From patchwork Fri May 19 17:04:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 6888 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4QNCrb05mLz3wlM for ; Fri, 19 May 2023 17:05:03 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4QNCrX00K7z1Zs; Fri, 19 May 2023 17:04:59 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4QNCrW497vz30Kg; Fri, 19 May 2023 17:04:59 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4QNCrV04kFz2y0B for ; Fri, 19 May 2023 17:04:58 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4QNCrT5HyHzkT; Fri, 19 May 2023 17:04:57 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1684515897; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=7hG7MLzhk3oovJPJevHZZ1J7BQpBtn/a1vOuHFBawb8=; b=zkMl+oXGQcZrNcYqhy6B1zUF0Mx/O60VRswy4BRiTyzcb+G7mxz0RggJnaFyHSIT4cj8xZ k+lBxScnE5HJK0CA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1684515897; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=7hG7MLzhk3oovJPJevHZZ1J7BQpBtn/a1vOuHFBawb8=; b=CjVH2P/yu1vnpQEwL2bvcSpYpEuxhFU4O9VIsBvuFuAOM7KlEUE7PeBOZfAAH109k5D4Bg cZHgpxXtHi+JD8cjL6tNBEfwMQrXqlgg2tx7EGc5jcdyVUECYOiu4G9Wymy5jPaN8I2QeP 5+xyqh2C/RUYzLTubQjOt89gd1LafR9w3G85CW8W5lJYP60+RFaooAkG/oycW0Ok2fdp4d hTq4X7LanCLwZoPjyYM3o6n/RlW2Ll2pjVM/KweAJdHUMRqo+XluLNAMHEMaYxelgX3U6Q D+k99JKk7l5aSYYbeUDDFDCesGuKRJEjmYD/R3qCXwwkMtwyNT662N6hJwOFVA== From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH] minidlna: Update to version 1.3.2 Date: Fri, 19 May 2023 19:04:48 +0200 Message-Id: <20230519170452.3469866-2-adolf.belka@ipfire.org> In-Reply-To: <20230519170452.3469866-1-adolf.belka@ipfire.org> References: <20230519170452.3469866-1-adolf.belka@ipfire.org> MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" - Update from version 1.3.0 to 1.3.2 - Update of rootfile not required - Patch for CVE-2022-26505 is now built into the source tarball - Changelog 1.3.2 - Released 30-Aug-2022 - Improved DNS rebinding attack protection. - Added Samsung Neo QLED series (2021) support. - Added webm/rm/rmvb support. 1.3.1 - Released 11-Feb-2022 - Fixed a potential crash in SSDP request parsing. - Fixed a configure script failure on some platforms. - Protect against DNS rebinding attacks. - Fix an socket leakage issue on some platforms. - Minor bug fixes. Signed-off-by: Adolf Belka --- lfs/minidlna | 7 ++- ...x-DNS-rebinding-issue-CVE-2022-26505.patch | 44 ------------------- 2 files changed, 3 insertions(+), 48 deletions(-) delete mode 100644 src/patches/minidlna-1.3.0-fix-DNS-rebinding-issue-CVE-2022-26505.patch diff --git a/lfs/minidlna b/lfs/minidlna index 1ef104743..d0422c08a 100644 --- a/lfs/minidlna +++ b/lfs/minidlna @@ -26,7 +26,7 @@ include Config SUMMARY = DLNA compatible server -VER = 1.3.0 +VER = 1.3.2 THISAPP = minidlna-$(VER) DL_FILE = minidlna-$(VER).tar.gz @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = minidlna -PAK_VER = 12 +PAK_VER = 13 DEPS = ffmpeg flac libexif libid3tag libogg @@ -50,7 +50,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 3574d48ee63f8c391d1beac653587b87460522178d9f100fe4b0e49f33398b8e527ee74af02d5ea36b23338f7ac73ef3c177edae6be8eed24e94f9db5c8323b0 +$(DL_FILE)_BLAKE2 = e35266be94e4585f399c80a6909318ce973d443506f6becdacdb00802ed0ce060ebf8401ff1b5dfef0b451f609d98f805c80b9a0c87e23d14084338047418620 install : $(TARGET) @@ -84,7 +84,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) $(UPDATE_AUTOMAKE) - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/minidlna-1.3.0-fix-DNS-rebinding-issue-CVE-2022-26505.patch cd $(DIR_APP) && ./configure --prefix=/usr cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE) cd $(DIR_APP) && make install diff --git a/src/patches/minidlna-1.3.0-fix-DNS-rebinding-issue-CVE-2022-26505.patch b/src/patches/minidlna-1.3.0-fix-DNS-rebinding-issue-CVE-2022-26505.patch deleted file mode 100644 index c28425811..000000000 --- a/src/patches/minidlna-1.3.0-fix-DNS-rebinding-issue-CVE-2022-26505.patch +++ /dev/null @@ -1,44 +0,0 @@ ---- minidlna-1.3.0/upnphttp.c.orig 2020-11-24 19:53:50.000000000 +0100 -+++ minidlna-1.3.0/upnphttp.c 2022-04-30 12:59:23.432073807 +0200 -@@ -273,6 +273,11 @@ - p = colon + 1; - while(isspace(*p)) - p++; -+ n = 0; -+ while(p[n] >= ' ') -+ n++; -+ h->req_Host = p; -+ h->req_HostLen = n; - for(n = 0; n < n_lan_addr; n++) - { - for(i = 0; lan_addr[n].str[i]; i++) -@@ -909,6 +914,18 @@ - } - - DPRINTF(E_DEBUG, L_HTTP, "HTTP REQUEST: %.*s\n", h->req_buflen, h->req_buf); -+ if(h->req_Host && h->req_HostLen > 0) { -+ const char *ptr = h->req_Host; -+ DPRINTF(E_MAXDEBUG, L_HTTP, "Host: %.*s\n", h->req_HostLen, h->req_Host); -+ for(i = 0; i < h->req_HostLen; i++) { -+ if(*ptr != ':' && *ptr != '.' && (*ptr > '9' || *ptr < '0')) { -+ DPRINTF(E_ERROR, L_HTTP, "DNS rebinding attack suspected (Host: %.*s)", h->req_HostLen, h->req_Host); -+ Send404(h);/* 403 */ -+ return; -+ } -+ ptr++; -+ } -+ } - if(strcmp("POST", HttpCommand) == 0) - { - h->req_command = EPost; ---- minidlna-1.3.0/upnphttp.h.orig 2020-11-24 19:53:50.000000000 +0100 -+++ minidlna-1.3.0/upnphttp.h 2022-04-30 13:00:22.619152312 +0200 -@@ -89,6 +89,8 @@ - struct client_cache_s * req_client; - const char * req_soapAction; - int req_soapActionLen; -+ const char * req_Host; /* Host: header */ -+ int req_HostLen; - const char * req_Callback; /* For SUBSCRIBE */ - int req_CallbackLen; - const char * req_NT;