[arch-commits] Commit in opendmarc/trunk (CVE-2020-12460.patch PKGBUILD)

Frederik Schwan freswa at archlinux.org
Sun Oct 11 16:41:15 UTC 2020 

    Date: Sunday, October 11, 2020 @ 16:41:15
  Author: freswa
Revision: 723496

backport fix for CVE-2020-12460

fixes FS#67873

Added:
  opendmarc/trunk/CVE-2020-12460.patch
Modified:
  opendmarc/trunk/PKGBUILD

----------------------+
 CVE-2020-12460.patch |   41 +++++++++++++++++++++++++++++++++++++++++
 PKGBUILD             |    5 ++++-
 2 files changed, 45 insertions(+), 1 deletion(-)

Added: CVE-2020-12460.patch
===================================================================
--- CVE-2020-12460.patch	                        (rev 0)
+++ CVE-2020-12460.patch	2020-10-11 16:41:15 UTC (rev 723496)
@@ -0,0 +1,41 @@
+From 50d28af25d8735504b6103537228ce7f76ad765f Mon Sep 17 00:00:00 2001
+From: "Murray S. Kucherawy" <msk at blackops.org>
+Date: Wed, 5 Aug 2020 21:56:01 +0000
+Subject: [PATCH] In opendmarc_xml_parse(), ensure NULL-termination of the
+ buffer passed to opendmarc_xml().
+
+---
+ libopendmarc/opendmarc_xml.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/libopendmarc/opendmarc_xml.c b/libopendmarc/opendmarc_xml.c
+index 26bb9dc..b3ac55a 100644
+--- a/libopendmarc/opendmarc_xml.c
++++ b/libopendmarc/opendmarc_xml.c
+@@ -158,7 +158,7 @@ opendmarc_xml(char *b, size_t blen, char *e, size_t elen)
+ 			if (*cp != '<')
+ 				continue;
+ 			++cp;
+-			for(sp = cp; *sp != '\0'; ++sp)
++			for (sp = cp; *sp != '\0'; ++sp)
+ 			{
+ 				if (*sp == '?')
+ 					break;
+@@ -546,7 +546,7 @@ opendmarc_xml_parse(char *fname, char *err_buf, size_t err_len)
+ 	if (fname == NULL)
+ 	{
+ 		xerror = errno;
+-		(void) snprintf(err_buf, err_len, "%s: %s", fname, "File name was NULL");
++		(void) snprintf(err_buf, err_len, "%s", "File name was NULL");
+ 		errno = EINVAL;
+ 		return NULL;
+ 	}
+@@ -572,7 +572,7 @@ opendmarc_xml_parse(char *fname, char *err_buf, size_t err_len)
+ 		return NULL;
+ 	}
+ 
+-	bufp = calloc(statb.st_size, 1);
++	bufp = calloc(statb.st_size + 1, 1);
+ 	if (bufp == NULL)
+ 	{
+ 		xerror = errno;

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2020-10-11 16:11:28 UTC (rev 723495)
+++ PKGBUILD	2020-10-11 16:41:15 UTC (rev 723496)
@@ -5,7 +5,7 @@
 
 pkgname=opendmarc
 pkgver=1.3.3
-pkgrel=1
+pkgrel=2
 pkgdesc="Free open source software implementation of the DMARC specification"
 arch=('x86_64')
 url="https://github.com/trusteddomainproject/OpenDMARC"
@@ -20,10 +20,12 @@
             'perl-libwww: generate DMARC reports')
 backup=('etc/opendmarc/opendmarc.conf')
 source=("https://github.com/trusteddomainproject/OpenDMARC/archive/rel-opendmarc-${pkgver//./-}.tar.gz"
+        'CVE-2020-12460.patch'
         'opendmarc.service'
         'opendmarc.conf'
         'opendmarc.sysusers')
 sha512sums=('bb4bf8e3ad2d1732b07e55316819d4fd708e529b54a336d7d00763e13bfc62580bb1b30f132fa786dbca15e526e8dd5e146c7be454e1c42714a9f57126fc5e12'
+            '98582c2b0a08d77b27856331f28214b7b5fa3972c572189ed21963030e98858285a5a69851f173d08380bf409d985980e7c61de5d571af11062f0d394fc8b5f5'
             '738de0cd286dd30713f32034f9ecf9009b6f64038c573c9f8aedaf10df8293bb9eec9d19492a03a2ebf2d2960289bdf48be9b1eb25395dbe9a490f7e3b25cb34'
             '2753ad4477b499947ca07bb385ad0e10f327efa61a9059884091ead8e8e2bd65793436053d5a9c734e4c0676b7823982083ea7b35fae967eeacaeafb6226ff20'
             'fbd5e81ded35281e3a63b4858a368033fa27696dee22a5dcf52e3e04b0762476e1ffa6edb489cf76612f3b4ffaee0fce586ab97d1da9805a089bbaf3487c907b')
@@ -33,6 +35,7 @@
 #  sed -i '' configure.ac
   mkdir docs
   touch docs/Makefile.in
+  patch -Np1 < "${srcdir}"/CVE-2020-12460.patch
 }
 
 build() {

More information about the arch-commits mailing list