Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package upx for openSUSE:Factory checked in at 2021-05-19 17:49:41 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/upx (Old) and /work/SRC/openSUSE:Factory/.upx.new.2988 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "upx" Wed May 19 17:49:41 2021 rev:15 rq:894328 version:3.96 Changes: -------- --- /work/SRC/openSUSE:Factory/upx/upx.changes 2020-01-25 13:24:21.224041647 +0100 +++ /work/SRC/openSUSE:Factory/.upx.new.2988/upx.changes 2021-05-19 17:50:04.237360903 +0200 @@ -1,0 +2,6 @@ +Wed May 19 10:36:10 UTC 2021 - Jan Engelhardt <[email protected]> + +- Add 0001-Unpack-Phdrs-must-be-within-expansion-of-first-compr.patch + [CVE-2020-24119] [boo#1186238] + +------------------------------------------------------------------- New: ---- 0001-Unpack-Phdrs-must-be-within-expansion-of-first-compr.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ upx.spec ++++++ --- /var/tmp/diff_new_pack.QShfok/_old 2021-05-19 17:50:04.649359174 +0200 +++ /var/tmp/diff_new_pack.QShfok/_new 2021-05-19 17:50:04.649359174 +0200 @@ -1,7 +1,7 @@ # # spec file for package upx # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -26,6 +26,7 @@ Source: https://github.com/upx/upx/releases/download/v%{version}/upx-%{version}-src.tar.xz Patch0: upx-aarch64.patch Patch1: upx-endiantests.patch +Patch2: 0001-Unpack-Phdrs-must-be-within-expansion-of-first-compr.patch BuildRequires: gcc-c++ BuildRequires: libucl1-devel BuildRequires: zlib-devel @@ -38,9 +39,7 @@ or the proper name in argv[0]. %prep -%setup -q -n %{name}-%{version}-src -%patch0 -p1 -%patch1 -p1 +%autosetup -p1 -n %{name}-%{version}-src # BSD-4-Clause licensed file, remove just in case bnc#753791 rm src/stub/src/i386-dos32.djgpp2-stubify.asm ++++++ 0001-Unpack-Phdrs-must-be-within-expansion-of-first-compr.patch ++++++ >From 87b73e5cfdc12da94c251b2cd83bb01c7d9f616c Mon Sep 17 00:00:00 2001 From: John Reiser <[email protected]> Date: Wed, 22 Jul 2020 19:34:27 -0700 Subject: [PATCH] Unpack: Phdrs must be within expansion of first compressed block https://github.com/upx/upx/issues/388 modified: p_lx_elf.cpp --- src/p_lx_elf.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Index: upx-3.96-src/src/p_lx_elf.cpp =================================================================== --- upx-3.96-src.orig/src/p_lx_elf.cpp +++ upx-3.96-src/src/p_lx_elf.cpp @@ -4469,7 +4469,7 @@ void PackLinuxElf64::unpack(OutputFile * unsigned c_adler = upx_adler32(NULL, 0); unsigned u_adler = upx_adler32(NULL, 0); #define MAX_ELF_HDR 1024 - if ((MAX_ELF_HDR - sizeof(Elf64_Ehdr))/sizeof(Elf64_Phdr) < u_phnum) { + if ((umin64(MAX_ELF_HDR, ph.u_len) - sizeof(Elf64_Ehdr))/sizeof(Elf64_Phdr) < u_phnum) { throwCantUnpack("bad compressed e_phnum"); } #undef MAX_ELF_HDR @@ -5422,7 +5422,7 @@ void PackLinuxElf32::unpack(OutputFile * unsigned c_adler = upx_adler32(NULL, 0); unsigned u_adler = upx_adler32(NULL, 0); #define MAX_ELF_HDR 512 - if ((MAX_ELF_HDR - sizeof(Elf32_Ehdr))/sizeof(Elf32_Phdr) < u_phnum) { + if ((umin(MAX_ELF_HDR, ph.u_len) - sizeof(Elf32_Ehdr))/sizeof(Elf32_Phdr) < u_phnum) { throwCantUnpack("bad compressed e_phnum"); } #undef MAX_ELF_HDR
