amaharaneko/guix-mirrors
1
1
Fork 0
mirror of https://codeberg.org/guix/guix.git synced 2025-10-02 02:15:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
guix-mirrors/gnu/packages/patches/libsoup-auth-digest-fix-crash.patch
Maxim Cournoyer a1fd9f821c
gnu: libsoup: Apply patches fixing deadlocks and CVE-2025-4476. 
The patches are a subset taken from Debian (see:
<https://sources.debian.org/patches/libsoup3/3.6.5-3/>).

* gnu/packages/patches/libsoup-auth-digest-fix-crash.patch
* gnu/packages/patches/libsoup-deadlock-in-add_listener_in_thread.patch
* gnu/packages/patches/libsoup-fix-merge-of-ranges.patch
* gnu/packages/patches/libsoup-memory-leak-in-soup_form_decode.patch
* gnu/packages/patches/libsoup-multipart-bounds-check.patch
* gnu/packages/patches/libsoup-use-libdl-instead-of-gmodule.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
* gnu/packages/gnome.scm (libsoup-minimal): Apply them.

Change-Id: I7e4968c1d87e28860fc68616f6107d018e0d93dd
2025-09-30 20:05:05 +02:00

31 lines
1.4 KiB
Diff
Raw Blame History

From: Michael Catanzaro <mcatanzaro@redhat.com>
Date: Thu, 8 May 2025 09:27:01 -0500
Subject: auth-digest: fix crash in soup_auth_digest_get_protection_space()
We need to validate the Domain parameter in the WWW-Authenticate header.
Unfortunately this crash only occurs when listening on default ports 80
and 443, so there's no good way to test for this. The test would require
running as root.
Origin: upstream, 3.7.0, commit:e64c221f9c7d09b48b610c5626b3b8c400f0907c
Bug: https://gitlab.gnome.org/GNOME/libsoup/-/issues/440
Bug-CVE: https://security-tracker.debian.org/tracker/CVE-2025-4476
Bug-Debian: https://bugs.debian.org/1105887
---
libsoup/auth/soup-auth-digest.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libsoup/auth/soup-auth-digest.c b/libsoup/auth/soup-auth-digest.c
index d8bb291..292f204 100644
--- a/libsoup/auth/soup-auth-digest.c
+++ b/libsoup/auth/soup-auth-digest.c
@@ -220,7 +220,7 @@ soup_auth_digest_get_protection_space (SoupAuth *auth, GUri *source_uri)
if (uri &&
g_strcmp0 (g_uri_get_scheme (uri), g_uri_get_scheme (source_uri)) == 0 &&
g_uri_get_port (uri) == g_uri_get_port (source_uri) &&
- !strcmp (g_uri_get_host (uri), g_uri_get_host (source_uri)))
+ !g_strcmp0 (g_uri_get_host (uri), g_uri_get_host (source_uri)))
dir = g_strdup (g_uri_get_path (uri));
else
dir = NULL;
Reference in a new issue View git blame Copy permalink