diff --git a/CVE-2020-8252.patch b/CVE-2020-8252.patch new file mode 100644 index 0000000000000000000000000000000000000000..de3ca915e23b01c540b98052286a392ce7fd8bc7 --- /dev/null +++ b/CVE-2020-8252.patch @@ -0,0 +1,45 @@ +From 0e6e8620496dff0eb285589ef1e37a7f407f3ddd Mon Sep 17 00:00:00 2001 +From: Ben Noordhuis +Date: Mon, 24 Aug 2020 11:42:27 +0200 +Subject: [PATCH] unix: don't use _POSIX_PATH_MAX + +Libuv was using _POSIX_PATH_MAX wrong. Bug introduced in commit b56d279b +("unix: do not require PATH_MAX to be defined") from September 2018. + +_POSIX_PATH_MAX is the minimum max path size guaranteed by POSIX, not +the actual max path size of the system libuv runs on. _POSIX_PATH_MAX +is always 256, the real max is often much bigger. + +This commit fixes buffer overruns when processing very long paths in +uv_fs_readlink() and uv_fs_realpath() because libuv was not allocating +enough memory to store the result. + +Fixes: https://github.com/libuv/libuv/issues/2965 +PR-URL: https://github.com/libuv/libuv/pull/2966 +Reviewed-By: Richard Lau +Reviewed-By: Santiago Gimeno +Reviewed-By: Colin Ihrig +Reviewed-By: Jameson Nash +--- + + deps/uv/src/unix/internal.h | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +diff --git a/deps/uv/src/unix/internal.h b/deps/uv/src/unix/internal.h +index 47f2200..82f7bc9 100644 +--- a/deps/uv/src/unix/internal.h ++++ b/deps/uv/src/unix/internal.h +@@ -61,9 +61,7 @@ + # include + #endif + +-#if defined(_POSIX_PATH_MAX) +-# define UV__PATH_MAX _POSIX_PATH_MAX +-#elif defined(PATH_MAX) ++#if defined(PATH_MAX) + # define UV__PATH_MAX PATH_MAX + #else + # define UV__PATH_MAX 8192 +-- +2.23.0 + diff --git a/nodejs.spec b/nodejs.spec index f7e262bcffe1ec196e538707aa0077324a4466f6..664f19035e693ac12cc3d899e056f1d0ff958a60 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -6,7 +6,7 @@ %global nodejs_patch 0 %global nodejs_abi %{nodejs_major}.%{nodejs_minor} %global nodejs_version %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch} -%global nodejs_release 5 +%global nodejs_release 6 %global v8_major 6 %global v8_minor 8 @@ -46,6 +46,7 @@ Patch0004: CVE-2019-5737.patch Patch0005: CVE-2018-12121.patch Patch0006: CVE-2018-12123.patch Patch0007: src-avoid-OOB-read-in-URL-parser.patch +Patch0008: CVE-2020-8252.patch BuildRequires: gcc gcc-c++ openssl-devel BuildRequires: http-parser-devel @@ -222,6 +223,9 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules:%{buildroot}%{_prefix}/lib/nod %doc %{_mandir}/man1/node.1* %changelog +* Tue Dec 15 2020 xinghe - 1:10.11.0-6 +- fix CVE-2020-8252 + * Wed Nov 04 2020 gaozhekang - 1:10.11.0-5 - avoid OOB read in URL parser