diff options
| author | Maxim Cournoyer <maxim.cournoyer@gmail.com> | 2022-09-08 13:58:25 -0400 |
|---|---|---|
| committer | Maxim Cournoyer <maxim.cournoyer@gmail.com> | 2022-09-13 02:04:38 -0400 |
| commit | dc1cf13ac58b7693cbabd3ebd82ad05088b4dbf4 (patch) | |
| tree | 5b6fa9166e6e418ef4508e7244595f50cb9d3ea2 /gnu/packages/patches/libgda-cve-2021-39359.patch | |
| parent | 8dae63937bb28d2bafe47225664f1a3acf5fdc30 (diff) | |
| download | guix-dc1cf13ac58b7693cbabd3ebd82ad05088b4dbf4.tar guix-dc1cf13ac58b7693cbabd3ebd82ad05088b4dbf4.tar.gz | |
gnu: libgda: Update to 6.0.0.
* gnu/packages/gnome.scm (libgda): Update to 6.0.0.
[source]: Delete modules and snippet field. Apply new patches.
[build-system]: Use meson-build-system.
[native-inputs]: Remove autoconf, autoconf-archive, automake, libtool, which
and xorg-server-for-tests.
[inputs]: Add json-glib.
* gnu/packages/patches/libgda-cve-2021-39359.patch: New file.
* gnu/packages/patches/libgda-fix-build.patch: Likewise.
* gnu/packages/patches/libgda-fix-missing-initialization.patch: Likewise.
* gnu/packages/patches/libgda-skip-postgresql-tests.patch: Likewise.
* gnu/local.mk (dist_patch_DATA): Register them.
Diffstat (limited to 'gnu/packages/patches/libgda-cve-2021-39359.patch')
| -rw-r--r-- | gnu/packages/patches/libgda-cve-2021-39359.patch | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/gnu/packages/patches/libgda-cve-2021-39359.patch b/gnu/packages/patches/libgda-cve-2021-39359.patch new file mode 100644 index 0000000000..5e14e79393 --- /dev/null +++ b/gnu/packages/patches/libgda-cve-2021-39359.patch @@ -0,0 +1,33 @@ +From bebdffb4de586fb43fd07ac549121f4b22f6812d Mon Sep 17 00:00:00 2001 +From: "Douglas R. Reno" <renodr@linuxfromscratch.org> +Date: Mon, 18 Oct 2021 13:18:01 -0500 +Subject: [PATCH] Fix CVE-2021-39359 by forcing TLS certificate validation + +This was done by adding "ssl-use-system-ca-file", TRUE to the options +for each soup_session_new_with_options() call that was made. + +Tested on Linux From Scratch 11.0 and Debian 11. + +Fixes #249 +--- + providers/web/gda-web-provider.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/providers/web/gda-web-provider.c b/providers/web/gda-web-provider.c +index cf8d14dc3..cc818895f 100644 +--- a/providers/web/gda-web-provider.c ++++ b/providers/web/gda-web-provider.c +@@ -355,8 +355,8 @@ gda_web_provider_open_connection (GdaServerProvider *provider, GdaConnection *cn + g_rec_mutex_init (& (cdata->mutex)); + cdata->server_id = NULL; + cdata->forced_closing = FALSE; +- cdata->worker_session = soup_session_new (); +- cdata->front_session = soup_session_new_with_options ("max-conns-per-host", 1, NULL); ++ cdata->worker_session = soup_session_new_with_options ("ssl-use-system-ca-file", TRUE, NULL); ++ cdata->front_session = soup_session_new_with_options ("max-conns-per-host", 1, "ssl-use-system-ca-file", TRUE, NULL); + if (use_ssl) { + server_url = g_string_new ("https://"); + g_print ("USING SSL\n"); +-- +GitLab + |