summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChangqing Li <changqing.li@windriver.com>2025-06-06 14:50:01 +0800
committerSteve Sakoman <steve@sakoman.com>2025-06-13 08:58:01 -0700
commit47bb754e2754555d30787aedb864b19bc8603521 (patch)
treed0b3f6bf894bf10677017fd5d4598eac57e6ab3c
parent859504c47569c578338726e84bbb4898784a2793 (diff)
downloadpoky-47bb754e2754555d30787aedb864b19bc8603521.tar.gz
libsoup-2.4: fix CVE-2025-4476
Refer: https://gitlab.gnome.org/GNOME/libsoup/-/issues/440 (From OE-Core rev: ebb87904c97f4b27a023b2347622519c702d4d2d) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat
-rw-r--r--meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4476.patch38
-rw-r--r--meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb1
2 files changed, 39 insertions, 0 deletions
diff --git a/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4476.patch b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4476.patch
new file mode 100644
index 0000000000..874f62e7ad
--- /dev/null
+++ b/meta/recipes-support/libsoup/libsoup-2.4/CVE-2025-4476.patch
@@ -0,0 +1,38 @@
1From 52a0f9234d384b9dab368835b22e5a5a01542168 Mon Sep 17 00:00:00 2001
2From: Changqing Li <changqing.li@windriver.com>
3Date: Fri, 16 May 2025 14:16:10 +0800
4Subject: [PATCH] auth-digest: fix crash in
5 soup_auth_digest_get_protection_space()
6
7We need to validate the Domain parameter in the WWW-Authenticate header.
8
9Unfortunately this crash only occurs when listening on default ports 80
10and 443, so there's no good way to test for this. The test would require
11running as root.
12
13Fixes #440
14
15CVE: CVE-2025-4476
16Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/e64c221f9c7d09b48b610c5626b3b8c400f0907c?merge_request_iid=457]
17
18Signed-off-by: Changqing Li <changqing.li@windriver.com>
19---
20 libsoup/soup-auth-digest.c | 2 +-
21 1 file changed, 1 insertion(+), 1 deletion(-)
22
23diff --git a/libsoup/soup-auth-digest.c b/libsoup/soup-auth-digest.c
24index f1621ec..a2dc560 100644
25--- a/libsoup/soup-auth-digest.c
26+++ b/libsoup/soup-auth-digest.c
27@@ -229,7 +229,7 @@ soup_auth_digest_get_protection_space (SoupAuth *auth, SoupURI *source_uri)
28 uri = soup_uri_new (d);
29 if (uri && uri->scheme == source_uri->scheme &&
30 uri->port == source_uri->port &&
31- !strcmp (uri->host, source_uri->host))
32+ !g_strcmp0 (uri->host, source_uri->host))
33 dir = g_strdup (uri->path);
34 else
35 dir = NULL;
36--
372.34.1
38
diff --git a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
index 5c834e394a..8f0b706276 100644
--- a/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
+++ b/meta/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
@@ -38,6 +38,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
38 file://CVE-2025-32050.patch \ 38 file://CVE-2025-32050.patch \
39 file://CVE-2025-46421.patch \ 39 file://CVE-2025-46421.patch \
40 file://CVE-2025-4948.patch \ 40 file://CVE-2025-4948.patch \
41 file://CVE-2025-4476.patch \
41" 42"
42SRC_URI[sha256sum] = "e4b77c41cfc4c8c5a035fcdc320c7bc6cfb75ef7c5a034153df1413fa1d92f13" 43SRC_URI[sha256sum] = "e4b77c41cfc4c8c5a035fcdc320c7bc6cfb75ef7c5a034153df1413fa1d92f13"
43 44
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2026-01-31 00:30:09 +0000