From 33e7fb6d0537933429262edf4c44dc34b9ed4c10 Mon Sep 17 00:00:00 2001 From: panysh Date: Fri, 15 Jul 2022 10:35:01 +0800 Subject: [PATCH] CVE-2020-28163 CVE-2020-27545 --- ...34808c01f1c61bbec56ed2395af997f397ea.patch | 311 ++++++++++++++++++ ...9408e3f9f706fc3809dd400e831f989778d3.patch | 179 ++++++++++ libdwarf.spec | 13 +- 3 files changed, 502 insertions(+), 1 deletion(-) create mode 100644 95f634808c01f1c61bbec56ed2395af997f397ea.patch create mode 100644 faf99408e3f9f706fc3809dd400e831f989778d3.patch diff --git a/95f634808c01f1c61bbec56ed2395af997f397ea.patch b/95f634808c01f1c61bbec56ed2395af997f397ea.patch new file mode 100644 index 0000000..115d39a --- /dev/null +++ b/95f634808c01f1c61bbec56ed2395af997f397ea.patch @@ -0,0 +1,311 @@ +From 95f634808c01f1c61bbec56ed2395af997f397ea Mon Sep 17 00:00:00 2001 +From: David Anderson +Date: Sat, 17 Oct 2020 12:40:58 -0700 +Subject: [PATCH] modified: configure modified: configure.ac now + version 20201017 + +updated version string libdwarf_version.h +and regenerated files that have the version +string. + modified: dwarfdump/dwarf_names.c + modified: dwarfdump/dwarf_names.h + modified: dwarfdump/dwarfdump-ta-ext-table.h + modified: dwarfdump/dwarfdump-ta-table.h + modified: dwarfdump/dwarfdump-tt-ext-table.h + modified: dwarfdump/dwarfdump-tt-table.h + + modified: libdwarf/dwarf_names.c + modified: libdwarf/dwarf_names.h + modified: libdwarf/dwarf_names_enum.h + modified: libdwarf/dwarf_names_new.h + modified: libdwarf/generated_libdwarf.h.in + modified: libdwarf/libdwarf_version.h +--- + ChangeLog | 3 +++ + configure | 20 ++++++++++---------- + configure.ac | 2 +- + dwarfdump/ChangeLog | 5 +++++ + dwarfdump/dwarf_names.c | 2 +- + dwarfdump/dwarf_names.h | 2 +- + dwarfdump/dwarfdump-ta-ext-table.h | 2 +- + dwarfdump/dwarfdump-ta-table.h | 2 +- + dwarfdump/dwarfdump-tt-ext-table.h | 2 +- + dwarfdump/dwarfdump-tt-table.h | 2 +- + libdwarf/ChangeLog | 4 ++++ + libdwarf/dwarf_names.c | 2 +- + libdwarf/dwarf_names.h | 2 +- + libdwarf/dwarf_names_enum.h | 2 +- + libdwarf/dwarf_names_new.h | 2 +- + libdwarf/generated_libdwarf.h.in | 3 ++- + libdwarf/libdwarf_version.h | 2 +- + 17 files changed, 36 insertions(+), 23 deletions(-) + +diff --git a/ChangeLog b/ChangeLog +index e4622a20..b103d735 100644 +--- a/ChangeLog ++++ b/ChangeLog +@@ -1,3 +1,6 @@ ++2020-10-17 David Anderson ++ * configure.ac: Now version 20201017 ++ * configure: Regenerated. + 2020-10-11 David Anderson + * configure.ac: Now version 20201011 + * configure: Regenerated. +diff --git a/configure b/configure +index 90f4a66e..49905b72 100755 +--- a/configure ++++ b/configure +@@ -1,6 +1,6 @@ + #! /bin/sh + # Guess values for system-dependent variables and create Makefiles. +-# Generated by GNU Autoconf 2.69 for libdwarf 20201011. ++# Generated by GNU Autoconf 2.69 for libdwarf 20201017. + # + # Report bugs to . + # +@@ -590,8 +590,8 @@ MAKEFLAGS= + # Identity of this package. + PACKAGE_NAME='libdwarf' + PACKAGE_TARNAME='libdwarf' +-PACKAGE_VERSION='20201011' +-PACKAGE_STRING='libdwarf 20201011' ++PACKAGE_VERSION='20201017' ++PACKAGE_STRING='libdwarf 20201017' + PACKAGE_BUGREPORT='libdwarf-list -at- linuxmail -dot- org' + PACKAGE_URL='' + +@@ -1362,7 +1362,7 @@ if test "$ac_init_help" = "long"; then + # Omit some internal or obsolete options to make the list less imposing. + # This message is too long to be a string in the A/UX 3.1 sh. + cat <<_ACEOF +-\`configure' configures libdwarf 20201011 to adapt to many kinds of systems. ++\`configure' configures libdwarf 20201017 to adapt to many kinds of systems. + + Usage: $0 [OPTION]... [VAR=VALUE]... + +@@ -1433,7 +1433,7 @@ fi + + if test -n "$ac_init_help"; then + case $ac_init_help in +- short | recursive ) echo "Configuration of libdwarf 20201011:";; ++ short | recursive ) echo "Configuration of libdwarf 20201017:";; + esac + cat <<\_ACEOF + +@@ -1566,7 +1566,7 @@ fi + test -n "$ac_init_help" && exit $ac_status + if $ac_init_version; then + cat <<\_ACEOF +-libdwarf configure 20201011 ++libdwarf configure 20201017 + generated by GNU Autoconf 2.69 + + Copyright (C) 2012 Free Software Foundation, Inc. +@@ -2110,7 +2110,7 @@ cat >config.log <<_ACEOF + This file contains any messages produced by compilers while + running configure, to aid debugging if configure makes a mistake. + +-It was created by libdwarf $as_me 20201011, which was ++It was created by libdwarf $as_me 20201017, which was + generated by GNU Autoconf 2.69. Invocation command line was + + $ $0 $@ +@@ -4342,7 +4342,7 @@ fi + + # Define the identity of the package. + PACKAGE='libdwarf' +- VERSION='20201011' ++ VERSION='20201017' + + + cat >>confdefs.h <<_ACEOF +@@ -19403,7 +19403,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 + # report actual input values of CONFIG_FILES etc. instead of their + # values after options handling. + ac_log=" +-This file was extended by libdwarf $as_me 20201011, which was ++This file was extended by libdwarf $as_me 20201017, which was + generated by GNU Autoconf 2.69. Invocation command line was + + CONFIG_FILES = $CONFIG_FILES +@@ -19469,7 +19469,7 @@ _ACEOF + cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 + ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" + ac_cs_version="\\ +-libdwarf config.status 20201011 ++libdwarf config.status 20201017 + configured by $0, generated by GNU Autoconf 2.69, + with options \\"\$ac_cs_config\\" + +diff --git a/configure.ac b/configure.ac +index 72bd4e31..bb88f44d 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -16,7 +16,7 @@ m4_define([lt_age], [v_min]) + + ### Sets the release name. + ###m4_define([v_date], [m4_esyscmd_s([date "+%Y%m%d"])]) +-m4_define([v_date], [20201011])]) ++m4_define([v_date], [20201017])]) + + AC_PREREQ([2.52]) + ### 2nd arg to AC_INIT is the version 'number'. +diff --git a/dwarfdump/ChangeLog b/dwarfdump/ChangeLog +index 3ae603f6..8fb0f61e 100644 +--- a/dwarfdump/ChangeLog ++++ b/dwarfdump/ChangeLog +@@ -1,3 +1,8 @@ ++2020-10-17: David Anderson ++ * dwarf_names.c,dwarf_names.h,dwarfdump-ta-ext-table.h, ++ dwarfdump-ta-table.h,dwarfdump-tt-ext-table.h, ++ dwarfdump-tt-table.h: Regenerated with latest ++ version string. + 2020-10-15: David Anderson + * print_lines.c(print_line_context_record): Fixed the + comments about DWARF4 vs 5. +diff --git a/dwarfdump/dwarf_names.c b/dwarfdump/dwarf_names.c +index 15483d6f..5e982fdf 100644 +--- a/dwarfdump/dwarf_names.c ++++ b/dwarfdump/dwarf_names.c +@@ -1,5 +1,5 @@ + /* Generated routines, do not edit. */ +-/* Generated sourcedate 2020-10-11 11:34:27-07:00 */ ++/* Generated sourcedate 2020-10-17 11:30:22-07:00 */ + + /* BEGIN FILE */ + +diff --git a/dwarfdump/dwarf_names.h b/dwarfdump/dwarf_names.h +index 930da06d..ae819dfb 100644 +--- a/dwarfdump/dwarf_names.h ++++ b/dwarfdump/dwarf_names.h +@@ -1,5 +1,5 @@ + /* Generated routines, do not edit. */ +-/* Generated sourcedate 2020-10-11 11:34:27-07:00 */ ++/* Generated sourcedate 2020-10-17 11:30:22-07:00 */ + + /* BEGIN FILE */ + +diff --git a/dwarfdump/dwarfdump-ta-ext-table.h b/dwarfdump/dwarfdump-ta-ext-table.h +index 84707ccb..e208f0c9 100644 +--- a/dwarfdump/dwarfdump-ta-ext-table.h ++++ b/dwarfdump/dwarfdump-ta-ext-table.h +@@ -1,5 +1,5 @@ + /* Generated code, do not edit. */ +-/* Generated sourcedate 2020-10-11 11:34:27-07:00 */ ++/* Generated sourcedate 2020-10-17 11:30:22-07:00 */ + + /* BEGIN FILE */ + +diff --git a/dwarfdump/dwarfdump-ta-table.h b/dwarfdump/dwarfdump-ta-table.h +index 9ea82e8d..d90c0965 100644 +--- a/dwarfdump/dwarfdump-ta-table.h ++++ b/dwarfdump/dwarfdump-ta-table.h +@@ -1,5 +1,5 @@ + /* Generated code, do not edit. */ +-/* Generated sourcedate 2020-10-11 11:34:27-07:00 */ ++/* Generated sourcedate 2020-10-17 11:30:22-07:00 */ + + /* BEGIN FILE */ + +diff --git a/dwarfdump/dwarfdump-tt-ext-table.h b/dwarfdump/dwarfdump-tt-ext-table.h +index 7c439580..c507a40d 100644 +--- a/dwarfdump/dwarfdump-tt-ext-table.h ++++ b/dwarfdump/dwarfdump-tt-ext-table.h +@@ -1,5 +1,5 @@ + /* Generated code, do not edit. */ +-/* Generated sourcedate 2020-10-11 11:34:27-07:00 */ ++/* Generated sourcedate 2020-10-17 11:30:22-07:00 */ + + /* BEGIN FILE */ + +diff --git a/dwarfdump/dwarfdump-tt-table.h b/dwarfdump/dwarfdump-tt-table.h +index c6e66de0..2d94c866 100644 +--- a/dwarfdump/dwarfdump-tt-table.h ++++ b/dwarfdump/dwarfdump-tt-table.h +@@ -1,5 +1,5 @@ + /* Generated code, do not edit. */ +-/* Generated sourcedate 2020-10-11 11:34:27-07:00 */ ++/* Generated sourcedate 2020-10-17 11:30:22-07:00 */ + + /* BEGIN FILE */ + +diff --git a/libdwarf/ChangeLog b/libdwarf/ChangeLog +index bc39291e..527183ec 100644 +--- a/libdwarf/ChangeLog ++++ b/libdwarf/ChangeLog +@@ -1,3 +1,7 @@ ++2020-10-17: David Anderson ++ * libdwarf_version.h: updated version string ++ * dwarf_names.c,dwarf_names.h,dwarf_names_enum.h, ++ dwarf_names_new.h: regenerated with new version string. + 2020-10-15: David Anderson + * dwarf_line.c:Set up the default registers correctly + for DWARF5 as well as earlier versions. +diff --git a/libdwarf/dwarf_names.c b/libdwarf/dwarf_names.c +index 15483d6f..5e982fdf 100644 +--- a/libdwarf/dwarf_names.c ++++ b/libdwarf/dwarf_names.c +@@ -1,5 +1,5 @@ + /* Generated routines, do not edit. */ +-/* Generated sourcedate 2020-10-11 11:34:27-07:00 */ ++/* Generated sourcedate 2020-10-17 11:30:22-07:00 */ + + /* BEGIN FILE */ + +diff --git a/libdwarf/dwarf_names.h b/libdwarf/dwarf_names.h +index 930da06d..ae819dfb 100644 +--- a/libdwarf/dwarf_names.h ++++ b/libdwarf/dwarf_names.h +@@ -1,5 +1,5 @@ + /* Generated routines, do not edit. */ +-/* Generated sourcedate 2020-10-11 11:34:27-07:00 */ ++/* Generated