diff --git a/testng-CVE-2022-4065.patch b/testng-CVE-2022-4065.patch new file mode 100644 index 0000000..b476356 --- /dev/null +++ b/testng-CVE-2022-4065.patch @@ -0,0 +1,14 @@ +diff --git a/src/main/java/org/testng/JarFileUtils.java b/src/main/java/org/testng/JarFileUtils.java +index 683a8b5..2f2ed8f 100644 +--- a/src/main/java/org/testng/JarFileUtils.java ++++ b/src/main/java/org/testng/JarFileUtils.java +@@ -77,6 +77,9 @@ class JarFileUtils { + if (Parser.canParse(jeName.toLowerCase())) { + InputStream inputStream = jf.getInputStream(je); + File copyFile = new File(file, jeName); ++ if (!copyFile.toPath().normalize().startsWith(file.toPath().normalize())) { ++ throw new IOException("Bad zip entry"); ++ } + Files.copyFile(inputStream, copyFile); + if (matchesXmlPathInJar(je)) { + suitePath = copyFile.toString(); diff --git a/testng.changes b/testng.changes index b63c201..37b367c 100644 --- a/testng.changes +++ b/testng.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Tue Nov 22 12:13:04 UTC 2022 - Fridrich Strba + +- Added patch: + * testng-CVE-2022-4065.patch + + Issues in sanitization of zip files could lead to path + traversal and potentially code execution (bsc#1205628, + CVE-2022-4065) + ------------------------------------------------------------------- Wed Apr 27 13:42:54 UTC 2022 - Fridrich Strba diff --git a/testng.spec b/testng.spec index dc833c4..6b91844 100644 --- a/testng.spec +++ b/testng.spec @@ -28,6 +28,7 @@ Source1: pom.xml Source2: %{name}-build.xml Patch0: 0001-Avoid-accidental-javascript-in-javadoc.patch Patch1: 0002-Replace-bundled-jquery-with-CDN-link.patch +Patch2: testng-CVE-2022-4065.patch BuildRequires: ant BuildRequires: beust-jcommander BuildRequires: bsh2 @@ -59,6 +60,7 @@ This package contains the API documentation for %{name}. %patch0 -p1 %patch1 -p1 +%patch2 -p1 sed 's/@VERSION@/%{version}/' %{SOURCE1} > pom.xml cp %{SOURCE2} build.xml