From 8a1db69a9cf342d782029fb3750cc51e7364c175 Mon Sep 17 00:00:00 2001 From: xuyuchao Date: Fri, 22 Dec 2023 17:52:17 +0800 Subject: [PATCH 1/5] * Fri Dec 22 2023 xuyuchao - 1.6.2 - Type:CVE - CVE:CVE-2023-29824 - DESC:fix CVE-2023-29824 --- backport-CVE-2023-29824.patch | 24 ++++++++++++++++++++++++ scipy.spec | 6 ++++++ 2 files changed, 30 insertions(+) create mode 100644 backport-CVE-2023-29824.patch diff --git a/backport-CVE-2023-29824.patch b/backport-CVE-2023-29824.patch new file mode 100644 index 0000000..1bc41c9 --- /dev/null +++ b/backport-CVE-2023-29824.patch @@ -0,0 +1,24 @@ +From 2ecef38c8629e9a27613e646c4f01b5c0a0a566f Mon Sep 17 00:00:00 2001 +From: Py_FindObjects +Date: Tue, 28 Nov 2023 17:33:35 +0800 +Subject: [PATCH] MAINT: Fix use-after-free bug in Py_FindObject + +--- + scipy/ndimage/src/nd_image.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/scipy/ndimage/src/nd_image.c b/scipy/ndimage/src/nd_image.c +index 9f3aed3..d9fcc57 100644 +--- a/scipy/ndimage/src/nd_image.c ++++ b/scipy/ndimage/src/nd_image.c +@@ -928,7 +928,6 @@ static PyObject *Py_FindObjects(PyObject *obj, PyObject *args) + Py_XDECREF(slc); + free(regions); + if (PyErr_Occurred()) { +- Py_XDECREF(result); + return NULL; + } else { + return result; +-- +2.27.0 + \ No newline at end of file diff --git a/scipy.spec b/scipy.spec index e1281c7..39de0e4 100644 --- a/scipy.spec +++ b/scipy.spec @@ -10,6 +10,7 @@ Source0: https://github.com/scipy/scipy/releases/download/v%{version}/scipy-%{ve Patch1: backport-BUG-fix-a-minor-refcounting-issue-in-Py_FindObjects.patch Patch2: backport-BUG-fix-small-refcount-issue-in-ndimage._ctest.patch +Patch3: backport-CVE-2023-29824.patch BuildRequires: python3-devel python3-numpy >= 1.8.2 python3-numpy-f2py BuildRequires: gcc-c++ openblas-devel gcc-gfortran chrpath @@ -101,6 +102,11 @@ echo "%{_libdir}/%{name}" >> $RPM_BUILD_ROOT/etc/ld.so.conf.d/%{name}-%{_arch}.c %config(noreplace) /etc/ld.so.conf.d/* %changelog +* Fri Dec 22 2023 xuyuchao - 1.6.2-3 +- Type:CVE +- CVE:CVE-2023-29824 +- DESC:fix CVE-2023-29824 + * Thu Jul 13 2023 Wenyu Liu - 1.6.2-2 - Fix CVE-2023-25399 -- Gitee From 45eed28fc78bb27cb52d536ceccfe6564cb29c00 Mon Sep 17 00:00:00 2001 From: xuyuchao Date: Fri, 22 Dec 2023 17:58:47 +0800 Subject: [PATCH 2/5] Revert "* Fri Dec 22 2023 xuyuchao - 1.6.2" This reverts commit 8a1db69a9cf342d782029fb3750cc51e7364c175. --- backport-CVE-2023-29824.patch | 24 ------------------------ scipy.spec | 6 ------ 2 files changed, 30 deletions(-) delete mode 100644 backport-CVE-2023-29824.patch diff --git a/backport-CVE-2023-29824.patch b/backport-CVE-2023-29824.patch deleted file mode 100644 index 1bc41c9..0000000 --- a/backport-CVE-2023-29824.patch +++ /dev/null @@ -1,24 +0,0 @@ -From 2ecef38c8629e9a27613e646c4f01b5c0a0a566f Mon Sep 17 00:00:00 2001 -From: Py_FindObjects -Date: Tue, 28 Nov 2023 17:33:35 +0800 -Subject: [PATCH] MAINT: Fix use-after-free bug in Py_FindObject - ---- - scipy/ndimage/src/nd_image.c | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/scipy/ndimage/src/nd_image.c b/scipy/ndimage/src/nd_image.c -index 9f3aed3..d9fcc57 100644 ---- a/scipy/ndimage/src/nd_image.c -+++ b/scipy/ndimage/src/nd_image.c -@@ -928,7 +928,6 @@ static PyObject *Py_FindObjects(PyObject *obj, PyObject *args) - Py_XDECREF(slc); - free(regions); - if (PyErr_Occurred()) { -- Py_XDECREF(result); - return NULL; - } else { - return result; --- -2.27.0 - \ No newline at end of file diff --git a/scipy.spec b/scipy.spec index 39de0e4..e1281c7 100644 --- a/scipy.spec +++ b/scipy.spec @@ -10,7 +10,6 @@ Source0: https://github.com/scipy/scipy/releases/download/v%{version}/scipy-%{ve Patch1: backport-BUG-fix-a-minor-refcounting-issue-in-Py_FindObjects.patch Patch2: backport-BUG-fix-small-refcount-issue-in-ndimage._ctest.patch -Patch3: backport-CVE-2023-29824.patch BuildRequires: python3-devel python3-numpy >= 1.8.2 python3-numpy-f2py BuildRequires: gcc-c++ openblas-devel gcc-gfortran chrpath @@ -102,11 +101,6 @@ echo "%{_libdir}/%{name}" >> $RPM_BUILD_ROOT/etc/ld.so.conf.d/%{name}-%{_arch}.c %config(noreplace) /etc/ld.so.conf.d/* %changelog -* Fri