From e722121ba7ecdbed85f1cc0f2e95cefb24d95d54 Mon Sep 17 00:00:00 2001 From: Azure Linux Security Servicing Account Date: Thu, 12 Feb 2026 18:36:41 +0000 Subject: [PATCH 1/4] Patch netavark for CVE-2026-25541 --- SPECS/netavark/CVE-2026-25541.patch | 107 ++++++++++++++++++++++++++++ SPECS/netavark/netavark.spec | 6 +- 2 files changed, 112 insertions(+), 1 deletion(-) create mode 100644 SPECS/netavark/CVE-2026-25541.patch diff --git a/SPECS/netavark/CVE-2026-25541.patch b/SPECS/netavark/CVE-2026-25541.patch new file mode 100644 index 00000000000..53af3597176 --- /dev/null +++ b/SPECS/netavark/CVE-2026-25541.patch @@ -0,0 +1,107 @@ +From eac0ec6e37e65707bf5c171206d880e206c5dad3 Mon Sep 17 00:00:00 2001 +From: AllSpark +Date: Thu, 12 Feb 2026 18:27:10 +0000 +Subject: [PATCH] vendor/bytes: check overflow in new_cap + offset and add test + +- Add miri.sh run with wrapping overflow +- Always check overflow in new_cap + offset during reserve and use computed value +- Update debug asserts and pointer math to use existing offset +- Add test to repro integer overflow in reserve + +Signed-off-by: AllSpark +Signed-off-by: rpm-build +Upstream-reference: AI Backport of https://github.com/tokio-rs/bytes/commit/d0293b0e35838123c51ca5dfdf468ecafee4398f.patch +--- + vendor/bytes/ci/miri.sh | 4 ++++ + vendor/bytes/src/bytes_mut.rs | 17 ++++++++--------- + vendor/bytes/tests/test_bytes.rs | 14 ++++++++++++++ + 3 files changed, 26 insertions(+), 9 deletions(-) + +diff --git a/vendor/bytes/ci/miri.sh b/vendor/bytes/ci/miri.sh +index 0158756..da597a6 100755 +--- a/vendor/bytes/ci/miri.sh ++++ b/vendor/bytes/ci/miri.sh +@@ -9,3 +9,7 @@ export MIRIFLAGS="-Zmiri-strict-provenance" + + cargo miri test + cargo miri test --target mips64-unknown-linux-gnuabi64 ++ ++ ++# run with wrapping integer overflow instead of panic ++cargo miri test --release +diff --git a/vendor/bytes/src/bytes_mut.rs b/vendor/bytes/src/bytes_mut.rs +index c5c2e52..74c0302 100644 +--- a/vendor/bytes/src/bytes_mut.rs ++++ b/vendor/bytes/src/bytes_mut.rs +@@ -668,9 +668,11 @@ impl BytesMut { + + let offset = offset_from(self.ptr.as_ptr(), ptr); + ++ let new_cap_plus_offset = new_cap.checked_add(offset).expect("overflow"); ++ + // Compare the condition in the `kind == KIND_VEC` case above + // for more details. +- if v_capacity >= new_cap + offset { ++ if v_capacity >= new_cap_plus_offset { + self.cap = new_cap; + // no copy is necessary + } else if v_capacity >= new_cap && offset >= len { +@@ -683,14 +685,11 @@ impl BytesMut { + self.ptr = vptr(ptr); + self.cap = v.capacity(); + } else { +- // calculate offset +- let off = (self.ptr.as_ptr() as usize) - (v.as_ptr() as usize); +- + // new_cap is calculated in terms of `BytesMut`, not the underlying + // `Vec`, so it does not take the offset into account. + // + // Thus we have to manually add it here. +- new_cap = new_cap.checked_add(off).expect("overflow"); ++ new_cap = new_cap_plus_offset; + + // The vector capacity is not sufficient. The reserve request is + // asking for more than the initial buffer capacity. Allocate more +@@ -712,13 +711,13 @@ impl BytesMut { + // the unused capacity of the vector is copied over to the new + // allocation, so we need to ensure that we don't have any data we + // care about in the unused capacity before calling `reserve`. +- debug_assert!(off + len <= v.capacity()); +- v.set_len(off + len); ++ debug_assert!