diff --git a/0009-fix-CVE-2024-28176.patch b/0009-fix-CVE-2024-28176.patch new file mode 100644 index 0000000000000000000000000000000000000000..068e050fb56952bd37f799a585773156ca8ac2a0 --- /dev/null +++ b/0009-fix-CVE-2024-28176.patch @@ -0,0 +1,350 @@ +From b29db6d46b82a782641ed0016ccf53304529afb1 Mon Sep 17 00:00:00 2001 +From: duyiwei +Date: Wed, 15 Jan 2025 16:46:47 +0800 +Subject: [PATCH] fix CVE-2024-28176 + +Signed-off-by: duyiwei +--- + go.mod | 2 +- + go.sum | 4 +- + .../gopkg.in/go-jose/go-jose.v2/CHANGELOG.md | 84 +++++++++++++ + vendor/gopkg.in/go-jose/go-jose.v2/README.md | 118 ------------------ + .../gopkg.in/go-jose/go-jose.v2/asymmetric.go | 3 + + vendor/gopkg.in/go-jose/go-jose.v2/crypter.go | 6 + + .../gopkg.in/go-jose/go-jose.v2/encoding.go | 2 +- + .../gopkg.in/go-jose/go-jose.v2/symmetric.go | 5 + + vendor/modules.txt | 2 +- + 9 files changed, 103 insertions(+), 123 deletions(-) + create mode 100644 vendor/gopkg.in/go-jose/go-jose.v2/CHANGELOG.md + delete mode 100644 vendor/gopkg.in/go-jose/go-jose.v2/README.md + +diff --git a/go.mod b/go.mod +index 4030f24..94524d8 100644 +--- a/go.mod ++++ b/go.mod +@@ -212,7 +212,7 @@ require ( + google.golang.org/appengine v1.6.8 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20230920204549-e6e6cdab5c13 // indirect + google.golang.org/grpc v1.58.3 // indirect +- gopkg.in/go-jose/go-jose.v2 v2.6.1 // indirect ++ gopkg.in/go-jose/go-jose.v2 v2.6.3 // indirect + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect + gopkg.in/yaml.v2 v2.4.0 // indirect + tags.cncf.io/container-device-interface/specs-go v0.6.0 // indirect +diff --git a/go.sum b/go.sum +index 68a83cf..47153a8 100644 +--- a/go.sum ++++ b/go.sum +@@ -1563,8 +1563,8 @@ gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qS + gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= + gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= + gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo= +-gopkg.in/go-jose/go-jose.v2 v2.6.1 h1:qEzJlIDmG9q5VO0M/o8tGS65QMHMS1w01TQJB1VPJ4U= +-gopkg.in/go-jose/go-jose.v2 v2.6.1/go.mod h1:zzZDPkNNw/c9IE7Z9jr11mBZQhKQTMzoEEIoEdZlFBI= ++gopkg.in/go-jose/go-jose.v2 v2.6.3 h1:nt80fvSDlhKWQgSWyHyy5CfmlQr+asih51R8PTWNKKs= ++gopkg.in/go-jose/go-jose.v2 v2.6.3/go.mod h1:zzZDPkNNw/c9IE7Z9jr11mBZQhKQTMzoEEIoEdZlFBI= + gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= + gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= + gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= +diff --git a/vendor/gopkg.in/go-jose/go-jose.v2/CHANGELOG.md b/vendor/gopkg.in/go-jose/go-jose.v2/CHANGELOG.md +new file mode 100644 +index 0000000..c77b25c +--- /dev/null ++++ b/vendor/gopkg.in/go-jose/go-jose.v2/CHANGELOG.md +@@ -0,0 +1,84 @@ ++# v4.0.1 ++ ++## Fixed ++ ++ - An attacker could send a JWE containing compressed data that used large ++ amounts of memory and CPU when decompressed by `Decrypt` or `DecryptMulti`. ++ Those functions now return an error if the decompressed data would exceed ++ 250kB or 10x the compressed size (whichever is larger). Thanks to ++ Enze Wang@Alioth and Jianjun Chen@Zhongguancun Lab (@zer0yu and @chenjj) ++ for reporting. ++ ++# v4.0.0 ++ ++This release makes some breaking changes in order to more thoroughly ++address the vulnerabilities discussed in [Three New Attacks Against JSON Web ++Tokens][1], "Sign/encrypt confusion", "Billion hash attack", and "Polyglot ++token". ++ ++## Changed ++ ++ - Limit JWT encryption types (exclude