From a1d3dfbce249aef49f684aded64a7ff01afba176 Mon Sep 17 00:00:00 2001 From: wk333 <13474090681@163.com> Date: Tue, 16 Jan 2024 09:33:56 +0800 Subject: [PATCH] Sync release and fix CVE-2023-0437 --- CVE-2023-0437.patch | 27 +++++++++++++++++++++++++++ mongo-c-driver.spec | 21 ++++++++++++++++++++- 2 files changed, 47 insertions(+), 1 deletion(-) create mode 100644 CVE-2023-0437.patch diff --git a/CVE-2023-0437.patch b/CVE-2023-0437.patch new file mode 100644 index 0000000..a980dcc --- /dev/null +++ b/CVE-2023-0437.patch @@ -0,0 +1,27 @@ +From be865dd759a28aa268232766f304d1bc11f1e8f7 Mon Sep 17 00:00:00 2001 +From: Kevin Albertson +Date: Mon, 30 Oct 2023 18:01:30 +0000 +Subject: [PATCH] CDRIVER-4747 use `size_t` consistently in + `bson_utf8_validate` (#1458) + +Origin: https://github.com/mongodb/mongo-c-driver/commit/be865dd759a28aa268232766f304d1bc11f1e8f7 + +--- + src/libbson/src/bson/bson-utf8.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/libbson/src/bson/bson-utf8.c b/src/libbson/src/bson/bson-utf8.c +index e122ac31f7..1cebd27069 100644 +--- a/src/libbson/src/bson/bson-utf8.c ++++ b/src/libbson/src/bson/bson-utf8.c +@@ -118,8 +118,8 @@ bson_utf8_validate (const char *utf8, /* IN */ + bson_unichar_t c; + uint8_t first_mask; + uint8_t seq_length; +- unsigned i; +- unsigned j; ++ size_t i; ++ size_t j; + + BSON_ASSERT (utf8); + diff --git a/mongo-c-driver.spec b/mongo-c-driver.spec index bae3e07..a9a02a5 100644 --- a/mongo-c-driver.spec +++ b/mongo-c-driver.spec @@ -2,12 +2,14 @@ Name: mongo-c-driver Summary: Client library written in C for MongoDB Version: 1.13.1 -Release: 5 +Release: 7 License: ASL 2.0 and ISC and MIT and zlib URL: https://github.com/mongodb/mongo-c-driver Source0: https://github.com/mongodb/mongo-c-driver/releases/download/1.13.1/mongo-c-driver-1.13.1.tar.gz +Patch0: CVE-2023-0437.patch BuildRequires: cmake >= 3.1 openssl-devel pkgconfig(libsasl2) pkgconfig(zlib) gcc BuildRequires: pkgconfig(snappy) pkgconfig(icu-uc) perl-interpreter python3 python3-sphinx +BuildRequires: chrpath %if %{with_tests} BuildRequires: mongodb-server openssl %endif @@ -68,6 +70,16 @@ Files for help with mongo-c-driver. %delete_la_and_a find %{buildroot}%{_libdir} -type f -name "*static*" -exec rm -f {} ';' +chrpath -d %{buildroot}%{_bindir}/mongoc-stat +mkdir -p %{buildroot}/etc/ld.so.conf.d +echo "/home/abuild/rpmbuild/BUILD/mongo-c-driver-%{version}/src/libmongoc:/home/abuild/rpmbuild/BUILD/mongo-c-driver-%{version}/src/libbson" > %{buildroot}/etc/ld.so.conf.d/%{name}-%{_arch}.conf + +%post +/sbin/ldconfig + +%postun +/sbin/ldconfig + %check %if %{with_tests} install -d dbtest @@ -85,6 +97,7 @@ exit $ret %doc COPYING %doc THIRD_PARTY_NOTICES %{_libdir}/libmongoc-1.0.so.* +%config(noreplace) /etc/ld.so.conf.d/* %files devel %doc src/libmongoc/examples @@ -109,6 +122,12 @@ exit $ret %doc NEWS %changelog +* Tue Jan 16 2024 wangkai <13474090681@163.com> - 1.13.1-7 +- Fix CVE-2023-0437 + +* Thu Aug 25 2022 wangkai - 1.13.1-6 +- Remove rpath + * Web 02 Jun 2021 zhaoyao - 1.13.1-5 - Add gcc build require. -- Gitee