sourcedate 2020-10-17 11:30:22-07:00 */ + + /* BEGIN FILE */ + +diff --git a/libdwarf/dwarf_names_enum.h b/libdwarf/dwarf_names_enum.h +index 8feb26b7..e7658b9d 100644 +--- a/libdwarf/dwarf_names_enum.h ++++ b/libdwarf/dwarf_names_enum.h +@@ -1,5 +1,5 @@ + /* Automatically generated, do not edit. */ +-/* Generated sourcedate 2020-10-11 11:34:27-07:00 */ ++/* Generated sourcedate 2020-10-17 11:30:22-07:00 */ + + /* BEGIN FILE */ + +diff --git a/libdwarf/dwarf_names_new.h b/libdwarf/dwarf_names_new.h +index 3a1dbdeb..37d60b20 100644 +--- a/libdwarf/dwarf_names_new.h ++++ b/libdwarf/dwarf_names_new.h +@@ -1,5 +1,5 @@ + /* Automatically generated, do not edit. */ +-/* Generated sourcedate 2020-10-11 11:34:27-07:00 */ ++/* Generated sourcedate 2020-10-17 11:30:22-07:00 */ + + /* BEGIN FILE */ + +diff --git a/libdwarf/generated_libdwarf.h.in b/libdwarf/generated_libdwarf.h.in +index 8fc4d31b..08f3042b 100644 +--- a/libdwarf/generated_libdwarf.h.in ++++ b/libdwarf/generated_libdwarf.h.in +@@ -3320,7 +3320,8 @@ int dwarf_macro_context_head(Dwarf_Macro_Context /*head*/, + Dwarf_Error * /*error*/); + + /* Returns data from the operands table +- in the macro unit header. */ ++ in the macro unit header. The last op has ++ 0 as opcode_number,operand_count and operand_array */ + int dwarf_macro_operands_table(Dwarf_Macro_Context /*head*/, + Dwarf_Half /*index*/, /* 0 to opcode_count -1 */ + Dwarf_Half * /*opcode_number*/, +diff --git a/libdwarf/libdwarf_version.h b/libdwarf/libdwarf_version.h +index e09264d2..248edf3c 100644 +--- a/libdwarf/libdwarf_version.h ++++ b/libdwarf/libdwarf_version.h +@@ -4,4 +4,4 @@ + and is modified from time to time. + */ + +-#define DW_VERSION_DATE_STR " 2020-10-11 11:34:27-07:00 " ++#define DW_VERSION_DATE_STR " 2020-10-17 11:30:22-07:00 " diff --git a/faf99408e3f9f706fc3809dd400e831f989778d3.patch b/faf99408e3f9f706fc3809dd400e831f989778d3.patch new file mode 100644 index 0000000..f478675 --- /dev/null +++ b/faf99408e3f9f706fc3809dd400e831f989778d3.patch @@ -0,0 +1,179 @@ +From faf99408e3f9f706fc3809dd400e831f989778d3 Mon Sep 17 00:00:00 2001 +From: David Anderson +Date: Wed, 28 Oct 2020 15:56:06 -0700 +Subject: [PATCH] modified: libdwarf/dwarf_print_lines.c * + dwarf_print_lines.c: In case of corrupted DWARF5 line header the + fi_file_name field for a file entry can be null. Now we print a + string in that case to avoid passing a null to + dwarfstring_append. Dwarfbug DW202010-003. Also some lines longer + than libdwarf standard were shortened, but a few long lines really + must remain. + +--- + libdwarf/ChangeLog | 10 ++++++ + libdwarf/dwarf_print_lines.c | 62 +++++++++++++++++++++--------------- + 2 files changed, 47 insertions(+), 25 deletions(-) + +diff --git a/libdwarf/ChangeLog b/libdwarf/ChangeLog +index d5fc623c..bbcfb33e 100644 +--- a/libdwarf/ChangeLog ++++ b/libdwarf/ChangeLog +@@ -1,3 +1,13 @@ ++2020-10-28: David Anderson ++ * dwarf_print_lines.c: In case of corrupted ++ DWARF5 line header the fi_file_name field ++ for a file entry can be null. Now ++ we print a string in that case ++ to avoid passing a null to dwarfstring_append. ++ Dwarfbug DW202010-003. ++ Also some lines longer than libdwarf standard ++ were shortened, but a few long lines really ++ must remain. + 2020-10-28: David Anderson + * dwarf_ranges.c: Altered lines longer than libdwarf + standard. +diff --git a/libdwarf/dwarf_print_lines.c b/libdwarf/dwarf_print_lines.c +index e119d666..8f73f7b9 100644 +--- a/libdwarf/dwarf_print_lines.c ++++ b/libdwarf/dwarf_print_lines.c +@@ -54,8 +54,10 @@ print_line_header(Dwarf_Debug dbg, + Dwarf_Bool is_actuals_tab) + { + if (!is_single_tab) { +- /* Ugly indenting follows, it makes lines shorter to see them better. +- Best to use a wider text window to really see how it looks.*/ ++ /* Ugly indenting follows, it makes lines shorter ++ to see them better. ++ Best to use a wider text window to really ++ see how it looks.*/ + if (is_actuals_tab) { + _dwarf_printf(dbg,"\nActuals Table\n"); + _dwarf_printf(dbg, +@@ -102,13 +104,15 @@ print_line_detail( + if(!is_single_table && is_actuals_table) { + dwarfstring_append_printf_s(&m1,"%-15s ",(char *)prefix); + dwarfstring_append_printf_i(&m1,"%3d ",opcode); +- dwarfstring_append_printf_u(&m1,"0x%" DW_PR_XZEROS DW_PR_DUx , ++ dwarfstring_append_printf_u(&m1,"0x%" DW_PR_XZEROS DW_PR_DUx, + regs->lr_address); + dwarfstring_append_printf_u(&m1,"/%01u",regs->lr_op_index); + dwarfstring_append_printf_u(&m1," %5lu", regs->lr_line); + dwarfstring_append_printf_u(&m1," %3d",regs->lr_isa); +- dwarfstring_append_printf_i(&m1," %1d", regs->lr_basic_block); +- dwarfstring_append_printf_i(&m1,"%1d\n", regs->lr_end_sequence); ++ dwarfstring_append_printf_i(&m1," %1d", ++ regs->lr_basic_block); ++ dwarfstring_append_printf_i(&m1,"%1d\n", ++ regs->lr_end_sequence); + _dwarf_printf(dbg,dwarfstring_string(&m1)); + dwarfstring_destructor(&m1); + return; +@@ -138,9 +142,11 @@ print_line_detail( + " x%02" DW_PR_DUx , + regs->lr_discriminator); /* DWARF4 */ + dwarfstring_append_printf_u(&m1, +- " x%02" DW_PR_DUx , regs->lr_call_context); /* EXPERIMENTAL */ ++ " x%02" DW_PR_DUx, ++ regs->lr_call_context); /* EXPERIMENTAL */ + dwarfstring_append_printf_u(&m1, +- " x%02" DW_PR_DUx , regs->lr_subprogram); /* EXPERIMENTAL */ ++ " x%02" DW_PR_DUx , ++ regs->lr_subprogram); /* EXPERIMENTAL */ + dwarfstring_append_printf_i(&m1, + " %1d", regs->lr_is_stmt); + dwarfstring_append_printf_i(&m1, +@@ -236,7 +242,8 @@ print_include_directory_details(Dwarf_Debug dbg, + tname = ""; + } + dwarfstring_append_printf_u (&m4, +- " type 0x%" DW_PR_XZEROS DW_PR_DUx ,valpair->up_first); ++ " type 0x%" DW_PR_XZEROS DW_PR_DUx, ++ valpair->up_first); + dwarfstring_append_printf_s (&m4, + " %-20s\n",(char *)tname); + res = dwarf_get_FORM_name(valpair->up_second,&fname); +@@ -327,20 +334,22 @@ print_just_file_entry_details(Dwarf_Debug dbg, + if (line_context->lc_file_entry_count > 9) { + dwarfstring_append_printf_u(&m3, + " file[%2u] ",fiu); +- dwarfstring_append_printf_s(&m3, +- "%-20s ", +- (char *) fe->fi_file_name); +- dwarfstring_append_printf_u(&m3, +- "(file-number: %u)\n", +- filenum); + } else { + dwarfstring_append_printf_u(&m3, + " file[%u] ", fiu); +- dwarfstring_append_printf_s(&m3, +- "%-20s ",(char *)fe->fi_file_name); +- dwarfstring_append_printf_u(&m3, +- "(file-number: %u)\n",filenum); + } ++ /* DWARF5 can have a null fi_file_name ++ if the format code in the ++ line table header is unknown, such ++ as in a corrupt object file. */ ++ dwarfstring_append_printf_s(&m3, ++ "%-20s ", ++ fe->fi_file_name? ++ (char *) fe->fi_file_name: ++ ""); ++ dwarfstring_append_printf_u(&m3, ++ "(file-number: %u)\n", ++ filenum); + _dwarf_printf(dbg,dwarfstring_string(&m3)); + dwarfstring_reset(&m3); + if (fe->fi_dir_index_present) { +@@ -509,8 +518,8 @@ _dwarf_internal_printlines(Dwarf_Die die, + Dwarf_Small *line_ptr = 0; + Dwarf_Small *orig_line_ptr = 0; + +- /* Pointer to a DW_AT_stmt_list attribute in case it exists in the +- die. */ ++ /* Pointer to a DW_AT_stmt_list attribute in case ++ it exists in the die. */ + Dwarf_Attribute stmt_list_attr = 0; + + /* Pointer to DW_AT_comp_dir attribute in die. */ +@@ -568,7 +577,8 @@ _dwarf_internal_printlines(Dwarf_Die die, + } + + address_size = _dwarf_get_address_size(dbg, die); +- resattr = dwarf_attr(die, DW_AT_stmt_list, &stmt_list_attr, error); ++ resattr = dwarf_attr(die, DW_AT_stmt_list, &stmt_list_attr, ++ error); + if (resattr != DW_DLV_OK) { + return resattr; + } +@@ -600,7 +610,8 @@ _dwarf_internal_printlines(Dwarf_Die die, + section_start = dbg->de_debug_line.dss_data; + { + Dwarf_Unsigned fission_size = 0; +- int resfis = _dwarf_get_fission_addition_die(die, DW_SECT_LINE, ++ int resfis = _dwarf_get_fission_addition_die(die, ++ DW_SECT_LINE, + &fission_offset,&fission_size,error); + if(resfis != DW_DLV_OK) { + dwarf_dealloc(dbg,stmt_list_attr, DW_DLA_ATTR); +@@ -612,8 +623,8 @@ _dwarf_internal_printlines(Dwarf_Die die, + line_ptr = orig_line_ptr; + dwarf_dealloc(dbg, stmt_list_attr, DW_DLA_ATTR); + +- /* If die has DW_AT_comp_dir attribute, get the string that names +- the compilation directory. */ ++ /* If die has DW_AT_comp_dir attribute, get the string ++ that names the compilation directory. */ + resattr = dwarf_attr(die, DW_AT_comp_dir, &comp_dir_attr, error); + if (resattr == DW_DLV_ERROR) { + return resattr; +@@ -907,7 +918,8 @@ print_actuals_and_locals(Dwarf_Debug dbg, + is_actuals_table = true; + /* Read Actuals */ + +- print_line_header(dbg, is_single_table, is_actuals_table); ++ print_line_header(dbg, is_single_table, ++ is_actuals_table); + res = read_line_table_program(dbg, + line_ptr_actuals, line_ptr_end, orig_line_ptr, + section_start, diff --git a/libdwarf.spec b/libdwarf.spec index 22b5418..d9eb59f 100644 --- a/libdwarf.spec +++ b/libdwarf.spec @@ -1,6 +1,6 @@ Name: libdwarf Version: 20201020 -Release: 1 +Release: 1.h1 Summary: Library to access DWARF debugging information License: LGPLv2 URL: http://www.prevanders.net/dwarf.html @@ -72,6 +72,11 @@ LD_LIBRARY_PATH=$PWD/libdwarf/.libs %__make check %{_mandir}/man1/dwarfdump.1.gz %changelog +* Fri Jul 15 2022 Panys +- Type:CVE +- SUG :NO +- DESC : fix CVE-2020-28163 CVE-2020-27545 + * Tue Nov 24 2020 SimpleUpdate Robot - 20201020-1 - Upgrade to version 20201020 @@ -83,3 +88,9 @@ LD_LIBRARY_PATH=$PWD/libdwarf/.libs %__make check * Tue Nov 05 2019 yanzhihua - 20180809-2 - Package init +%Patch +# CVE-2020-28163 CVE-2020-27545 +Patch1 faf99408e3f9f706fc3809dd400e831f989778d3.patch +Patch2 95f634808c01f1c61bbec56ed2395af997f397ea.patch +%patch1 -p1 +%patch2 -p1 -- Gitee