Re: [PATCH] zlib: Update to version 1.2.13

public inbox for development@lists.ipfire.org
 help / color / mirror / Atom feed

From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] zlib: Update to version 1.2.13
Date: Tue, 08 Nov 2022 11:06:57 +0000	[thread overview]
Message-ID: <2E09B928-B6DF-44EF-9921-A947F44E0014@ipfire.org> (raw)
In-Reply-To: <20221107211428.3219507-1-adolf.belka@ipfire.org>

[-- Attachment #1: Type: text/plain, Size: 6318 bytes --]

Reviewed-by: Michael Tremer <michael.tremer(a)ipfire.org>

> On 7 Nov 2022, at 21:14, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
> 
> - Update from version 1.2.12 to 1.2.13
> - Update of rootfile
> - Patches for CVE-2022-37434 removed as they are now integarted in the source tarball
> - Changelog
>    Changes in 1.2.13 (13 Oct 2022)
> - Fix configure issue that discarded provided CC definition
> - Correct incorrect inputs provided to the CRC functions
> - Repair prototypes and exporting of new CRC functions
> - Fix inflateBack to detect invalid input with distances too far
> - Have infback() deliver all of the available output up to any error
> - Fix a bug when getting a gzip header extra field with inflate(CVE-2022-37434)
> - Fix bug in block type selection when Z_FIXED used
> - Tighten deflateBound bounds
> - Remove deleted assembler code references
> - Various portability and appearance improvements
> 
> Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
> ---
> config/rootfiles/common/zlib              |  2 +-
> lfs/zlib                                  | 10 +++-----
> src/patches/zlib-CVE-2022-37434-fix.patch | 26 --------------------
> src/patches/zlib-CVE-2022-37434.patch     | 29 -----------------------
> 4 files changed, 4 insertions(+), 63 deletions(-)
> delete mode 100644 src/patches/zlib-CVE-2022-37434-fix.patch
> delete mode 100644 src/patches/zlib-CVE-2022-37434.patch
> 
> diff --git a/config/rootfiles/common/zlib b/config/rootfiles/common/zlib
> index 0e01dc00e..c1f23ab8a 100644
> --- a/config/rootfiles/common/zlib
> +++ b/config/rootfiles/common/zlib
> @@ -1,6 +1,6 @@
> lib/libz.so
> lib/libz.so.1
> -lib/libz.so.1.2.12
> +lib/libz.so.1.2.13
> #usr/include/zconf.h
> #usr/include/zlib.h
> #usr/lib/libz.a
> diff --git a/lfs/zlib b/lfs/zlib
> index f24489677..858abd0cd 100644
> --- a/lfs/zlib
> +++ b/lfs/zlib
> @@ -24,10 +24,10 @@
> 
> include Config
> 
> -VER        = 1.2.12
> +VER        = 1.2.13
> 
> THISAPP    = zlib-$(VER)
> -DL_FILE    = $(THISAPP).tar.gz
> +DL_FILE    = $(THISAPP).tar.xz
> DL_FROM    = $(URL_IPFIRE)
> DIR_APP    = $(DIR_SRC)/$(THISAPP)
> 
> @@ -47,7 +47,7 @@ objects = $(DL_FILE)
> 
> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
> 
> -$(DL_FILE)_BLAKE2 = 76e7b26f8dc761b0eae6276cc32bc36fa74a88197699c95d158c1548f97b80db5e39d21144ecd6ee3eb90c42730aa5f387f9952d9a3f0930b56e9dfcd12f1e67
> +$(DL_FILE)_BLAKE2 = cefcd25989ce27e7d339af2a88455fcf64f6f5e647bedb0f05a45e4370a885fe45a60c023aa63e79b8ecf20ed3254d0052245f33f5769aca2838b42242be14a8
> 
> install : $(TARGET)
> 
> @@ -78,10 +78,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> @$(PREBUILD)
> @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
> 
> - # Apply fix for CVE-2022-37434 (and a fix for the fix)
> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/zlib-CVE-2022-37434.patch
> - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/zlib-CVE-2022-37434-fix.patch
> -
> cd $(DIR_APP) && CROSS_PREFIX=$(CROSS_PREFIX) ./configure --prefix=$(PREFIX) --shared
> cd $(DIR_APP) && make $(MAKETUNING)
