aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAriadne Conill <ariadne@dereferenced.org>2021-08-11 09:38:32 -0600
committerAriadne Conill <ariadne@dereferenced.org>2021-08-11 09:41:56 -0600
commitef23bc5393bffad97afe72f175a331b7c49e0b39 (patch)
tree06c965920a1268f77bc0bd3bb6addf7707937cb3
parente9c7a34a27e197feeadca1a88135ad780e0863e9 (diff)
downloadaports-ef23bc5393bffad97afe72f175a331b7c49e0b39.tar.gz
aports-ef23bc5393bffad97afe72f175a331b7c49e0b39.tar.bz2
aports-ef23bc5393bffad97afe72f175a331b7c49e0b39.tar.xz
main/libspf2: add mitigation for CVE-2021-20314
-rw-r--r--main/libspf2/APKBUILD14
-rw-r--r--main/libspf2/CVE-2021-20314.patch22
2 files changed, 33 insertions, 3 deletions
diff --git a/main/libspf2/APKBUILD b/main/libspf2/APKBUILD
index 80843440bf..5739e5ebd6 100644
--- a/main/libspf2/APKBUILD
+++ b/main/libspf2/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=libspf2
pkgver=1.2.10
-pkgrel=4
+pkgrel=5
pkgdesc="Sender Policy Framework library, a part of the SPF/SRS protocol pair."
url="https://wiki.gnome.org/Projects/Libsecret"
arch="all"
@@ -16,8 +16,13 @@ source="http://www.libspf2.org/spf/$pkgname-$pkgver.tar.gz
netdb_success.patch
musl-res_close.patch
fix-gcc-variadic-macros.patch
+ CVE-2021-20314.patch
"
+# secfixes:
+# 1.2.10-r5:
+# - CVE-2021-20314
+
prepare() {
cd "$builddir"
update_config_sub
@@ -53,9 +58,12 @@ tools() {
rm -fr "$pkgdir"/usr/bin
}
-sha512sums="162ce382628c6fcadac3e11f5a12442db622bb23f7ec503e16f5ba7fc88afdd777bce6b093c12a58210355985fd11b74b140f08fab347334d82d953dd183b130 libspf2-1.2.10.tar.gz
+sha512sums="
+162ce382628c6fcadac3e11f5a12442db622bb23f7ec503e16f5ba7fc88afdd777bce6b093c12a58210355985fd11b74b140f08fab347334d82d953dd183b130 libspf2-1.2.10.tar.gz
3b9bff9b5a5b95f6722f86a43373b0c84cbb79a4509cf0c73486612c0a1b33587bb0b42966b0d2e3a317e4d7a730091fa444bd1258afd06bb3553c4a96d3ee34 00001.patch
18ddfe106b652e2fb9e36a9f1743fc7cecf38530da65a06ac892b60d2c430aaad657f5653495950d4af4b9833826366b79e629937498e5ce7f6af716303221c4 00002.patch
033dd1e959004f7a1026fb1de73813e934560101e04897297e468918ee28e4d7d0f271d6f05d984db22dd43e097f6aa133df18d11419b085d89db89b120750c9 netdb_success.patch
4fb8a28a667d8fe54a48fa89230446b758c6d532866ee26e8b9ef3032f6e0993ec19a2cc2fb265d18d259e35de6fe66183763bbc69c424de70ad8fe0dbcf7a2f musl-res_close.patch
-2face288cfb2cbcfced0f6d47f905b9efdccf696de780892c4e36b134bb4dbe77416b42f42f8ccb16da47551d800fe037899324dec33e140fb8cea0f201abd74 fix-gcc-variadic-macros.patch"
+2face288cfb2cbcfced0f6d47f905b9efdccf696de780892c4e36b134bb4dbe77416b42f42f8ccb16da47551d800fe037899324dec33e140fb8cea0f201abd74 fix-gcc-variadic-macros.patch
+809c9a001b21831a6840359bea3f4e302e1589a5e77bceff85dd63d631ac25ce217ba11446d537d044a1e87481323940da25e6159ad19dd62fcb0803bcd2dcf6 CVE-2021-20314.patch
+"
diff --git a/main/libspf2/CVE-2021-20314.patch b/main/libspf2/CVE-2021-20314.patch
new file mode 100644
index 0000000000..412d5f322a
--- /dev/null
+++ b/main/libspf2/CVE-2021-20314.patch
@@ -0,0 +1,22 @@
+From c37b7c13c30e225183899364b9f2efdfa85552ef Mon Sep 17 00:00:00 2001
+From: Shevek <shevek@anarres.org>
+Date: Sat, 5 Jun 2021 21:39:04 -0700
+Subject: [PATCH] spf_compile.c: Correct size of ds_avail.
+
+---
+ src/libspf2/spf_compile.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/libspf2/spf_compile.c b/src/libspf2/spf_compile.c
+index ff02f87..b08ffe2 100644
+--- a/src/libspf2/spf_compile.c
++++ b/src/libspf2/spf_compile.c
+@@ -455,7 +455,7 @@ SPF_c_parse_var(SPF_response_t *spf_response, SPF_data_var_t *data,
+ /* Magic numbers for x/Nc in gdb. */ \
+ data->ds.__unused0 = 0xba; data->ds.__unused1 = 0xbe; \
+ dst = SPF_data_str( data ); \
+- ds_avail = _avail; \
++ ds_avail = _avail - sizeof(SPF_data_t); \
+ ds_len = 0; \
+ } while(0)
+