password or public key types) (#78) ++ - Enforce minimum length for HMAC keys (#85) ++ - jwt: match any audience in a list, rather than requiring all audiences (#81) ++ - jwt: accept only Compact Serialization (#75) ++ - jws: Add expected algorithms for signatures (#74) ++ - Require specifying expected algorithms for ParseEncrypted, ++ ParseSigned, ParseDetached, jwt.ParseEncrypted, jwt.ParseSigned, ++ jwt.ParseSignedAndEncrypted (#69, #74) ++ - Usually there is a small, known set of appropriate algorithms for a program ++ to use and it's a mistake to allow unexpected algorithms. For instance the ++ "billion hash attack" relies in part on programs accepting the PBES2 ++ encryption algorithm and doing the necessary work even if they weren't ++ specifically configured to allow PBES2. ++ - Revert "Strip padding off base64 strings" (#82) ++ - The specs require base64url encoding without padding. ++ - Minimum supported Go version is now 1.21 ++ ++## Added ++ ++ - ParseSignedCompact, ParseSignedJSON, ParseEncryptedCompact, ParseEncryptedJSON. ++ - These allow parsing a specific serialization, as opposed to ParseSigned and ++ ParseEncrypted, which try to automatically detect which serialization was ++ provided. It's common to require a specific serialization for a specific ++ protocol - for instance JWT requires Compact serialization. ++ ++[1]: https://i.blackhat.com/BH-US-23/Presentations/US-23-Tervoort-Three-New-Attacks-Against-JSON-Web-Tokens.pdf ++ ++# v3.0.3 ++ ++## Fixed ++ ++ - Limit decompression output size to prevent a DoS. Backport from v4.0.1. ++ ++# v3.0.2 ++ ++## Fixed ++ ++ - DecryptMulti: handle decompression error (#19) ++ ++## Changed ++ ++ - jwe/CompactSerialize: improve performance (#67) ++ - Increase the default number of PBKDF2 iterations to 600k (#48) ++ - Return the proper algorithm for ECDSA keys (#45) ++ ++## Added ++ ++ - Add Thumbprint support for opaque signers (#38) ++ ++# v3.0.1 ++ ++## Fixed ++ ++ - Security issue: an attacker specifying a large "p2c" value can cause ++ JSONWebEncryption.Decrypt and JSONWebEncryption.DecryptMulti to consume large ++ amounts of CPU, causing a DoS. Thanks to Matt Schwager (@mschwager) for the ++ disclosure and to Tom Tervoort for originally publishing the category of attack. ++ https://i.blackhat.com/BH-US-23/Presentations/US-23-Tervoort-Three-New-Attacks-Against-JSON-Web-Tokens.pdf ++ ++# v2.6.3 ++ ++## Fixed ++ ++ - Limit decompression output size to prevent a DoS. Backport from v4.0.1. +\ No newline at end of file +diff --git a/vendor/gopkg.in/go-jose/go-jose.v2/README.md b/vendor/gopkg.in/go-jose/go-jose.v2/README.md +deleted file mode 100644 +index 46b02d6..0000000 +--- a/vendor/gopkg.in/go-jose/go-jose.v2/README.md ++++ /dev/null +@@ -1,118 +0,0 @@ +-# Go JOSE +- +-[![godoc](http://img.shields.io/badge/godoc-version_1-blue.svg?style=flat)](https://godoc.org/gopkg.in/go-jose/go-jose.v1) +-[![godoc](http://img.shields.io/badge/godoc-version_2-blue.svg?style=flat)](https://godoc.org/gopkg.in/go-jose/go-jose.v2) +-[![license](http://img.shields.io/badge/license-apache_2.0-blue.svg?style=flat)](https://raw.githubusercontent.com/go-jose/go-jose/master/LICENSE) +-[![build](https://travis-ci.org/go-jose/go-jose.svg?branch=v2)](https://travis-ci.org/go-jose/go-jose) +-[![coverage](https://coveralls.io/repos/github/go-jose/go-jose/badge.svg?branch=v2)](https://coveralls.io/r/go-jose/go-jose) +- +-Package jose aims to provide an implementation of