diff --git a/CVE-2024-57970.patch b/CVE-2024-57970.patch new file mode 100644 index 0000000..4d020d8 --- /dev/null +++ b/CVE-2024-57970.patch @@ -0,0 +1,31 @@ +From ca233156bfecef7fe713fe7bb86decfda728e364 Mon Sep 17 00:00:00 2001 +From: Tim Kientzle +Date: Wed, 4 Dec 2024 10:41:12 -0800 +Subject: [PATCH] Handle truncation in the middle of a GNU long linkname +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Thanks to gbdngb12 김동건 for reporting this. + +Resolves Issue #2415 +--- + libarchive/archive_read_support_format_tar.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/libarchive/archive_read_support_format_tar.c b/libarchive/archive_read_support_format_tar.c +index 4aaf1b90ce..b1344ae57d 100644 +--- a/libarchive/archive_read_support_format_tar.c ++++ b/libarchive/archive_read_support_format_tar.c +@@ -1146,7 +1146,9 @@ header_gnu_longlink(struct archive_read *a, struct tar *tar, + struct archive_string linkpath; + archive_string_init(&linkpath); + err = read_body_to_string(a, tar, &linkpath, h, unconsumed); +- archive_entry_set_link(entry, linkpath.s); ++ if (err == ARCHIVE_OK) { ++ archive_entry_set_link(entry, linkpath.s); ++ } + archive_string_free(&linkpath); + return (err); + } + diff --git a/libarchive.changes b/libarchive.changes index fd6f001..bbdf301 100644 --- a/libarchive.changes +++ b/libarchive.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Tue Feb 25 15:14:11 UTC 2025 - Antonio Teixeira + +- Fix CVE-2024-57970, heap-based buffer over-read in header_gnu_longlink + because it mishandles truncation (CVE-2024-57970, bsc#1237233) + * CVE-2024-57970.patch + ------------------------------------------------------------------- Thu Oct 17 08:41:56 UTC 2024 - Antonio Teixeira diff --git a/libarchive.spec b/libarchive.spec index f610a43..71a5121 100644 --- a/libarchive.spec +++ b/libarchive.spec @@ -1,7 +1,7 @@ # # spec file for package libarchive # -# Copyright (c) 2024 SUSE LLC +# Copyright (c) 2025 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -41,6 +41,8 @@ Source1: https://github.com/libarchive/libarchive/releases/download/v%{ve Source2: libarchive.keyring Source1000: baselibs.conf Patch1: lib-suffix.patch +# PATCH-FIX-UPSTREAM CVE-2024-57970.patch bsc#1237233 antonio.teixeira@suse.com +Patch2: CVE-2024-57970.patch BuildRequires: cmake BuildRequires: libacl-devel BuildRequires: libbz2-devel