Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package libconfuse for openSUSE:Factory checked in at 2022-09-13 15:07:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libconfuse (Old) and /work/SRC/openSUSE:Factory/.libconfuse.new.2083 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libconfuse" Tue Sep 13 15:07:59 2022 rev:3 rq:1003000 version:3.3 Changes: -------- --- /work/SRC/openSUSE:Factory/libconfuse/libconfuse.changes 2020-07-01 18:22:14.173865161 +0200 +++ /work/SRC/openSUSE:Factory/.libconfuse.new.2083/libconfuse.changes 2022-09-13 15:08:05.324422941 +0200 @@ -1,0 +2,8 @@ +Mon Sep 12 11:02:59 CEST 2022 - r...@suse.de + +- add fix from upstream git + libconfuse-d73777c2c3566fb2647727bb56d9a2295b81669b.patch + cfg_tilde_expand in confuse.c has a heap-based buffer over-read + (CVE-2022-40320 boo#1203326) + +------------------------------------------------------------------- New: ---- libconfuse-d73777c2c3566fb2647727bb56d9a2295b81669b.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libconfuse.spec ++++++ --- /var/tmp/diff_new_pack.MszKjx/_old 2022-09-13 15:08:05.784424236 +0200 +++ /var/tmp/diff_new_pack.MszKjx/_new 2022-09-13 15:08:05.788424247 +0200 @@ -1,7 +1,7 @@ # # spec file for package libconfuse # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -25,6 +25,8 @@ Group: Development/Libraries/C and C++ URL: http://www.nongnu.org/confuse/ Source: https://github.com/martinh/libconfuse/releases/download/v%{version}/confuse-%{version}.tar.xz +# PATCH-FIX_UPSTREAM +Patch0: libconfuse-d73777c2c3566fb2647727bb56d9a2295b81669b.patch BuildRequires: check-devel BuildRequires: gcc-c++ BuildRequires: gettext-devel @@ -67,7 +69,7 @@ %lang_package -r %{library_name} %prep -%setup -q -n confuse-%{version} +%autosetup -n confuse-%{version} -p1 %build %configure --enable-shared --disable-static ++++++ libconfuse-d73777c2c3566fb2647727bb56d9a2295b81669b.patch ++++++ commit d73777c2c3566fb2647727bb56d9a2295b81669b Author: Joachim Wiberg <troglo...@gmail.com> Date: Fri Sep 2 16:12:46 2022 +0200 Fix #163: unterminated username used with getpwnam() Signed-off-by: Joachim Wiberg <troglo...@gmail.com> diff --git a/src/confuse.c b/src/confuse.c index 6d1fdbd..05566b5 100644 --- a/src/confuse.c +++ b/src/confuse.c @@ -1894,18 +1894,20 @@ DLLIMPORT char *cfg_tilde_expand(const char *filename) passwd = getpwuid(geteuid()); file = filename + 1; } else { - /* ~user or ~user/path */ - char *user; + char *user; /* ~user or ~user/path */ + size_t len; file = strchr(filename, '/'); - if (file == 0) + if (file == NULL) file = filename + strlen(filename); - user = malloc(file - filename); + len = file - filename - 1; + user = malloc(len + 1); if (!user) return NULL; - strncpy(user, filename + 1, file - filename - 1); + strncpy(user, &filename[1], len); + user[len] = 0; passwd = getpwnam(user); free(user); }