(offset + len <= v.capacity()); ++ v.set_len(offset + len); + v.reserve(new_cap - v.len()); + + // Update the info +- self.ptr = vptr(v.as_mut_ptr().add(off)); +- self.cap = v.capacity() - off; ++ self.ptr = vptr(v.as_mut_ptr().add(offset)); ++ self.cap = v.capacity() - offset; + } + + return; +diff --git a/vendor/bytes/tests/test_bytes.rs b/vendor/bytes/tests/test_bytes.rs +index 5ec60a5..95fbcda 100644 +--- a/vendor/bytes/tests/test_bytes.rs ++++ b/vendor/bytes/tests/test_bytes.rs +@@ -1208,3 +1208,17 @@ fn test_bytes_capacity_len() { + } + } + } ++ ++#[test] ++#[should_panic] ++fn bytes_mut_reserve_overflow() { ++ let mut a = BytesMut::from(&b"hello world"[..]); ++ let mut b = a.split_off(5); ++ // Ensure b becomes the unique owner of the backing storage ++ drop(a); ++ // Trigger overflow in new_cap + offset inside reserve ++ b.reserve(usize::MAX - 6); ++ // This call relies on the corrupted cap and may cause UB & HBO ++ b.put_u8(b'h'); ++} ++ +-- +2.45.4 + diff --git a/SPECS/netavark/netavark.spec b/SPECS/netavark/netavark.spec index 03236861d88..7477e85aafa 100644 --- a/SPECS/netavark/netavark.spec +++ b/SPECS/netavark/netavark.spec @@ -11,7 +11,7 @@ Name: netavark Version: 1.10.3 -Release: 5%{?dist} +Release: 6%{?dist} Summary: OCI network stack License: ASL 2.0 and BSD and MIT Vendor: Microsoft Corporation @@ -19,6 +19,7 @@ Distribution: Azure Linux URL: https://github.com/containers/%{name} Source0: %{url}/archive/%{built_tag}/%{version}.tar.gz#/%{name}-%{version}.tar.gz Source1: %{url}/releases/download/%{built_tag}/%{name}-%{built_tag}-vendor.tar.gz +Patch0: CVE-2026-25541.patch BuildRequires: cargo < 1.85.0 BuildRequires: make BuildRequires: protobuf-c @@ -225,6 +226,9 @@ popd %{_unitdir}/%{name}-firewalld-reload.service %changelog +* Thu Feb 12 2026 Azure Linux Security Servicing Account - 1.10.3-6 +- Patch for CVE-2026-25541 + * Mon Feb 02 2026 Archana Shettigar - 1.10.3-5 - Bump release to rebuild with rust From d36ceeedc02b7265422596d367908302ae034f36 Mon Sep 17 00:00:00 2001 From: Archana Shettigar Date: Mon, 16 Feb 2026 14:52:29 +0530 Subject: [PATCH 2/4] Fix build failure in netavark --- SPECS/netavark/CVE-2026-25541.patch | 9 +++++++++ SPECS/netavark/netavark.spec | 6 ++++-- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/SPECS/netavark/CVE-2026-25541.patch b/SPECS/netavark/CVE-2026-25541.patch index 53af3597176..eaa470b0e05 100644 --- a/SPECS/netavark/CVE-2026-25541.patch +++ b/SPECS/netavark/CVE-2026-25541.patch @@ -12,11 +12,20 @@ Signed-off-by: AllSpark Signed-off-by: rpm-build Upstream-reference: AI Backport of https://github.com/tokio-rs/bytes/commit/d0293b0e35838123c51ca5dfdf468ecafee4398f.patch --- + vendor/bytes/.cargo-checksum.json | 2 +- vendor/bytes/ci/miri.sh | 4 ++++ vendor/bytes/src/bytes_mut.rs | 17 ++++++++--------- vendor/bytes/tests/test_bytes.rs | 14 ++++++++++++++ 3 files changed, 26 insertions(+), 9 deletions(-) +diff --git a/vendor/bytes/.cargo-checksum.json b/vendor/bytes/.cargo-checksum.json +index 68aa59e..14d2c55 100644 +--- a/vendor/bytes/.cargo-checksum.json ++++ b/vendor/bytes/.cargo-checksum.json +@@ -1 +1 @@ +-{"files":{"CHANGELOG.md":"acf98bf37a6f854e120b17b0117de8d11e31ceeffd06e69f5a8a50559a5c7822","Cargo.toml":"5e3195d94510bb4d78c001af60576812491a0d2d2f72a9411e9d8ab54ccd3927","LICENSE":"45f522cacecb1023856e46df79ca625dfc550c94910078bd8aec6e02880b3d42","README.md":"c1b2b54999d4829f9f64fb41cbdf05a72d565be0dd078a8633d34631147498a1","benches/buf.rs":"72e6b6120b52d568da068f17c66a793d65602e400c595778581b63092e41d8dc","benches/bytes.rs":"f8cc255be7e8afedf6ade95cd529d105c537c5ec51110d46d470a26b497afa05","benches/bytes_mut.rs":"1326fe6224b26826228e02b4133151e756f38152c2d9cfe66adf83af76c3ec98","ci/miri.sh":"1ee54575b55a0e495e52ca1a934beed674bc8f375f03c4cfc3e81d221ec4fe98","ci/test-stable.sh":"57dd709bc25a20103ee85e24965566900817b2e603f067fb1251a5c03e4b1d93","ci/tsan.sh":"466b86b19225dd26c756cf2252cb1973f87a145642c99364b462ed7ceb55c7dd","clippy.toml":"8522f448dfa3b33ac334ce47d233ebb6b58e8ae115e45107a64fc1b4510fe560","src/buf/buf_impl.rs":"68e493fbf585af6e30990be73ac7fda133f626665ac0a49470426ca824f41254","src/buf/buf_mut.rs":"f167024c569fa47d6b413d68ddb6a6d07b72a0297e0f40f7dc4bbfe2b33048b9