diff --git a/0001-CVE-2022-27239.patch b/0001-CVE-2022-27239.patch deleted file mode 100644 index f1e33dcd630483c2918ce84339c42450b7967345..0000000000000000000000000000000000000000 --- a/0001-CVE-2022-27239.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 955fb147e97a6a74e1aaa65766de91e2c1479765 Mon Sep 17 00:00:00 2001 -From: Jeffrey Bencteux -Date: Thu, 17 Mar 2022 12:58:52 -0400 -Subject: [PATCH] CVE-2022-27239: mount.cifs: fix length check for ip option - parsing - -Previous check was true whatever the length of the input string was, -leading to a buffer overflow in the subsequent strcpy call. - -Bug: https://bugzilla.samba.org/show_bug.cgi?id=15025 - -Signed-off-by: Jeffrey Bencteux -Reviewed-by: David Disseldorp ---- - mount.cifs.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/mount.cifs.c b/mount.cifs.c -index 84274c9..3a6b449 100644 ---- a/mount.cifs.c -+++ b/mount.cifs.c -@@ -926,9 +926,10 @@ parse_options(const char *data, struct parsed_mount_info *parsed_info) - if (!value || !*value) { - fprintf(stderr, - "target ip address argument missing\n"); -- } else if (strnlen(value, MAX_ADDRESS_LEN) <= -+ } else if (strnlen(value, MAX_ADDRESS_LEN) < - MAX_ADDRESS_LEN) { -- strcpy(parsed_info->addrlist, value); -+ strlcpy(parsed_info->addrlist, value, -+ MAX_ADDRESS_LEN); - if (parsed_info->verboseflag) - fprintf(stderr, - "ip address %s override specified\n", --- \ No newline at end of file diff --git a/0002-CVE-2022-29869.patch b/0002-CVE-2022-29869.patch deleted file mode 100644 index 8ba7b9093dca68febb088047460b399bc85099d6..0000000000000000000000000000000000000000 --- a/0002-CVE-2022-29869.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 8acc963a2e7e9d63fe1f2e7f73f5a03f83d9c379 Mon Sep 17 00:00:00 2001 -From: Jeffrey Bencteux -Date: Sat, 19 Mar 2022 13:41:15 -0400 -Subject: [PATCH] mount.cifs: fix verbose messages on option parsing - -When verbose logging is enabled, invalid credentials file lines may be -dumped to stderr. This may lead to information disclosure in particular -conditions when the credentials file given is sensitive and contains '=' -signs. - -Bug: https://bugzilla.samba.org/show_bug.cgi?id=15026 - -Signed-off-by: Jeffrey Bencteux -Reviewed-by: David Disseldorp ---- - mount.cifs.c | 6 +----- - 1 file changed, 1 insertion(+), 5 deletions(-) - -diff --git a/mount.cifs.c b/mount.cifs.c -index 3a6b449..2278995 100644 ---- a/mount.cifs.c -+++ b/mount.cifs.c -@@ -628,17 +628,13 @@ static int open_cred_file(char *file_name, - goto return_i; - break; - case CRED_DOM: -- if (parsed_info->verboseflag) -- fprintf(stderr, "domain=%s\n", -- temp_val); - strlcpy(parsed_info->domain, temp_val, - sizeof(parsed_info->domain)); - break; - case CRED_UNPARSEABLE: - if (parsed_info->verboseflag) - fprintf(stderr, "Credential formatted " -- "incorrectly: %s\n", -- temp_val ? temp_val : "(null)"); -+ "incorrectly\n"); - break; - } - } --- \ No newline at end of file diff --git a/cifs-utils-6.14.tar.bz2 b/cifs-utils-6.14.tar.bz2 deleted file mode 100644 index 3df8cac2b246002699d9750c5c1c3cc38c32c2d3..0000000000000000000000000000000000000000 Binary files a/cifs-utils-6.14.tar.bz2 and /dev/null differ diff --git a/cifs-utils-6.15.tar.bz2 b/cifs-utils-6.15.tar.bz2 new file mode 100644 index 0000000000000000000000000000000000000000..3a362b2a1f0f321335932461b33f23494713a04b Binary files /dev/null and b/cifs-utils-6.15.tar.bz2 differ diff --git a/cifs-utils.spec b/cifs-utils.spec index f80e9d8045ee4c3ae7644a5a9c45860ba20f620c..754ed065ac99e0a93104fe419b9d444abfa6477f 100644 --- a/cifs-utils.spec +++ b/cifs-utils.spec @@ -1,6 +1,6 @@ Name: cifs-utils -Version: 6.14 -Release: 3 +Version: 6.15 +Release: 1 Summary: Utilities for doing and managing mounts of the Linux CIFS filesystem License: GPLv3+ URL: http://linux-cifs.samba.org/cifs-utils/ @@ -12,8 +12,6 @@ Provides: pam_cifscreds Obsoletes: pam_cifscreds Requires: keyutils -Patch1: 0001-CVE-2022-27239.patch -Patch2: 0002-CVE-2022-29869.patch %description The in-kernel CIFS filesystem is generally the preferred method for mounting @@ -78,6 +76,9 @@ install -m 644 contrib/request-key.d/cifs.spnego.conf %{buildroot}%{_sysconfdir} %{_mandir}/man8/* %changelog +* Tue Jul 26 2022 zhanchengbin - 6.15-1 +- update cifs-utils version to 6.15-1 + * Thu May 5 2022 yanglongkang - 6.14-3 - Fix CVE-2022-27239 and CVE-2022-29869