diff options
author | Priyal Doshi <pdoshi@mvista.com> | 2023-09-22 15:40:30 +0530 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2023-09-30 08:54:36 -0400 |
commit | 2f4f70a7033b258bfa0a2732601c29d6fee7e9d7 (patch) | |
tree | 2c1a57aa12f1de492072d080bde1efd7a28b20e5 | |
parent | 56f851346499278f58677b489296b383260a6948 (diff) | |
download | meta-openembedded-2f4f70a7033b258bfa0a2732601c29d6fee7e9d7.tar.gz |
open-vm-tools: Security fix for CVE-2023-20900
Backport-from: https://github.com/vmware/open-vm-tools/commit/74b6d0d9000eda1a2c8f31c40c725fb0b8520b16
Signed-off-by: Priyal Doshi <pdoshi@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2 files changed, 36 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/open-vm-tools/open-vm-tools/0001-Allow-only-X509-certs-to-verify-the-SAML-token-signa.patch b/meta-oe/recipes-support/open-vm-tools/open-vm-tools/0001-Allow-only-X509-certs-to-verify-the-SAML-token-signa.patch new file mode 100644 index 000000000..38daa0581 --- /dev/null +++ b/meta-oe/recipes-support/open-vm-tools/open-vm-tools/0001-Allow-only-X509-certs-to-verify-the-SAML-token-signa.patch | |||
@@ -0,0 +1,35 @@ | |||
1 | From 7f3cced1e140ed36c6f8f66d7f4098323b0463b2 Mon Sep 17 00:00:00 2001 | ||
2 | From: Katy Feng <fkaty@vmware.com> | ||
3 | Date: Fri, 25 Aug 2023 11:58:48 -0700 | ||
4 | Subject: [PATCH] Allow only X509 certs to verify the SAML token signature. | ||
5 | |||
6 | Upstream-Status: Backport from https://github.com/vmware/open-vm-tools/commit/74b6d0d9000eda1a2c8f31c40c725fb0b8520b16 | ||
7 | CVE: CVE-2023-20900 | ||
8 | Signed-off-by: Priyal Doshi <pdoshi@mvista.com> | ||
9 | --- | ||
10 | open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c | 9 ++++++++- | ||
11 | 1 file changed, 8 insertions(+), 1 deletion(-) | ||
12 | |||
13 | diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c | ||
14 | index 2906d29..57db3b8 100644 | ||
15 | --- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c | ||
16 | +++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c | ||
17 | @@ -1275,7 +1275,14 @@ VerifySignature(xmlDocPtr doc, | ||
18 | */ | ||
19 | bRet = RegisterID(xmlDocGetRootElement(doc), "ID"); | ||
20 | if (bRet == FALSE) { | ||
21 | - g_warning("failed to register ID\n"); | ||
22 | + g_warning("Failed to register ID\n"); | ||
23 | + goto done; | ||
24 | + } | ||
25 | + | ||
26 | + /* Use only X509 certs to validate the signature */ | ||
27 | + if (xmlSecPtrListAdd(&(dsigCtx->keyInfoReadCtx.enabledKeyData), | ||
28 | + BAD_CAST xmlSecKeyDataX509Id) < 0) { | ||
29 | + g_warning("Failed to limit allowed key data\n"); | ||
30 | goto done; | ||
31 | } | ||
32 | |||
33 | -- | ||
34 | 2.7.4 | ||
35 | |||
diff --git a/meta-oe/recipes-support/open-vm-tools/open-vm-tools_11.0.1.bb b/meta-oe/recipes-support/open-vm-tools/open-vm-tools_11.0.1.bb index 9a1b3f4c8..e3b15e35b 100644 --- a/meta-oe/recipes-support/open-vm-tools/open-vm-tools_11.0.1.bb +++ b/meta-oe/recipes-support/open-vm-tools/open-vm-tools_11.0.1.bb | |||
@@ -44,6 +44,7 @@ SRC_URI = "git://github.com/vmware/open-vm-tools.git;protocol=https;branch=maste | |||
44 | file://0001-utilBacktrace-Ignore-Warray-bounds.patch;patchdir=.. \ | 44 | file://0001-utilBacktrace-Ignore-Warray-bounds.patch;patchdir=.. \ |
45 | file://0001-hgfsmounter-Makefile.am-support-usrmerge.patch;patchdir=.. \ | 45 | file://0001-hgfsmounter-Makefile.am-support-usrmerge.patch;patchdir=.. \ |
46 | file://0001-Properly-check-authorization-on-incoming-guestOps-re.patch;patchdir=.. \ | 46 | file://0001-Properly-check-authorization-on-incoming-guestOps-re.patch;patchdir=.. \ |
47 | file://0001-Allow-only-X509-certs-to-verify-the-SAML-token-signa.patch;patchdir=.. \ | ||
47 | " | 48 | " |
48 | 49 | ||
49 | SRCREV = "d3edfd142a81096f9f58aff17d84219b457f4987" | 50 | SRCREV = "d3edfd142a81096f9f58aff17d84219b457f4987" |