forked from pool/amanda
Accepting request 1073593 from home:dspinella:branches:Archiving
- Update to version 3.5.3: * Fixed: removed vulnerable jQuery dependency * Fixed: fix suppressed 1st char of error message in common-src/bsdtcp-security.c * docs: improved README with Markdown * docs: updated README file name for docs in Debian builds * Fixed: post_inst_functions.sh to create amkey * Fixed: added extern keyword for tu_debugging_enabled declaration in testutils.h * Fixed: https://sogis.eu complaint symmetric encryption key derivation algorithm * Fixed: removed perror to fix information leak vulnerability found in the calcsize SUID binary. (CVE-2022-37703, bsc#1203390) * Fixed: added filter for RSH environment settings in rundump to fix privilege escalation vulnerability (CVE-2022-37704, bsc#1208033) * Fixed: arg checking for runtar.c (CVE-2022-37705, bsc#1208032) - Remove upstreamed patches: * CVE-2022-37705.patch * amanda-3.5.1-GCC10_extern.patch * amanda-3.5.2-fix-tests.patch OBS-URL: https://build.opensuse.org/request/show/1073593 OBS-URL: https://build.opensuse.org/package/show/Archiving/amanda?expand=0&rev=88
This commit is contained in:
parent
0ac83544ed
commit
c54a62dd0b
@ -1,16 +0,0 @@
|
|||||||
Index: amanda-tag-community-3.5.2/client-src/runtar.c
|
|
||||||
===================================================================
|
|
||||||
--- amanda-tag-community-3.5.2.orig/client-src/runtar.c
|
|
||||||
+++ amanda-tag-community-3.5.2/client-src/runtar.c
|
|
||||||
@@ -191,9 +191,9 @@ main(
|
|
||||||
g_str_has_prefix(argv[i],"--newer") ||
|
|
||||||
g_str_has_prefix(argv[i],"--exclude-from") ||
|
|
||||||
g_str_has_prefix(argv[i],"--files-from")) {
|
|
||||||
- /* Accept theses options with the following argument */
|
|
||||||
- good_option += 2;
|
|
||||||
+ good_option++;
|
|
||||||
} else if (argv[i][0] != '-') {
|
|
||||||
+ /* argument values are accounted for here */
|
|
||||||
good_option++;
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,13 +0,0 @@
|
|||||||
diff --git a/common-src/testutils.h b/common-src/testutils.h
|
|
||||||
index 31f89737..2e9bb0b3 100644
|
|
||||||
--- a/common-src/testutils.h
|
|
||||||
+++ b/common-src/testutils.h
|
|
||||||
@@ -75,7 +75,7 @@ typedef struct TestUtilsTest {
|
|
||||||
#define tu_dbg(...) if (tu_debugging_enabled) { g_fprintf(stderr, __VA_ARGS__); }
|
|
||||||
|
|
||||||
/* Is debugging enabled for this test run? (set internally) */
|
|
||||||
-int tu_debugging_enabled;
|
|
||||||
+extern gboolean tu_debugging_enabled;
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Main loop
|
|
@ -1,26 +0,0 @@
|
|||||||
From 262c05b20c7de243542e7502e00152cdafb573d4 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Peter Bieringer <pb@bieringer.de>
|
|
||||||
Date: Wed, 6 Jul 2022 22:53:12 +0200
|
|
||||||
Subject: [PATCH] fix for https://github.com/zmanda/amanda/issues/167
|
|
||||||
|
|
||||||
---
|
|
||||||
common-src/amutil.c | 6 ++++++
|
|
||||||
1 file changed, 6 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/common-src/amutil.c b/common-src/amutil.c
|
|
||||||
index 20454ab73c..371d38e433 100644
|
|
||||||
--- a/common-src/amutil.c
|
|
||||||
+++ b/common-src/amutil.c
|
|
||||||
@@ -1132,6 +1132,12 @@ char *hexdecode_string(const char *str, GError **err)
|
|
||||||
new_len = orig_len = strlen(str);
|
|
||||||
for (i = 0; i < orig_len; i++) {
|
|
||||||
if (str[i] == '%') {
|
|
||||||
+ if (new_len < 2) {
