1 files changed, 26 insertions, 0 deletions

diff --git a/debian/patches/CVE-2022-3650_2_ceph-crash_fix_stderr_handling.patch b/debian/patches/CVE-2022-3650_2_ceph-crash_fix_stderr_handling.patch
new file mode 100644
index 000000000..b49030904
--- /dev/null
+++ b/debian/patches/CVE-2022-3650_2_ceph-crash_fix_stderr_handling.patch
@@ -0,0 +1,26 @@
+Description: CVE-2022-3650: ceph-crash: fix stderr handling
+ Popen.communicate() returns a tuple (stdout, stderr), and stderr
+ will be of type bytes, hence the need to decode it before checking
+ if it's an empty string or not.
+Author: Tim Serong <tserong@suse.com>
+Date: Wed, 2 Nov 2022 14:23:20 +1100
+Bug: a77b47eeeb5770eeefcf4619ab2105ee7a6a003e
+Signed-off-by: Tim Serong <tserong@suse.com>
+Bug-Debian: https://bugs.debian.org/1024932
+Origin: upstream, https://github.com/ceph/ceph/commit/45915540559126a652f8d9d105723584cfc63439
+Last-Update: 2022-11-28
+
+diff --git a/src/ceph-crash.in b/src/ceph-crash.in
+index 0fffd59a96df5..e2a7be59da701 100755
+--- a/src/ceph-crash.in
++++ b/src/ceph-crash.in
+@@ -50,7 +50,8 @@ def post_crash(path):
+             stderr=subprocess.PIPE,
+         )
+         f = open(os.path.join(path, 'meta'), 'rb')
+-        stderr = pr.communicate(input=f.read())
++        (_, stderr) = pr.communicate(input=f.read())
++        stderr = stderr.decode()
+         rc = pr.wait()
+         f.close()
+         if rc != 0 or stderr != "":