Accepting request 492515 from home:pmonrealgonzalez:branches:Java:packages
- Fix for CVE-2017-3523 (bsc#1035697) * Unexpected automatic deserialisation of Java objects * Affected software: MySQL Connector/J * Remote Code Execution Vulnerability - Added patch: mysql-connector-java-5.1.35-CVE-2017-3523.patch OBS-URL: https://build.opensuse.org/request/show/492515 OBS-URL: https://build.opensuse.org/package/show/Java:packages/mysql-connector-java?expand=0&rev=29
This commit is contained in:
parent
3e31a322cf
commit
918e798c4c
49
mysql-connector-java-5.1.35-CVE-2017-3523.patch
Normal file
49
mysql-connector-java-5.1.35-CVE-2017-3523.patch
Normal file
@ -0,0 +1,49 @@
|
|||||||
|
--- mysql-connector-java-5.1.35.orig/src/com/mysql/jdbc/ResultSetImpl.java
|
||||||
|
+++ mysql-connector-java-5.1.35/src/com/mysql/jdbc/ResultSetImpl.java
|
||||||
|
@@ -3436,27 +3436,26 @@ public class ResultSetImpl implements Re
|
||||||
|
byte[] data = getBytes(columnIndex);
|
||||||
|
Object obj = data;
|
||||||
|
|
||||||
|
- if ((data != null) && (data.length >= 2)) {
|
||||||
|
- if ((data[0] == -84) && (data[1] == -19)) {
|
||||||
|
- // Serialized object?
|
||||||
|
- try {
|
||||||
|
- ByteArrayInputStream bytesIn = new ByteArrayInputStream(data);
|
||||||
|
- ObjectInputStream objIn = new ObjectInputStream(bytesIn);
|
||||||
|
- obj = objIn.readObject();
|
||||||
|
- objIn.close();
|
||||||
|
- bytesIn.close();
|
||||||
|
- } catch (ClassNotFoundException cnfe) {
|
||||||
|
- throw SQLError.createSQLException(
|
||||||
|
- Messages.getString("ResultSet.Class_not_found___91") + cnfe.toString()
|
||||||
|
- + Messages.getString("ResultSet._while_reading_serialized_object_92"), getExceptionInterceptor());
|
||||||
|
- } catch (IOException ex) {
|
||||||
|
- obj = data; // not serialized?
|
||||||
|
+ if (this.connection.getAutoDeserialize()) {
|
||||||
|
+ if ((data != null) && (data.length >= 2)) {
|
||||||
|
+ if ((data[0] == -84) && (data[1] == -19)) {
|
||||||
|
+ // Serialized object?
|
||||||
|
+ try {
|
||||||
|
+ ByteArrayInputStream bytesIn = new ByteArrayInputStream(data);
|
||||||
|
+ ObjectInputStream objIn = new ObjectInputStream(bytesIn);
|
||||||
|
+ obj = objIn.readObject();
|
||||||
|
+ objIn.close();
|
||||||
|
+ bytesIn.close();
|
||||||
|
+ } catch (ClassNotFoundException cnfe) {
|
||||||
|
+ throw SQLError.createSQLException(Messages.getString("ResultSet.Class_not_found___91") + cnfe.toString()
|
||||||
|
+ + Messages.getString("ResultSet._while_reading_serialized_object_92"), getExceptionInterceptor());
|
||||||
|
+ } catch (IOException ex) {
|
||||||
|
+ obj = data; // not serialized?
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- return obj.toString();
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
+ return obj.toString();
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
return extractStringFromNativeColumn(columnIndex, mysqlType);
|
||||||
|
}
|
||||||
|
|
@ -1,3 +1,12 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue May 2 15:20:16 UTC 2017 - pmonrealgonzalez@suse.com
|
||||||
|
|
||||||
|
- Fix for CVE-2017-3523 (bsc#1035697)
|
||||||
|
* Unexpected automatic deserialisation of Java objects
|
||||||
|
* Affected software: MySQL Connector/J
|
||||||
|
* Remote Code Execution Vulnerability
|
||||||
|
- Added patch: mysql-connector-java-5.1.35-CVE-2017-3523.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Jun 11 15:11:55 UTC 2015 - tchvatal@suse.com
|
Thu Jun 11 15:11:55 UTC 2015 - tchvatal@suse.com
|
||||||
|
|
||||||
|
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package mysql-connector-java
|
# spec file for package mysql-connector-java
|
||||||
#
|
#
|
||||||
# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
|
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
@ -37,6 +37,9 @@ Patch2: no-jdk5-requirement.patch
|
|||||||
Patch3: mysql-connector-java-jdbc-4.1.patch
|
Patch3: mysql-connector-java-jdbc-4.1.patch
|
||||||
# PATCH-FIX-UPSTREAM: do not lose classpath during tests build
|
# PATCH-FIX-UPSTREAM: do not lose classpath during tests build
|
||||||
Patch4: use-classpath-in-tests.patch
|
Patch4: use-classpath-in-tests.patch
|
||||||
|
# PATCH_FIX-UPSTREAM: CVE-2017-3523 Oracle MySQL <=5.1.40 Connector/J
|
||||||
|
# Remote Code Execution Vulnerability
|
||||||
|
Patch5: mysql-connector-java-5.1.35-CVE-2017-3523.patch
|
||||||
BuildRequires: ant
|
BuildRequires: ant
|
||||||
BuildRequires: ant-contrib
|
BuildRequires: ant-contrib
|
||||||
BuildRequires: apache-commons-logging
|
BuildRequires: apache-commons-logging
|
||||||
@ -74,6 +77,7 @@ set that supports the capabilities of MySQL.
|
|||||||
%patch2 -p1
|
%patch2 -p1
|
||||||
%patch3 -p1
|
%patch3 -p1
|
||||||
%patch4 -p1
|
%patch4 -p1
|
||||||
|
%patch5 -p1
|
||||||
|
|
||||||
# dup
|
# dup
|
||||||
rm -f README
|
rm -f README
|
||||||
|
Loading…
Reference in New Issue
Block a user