|
|
||||||
+ g_set_error(err, am_util_error_quark(), AM_UTIL_ERROR_HEXDECODEINVAL,
|
|
||||||
+ "Invalid hexcode string: %s", str);
|
|
||||||
+ s = g_string_sized_new(0);
|
|
||||||
+ goto cleanup;
|
|
||||||
+ }
|
|
||||||
new_len -= 2;
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:812aea37d5e5ae852ab4147e989f090fb60ef66e7b7fe49ef58e2d139fe3e99f
|
|
||||||
size 3949431
|
|
3
amanda-3.5.3.tar.gz
Normal file
3
amanda-3.5.3.tar.gz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:7821d7420e12bfc96c8db385c29f79afe7d6f35e80faa81da0b87a47ee5b2476
|
||||||
|
size 3926198
|
@ -1,3 +1,26 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Mar 21 16:16:06 UTC 2023 - Danilo Spinella <danilo.spinella@suse.com>
|
||||||
|
|
||||||
|
- Update to version 3.5.3:
|
||||||
|
* Fixed: removed vulnerable jQuery dependency
|
||||||
|
* Fixed: fix suppressed 1st char of error message in
|
||||||
|
common-src/bsdtcp-security.c
|
||||||
|
* docs: improved README with Markdown
|
||||||
|
* docs: updated README file name for docs in Debian builds
|
||||||
|
* Fixed: post_inst_functions.sh to create amkey
|
||||||
|
* Fixed: added extern keyword for tu_debugging_enabled declaration in
|
||||||
|
testutils.h
|
||||||
|
* Fixed: https://sogis.eu complaint symmetric encryption key derivation algorithm
|
||||||
|
* Fixed: removed perror to fix information leak vulnerability found in the
|
||||||
|
calcsize SUID binary. (CVE-2022-37703, bsc#1203390)
|
||||||
|
* Fixed: added filter for RSH environment settings in rundump to fix
|
||||||
|
privilege escalation vulnerability (CVE-2022-37704, bsc#1208033)
|
||||||
|
* Fixed: arg checking for runtar.c (CVE-2022-37705, bsc#1208032)
|
||||||
|
- Remove upstreamed patches:
|
||||||
|
* CVE-2022-37705.patch
|
||||||
|
* amanda-3.5.1-GCC10_extern.patch
|
||||||
|
* amanda-3.5.2-fix-tests.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Feb 16 11:03:29 UTC 2023 - Daniel Garcia <daniel.garcia@suse.com>
|
Thu Feb 16 11:03:29 UTC 2023 - Daniel Garcia <daniel.garcia@suse.com>
|
||||||
|
|
||||||
|
14
amanda.spec
14
amanda.spec
@ -19,7 +19,7 @@
|
|||||||
%define amanda_group amanda
|
%define amanda_group amanda
|
||||||
%define upstreamver tag-community-%{version}
|
%define upstreamver tag-community-%{version}
|
||||||
Name: amanda
|
Name: amanda
|
||||||
Version: 3.5.2
|
Version: 3.5.3
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: Network Disk Archiver
|
Summary: Network Disk Archiver
|
||||||
License: GPL-3.0-or-later
|
License: GPL-3.0-or-later
|
||||||
@ -34,11 +34,6 @@ Patch3: amanda-2.6.1p1-avoid-perl-provides.patch
|
|||||||
Patch4: amanda-3.3.2-returnvalues.patch
|
Patch4: amanda-3.3.2-returnvalues.patch
|
||||||
Patch6: amanda-3.5-no_return_in_nonvoid_fnc.patch
|
Patch6: amanda-3.5-no_return_in_nonvoid_fnc.patch
|
||||||
Patch7: amanda-libnsl.patch
|
Patch7: amanda-libnsl.patch
|
||||||
Patch8: amanda-3.5.1-GCC10_extern.patch
|
|
||||||
# PATCH-FIX-UPSTREAM amanda-3.5.2-fix-tests.patch -- gh#zmanda/amanda#167
|
|
||||||
Patch9: amanda-3.5.2-fix-tests.patch
|
|
||||||
# PATCH-FIX-UPSTREAM CVE-2022-37705.patch -- boo#1208032, gh#zmanda/amanda#194
|
|
||||||
Patch10: CVE-2022-37705.patch
|
|
||||||
BuildRequires: autoconf
|
BuildRequires: autoconf
|
||||||
BuildRequires: automake
|
BuildRequires: automake
|
||||||
BuildRequires: bison
|
BuildRequires: bison
|
||||||
@ -95,9 +90,6 @@ running multiple versions of Linux or Unix.
