diff --git a/0001-Fix-configure-issue-that-discarded-provided-CC-defin.patch b/0001-Fix-configure-issue-that-discarded-provided-CC-defin.patch new file mode 100644 index 0000000000000000000000000000000000000000..9e56c65afa811e8c7ea769928cec9375112fb84d --- /dev/null +++ b/0001-Fix-configure-issue-that-discarded-provided-CC-defin.patch @@ -0,0 +1,27 @@ +From 05796d3d8d5546cf1b4dfe2cd72ab746afae505d Mon Sep 17 00:00:00 2001 +From: Mark Adler +Date: Mon, 28 Mar 2022 18:34:10 -0700 +Subject: [PATCH] Fix configure issue that discarded provided CC definition. + +--- + configure | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/configure b/configure +index 52ff4a0..3fa3e86 100755 +--- a/configure ++++ b/configure +@@ -174,7 +174,10 @@ if test -z "$CC"; then + else + cc=${CROSS_PREFIX}cc + fi ++else ++ cc=${CC} + fi ++ + cflags=${CFLAGS-"-O3"} + # to force the asm version use: CFLAGS="-O3 -DASMV" ./configure + case "$cc" in +-- +2.19.1.6.gb485710b + diff --git a/0002-Correct-incorrect-inputs-provided-to-the-CRC-functio.patch b/0002-Correct-incorrect-inputs-provided-to-the-CRC-functio.patch new file mode 100644 index 0000000000000000000000000000000000000000..d243528ce68234b178be135e1ff6a2909b657b91 --- /dev/null +++ b/0002-Correct-incorrect-inputs-provided-to-the-CRC-functio.patch @@ -0,0 +1,54 @@ +From ec3df00224d4b396e2ac6586ab5d25f673caa4c2 Mon Sep 17 00:00:00 2001 +From: Mark Adler +Date: Wed, 30 Mar 2022 11:14:53 -0700 +Subject: [PATCH] Correct incorrect inputs provided to the CRC functions. + +The previous releases of zlib were not sensitive to incorrect CRC +inputs with bits set above the low 32. This commit restores that +behavior, so that applications with such bugs will continue to +operate as before. +--- + crc32.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/crc32.c b/crc32.c +index a1bdce5..451887b 100644 +--- a/crc32.c ++++ b/crc32.c +@@ -630,7 +630,7 @@ unsigned long ZEXPORT crc32_z(crc, buf, len) + #endif /* DYNAMIC_CRC_TABLE */ + + /* Pre-condition the CRC */ +- crc ^= 0xffffffff; ++ crc = (~crc) & 0xffffffff; + + /* Compute the CRC up to a word boundary. */ + while (len && ((z_size_t)buf & 7) != 0) { +@@ -749,7 +749,7 @@ unsigned long ZEXPORT crc32_z(crc, buf, len) + #endif /* DYNAMIC_CRC_TABLE */ + + /* Pre-condition the CRC */ +- crc ^= 0xffffffff; ++ crc = (~crc) & 0xffffffff; + + #ifdef W + +@@ -1077,7 +1077,7 @@ uLong ZEXPORT crc32_combine64(crc1, crc2, len2) + #ifdef DYNAMIC_CRC_TABLE + once(&made, make_crc_table); + #endif /* DYNAMIC_CRC_TABLE */ +- return multmodp(x2nmodp(len2, 3), crc1) ^ crc2; ++ return multmodp(x2nmodp(len2, 3), crc1) ^ (crc2 & 0xffffffff); + } + + /* ========================================================================= */ +@@ -1112,5 +1112,5 @@ uLong crc32_combine_op(crc1, crc2, op) + uLong crc2; + uLong op; + { +- return multmodp(op, crc1) ^ crc2; ++ return multmodp(op, crc1) ^ (crc2 & 0xffffffff); + } +-- +2.19.1.6.gb485710b + diff --git a/0003-Fix-a-bug-when-getting-a-gzip-header-extra-field-wit.patch b/0003-Fix-a-bug-when-getting-a-gzip-header-extra-field-wit.patch new file mode 100644 index 0000000000000000000000000000000000000000..26616b3e6e4b24751f69441cc66a48796a0eb446 --- /dev/null +++ b/0003-Fix-a-bug-when-getting-a-gzip-header-extra-field-wit.patch @@ -0,0 +1,35 @@ +From eff308af425b67093bab25f80f1ae950166bece1 Mon Sep 17 00:00:00 2001 +From: Mark Adler +Date: Sat, 30 Jul 2022 15:51:11 -0700 +Subject: [PATCH] Fix a bug when getting a gzip header extra field with + inflate(). + +If the extra field was larger than the space the user provided with +inflateGetHeader(), and if multiple calls of inflate() delivered +the extra header data, then there could be a buffer overflow of the +provided space. This commit assures that provided space is not +exceeded. +--- + inflate.