From 6256dabffd4989c2fd93e71270651f2128971e5e Mon Sep 17 00:00:00 2001
From: chenhaixiang <chenhaixiang3@huawei.com>
Date: Wed, 3 Aug 2022 18:05:24 +0800
Subject: [PATCH] fix CVE-2021-20269

Signed-off-by: chenhaixiang <chenhaixiang3@huawei.com>
---
 kdump-lib-initramfs.sh | 2 +-
 kexec-tools.spec       | 5 ++++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/kdump-lib-initramfs.sh b/kdump-lib-initramfs.sh
index a7c0bf9..03949ea 100755
--- a/kdump-lib-initramfs.sh
+++ b/kdump-lib-initramfs.sh
@@ -164,7 +164,7 @@ save_vmcore_dmesg_fs() {
     _exitcode=$?
     if [ $_exitcode -eq 0 ]; then
         mv ${_path}/vmcore-dmesg-incomplete.txt ${_path}/vmcore-dmesg.txt
-
+	chmod 400 ${_path}/vmcore-dmesg.txt
         # Make sure file is on disk. There have been instances where later
         # saving vmcore failed and system rebooted without sync and there
         # was no vmcore-dmesg.txt available.
diff --git a/kexec-tools.spec b/kexec-tools.spec
index 6d1a7e6..91383be 100644
--- a/kexec-tools.spec
+++ b/kexec-tools.spec
@@ -4,7 +4,7 @@
 
 Name: kexec-tools
 Version: 2.0.23
-Release: 4
+Release: 5
 License: GPLv2
 Summary: The kexec/kdump userspace component
 URL:     https://www.kernel.org/
@@ -290,6 +290,9 @@ done
 %endif
 
 %changelog
+* Wed Aug 3 2022 chenhaixiang <chenhaixiang3@huawei.com> - 2.0.23-5
+- fix CVE-2021-20269
+
 * Fri Mar 11 2022 wangbin <wangbin224@huawei.com> - 2.0.23-4
 - packing 98-kexec.rules instead of 98-kexec.rules.ppc64
 
-- 
Gitee