From de33db85f6c1b88111a484315f47984d3b433628 Mon Sep 17 00:00:00 2001 From: Jacob Wang Date: Thu, 16 Jan 2025 15:17:19 +0800 Subject: [PATCH 1/3] [CVE]update to rsync-3.1.3-20.src.rpm to #IBI8YF update to rsync-3.1.3-20.src.rpm for CVE-2024-12085 Project: TC2024080204 Signed-off-by: Jacob Wang --- 1000-rsync-lchmod.patch | 53 -------------------------------- dist | 2 +- rsync-3.1.3-cve-2024-12085.patch | 14 +++++++++ rsync.spec | 31 ++++--------------- 4 files changed, 21 insertions(+), 79 deletions(-) delete mode 100644 1000-rsync-lchmod.patch create mode 100644 rsync-3.1.3-cve-2024-12085.patch diff --git a/1000-rsync-lchmod.patch b/1000-rsync-lchmod.patch deleted file mode 100644 index 813c6b5..0000000 --- a/1000-rsync-lchmod.patch +++ /dev/null @@ -1,53 +0,0 @@ -diff --git a/syscall.c b/syscall.c -index b9c3b4ef..11d10e4a 100644 ---- a/syscall.c -+++ b/syscall.c -@@ -227,27 +227,35 @@ int do_open(const char *pathname, int flags, mode_t mode) - #ifdef HAVE_CHMOD - int do_chmod(const char *path, mode_t mode) - { -+ static int switch_step = 0; - int code; - if (dry_run) return 0; - RETURN_ERROR_IF_RO_OR_LO; -+ switch (switch_step) { - #ifdef HAVE_LCHMOD -- code = lchmod(path, mode & CHMOD_BITS); --#else -- if (S_ISLNK(mode)) { -+#include "case_N.h" -+ if ((code = lchmod(path, mode & CHMOD_BITS)) == 0 || errno != ENOTSUP) -+ break; -+ switch_step++; -+#endif -+ -+#include "case_N.h" -+ if (S_ISLNK(mode)) { - # if defined HAVE_SETATTRLIST -- struct attrlist attrList; -- uint32_t m = mode & CHMOD_BITS; /* manpage is wrong: not mode_t! */ -+ struct attrlist attrList; -+ uint32_t m = mode & CHMOD_BITS; /* manpage is wrong: not mode_t! */ - -- memset(&attrList, 0, sizeof attrList); -- attrList.bitmapcount = ATTR_BIT_MAP_COUNT; -- attrList.commonattr = ATTR_CMN_ACCESSMASK; -- code = setattrlist(path, &attrList, &m, sizeof m, FSOPT_NOFOLLOW); -+ memset(&attrList, 0, sizeof attrList); -+ attrList.bitmapcount = ATTR_BIT_MAP_COUNT; -+ attrList.commonattr = ATTR_CMN_ACCESSMASK; -+ code = setattrlist(path, &attrList, &m, sizeof m, FSOPT_NOFOLLOW); - # else -- code = 1; -+ code = 1; - # endif -- } else -- code = chmod(path, mode & CHMOD_BITS); /* DISCOURAGED FUNCTION */ --#endif /* !HAVE_LCHMOD */ -+ } else -+ code = chmod(path, mode & CHMOD_BITS); /* DISCOURAGED FUNCTION */ -+ break; -+ } - if (code != 0 && (preserve_perms || preserve_executability)) - return code; - return 0; diff --git a/dist b/dist index 535c690..1fe92cf 100644 --- a/dist +++ b/dist @@ -1 +1 @@ -an8_7 +an8_10 diff --git a/rsync-3.1.3-cve-2024-12085.patch b/rsync-3.1.3-cve-2024-12085.patch new file mode 100644 index 0000000..bb16cd1 --- /dev/null +++ b/rsync-3.1.3-cve-2024-12085.patch @@ -0,0 +1,14 @@ +diff --git a/match.c b/match.c +index 36e78ed..dfd6af2 100644 +--- a/match.c ++++ b/match.c +@@ -147,6 +147,9 @@ static void hash_search(int f,struct sum_struct *s, + int more; + schar *map; + ++ // prevent possible memory leaks ++ memset(sum2, 0, sizeof sum2); ++ + /* want_i is used to encourage adjacent matches, allowing the RLL + * coding of the output to work more efficiently. */ + want_i = 0; diff --git a/rsync.spec b/rsync.spec index 6103917..848041c 100644 --- a/rsync.spec +++ b/rsync.spec @@ -1,4 +1,3 @@ -%define anolis_release .0.2 %global _hardened_build 1 %define isprerelease 0 @@ -10,7 +9,7 @@ Summary: A program for synchronizing files over a network Name: rsync Version: 3.1.3 -Release: 19%{anolis_release}%{?dist}.1 +Release: 20%{?dist} Group: Applications/Internet URL: http://rsync.samba.org/ @@ -28,9 +27,6 @@ BuildRequires: libacl-devel, libattr-devel, autoconf, popt-devel, systemd Provides: bundled(zlib) = 1.2.8 License: GPLv3+ -Provides: /usr/bin/rsync -Requires: glibc - Patch0: rsync-man.patch Patch1: rsync-3.0.6-iconv-logging.patch Patch2: rsync-3.1.3-covscan.patch @@ -46,9 +42,7 @@ Patch11: rsync-3.1.3-cve-2022-29154.patch Patch12: rsync-3.1.3-cve-2022-37434.patch Patch13: rsync-3.1.3-filtering-rules.patch Patch14: rsync-3.1.3-missing-xattr-filter.patch -# https://github.com/WayneD/rsync/commit/9dd62525f3b98d692e031f22c02be8f775966503 -# https://github.com/WayneD/rsync/issues/109 -Patch1000: 1000-rsync-lchmod.patch +Patch15: rsync-3.1.3-cve-2024-12085.patch %description Rsync uses a reliable algorithm to bring remote and host files into @@ -68,14 +62,6 @@ Requires: %{name} = %{version}-%{release} Rsync can be used to offer read only access to anonymous clients. This package provides the anonymous rsync service. -%package doc -Summary: Documents for %{name} -BuildArch: noarch -Requires: %{name} = %{version}-%{release} - -%description doc -Doc pages for %{name}. - %prep # TAG: for pre versions use @@ -109,7 +95,7 @@ patch -p1 -i patches/copy-devices.diff %patch12 -p1 -b .cve-2022-37434 %patch13 -p1 -b .filtering-rules %patch14 -p1 -b .xattr-filter -%patch1000 -p1 +%patch15 -p1 -b .cve-2024-12085 %build %configure @@ -134,6 +120,7 @@ chmod -x support/* %files %{!?_licensedir:%global license %%doc} %license COPYING +%doc NEWS OLDNEWS README support/ tech_report.tex %{_bindir}/%{name} %{_mandir}/man1/%{name}.1* @@ -154,15 +141,9 @@ chmod -x support/* %postun daemon %systemd_postun_with_restart rsyncd.service -%files doc -%doc NEWS OLDNEWS README support/ tech_report.tex - %changelog -* Tue Apr 02 2024 Chunmei Xu - 3.1.3-19.0.2.1 -- fix rsync lchmod - -* Tue Jul 04 2023 Xiaoping Liu - 3.1.3-19.0.1.1 -- Add doc sub package +* Fri Jan 03 2025 Michal Ruprich - 3.1.3-20 +- Resolves: RHEL-70157 - Info Leak via Uninitialized Stack Contents * Wed Nov 02 2022 Michal Ruprich - 3.1.3-19.1 - Resolves: #2139118 - rsync-daemon fail on 3.1.3 -- Gitee From cf1709a066935dc896f14f6e3ef61a7b3e375ceb Mon Sep 17 00:00:00 2001 From: liuxiaoping Date: Sat, 16 Jul 2022 17:10:34 +0800 Subject: [PATCH 2/3] Add doc sub package --- rsync.spec | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/rsync.spec b/rsync.spec index 848041c..63fb920 100644 --- a/rsync.spec +++ b/rsync.spec @@ -1,3 +1,4 @@ +%define anolis_release .0.1 %global _hardened_build 1 %define isprerelease 0 @@ -9,7 +10,7 @@ Summary: A program for synchronizing files over a network Name: rsync Version: 3.1.3 -Release: 20%{?dist} +Release: 20%{anolis_release}%{?dist} Group: Applications/Internet URL: http://rsync.samba.org/ @@ -27,6 +28,9 @@ BuildRequires: libacl-devel, libattr-devel, autoconf, popt-devel, systemd Provides: bundled(zlib) = 1.2.8 License: GPLv3+ +Provides: /usr/bin/rsync +Requires: glibc + Patch0: rsync-man.patch Patch1: rsync-3.0.6-iconv-logging.patch Patch2: rsync-3.1.3-covscan.patch @@ -62,6 +66,14 @@ Requires: %{name} = %{version}-%{release} Rsync can be used to offer read only access to anonymous clients. This package provides the anonymous rsync service. +%package doc +Summary: Documents for %{name} +BuildArch: noarch +Requires: %{name} = %{version}-%{release} + +%description doc +Doc pages for %{name}. + %prep # TAG: for pre versions use @@ -120,7 +132,6 @@ chmod -x support/* %files %{!?