Fix 2.0 CVE-2023-38469

microsoft · Nov 28, 2024 · 6f7f170 · 6f7f170
1 parent 9f45852
commit 6f7f170
Show file tree

Hide file tree

Showing 2 changed files with 48 additions and 1 deletion.
diff --git a/SPECS/avahi/CVE-2023-38469.patch b/SPECS/avahi/CVE-2023-38469.patch
@@ -0,0 +1,43 @@
+From c89fd5f2e85052f1f8b74ddeff38235932236889 Mon Sep 17 00:00:00 2001
+From: Kanishk-Bansal <kbkanishk975@gmail.com>
+Date: Wed, 27 Nov 2024 08:48:59 +0000
+Subject: [PATCH] Fix CVE patch
+
+---
+ avahi-core/rr.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/avahi-core/rr.c b/avahi-core/rr.c
+index 7fa0bee..b03a24c 100644
+--- a/avahi-core/rr.c
++++ b/avahi-core/rr.c
+@@ -32,6 +32,7 @@
+ #include <avahi-common/malloc.h>
+ #include <avahi-common/defs.h>
+
++#include "dns.h"
+ #include "rr.h"
+ #include "log.h"
+ #include "util.h"
+@@ -688,11 +689,17 @@ int avahi_record_is_valid(AvahiRecord *r) {
+         case AVAHI_DNS_TYPE_TXT: {
+
+             AvahiStringList *strlst;
++            size_t used = 0;
+
+-            for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next)
++            for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next) {
+                 if (strlst->size > 255 || strlst->size <= 0)
+                     return 0;
+
++                used += 1+strlst->size;
++                if (used > AVAHI_DNS_RDATA_MAX)
++                    return 0;
++            }
++
+             return 1;
+         }
+     }
+-- 
+2.45.2
+
diff --git a/SPECS/avahi/avahi.spec b/SPECS/avahi/avahi.spec
@@ -3,7 +3,7 @@
 Summary:        Local network service discovery
 Name:           avahi
 Version:        0.8
-Release:        1%{?dist}
+Release:        2%{?dist}
 License:        LGPLv2+
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
@@ -12,6 +12,7 @@ Source0:        https://github.com/lathiat/avahi/releases/download/v%{version}/%
 Patch0:         %{name}-libevent-pc-fix.patch
 Patch1:         CVE-2021-3468.patch
 Patch2:         CVE-2021-3502.patch
+Patch3:         CVE-2023-38469.patch
 BuildRequires:  automake
 BuildRequires:  dbus-devel >= 0.90
 BuildRequires:  dbus-glib-devel >= 0.70
@@ -413,6 +414,9 @@ exit 0
 - Remove mono patch- we don't build with mono.
 - Remove local services patch- upstreamed
 
+*Thu Nov 28 2024 Kanishk Bansal <kanbansal@microsoft.com> -0.8-2
+- Fix CVE-2023-38469.patch with an upstream patch 
+
 * Wed Dec 08 2021 Thomas Crain <thcrain@microsoft.com> - 0.7-26
 - License verified
 - Lint spec