From 2b6ead8ec52c4582046bbc9dc70cd64325ffab5fc270690b09d1f1e712d7beda Mon Sep 17 00:00:00 2001 From: "Dr. Werner Fink" Date: Mon, 14 Oct 2019 13:42:39 +0000 Subject: [PATCH 1/2] Let python-magic build again OBS-URL: https://build.opensuse.org/package/show/Base:System/file?expand=0&rev=194 --- file.changes | 5 +++++ file.spec | 2 +- python-magic.changes | 7 ++++++- python-magic.spec | 4 +--- 4 files changed, 13 insertions(+), 5 deletions(-) diff --git a/file.changes b/file.changes index d6c89ca..618c75f 100644 --- a/file.changes +++ b/file.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Mon Oct 14 13:40:13 UTC 2019 - Dr. Werner Fink + +- Let python-magic build with latest rpm + ------------------------------------------------------------------- Tue Jun 11 10:42:01 UTC 2019 - Dr. Werner Fink diff --git a/file.spec b/file.spec index c9502d4..cfa297a 100644 --- a/file.spec +++ b/file.spec @@ -35,7 +35,7 @@ Release: 0 Summary: A Tool to Determine File Types License: BSD-2-Clause Group: Productivity/File utilities -Source: ftp://ftp.astron.com/pub/file/file-%{version}.tar.gz +Source0: ftp://ftp.astron.com/pub/file/file-%{version}.tar.gz Source2: baselibs.conf Source3: file-rpmlintrc Source4: ftp://ftp.astron.com/pub/file/file-%{version}.tar.gz.asc diff --git a/python-magic.changes b/python-magic.changes index 2daf665..c5f8472 100644 --- a/python-magic.changes +++ b/python-magic.changes @@ -1,7 +1,12 @@ +------------------------------------------------------------------- +Mon Oct 14 13:40:13 UTC 2019 - Dr. Werner Fink + +- Let python-magic build with latest rpm + ------------------------------------------------------------------- Wed May 29 06:08:37 UTC 2019 - Dr. Werner Fink -- - Correct version of file which is now 5.37 +- Correct version of file which is now 5.37 ------------------------------------------------------------------- Thu Feb 21 07:18:57 UTC 2019 - Dr. Werner Fink diff --git a/python-magic.spec b/python-magic.spec index 6551729..1ca57ee 100644 --- a/python-magic.spec +++ b/python-magic.spec @@ -18,7 +18,6 @@ # PyPI package name is file-magic. Version is taken from setup.py %define file_magic_version 0.3.0 - %{?!python_module:%define python_module() python-%{**} python3-%{**}} Name: python-magic @@ -33,8 +32,8 @@ Release: 0 Summary: Python module to use libmagic License: BSD-3-Clause AND BSD-4-Clause Group: Development/Languages/Python +%{expand:%(sed -n -e '/^Source0\?:/,/^BuildRoot:/p' <%{_sourcedir}/file.spec)} Source99: file.spec -%{expand:%(sed -n -e '/^Source:/,/^BuildRoot:/p' <%{_sourcedir}/file.spec)} Requires: libmagic1 Provides: python-file-magic = %{file_magic_version} %global _miscdir %{_datadir}/misc @@ -49,7 +48,6 @@ interface. %{expand:%(sed -n -e '/^%%prep/,/^%%build/p' <%{_sourcedir}/file.spec | sed -e '1d' -e '$d')} ln -sf README.md python/README -%build pushd python %python_build popd From b3c0fb0be8beb726a823143010b4a5aa578bde5046e9d8eacd6cd298cc5ca914 Mon Sep 17 00:00:00 2001 From: "Dr. Werner Fink" Date: Tue, 22 Oct 2019 13:26:36 +0000 Subject: [PATCH 2/2] Add temporary patch CVE-2019-18218-46a8443f.patch OBS-URL: https://build.opensuse.org/package/show/Base:System/file?expand=0&rev=195 --- CVE-2019-18218-46a8443f.patch | 43 +++++++++++++++++++++++++++++++++++ file.changes | 6 +++++ file.spec | 2 ++ 3 files changed, 51 insertions(+) create mode 100644 CVE-2019-18218-46a8443f.patch diff --git a/CVE-2019-18218-46a8443f.patch b/CVE-2019-18218-46a8443f.patch new file mode 100644 index 0000000..e36998a --- /dev/null +++ b/CVE-2019-18218-46a8443f.patch @@ -0,0 +1,43 @@ +From 46a8443f76cec4b41ec736eca396984c74664f84 Mon Sep 17 00:00:00 2001 +From: Christos Zoulas +Date: Mon, 26 Aug 2019 14:31:39 +0000 +Subject: [PATCH] Limit the number of elements in a vector (found by oss-fuzz) + +--- + src/cdf.c | 7 +++---- + src/cdf.h | 1 + + 2 files changed, 4 insertions(+), 4 deletions(-) + +--- src/cdf.c ++++ src/cdf.c 2019-10-22 13:05:01.410441092 +0000 +@@ -968,8 +968,9 @@ cdf_read_property_info(const cdf_stream_ + goto out; + } + nelements = CDF_GETUINT32(q, 1); +- if (nelements == 0) { +- DPRINTF(("CDF_VECTOR with nelements == 0\n")); ++ if (nelements > CDF_ELEMENT_LIMIT || nelements == 0) { ++ DPRINTF(("CDF_VECTOR with nelements == %" ++ SIZE_T_FORMAT "u\n", nelements)); + goto out; + } + slen = 2; +@@ -1011,8 +1012,6 @@ cdf_read_property_info(const cdf_stream_ + goto out; + inp += nelem; + } +- DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n", +- nelements)); + for (j = 0; j < nelements && i < sh.sh_properties; + j++, i++) + { +--- src/cdf.h ++++ src/cdf.h 2019-10-22 13:05:01.422440872 +0000 +@@ -48,6 +48,7 @@ + typedef int32_t cdf_secid_t; + + #define CDF_LOOP_LIMIT 10000 ++#define CDF_ELEMENT_LIMIT 100000 + + #define CDF_SECID_NULL 0 + #define CDF_SECID_FREE -1 diff --git a/file.changes b/file.changes index 618c75f..8830cb9 100644 --- a/file.changes +++ b/file.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Tue Oct 22 13:24:26 UTC 2019 - Dr. Werner Fink + +- Add temporary patch CVE-2019-18218-46a8443f.patch from upstream + to fix bsc#1154661 -- heap-based buffer overflow in cdf_read_property_info in cdf.c + ------------------------------------------------------------------- Mon Oct 14 13:40:13 UTC 2019 - Dr. Werner Fink diff --git a/file.spec b/file.spec index cfa297a..9210467 100644 --- a/file.spec +++ b/file.spec @@ -65,6 +65,7 @@ Patch36: file-5.15-clear-invalid.patch Patch37: file-secure_getenv.patch Patch39: file-5.28-btrfs-image.dif Patch42: file-upstream.patch +Patch43: CVE-2019-18218-46a8443f.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %global _sysconfdir /etc %global _miscdir %{_datadir}/misc @@ -134,6 +135,7 @@ to develop applications that require the magic "file" interface. %patch37 -p1 -b .getenv %patch39 -p1 -b .btrfs %patch42 -p0 -b .tmp +%patch43 -p0 -b .CVE-2019-18218 %patch -b .0 test -s src/magic.h.in || cp -p src/magic.h src/magic.h.in rm -fv src/magic.h