_licensedir:%global license %%doc} %license COPYING -%doc NEWS OLDNEWS README support/ tech_report.tex %{_bindir}/%{name} %{_mandir}/man1/%{name}.1* @@ -141,7 +152,13 @@ chmod -x support/* %postun daemon %systemd_postun_with_restart rsyncd.service +%files doc +%doc NEWS OLDNEWS README support/ tech_report.tex + %changelog +* Thu Jan 16 2025 Xiaoping Liu - 3.1.3-20.0.1 +- Add doc sub package + * Fri Jan 03 2025 Michal Ruprich - 3.1.3-20 - Resolves: RHEL-70157 - Info Leak via Uninitialized Stack Contents -- Gitee From 63305b899e1c1159fd272f8f7995dafae273e52b Mon Sep 17 00:00:00 2001 From: Chunmei Xu Date: Tue, 2 Apr 2024 17:37:53 +0800 Subject: [PATCH 3/3] fix rsync lchmod Signed-off-by: Chunmei Xu --- 1000-rsync-lchmod.patch | 53 +++++++++++++++++++++++++++++++++++++++++ rsync.spec | 5 ++++ 2 files changed, 58 insertions(+) create mode 100644 1000-rsync-lchmod.patch diff --git a/1000-rsync-lchmod.patch b/1000-rsync-lchmod.patch new file mode 100644 index 0000000..813c6b5 --- /dev/null +++ b/1000-rsync-lchmod.patch @@ -0,0 +1,53 @@ +diff --git a/syscall.c b/syscall.c +index b9c3b4ef..11d10e4a 100644 +--- a/syscall.c ++++ b/syscall.c +@@ -227,27 +227,35 @@ int do_open(const char *pathname, int flags, mode_t mode) + #ifdef HAVE_CHMOD + int do_chmod(const char *path, mode_t mode) + { ++ static int switch_step = 0; + int code; + if (dry_run) return 0; + RETURN_ERROR_IF_RO_OR_LO; ++ switch (switch_step) { + #ifdef HAVE_LCHMOD +- code = lchmod(path, mode & CHMOD_BITS); +-#else +- if (S_ISLNK(mode)) { ++#include "case_N.h" ++ if ((code = lchmod(path, mode & CHMOD_BITS)) == 0 || errno != ENOTSUP) ++ break; ++ switch_step++; ++#endif ++ ++#include "case_N.h" ++ if (S_ISLNK(mode)) { + # if defined HAVE_SETATTRLIST +- struct attrlist attrList; +- uint32_t m = mode & CHMOD_BITS; /* manpage is wrong: not mode_t! */ ++ struct attrlist attrList; ++ uint32_t m = mode & CHMOD_BITS; /* manpage is wrong: not mode_t! */ + +- memset(&attrList, 0, sizeof attrList); +- attrList.bitmapcount = ATTR_BIT_MAP_COUNT; +- attrList.commonattr = ATTR_CMN_ACCESSMASK; +- code = setattrlist(path, &attrList, &m, sizeof m, FSOPT_NOFOLLOW); ++ memset(&attrList, 0, sizeof attrList); ++ attrList.bitmapcount = ATTR_BIT_MAP_COUNT; ++ attrList.commonattr = ATTR_CMN_ACCESSMASK; ++ code = setattrlist(path, &attrList, &m, sizeof m, FSOPT_NOFOLLOW); + # else +- code = 1; ++ code = 1; + # endif +- } else +- code = chmod(path, mode & CHMOD_BITS); /* DISCOURAGED FUNCTION */ +-#endif /* !HAVE_LCHMOD */ ++ } else ++ code = chmod(path, mode & CHMOD_BITS); /* DISCOURAGED FUNCTION */ ++ break; ++ } + if (code != 0 && (preserve_perms || preserve_executability)) + return code; + return 0; diff --git a/rsync.spec b/rsync.spec index 63fb920..f851894 100644 --- a/rsync.spec +++ b/rsync.spec @@ -47,6 +47,9 @@ Patch12: rsync-3.1.3-cve-2022-37434.patch Patch13: rsync-3.1.3-filtering-rules.patch Patch14: rsync-3.1.3-missing-xattr-filter.patch Patch15: rsync-3.1.3-cve-2024-12085.patch +# https://github.com/WayneD/rsync/commit/9dd62525f3b98d692e031f22c02be8f775966503 +# https://github.com/WayneD/rsync/issues/109 +Patch1000: 1000-rsync-lchmod.patch %description Rsync uses a reliable algorithm to bring remote and host files into @@ -108,6 +111,7 @@ patch -p1 -i patches/copy-devices.diff %patch13 -p1 -b .filtering-rules %patch14 -p1 -b .xattr-filter %patch15 -p1 -b .cve-2024-12085 +%patch1000 -p1 %build %configure @@ -158,6 +162,7 @@ chmod -x support/* %changelog * Thu Jan 16 2025 Xiaoping Liu - 3.1.3-20.0.1 - Add doc sub package +- fix rsync lchmod (xuchunmei@linux.alibaba.com) * Fri Jan 03 2025 Michal Ruprich - 3.1.3-20 - Resolves: RHEL-70157 - Info Leak via Uninitialized Stack Contents -- Gitee