summaryrefslogtreecommitdiffstats
path: root/meta
diff options
context:
space:
mode:
Diffstat (limited to 'meta')
-rw-r--r--meta/recipes-devtools/ruby/ruby/CVE-2021-31799.patch57
-rw-r--r--meta/recipes-devtools/ruby/ruby/CVE-2021-31810.patch258
-rw-r--r--meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch102
-rw-r--r--meta/recipes-devtools/ruby/ruby_3.0.3.bb (renamed from meta/recipes-devtools/ruby/ruby_3.0.1.bb)7
4 files changed, 1 insertions, 423 deletions
diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2021-31799.patch b/meta/recipes-devtools/ruby/ruby/CVE-2021-31799.patch
deleted file mode 100644
index 83064e85ab..0000000000
--- a/meta/recipes-devtools/ruby/ruby/CVE-2021-31799.patch
+++ /dev/null
@@ -1,57 +0,0 @@
1From b1c73f239fe9af97de837331849f55d67c27561e Mon Sep 17 00:00:00 2001
2From: aycabta <aycabta@gmail.com>
3Date: Sun, 2 May 2021 20:52:23 +0900
4Subject: [PATCH] [ruby/rdoc] Use File.open to fix the OS Command Injection
5 vulnerability in CVE-2021-31799
6
7https://github.com/ruby/rdoc/commit/a7f5d6ab88
8
9CVE: CVE-2021-31799
10
11Upstream-Status: Backport[https://github.com/ruby/ruby/commit/b1c73f239fe9af97de837331849f55d67c27561e]
12
13Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
14---
15 lib/rdoc/rdoc.rb | 2 +-
16 test/rdoc/test_rdoc_rdoc.rb | 12 ++++++++++++
17 2 files changed, 13 insertions(+), 1 deletion(-)
18
19diff --git a/lib/rdoc/rdoc.rb b/lib/rdoc/rdoc.rb
20index 680a8612f7..904625f105 100644
21--- a/lib/rdoc/rdoc.rb
22+++ b/lib/rdoc/rdoc.rb
23@@ -444,7 +444,7 @@ def remove_unparseable files
24 files.reject do |file, *|
25 file =~ /\.(?:class|eps|erb|scpt\.txt|svg|ttf|yml)$/i or
26 (file =~ /tags$/i and
27- open(file, 'rb') { |io|
28+ File.open(file, 'rb') { |io|
29 io.read(100) =~ /\A(\f\n[^,]+,\d+$|!_TAG_)/
30 })
31 end
32diff --git a/test/rdoc/test_rdoc_rdoc.rb b/test/rdoc/test_rdoc_rdoc.rb
33index 3910dd4656..a83d5a1b88 100644
34--- a/test/rdoc/test_rdoc_rdoc.rb
35+++ b/test/rdoc/test_rdoc_rdoc.rb
36@@ -456,6 +456,18 @@ def test_remove_unparseable_tags_vim
37 end
38 end
39
40+ def test_remove_unparseable_CVE_2021_31799
41+ temp_dir do
42+ file_list = ['| touch evil.txt && echo tags']
43+ file_list.each do |f|
44+ FileUtils.touch f
45+ end
46+
47+ assert_equal file_list, @rdoc.remove_unparseable(file_list)
48+ assert_equal file_list, Dir.children('.')
49+ end
50+ end
51+
52 def test_setup_output_dir
53 Dir.mktmpdir {|d|
54 path = File.join d, 'testdir'
55--
562.17.1
57
diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2021-31810.patch b/meta/recipes-devtools/ruby/ruby/CVE-2021-31810.patch
deleted file mode 100644
index 69d774e0b7..0000000000
--- a/meta/recipes-devtools/ruby/ruby/CVE-2021-31810.patch
+++ /dev/null
@@ -1,258 +0,0 @@
1From 8cebc092cd18f4cfb669f66018ea8ffc6f408584 Mon Sep 17 00:00:00 2001
2From: Yusuke Endoh <mame@ruby-lang.org>
3Date: Wed, 7 Jul 2021 11:57:15 +0900
4Subject: [PATCH] Ignore IP addresses in PASV responses by default, and add new
5 option use_pasv_ip
6
7This fixes CVE-2021-31810.
8Reported by Alexandr Savca.
