Hello community, here is the log from the commit of package rsync for openSUSE:Factory checked in at 2017-11-29 10:50:13 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rsync (Old) and /work/SRC/openSUSE:Factory/.rsync.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rsync" Wed Nov 29 10:50:13 2017 rev:63 rq:546274 version:3.1.2 Changes: -------- --- /work/SRC/openSUSE:Factory/rsync/rsync.changes 2017-07-28 09:44:25.759420866 +0200 +++ /work/SRC/openSUSE:Factory/.rsync.new/rsync.changes 2017-11-29 10:50:16.269849962 +0100 @@ -1,0 +2,7 @@ +Tue Nov 28 16:18:45 UTC 2017 - pmonrealgonza...@suse.com + +- Security fix [bsc#1066644, CVE-2017-16548] + * Missing trailing '\0' character check could lead to remote DoS + * Added rsync-CVE-2017-16548.patch + +------------------------------------------------------------------- New: ---- rsync-CVE-2017-16548.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rsync.spec ++++++ --- /var/tmp/diff_new_pack.p1BiYp/_old 2017-11-29 10:50:18.625764493 +0100 +++ /var/tmp/diff_new_pack.p1BiYp/_new 2017-11-29 10:50:18.625764493 +0100 @@ -40,6 +40,8 @@ #PATCH-FIX-SUSE boo#922710 slp Patch1: rsync-add_back_use_slp_directive.patch Patch2: rsync-both-compressions.patch +#PATCH-FIX-UPSTREAM CVE-2017-16548 bsc#1066644 Missing trailing '\0' check could lead to remote DoS +Patch3: rsync-CVE-2017-16548.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: libacl-devel @@ -73,6 +75,7 @@ patch -p1 < patches/time-limit.diff %patch0 -p1 %patch2 -p1 +%patch3 -p1 %build autoreconf -fiv ++++++ rsync-CVE-2017-16548.patch ++++++ >From 47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1 Mon Sep 17 00:00:00 2001 From: Wayne Davison <way...@samba.org> Date: Sun, 5 Nov 2017 11:33:15 -0800 Subject: [PATCH 1/1] Enforce trailing \0 when receiving xattr name values. Fixes bug 13112. --- xattrs.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/xattrs.c b/xattrs.c index 68305d7..4867e6f 100644 --- a/xattrs.c +++ b/xattrs.c @@ -824,6 +824,10 @@ void receive_xattr(int f, struct file_struct *file) out_of_memory("receive_xattr"); name = ptr + dget_len + extra_len; read_buf(f, name, name_len); + if (name_len < 1 || name[name_len-1] != '\0') { + rprintf(FERROR, "Invalid xattr name received (missing trailing \\0).\n"); + exit_cleanup(RERR_FILEIO); + } if (dget_len == datum_len) read_buf(f, ptr, dget_len); else { -- 1.9.1