> cd $(DIR_APP) && make install
> diff --git a/src/patches/zlib-CVE-2022-37434-fix.patch b/src/patches/zlib-CVE-2022-37434-fix.patch
> deleted file mode 100644
> index ba8e39535..000000000
> --- a/src/patches/zlib-CVE-2022-37434-fix.patch
> +++ /dev/null
> @@ -1,26 +0,0 @@
> -commit 1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d
> -Author: Mark Adler <fork(a)madler.net>
> -Date:   Mon Aug 8 10:50:09 2022 -0700
> -
> -    Fix extra field processing bug that dereferences NULL state->head.
> -    
> -    The recent commit to fix a gzip header extra field processing bug
> -    introduced the new bug fixed here.
> -
> -diff --git a/inflate.c b/inflate.c
> -index 7a72897..2a3c4fe 100644
> ---- a/inflate.c
> -+++ b/inflate.c
> -@@ -763,10 +763,10 @@ int flush;
> -                 copy = state->length;
> -                 if (copy > have) copy = have;
> -                 if (copy) {
> --                    len = state->head->extra_len - state->length;
> -                     if (state->head != Z_NULL &&
> -                         state->head->extra != Z_NULL &&
> --                        len < state->head->extra_max) {
> -+                        (len = state->head->extra_len - state->length) <
> -+                            state->head->extra_max) {
> -                         zmemcpy(state->head->extra + len, next,
> -                                 len + copy > state->head->extra_max ?
> -                                 state->head->extra_max - len : copy);
> diff --git a/src/patches/zlib-CVE-2022-37434.patch b/src/patches/zlib-CVE-2022-37434.patch
> deleted file mode 100644
> index 95e9f173f..000000000
> --- a/src/patches/zlib-CVE-2022-37434.patch
> +++ /dev/null
> @@ -1,29 +0,0 @@
> -commit eff308af425b67093bab25f80f1ae950166bece1
> -Author: Mark Adler <fork(a)madler.net>
> -Date:   Sat Jul 30 15:51:11 2022 -0700
> -
> -    Fix a bug when getting a gzip header extra field with inflate().
> -    
> -    If the extra field was larger than the space the user provided with
> -    inflateGetHeader(), and if multiple calls of inflate() delivered
> -    the extra header data, then there could be a buffer overflow of the
> -    provided space. This commit assures that provided space is not
> -    exceeded.
> -
> -diff --git a/inflate.c b/inflate.c
> -index 7be8c63..7a72897 100644
> ---- a/inflate.c
> -+++ b/inflate.c
> -@@ -763,9 +763,10 @@ int flush;
> -                 copy = state->length;
> -                 if (copy > have) copy = have;
> -                 if (copy) {
> -+                    len = state->head->extra_len - state->length;
> -                     if (state->head != Z_NULL &&
> --                        state->head->extra != Z_NULL) {
> --                        len = state->head->extra_len - state->length;
> -+                        state->head->extra != Z_NULL &&
> -+                        len < state->head->extra_max) {
> -                         zmemcpy(state->head->extra + len, next,
> -                                 len + copy > state->head->extra_max ?
> -                                 state->head->extra_max - len : copy);
> -- 
> 2.38.1
>

     prev parent reply	other threads:[~2022-11-08 11:06 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-11-07 21:14 Adolf Belka
2022-11-08 11:06 ` Michael Tremer [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2E09B928-B6DF-44EF-9921-A947F44E0014@ipfire.org \
    --to=michael.tremer@ipfire.org \
    --cc=development@lists.ipfire.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox