cyrus-sasl: CVE-2022-24407 failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands

Source: https://github.com/cyrusimap/cyrus-sasl MR: 118497 Type: Security Fix Disposition: Backport from https://github.com/cyrusimap/cyrus-sasl/commit/9eff746c9daecbcc0041b09a5a51ba30738cdcbc ChangeID: 4736aae2b7d8986787b1666cfd6eecd590915120 Description: CVE-2022-24407 cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands. Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Hitendra Prajapati <hprajapati@mvista.com> 2022-07-05 09:41:54 +0530
committer: Armin Kuster <akuster808@gmail.com> 2022-07-09 12:09:42 -0700
commit: e5b177aea4e1fe7607bd87fb8566a3c6e5ec1a57 (patch)
tree: e172c053d29b80b595fcab8b3e3cda153127ed2d
parent: bf2822d59919c729d388d3c2a4c6d72b309969f5 (diff)
download: meta-openembedded-e5b177aea4e1fe7607bd87fb8566a3c6e5ec1a57.tar.gz
2 files changed, 28 insertions, 0 deletions
diff --git a/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl/CVE-2022-24407.patch b/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl/CVE-2022-24407.patch
new file mode 100644
index 0000000000..3d67f47414
--- /dev/null
+++ b/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl/CVE-2022-24407.patch
@@ -0,0 +1,27 @@
+From 078f98ea154475d953ce5b7cd851732f4dc270a7 Mon Sep 17 00:00:00 2001
+From: Hitendra Prajapati <hprajapati@mvista.com>
+Date: Tue, 5 Jul 2022 09:31:07 +0530
+Subject: [PATCH] CVE-2022-24407
+Upstream-Status: Backport [https://github.com/cyrusimap/cyrus-sasl/commit/9eff746c9daecbcc0041b09a5a51ba30738cdcbc]
+CVE: CVE-2022-24407
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ plugins/sql.c | 1 +
+ 1 file changed, 1 insertion(+)
+diff --git a/plugins/sql.c b/plugins/sql.c
+index 6ac81c2f..d90dbac9 100644
+--- a/plugins/sql.c
+++ b/plugins/sql.c
+@@ -1127,6 +1127,7 @@ static int sql_auxprop_lookup(void *glob_context,
+   done:
+     if (escap_userid) sparams->utils->free(escap_userid);
+     if (escap_realm) sparams->utils->free(escap_realm);
+    if (escap_passwd) sparams->utils->free(escap_passwd);
+     if (conn) settings->sql_engine->sql_close(conn);
+     if (userid) sparams->utils->free(userid);
+     if (realm) sparams->utils->free(realm);
+-- 
+2.25.1
diff --git a/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.28.bb b/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.28.bb
index 98899dfd5e..e344733ef4 100644
--- a/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.28.bb
+++ b/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.28.bb
@@ -14,6 +14,7 @@ SRC_URI = "git://github.com/cyrusimap/cyrus-sasl;protocol=https;branch=cyrus-sas
           file://saslauthd.service \
           file://saslauthd.conf \
           file://CVE-2019-19906.patch \
+           file://CVE-2022-24407.patch \
           "
 UPSTREAM_CHECK_URI = "https://github.com/cyrusimap/cyrus-sasl/archives"
author	Hitendra Prajapati <hprajapati@mvista.com>	2022-07-05 09:41:54 +0530
committer	Armin Kuster <akuster808@gmail.com>	2022-07-09 12:09:42 -0700
commit	e5b177aea4e1fe7607bd87fb8566a3c6e5ec1a57 (patch)
tree	e172c053d29b80b595fcab8b3e3cda153127ed2d
parent	bf2822d59919c729d388d3c2a4c6d72b309969f5 (diff)
download	meta-openembedded-e5b177aea4e1fe7607bd87fb8566a3c6e5ec1a57.tar.gz

diff --git a/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl/CVE-2022-24407.patch b/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl/CVE-2022-24407.patch new file mode 100644 index 0000000000..3d67f47414 --- /dev/null +++ b/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl/CVE-2022-24407.patch
@@ -0,0 +1,27 @@
		1	From 078f98ea154475d953ce5b7cd851732f4dc270a7 Mon Sep 17 00:00:00 2001
		2	From: Hitendra Prajapati <hprajapati@mvista.com>
		3	Date: Tue, 5 Jul 2022 09:31:07 +0530
		4	Subject: [PATCH] CVE-2022-24407
		5
		6	Upstream-Status: Backport [https://github.com/cyrusimap/cyrus-sasl/commit/9eff746c9daecbcc0041b09a5a51ba30738cdcbc]
		7	CVE: CVE-2022-24407
		8	Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
		9	---
		10	plugins/sql.c \| 1 +
		11	1 file changed, 1 insertion(+)
		12
		13	diff --git a/plugins/sql.c b/plugins/sql.c
		14	index 6ac81c2f..d90dbac9 100644
		15	--- a/plugins/sql.c
		16	+++ b/plugins/sql.c
		17	@@ -1127,6 +1127,7 @@ static int sql_auxprop_lookup(void *glob_context,
		18	done:
		19	if (escap_userid) sparams->utils->free(escap_userid);
		20	if (escap_realm) sparams->utils->free(escap_realm);
		21	+ if (escap_passwd) sparams->utils->free(escap_passwd);
		22	if (conn) settings->sql_engine->sql_close(conn);
		23	if (userid) sparams->utils->free(userid);
		24	if (realm) sparams->utils->free(realm);
		25	--
		26	2.25.1
		27


diff --git a/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.28.bb b/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.28.bb index 98899dfd5e..e344733ef4 100644 --- a/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.28.bb +++ b/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.28.bb
@@ -14,6 +14,7 @@ SRC_URI = "git://github.com/cyrusimap/cyrus-sasl;protocol=https;branch=cyrus-sas
14	file://saslauthd.service \	14	file://saslauthd.service \
15	file://saslauthd.conf \	15	file://saslauthd.conf \
16	file://CVE-2019-19906.patch \	16	file://CVE-2019-19906.patch \
		17	file://CVE-2022-24407.patch \
17	"	18	"
18		19
19	UPSTREAM_CHECK_URI = "https://github.com/cyrusimap/cyrus-sasl/archives"	20	UPSTREAM_CHECK_URI = "https://github.com/cyrusimap/cyrus-sasl/archives"