diff options
| author | Vijay Anusuri <vanusuri@mvista.com> | 2025-05-13 14:33:38 +0530 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2025-05-16 08:58:06 -0700 |
| commit | 02c2876c5e55494f605f4911928343830b7c2fef (patch) | |
| tree | 072f6d7fbf1c24a84ea0001faf02b0fc6175ba27 | |
| parent | b497f2caf78f21b12927c76967921c84c1f134e5 (diff) | |
| download | poky-02c2876c5e55494f605f4911928343830b7c2fef.tar.gz | |
libsoup-2.4: Update fix CVE-2024-52532
Upstream-Status: Backport from https://gitlab.gnome.org/GNOME/libsoup/-/commit/4c9e75c6676a37b6485620c332e568e1a3f530ff
(From OE-Core rev: 144d067ed5b98b8ca477a6a0e8c958c0b15e9643)
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
| -rw-r--r-- | meta/recipes-support/libsoup/libsoup-2.4/CVE-2024-52532-3.patch | 46 | ||||
| -rw-r--r-- | meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb | 1 |
2 files changed, 47 insertions, 0 deletions
diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2024-52532-3.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2024-52532-3.patch new file mode 100644 index 0000000000..edcca86e8c --- /dev/null +++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2024-52532-3.patch | |||
| @@ -0,0 +1,46 @@ | |||
| 1 | From 4c9e75c6676a37b6485620c332e568e1a3f530ff Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Simon McVittie <smcv@debian.org> | ||
| 3 | Date: Wed, 13 Nov 2024 14:14:23 +0000 | ||
| 4 | Subject: [PATCH] websocket-test: Disconnect error signal in another place | ||
| 5 | |||
| 6 | This is the same change as commit 29b96fab "websocket-test: disconnect | ||
| 7 | error copy after the test ends", and is done for the same reason, but | ||
| 8 | replicating it into a different function. | ||
| 9 | |||
| 10 | Fixes: 6adc0e3e "websocket: process the frame as soon as we read data" | ||
| 11 | Resolves: https://gitlab.gnome.org/GNOME/libsoup/-/issues/399 | ||
| 12 | Signed-off-by: Simon McVittie <smcv@debian.org> | ||
| 13 | |||
| 14 | Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/4c9e75c6676a37b6485620c332e568e1a3f530ff] | ||
| 15 | CVE: CVE-2024-52532 | ||
| 16 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
| 17 | --- | ||
| 18 | tests/websocket-test.c | 4 +++- | ||
| 19 | 1 file changed, 3 insertions(+), 1 deletion(-) | ||
| 20 | |||
| 21 | diff --git a/tests/websocket-test.c b/tests/websocket-test.c | ||
| 22 | index 6a48c1f9..723f2857 100644 | ||
| 23 | --- a/tests/websocket-test.c | ||
| 24 | +++ b/tests/websocket-test.c | ||
| 25 | @@ -1508,8 +1508,9 @@ test_receive_invalid_encode_length_16 (Test *test, | ||
| 26 | GError *error = NULL; | ||
| 27 | InvalidEncodeLengthTest context = { test, NULL }; | ||
| 28 | guint i; | ||
| 29 | + guint error_id; | ||
| 30 | |||
| 31 | - g_signal_connect (test->client, "error", G_CALLBACK (on_error_copy), &error); | ||
| 32 | + error_id = g_signal_connect (test->client, "error", G_CALLBACK (on_error_copy), &error); | ||
| 33 | g_signal_connect (test->client, "message", G_CALLBACK (on_binary_message), &received); | ||
| 34 | |||
| 35 | /* We use 126(~) as payload length with 125 extended length */ | ||
| 36 | @@ -1522,6 +1523,7 @@ test_receive_invalid_encode_length_16 (Test *test, | ||
| 37 | WAIT_UNTIL (error != NULL || received != NULL); | ||
| 38 | g_assert_error (error, SOUP_WEBSOCKET_ERROR, SOUP_WEBSOCKET_CLOSE_PROTOCOL_ERROR); | ||
| 39 | g_clear_error (&error); | ||
| 40 | + g_signal_handler_disconnect (test->client, error_id); | ||
| 41 | g_assert_null (received); | ||
| 42 | |||
| 43 | g_thread_join (thread); | ||
| 44 | -- | ||
| 45 | GitLab | ||
| 46 | |||
diff --git a/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb b/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb index 88d08ad0ec..b299fcf6de 100644 --- a/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb +++ b/meta/recipes-support/libsoup/libsoup-2.4_2.74.2.bb | |||
| @@ -16,6 +16,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \ | |||
| 16 | file://CVE-2024-52530.patch \ | 16 | file://CVE-2024-52530.patch \ |
| 17 | file://CVE-2024-52532-1.patch \ | 17 | file://CVE-2024-52532-1.patch \ |
| 18 | file://CVE-2024-52532-2.patch \ | 18 | file://CVE-2024-52532-2.patch \ |
| 19 | file://CVE-2024-52532-3.patch \ | ||
| 19 | file://CVE-2024-52531-1.patch \ | 20 | file://CVE-2024-52531-1.patch \ |
| 20 | file://CVE-2024-52531-2.patch \ | 21 | file://CVE-2024-52531-2.patch \ |
| 21 | " | 22 | " |
