packages/ceph
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2020-12059

Browse Source
This commit is contained in:
markeryang 2020-12-30 14:08:48 +08:00
parent bb7556eef0
commit 0fc4428ebb
6 changed files with 39 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
6000-CVE-2018-16889.patch → 0001-CVE-2018-16889.patch
View File

0
6001-CVE-2018-16846-1.patch → 0002-CVE-2018-16846-1.patch
View File

0
6002-CVE-2018-16846-2.patch → 0003-CVE-2018-16846-2.patch
View File

0
6003-CVE-2018-14662.patch → 0004-CVE-2018-14662.patch
View File

30
0005-CVE-2020-12059.patch Normal file
View File

@ -0,0 +1,30 @@
From 375d926a4f2720a29b079c216bafb884eef985c3 Mon Sep 17 00:00:00 2001
From: Abhishek Lekshmanan <abhishek@suse.com>
Date: Wed, 22 Apr 2020 11:24:34 +0200
Subject: [PATCH] rgw: check for tagging element in POST Obj requests
Check for null element when reading the tagging field from POST obj XML
Fixes: https://tracker.ceph.com/issues/44967
Signed-off-by: Abhishek Lekshmanan <abhishek@suse.com>
---
src/rgw/rgw_rest_s3.cc | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index bfda4232..ac2a0272 100644
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -420,6 +420,9 @@ int RGWPutObjTags_ObjStore_S3::get_params()
RGWObjTagging_S3 *tagging;
tagging = static_cast<RGWObjTagging_S3 *>(parser.find_first("Tagging"));
+ if (!tagging) {
+ return -ERR_MALFORMED_XML;
+ }
obj_tags_s3 = static_cast<RGWObjTagSet_S3 *>(tagging->find_first("TagSet"));
if(!obj_tags_s3){
return -ERR_MALFORMED_XML;
--
2.27.0

14
ceph.spec
View File

@ -68,7 +68,7 @@
#################################################################################
Name: ceph
Version: 12.2.8
Release: 8
Release: 9
Epoch: 2
# define _epoch_prefix macro which will expand to the empty string if epoch is
@ -84,10 +84,11 @@ URL: http://ceph.com/
Source0: http://ceph.com/download/ceph-12.2.8.tar.gz
# backport for cves
Patch6000: 6000-CVE-2018-16889.patch
Patch6001: 6001-CVE-2018-16846-1.patch
Patch6002: 6002-CVE-2018-16846-2.patch
Patch6003: 6003-CVE-2018-14662.patch
Patch1: 0001-CVE-2018-16889.patch
Patch2: 0002-CVE-2018-16846-1.patch
Patch3: 0003-CVE-2018-16846-2.patch
Patch4: 0004-CVE-2018-14662.patch
Patch5: 0005-CVE-2020-12059.patch
%if 0%{?suse_version}
%if 0%{?is_opensuse}
@ -1796,6 +1797,9 @@ exit 0
%changelog
* Wed Dec 30 2020 yanglongkang <yanglongkang@huawei.com> - 1:12.2.8-9
- fix CVE-2020-12059
* Fri Sep 25 2020 wuguanghao <wuguanghao3@huawei.com> - 1:12.2.8-8
- remove the python-virtualenv package from BuildRequires to solve the compilation problem