CVE-2022-28805.patch

@@ -1,17 +0,0 @@
-From: Roberto Ierusalimschy <roberto@inf.puc-rio.br>
-Date: Tue, 15 Feb 2022 12:28:46 -0300
-Subject: [PATCH] Bug: Lua can generate wrong code when _ENV is <const>
-Debian-Bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010265
-
-Origin: https://github.com/lua/lua/commit/1f3c6f4534c6411313361697d98d1145a1f030fa
-
---- a/vendor/lua/src/lparser.c
-+++ b/vendor/lua/src/lparser.c
-@@ -468,6 +468,7 @@
-     expdesc key;
-     singlevaraux(fs, ls->envn, var, 1);  /* get environment variable */
-     lua_assert(var->k != VVOID);  /* this one must exist */
-+    luaK_exp2anyregup(fs, var);  /* but could be a constant */
-     codestring(&key, varname);  /* key is variable name */
-     luaK_indexed(fs, var, &key);  /* env[varname] */
-   }

fix-leak-in-config-reload.patch

@@ -1,37 +0,0 @@
-From b4db7c3855c22c5b6cfcbabffd760e1808144e2e Mon Sep 17 00:00:00 2001
-From: dormando <dormando@rydia.net>
-Date: Sun, 10 Mar 2024 10:17:24 -0700
-Subject: [PATCH] proxy: fix leak in config reload
-
-- config reload loads the code from disk, then dumps it into an internal
-  binary blob
-- that binary blob is loaded from memory into each worker thread
-- that temporary blob wasn't being freed
-
-if you have large initial lua and reload every second for hours on end
-you'd leak a few megs of ram
-
----
- proxy_config.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/proxy_config.c b/proxy_config.c
-index cfe43b1..65e7e3a 100644
---- a/proxy_config.c
-+++ b/proxy_config.c
-@@ -240,6 +240,12 @@ int proxy_load_config(void *arg) {
-     db->buf = malloc(db->size);
-     lua_dump(L, _dump_helper, db, 0);
-     // 0 means no error.
-+    if (ctx->proxy_code) {
-+        struct _dumpbuf *old = ctx->proxy_code;
-+        free(old->buf);
-+        free(old);
-+        ctx->proxy_code = NULL;
-+    }
-     ctx->proxy_code = db;
- 
-     // now we complete the data load by calling the function.
--- 
-2.27.0
-

fix-potential-memory-corruption.patch

@@ -1,57 +0,0 @@
-From 4ff4e8169c5f73e37a17df482916752bc0b17d1f Mon Sep 17 00:00:00 2001
-From: dormando <dormando@rydia.net>
-Date: Thu, 21 Mar 2024 12:41:01 -0700
-Subject: [PATCH] crawler: fix potential memory corruption
-
-if the client closes during the finalization stages of the dump we can
-crash attempting to write a final END/EN to the client buffer.
-
----
- crawler.c | 17 +++++++++++------
- 1 file changed, 11 insertions(+), 6 deletions(-)
-
-diff --git a/crawler.c b/crawler.c
-index e360081..a56538b 100644
---- a/crawler.c
-+++ b/crawler.c
-@@ -291,9 +291,11 @@ static void crawler_metadump_eval(crawler_module_t *cm, item *it, uint32_t hv, i
- 
- static void crawler_metadump_finalize(crawler_module_t *cm) {
-     if (cm->c.c != NULL) {
--        lru_crawler_write(&cm->c); // empty the write buffer
--        memcpy(cm->c.buf, "END\r\n", 5);
--        cm->c.bufused += 5;
-+        // flush any pending data.
-+        if (lru_crawler_write(&cm->c) == 0) {
-+            memcpy(cm->c.buf, "END\r\n", 5);
-+            cm->c.bufused += 5;
-+        }
-     }
- }
- 
-@@ -328,9 +330,11 @@ static void crawler_mgdump_eval(crawler_module_t *cm, item *it, uint32_t hv, int
- 
- static void crawler_mgdump_finalize(crawler_module_t *cm) {
-     if (cm->c.c != NULL) {
--        lru_crawler_write(&cm->c); // empty the write buffer
--        memcpy(cm->c.buf, "EN\r\n", 4);
--        cm->c.bufused += 4;
-+        // flush any pending data.
-+        if (lru_crawler_write(&cm->c) == 0) {
-+            memcpy(cm->c.buf, "EN\r\n", 4);
-+            cm->c.bufused += 4;
-+        }
-     }
- }
- 
-@@ -350,6 +354,7 @@ static int lru_crawler_write(crawler_client_t *c) {
- 
-         if (ret < 0) {
-             // fatal.
-+            lru_crawler_close_client(c);
-             return -1;
-         }
- 
--- 
-2.27.0
-

memcached.spec

@@ -6,20 +6,17 @@
 %bcond_with tests
 
 Name:          memcached
-Version:       1.6.22
+Version:       1.6.12
-Release:       4
+Release:       2
 Epoch:         0
 Summary:       A high-performance, distributed memory object caching system
-License:       BSD-3-Clause
+License:       GPL-2.0+
 URL:           https://www.memcached.org/
 Source0:       https://www.memcached.org/files/memcached-%{version}.tar.gz
 Source1:       https://releases.pagure.org/memcached-selinux/memcached-selinux-1.0.2.tar.gz
 Source2:       memcached.sysconfig
 
 Patch0001:     memcached-unit.patch
-Patch0002:     fix-leak-in-config-reload.patch
-Patch0003:     fix-potential-memory-corruption.patch
-Patch0004:     CVE-2022-28805.patch
 
 BuildRequires: systemd perl-generators perl(Test::More) perl(Test::Harness)
 BuildRequires: selinux-policy-devel libevent-devel make gcc
@@ -65,9 +62,6 @@ optimised for use with this version of memcached.
 %prep
 %setup -q -b 1
 %patch1 -p1 -b .unit
-%patch2 -p1 -b .reload
-%patch3 -p1 -b .corruption
-%patch4 -p1
 
 %build
 %configure \
@@ -150,21 +144,6 @@ fi
 %{_mandir}/man1/memcached.1*
 
 %changelog
-* Mon Jan 06 2025 yaoxin <1024769339@qq.com> - 0:1.6.22-4
-- Fix for lua CVE-2022-28805
-
-* Fri Jun 21 2024 yanshuai <yanshuai01@kylinos.cn> - 0:1.6.22-3
-- crawler: fix potential memory corruption
-
-* Thu Jun 06 2024 yanshuai <yanshuai01@kylinos.cn> - 0:1.6.22-2
-- proxy: fix leak in config reload
-
-* Thu Nov 02 2023 wangkai <13474090681@163.com> - 0:1.6.22-1
-- Update to 1.6.22 for fix CVE-2023-46852,CVE-2023-46853
-
-* Wed Apr 19 2023 xu_ping <707078654@qq.com> - 0:1.6.19-1
-- upgrade to 1.6.19
-
 * Mon Jan 10 2022 xu_ping <xuping33@huawei.com> - 0:1.6.12-2
 - Use policycoreutils-python3 to fix install failed