|
|||||||
%patch4 -p1
|
%patch4 -p1
|
||||||
%patch6 -p1
|
%patch6 -p1
|
||||||
%patch7 -p1
|
%patch7 -p1
|
||||||
%patch8 -p1
|
|
||||||
%patch9 -p1
|
|
||||||
%patch10 -p1
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
./autogen
|
./autogen
|
||||||
@ -132,7 +124,7 @@ install -d %{buildroot}/%{_sysconfdir}/amanda \
|
|||||||
%{buildroot}%{_localstatedir}/lib/amanda/lbl-templ \
|
%{buildroot}%{_localstatedir}/lib/amanda/lbl-templ \
|
||||||
%{buildroot}/%{_docdir}/%{name} \
|
%{buildroot}/%{_docdir}/%{name} \
|
||||||
%{buildroot}/%{_sysconfdir}/xinetd.d
|
%{buildroot}/%{_sysconfdir}/xinetd.d
|
||||||
install NEWS README README.SUSE example/{amanda.conf,chg-multi.conf,disklist} %{buildroot}/%{_docdir}/%{name}
|
install NEWS README.md README.SUSE example/{amanda.conf,chg-multi.conf,disklist} %{buildroot}/%{_docdir}/%{name}
|
||||||
install -m 644 %{buildroot}%{_sysconfdir}/amanda/amanda-security.conf %{buildroot}%{_sysconfdir}/amanda-security.conf
|
install -m 644 %{buildroot}%{_sysconfdir}/amanda/amanda-security.conf %{buildroot}%{_sysconfdir}/amanda-security.conf
|
||||||
chmod 644 %{buildroot}/%{_docdir}/%{name}/* %{buildroot}/%{_mandir}/*/*
|
chmod 644 %{buildroot}/%{_docdir}/%{name}/* %{buildroot}/%{_mandir}/*/*
|
||||||
cp -a SUSE/* %{buildroot}
|
cp -a SUSE/* %{buildroot}
|
||||||
@ -194,7 +186,7 @@ ln -s amrecover.8.gz %{buildroot}%{_mandir}/man8/amoldrecover.8
|
|||||||
%verify_permissions -f %{_libexecdir}/amanda/suidlist
|
%verify_permissions -f %{_libexecdir}/amanda/suidlist
|
||||||
|
|
||||||
%files
|
%files
|
||||||
%doc amanda-howto-collection.pdf ChangeLog NEWS AUTHORS COPYRIGHT README ReleaseNotes README.SUSE
|
%doc amanda-howto-collection.pdf ChangeLog NEWS AUTHORS COPYRIGHT README.md ReleaseNotes README.SUSE
|
||||||
%doc %attr(755,root,root) %dir %{_docdir}/%{name}
|
%doc %attr(755,root,root) %dir %{_docdir}/%{name}
|
||||||
%{_docdir}/%{name}/*
|
%{_docdir}/%{name}/*
|
||||||
%{_mandir}/man*/*
|
%{_mandir}/man*/*
|
||||||
|
Loading…
Reference in New Issue
Block a user