Accepting request 451318 from security:netfilter

- Add nla-reserve.diff [boo#1020123]
- Update to new upstream release 3.2.29

OBS-URL: https://build.opensuse.org/request/show/451318
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libnl3?expand=0&rev=30
This commit is contained in:
Dominique Leuenberger 2017-01-24 09:29:44 +00:00 committed by Git OBS Bridge
commit 638f240628
7 changed files with 94 additions and 23 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:cd608992c656e8f6e3ab6c1391b162a5a51c49336b9219f7f390e61fc5437c41
size 941954

View File

@ -1,17 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJXf3lAAAoJECnCNm5N/Fco8QoP/3VhxMVup3Z3BwSbLdM5Z7JJ
m6GDpPPfQ/CGnmZr9ANrRK9ZWAZA+8N9Wwd2ZK3zxukvuELMHXmNjRR6DA0V+pBH
9Ekc0TssHItj6IU4PMnTF6JXSJb6DZAvks5tr47FTK93XpC3Vel2fAmpmvkrSPa1
S8BS7S1pHB0LINZjtbwleI5KmVxvFtcHPay3t+b2wNMn7UkQk+uREIhCcg5fjcba
SkeKvA/Iv3MGjUNGqOwXM4MMI9cpspMNOzypuM0NwujvG/8LO6kiekrhSwj52q7O
jDmpBY4ALafcYO5gIA20LpDyD1/lZjyIR0RD6KwhOEN2UCG1XK7D3YsmCOFCGirz
OjPbuJXzcP9eq4Xgswq0d0pvG+aRtTeCVNt0Nzmuu5E0ZWlEEC1gKlKNFpiRWNZs
2xwFoaoU/4gNHYTIGx60eP3C27AAkwqKoq5vUU/0OzzuxvB5B4cyNxojg7GZXh0o
D1yY80iJ0qm1FY4z19GkidMK/REpTRbqVcIcQY4X7b3+uQxAwvZ4PHmqUzQpRMIU
XJ8k4eq3NyJOYlZiOnW8VvFuP/uaCTHXkw3Xos5r5RE/61dJN6j+GllcIZbf8cn+
QUKGPMqvdpebwlvsofwOuL/QOyugLH/zsbMTtnNi2NcLv2s8QnPUSY9hOWAE8Ia1
lcDwIisI6QHyDNd3oMdA
=Ul6m
-----END PGP SIGNATURE-----

3
libnl-3.2.29.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:0beb593dc6abfffa18a5c787b27884979c1b7e7f1fd468c801e3cc938a685922
size 963681

16
libnl-3.2.29.tar.gz.sig Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJYZnh8AAoJECnCNm5N/FcoE98P/AhRpnJ3yCdIC98uxKgjlUTf
PX84m9TER2ATzc+HL+tbfXNrAjSPT+yB71s/og7MxRwZpheoJUHLjLGQogiZ5k6T
p4EJR+u1vgJ8KWjar7UXNqX3V9C4O6ovnP0bXt04K43KaKXtqzZWiE+IrA3kaVy5
6OXrMaFCo+VWITCHHgbdI37Tp9QEFKmlc+SJ6NyyLFTW+xnKM+5dDN89ErtlXcF4
Plns5g7agKKj79O6V9qLu9WtuIaetDkzGigBJm2p/UTtk5WqXYDKWzF0bR0jdDYh
aYHYtJok8nSDd4NYVW9b1Q2gxj3LofkFX4VWooYsGaDaJW/B6sNx7Y4px0AIX32a
7fhzVtWHOH7GFJBLVHQNo/MQVK01mQdZCs9RtbyonWAGTsUt6pTmNW3jHHpxcxW3
ynW3SuwattglmjJOiISb2C3uny+C3sw1WaMpFz/IoWcY3u4xtdrY2v8VqLINinv0
9hgKhMtudk6Uf8el79SdZ8vq4oU+Np3TDMGCdQCIJWvlRld70SHRxES7DVT9xkKO
Dz2mGvk8gbSir5tABA5m8U8/EKetGQjD3A37E4l3n+kD+0CNb87mSKQBwxB77WXa
+0hoxwKElCPjXAOCbjUwkgEKM94jHDOLkO9l8sJT19VLvDOKun3jOkaDJuAe+gOu
AuGyeZU8nNZDhSDVGPRm
=IU5b
-----END PGP SIGNATURE-----