","src/buf/chain.rs":"46ec16a7cc370374218c2621ad738df77d95b25216099900ad9195a08a234375","src/buf/iter.rs":"6b44b0b397112f6bcb892103c02a24113963fd8da110c0e0adb91201bf5b3caa","src/buf/limit.rs":"e005ba140b70f68654877c96b981a220477e415ff5c92438c1b0cb9bc866d872","src/buf/mod.rs":"19ff6fb7e19cba3884bc3f1a50ef20117dbc807f6d146ed355f42344a74fdf44","src/buf/reader.rs":"856c1e7129a1eceaa3c8f9ed4da8c3b5e1cc267eeffa99fa8f7c56c5ca7834d1","src/buf/take.rs":"a897e79bf579391227816973b2aa1f1d63614bd48bc029d9371f61607dcfa23f","src/buf/uninit_slice.rs":"54756e79617685f3e805ae1dd51e5b8197791161169a18ee1d96e3158dc748fa","src/buf/vec_deque.rs":"8d552c26ac6ce28a471f74c388e4749432e86b1d8f5a9759b9fc32a2549d395f","src/buf/writer.rs":"c92b5f8b9b42e2e784de474c987fe4ac50af4b5c51ac9548d19a54e8ac9ff521","src/bytes.rs":"0207c4d88e3a91022548d11b2ac5a80f6f9662e6acb2142ca1a00d9b3b9dd9c9","src/bytes_mut.rs":"a4d4c5f8b8502cd3650f938433365b7a7989d8bc4f60b436d21a37f1ed13ffa1","src/fmt/debug.rs":"97b23cfa1d2701fa187005421302eeb260e635cd4f9a9e02b044ff89fcc8b8ad","src/fmt/hex.rs":"13755ec6f1b79923e1f1a05c51b179a38c03c40bb8ed2db0210e8901812e61e7","src/fmt/mod.rs":"176da4e359da99b8e5cf16e480cb7b978f574876827f1b9bb9c08da4d74ac0f5","src/lib.rs":"7d64ad302f99d982b39ea59ea84f9ab1c872935e5f5a8390b29ed08890d5dd61","src/loom.rs":"eb3f577d8cce39a84155c241c4dc308f024631f02085833f7fe9f0ea817bcea9","src/serde.rs":"3ecd7e828cd4c2b7db93c807cb1548fad209e674df493edf7cda69a7b04d405d","tests/test_buf.rs":"a7be350258f0433cfb9ba9e4583d6bb356c964ac34a781f586fd78fbd2c4bb02","tests/test_buf_mut.rs":"5589ce30cb35f8bb4163870d6de14aa67c2209bbd6ba547222d6008297e04a99","tests/test_bytes.rs":"b2fc06ab0f03372972e2b87c6e5d5a6ca91eb8886edbe2a0169ae689ec1be863","tests/test_bytes_odd_alloc.rs":"aeb7a86bf8b31f67b6f453399f3649e0d3878247debc1325d98e66201b1da15f","tests/test_bytes_vec_alloc.rs":"dd7e3c3a71abcfdcad7e3b2f52a6bd106ad6ea0d4bc634372e81dae097233cf0","tests/test_chain.rs":"e9f094539bb42b3135f50033c44122a6b44cf0f953e51e8b488f43243f1e7f10","tests/test_debug.rs":"13299107172809e8cbbd823964ac9450cd0d6b6de79f2e6a2e0f44b9225a0593","tests/test_iter.rs":"c1f46823df26a90139645fd8728a03138edd95b2849dfec830452a80ddd9726d","tests/test_reader.rs":"bf83669d4e0960dad6aa47b46a9a454814fab626eb83572aba914c3d71618f43","tests/test_serde.rs":"2691f891796ba259de0ecf926de05c514f4912cc5fcd3e6a1591efbcd23ed4d0","tests/test_take.rs":"db01bf6855097f318336e90d12c0725a92cee426d330e477a6bd1d32dac34a27"},"package":"a2bd12c1caf447e69cd4528f47f94d203fd2582878ecb9e9465484c4148a8223"} +\ No newline at end of file ++{"files":{"CHANGELOG.md":"acf98bf37a6f854e120b17b0117de8d11e31ceeffd06e69f5a8a50559a5c7822","Cargo.toml":"5e3195d94510bb4d78c001af60576812491a0d2d2f72a9411e9d8ab54ccd3927","LICENSE":"45f522cacecb1023856e46df79ca625dfc550c94910078bd8aec6e02880b3d42","README.md":"c1b2b54999d4829f9f64fb41cbdf05a72d565be0dd078a8633d34631147498a1","benches/buf.rs":"72e6b6120b52d568da068f17c66a793d65602e400c595778581b63092e41d8dc","benches/bytes.rs":"f8cc255be7e8afedf6ade95cd529d105c537c5ec51110d46d470a26b497afa05","benches/bytes_mut.rs":"1326fe6224b26826228e02b4133151e756f38152c2d9cfe66adf83af76c3ec98","ci/miri.sh":"f17b158f694fc1355ae2314a536ea147c2f6fef0cb3e7ac232557738a6123c60","ci/test-stable.sh":"57dd709bc25a20103ee85e24965566900817b2e603f067fb1251a5c03e4b1d93","ci/tsan.sh":"466b86b19225dd26c756cf2252cb1973f87a145642c99364b462ed7ceb55c7dd","clippy.toml":"8522f448dfa3b33ac334ce47d233ebb6b58e8ae115e45107a64fc1b4510fe560","src/buf/buf_impl.rs":"68e493fbf585af6e30990be73ac7fda133f626665ac0a49470426ca824f41254","src/buf/buf_mut.rs":"f167024c569fa47d6b413d68ddb6a6d07b72a0297e0f40f7dc4bbfe2b33048b9","src/buf/chain.rs":"46ec16a7cc370374218c2621ad738df77d95b25216099900ad9195a08a234375","src/buf/iter.rs":"6b44b0b397112f6bcb892103c02a24113963fd8da110c0e0adb91201bf5b3caa","src/buf/limit.rs":"e005ba140b70f68654877c96b981a220477e415ff5c92438c1b0cb9bc866d872","src/buf/mod.rs":"19ff6fb7e19cba3884bc3f1a50ef20117dbc807f6d146ed355f42344a74fdf44","src/buf/reader.rs":"856c1e7129a1eceaa3c8f9ed4da8c3b5e1cc267eeffa99fa8f7c56c5ca7834d1","src/buf/take.rs":"a897e79bf579391227816973b2aa1f1d63614bd48bc029d9371f61607dcfa23f","src/buf/uninit_slice.rs":"54756e79617685f3e805ae1dd51e5b8197791161169a18ee1d96e3158dc748fa","src/buf/vec_deque.rs":"8d552c26ac6ce28a471f74c388e4749432e86b1d8f5a9759b9fc32a2549d395f","src/buf/writer.rs":"c92b5f8b9b42e2e784de474c987fe4ac50af4b5c51ac9548d19a54e8ac9ff521","src/bytes.rs":"0207c4d88e3a91022548d11b2ac5a80f6f9662e6acb2142ca1a00d9b3b9dd9c9","src/bytes_mut.rs":"c3e3d60f4f764a6c2da50cfb21f25ca804f2d9dfa56d7edf3da75a8cbcfca4f5","src/fmt/debug.rs":"97b23cfa1d2701fa187005421302eeb260e635cd4f9a9e02b044ff89fcc8b8ad","src/fmt/hex.rs":"13755ec6f1b79923e1f1a05c51b179a38c03c40bb8ed2db0210e8901812e61e7","src/fmt/mod.rs":"176da4e359da99b8e5cf16e480cb7b978f574876827f1b9bb9c08da4d74ac0f5","src/lib.rs":"7d64ad302f99d982b39ea59ea84f9ab1c872935e5f5a8390b29ed08890d5dd61","src/loom.rs":"eb3f577d8cce39a84155c241c4dc308f024631f02085833f7fe9f0ea817bcea9","src/serde.rs":"3ecd7e828cd4c2b7db93c807cb1548fad209e674df493edf7cda69a7b04d405d","tests/test_buf.rs":"a7be350258f0433cfb9ba9e4583d6bb356c964ac34a781f586fd78fbd2c4bb02","tests/test_buf_mut.rs":"5589ce30cb35f8bb4163870d6de14aa67c2209bbd6ba547222d6008297e04a99","tests/test_bytes.rs":"c8f35e8954d4c519d2c07c32e108e9751adcb7c3034a9618d2f47a22b2df1503","tests/test_bytes_odd_alloc.rs":"aeb7a86bf8b31f67b6f453399f3649e0d3878247debc1325d98e66201b1da15f","tests/test_bytes_vec_alloc.rs":"dd7e3c3a71abcfdcad7e3b2f52a6bd106ad6ea0d4bc634372e81dae097233cf0","tests/test_chain.rs":"e9f094539bb42b3135f50033c44122a6b44cf0f953e51e8b488f43243f1e7f10","tests/test_debug.rs":"13299107172809e8cbbd823964ac9450cd0d6b6de79f2e6a2e0f44b9225a0593","tests/test_iter.rs":"c1f46823df26a90139645fd8728a03138edd95b2849dfec830452a80ddd9726d","tests/test_reader.rs":"bf83669d4e0960dad6aa47b46a9a454814fab626eb83572aba914c3d71618f43","tests/test_serde.rs":"2691f891796ba259de0ecf926de05c514f4912cc5fcd3e6a1591efbcd23ed4d0","tests/test_take.rs":"db01bf6855097f318336e90d12c0725a92cee426d330e477a6bd1d32dac34a27"},"package":"a2bd12c1caf447e69cd4528f47f94d203fd2582878ecb9e9465484c4148a8223"} diff --git a/vendor/bytes/ci/miri.sh b/vendor/bytes/ci/miri.sh index 0158756..da597a6 100755 --- a/vendor/bytes/ci/miri.sh diff --git a/SPECS/netavark/netavark.spec b/SPECS/netavark/netavark.spec index 7477e85aafa..2342e2b5396 100644 --- a/SPECS/netavark/netavark.spec +++ b/SPECS/netavark/netavark.spec @@ -194,11 +194,11 @@ Its features include: * Support for container DNS resolution via aardvark-dns. %prep -%autosetup -Sgit -n %{name}-%{built_tag_strip} +%autosetup -N -n %{name}-%{built_tag_strip} tar fx %{SOURCE1} mkdir -p .cargo -cat >.cargo/config << EOF +cat > .cargo/config.toml << 'EOF' [source.crates-io] replace-with = "vendored-sources" @@ -206,6 +206,8 @@ replace-with = "vendored-sources" directory = "vendor" EOF +patch -p1 < %{_sourcedir}/CVE-2026-25541.patch +`` %build %{__make} build From 54fa1f87991c6d6e893c3702f7d3cbabc5bcbfa9 Mon Sep 17 00:00:00 2001 From: Archana Shettigar Date: Thu, 19 Feb 2026 14:46:55 +0530 Subject: [PATCH 3/4] Updating patch as per upstream --- SPECS/netavark/CVE-2026-25541.patch | 36 +++++++++++++++-------------- 1 file changed, 19 insertions(+), 17 deletions(-) diff --git a/SPECS/netavark/CVE-2026-25541.patch b/SPECS/netavark/CVE-2026-25541.patch index eaa470b0e05..6446c0a8e33 100644 --- a/SPECS/netavark/CVE-2026-25541.patch +++ b/SPECS/netavark/CVE-2026-25541.patch @@ -11,12 +11,13 @@ Subject: [PATCH] vendor/bytes: check overflow in new_cap + offset and add test Signed-off-by: AllSpark Signed-off-by: rpm-build Upstream-reference: AI Backport of https://github.com/tokio-rs/bytes/commit/d0293b0e35838123c51ca5dfdf468ecafee4398f.patch + --- vendor/bytes/.cargo-checksum.json | 2 +- - vendor/bytes/ci/miri.sh | 4 ++++ - vendor/bytes/src/bytes_mut.rs | 17 ++++++++--------- - vendor/bytes/tests/test_bytes.rs | 14 ++++++++++++++ - 3 files changed, 26 insertions(+), 9 deletions(-) + vendor/bytes/ci/miri.sh | 3 +++ + vendor/bytes/src/bytes_mut.rs | 22 +++++++++++++++-------- + vendor/bytes/tests/test_bytes.rs | 13 +++++++++++++ + 4 files changed, 31 insertions(+), 9 deletions(-) diff --git a/vendor/bytes/.cargo-checksum.json b/vendor/bytes/.cargo-checksum.json index 68aa59e..14d2c55 100644 @@ -25,28 +26,30 @@ index 68aa59e..14d2c55 100644 @@ -1 +1 @@ -{"files":{"CHANGELOG.md":"acf98bf37a6f854e120b17b0117de8d11e31ceeffd06e69f5a8a50559a5c7822","Cargo.toml":"5e3195d94510bb4d78c001af60576812491a0d2d2f72a9411e9d8ab54ccd3927","LICENSE":"45f522cacecb1023856e46df79ca625dfc550c94910078bd8aec6e02880b3d42","README.md":"c1b2b54999d4829f9f64fb41cbdf05a72d565be0dd078a8633d34631147498a1","benches/buf.rs":"72e6b6120b52d568da068f17c66a793d65602e400c595778581b63092e41d8dc","benches/bytes.rs":"f8cc255be7e8afedf6ade95cd529d105c537c5ec51110d46d470a26b497afa05","benches/bytes_mut.rs":"1326fe6224b26826228e02b4133151e756f38152c2d9cfe66adf83af76c3ec98","ci/miri.sh":"1ee54575b55a0e495e52ca1a934beed674bc8f375f03c4cfc3e81d221ec4fe98","ci/test-stable.sh":"57dd709bc25a20103ee85e24965566900817b2e603f067fb1251a5c03e4b1d93","ci/tsan.sh":"466b86b19225dd26c756cf2252cb1973f87a145642c99364b462ed7ceb55c7dd","clippy.toml":"8522f448dfa3b33ac334ce47d233ebb6b58e8ae115e45107a64fc1b4510fe560","src/buf/buf_impl.rs":"68e493fbf585af6e30990be73ac7fda133f626665ac0a49470426ca824f41254","src/buf/buf_mut.rs":"f167024c569fa47d6b413d68ddb6a6d07b72a0297e0f40f7dc4bbfe2b33048b9","src/buf/chain.rs":"46ec16a7cc370374218c2621ad738df77d95b25216099900ad9195a08a234375","src/buf/iter.rs":"6b44b0b397112f6bcb892103c02a24113963fd8da110c0e0adb91201bf5b3caa","src/buf/limit.rs":"e005ba140b70f68654877c96b981a220477e415ff5c92438c1b0cb9bc866d872","src/buf/mod.rs":"19ff6fb7e19cba3884bc3f1a50ef20117dbc807f6d146ed355f42344a74fdf44","src/buf/reader.rs":"856c1e7129a1eceaa3c8f9ed4da8c3b5e1cc267eeffa99fa8f7c56c5ca7834d1","src/buf/take.rs":"a897e79bf579391227816973b2aa1f1d63614bd48bc029d9371f61607dcfa23f","src/buf/uninit_slice.rs":"54756e79617685f3e805ae1dd51e5b8197791161169a18ee1d96e3158dc748fa","src/buf/vec_deque.rs":"8d552c26ac6ce28a471f74c388e4749432e86b1d8f5a9759b9fc32a2549d395f","src/buf/writer.rs":"c92b5f8b9b42e2e784de474c987fe4ac50af4b5c51ac9548d19a54e8ac9ff521","src/bytes.rs":"0207c4d88e3a91022548d11b2ac5a80f6f9662e6acb2142ca1a00d9b3b9dd9c9","src/bytes_mut.rs":"a4d4c5f8b8502cd3650f938433365b7a7989d8bc4f60b436d21a37f1ed13ffa1","src/fmt/debug.rs":"97b23cfa1d2701fa187005421302eeb260e635cd4f9a9e02b044ff89fcc8b8ad","src/fmt/hex.rs":"13755ec6f1b79923e1f1a05c51b179a38c03c40bb8ed2db0210e8901812e61e7","src/fmt/mod.rs":"176da4e359da99b8e5cf16e480cb7b978f574876827f1b9bb9c08da4d74ac0f5","src/lib.rs":"7d64ad302f99d982b39ea59ea84f9ab1c872935e5f5a8390b29ed08890d5dd61","src/loom.rs":"eb3f577d8cce39a84155c241c4dc308f024631f02085833f7fe9f0ea817bcea9","src/serde.rs":"3ecd7e828cd4c2b7db93c807cb1548fad209e674df493edf7cda69a7b04d405d","tests/test_buf.rs":"a7be350258f0433cfb9ba9e4583d6bb356c964ac34a781f586fd78fbd2c4bb02","tests/test_buf_mut.rs":"5589ce30cb35f8bb4163870d6de14aa67c2209bbd6ba547222d6008297e04a99","tests/test_bytes.rs":"b2fc06ab0f03372972e2b87c6e5d5a6ca91eb8886edbe2a0169ae689ec1be863","tests/test_bytes_odd_alloc.rs":"aeb7a86bf8b31f67b6f453399f3649e0d3878247debc1325d98e66201b1da15f","tests/test_bytes_vec_alloc.rs":"dd7e3c3a71abcfdcad7e3b2f52a6bd106ad6ea0d4bc634372e81dae097233cf0","tests/test_chain