the Javascript Object Signing +-and Encryption set of standards. This includes support for JSON Web Encryption, +-JSON Web Signature, and JSON Web Token standards. +- +-**Disclaimer**: This library contains encryption software that is subject to +-the U.S. Export Administration Regulations. You may not export, re-export, +-transfer or download this code or any part of it in violation of any United +-States law, directive or regulation. In particular this software may not be +-exported or re-exported in any form or on any media to Iran, North Sudan, +-Syria, Cuba, or North Korea, or to denied persons or entities mentioned on any +-US maintained blocked list. +- +-## Overview +- +-The implementation follows the +-[JSON Web Encryption](http://dx.doi.org/10.17487/RFC7516) (RFC 7516), +-[JSON Web Signature](http://dx.doi.org/10.17487/RFC7515) (RFC 7515), and +-[JSON Web Token](http://dx.doi.org/10.17487/RFC7519) (RFC 7519). +-Tables of supported algorithms are shown below. The library supports both +-the compact and full serialization formats, and has optional support for +-multiple recipients. It also comes with a small command-line utility +-([`jose-util`](https://github.com/go-jose/go-jose/tree/v2/jose-util)) +-for dealing with JOSE messages in a shell. +- +-**Note**: We use a forked version of the `encoding/json` package from the Go +-standard library which uses case-sensitive matching for member names (instead +-of [case-insensitive matching](https://www.ietf.org/mail-archive/web/json/current/msg03763.html)). +-This is to avoid differences in interpretation of messages between go-jose and +-libraries in other languages. +- +-### Versions +- +-We use [gopkg.in](https://gopkg.in) for versioning. +- +-[Version 2](https://gopkg.in/go-jose/go-jose.v2) +-([branch](https://github.com/go-jose/go-jose/tree/v2), +-[doc](https://godoc.org/gopkg.in/go-jose/go-jose.v2)) is the current version: +- +- import "gopkg.in/go-jose/go-jose.v2" +- +-The old `v1` branch ([go-jose.v1](https://gopkg.in/go-jose/go-jose.v1)) will +-still receive backported bug fixes and security fixes, but otherwise +-development is frozen. All new feature development takes place on the `v2` +-branch. Version 2 also contains additional sub-packages such as the +-[jwt](https://godoc.org/gopkg.in/go-jose/go-jose.v2/jwt) implementation +-contributed by [@shaxbee](https://github.com/shaxbee). +- +-### Supported algorithms +- +-See below for a table of supported algorithms. Algorithm identifiers match +-the names in the [JSON Web Algorithms](http://dx.doi.org/10.17487/RFC7518) +-standard where possible. The Godoc reference has a list of constants. +- +- Key encryption | Algorithm identifier(s) +- :------------------------- | :------------------------------ +- RSA-PKCS#1v1.5 | RSA1_5 +- RSA-OAEP | RSA-OAEP, RSA-OAEP-256 +- AES key wrap | A128KW, A192KW, A256KW +- AES-GCM key wrap | A128GCMKW, A192GCMKW, A256GCMKW +- ECDH-ES + AES key wrap | ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW +- ECDH-ES (direct) | ECDH-ES1 +- Direct encryption | dir1 +- +-1. Not supported in multi-recipient mode +- +- Signing / MAC | Algorithm identifier(s) +- :------------------------- | :------------------------------ +- RSASSA-PKCS#1v1.5 | RS256, RS384, RS512 +- RSASSA-PSS | PS256, PS384, PS512 +- HMAC | HS256, HS384, HS512 +- ECDSA | ES256, ES384, ES512 +- Ed25519 | EdDSA2 +- +-2. Only available in version 2 of the package +- +- Content encryption | Algorithm