Backport of patch
Resolves: rhbz#2093092 Adds 0006-fix-CVE-2022-29526.patch
This commit is contained in:
parent
ce2a039e09
commit
4042d64b0c
|
@ -0,0 +1,25 @@
|
|||
From 4115e1e9943e7627e7028a7343b2db6280a9fe0f Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Alejandro=20S=C3=A1ez?= <asm@redhat.com>
|
||||
Date: Fri, 1 Jul 2022 17:07:06 +0200
|
||||
Subject: [PATCH] Backport of CVE-2022-29526 from go1.17
|
||||
|
||||
---
|
||||
src/syscall/syscall_linux.go | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/syscall/syscall_linux.go b/src/syscall/syscall_linux.go
|
||||
index 3041f6f8fc..b2cc53e5c0 100644
|
||||
--- a/src/syscall/syscall_linux.go
|
||||
+++ b/src/syscall/syscall_linux.go
|
||||
@@ -106,7 +106,7 @@ func Faccessat(dirfd int, path string, mode uint32, flags int) (err error) {
|
||||
gid = Getgid()
|
||||
}
|
||||
|
||||
- if uint32(gid) == st.Gid || isGroupMember(gid) {
|
||||
+ if uint32(gid) == st.Gid || isGroupMember(int(st.Gid)) {
|
||||
fmode = (st.Mode >> 3) & 7
|
||||
} else {
|
||||
fmode = st.Mode & 7
|
||||
--
|
||||
2.35.3
|
||||
|
13
golang.spec
13
golang.spec
|
@ -102,7 +102,7 @@
|
|||
%global go_version %{go_api}.15
|
||||
|
||||
# For rpmdev-bumpspec and releng automation
|
||||
%global baserelease 2
|
||||
%global baserelease 3
|
||||
|
||||
Name: golang
|
||||
Version: %{go_version}
|
||||
|
@ -164,6 +164,12 @@ Patch4: 0004-fix-CVE-2022-24675.patch
|
|||
# Patch: https://go-review.googlesource.com/c/go/+/397135/
|
||||
Patch5: 0005-fix-CVE-2022-28327.patch
|
||||
|
||||
# The issue: https://github.com/golang/go/issues/52313
|
||||
# Fixed in: go1.19
|
||||
# Backported by upstream to go1.18.2 and go1.17.10
|
||||
# Patch: https://go-review.googlesource.com/c/go/+/401078/
|
||||
Patch6: 0006-fix-CVE-2022-29526.patch
|
||||
|
||||
# Having documentation separate was broken
|
||||
Obsoletes: %{name}-docs < 1.1-4
|
||||
|
||||
|
@ -530,6 +536,11 @@ fi
|
|||
%endif
|
||||
|
||||
%changelog
|
||||
* Fri Jul 01 2022 Alejandro Sáez <asm@redhat.com> - 1.16.15-3
|
||||
- Backport of patch.
|
||||
- Resolves: rhbz#2093092
|
||||
- Adds 0006-fix-CVE-2022-29526.patch
|
||||
|
||||
* Wed Jun 08 2022 Alejandro Sáez <asm@redhat.com> - 1.16.15-2
|
||||
- Backport of patches.
|
||||
- Skip tests for arm
|
||||
|
|
Loading…
Reference in New Issue