Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Patch coredns for CVE-2025-22868 [High] #12720

Open
wants to merge 1 commit into
base: fasttrack/3.0
Choose a base branch
from
Open

Patch coredns for CVE-2025-22868 [High] #12720

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 38 additions & 0 deletions SPECS/coredns/CVE-2025-22868.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
From 681b4d8edca1bcfea5bce685d77ea7b82ed3e7b3 Mon Sep 17 00:00:00 2001
From: Neal Patel <nealpatel@google.com>
Date: Thu, 30 Jan 2025 14:10:09 -0500
Subject: [PATCH] jws: split token into fixed number of parts

Thanks to 'jub0bs' for reporting this issue.

Fixes #71490
Fixes CVE-2025-22868

Change-Id: I2552731f46d4907f29aafe7863c558387b6bd6e2
Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/652155
Auto-Submit: Gopher Robot <gobot@golang.org>
Reviewed-by: Damien Neil <dneil@google.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
---
vendor/golang.org/x/oauth2/jws/jws.go | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/vendor/golang.org/x/oauth2/jws/jws.go b/vendor/golang.org/x/oauth2/jws/jws.go
index 95015648b..6f03a49d3 100644
--- a/vendor/golang.org/x/oauth2/jws/jws.go
+++ b/vendor/golang.org/x/oauth2/jws/jws.go
@@ -165,11 +165,11 @@ func Encode(header *Header, c *ClaimSet, key *rsa.PrivateKey) (string, error) {
// Verify tests whether the provided JWT token's signature was produced by the private key
// associated with the supplied public key.
func Verify(token string, key *rsa.PublicKey) error {
- parts := strings.Split(token, ".")
- if len(parts) != 3 {
+ if strings.Count(token, ".") != 2 {
return errors.New("jws: invalid token received, token must have 3 parts")
}

+ parts := strings.SplitN(token, ".", 3)
signedContent := parts[0] + "." + parts[1]
signatureString, err := base64.RawURLEncoding.DecodeString(parts[2])
if err != nil {
6 changes: 5 additions & 1 deletion SPECS/coredns/coredns.spec
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
Summary: Fast and flexible DNS server
Name: coredns
Version: 1.11.1
Release: 3%{?dist}
Release: 4%{?dist}
License: Apache License 2.0
Vendor: Microsoft Corporation
Distribution: Azure Linux
Expand Down Expand Up @@ -37,6 +37,7 @@ Patch3: CVE-2024-22189.patch
Patch4: CVE-2023-45288.patch
Patch5: CVE-2024-0874.patch
Patch6: CVE-2024-24786.patch
Patch7: CVE-2025-22868.patch

BuildRequires: golang >= 1.12

Expand Down Expand Up @@ -65,6 +66,9 @@ install -p -m 755 -t %{buildroot}%{_bindir} %{name}
%{_bindir}/%{name}

%changelog
* Mon Mar 03 2025 Kanishk Bansal <kanbansal@microsoft.com> - 1.11.1-4
- Fix CVE-2025-22868 with an upstream patch

* Mon Nov 25 2024 Bala <balakumaran.kannan@microsoft.com> - 1.11.1-3
- Fix CVE-2024-24786

Expand Down
Loading