Subject: [PATCH] Handle truncation in the middle of a GNU long linkname
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Thanks to gbdngb12 김동건 for reporting this.
+
+Resolves Issue #2415
+---
+ libarchive/archive_read_support_format_tar.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/libarchive/archive_read_support_format_tar.c b/libarchive/archive_read_support_format_tar.c
+index 4aaf1b90ce..b1344ae57d 100644
+--- a/libarchive/archive_read_support_format_tar.c
+++ b/libarchive/archive_read_support_format_tar.c
+@@ -1146,7 +1146,9 @@ header_gnu_longlink(struct archive_read *a, struct tar *tar,
+ 	struct archive_string linkpath;
+ 	archive_string_init(&linkpath);
+ 	err = read_body_to_string(a, tar, &linkpath, h, unconsumed);
+-	archive_entry_set_link(entry, linkpath.s);
+	if (err == ARCHIVE_OK) {
+		archive_entry_set_link(entry, linkpath.s);
+	}
+ 	archive_string_free(&linkpath);
+ 	return (err);
+ }
+
--- a/libarchive.changes
+++ b/libarchive.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Tue Feb 25 15:14:11 UTC 2025 - Antonio Teixeira <antonio.teixeira@suse.com>
+
+- Fix CVE-2024-57970, heap-based buffer over-read in header_gnu_longlink
+  because it mishandles truncation (CVE-2024-57970, bsc#1237233)
+  * CVE-2024-57970.patch
+
 -------------------------------------------------------------------
 Thu Oct 17 08:41:56 UTC 2024 - Antonio Teixeira <antonio.teixeira@suse.com>

--- a/libarchive.spec
+++ b/libarchive.spec
@ -1,7 +1,7 @@
 #
 # spec file for package libarchive
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -41,6 +41,8 @@ Source1:        https://github.com/libarchive/libarchive/releases/download/v%{ve
 Source2:        libarchive.keyring
 Source1000:     baselibs.conf
 Patch1:         lib-suffix.patch
+# PATCH-FIX-UPSTREAM CVE-2024-57970.patch bsc#1237233 antonio.teixeira@suse.com
+Patch2:         CVE-2024-57970.patch
 BuildRequires:  cmake
 BuildRequires:  libacl-devel
 BuildRequires:  libbz2-devel