diff options
| author | Karsten Hopp <karsten@fedoraproject.org> | 2009-12-02 11:39:33 +0000 |
|---|---|---|
| committer | Karsten Hopp <karsten@fedoraproject.org> | 2009-12-02 11:39:33 +0000 |
| commit | 2d31e7e2d2f3024ec354bc4f83ba0c6b2457b388 (patch) | |
| tree | bc8315df60993168bed21a33e157ccaa7416727e | |
| parent | 332f70f22601e57b6bca34455c7662120801b10a (diff) | |
- add fix for CVE-2009-3736: libltdl may load and execute code from alibtool-1_5_26-4_fc10_1
library in the current directory
| -rw-r--r-- | libtool-1.5.22-CVE-2009-3736.patch | 91 | ||||
| -rw-r--r-- | libtool.spec | 10 |
2 files changed, 97 insertions, 4 deletions
diff --git a/libtool-1.5.22-CVE-2009-3736.patch b/libtool-1.5.22-CVE-2009-3736.patch new file mode 100644 index 0000000..34beda9 --- /dev/null +++ b/libtool-1.5.22-CVE-2009-3736.patch @@ -0,0 +1,91 @@ +diff -urN libtool-1.5.26.orig/libltdl/ltdl.c libtool-1.5.26/libltdl/ltdl.c +--- libtool-1.5.26.orig/libltdl/ltdl.c 2007-11-15 13:36:41.000000000 -0600 ++++ libtool-1.5.26/libltdl/ltdl.c 2009-11-15 21:13:37.000000000 -0600 +@@ -2192,7 +2192,8 @@ + static int try_dlopen LT_PARAMS((lt_dlhandle *handle, + const char *filename)); + static int tryall_dlopen LT_PARAMS((lt_dlhandle *handle, +- const char *filename)); ++ const char *filename, ++ const char * useloader)); + static int unload_deplibs LT_PARAMS((lt_dlhandle handle)); + static int lt_argz_insert LT_PARAMS((char **pargz, + size_t *pargz_len, +@@ -2390,9 +2391,10 @@ + } + + static int +-tryall_dlopen (handle, filename) ++tryall_dlopen (handle, filename, useloader) + lt_dlhandle *handle; + const char *filename; ++ const char *useloader; + { + lt_dlhandle cur; + lt_dlloader *loader; +@@ -2459,6 +2461,11 @@ + + while (loader) + { ++ if (useloader && strcmp(loader->loader_name, useloader)) ++ { ++ loader = loader->next; ++ continue; ++ } + lt_user_data data = loader->dlloader_data; + + cur->module = loader->module_open (data, filename); +@@ -2528,7 +2535,7 @@ + error += tryall_dlopen_module (handle, + (const char *) 0, prefix, filename); + } +- else if (tryall_dlopen (handle, filename) != 0) ++ else if (tryall_dlopen (handle, filename, NULL) != 0) + { + ++error; + } +@@ -2549,7 +2556,7 @@ + /* Try to open the old library first; if it was dlpreopened, + we want the preopened version of it, even if a dlopenable + module is available. */ +- if (old_name && tryall_dlopen (handle, old_name) == 0) ++ if (old_name && tryall_dlopen (handle, old_name, "dlpreload") == 0) + { + return 0; + } +@@ -2813,7 +2820,7 @@ + + /* Try to dlopen the file, but do not continue searching in any + case. */ +- if (tryall_dlopen (handle, filename) != 0) ++ if (tryall_dlopen (handle, filename,NULL) != 0) + *handle = 0; + + return 1; +@@ -3103,7 +3110,7 @@ + /* lt_dlclose()ing yourself is very bad! Disallow it. */ + LT_DLSET_FLAG (*phandle, LT_DLRESIDENT_FLAG); + +- if (tryall_dlopen (&newhandle, 0) != 0) ++ if (tryall_dlopen (&newhandle, 0, NULL) != 0) + { + LT_DLFREE (*phandle); + return 1; +@@ -3225,7 +3232,7 @@ + } + #endif + } +- if (!file) ++ else + { + file = fopen (filename, LT_READTEXT_MODE); + } +@@ -3412,7 +3419,7 @@ + #endif + ))) + { +- if (tryall_dlopen (&newhandle, filename) != 0) ++ if (tryall_dlopen (&newhandle, filename, NULL) != 0) + { + newhandle = NULL; + } diff --git a/libtool.spec b/libtool.spec index 044d512..0d0d61a 100644 --- a/libtool.spec +++ b/libtool.spec @@ -3,7 +3,7 @@ Summary: The GNU Portable Library Tool Name: libtool Version: 1.5.26 -Release: 4%{?dist} +Release: 4%{?dist}.1 License: GPLv2+ and LGPLv2+ and GFDL Group: Development/Tools Source: http://ftp.gnu.org/gnu/libtool/libtool-%{version}.tar.gz @@ -13,9 +13,7 @@ Requires(post): /sbin/install-info Requires(preun): /sbin/install-info Patch1: libtool-1.5.24-multilib.patch -# don't read .la file in current working directory, root might get tricked -# into running a prepared binary in that directory: -Patch2: libtool-1.5.24-relativepath.patch +Patch2: libtool-1.5.22-CVE-2009-3736.patch BuildRequires: autoconf >= 2.59, automake >= 1.9.2, texinfo Requires: autoconf >= 2.58, automake >= 1.4 @@ -152,6 +150,10 @@ fi %changelog +* Wed Dec 02 2009 Karsten Hopp <karsten@redhat.com> 1.5.26-4.1 +- add fix for CVE-2009-3736: + libltdl may load and execute code from a library in the current directory + * Fri Aug 29 2008 Dennis Gilmore <dennis@ausil.us> 1.5.26-4 - rebuild for gcc-4.3.2 |