.rs":"e9f094539bb42b3135f50033c44122a6b44cf0f953e51e8b488f43243f1e7f10","tests/test_debug.rs":"13299107172809e8cbbd823964ac9450cd0d6b6de79f2e6a2e0f44b9225a0593","tests/test_iter.rs":"c1f46823df26a90139645fd8728a03138edd95b2849dfec830452a80ddd9726d","tests/test_reader.rs":"bf83669d4e0960dad6aa47b46a9a454814fab626eb83572aba914c3d71618f43","tests/test_serde.rs":"2691f891796ba259de0ecf926de05c514f4912cc5fcd3e6a1591efbcd23ed4d0","tests/test_take.rs":"db01bf6855097f318336e90d12c0725a92cee426d330e477a6bd1d32dac34a27"},"package":"a2bd12c1caf447e69cd4528f47f94d203fd2582878ecb9e9465484c4148a8223"} \ No newline at end of file -+{"files":{"CHANGELOG.md":"acf98bf37a6f854e120b17b0117de8d11e31ceeffd06e69f5a8a50559a5c7822","Cargo.toml":"5e3195d94510bb4d78c001af60576812491a0d2d2f72a9411e9d8ab54ccd3927","LICENSE":"45f522cacecb1023856e46df79ca625dfc550c94910078bd8aec6e02880b3d42","README.md":"c1b2b54999d4829f9f64fb41cbdf05a72d565be0dd078a8633d34631147498a1","benches/buf.rs":"72e6b6120b52d568da068f17c66a793d65602e400c595778581b63092e41d8dc","benches/bytes.rs":"f8cc255be7e8afedf6ade95cd529d105c537c5ec51110d46d470a26b497afa05","benches/bytes_mut.rs":"1326fe6224b26826228e02b4133151e756f38152c2d9cfe66adf83af76c3ec98","ci/miri.sh":"f17b158f694fc1355ae2314a536ea147c2f6fef0cb3e7ac232557738a6123c60","ci/test-stable.sh":"57dd709bc25a20103ee85e24965566900817b2e603f067fb1251a5c03e4b1d93","ci/tsan.sh":"466b86b19225dd26c756cf2252cb1973f87a145642c99364b462ed7ceb55c7dd","clippy.toml":"8522f448dfa3b33ac334ce47d233ebb6b58e8ae115e45107a64fc1b4510fe560","src/buf/buf_impl.rs":"68e493fbf585af6e30990be73ac7fda133f626665ac0a49470426ca824f41254","src/buf/buf_mut.rs":"f167024c569fa47d6b413d68ddb6a6d07b72a0297e0f40f7dc4bbfe2b33048b9","src/buf/chain.rs":"46ec16a7cc370374218c2621ad738df77d95b25216099900ad9195a08a234375","src/buf/iter.rs":"6b44b0b397112f6bcb892103c02a24113963fd8da110c0e0adb91201bf5b3caa","src/buf/limit.rs":"e005ba140b70f68654877c96b981a220477e415ff5c92438c1b0cb9bc866d872","src/buf/mod.rs":"19ff6fb7e19cba3884bc3f1a50ef20117dbc807f6d146ed355f42344a74fdf44","src/buf/reader.rs":"856c1e7129a1eceaa3c8f9ed4da8c3b5e1cc267eeffa99fa8f7c56c5ca7834d1","src/buf/take.rs":"a897e79bf579391227816973b2aa1f1d63614bd48bc029d9371f61607dcfa23f","src/buf/uninit_slice.rs":"54756e79617685f3e805ae1dd51e5b8197791161169a18ee1d96e3158dc748fa","src/buf/vec_deque.rs":"8d552c26ac6ce28a471f74c388e4749432e86b1d8f5a9759b9fc32a2549d395f","src/buf/writer.rs":"c92b5f8b9b42e2e784de474c987fe4ac50af4b5c51ac9548d19a54e8ac9ff521","src/bytes.rs":"0207c4d88e3a91022548d11b2ac5a80f6f9662e6acb2142ca1a00d9b3b9dd9c9","src/bytes_mut.rs":"c3e3d60f4f764a6c2da50cfb21f25ca804f2d9dfa56d7edf3da75a8cbcfca4f5","src/fmt/debug.rs":"97b23cfa1d2701fa187005421302eeb260e635cd4f9a9e02b044ff89fcc8b8ad","src/fmt/hex.rs":"13755ec6f1b79923e1f1a05c51b179a38c03c40bb8ed2db0210e8901812e61e7","src/fmt/mod.rs":"176da4e359da99b8e5cf16e480cb7b978f574876827f1b9bb9c08da4d74ac0f5","src/lib.rs":"7d64ad302f99d982b39ea59ea84f9ab1c872935e5f5a8390b29ed08890d5dd61","src/loom.rs":"eb3f577d8cce39a84155c241c4dc308f024631f02085833f7fe9f0ea817bcea9","src/serde.rs":"3ecd7e828cd4c2b7db93c807cb1548fad209e674df493edf7cda69a7b04d405d","tests/test_buf.rs":"a7be350258f0433cfb9ba9e4583d6bb356c964ac34a781f586fd78fbd2c4bb02","tests/test_buf_mut.rs":"5589ce30cb35f8bb4163870d6de14aa67c2209bbd6ba547222d6008297e04a99","tests/test_bytes.rs":"c8f35e8954d4c519d2c07c32e108e9751adcb7c3034a9618d2f47a22b2df1503","tests/test_bytes_odd_alloc.rs":"aeb7a86bf8b31f67b6f453399f3649e0d3878247debc1325d98e66201b1da15f","tests/test_bytes_vec_alloc.rs":"dd7e3c3a71abcfdcad7e3b2f52a6bd106ad6ea0d4bc634372e81dae097233cf0","tests/test_chain.rs":"e9f094539bb42b3135f50033c44122a6b44cf0f953e51e8b488f43243f1e7f10","tests/test_debug.rs":"13299107172809e8cbbd823964ac9450cd0d6b6de79f2e6a2e0f44b9225a0593