Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package mruby for openSUSE:Factory checked in at 2022-01-19 00:35:14 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/mruby (Old) and /work/SRC/openSUSE:Factory/.mruby.new.1892 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "mruby" Wed Jan 19 00:35:14 2022 rev:3 rq:947174 version:3.0.0 Changes: -------- --- /work/SRC/openSUSE:Factory/mruby/mruby.changes 2021-12-16 21:20:59.470559570 +0100 +++ /work/SRC/openSUSE:Factory/.mruby.new.1892/mruby.changes 2022-01-19 00:35:39.786310516 +0100 @@ -1,0 +2,12 @@ +Tue Jan 18 08:58:03 UTC 2022 - Ferdinand Thiessen <[email protected]> + +- Added CVE-2022-0080.patch from upstream, + fixed Heap-based Buffer Overflow boo#1194244 / CVE-2022-0080 + +------------------------------------------------------------------- +Tue Jan 18 08:47:09 UTC 2022 - Ferdinand Thiessen <[email protected]> + +- Added CVE-2022-0240.patch from upstream, + fixed NULL Pointer Dereference boo#1194808 / CVE-2022-0240 + +------------------------------------------------------------------- New: ---- CVE-2022-0080.patch CVE-2022-0240.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mruby.spec ++++++ --- /var/tmp/diff_new_pack.o0rSVq/_old 2022-01-19 00:35:40.266310859 +0100 +++ /var/tmp/diff_new_pack.o0rSVq/_new 2022-01-19 00:35:40.274310865 +0100 @@ -2,7 +2,7 @@ # # spec file for package mruby # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # Copyright (c) 2012 Pascal Bleser <[email protected]> # # All modifications and additions to the file contributed by third parties @@ -30,6 +30,10 @@ Source: %{url}/archive/refs/tags/%{version}.tar.gz#/%{name}-%{version}.tar.gz # PATCH-FIX-UPSTREAM CVE-2021-4110.patch -- https://github.com/mruby/mruby/commit/f5e10c5a79a17939af763b1dcf5232ce47e24a34 Patch0: CVE-2021-4110.patch +# PATCH-FIX-UPSTREAM CVE-2022-0240.patch -- https://github.com/mruby/mruby/commit/31fa3304049fc406a201a72293cce140f0557dca +Patch1: CVE-2022-0240.patch +# PATCH-FIX-UPSTREAM CVE-2022-0080.patch -- https://github.com/mruby/mruby/commit/28ccc664e5dcd3f9d55173e9afde77c4705a9ab6 +Patch2: CVE-2022-0080.patch BuildRequires: bison BuildRequires: cmake BuildRequires: pkgconfig ++++++ CVE-2022-0080.patch ++++++ diff -Nur mruby-3.0.0/src/proc.c new/src/proc.c --- mruby-3.0.0/src/proc.c 2022-01-18 09:57:00.592669176 +0100 +++ new/src/proc.c 2022-01-18 09:57:44.044870774 +0100 @@ -190,12 +190,12 @@ /* already initialized proc */ return; } + if (!MRB_PROC_CFUNC_P(b) && b->body.irep) { + mrb_irep_incref(mrb, (mrb_irep*)b->body.irep); + } a->flags = b->flags; a->body = b->body; a->upper = b->upper; - if (!MRB_PROC_CFUNC_P(a) && a->body.irep) { - mrb_irep_incref(mrb, (mrb_irep*)a->body.irep); - } a->e.env = b->e.env; /* a->e.target_class = a->e.target_class; */ } ++++++ CVE-2022-0240.patch ++++++ diff -Nur mruby-3.0.0/src/class.c new/src/class.c --- mruby-3.0.0/src/class.c 2021-03-05 09:07:35.000000000 +0100 +++ new/src/class.c 2022-01-18 09:46:37.881837110 +0100 @@ -339,6 +339,7 @@ prepare_singleton_class(mrb_state *mrb, struct RBasic *o) { struct RClass *sc, *c; + mrb_assert(o->c); if (o->c->tt == MRB_TT_SCLASS) return; sc = (struct RClass*)mrb_obj_alloc(mrb, MRB_TT_SCLASS, mrb->class_class); @@ -1649,6 +1650,7 @@ break; } obj = mrb_basic_ptr(v); + if (obj->c == NULL) return NULL; prepare_singleton_class(mrb, obj); return obj->c; }