identifier(s) +- :------------------------- | :------------------------------ +- AES-CBC+HMAC | A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 +- AES-GCM | A128GCM, A192GCM, A256GCM +- +- Compression | Algorithm identifiers(s) +- :------------------------- | ------------------------------- +- DEFLATE (RFC 1951) | DEF +- +-### Supported key types +- +-See below for a table of supported key types. These are understood by the +-library, and can be passed to corresponding functions such as `NewEncrypter` or +-`NewSigner`. Each of these keys can also be wrapped in a JWK if desired, which +-allows attaching a key id. +- +- Algorithm(s) | Corresponding types +- :------------------------- | ------------------------------- +- RSA | *[rsa.PublicKey](http://golang.org/pkg/crypto/rsa/#PublicKey), *[rsa.PrivateKey](http://golang.org/pkg/crypto/rsa/#PrivateKey) +- ECDH, ECDSA | *[ecdsa.PublicKey](http://golang.org/pkg/crypto/ecdsa/#PublicKey), *[ecdsa.PrivateKey](http://golang.org/pkg/crypto/ecdsa/#PrivateKey) +- EdDSA1 | [ed25519.PublicKey](https://godoc.org/golang.org/x/crypto/ed25519#PublicKey), [ed25519.PrivateKey](https://godoc.org/golang.org/x/crypto/ed25519#PrivateKey) +- AES, HMAC | []byte +- +-1. Only available in version 2 of the package +- +-## Examples +- +-[![godoc](http://img.shields.io/badge/godoc-version_1-blue.svg?style=flat)](https://godoc.org/gopkg.in/go-jose/go-jose.v1) +-[![godoc](http://img.shields.io/badge/godoc-version_2-blue.svg?style=flat)](https://godoc.org/gopkg.in/go-jose/go-jose.v2) +- +-Examples can be found in the Godoc +-reference for this package. The +-[`jose-util`](https://github.com/go-jose/go-jose/tree/v2/jose-util) +-subdirectory also contains a small command-line utility which might be useful +-as an example. +diff --git a/vendor/gopkg.in/go-jose/go-jose.v2/asymmetric.go b/vendor/gopkg.in/go-jose/go-jose.v2/asymmetric.go +index 3ca79cc..43f9ce2 100644 +--- a/vendor/gopkg.in/go-jose/go-jose.v2/asymmetric.go ++++ b/vendor/gopkg.in/go-jose/go-jose.v2/asymmetric.go +@@ -285,6 +285,9 @@ func (ctx rsaDecrypterSigner) signPayload(payload []byte, alg SignatureAlgorithm + + switch alg { + case RS256, RS384, RS512: ++ // TODO(https://github.com/go-jose/go-jose/issues/40): As of go1.20, the ++ // random parameter is legacy and ignored, and it can be nil. ++ // https://cs.opensource.google/go/go/+/refs/tags/go1.20:src/crypto/rsa/pkcs1v15.go;l=263;bpv=0;bpt=1 + out, err = rsa.SignPKCS1v15(RandReader, ctx.privateKey, hash, hashed) + case PS256, PS384, PS512: + out, err = rsa.SignPSS(RandReader, ctx.privateKey, hash, hashed, &rsa.PSSOptions{ +diff --git a/vendor/gopkg.in/go-jose/go-jose.v2/crypter.go b/vendor/gopkg.in/go-jose/go-jose.v2/crypter.go +index 73aab0f..0ae2e5e 100644 +--- a/vendor/gopkg.in/go-jose/go-jose.v2/crypter.go ++++ b/vendor/gopkg.in/go-jose/go-jose.v2/crypter.go +@@ -406,6 +406,9 @@ func (ctx *genericEncrypter) Options() EncrypterOptions { + // Decrypt and validate the object and return the plaintext. Note that this + // function does not support multi-recipient, if you desire multi-recipient + // decryption use DecryptMulti instead. ++// ++// Automatically decompresses plaintext, but returns an error if the decompressed ++// data would be >250kB or >10x the size of the compressed data, whichever is larger. + func (obj JSONWebEncryption) Decrypt(decryptionKey interface{}) ([]byte, error) { + headers := obj.mergedHeaders(nil) + +@@ -470,6 +473,9 @@ func (obj