diff options
| author | Ashish Sharma <asharma@mvista.com> | 2025-05-25 09:30:06 +0530 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2025-06-02 07:12:34 -0700 |
| commit | 474ee8d5def5354a38ee1d593cc66e3fec6ecfd8 (patch) | |
| tree | 01ac93d408bed210229dd8e4558040b4572abba1 | |
| parent | 7ad1d266889568491e25d7a26f3785de38db1982 (diff) | |
| download | poky-474ee8d5def5354a38ee1d593cc66e3fec6ecfd8.tar.gz | |
libsoup: patch CVE-2025-4476
Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/e64c221f9c7d09b48b610c5626b3b8c400f0907c]
(From OE-Core rev: 91231813d04680f93a08cb29540073bb4749e22f)
Signed-off-by: Ashish Sharma <asharma@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
| -rw-r--r-- | meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4476.patch | 38 | ||||
| -rw-r--r-- | meta/recipes-support/libsoup/libsoup_3.4.4.bb | 1 |
2 files changed, 39 insertions, 0 deletions
diff --git a/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4476.patch b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4476.patch new file mode 100644 index 0000000000..cd5619d620 --- /dev/null +++ b/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-4476.patch | |||
| @@ -0,0 +1,38 @@ | |||
| 1 | From e64c221f9c7d09b48b610c5626b3b8c400f0907c Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Michael Catanzaro <mcatanzaro@redhat.com> | ||
| 3 | Date: Thu, 8 May 2025 09:27:01 -0500 | ||
| 4 | Subject: [PATCH] auth-digest: fix crash in | ||
| 5 | soup_auth_digest_get_protection_space() | ||
| 6 | |||
| 7 | We need to validate the Domain parameter in the WWW-Authenticate header. | ||
| 8 | |||
| 9 | Unfortunately this crash only occurs when listening on default ports 80 | ||
| 10 | and 443, so there's no good way to test for this. The test would require | ||
| 11 | running as root. | ||
| 12 | |||
| 13 | Fixes #440 | ||
| 14 | |||
| 15 | Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/e64c221f9c7d09b48b610c5626b3b8c400f0907c] | ||
| 16 | CVE: CVE-2025-4476 | ||
| 17 | Signed-off-by: Ashish Sharma <asharma@mvista.com> | ||
| 18 | |||
| 19 | |||
| 20 | libsoup/auth/soup-auth-digest.c | 2 +- | ||
| 21 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
| 22 | |||
| 23 | diff --git a/libsoup/auth/soup-auth-digest.c b/libsoup/auth/soup-auth-digest.c | ||
| 24 | index d8bb2910..292f2045 100644 | ||
| 25 | --- a/libsoup/auth/soup-auth-digest.c | ||
| 26 | +++ b/libsoup/auth/soup-auth-digest.c | ||
| 27 | @@ -220,7 +220,7 @@ soup_auth_digest_get_protection_space (SoupAuth *auth, GUri *source_uri) | ||
| 28 | if (uri && | ||
| 29 | g_strcmp0 (g_uri_get_scheme (uri), g_uri_get_scheme (source_uri)) == 0 && | ||
| 30 | g_uri_get_port (uri) == g_uri_get_port (source_uri) && | ||
| 31 | - !strcmp (g_uri_get_host (uri), g_uri_get_host (source_uri))) | ||
| 32 | + !g_strcmp0 (g_uri_get_host (uri), g_uri_get_host (source_uri))) | ||
| 33 | dir = g_strdup (g_uri_get_path (uri)); | ||
| 34 | else | ||
| 35 | dir = NULL; | ||
| 36 | -- | ||
| 37 | GitLab | ||
| 38 | |||
diff --git a/meta/recipes-support/libsoup/libsoup_3.4.4.bb b/meta/recipes-support/libsoup/libsoup_3.4.4.bb index 8cca980faf..d3a0840044 100644 --- a/meta/recipes-support/libsoup/libsoup_3.4.4.bb +++ b/meta/recipes-support/libsoup/libsoup_3.4.4.bb | |||
| @@ -30,6 +30,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \ | |||
| 30 | file://CVE-2025-32906-2.patch \ | 30 | file://CVE-2025-32906-2.patch \ |
| 31 | file://CVE-2025-46420.patch \ | 31 | file://CVE-2025-46420.patch \ |
| 32 | file://CVE-2025-32914.patch \ | 32 | file://CVE-2025-32914.patch \ |
| 33 | file://CVE-2025-4476.patch \ | ||
| 33 | " | 34 | " |
| 34 | SRC_URI[sha256sum] = "291c67725f36ed90ea43efff25064b69c5a2d1981488477c05c481a3b4b0c5aa" | 35 | SRC_URI[sha256sum] = "291c67725f36ed90ea43efff25064b69c5a2d1981488477c05c481a3b4b0c5aa" |
| 35 | 36 | ||