[Medium] Patch ceph to fix CVE-2012-6708

Author: kevin-b-lockwood

SPECS/ceph/CVE-2012-6708.patch

@@ -0,0 +1,28 @@
+From c993d7d4b9ddb5d9dcb0c4120f798730aacfff0a Mon Sep 17 00:00:00 2001
+From: Kevin Lockwood <[email protected]>
+Date: Mon, 13 Jan 2025 14:53:54 -0800
+Subject: [PATCH] Adjust jQuery('html') detection to only match when html
+ starts with '<' (not counting space characters). Fixes #11290.
+
+Source: https://github.com/jquery/jquery/commit/05531fc4080ae24070930d15ae0cea7ae056457d.patch
+---
+ qa/workunits/erasure-code/jquery.js | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/qa/workunits/erasure-code/jquery.js b/qa/workunits/erasure-code/jquery.js
+index 8c24ffc61..45c208837 100644
+--- a/qa/workunits/erasure-code/jquery.js
++++ b/qa/workunits/erasure-code/jquery.js
+@@ -56,7 +56,8 @@ var
+ 
+ 	// A simple way to check for HTML strings
+ 	// Prioritize #id over <tag> to avoid XSS via location.hash (#9521)
+-	rquickExpr = /^(?:[^#<]*(<[\w\W]+>)[^>]*$|#([\w\-]*)$)/,
++	// Strict HTML recognition (#11290: must start with <)
++	rquickExpr = /^(?:(<[\w\W]+>)[^>]*|#([\w-]*))$/,
+ 
+ 	// Match a standalone tag
+ 	rsingleTag = /^<(\w+)\s*\/?>(?:<\/\1>|)$/,
+-- 
+2.34.1
+

SPECS/ceph/ceph.spec

@@ -17,6 +17,7 @@ Patch2:         CVE-2024-52338.patch
 Patch3:         CVE-2014-5461.patch
 Patch4:         CVE-2020-22217.patch
 Patch5:         CVE-2015-9251.patch
+Patch6:         CVE-2012-6708.patch
 #
 # Copyright (C) 2004-2019 The Ceph Project Developers. See COPYING file
 # at the top-level directory of this distribution and at
@@ -2011,6 +2012,7 @@ exit 0
 - Fix for CVE-2014-5461
 - Fix for CVE-2020-22217
 - Fix for CVE-2015-9251
+- Fix for CVE-2012-6708
 
 * Tue Jan 01 2025 Sandeep Karambelkar <[email protected]> - 18.2.2-3
 - Based on the package build logs, opentelemetry-cpp submodule is not being built