diff --git a/CVE-2020-13867_0.patch b/CVE-2020-13867_0.patch new file mode 100644 index 0000000000000000000000000000000000000000..5cbaf663ec42ba8f53c162da89962f1d2a3711e1 --- /dev/null +++ b/CVE-2020-13867_0.patch @@ -0,0 +1,12 @@ +From 1940a17986deaab92e6be395f20ee55dac0ac2bd Mon Sep 17 00:00:00 2001 +From: Prasanna Kumar Kalever +Date: Fri, 29 May 2020 14:51:28 +0530 +Subject: [PATCH] saveconfig: set 0o600 perms on backupfiles + +Signed-off-by: Prasanna Kumar Kalever +--- + targetcli/ui_root.py | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/targetcli/ui_root.py b/targetcli/ui_root.py +index 26815bd..6e99b8c 100644 diff --git a/CVE-2020-13867_1.patch b/CVE-2020-13867_1.patch new file mode 100644 index 0000000000000000000000000000000000000000..a48f753ae8235afe94dd9aa3b6a4600723026082 --- /dev/null +++ b/CVE-2020-13867_1.patch @@ -0,0 +1,21 @@ +From 3bdef6d1aa1f64c03816af68bd5fb2bd1bbb29be Mon Sep 17 00:00:00 2001 +From: Prasanna Kumar Kalever +Date: Fri, 29 May 2020 15:05:35 +0530 +Subject: [PATCH] saveconfig: set right perms on backup dir + +Signed-off-by: Prasanna Kumar Kalever +--- + targetcli/ui_root.py | 13 ++++++++++--- + 1 file changed, 10 insertions(+), 3 deletions(-) + +diff --git a/targetcli/ui_root.py b/targetcli/ui_root.py +index 6e99b8c..b24c789 100644 +@@ -125,8 +134,6 @@ def _save_backups(self, savefile): + + # Save backup if backup dir is empty, or savefile is differnt from recent backup copy + if not backed_files_list or not self._compare_files(backed_files_list[-1], savefile): +- mode = stat.S_IRUSR | stat.S_IWUSR # 0o600 +- umask = 0o777 ^ mode # Prevents always downgrading umask to 0 + umask_original = os.umask(umask) + try: + with open(savefile, 'rb') as f_in, gzip.open(backupfile, 'wb') as f_out: diff --git a/CVE-2020-13867_2.patch b/CVE-2020-13867_2.patch new file mode 100644 index 0000000000000000000000000000000000000000..ef0212a0dedb59cf986771eedef1e58d50649362 --- /dev/null +++ b/CVE-2020-13867_2.patch @@ -0,0 +1,21 @@ +From 9f5764dac39b5b75ee6b5d9e4db419d09d64b898 Mon Sep 17 00:00:00 2001 +From: Prasanna Kumar Kalever +Date: Fri, 29 May 2020 15:36:27 +0530 +Subject: [PATCH] saveconfig: set right perms on /etc/target/ dir + +Signed-off-by: Prasanna Kumar Kalever +--- + targetcli/ui_root.py | 40 +++++++++++++++++++++++++--------------- + 1 file changed, 25 insertions(+), 15 deletions(-) + +diff --git a/targetcli/ui_root.py b/targetcli/ui_root.py +index b24c789..39e5ee9 100644 +@@ -134,6 +140,8 @@ def _save_backups(self, savefile): + + # Save backup if backup dir is empty, or savefile is differnt from recent backup copy + if not backed_files_list or not self._compare_files(backed_files_list[-1], savefile): ++ mode = stat.S_IRUSR | stat.S_IWUSR # 0o600 ++ umask = 0o777 ^ mode # Prevents always downgrading umask to 0 + umask_original = os.umask(umask) + try: + with open(savefile, 'rb') as f_in, gzip.open(backupfile, 'wb') as f_out: diff --git a/targetcli.spec b/targetcli.spec index 8dc483bab84799c31cda451a1872f240f8876a35..d06170afc8a249e022390a0b871b3faed6d63d02 100644 --- a/targetcli.spec +++ b/targetcli.spec @@ -2,9 +2,12 @@ Name: targetcli License: ASL 2.0 Summary: Generic SCSI target CLI shell Version: 2.1.54 -Release: 1 +Release: 2 URL: https://github.com/open-iscsi/targetcli-fb Source: https://github.com/open-iscsi/targetcli-fb/archive/v%{version}/targetcli-fb-%{version}.tar.gz +Patch0: CVE-2020-13867_0.patch +Patch1: CVE-2020-13867_1.patch +Patch2: CVE-2020-13867_2.patch BuildArch: noarch BuildRequires: python3-devel python3-setuptools systemd Requires: python3-rtslib target-restore python3-configshell python3-six python3-dbus python3-gobject-base @@ -21,6 +24,10 @@ Help document for the %{name} package. %prep %setup -q -n targetcli-fb-%{version} +%patch0 -p1 +%patch1 -p1 +%patch2 -p1 + %build %py3_build @@ -47,6 +54,9 @@ install -m 644 systemd/* %{buildroot}%{_unitdir}/ %{_mandir}/man8/targetcli*.8* %changelog +* Wed Jul 13 2022 Panys - 2.1.54-2 +- DESC : fix CVE-2020-13867 + * Wed Dec 29 2021 wulei - 2.1.54-1 - Package update