9
10Co-authored-by: Shugo Maeda <shugo@ruby-lang.org>
11
12CVE: CVE-2021-31810
13
14Upstream-Status: Backport
15[https://github.com/ruby/ruby/commit/bf4d05173c7cf04d8892e4b64508ecf7902717cd]
16
17Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
18---
19 lib/net/ftp.rb | 15 +++-
20 test/net/ftp/test_ftp.rb | 159 ++++++++++++++++++++++++++++++++++++++-
21 2 files changed, 170 insertions(+), 4 deletions(-)
22
23diff --git a/lib/net/ftp.rb b/lib/net/ftp.rb
24index 88e8655..d6f5cc3 100644
25--- a/lib/net/ftp.rb
26+++ b/lib/net/ftp.rb
27@@ -98,6 +98,10 @@ module Net
28 # When +true+, the connection is in passive mode. Default: +true+.
29 attr_accessor :passive
30
31+ # When +true+, use the IP address in PASV responses. Otherwise, it uses
32+ # the same IP address for the control connection. Default: +false+.
33+ attr_accessor :use_pasv_ip
34+
35 # When +true+, all traffic to and from the server is written
36 # to +$stdout+. Default: +false+.
37 attr_accessor :debug_mode
38@@ -206,6 +210,9 @@ module Net
39 # handshake.
40 # See Net::FTP#ssl_handshake_timeout for
41 # details. Default: +nil+.
42+ # use_pasv_ip:: When +true+, use the IP address in PASV responses.
43+ # Otherwise, it uses the same IP address for the control
44+ # connection. Default: +false+.
45 # debug_mode:: When +true+, all traffic to and from the server is
46 # written to +$stdout+. Default: +false+.
47 #
48@@ -266,6 +273,7 @@ module Net
49 @open_timeout = options[:open_timeout]
50 @ssl_handshake_timeout = options[:ssl_handshake_timeout]
51 @read_timeout = options[:read_timeout] || 60
52+ @use_pasv_ip = options[:use_pasv_ip] || false
53 if host
54 connect(host, options[:port] || FTP_PORT)
55 if options[:username]
56@@ -1371,7 +1379,12 @@ module Net
57 raise FTPReplyError, resp
58 end
59 if m = /\((?<host>\d+(?:,\d+){3}),(?<port>\d+,\d+)\)/.match(resp)
60- return parse_pasv_ipv4_host(m["host"]), parse_pasv_port(m["port"])
61+ if @use_pasv_ip
62+ host = parse_pasv_ipv4_host(m["host"])
63+ else
64+ host = @bare_sock.remote_address.ip_address
65+ end
66+ return host, parse_pasv_port(m["port"])
67 else
68 raise FTPProtoError, resp
69 end
70diff --git a/test/net/ftp/test_ftp.rb b/test/net/ftp/test_ftp.rb
71index 023e794..243d4ad 100644
72--- a/test/net/ftp/test_ftp.rb
73+++ b/test/net/ftp/test_ftp.rb
74@@ -61,7 +61,7 @@ class FTPTest < Test::Unit::TestCase
75 end
76
77 def test_parse227
78- ftp = Net::FTP.new
79+ ftp = Net::FTP.new(nil, use_pasv_ip: true)
80 host, port = ftp.send(:parse227, "227 Entering Passive Mode (192,168,0,1,12,34)")
81 assert_equal("192.168.0.1", host)
82 assert_equal(3106, port)
83@@ -80,6 +80,14 @@ class FTPTest < Test::Unit::TestCase
84 assert_raise(Net::FTPProtoError) do
85 ftp.send(:parse227, "227 ) foo bar (")
86 end
87+
88+ ftp = Net::FTP.new
89+ sock = OpenStruct.new
90+ sock.remote_address = OpenStruct.new
91+ sock.remote_address.ip_address = "10.0.0.1"
92+ ftp.instance_variable_set(:@bare_sock, sock)
93+ host, port = ftp.send(:parse227, "227 Entering Passive Mode (192,168,0,1,12,34)")
94+ assert_equal("10.0.0.1", host)
95 end
96
97 def test_parse228
98@@ -2474,10 +2482,155 @@ EOF
99 end
100 end
101
102+ def test_ignore_pasv_ip
103+ commands = []
104+ binary_data = (0..0xff).map {|i| i.chr}.join * 4 * 3