JSONWebEncryption) Decrypt(decryptionKey interface{}) ([]byte, error) + // with support for multiple recipients. It returns the index of the recipient + // for which the decryption was successful, the merged headers for that recipient, + // and the plaintext. ++// ++// Automatically decompresses plaintext, but returns an error if the decompressed ++// data would be >250kB or >3x the size of the compressed data, whichever is larger. + func (obj JSONWebEncryption) DecryptMulti(decryptionKey interface{}) (int, Header, []byte, error) { + globalHeaders := obj.mergedHeaders(nil) + +diff --git a/vendor/gopkg.in/go-jose/go-jose.v2/encoding.go b/vendor/gopkg.in/go-jose/go-jose.v2/encoding.go +index 9111733..636f6c8 100644 +--- a/vendor/gopkg.in/go-jose/go-jose.v2/encoding.go ++++ b/vendor/gopkg.in/go-jose/go-jose.v2/encoding.go +@@ -21,11 +21,11 @@ import ( + "compress/flate" + "encoding/base64" + "encoding/binary" ++ "fmt" + "io" + "math/big" + "strings" + "unicode" +- "fmt" + + "gopkg.in/go-jose/go-jose.v2/json" + ) +diff --git a/vendor/gopkg.in/go-jose/go-jose.v2/symmetric.go b/vendor/gopkg.in/go-jose/go-jose.v2/symmetric.go +index 2b8076f..52c8b62 100644 +--- a/vendor/gopkg.in/go-jose/go-jose.v2/symmetric.go ++++ b/vendor/gopkg.in/go-jose/go-jose.v2/symmetric.go +@@ -402,6 +402,11 @@ func (ctx *symmetricKeyCipher) decryptKey(headers rawHeader, recipient *recipien + if p2c <= 0 { + return nil, fmt.Errorf("go-jose/go-jose: invalid P2C: must be a positive integer") + } ++ if p2c > 1000000 { ++ // An unauthenticated attacker can set a high P2C value. Set an upper limit to avoid ++ // DoS attacks. ++ return nil, fmt.Errorf("go-jose/go-jose: invalid P2C: too high") ++ } + + // salt is UTF8(Alg) || 0x00 || Salt Input + alg := headers.getAlgorithm() +diff --git a/vendor/modules.txt b/vendor/modules.txt +index 79b643e..a80fb52 100644 +--- a/vendor/modules.txt ++++ b/vendor/modules.txt +@@ -1345,7 +1345,7 @@ google.golang.org/protobuf/types/gofeaturespb + google.golang.org/protobuf/types/known/anypb + google.golang.org/protobuf/types/known/durationpb + google.golang.org/protobuf/types/known/timestamppb +-# gopkg.in/go-jose/go-jose.v2 v2.6.1 ++# gopkg.in/go-jose/go-jose.v2 v2.6.3 + ## explicit + gopkg.in/go-jose/go-jose.v2 + gopkg.in/go-jose/go-jose.v2/cipher +-- +2.33.0 + diff --git a/podman.spec b/podman.spec index 34b07f5e2917dd7d533c2b26da2f684c93634dc4..44f687544c18e7ab652aebeaa329d814e64120b5 100644 --- a/podman.spec +++ b/podman.spec @@ -2,7 +2,7 @@ Name: podman Version: 4.9.4 -Release: 13 +Release: 14 Summary: A tool for managing OCI containers and pods. Epoch: 1 License: Apache-2.0 and MIT @@ -20,6 +20,7 @@ Patch0005: 0005-fix-CVE-2024-28180.patch Patch0006: 0006-fix-CVE-2024-9676-CVE-2024-9675-CVE-2024-9407-CVE-2024-9341.patch Patch0007: 0007-fix-CVE-2024-37298.patch Patch0008: 0008-fix-CVE-2024-6104.patch +Patch0009: 0009-fix-CVE-2024-28176.patch BuildRequires: gcc golang btrfs-progs-devel glib2-devel glibc-devel glibc-static BuildRequires: gpgme-devel libassuan-devel libgpg-error-devel libseccomp-devel libselinux-devel @@ -138,6 +139,7 @@ tar zxf %{SOURCE3} %patch0006 -p1 %patch0007 -p1 %patch0008 -p1 +%patch0009 -p1 %ifarch loongarch64 cd dnsname-18822f9a4fb35d1349eb256f4cd2bfd372474d84 @@ -312,6 +314,9 @@ cp -pav test/system %{buildroot}/%{_datadir}/%{name}/test/ %{_bindir}/%{name}sh %changelog +* Wed Jan 15 2025 duyiwei - 1:4.9.4-14 +- fix-CVE-2024-28176 + * Tue Jan 14 2025 duyiwei - 1:4.9.4-13 - fix-CVE-2024-6104