From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Fri, 10 Feb 2023 15:18:07 +0100 Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1pQUE5-0036II-4V for lore@lore.pengutronix.de; Fri, 10 Feb 2023 15:18:07 +0100 Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de) by metis.ext.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1pQUE1-0007Xx-8i; Fri, 10 Feb 2023 15:18:05 +0100 Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2]) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1pQUDB-0005HB-Vp; Fri, 10 Feb 2023 15:17:14 +0100 Received: from [2a0a:edc0:0:1101:1d::54] (helo=dude05.red.stw.pengutronix.de) by drehscheibe.grey.stw.pengutronix.de with esmtp (Exim 4.94.2) (envelope-from ) id 1pQUDA-00409l-5b; Fri, 10 Feb 2023 15:17:13 +0100 Received: from mol by dude05.red.stw.pengutronix.de with local (Exim 4.94.2) (envelope-from ) id 1pQUDA-00EpDR-Jz; Fri, 10 Feb 2023 15:17:12 +0100 From: Michael Olbrich To: ptxdist@pengutronix.de Date: Fri, 10 Feb 2023 15:17:12 +0100 Message-Id: <20230210141712.3533422-1-m.olbrich@pengutronix.de> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20230204175438.3388865-1-christian.melki@t2data.com> References: <20230204175438.3388865-1-christian.melki@t2data.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: Re: [ptxdist] [APPLIED] e2fsprogs: Version bump. 1.46.5 -> 1.46.6 X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Cc: Christian Melki Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false Thanks, applied as 186fadd15283eb2375712b4ea3096400cd862dd5. Michael [sent from post-receive hook] On Fri, 10 Feb 2023 15:17:12 +0100, Christian Melki wrote: > Minor fixes, speedups etc. > https://e2fsprogs.sourceforge.net/e2fsprogs-release.html#1.46.6 > > * Remove patches. CVE-2022-1304 is fixed in release. > * Add missing largefile option. > * Explicitly disable new option. > > Signed-off-by: Christian Melki > Message-Id: <20230204175438.3388865-1-christian.melki@t2data.com> > Signed-off-by: Michael Olbrich > > diff --git a/patches/e2fsprogs-1.46.5/0001-libext2fs-add-sanity-check-to-extent-manipulation.patch b/patches/e2fsprogs-1.46.5/0001-libext2fs-add-sanity-check-to-extent-manipulation.patch > deleted file mode 100644 > index 979dbb23608c..000000000000 > --- a/patches/e2fsprogs-1.46.5/0001-libext2fs-add-sanity-check-to-extent-manipulation.patch > +++ /dev/null > @@ -1,51 +0,0 @@ > -From: Lukas Czerner > -Date: Thu, 21 Apr 2022 19:31:48 +0200 > -Subject: [PATCH] libext2fs: add sanity check to extent manipulation > - > -It is possible to have a corrupted extent tree in such a way that a leaf > -node contains zero extents in it. Currently if that happens and we try > -to traverse the tree we can end up accessing wrong data, or possibly > -even uninitialized memory. Make sure we don't do that. > - > -Additionally make sure that we have a sane number of bytes passed to > -memmove() in ext2fs_extent_delete(). > - > -Note that e2fsck is currently unable to spot and fix such corruption in > -pass1. > - > -Signed-off-by: Lukas Czerner > -Reported-by: Nils Bars > -Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=2068113 > -Addresses: CVE-2022-1304 > -Addresses-Debian-Bug: #1010263 > -Signed-off-by: Theodore Ts'o > ---- > - lib/ext2fs/extent.c | 8 ++++++++ > - 1 file changed, 8 insertions(+) > - > -diff --git a/lib/ext2fs/extent.c b/lib/ext2fs/extent.c > -index b324c7b0f8c8..1a206a16c13f 100644 > ---- a/lib/ext2fs/extent.c > -+++ b/lib/ext2fs/extent.c > -@@ -495,6 +495,10 @@ retry: > - ext2fs_le16_to_cpu(eh->eh_entries); > - newpath->max_entries = ext2fs_le16_to_cpu(eh->eh_max); > - > -+ /* Make sure there is at least one extent present */ > -+ if (newpath->left <= 0) > -+ return EXT2_ET_EXTENT_NO_DOWN; > -+ > - if (path->left > 0) { > - ix++; > - newpath->end_blk = ext2fs_le32_to_cpu(ix->ei_block); > -@@ -1630,6 +1634,10 @@ errcode_t ext2fs_extent_delete(ext2_extent_handle_t handle, int flags) > - > - cp = path->curr; > - > -+ /* Sanity check before memmove() */ > -+ if (path->left < 0) > -+ return EXT2_ET_EXTENT_LEAF_BAD; > -+ > - if (path->left) { > - memmove(cp, cp + sizeof(struct ext3_extent_idx), > - path->left * sizeof(struct ext3_extent_idx)); > diff --git a/patches/e2fsprogs-1.46.5/series b/patches/e2fsprogs-1.46.5/series > deleted file mode 100644 > index d4319d8ac6eb..000000000000 > --- a/patches/e2fsprogs-1.46.5/series > +++ /dev/null > @@ -1,4 +0,0 @@ > -# generated by git-ptx-patches > -#tag:base --start-number 1 > -0001-libext2fs-add-sanity-check-to-extent-manipulation.patch > -# 77d6a61d2930f9f66b3b54043619c609 - git-ptx-patches magic > diff --git a/rules/e2fsprogs.make b/rules/e2fsprogs.make > index 19e5e7ba4a84..12e632423c8a 100644 > --- a/rules/e2fsprogs.make > +++ b/rules/e2fsprogs.make > @@ -15,8 +15,8 @@ PACKAGES-$(PTXCONF_E2FSPROGS) += e2fsprogs > # > # Paths and names > # > -E2FSPROGS_VERSION := 1.46.5 > -E2FSPROGS_MD5 := 3da91854c960ad8a819b48b2a404eb43 > +E2FSPROGS_VERSION := 1.46.6 > +E2FSPROGS_MD5 := ffcc9cbcc9fac7efe3e52d41e36099f3 > E2FSPROGS := e2fsprogs-$(E2FSPROGS_VERSION) > E2FSPROGS_SUFFIX := tar.gz > E2FSPROGS_URL := $(call ptx/mirror, SF, e2fsprogs/e2fsprogs/v$(E2FSPROGS_VERSION)/$(E2FSPROGS).$(E2FSPROGS_SUFFIX)) > @@ -37,6 +37,7 @@ E2FSPROGS_LICENSE_FILES := \ > E2FSPROGS_CONF_TOOL := autoconf > E2FSPROGS_CONF_OPT := \ > $(CROSS_AUTOCONF_USR) \ > + $(GLOBAL_LARGE_FILE_OPTION) \ > --disable-symlink-install \ > --disable-relative-symlinks \ > --disable-symlink-build \ > @@ -73,6 +74,7 @@ E2FSPROGS_CONF_OPT := \ > --disable-ubsan \ > --disable-addrsan \ > --disable-threadsan \ > + --disable-fuzzing \ > --with-pthread > > E2FSPROGS_MAKE_OPT := $(if $(filter 1,$(strip $(PTXDIST_VERBOSE))),V=1)