Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package busybox for openSUSE:Factory checked in at 2022-11-24 12:22:36 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/busybox (Old) and /work/SRC/openSUSE:Factory/.busybox.new.1597 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "busybox" Thu Nov 24 12:22:36 2022 rev:80 rq:1037649 version:1.35.0 Changes: -------- --- /work/SRC/openSUSE:Factory/busybox/busybox.changes 2022-11-16 15:42:22.327597471 +0100 +++ /work/SRC/openSUSE:Factory/.busybox.new.1597/busybox.changes 2022-11-24 12:22:45.873120369 +0100 @@ -1,0 +2,6 @@ +Wed Nov 23 13:24:55 UTC 2022 - Dominique Leuenberger <dims...@opensuse.org> + +- Add e63d7cdf.patch: awk: fix use after free (CVE-2022-30065, + boo#1199744). + +------------------------------------------------------------------- New: ---- e63d7cdf.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ busybox.spec ++++++ --- /var/tmp/diff_new_pack.fvUNBO/_old 2022-11-24 12:22:46.853126598 +0100 +++ /var/tmp/diff_new_pack.fvUNBO/_new 2022-11-24 12:22:46.857126623 +0100 @@ -42,6 +42,8 @@ Patch0: cpio-long-opt.patch Patch1: sendmail-ignore-F-option.patch Patch2: testsuite-gnu-echo.patch +# PATCH-FIX-UPSTREAM e63d7cdf.patch CVE-2022-30065 - awk: fix use after free (rebased https://github.com/mirror/busybox/commit/e63d7cdf.patch) +Patch3: e63d7cdf.patch # other patches Patch100: busybox.install.patch Provides: useradd_or_adduser_dep ++++++ cpio-long-opt.patch ++++++ --- /var/tmp/diff_new_pack.fvUNBO/_old 2022-11-24 12:22:46.929127080 +0100 +++ /var/tmp/diff_new_pack.fvUNBO/_new 2022-11-24 12:22:46.929127080 +0100 @@ -1,7 +1,8 @@ -diff -urN busybox-1.32.0.orig/archival/cpio.c busybox-1.32.0/archival/cpio.c ---- busybox-1.32.0.orig/archival/cpio.c 2020-06-26 20:47:44.000000000 +0200 -+++ busybox-1.32.0/archival/cpio.c 2020-12-07 11:23:44.913676627 +0100 -@@ -367,6 +367,9 @@ +Index: busybox-1.35.0/archival/cpio.c +=================================================================== +--- busybox-1.35.0.orig/archival/cpio.c ++++ busybox-1.35.0/archival/cpio.c +@@ -413,6 +413,9 @@ int cpio_main(int argc UNUSED_PARAM, cha const char *long_opts = "extract\0" No_argument "i" "list\0" No_argument "t" ++++++ e63d7cdf.patch ++++++ >From e63d7cdfdac78c6fd27e9e63150335767592b85e Mon Sep 17 00:00:00 2001 From: Natanael Copa <nc...@alpinelinux.org> Date: Fri, 17 Jun 2022 17:45:34 +0200 Subject: [PATCH] awk: fix use after free (CVE-2022-30065) fixes https://bugs.busybox.net/show_bug.cgi?id=14781 function old new delta evaluate 3343 3357 +14 Signed-off-by: Natanael Copa <nc...@alpinelinux.org> Signed-off-by: Denys Vlasenko <vda.li...@googlemail.com> --- editors/awk.c | 3 +++ testsuite/awk.tests | 6 ++++++ 2 files changed, 9 insertions(+) Index: busybox-1.35.0/editors/awk.c =================================================================== --- busybox-1.35.0.orig/editors/awk.c +++ busybox-1.35.0/editors/awk.c @@ -3114,6 +3114,9 @@ static var *evaluate(node *op, var *res) case XC( OC_MOVE ): debug_printf_eval("MOVE\n"); + /* make sure that we never return a temp var */ + if (L.v == TMPVAR0) + L.v = res; /* if source is a temporary string, jusk relink it to dest */ if (R.v == TMPVAR1 && !(R.v->type & VF_NUMBER) Index: busybox-1.35.0/testsuite/awk.tests =================================================================== --- busybox-1.35.0.orig/testsuite/awk.tests +++ busybox-1.35.0/testsuite/awk.tests @@ -469,4 +469,10 @@ testing 'awk printf %% prints one %' \ "%\n" \ '' '' +testing 'awk assign while test' \ + "awk '\$1==\$1=\"foo\" {print \$1}'" \ + "foo\n" \ + "" \ + "foo" + exit $FAILCOUNT