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/inflate.c b/inflate.c +index 7be8c63..7a72897 100644 +--- a/inflate.c ++++ b/inflate.c +@@ -763,9 +763,10 @@ int flush; + copy = state->length; + if (copy > have) copy = have; + if (copy) { ++ len = state->head->extra_len - state->length; + if (state->head != Z_NULL && +- state->head->extra != Z_NULL) { +- len = state->head->extra_len - state->length; ++ state->head->extra != Z_NULL && ++ len < state->head->extra_max) { + zmemcpy(state->head->extra + len, next, + len + copy > state->head->extra_max ? + state->head->extra_max - len : copy); +-- +2.19.1.6.gb485710b + diff --git a/0004-Fix-extra-field-processing-bug-that-dereferences-NUL.patch b/0004-Fix-extra-field-processing-bug-that-dereferences-NUL.patch new file mode 100644 index 0000000000000000000000000000000000000000..e7d1b560de86ed4b5aa64ba4246b5cacd299a477 --- /dev/null +++ b/0004-Fix-extra-field-processing-bug-that-dereferences-NUL.patch @@ -0,0 +1,32 @@ +From 1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d Mon Sep 17 00:00:00 2001 +From: Mark Adler +Date: Mon, 8 Aug 2022 10:50:09 -0700 +Subject: [PATCH] Fix extra field processing bug that dereferences NULL + state->head. + +The recent commit to fix a gzip header extra field processing bug +introduced the new bug fixed here. +--- + inflate.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/inflate.c b/inflate.c +index 7a72897..2a3c4fe 100644 +--- a/inflate.c ++++ b/inflate.c +@@ -763,10 +763,10 @@ int flush; + copy = state->length; + if (copy > have) copy = have; + if (copy) { +- len = state->head->extra_len - state->length; + if (state->head != Z_NULL && + state->head->extra != Z_NULL && +- len < state->head->extra_max) { ++ (len = state->head->extra_len - state->length) < ++ state->head->extra_max) { + zmemcpy(state->head->extra + len, next, + len + copy > state->head->extra_max ? + state->head->extra_max - len : copy); +-- +2.19.1.6.gb485710b + diff --git a/zlib-1.2.11.tar.xz b/zlib-1.2.11.tar.xz deleted file mode 100644 index 305b7a058f2b18b5ff15b0c5258ab7d489c21973..0000000000000000000000000000000000000000 Binary files a/zlib-1.2.11.tar.xz and /dev/null differ diff --git a/zlib-1.2.12.tar.xz b/zlib-1.2.12.tar.xz new file mode 100644 index 0000000000000000000000000000000000000000..f7b33e79d92d68f9686975bcd424acda5e0cef87 Binary files /dev/null and b/zlib-1.2.12.tar.xz differ diff --git a/zlib.spec b/zlib.spec index e3bababeb80a017f75b6b44937f5016b68bd75a8..28f29ec7efddb575a7dcaea0af6eb76aaeb6b0d4 100644 --- a/zlib.spec +++ b/zlib.spec @@ -1,14 +1,20 @@ +%define anolis_release 1 Name: zlib -Version: 1.2.11 -Release: 1%{?dist} +Version: 1.2.12 +Release: %{anolis_release}%{?dist} Summary: Compression and decompression library License: zlib and Boost URL: https://www.zlib.net/ Source0: https://zlib.net/zlib-%{version}.tar.xz +# patches from upstream +Patch1: 0001-Fix-configure-issue-that-discarded-provided-CC-defin.patch +Patch2: 0002-Correct-incorrect-inputs-provided-to-the-CRC-functio.patch +# CVE-2022-37434 +Patch3: 0003-Fix-a-bug-when-getting-a-gzip-header-extra-field-wit.patch +Patch4: 0004-Fix-extra-field-processing-bug-that-dereferences-NUL.patch BuildRequires: make automake autoconf libtool -Requires: glibc %description Zlib is a general-purpose, patent-free, lossless data compression @@ -16,7 +22,7 @@ library which is used by many different programs. %package devel Summary: Header files and libraries for Zlib development -Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: %{name} = %{version}-%{release} %description devel The zlib-devel package contains the header files and libraries needed @@ -25,7 +31,7 @@ library. %package static Summary: Static libraries for Zlib development -Requires: %{name}-devel%{?_isa} = %{version}-%{release} +Requires: %{name}-devel = %{version}-%{release} %description static The zlib-static package includes static libraries needed @@ -34,15 +40,15 @@ decompression library. %package -n minizip-compat Summary: Library for manipulation with .zip archives -Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: %{name} = %{version}-%{release} %description -n minizip-compat Minizip is a library for manipulation with files from .zip archives. %package -n minizip-compat-devel Summary: Development files for the minizip library -Requires: minizip-compat%{?_isa} = %{version}-%{release} -Requires: %{name}-devel%{?_isa} = %{version}-%{release} +Requires: minizip-compat = %{version}-%{release} +Requires: %{name}-devel = %{version}-%{release} Conflicts: minizip-devel %description -n minizip-compat-devel @@ -50,7 +56,7 @@ This package contains the libraries and header files needed for developing applications which use minizip. %prep -%autosetup +%autosetup -p1 %build export CFLAGS="$RPM_OPT_FLAGS" @@ -103,5 +109,8 @@ find $RPM_BUILD_ROOT -name '*.la' -delete %changelog +* Tue Aug 30 2022 Chunmei Xu - 1.2.12-1 +- update to 1.2.12 + * Mon Mar 7 2022 forrest_ly - 1.2.11-1 - Init Anolis OS 23