diff --git a/CVE-2024-31227.patch b/CVE-2024-31227.patch new file mode 100644 index 0000000000000000000000000000000000000000..89c749cc8ab339e7c84d0709f54285b16bf91bef --- /dev/null +++ b/CVE-2024-31227.patch @@ -0,0 +1,21 @@ +commit b351d5a3210e61cc3b22ba38a723d6da8f3c298a +Author: Oran Agra +Date: Wed Oct 2 20:01:14 2024 +0300 + + Fix ACL SETUSER Read/Write key pattern selector (CVE-2024-31227) + + The '%' rule must contain one or both of R/W + +diff --git a/src/acl.c b/src/acl.c +index 5fd956d23..af58684e2 100644 +--- a/src/acl.c ++++ b/src/acl.c +@@ -1051,7 +1051,7 @@ int ACLSetSelector(aclSelector *selector, const char* op, size_t oplen) { + flags |= ACL_READ_PERMISSION; + } else if (toupper(op[offset]) == 'W' && !(flags & ACL_WRITE_PERMISSION)) { + flags |= ACL_WRITE_PERMISSION; +- } else if (op[offset] == '~') { ++ } else if (op[offset] == '~' && flags) { + offset++; + break; + } else { diff --git a/redis5.spec b/redis5.spec index ad7d0b3f1610431cf313e41ff75073c1f0fe242b..45058771b846e267d3839d24d90a6efbd0b118b6 100644 --- a/redis5.spec +++ b/redis5.spec @@ -6,7 +6,7 @@ %global Pname redis Name: redis5 Version: 5.0.14 -Release: 3 +Release: 4 Summary: A persistent key-value database License: BSD and MIT URL: https://redis.io @@ -27,6 +27,7 @@ Patch0002: Fix-display-error-message.patch Patch0003: Add-loongarch64-support.patch Patch0004: Update-config.guess-and-config.sub.patch +Patch0005: CVE-2024-31227.patch BuildRequires: gcc %if %{with tests} @@ -92,6 +93,7 @@ tar -xvf %{SOURCE10} %patch0003 -p1 %patch0004 -p1 %endif +%patch0005 -p1 mv ../%{Pname}-doc-%{doc_commit} doc mv deps/lua/COPYRIGHT COPYRIGHT-lua mv deps/hiredis/COPYING COPYING-hiredis @@ -196,6 +198,9 @@ exit 0 %{_docdir}/%{Pname} %changelog +* Mon Oct 14 2024 Yu Peng - 5.0.14-4 +- Fixed CVE-2024-31227 + * Tue Nov 15 2022 huajingyun - 5.0.14-3 - Update config.guess and config.sub for loongarch