Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package lapack for openSUSE:Factory checked in at 2022-01-05 13:39:32 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/lapack (Old) and /work/SRC/openSUSE:Factory/.lapack.new.1896 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "lapack" Wed Jan 5 13:39:32 2022 rev:51 rq:943650 version:3.9.0 Changes: -------- --- /work/SRC/openSUSE:Factory/lapack/lapack.changes 2021-07-20 15:38:59.569421805 +0200 +++ /work/SRC/openSUSE:Factory/.lapack.new.1896/lapack.changes 2022-01-05 13:39:56.849534774 +0100 @@ -1,0 +2,6 @@ +Mon Jan 3 08:34:37 UTC 2022 - Richard Biener <rguent...@suse.com> + +- Add Fix-out-of-bounds-read.patch to fix out of bound reads when + user input is not validated properly. (bsc#1193562, CVE-2021-4048) + +------------------------------------------------------------------- New: ---- Fix-out-of-bounds-read.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ lapack-man.spec ++++++ --- /var/tmp/diff_new_pack.BKvPA7/_old 2022-01-05 13:39:57.365535179 +0100 +++ /var/tmp/diff_new_pack.BKvPA7/_new 2022-01-05 13:39:57.369535183 +0100 @@ -1,7 +1,7 @@ # # spec file for package lapack-man # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed ++++++ lapack.spec ++++++ --- /var/tmp/diff_new_pack.BKvPA7/_old 2022-01-05 13:39:57.389535199 +0100 +++ /var/tmp/diff_new_pack.BKvPA7/_new 2022-01-05 13:39:57.397535205 +0100 @@ -1,7 +1,7 @@ # # spec file for package lapack # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -32,6 +32,8 @@ Patch3: Fix-some-minor-inconsistencies-in-LAPACKE_czgesvdq.patch # PATCH-FIX-UPSTREAM -- https://github.com/Reference-LAPACK/lapack/commit/ea2a102d3827.patch Patch4: Avoid-out-of-bounds-accesses-in-complex-EIG-tests.patch +# PATCH-FIX-UPSTREAM -- https://github.com/Reference-LAPACK/lapack/commit/38f3eeee3108b18158409ca2a100e6fe03754781 +Patch5: Fix-out-of-bounds-read.patch BuildRequires: gcc-fortran BuildRequires: python3-base ++++++ Fix-out-of-bounds-read.patch ++++++ >From 0631b6beaed60ba118b0b027c0f8d35397bf5df0 Mon Sep 17 00:00:00 2001 From: Keno Fischer <k...@juliacomputing.com> Date: Thu, 30 Sep 2021 03:51:23 -0400 Subject: [PATCH] Fix out of bounds read in slarrv This was originally reported as https://github.com/JuliaLang/julia/issues/42415. I've tracked this down to an our of bounds read on the following line: https://github.com/Reference-LAPACK/lapack/blob/44ecb6a5ff821b1cbb39f8cc2166cb098e060b4d/SRC/slarrv.f#L423 In the crashing example, `M` is `0`, causing `slarrv` to read uninitialized memory from the work array. I believe the `0` for `M` is correct and indeed, the documentation above supports that `M` may be zero: https://github.com/Reference-LAPACK/lapack/blob/44ecb6a5ff821b1cbb39f8cc2166cb098e060b4d/SRC/slarrv.f#L113-L116 I believe it may be sufficient to early-out this function as suggested in this PR. However, I have limited context for the full routine here, so I would appreciate a sanity check. --- SRC/clarrv.f | 2 +- SRC/dlarrv.f | 2 +- SRC/slarrv.f | 2 +- SRC/zlarrv.f | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/SRC/clarrv.f b/SRC/clarrv.f index 1f09e4da6..42f710757 100644 --- a/SRC/clarrv.f +++ b/SRC/clarrv.f @@ -348,7 +348,7 @@ * * Quick return if possible * - IF( N.LE.0 ) THEN + IF( (N.LE.0).OR.(M.LE.0) ) THEN RETURN END IF * diff --git a/SRC/dlarrv.f b/SRC/dlarrv.f index b036c1e66..299430361 100644 --- a/SRC/dlarrv.f +++ b/SRC/dlarrv.f @@ -350,7 +350,7 @@ * * Quick return if possible * - IF( N.LE.0 ) THEN + IF( (N.LE.0).OR.(M.LE.0) ) THEN RETURN END IF * diff --git a/SRC/slarrv.f b/SRC/slarrv.f index 9d72b339a..95f94fd1b 100644 --- a/SRC/slarrv.f +++ b/SRC/slarrv.f @@ -350,7 +350,7 @@ * * Quick return if possible * - IF( N.LE.0 ) THEN + IF( (N.LE.0).OR.(M.LE.0) ) THEN RETURN END IF * diff --git a/SRC/zlarrv.f b/SRC/zlarrv.f index 51ec558f5..e4be63e0d 100644 --- a/SRC/zlarrv.f +++ b/SRC/zlarrv.f @@ -348,7 +348,7 @@ * * Quick return if possible * - IF( N.LE.0 ) THEN + IF( (N.LE.0).OR.(M.LE.0) ) THEN RETURN END IF * -- 2.31.1
