From: Rosen Penev Date: Thu, 23 Aug 2018 02:07:56 +0000 (-0700) Subject: bzip2: Fix CVE-2016-3189 X-Git-Tag: v17.01.6~2 X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=d3e325dfeffd0b407972e6716d5fd5c8acb6c962;p=openwrt%2Fopenwrt.git bzip2: Fix CVE-2016-3189 Issue causes a crash with specially crafted bzip2 files. More info: https://nvd.nist.gov/vuln/detail/CVE-2016-3189 Taken from Fedora. Signed-off-by: Rosen Penev (cherry picked from commit f9469efbfa7ce892651f9a6da713eacbef66f177) --- diff --git a/package/utils/bzip2/Makefile b/package/utils/bzip2/Makefile index 62c255a907..42b2e4f01b 100644 --- a/package/utils/bzip2/Makefile +++ b/package/utils/bzip2/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=bzip2 PKG_VERSION:=1.0.6 -PKG_RELEASE:=3 +PKG_RELEASE:=4 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://www.bzip.org/$(PKG_VERSION) diff --git a/package/utils/bzip2/patches/010-CVE-2016-3189.patch b/package/utils/bzip2/patches/010-CVE-2016-3189.patch new file mode 100644 index 0000000000..064f982c48 --- /dev/null +++ b/package/utils/bzip2/patches/010-CVE-2016-3189.patch @@ -0,0 +1,11 @@ +diff -up ./bzip2recover.c.old ./bzip2recover.c +--- ./bzip2recover.c.old 2016-03-22 08:49:38.855620000 +0100 ++++ ./bzip2recover.c 2016-03-30 10:22:27.341430099 +0200 +@@ -457,6 +457,7 @@ Int32 main ( Int32 argc, Char** argv ) + bsPutUChar ( bsWr, 0x50 ); bsPutUChar ( bsWr, 0x90 ); + bsPutUInt32 ( bsWr, blockCRC ); + bsClose ( bsWr ); ++ outFile = NULL; + } + if (wrBlock >= rbCtr) break; + wrBlock++;