105+ server = create_ftp_server(nil, "127.0.0.1") { |sock|
106+ sock.print("220 (test_ftp).\r\n")
107+ commands.push(sock.gets)
108+ sock.print("331 Please specify the password.\r\n")
109+ commands.push(sock.gets)
110+ sock.print("230 Login successful.\r\n")
111+ commands.push(sock.gets)
112+ sock.print("200 Switching to Binary mode.\r\n")
113+ line = sock.gets
114+ commands.push(line)
115+ data_server = TCPServer.new("127.0.0.1", 0)
116+ port = data_server.local_address.ip_port
117+ sock.printf("227 Entering Passive Mode (999,0,0,1,%s).\r\n",
118+ port.divmod(256).join(","))
119+ commands.push(sock.gets)
120+ sock.print("150 Opening BINARY mode data connection for foo (#{binary_data.size} bytes)\r\n")
121+ conn = data_server.accept
122+ binary_data.scan(/.{1,1024}/nm) do |s|
123+ conn.print(s)
124+ end
125+ conn.shutdown(Socket::SHUT_WR)
126+ conn.read
127+ conn.close
128+ data_server.close
129+ sock.print("226 Transfer complete.\r\n")
130+ }
131+ begin
132+ begin
133+ ftp = Net::FTP.new
134+ ftp.passive = true
135+ ftp.read_timeout *= 5 if defined?(RubyVM::MJIT) && RubyVM::MJIT.enabled? # for --jit-wait
136+ ftp.connect("127.0.0.1", server.port)
137+ ftp.login
138+ assert_match(/\AUSER /, commands.shift)
139+ assert_match(/\APASS /, commands.shift)
140+ assert_equal("TYPE I\r\n", commands.shift)
141+ buf = ftp.getbinaryfile("foo", nil)
142+ assert_equal(binary_data, buf)
143+ assert_equal(Encoding::ASCII_8BIT, buf.encoding)
144+ assert_equal("PASV\r\n", commands.shift)
145+ assert_equal("RETR foo\r\n", commands.shift)
146+ assert_equal(nil, commands.shift)
147+ ensure
148+ ftp.close if ftp
149+ end
150+ ensure
151+ server.close
152+ end
153+ end
154+
155+ def test_use_pasv_ip
156+ commands = []
157+ binary_data = (0..0xff).map {|i| i.chr}.join * 4 * 3
158+ server = create_ftp_server(nil, "127.0.0.1") { |sock|
159+ sock.print("220 (test_ftp).\r\n")
160+ commands.push(sock.gets)
161+ sock.print("331 Please specify the password.\r\n")
162+ commands.push(sock.gets)
163+ sock.print("230 Login successful.\r\n")
164+ commands.push(sock.gets)
165+ sock.print("200 Switching to Binary mode.\r\n")
166+ line = sock.gets
167+ commands.push(line)
168+ data_server = TCPServer.new("127.0.0.1", 0)
169+ port = data_server.local_address.ip_port
170+ sock.printf("227 Entering Passive Mode (127,0,0,1,%s).\r\n",
171+ port.divmod(256).join(","))
172+ commands.push(sock.gets)
173+ sock.print("150 Opening BINARY mode data connection for foo (#{binary_data.size} bytes)\r\n")
174+ conn = data_server.accept
175+ binary_data.scan(/.{1,1024}/nm) do |s|
176+ conn.print(s)
177+ end
178+ conn.shutdown(Socket::SHUT_WR)
179+ conn.read
180+ conn.close
181+ data_server.close
182+ sock.print("226 Transfer complete.\r\n")
183+ }
184+ begin
185+ begin
186+ ftp = Net::FTP.new
187+ ftp.passive = true
188+ ftp.use_pasv_ip = true
189+ ftp.read_timeout *= 5 if defined?(RubyVM::MJIT) && RubyVM::MJIT.enabled? # for --jit-wait
190+ ftp.connect("127.0.0.1", server.port)
191+ ftp.login
192+ assert_match(/\AUSER /, commands.shift)
193+ assert_match(/\APASS /, commands.shift)
194+ assert_equal("TYPE I\r\n", commands.shift)
195+ buf = ftp.getbinaryfile("foo", nil)
196+ assert_equal(binary_data, buf)
197+ assert_equal(Encoding::ASCII_8BIT, buf.encoding)