Dec 22 2023 xuyuchao - 1.6.2-3 -- Type:CVE -- CVE:CVE-2023-29824 -- DESC:fix CVE-2023-29824 - * Thu Jul 13 2023 Wenyu Liu - 1.6.2-2 - Fix CVE-2023-25399 -- Gitee From 1a8e9eb6e805fd5ad6c768ce3a3223dcdfc8d3aa Mon Sep 17 00:00:00 2001 From: xuyuchao Date: Fri, 22 Dec 2023 17:59:56 +0800 Subject: [PATCH 3/5] * Fri Dec 22 2023 xuyuchao - 1.6.2 - Type:CVE - CVE:CVE-2023-29824 - DESC:fix CVE-2023-29824 --- backport-CVE-2023-29824.patch | 24 ++++++++++++++++++++++++ scipy.spec | 8 +++++++- 2 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 backport-CVE-2023-29824.patch diff --git a/backport-CVE-2023-29824.patch b/backport-CVE-2023-29824.patch new file mode 100644 index 0000000..1bc41c9 --- /dev/null +++ b/backport-CVE-2023-29824.patch @@ -0,0 +1,24 @@ +From 2ecef38c8629e9a27613e646c4f01b5c0a0a566f Mon Sep 17 00:00:00 2001 +From: Py_FindObjects +Date: Tue, 28 Nov 2023 17:33:35 +0800 +Subject: [PATCH] MAINT: Fix use-after-free bug in Py_FindObject + +--- + scipy/ndimage/src/nd_image.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/scipy/ndimage/src/nd_image.c b/scipy/ndimage/src/nd_image.c +index 9f3aed3..d9fcc57 100644 +--- a/scipy/ndimage/src/nd_image.c ++++ b/scipy/ndimage/src/nd_image.c +@@ -928,7 +928,6 @@ static PyObject *Py_FindObjects(PyObject *obj, PyObject *args) + Py_XDECREF(slc); + free(regions); + if (PyErr_Occurred()) { +- Py_XDECREF(result); + return NULL; + } else { + return result; +-- +2.27.0 + \ No newline at end of file diff --git a/scipy.spec b/scipy.spec index e1281c7..ed1de24 100644 --- a/scipy.spec +++ b/scipy.spec @@ -2,7 +2,7 @@ %global debug_package %{nil} Name: scipy Version: 1.6.2 -Release: 2 +Release: 3 Summary: A Python-based ecosystem of open-source software for mathematics, science, and engineering License: Qhull and Apache-2.0 URL: https://www.scipy.org @@ -10,6 +10,7 @@ Source0: https://github.com/scipy/scipy/releases/download/v%{version}/scipy-%{ve Patch1: backport-BUG-fix-a-minor-refcounting-issue-in-Py_FindObjects.patch Patch2: backport-BUG-fix-small-refcount-issue-in-ndimage._ctest.patch +Patch3: backport-CVE-2023-29824.patch BuildRequires: python3-devel python3-numpy >= 1.8.2 python3-numpy-f2py BuildRequires: gcc-c++ openblas-devel gcc-gfortran chrpath @@ -101,6 +102,11 @@ echo "%{_libdir}/%{name}" >> $RPM_BUILD_ROOT/etc/ld.so.conf.d/%{name}-%{_arch}.c %config(noreplace) /etc/ld.so.conf.d/* %changelog +* Fri Dec 22 2023 xuyuchao - 1.6.2-3 +- Type:CVE +- CVE:CVE-2023-29824 +- DESC:fix CVE-2023-29824 + * Thu Jul 13 2023 Wenyu Liu - 1.6.2-2 - Fix CVE-2023-25399 -- Gitee From f0d8e7c2d51542fd84f92ec83ac0ac556c4ea750 Mon Sep 17 00:00:00 2001 From: xuyuchao Date: Fri, 29 Dec 2023 02:52:56 +0000 Subject: [PATCH 4/5] rename backport-CVE-2023-29824.patch to backport-BUG-fix-use-after-free-bug-in-Py_FindObject.patch. Signed-off-by: xuyuchao --- ... => backport-BUG-fix-use-after-free-bug-in-Py_FindObject.patch | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename backport-CVE-2023-29824.patch => backport-BUG-fix-use-after-free-bug-in-Py_FindObject.patch (100%) diff --git a/backport-CVE-2023-29824.patch b/backport-BUG-fix-use-after-free-bug-in-Py_FindObject.patch similarity index 100% rename from backport-CVE-2023-29824.patch rename to backport-BUG-fix-use-after-free-bug-in-Py_FindObject.patch -- Gitee From c19b0c16301a33c7e4e4666596ace45b37652655 Mon Sep 17 00:00:00 2001 From: xuyuchao Date: Fri, 29 Dec 2023 02:53:21 +0000 Subject: [PATCH 5/5] update scipy.spec. Signed-off-by: xuyuchao --- scipy.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scipy.spec b/scipy.spec index ed1de24..f1faa6c 100644 --- a/scipy.spec +++ b/scipy.spec @@ -10,7 +10,7 @@ Source0: https://github.com/scipy/scipy/releases/download/v%{version}/scipy-%{ve Patch1: backport-BUG-fix-a-minor-refcounting-issue-in-Py_FindObjects.patch Patch2: backport-BUG-fix-small-refcount-issue-in-ndimage._ctest.patch -Patch3: backport-CVE-2023-29824.patch +Patch3: backport-BUG-fix-use-after-free-bug-in-Py_FindObject.patch BuildRequires: python3-devel python3-numpy >= 1.8.2 python3-numpy-f2py BuildRequires: gcc-c++ openblas-devel gcc-gfortran chrpath -- Gitee