From f778b81f7773835fdbaa5f192c1741fc7f9e7f244589fd7fd601a01443502ede Mon Sep 17 00:00:00 2001 From: Stanislav Brabec Date: Tue, 27 Feb 2018 17:33:11 +0000 Subject: [PATCH] Accepting request 580731 from home:sbrabec:branches:multimedia:libs - Fix double free vulnerability (bsc#1082877, CVE-2017-18201). OBS-URL: https://build.opensuse.org/request/show/580731 OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/libcdio?expand=0&rev=53 --- CVE-2017-18201.patch | 24 ++++++++++++++++++++++++ cdio-utils.spec | 2 +- libcdio.changes | 5 +++++ libcdio.spec | 5 ++++- 4 files changed, 34 insertions(+), 2 deletions(-) create mode 100644 CVE-2017-18201.patch diff --git a/CVE-2017-18201.patch b/CVE-2017-18201.patch new file mode 100644 index 0000000..265dd5b --- /dev/null +++ b/CVE-2017-18201.patch @@ -0,0 +1,24 @@ +From f6f9c48fb40b8a1e8218799724b0b61a7161eb1d Mon Sep 17 00:00:00 2001 +From: "R. Bernstein" +Date: Fri, 22 Dec 2017 16:06:57 -0500 +Subject: [PATCH] Fix double free courtesy of Chris Clayton + +--- + lib/driver/_cdio_generic.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/lib/driver/_cdio_generic.c b/lib/driver/_cdio_generic.c +index d40ac0d9..ae820d25 100644 +--- a/lib/driver/_cdio_generic.c ++++ b/lib/driver/_cdio_generic.c +@@ -296,7 +296,6 @@ get_cdtext_generic (void *p_user_data) + + if(len <= 0 || 0 != cdtext_data_init (p_env->cdtext, &p_cdtext_data[4], len)) { + p_env->b_cdtext_error = true; +- cdtext_destroy (p_env->cdtext); + free(p_env->cdtext); + p_env->cdtext = NULL; + } +-- +2.16.2 + diff --git a/cdio-utils.spec b/cdio-utils.spec index 7c0312c..3abe671 100644 --- a/cdio-utils.spec +++ b/cdio-utils.spec @@ -1,7 +1,7 @@ # # spec file for package cdio-utils # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed diff --git a/libcdio.changes b/libcdio.changes index 3fe0207..f13c20e 100644 --- a/libcdio.changes +++ b/libcdio.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Tue Feb 27 17:09:35 CET 2018 - sbrabec@suse.com + +- Fix double free vulnerability (bsc#1082877, CVE-2017-18201). + ------------------------------------------------------------------- Sat Nov 4 20:38:28 UTC 2017 - schwab@linux-m68k.org diff --git a/libcdio.spec b/libcdio.spec index 250c4c6..7f9e1f7 100644 --- a/libcdio.spec +++ b/libcdio.spec @@ -1,7 +1,7 @@ # # spec file for package libcdio # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -31,6 +31,8 @@ Source2: %{name}.keyring Source3: baselibs.conf # PATCH-FIX-UPSTREAM 0001-Savannah-Bug-49907.patch https://savannah.gnu.org/bugs/index.php?49907 Patch0: 0001-Savannah-Bug-49907.patch +# PATCH-FIX-SECURITY CVE-2017-18201.patch bsc1082877 CVE-2017-18201 sbrabec@suse.com -- Fix double free vulnerability. +Patch1: CVE-2017-18201.patch BuildRequires: fdupes BuildRequires: gcc-c++ BuildRequires: help2man @@ -110,6 +112,7 @@ applications that want to make use of the cdio libraries. %prep %setup -q %patch0 -p1 +%patch1 -p1 %define buildir ${PWD}