View File

@ -1,3 +1,30 @@
-------------------------------------------------------------------
Wed Jan 18 23:26:00 UTC 2017 - jengelh@inai.de
- Add nla-reserve.diff [boo#1020123]
-------------------------------------------------------------------
Mon Jan 16 17:46:53 UTC 2017 - jengelh@inai.de
- Update to new upstream release 3.2.29
* nl-addr: avoid read-out-of-bound in nl_addr_fill_sockaddr()
* lib: add utility function nl_strerror_l()
* lib/route: allow override of message type during link change
* lib/route: set IFLA_PROTINFO attribute in request message
* lib/route: Add port state translation functions
* lib/route: Extend Bridge Flags
* lib/route: Allow override of IFLA_AF_SPEC nesting
* lib/route: Support IFLA_BRIDGE_MODE
* macvlan: add support for "source" mode
* macvlan: adjust types and merge MACVLAN_HAS_MACCOUNT and
MACVLAN_HAS_MACDATA
* vxlan: add support for additional VXLAN attributes
* lib/route: SRIOV Parse, Read, Clone support
* Add PPP support
* route/act: add gact tc action
* link: add support for IFLA_CARRIER_CHANGES, IFLA_PHYS_PORT_NAME,
IFLA_PHYS_SWITCH_ID, IFLA_GSO_MAX_SEGS and IFLA_GSO_MAX_SIZE
-------------------------------------------------------------------
Wed Aug 10 11:24:07 UTC 2016 - jengelh@inai.de

View File

@ -1,7 +1,7 @@
#
# spec file for package libnl3
#
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -19,8 +19,8 @@
Name: libnl3
%define lname libnl3-200
%define with_tools 1
%define uver 3_2_28
Version: 3.2.28
%define uver 3_2_29
Version: 3.2.29
Release: 0
Summary: Convenience library for working with Netlink sockets
License: LGPL-2.1 and GPL-2.0
@ -33,6 +33,7 @@ Url: http://www.carisma.slowglass.com/~tgr/libnl/#(outdated)
Source: https://github.com/thom311/libnl/releases/download/libnl%uver/libnl-%version.tar.gz
Source2: https://github.com/thom311/libnl/releases/download/libnl%uver/libnl-%version.tar.gz.sig
Source3: baselibs.conf
Patch1: nla-reserve.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: bison >= 2.4
BuildRequires: flex >= 2.5.19
@ -103,6 +104,7 @@ demonstrated.
%prep
%setup -qn libnl-%version
%patch -P 1 -p1
%build
%configure --disable-static

43
nla-reserve.diff Normal file
View File

@ -0,0 +1,43 @@
From c473d59f972c35c5a7363d52ee6ee1e0792de0f8 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Wed, 18 Jan 2017 11:59:23 +0100
Subject: [PATCH] lib/attr.c: check for valid length argument in nla_reserve()
https://github.com/thom311/libnl/issues/124
---
lib/attr.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/lib/attr.c b/lib/attr.c
index a3d1b16..0dca3ec 100644
--- a/lib/attr.c
+++ b/lib/attr.c
@@ -457,7 +457,10 @@ struct nlattr *nla_reserve(struct nl_msg *msg, int attrtype, int attrlen)
{
struct nlattr *nla;
int tlen;
-
+
+ if (attrlen < 0)
+ return NULL;
+
tlen = NLMSG_ALIGN(msg->nm_nlh->nlmsg_len) + nla_total_size(attrlen);
if (tlen > msg->nm_size)
@@ -499,8 +502,12 @@ int nla_put(struct nl_msg *msg, int attrtype, int datalen, const void *data)
struct nlattr *nla;
nla = nla_reserve(msg, attrtype, datalen);
- if (!nla)
+ if (!nla) {
+ if (datalen < 0)
+ return -NLE_INVAL;
+
return -NLE_NOMEM;
+ }
if (datalen > 0) {
memcpy(nla_data(nla), data, datalen);
--
2.11.0