","tests/test_iter.rs":"c1f46823df26a90139645fd8728a03138edd95b2849dfec830452a80ddd9726d","tests/test_reader.rs":"bf83669d4e0960dad6aa47b46a9a454814fab626eb83572aba914c3d71618f43","tests/test_serde.rs":"2691f891796ba259de0ecf926de05c514f4912cc5fcd3e6a1591efbcd23ed4d0","tests/test_take.rs":"db01bf6855097f318336e90d12c0725a92cee426d330e477a6bd1d32dac34a27"},"package":"a2bd12c1caf447e69cd4528f47f94d203fd2582878ecb9e9465484c4148a8223"} ++{"files":{"CHANGELOG.md":"acf98bf37a6f854e120b17b0117de8d11e31ceeffd06e69f5a8a50559a5c7822","Cargo.toml":"5e3195d94510bb4d78c001af60576812491a0d2d2f72a9411e9d8ab54ccd3927","LICENSE":"45f522cacecb1023856e46df79ca625dfc550c94910078bd8aec6e02880b3d42","README.md":"c1b2b54999d4829f9f64fb41cbdf05a72d565be0dd078a8633d34631147498a1","benches/buf.rs":"72e6b6120b52d568da068f17c66a793d65602e400c595778581b63092e41d8dc","benches/bytes.rs":"f8cc255be7e8afedf6ade95cd529d105c537c5ec51110d46d470a26b497afa05","benches/bytes_mut.rs":"1326fe6224b26826228e02b4133151e756f38152c2d9cfe66adf83af76c3ec98","ci/miri.sh":"b74d80448f1631b76521be77553eff3eba70d516c218fd6994e201034d7fe175","ci/test-stable.sh":"57dd709bc25a20103ee85e24965566900817b2e603f067fb1251a5c03e4b1d93","ci/tsan.sh":"466b86b19225dd26c756cf2252cb1973f87a145642c99364b462ed7ceb55c7dd","clippy.toml":"8522f448dfa3b33ac334ce47d233ebb6b58e8ae115e45107a64fc1b4510fe560","src/buf/buf_impl.rs":"68e493fbf585af6e30990be73ac7fda133f626665ac0a49470426ca824f41254","src/buf/buf_mut.rs":"f167024c569fa47d6b413d68ddb6a6d07b72a0297e0f40f7dc4bbfe2b33048b9","src/buf/chain.rs":"46ec16a7cc370374218c2621ad738df77d95b25216099900ad9195a08a234375","src/buf/iter.rs":"6b44b0b397112f6bcb892103c02a24113963fd8da110c0e0adb91201bf5b3caa","src/buf/limit.rs":"e005ba140b70f68654877c96b981a220477e415ff5c92438c1b0cb9bc866d872","src/buf/mod.rs":"19ff6fb7e19cba3884bc3f1a50ef20117dbc807f6d146ed355f42344a74fdf44","src/buf/reader.rs":"856c1e7129a1eceaa3c8f9ed4da8c3b5e1cc267eeffa99fa8f7c56c5ca7834d1","src/buf/take.rs":"a897e79bf579391227816973b2aa1f1d63614bd48bc029d9371f61607dcfa23f","src/buf/uninit_slice.rs":"54756e79617685f3e805ae1dd51e5b8197791161169a18ee1d96e3158dc748fa","src/buf/vec_deque.rs":"8d552c26ac6ce28a471f74c388e4749432e86b1d8f5a9759b9fc32a2549d395f","src/buf/writer.rs":"c92b5f8b9b42e2e784de474c987fe4ac50af4b5c51ac9548d19a54e8ac9ff521","src/bytes.rs":"0207c4d88e3a91022548d11b2ac5a80f6f9662e6acb2142ca1a00d9b3b9dd9c9","src/bytes_mut.rs":"f05460b43bfca126812c3b26fa68847106f8ce8f52875dc6164c7fcced699ade","src/fmt/debug.rs":"97b23cfa1d2701fa187005421302eeb260e635cd4f9a9e02b044ff89fcc8b8ad","src/fmt/hex.rs":"13755ec6f1b79923e1f1a05c51b179a38c03c40bb8ed2db0210e8901812e61e7","src/fmt/mod.rs":"176da4e359da99b8e5cf16e480cb7b978f574876827f1b9bb9c08da4d74ac0f5","src/lib.rs":"7d64ad302f99d982b39ea59ea84f9ab1c872935e5f5a8390b29ed08890d5dd61","src/loom.rs":"eb3f577d8cce39a84155c241c4dc308f024631f02085833f7fe9f0ea817bcea9","src/serde.rs":"3ecd7e828cd4c2b7db93c807cb1548fad209e674df493edf7cda69a7b04d405d","tests/test_buf.rs":"a7be350258f0433cfb9ba9e4583d6bb356c964ac34a781f586fd78fbd2c4bb02","tests/test_buf_mut.rs":"5589ce30cb35f8bb4163870d6de14aa67c2209bbd6ba547222d6008297e04a99","tests/test_bytes.rs":"17106a375d6a54f9b5911f6da15bb5c86488d0a9594a38db0a434b62fafb0488","tests/test_bytes_odd_alloc.rs":"aeb7a86bf8b31f67b6f453399f3649e0d3878247debc1325d98e66201b1da15f","tests/test_bytes_vec_alloc.rs":"dd7e3c3a71abcfdcad7e3b2f52a6bd106ad6ea0d4bc634372e81dae097233cf0","tests/test_chain.rs":"e9f094539bb42b3135f50033c44122a6b44cf0f953e51e8b488f43243f1e7f10","tests/test_debug.rs":"13299107172809e8cbbd823964ac9450cd0d6b6de79f2e6a2e0f44b9225a0593","tests/test_iter.rs":"c1f46823df26a90139645fd8728a03138edd95b2849dfec830452a80ddd9726d","tests/test_reader.rs":"bf83669d4e0960dad6aa47b46a9a454814fab626eb83572aba914c3d71618f43","tests/test_serde.rs":"2691f891796ba259de0ecf926de05c514f4912cc5fcd3e6a1591efbcd23ed4d0","tests/test_take.rs":"db01bf6855097f318336e90d12c0725a92cee426d330e477a6bd1d32dac34a27"},"package":"a2bd12c1caf447e69cd4528f47f94d203fd2582878ecb9e9465484c4148a8223"} diff --git a/vendor/bytes/ci/miri.sh b/vendor/bytes/ci/miri.sh -index 0158756..da597a6 100755 +index 0158756..161d581 100755 --- a/vendor/bytes/ci/miri.sh +++ b/vendor/bytes/ci/miri.sh -@@ -9,3 +9,7 @@ export MIRIFLAGS="-Zmiri-strict-provenance" +@@ -9,3 +9,6 @@ export MIRIFLAGS="-Zmiri-strict-provenance" cargo miri test cargo miri test --target mips64-unknown-linux-gnuabi64 + -+ +# run with wrapping integer overflow instead of panic +cargo miri test --release diff --git a/vendor/bytes/src/bytes_mut.rs b/vendor/bytes/src/bytes_mut.rs -index c5c2e52..74c0302 100644 +index c5c2e52..1de43ae 100644 --- a/vendor/bytes/src/bytes_mut.rs +++ b/vendor/bytes/src/bytes_mut.rs -@@ -668,9 +668,11 @@ impl BytesMut { +@@ -668,9 +668,14 @@ impl BytesMut { let offset = offset_from(self.ptr.as_ptr(), ptr); -+ let new_cap_plus_offset = new_cap.checked_add(offset).expect("overflow"); ++ let new_cap_plus_offset = match new_cap.checked_add(offset) { ++ Some(new_cap_plus_offset) => new_cap_plus_offset, ++ None => panic!("overflow"), ++ }; + // Compare the condition in the `kind == KIND_VEC` case above // for more details. @@ -55,13 +58,13 @@ index c5c2e52..74c0302 100644 self.cap = new_cap; // no copy is necessary } else if v_capacity >= new_cap && offset >= len { -@@ -683,14 +685,11 @@ impl BytesMut { +@@ -683,14 +689,12 @@ impl BytesMut { self.ptr = vptr(ptr); self.cap = v.capacity(); } else { - // calculate offset - let off = (self.ptr.as_ptr() as usize) - (v.as_ptr() as usize); -- + // new_cap is calculated in terms of `BytesMut`, not the underlying // `Vec`, so it does not take the offset into account. // @@ -71,7 +74,7 @@ index c5c2e52..74c0302 100644 // The vector capacity is not sufficient. The reserve request is // asking for more than the initial buffer capacity. Allocate more -@@ -712,13 +711,13 @@ impl BytesMut { +@@ -712,13 +719,13 @@ impl BytesMut { // the unused capacity of the vector is copied over to the new // allocation, so we need to ensure that we don't have any data we // care about in the unused capacity before calling `reserve`. @@ -90,10 +93,10 @@ index c5c2e52..74c0302 100644 return; diff --git a/vendor/bytes/tests/test_bytes.rs b/vendor/bytes/tests/test_bytes.rs -index 5ec60a5..95fbcda 100644 +index 5ec60a5..5f81ea3 100644 --- a/vendor/bytes/tests/test_bytes.rs +++ b/vendor/bytes/tests/test_bytes.rs -@@ -1208,3 +1208,17 @@ fn test_bytes_capacity_len() { +@@ -1208,3 +1208,16 @@ fn test_bytes_capacity_len() { } } } @@ -110,7 +113,6 @@ index 5ec60a5..95fbcda 100644 + // This call relies on the corrupted cap and may cause UB & HBO + b.put_u8(b'h'); +} -+ -- 2.45.4 From 36f3d93e75ad4551dee53f8bdca934b077521762 Mon Sep 17 00:00:00 2001 From: Archana Shettigar Date: Mon, 9 Mar 2026 12:56:08 +0530 Subject: [PATCH 4/4] Updating netavark spec file --- SPECS/netavark/netavark.spec | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/SPECS/netavark/netavark.spec b/SPECS/netavark/netavark.spec index 2342e2b5396..0c4f69596ec 100644 --- a/SPECS/netavark/netavark.spec +++ b/SPECS/netavark/netavark.spec @@ -194,11 +194,10 @@ Its features include: * Support for container DNS resolution via aardvark-dns. %prep -%autosetup -N -n %{name}-%{built_tag_strip} -tar fx %{SOURCE1} +%autosetup -p1 -n %{name}-%{built_tag_strip} -a 1 mkdir -p .cargo -cat > .cargo/config.toml << 'EOF' +cat >.cargo/config << EOF [source.crates-io] replace-with = "vendored-sources" @@ -206,8 +205,6 @@ replace-with = "vendored-sources" directory = "vendor" EOF -patch -p1 < %{_sourcedir}/CVE-2026-25541.patch -`` %build %{__make} build