[rpms/nasm] rawhide: fix CVE-2026-6067 (resolves rhbz#2458087, rhbz#2458089)

public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed

* [rpms/nasm] rawhide: fix CVE-2026-6067 (resolves rhbz#2458087, rhbz#2458089)
@ 2026-06-04 23:20 Dominik 'Rathann' Mierzejewski
  0 siblings, 0 replies; only message in thread
From: Dominik 'Rathann' Mierzejewski @ 2026-06-04 23:20 UTC (permalink / raw)
  To: git-commits

            A new commit has been pushed.

            Repo   : rpms/nasm
            Branch : rawhide
            Commit : 2d38ec314f6fbe0096fbdae8b356c7af11f12acb
            Author : Dominik 'Rathann' Mierzejewski <dominik@greysector.net>
            Date   : 2026-04-22T23:05:02+02:00
            Stats  : +23/-1 in 2 file(s)
            URL    : https://src.fedoraproject.org/rpms/nasm/c/2d38ec314f6fbe0096fbdae8b356c7af11f12acb?branch=rawhide

            Log:
            fix CVE-2026-6067 (resolves rhbz#2458087, rhbz#2458089)

- patch by Nick Clifton

---
diff --git a/nasm-CVE-2026-6067.patch b/nasm-CVE-2026-6067.patch
new file mode 100644
index 0000000..f86b67a
--- /dev/null
+++ b/nasm-CVE-2026-6067.patch
@@ -0,0 +1,16 @@
+diff -up nasm-3.01/output/outobj.c.orig nasm-3.01/output/outobj.c
+--- nasm-3.01/output/outobj.c.orig	2025-10-11 08:44:05.000000000 +0200
++++ nasm-3.01/output/outobj.c	2026-04-22 22:49:34.013483632 +0200
+@@ -1736,6 +1736,12 @@ obj_directive(enum directive directive,
+                      */
+                     continue;
+                 }
++                if (grp->nentries >= GROUP_MAX)
++                {
++                    /* Issue 203 aka CVE-2026-6067. */
++                    nasm_nonfatal("too many segments in a group");
++                    return DIRR_ERROR;
++                }
+                 for (seg = seghead; seg; seg = seg->next)
+                     if (!strcmp(seg->name, p))
+                         break;

diff --git a/nasm.spec b/nasm.spec
index e96b7df..fa9d33a 100644
--- a/nasm.spec
+++ b/nasm.spec
@@ -9,11 +9,13 @@
 Summary: A portable x86 assembler which uses Intel-like syntax
 Name: nasm
 Version: 3.01
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: BSD-2-Clause
 URL: http://www.nasm.us
 Source0: https://www.nasm.us/pub/nasm/releasebuilds/%{version}/%{name}-%{version}.tar.xz
 Source1: https://www.nasm.us/pub/nasm/releasebuilds/%{version}/%{name}-%{version}-xdoc.tar.xz
+# https://github.com/netwide-assembler/nasm/issues/203
+Patch0: nasm-CVE-2026-6067.patch
 
 BuildRequires: perl(Env)
 BuildRequires: autoconf
@@ -84,6 +86,10 @@ make -C test golden test diff
 %endif
 
 %changelog
+* Wed Apr 22 2026 Dominik Mierzejewski <rpm@greysector.net> - 3.01-3
+- fix CVE-2026-6067 (resolves rhbz#2458087, rhbz#2458089)
+  patch by Nick Clifton
+
 * Fri Jan 16 2026 Fedora Release Engineering <releng@fedoraproject.org> - 3.01-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild
 

^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2026-06-04 23:20 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-06-04 23:20 [rpms/nasm] rawhide: fix CVE-2026-6067 (resolves rhbz#2458087, rhbz#2458089) Dominik 'Rathann' Mierzejewski

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox