reaper: Add patch to address reaper CVE-2024-42459, CVE-2024-42460, CVE-2024-42461 (#10195)

Author: Camelron

SPECS/reaper/CVE-2024-42459.patch

@@ -0,0 +1,58 @@
+From accb61e9c1a005e5c8ff96a8b33893100bb42d11 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Markus=20Schifferm=C3=BCller?=
+ <[email protected]>
+Date: Tue, 13 Aug 2024 22:21:52 -0400
+Subject: [PATCH] lib: DER signature decoding correction
+
+---
+ lib/elliptic/ec/signature.js    | 10 ++++++++++
+ lib/elliptic/eddsa/signature.js |  1 +
+ 2 files changed, 11 insertions(+)
+
+diff --git a/src/ui/node_modules/elliptic/lib/elliptic/ec/signature.js b/src/ui/node_modules/elliptic/lib/elliptic/ec/signature.js
+index 539df6a2..48e3a26f 100644
+--- a/src/ui/node_modules/elliptic/lib/elliptic/ec/signature.js
++++ b/src/ui/node_modules/elliptic/lib/elliptic/ec/signature.js
+@@ -38,6 +38,10 @@ function getLength(buf, p) {
+     return false;
+   }
+ 
++  if(buf[p.place] === 0x00) {
++    return false;
++  }
++
+   var val = 0;
+   for (var i = 0, off = p.place; i < octetLen; i++, off++) {
+     val <<= 8;
+@@ -86,6 +90,9 @@ Signature.prototype._importDER = function _importDER(data, enc) {
+   if (rlen === false) {
+     return false;
+   }
++  if ((data[p.place] & 128) !== 0) {
++    return false;
++  }
+   var r = data.slice(p.place, rlen + p.place);
+   p.place += rlen;
+   if (data[p.place++] !== 0x02) {
+@@ -98,6 +105,9 @@ Signature.prototype._importDER = function _importDER(data, enc) {
+   if (data.length !== slen + p.place) {
+     return false;
+   }
++  if ((data[p.place] & 128) !== 0) {
++    return false;
++  }
+   var s = data.slice(p.place, slen + p.place);
+   if (r[0] === 0) {
+     if (r[1] & 0x80) {
+diff --git a/src/ui/node_modules/elliptic/lib/elliptic/eddsa/signature.js b/src/ui/node_modules/elliptic/lib/elliptic/eddsa/signature.js
+index 30ebc920..b224ad1c 100644
+--- a/src/ui/node_modules/elliptic/lib/elliptic/eddsa/signature.js
++++ b/src/ui/node_modules/elliptic/lib/elliptic/eddsa/signature.js
+@@ -21,6 +21,7 @@ function Signature(eddsa, sig) {
+     sig = parseBytes(sig);
+ 
+   if (Array.isArray(sig)) {
++    assert(sig.length === eddsa.encodingLength * 2, 'Signature has invalid size');
+     sig = {
+       R: sig.slice(0, eddsa.encodingLength),
+       S: sig.slice(eddsa.encodingLength),

SPECS/reaper/CVE-2024-42460.nopatch

@@ -0,0 +1 @@
+# Addressed as part of CVE-2024-42459.patch

SPECS/reaper/CVE-2024-42461.nopatch

@@ -0,0 +1 @@
+# Addressed as part of CVE-2024-42459.patch

SPECS/reaper/reaper.spec

@@ -6,7 +6,7 @@
 Summary:        Reaper for cassandra is a tool for running Apache Cassandra repairs against single or multi-site clusters.
 Name:           reaper
 Version:        3.1.1
-Release:        10%{?dist}
+Release:        11%{?dist}
 License:        ASL 2.0
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
@@ -35,6 +35,7 @@ Source7:        reaper-local-n-%{version}-%{local_n_release}.tar.gz
 Patch0:         CVE-2024-37890.patch
 Patch1:         CVE-2023-42282.patch
 Patch2:         CVE-2017-18214.patch
+Patch3:         CVE-2024-42459.patch
 BuildRequires:  git
 BuildRequires:  javapackages-tools
 BuildRequires:  maven
@@ -171,6 +172,10 @@ fi
 %{_unitdir}/cassandra-%{name}.service
 
 %changelog
+* Tue Aug 20 2024 Cameron Baird <[email protected]> - 3.1.1-11
+- Introduce DER-signature-decoding-correction.patch to address CVE-2024-42459,
+- CVE-2024-42460, CVE-2024-42461
+
 * Tue Jul 09 2024 Pawel Winogrodzki <[email protected]> - 3.1.1-10
 - Patching CVE-2024-37890, CVE-2023-42282, and CVE-2017-18214.