commit FastCGI for openSUSE:Factory

Thu, 27 Nov 2025 06:18:48 -0800 

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package FastCGI for openSUSE:Factory checked 
in at 2025-11-27 15:17:53
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/FastCGI (Old)
 and      /work/SRC/openSUSE:Factory/.FastCGI.new.14147 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "FastCGI"

Thu Nov 27 15:17:53 2025 rev:35 rq:1320164 version:2.4.7

Changes:
--------
--- /work/SRC/openSUSE:Factory/FastCGI/FastCGI.changes  2025-07-17 
17:17:53.981591837 +0200
+++ /work/SRC/openSUSE:Factory/.FastCGI.new.14147/FastCGI.changes       
2025-11-27 15:17:57.039844668 +0100
@@ -1,0 +2,7 @@
+Wed Nov 26 11:41:53 UTC 2025 - Marcus Rueckert <[email protected]>
+
+- Update to 2.4.7 (boo#1243325 CVE-2025-23016)
+  Fix size_t overflow in Malloc() argument in ReadParams()
+  https://github.com/advisories/GHSA-9825-56cx-cfg6
+
+-------------------------------------------------------------------

Old:
----
  2.4.6.tar.gz

New:
----
  2.4.7.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ FastCGI.spec ++++++
--- /var/tmp/diff_new_pack.QgXfVY/_old  2025-11-27 15:17:58.195893417 +0100
+++ /var/tmp/diff_new_pack.QgXfVY/_new  2025-11-27 15:17:58.199893585 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package FastCGI
 #
-# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
 
 Name:           FastCGI
 %define lname  libfcgi0
-Version:        2.4.6
+Version:        2.4.7
 Release:        0
 Summary:        A Scalable, Open Extension to CGI
 License:        OML

++++++ 2.4.6.tar.gz -> 2.4.7.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/fcgi2-2.4.6/.gitignore new/fcgi2-2.4.7/.gitignore
--- old/fcgi2-2.4.6/.gitignore  2025-04-28 15:55:00.000000000 +0200
+++ new/fcgi2-2.4.7/.gitignore  2025-11-26 12:24:53.000000000 +0100
@@ -43,3 +43,4 @@
 install-sh
 missing
 ltmain.sh
+m4/
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/fcgi2-2.4.6/configure.ac new/fcgi2-2.4.7/configure.ac
--- old/fcgi2-2.4.6/configure.ac        2025-04-28 15:55:00.000000000 +0200
+++ new/fcgi2-2.4.7/configure.ac        2025-11-26 12:24:53.000000000 +0100
@@ -4,7 +4,7 @@
 dnl     generate the file "configure", which is run during the build
 dnl     to configure the system for the local environment.
 
-AC_INIT([fcgi], [2.4.6])
+AC_INIT([fcgi], [2.4.7])
 AM_INIT_AUTOMAKE([1.11 foreign])
 AC_CONFIG_MACRO_DIR([m4])
 AM_CONFIG_HEADER(fcgi_config.h)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/fcgi2-2.4.6/libfcgi/fcgiapp.c 
new/fcgi2-2.4.7/libfcgi/fcgiapp.c
--- old/fcgi2-2.4.6/libfcgi/fcgiapp.c   2025-04-28 15:55:00.000000000 +0200
+++ new/fcgi2-2.4.7/libfcgi/fcgiapp.c   2025-11-26 12:24:53.000000000 +0100
@@ -18,6 +18,7 @@
 #include <memory.h>     /* for memchr() */
 #include <stdarg.h>
 #include <stdio.h>
+#include <stdint.h>
 #include <stdlib.h>
 #include <string.h>
 #include <sys/types.h>
@@ -1160,6 +1161,7 @@
 static int ReadParams(Params *paramsPtr, FCGX_Stream *stream)
 {
     int nameLen, valueLen;
+    size_t totalLen;
     unsigned char lenBuff[3];
     char *nameValue;
 
@@ -1175,7 +1177,7 @@
            }
             nameLen = ((nameLen & 0x7f) << 24) + (lenBuff[0] << 16)
                     + (lenBuff[1] << 8) + lenBuff[2];
-           if (nameLen >= INT_MAX) {
+           if (nameLen >= INT_MAX || nameLen >= SIZE_MAX) {
                 SetError(stream, FCGX_PARAMS_ERROR);
                 return -1;
            }
@@ -1191,16 +1193,21 @@
            }
             valueLen = ((valueLen & 0x7f) << 24) + (lenBuff[0] << 16)
                     + (lenBuff[1] << 8) + lenBuff[2];
-           if (valueLen >= INT_MAX) {
+           if (valueLen >= INT_MAX || valueLen >= SIZE_MAX) {
                 SetError(stream, FCGX_PARAMS_ERROR);
                 return -1;
            }
         }
+        totalLen = (size_t)nameLen + (size_t)valueLen + 2u;
+        if (totalLen < (size_t)nameLen || totalLen < (size_t)valueLen) {
+            SetError(stream, FCGX_PARAMS_ERROR);
+            return -1;
+        }
         /*
          * nameLen and valueLen are now valid; read the name and value
          * from stream and construct a standard environment entry.
          */
-        nameValue = (char *)Malloc(nameLen + valueLen + 2);
+        nameValue = (char *)Malloc(totalLen);
         if(FCGX_GetStr(nameValue, nameLen, stream) != nameLen) {
             SetError(stream, FCGX_PARAMS_ERROR);
             free(nameValue);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/fcgi2-2.4.6/m4/.gitignore 
new/fcgi2-2.4.7/m4/.gitignore
--- old/fcgi2-2.4.6/m4/.gitignore       2025-04-28 15:55:00.000000000 +0200
+++ new/fcgi2-2.4.7/m4/.gitignore       1970-01-01 01:00:00.000000000 +0100
@@ -1,2 +0,0 @@
-*
-!.gitignore

Reply via email to