From b6f235f18604c637a912506219518128f0899dad Mon Sep 17 00:00:00 2001 From: zhangy1317 Date: Thu, 4 Aug 2022 10:27:19 +0800 Subject: [PATCH] Fix CVE-2021-40085 --- 0004-CVE-2021-40085.patch | 56 +++++++++++++++++++++++++++++++++++++++ openstack-neutron.spec | 7 +++-- 2 files changed, 61 insertions(+), 2 deletions(-) create mode 100644 0004-CVE-2021-40085.patch diff --git a/0004-CVE-2021-40085.patch b/0004-CVE-2021-40085.patch new file mode 100644 index 0000000..27332f6 --- /dev/null +++ b/0004-CVE-2021-40085.patch @@ -0,0 +1,56 @@ +From 33039c65f2f4080722e28086cc234801ad3371f9 Mon Sep 17 00:00:00 2001 +From: zhangy1317 +Date: Thu, 4 Aug 2022 10:34:07 +0800 +Subject: [PATCH] CVE-2021-40085 + +--- + neutron/agent/linux/dhcp.py | 6 +++--- + neutron/tests/unit/agent/linux/test_dhcp.py | 7 ++++++- + 2 files changed, 9 insertions(+), 4 deletions(-) + +diff --git a/neutron/agent/linux/dhcp.py b/neutron/agent/linux/dhcp.py +index e2322dc..1419a1f 100644 +--- a/neutron/agent/linux/dhcp.py ++++ b/neutron/agent/linux/dhcp.py +@@ -1139,10 +1139,10 @@ class Dnsmasq(DhcpLocalProcess): + else: + option = 'option6:%s' % option + if extra_tag: +- tags = ('tag:' + tag, extra_tag[:-1], '%s' % option) ++ tags = ['tag:' + tag, extra_tag[:-1], '%s' % option] + else: +- tags = ('tag:' + tag, '%s' % option) +- return ','.join(tags + args) ++ tags = ['tag:' + tag, '%s' % option] ++ return ','.join(tags + [v.split("\n", 1)[0] for v in args]) + + @staticmethod + def _convert_to_literal_addrs(ip_version, ips): +diff --git a/neutron/tests/unit/agent/linux/test_dhcp.py b/neutron/tests/unit/agent/linux/test_dhcp.py +index 848dedb..9bb4947 100644 +--- a/neutron/tests/unit/agent/linux/test_dhcp.py ++++ b/neutron/tests/unit/agent/linux/test_dhcp.py +@@ -225,6 +225,9 @@ class FakeV6PortExtraOpt(object): + self.extra_dhcp_opts = [ + DhcpOpt(opt_name='dns-server', + opt_value='ffea:3ba5:a17a:4ba3::100', ++ ip_version=6), ++ DhcpOpt(opt_name='malicious-option', ++ opt_value='aaa\nbbb.ccc\n', + ip_version=6)] + + +@@ -2703,7 +2706,9 @@ class TestDnsmasq(TestBase): + exp_opt_data = ('tag:subnet-eeeeeeee-eeee-eeee-eeee-eeeeeeeeeeee,' + 'option6:domain-search,openstacklocal\n' + 'tag:port-hhhhhhhh-hhhh-hhhh-hhhh-hhhhhhhhhhhh,' +- 'option6:dns-server,ffea:3ba5:a17a:4ba3::100').lstrip() ++ 'option6:dns-server,ffea:3ba5:a17a:4ba3::100\n' ++ 'tag:port-hhhhhhhh-hhhh-hhhh-hhhh-hhhhhhhhhhhh,' ++ 'option6:malicious-option,aaa').lstrip() + dm = self._get_dnsmasq(FakeV6NetworkStatelessDHCP()) + dm._output_hosts_file() + dm._output_opts_file() +-- +2.28.0 + diff --git a/openstack-neutron.spec b/openstack-neutron.spec index 9ef1012..ef319aa 100644 --- a/openstack-neutron.spec +++ b/openstack-neutron.spec @@ -12,7 +12,7 @@ Neutron is a virtual network service for Openstack. Name: openstack-%{service} Version: 13.0.7 -Release: 2 +Release: 3 Summary: OpenStack Networking Service License: Apache-2.0 URL: http://launchpad.net/%{service}/ @@ -44,6 +44,7 @@ Source36: neutron-destroy-patch-ports.service Patch0001: 0001-Create-executable-for-removing-patch-ports.patch Patch0002: 0002-Destroy-patch-ports-only-if-canary-flow-is-not-prese.patch Patch0003: 0003-use-plugin-utils-from-neutron-lib.patch +Patch0004: 0004-CVE-2021-40085.patch BuildArch: noarch @@ -93,7 +94,6 @@ Requires: iptables %{?systemd_requires} -Obsoletes: openstack-%{service}-dev-server %description %{common_desc} @@ -665,6 +665,9 @@ fi %changelog +* Wed Aug 03 2022 zhangy - 13.0.7-3 +- Fix CVE-2021-40085 + * Wed Jun 9 2021 gaosong - Remove ncclient dependency * Mon May 17 2021 openstack-sig -- Gitee