diff --git a/SPECS/yasm/CVE-2023-37732.patch b/SPECS/yasm/CVE-2023-37732.patch new file mode 100644 index 00000000000..91c4e15861f --- /dev/null +++ b/SPECS/yasm/CVE-2023-37732.patch @@ -0,0 +1,39 @@ +From a8196f22eccfd6e2b934dfdb4f8dac97d7e6c1f3 Mon Sep 17 00:00:00 2001 +From: akhila-guruju +Date: Wed, 14 May 2025 07:35:12 +0000 +Subject: [PATCH] Address CVE-2023-37732 + +Upstream patch reference: https://github.com/yasm/yasm/commit/2cd3bb50e256f5ed5f611ac611d25fe673f2cec3 + +--- + modules/objfmts/elf/elf.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/modules/objfmts/elf/elf.c b/modules/objfmts/elf/elf.c +index 2486bba..bab4c9c 100644 +--- a/modules/objfmts/elf/elf.c ++++ b/modules/objfmts/elf/elf.c +@@ -482,15 +482,15 @@ elf_symtab_write_to_file(FILE *f, elf_symtab_head *symtab, + + /* get size (if specified); expr overrides stored integer */ + if (entry->xsize) { +- size_intn = yasm_intnum_copy( +- yasm_expr_get_intnum(&entry->xsize, 1)); +- if (!size_intn) { ++ yasm_intnum *intn = yasm_expr_get_intnum(&entry->xsize, 1); ++ if (!intn) { + yasm_error_set(YASM_ERROR_VALUE, + N_("size specifier not an integer expression")); + yasm_errwarn_propagate(errwarns, entry->xsize->line); +- } ++ } else ++ size_intn = yasm_intnum_copy(intn); + } +- else ++ if (!size_intn) + size_intn = yasm_intnum_create_uint(entry->size); + + /* get EQU value for constants */ +-- +2.45.2 + diff --git a/SPECS/yasm/CVE-2023-51258.patch b/SPECS/yasm/CVE-2023-51258.patch new file mode 100644 index 00000000000..6b699aad3dc --- /dev/null +++ b/SPECS/yasm/CVE-2023-51258.patch @@ -0,0 +1,34 @@ +From fd85453926e43073dc785ec0cc02a10fe2dd2794 Mon Sep 17 00:00:00 2001 +From: akhila-guruju +Date: Wed, 14 May 2025 07:13:01 +0000 +Subject: [PATCH] Address CVE-2023-51258 + +Upstream patch reference: https://github.com/yasm/yasm/pull/264/commits/eeee94bfd6dd18af8b1508c1804d93cf20ef44e6 + +--- + modules/preprocs/nasm/nasm-pp.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/modules/preprocs/nasm/nasm-pp.c b/modules/preprocs/nasm/nasm-pp.c +index 27a8cc6..76df757 100644 +--- a/modules/preprocs/nasm/nasm-pp.c ++++ b/modules/preprocs/nasm/nasm-pp.c +@@ -3091,6 +3091,7 @@ do_directive(Token * tline) + { + error(ERR_NONFATAL, "`%s': not defining a macro", + tline->text); ++ free_tlist(origline); + return DIRECTIVE_FOUND; + } + k = hash(defining->name); +@@ -3188,6 +3189,7 @@ do_directive(Token * tline) + { + error(ERR_NONFATAL, "non-constant value given to `%%rep'"); + yasm_expr_destroy(evalresult); ++ free_tlist(origline); + return DIRECTIVE_FOUND; + } + i = (int)yasm_intnum_get_int(intn) + 1; +-- +2.45.2 + diff --git a/SPECS/yasm/yasm.spec b/SPECS/yasm/yasm.spec index 8e89daf4c76..6da9d3eba63 100644 --- a/SPECS/yasm/yasm.spec +++ b/SPECS/yasm/yasm.spec @@ -1,7 +1,7 @@ Summary: Modular Assembler Name: yasm Version: 1.3.0 -Release: 15%{?dist} +Release: 16%{?dist} License: BSD and (GPLv2+ or Artistic or LGPLv2+) and LGPLv2 URL: https://yasm.tortall.net/ Vendor: Microsoft Corporation @@ -10,6 +10,8 @@ Source0: https://www.tortall.net/projects/%{name}/releases/%{name}-%{vers Patch1: 0001-Update-elf-objfmt.c.patch Patch2: CVE-2023-31975.patch Patch3: CVE-2021-33454.patch +Patch4: CVE-2023-51258.patch +Patch5: CVE-2023-37732.patch BuildRequires: gcc BuildRequires: bison @@ -74,6 +76,9 @@ make install DESTDIR=%{buildroot} %changelog +* Wed May 14 2025 Akhila Guruju - 1.3.0-16 +- Patch CVE-2023-51258 and CVE-2023-37732 + * Thu Aug 01 2024 Aditya Dubey - 1.3.0-15 - Apply upstream patch for CVE-2021-33454