198+ assert_equal("PASV\r\n", commands.shift)
199+ assert_equal("RETR foo\r\n", commands.shift)
200+ assert_equal(nil, commands.shift)
201+ ensure
202+ ftp.close if ftp
203+ end
204+ ensure
205+ server.close
206+ end
207+ end
208+
209+ def test_use_pasv_invalid_ip
210+ commands = []
211+ binary_data = (0..0xff).map {|i| i.chr}.join * 4 * 3
212+ server = create_ftp_server(nil, "127.0.0.1") { |sock|
213+ sock.print("220 (test_ftp).\r\n")
214+ commands.push(sock.gets)
215+ sock.print("331 Please specify the password.\r\n")
216+ commands.push(sock.gets)
217+ sock.print("230 Login successful.\r\n")
218+ commands.push(sock.gets)
219+ sock.print("200 Switching to Binary mode.\r\n")
220+ line = sock.gets
221+ commands.push(line)
222+ sock.print("227 Entering Passive Mode (999,0,0,1,48,57).\r\n")
223+ commands.push(sock.gets)
224+ }
225+ begin
226+ begin
227+ ftp = Net::FTP.new
228+ ftp.passive = true
229+ ftp.use_pasv_ip = true
230+ ftp.read_timeout *= 5 if defined?(RubyVM::MJIT) && RubyVM::MJIT.enabled? # for --jit-wait
231+ ftp.connect("127.0.0.1", server.port)
232+ ftp.login
233+ assert_match(/\AUSER /, commands.shift)
234+ assert_match(/\APASS /, commands.shift)
235+ assert_equal("TYPE I\r\n", commands.shift)
236+ assert_raise(SocketError) do
237+ ftp.getbinaryfile("foo", nil)
238+ end
239+ ensure
240+ ftp.close if ftp
241+ end
242+ ensure
243+ server.close
244+ end
245+ end
246+
247 private
248
249- def create_ftp_server(sleep_time = nil)
250- server = TCPServer.new(SERVER_ADDR, 0)
251+ def create_ftp_server(sleep_time = nil, addr = SERVER_ADDR)
252+ server = TCPServer.new(addr, 0)
253 @thread = Thread.start do
254 if sleep_time
255 sleep(sleep_time)
256--
2572.17.1
258
diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch b/meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch
deleted file mode 100644
index b78a74a4b5..0000000000
--- a/meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch
+++ /dev/null
@@ -1,102 +0,0 @@
1From e2ac25d0eb66de99f098d6669cf4f06796aa6256 Mon Sep 17 00:00:00 2001
2From: Shugo Maeda <shugo@ruby-lang.org>
3Date: Tue, 11 May 2021 10:31:27 +0900
4Subject: [PATCH] Fix StartTLS stripping vulnerability
5
6This fixes CVE-2021-32066.
7Reported by Alexandr Savca in <https://hackerone.com/reports/1178562>.
8
9CVE: CVE-2021-32066
10
11Upstream-Status: Backport
12[https://github.com/ruby/ruby/commit/e2ac25d0eb66de99f098d6669cf4f06796aa6256]
13
14Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
15---
16 lib/net/imap.rb | 8 +++++++-
17 test/net/imap/test_imap.rb | 31 +++++++++++++++++++++++++++++++
18 2 files changed, 38 insertions(+), 1 deletion(-)
19
20diff --git a/lib/net/imap.rb b/lib/net/imap.rb
21index 505b4c8950..d45304f289 100644
22--- a/lib/net/imap.rb
23+++ b/lib/net/imap.rb
24@@ -1218,12 +1218,14 @@ def get_tagged_response(tag, cmd)
25 end
26 resp = @tagged_responses.delete(tag)
27 case resp.name
28+ when /\A(?:OK)\z/ni
29+ return resp
30 when /\A(?:NO)\z/ni
31 raise NoResponseError, resp
32 when /\A(?:BAD)\z/ni
33 raise BadResponseError, resp
34 else
35- return resp
36+ raise UnknownResponseError, resp
37 end
38 end
39
40@@ -3719,6 +3721,10 @@ class BadResponseError < ResponseError
41 class ByeResponseError < ResponseError
42 end
43
44+ # Error raised upon an unknown response from the server.
