diff options
| author | Ashish Sharma <asharma@mvista.com> | 2025-06-18 10:59:35 +0800 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2025-06-25 08:11:57 -0700 |
| commit | 41197b0df6ff51d8c694460b97dcb151baafdca3 (patch) | |
| tree | 574b4111dfcce2621909c479cc28410e0766861b | |
| parent | 52b3a3b7c59215afcaa2e4e4508f86b359374f3e (diff) | |
| download | poky-41197b0df6ff51d8c694460b97dcb151baafdca3.tar.gz | |
libsoup: patch CVE-2025-4476
Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/e64c221f9c7d09b48b610c5626b3b8c400f0907c]
(From OE-Core rev: 4cd294674ed05e1b72e722b46ac1e2b5f3603460)
Signed-off-by: Ashish Sharma <asharma@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
| -rw-r--r-- | meta/recipes-support/libsoup/libsoup/CVE-2025-4476.patch | 38 | ||||
| -rw-r--r-- | meta/recipes-support/libsoup/libsoup_3.0.7.bb | 1 |
2 files changed, 39 insertions, 0 deletions
diff --git a/meta/recipes-support/libsoup/libsoup/CVE-2025-4476.patch b/meta/recipes-support/libsoup/libsoup/CVE-2025-4476.patch new file mode 100644 index 0000000000..cd5619d620 --- /dev/null +++ b/meta/recipes-support/libsoup/libsoup/CVE-2025-4476.patch | |||
| @@ -0,0 +1,38 @@ | |||
| 1 | From e64c221f9c7d09b48b610c5626b3b8c400f0907c Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Michael Catanzaro <mcatanzaro@redhat.com> | ||
| 3 | Date: Thu, 8 May 2025 09:27:01 -0500 | ||
| 4 | Subject: [PATCH] auth-digest: fix crash in | ||
| 5 | soup_auth_digest_get_protection_space() | ||
| 6 | |||
| 7 | We need to validate the Domain parameter in the WWW-Authenticate header. | ||
| 8 | |||
| 9 | Unfortunately this crash only occurs when listening on default ports 80 | ||
| 10 | and 443, so there's no good way to test for this. The test would require | ||
| 11 | running as root. | ||
| 12 | |||
| 13 | Fixes #440 | ||
| 14 | |||
| 15 | Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/e64c221f9c7d09b48b610c5626b3b8c400f0907c] | ||
| 16 | CVE: CVE-2025-4476 | ||
| 17 | Signed-off-by: Ashish Sharma <asharma@mvista.com> | ||
| 18 | |||
| 19 | |||
| 20 | libsoup/auth/soup-auth-digest.c | 2 +- | ||
| 21 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
| 22 | |||
| 23 | diff --git a/libsoup/auth/soup-auth-digest.c b/libsoup/auth/soup-auth-digest.c | ||
| 24 | index d8bb2910..292f2045 100644 | ||
| 25 | --- a/libsoup/auth/soup-auth-digest.c | ||
| 26 | +++ b/libsoup/auth/soup-auth-digest.c | ||
| 27 | @@ -220,7 +220,7 @@ soup_auth_digest_get_protection_space (SoupAuth *auth, GUri *source_uri) | ||
| 28 | if (uri && | ||
| 29 | g_strcmp0 (g_uri_get_scheme (uri), g_uri_get_scheme (source_uri)) == 0 && | ||
| 30 | g_uri_get_port (uri) == g_uri_get_port (source_uri) && | ||
| 31 | - !strcmp (g_uri_get_host (uri), g_uri_get_host (source_uri))) | ||
| 32 | + !g_strcmp0 (g_uri_get_host (uri), g_uri_get_host (source_uri))) | ||
| 33 | dir = g_strdup (g_uri_get_path (uri)); | ||
| 34 | else | ||
| 35 | dir = NULL; | ||
| 36 | -- | ||
| 37 | GitLab | ||
| 38 | |||
diff --git a/meta/recipes-support/libsoup/libsoup_3.0.7.bb b/meta/recipes-support/libsoup/libsoup_3.0.7.bb index 67aa180612..83ed88e785 100644 --- a/meta/recipes-support/libsoup/libsoup_3.0.7.bb +++ b/meta/recipes-support/libsoup/libsoup_3.0.7.bb | |||
| @@ -36,6 +36,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \ | |||
| 36 | file://CVE-2025-32052.patch \ | 36 | file://CVE-2025-32052.patch \ |
| 37 | file://CVE-2025-32053.patch \ | 37 | file://CVE-2025-32053.patch \ |
| 38 | file://CVE-2025-46420.patch \ | 38 | file://CVE-2025-46420.patch \ |
| 39 | file://CVE-2025-4476.patch \ | ||
| 39 | " | 40 | " |
| 40 | SRC_URI[sha256sum] = "ebdf90cf3599c11acbb6818a9d9e3fc9d2c68e56eb829b93962972683e1bf7c8" | 41 | SRC_URI[sha256sum] = "ebdf90cf3599c11acbb6818a9d9e3fc9d2c68e56eb829b93962972683e1bf7c8" |
| 41 | 42 | ||