rpms
/
util-linux
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

2.30.2-3: fix #1560283

This commit is contained in:
Karel Zak 2018-03-27 11:17:39 +02:00
parent 05aae355d4
commit cafc6d2e51
2 changed files with 39 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
column-fix-leading-space-characters-bug.patch Normal file
View File

@ -0,0 +1,32 @@
From 5b6fa6063990017f3384476537106caa9e3f5867 Mon Sep 17 00:00:00 2001
From: Karel Zak <kzak@redhat.com>
Date: Tue, 27 Mar 2018 10:40:13 +0200
Subject: [PATCH] column: fix leading space characters bug
The bug has been introduced during column(1) rewrite. The function
read_input() need to skip leading space only temporary to detect empty
lines, but the rest of the code has to use the original buffer (line).
Addresses: https://github.com/karelzak/util-linux/issues/575
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1560283
Signed-off-by: Karel Zak <kzak@redhat.com>
---
text-utils/column.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/text-utils/column.c b/text-utils/column.c
index 5eb0de1ae..d6a6385e3 100644
--- a/text-utils/column.c
+++ b/text-utils/column.c
@@ -452,7 +452,7 @@ static int read_input(struct column_control *ctl, FILE *fp)
if (!str || !*str)
continue;
- wcs = mbs_to_wcs(str);
+ wcs = mbs_to_wcs(buf);
if (!wcs)
err(EXIT_FAILURE, _("read failed"));
--
2.14.3

8
util-linux.spec
View File

@ -2,7 +2,7 @@
Summary: A collection of basic system utilities
Name: util-linux
Version: 2.30.2
Release: 2%{?dist}
Release: 3%{?dist}
License: GPLv2 and GPLv2+ and LGPLv2+ and BSD with advertising and Public Domain
Group: System Environment/Base
URL: http://en.wikipedia.org/wiki/Util-linux
@ -92,6 +92,9 @@ Patch0: 2.28-login-lastlog-create.patch
# 1552641 - CVE-2018-7738 util-linux: Shell command injection in unescaped bash-completed mount point names
Patch1: 0001-bash-completion-umount-use-findmnt-escape-a-space-in.patch
# 1560283 - column does not properly handle spaces at beginning of tab-separated table columns
Patch2: column-fix-leading-space-characters-bug.patch
%description
The util-linux package contains a large variety of low-level system
utilities that are necessary for a Linux system to function. Among
@ -933,6 +936,9 @@ exit 0
%{_libdir}/python*/site-packages/libmount/*
%changelog
* Tue Mar 27 2018 Karel Zak <kzak@redhat.com> - 2.30.2-3
- fix #1560283 - column does not properly handle spaces at beginning of tab-separated table columns
* Thu Mar 8 2018 Karel Zak <kzak@redhat.com> - 2.30.2-2
- fix #1552641 - CVE-2018-7738 util-linux: Shell command injection in unescaped bash-completed mount point names