From 1464adf99c0575972fea98807241a6e7b0427e35 Mon Sep 17 00:00:00 2001 From: lingsheng <860373352@qq.com> Date: Fri, 24 May 2024 02:19:48 +0000 Subject: [PATCH] fix CVE-2024-20697 CVE-2024-26256 --- backport-CVE-2024-20697-CVE-2024-26256.patch | 23 ++++++++++++++++++++ libarchive.spec | 10 ++++++++- 2 files changed, 32 insertions(+), 1 deletion(-) create mode 100644 backport-CVE-2024-20697-CVE-2024-26256.patch diff --git a/backport-CVE-2024-20697-CVE-2024-26256.patch b/backport-CVE-2024-20697-CVE-2024-26256.patch new file mode 100644 index 0000000..9eeead1 --- /dev/null +++ b/backport-CVE-2024-20697-CVE-2024-26256.patch @@ -0,0 +1,23 @@ +From eb7939b24a681a04648a59cdebd386b1e9dc9237 Mon Sep 17 00:00:00 2001 +From: Wei-Cheng Pan +Date: Mon, 22 Apr 2024 01:55:41 +0900 +Subject: [PATCH] fix: OOB in rar e8 filter (#2135) + +This patch fixes an out-of-bound error in rar e8 filter. +--- + libarchive/archive_read_support_format_rar.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c +index 99a11d1700..266d0ee995 100644 +--- a/libarchive/archive_read_support_format_rar.c ++++ b/libarchive/archive_read_support_format_rar.c +@@ -3615,7 +3615,7 @@ execute_filter_e8(struct rar_filter *filter, struct rar_virtual_machine *vm, siz + uint32_t filesize = 0x1000000; + uint32_t i; + +- if (length > PROGRAM_WORK_SIZE || length < 4) ++ if (length > PROGRAM_WORK_SIZE || length <= 4) + return 0; + + for (i = 0; i <= length - 5; i++) diff --git a/libarchive.spec b/libarchive.spec index 9a8c88f..1030bee 100644 --- a/libarchive.spec +++ b/libarchive.spec @@ -2,12 +2,14 @@ Name: libarchive Version: 3.7.1 -Release: 1 +Release: 2 Summary: Multi-format archive and compression library License: BSD URL: https://www.libarchive.org/ Source0: https://libarchive.org/downloads/%{name}-%{version}.tar.gz +Patch6000: backport-CVE-2024-20697-CVE-2024-26256.patch + BuildRequires: gcc bison sharutils zlib-devel bzip2-devel xz-devel BuildRequires: lzo-devel e2fsprogs-devel libacl-devel libattr-devel BuildRequires: openssl-devel libxml2-devel lz4-devel automake libzstd-devel @@ -198,6 +200,12 @@ run_testsuite %{_mandir}/*/bsdunzip* %changelog +* Fri May 24 2024 lingsheng - 3.7.1-2 +- Type:CVE +- ID:CVE-2024-20697,CVE-2024-26256 +- SUG:NA +- DESC:fix CVE-2024-20697 CVE-2024-26256 + * Thu Aug 3 2023 dillon chen - 3.7.1-1 - Upgrade to 3.7.1 - Add new bsdunzip subpackage -- Gitee