Merge branch 'main' into 2.0

Author: jslobodzian

SPECS/emacs/CVE-2025-1244.patch

@@ -0,0 +1,54 @@
+From 820f0793f0b46448928905552726c1f1b999062f Mon Sep 17 00:00:00 2001
+From: Xi Lu <lx@shellcodes.org>
+Date: Tue, 10 Oct 2023 22:20:05 +0800
+Subject: [PATCH] Fix man.el shell injection vulnerability
+
+* lisp/man.el (Man-translate-references): Fix shell injection
+vulnerability.  (Bug#66390)
+* test/lisp/man-tests.el (man-tests-Man-translate-references): New
+test.
+---
+ lisp/man.el            |  6 +++++-
+ test/lisp/man-tests.el | 12 ++++++++++++
+ 2 files changed, 17 insertions(+), 1 deletion(-)
+
+diff --git a/lisp/man.el b/lisp/man.el
+index 55cb9383bec1..d96396483d39 100644
+--- a/lisp/man.el
++++ b/lisp/man.el
+@@ -761,7 +761,11 @@ and the `Man-section-translations-alist' variables)."
+       (setq name (match-string 2 ref)
+ 	    section (match-string 1 ref))))
+     (if (string= name "")
+-	ref				; Return the reference as is
++        ;; see Bug#66390
++	(mapconcat 'identity
++                   (mapcar #'shell-quote-argument
++                           (split-string ref "\\s-+"))
++                   " ")                 ; Return the reference as is
+       (if Man-downcase-section-letters-flag
+ 	  (setq section (downcase section)))
+       (while slist
+diff --git a/test/lisp/man-tests.el b/test/lisp/man-tests.el
+index 140482ee6222..11f5f805e43f 100644
+--- a/test/lisp/man-tests.el
++++ b/test/lisp/man-tests.el
+@@ -161,6 +161,18 @@ DESCRIPTION
+           (let ((button (button-at (match-beginning 0))))
+             (should (and button (eq 'Man-xref-header-file (button-type button))))))))))
+ 
++(ert-deftest man-tests-Man-translate-references ()
++  (should (equal (Man-translate-references "basename")
++                 "basename"))
++  (should (equal (Man-translate-references "basename(3)")
++                 "3 basename"))
++  (should (equal (Man-translate-references "basename(3v)")
++                 "3v basename"))
++  (should (equal (Man-translate-references ";id")
++                 "\\;id"))
++  (should (equal (Man-translate-references "-k basename")
++                 "-k basename")))
++
+ (provide 'man-tests)
+ 
+ ;;; man-tests.el ends here

SPECS/emacs/emacs.spec

@@ -1,13 +1,14 @@
 Summary:        GNU Emacs text editor
 Name:           emacs
 Version:        29.4
-Release:        1%{?dist}
+Release:        2%{?dist}
 License:        GPLv3+ AND CC0-1.0
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
 Group:          Applications/Editors
 URL:            https://www.gnu.org/software/emacs/
 Source0:        https://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.xz
+Patch0:         CVE-2025-1244.patch
 BuildRequires:  gcc
 BuildRequires:  glibc-devel
 BuildRequires:  gnutls-devel
@@ -84,6 +85,9 @@ mkdir -p %{buildroot}%{_datadir}/emacs/site-lisp/site-start.d
 %dir %{_datadir}/emacs/site-lisp/site-start.d
 
 %changelog
+* Sun Feb 16 2025 Kanishk Bansal <kanbansal@microsoft.com> - 29.4-2
+- Apply upstream patch to fix CVE-2025-1244
+
 * Mon Jul 01 2024 Sharath Srikanth Chellappa <sharathsr@microsoft.com> - 29.4-1
 - Upgrade to 29.4 to fix  CVE-2024-39331.
 

SPECS/grpc/CVE-2024-25629.patch

@@ -0,0 +1,31 @@
+From 664fc964bf2dac86c3adbedb5d9d9e0e46d1c79d Mon Sep 17 00:00:00 2001
+From: Sreenivasulu Malavathula <v-smalavathu@microsoft.com>
+Date: Sun, 9 Feb 2025 12:50:08 -0600
+Subject: [PATCH] Address CVE-2024-25629
+
+---
+ third_party/cares/cares/ares__read_line.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/third_party/cares/cares/ares__read_line.c b/third_party/cares/cares/ares__read_line.c
+index c62ad2a2..d6625a38 100644
+--- a/third_party/cares/cares/ares__read_line.c
++++ b/third_party/cares/cares/ares__read_line.c
+@@ -49,6 +49,14 @@ int ares__read_line(FILE *fp, char **buf, size_t *bufsize)
+       if (!fgets(*buf + offset, bytestoread, fp))
+         return (offset != 0) ? 0 : (ferror(fp)) ? ARES_EFILE : ARES_EOF;
+       len = offset + strlen(*buf + offset);
++
++      /* Probably means there was an embedded NULL as the first character in
++       * the line, throw away line */
++      if (len == 0) {
++        offset = 0;
++        continue;
++      }
++
+       if ((*buf)[len - 1] == '\n')
+         {
+           (*buf)[len - 1] = 0;
+--
+2.45.2
+

SPECS/grpc/grpc.spec

@@ -1,7 +1,7 @@
 Summary:        Open source remote procedure call (RPC) framework
 Name:           grpc
 Version:        1.42.0
-Release:        8%{?dist}
+Release:        9%{?dist}
 License:        ASL 2.0
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
@@ -11,6 +11,7 @@ Source0:        https://github.com/grpc/grpc/archive/v%{version}/%{name}-%{versi
 Source1:        %{name}-%{version}-submodules.tar.gz
 
 Patch0:         CVE-2023-32067.patch
+Patch1:         CVE-2024-25629.patch
 BuildRequires:  abseil-cpp-devel
 BuildRequires:  c-ares-devel
 BuildRequires:  cmake
@@ -151,6 +152,9 @@ export GRPC_PYTHON_BUILD_SYSTEM_ABSL=True
 
 
 %changelog
+* Wed Feb 12 2025 Sreeniavsulu Malavathula <v-smalavathu@microsoft.com> - 1.42.0-9
+- Patch to fix CVE-2024-25629.patch in the grpc submodules package
+
 * Mon Dec 10 2024 Ankita Pareek <ankitapareek@microsoft.com> - 1.42.0-8
 - Address CVE-2023-32067 in the grpc submodules package