45+ class UnknownResponseError < ResponseError
46+ end
47+
48 RESPONSE_ERRORS = Hash.new(ResponseError)
49 RESPONSE_ERRORS["NO"] = NoResponseError
50 RESPONSE_ERRORS["BAD"] = BadResponseError
51diff --git a/test/net/imap/test_imap.rb b/test/net/imap/test_imap.rb
52index 8b924b524e..85fb71d440 100644
53--- a/test/net/imap/test_imap.rb
54+++ b/test/net/imap/test_imap.rb
55@@ -127,6 +127,16 @@ def test_starttls
56 imap.disconnect
57 end
58 end
59+
60+ def test_starttls_stripping
61+ starttls_stripping_test do |port|
62+ imap = Net::IMAP.new("localhost", :port => port)
63+ assert_raise(Net::IMAP::UnknownResponseError) do
64+ imap.starttls(:ca_file => CA_FILE)
65+ end
66+ imap
67+ end
68+ end
69 end
70
71 def start_server
72@@ -834,6 +844,27 @@ def starttls_test
73 end
74 end
75
76+ def starttls_stripping_test
77+ server = create_tcp_server
78+ port = server.addr[1]
79+ start_server do
80+ sock = server.accept
81+ begin
82+ sock.print("* OK test server\r\n")
83+ sock.gets
84+ sock.print("RUBY0001 BUG unhandled command\r\n")
85+ ensure
86+ sock.close
87+ server.close
88+ end
89+ end
90+ begin
91+ imap = yield(port)
92+ ensure
93+ imap.disconnect if imap && !imap.disconnected?
94+ end
95+ end
96+
97 def create_tcp_server
98 return TCPServer.new(server_addr, 0)
99 end
100--
1012.25.1
102
diff --git a/meta/recipes-devtools/ruby/ruby_3.0.1.bb b/meta/recipes-devtools/ruby/ruby_3.0.3.bb
index a348946972..a781f69534 100644
--- a/meta/recipes-devtools/ruby/ruby_3.0.1.bb
+++ b/meta/recipes-devtools/ruby/ruby_3.0.3.bb
@@ -6,16 +6,13 @@ SRC_URI += " \
6 file://remove_has_include_macros.patch \ 6 file://remove_has_include_macros.patch \
7 file://run-ptest \ 7 file://run-ptest \
8 file://0001-template-Makefile.in-do-not-write-host-cross-cc-item.patch \ 8 file://0001-template-Makefile.in-do-not-write-host-cross-cc-item.patch \
9 file://CVE-2021-31810.patch \
10 file://CVE-2021-32066.patch \
11 file://CVE-2021-31799.patch \
12 file://0003-rdoc-build-reproducible-documentation.patch \ 9 file://0003-rdoc-build-reproducible-documentation.patch \
13 file://0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch \ 10 file://0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch \
14 file://0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch \ 11 file://0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch \
15 file://0006-Make-gemspecs-reproducible.patch \ 12 file://0006-Make-gemspecs-reproducible.patch \
16 " 13 "
17 14
18SRC_URI[sha256sum] = "369825db2199f6aeef16b408df6a04ebaddb664fb9af0ec8c686b0ce7ab77727" 15SRC_URI[sha256sum] = "3586861cb2df56970287f0fd83f274bd92058872d830d15570b36def7f1a92ac"
19 16
20PACKAGECONFIG ??= "" 17PACKAGECONFIG ??= ""
21PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}" 18PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}"
@@ -81,8 +78,6 @@ do_install_ptest () {
81 -i ${D}${PTEST_PATH}/test/erb/test_erb_command.rb 78 -i ${D}${PTEST_PATH}/test/erb/test_erb_command.rb
82 79
83 cp -r ${S}/include ${D}/${libdir}/ruby/ 80 cp -r ${S}/include ${D}/${libdir}/ruby/
84 test_case_rb=`grep rubygems/test_case.rb ${B}/.installed.list`
85 sed -i -e 's:../../../test/:../../../ptest/test/:g' ${D}/$test_case_rb
86} 81}
87 82
88PACKAGES =+ "${PN}-ri-docs ${PN}-rdoc" 83PACKAGES =+ "${PN}-ri-docs ${PN}-rdoc"