diff --git a/CVE-2012-1152-YAML-LibYAML-0.35-format-error.patch b/CVE-2012-1152-YAML-LibYAML-0.35-format-error.patch new file mode 100644 index 0000000..c5a4c78 --- /dev/null +++ b/CVE-2012-1152-YAML-LibYAML-0.35-format-error.patch @@ -0,0 +1,39 @@ +diff -urbaN YAML-LibYAML-0.35-orig//LibYAML/perl_libyaml.c YAML-LibYAML-0.35/LibYAML/perl_libyaml.c +--- YAML-LibYAML-0.35-orig//LibYAML/perl_libyaml.c 2011-04-03 18:28:08.000000000 +0200 ++++ YAML-LibYAML-0.35/LibYAML/perl_libyaml.c 2011-04-08 09:25:49.633009787 +0200 +@@ -188,7 +188,7 @@ + return; + + load_error: +- croak(loader_error_msg(&loader, NULL)); ++ croak("%s", loader_error_msg(&loader, NULL)); + } + + /* +@@ -271,7 +271,7 @@ + return return_sv; + + load_error: +- croak(loader_error_msg(loader, NULL)); ++ croak("%s", loader_error_msg(loader, NULL)); + } + + /* +@@ -314,7 +314,7 @@ + else if (strlen(tag) <= strlen(prefix) || + ! strnEQ(tag, prefix, strlen(prefix)) + ) croak( +- loader_error_msg(loader, form("bad tag found for hash: '%s'", tag)) ++ "%s", loader_error_msg(loader, form("bad tag found for hash: '%s'", tag)) + ); + class = tag + strlen(prefix); + sv_bless(hash_ref, gv_stashpv(class, TRUE)); +@@ -347,7 +347,7 @@ + else if (strlen(tag) <= strlen(prefix) || + ! strnEQ(tag, prefix, strlen(prefix)) + ) croak( +- loader_error_msg(loader, form("bad tag found for array: '%s'", tag)) ++ "%s", loader_error_msg(loader, form("bad tag found for array: '%s'", tag)) + ); + class = tag + strlen(prefix); + sv_bless(array_ref, gv_stashpv(class, TRUE)); diff --git a/perl-YAML-LibYAML.changes b/perl-YAML-LibYAML.changes index 3d88514..b5ce8bf 100644 --- a/perl-YAML-LibYAML.changes +++ b/perl-YAML-LibYAML.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Wed Apr 25 23:01:47 UTC 2012 - pascal.bleser@opensuse.org + +- CVE-2012-1152: added patch to fix multiple format string flaws: + A remote attacker could provide a specially-crafted YAML document, which once + processed by the perl-YAML-LibYAML interface would lead to perl-YAML-LibYAML + based process crash. bnc#751503 + ------------------------------------------------------------------- Sun Oct 02 23:37:11 UTC 2011 - pascal.bleser@opensuse.org diff --git a/perl-YAML-LibYAML.spec b/perl-YAML-LibYAML.spec index f9202f3..6e52ab5 100644 --- a/perl-YAML-LibYAML.spec +++ b/perl-YAML-LibYAML.spec @@ -1,7 +1,7 @@ # # spec file for package perl-YAML-LibYAML # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,17 +16,17 @@ # - Name: perl-YAML-LibYAML Version: 0.37 -Release: 1 -License: GPL-1.0+ or Artistic-1.0 +Release: 0 %define cpan_name YAML-LibYAML Summary: YAML::LibYAML Perl module -Url: http://search.cpan.org/dist/YAML-LibYAML/ +License: GPL-1.0+ or Artistic-1.0 Group: Development/Libraries/Perl +Url: http://search.cpan.org/dist/YAML-LibYAML/ #Source: http://www.cpan.org/authors/id/I/IN/INGY/YAML-LibYAML-%{version}.tar.gz Source: %{cpan_name}-%{version}.tar.gz +Patch1: CVE-2012-1152-YAML-LibYAML-0.35-format-error.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: perl BuildRequires: perl-macros @@ -45,6 +45,7 @@ to work exactly like YAML.pm's corresponding functions. %prep %setup -q -n %{cpan_name}-%{version} +%patch1 -p1 %build %{__perl} Makefile.PL INSTALLDIRS=vendor OPTIMIZE="%{optflags}"