aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/icecat-CVE-2018-12383.patch103
-rw-r--r--gnu/packages/patches/poppler-CVE-2018-19149.patch80
2 files changed, 80 insertions, 103 deletions
diff --git a/gnu/packages/patches/icecat-CVE-2018-12383.patch b/gnu/packages/patches/icecat-CVE-2018-12383.patch
deleted file mode 100644
index 17ca0f3773..0000000000
--- a/gnu/packages/patches/icecat-CVE-2018-12383.patch
+++ /dev/null
@@ -1,103 +0,0 @@
-Based on upstream changeset:
- https://hg.mozilla.org/releases/mozilla-esr60/rev/300efdbc9fe1
-but with the git binary patch and related test changes omitted,
-and adapted to apply cleanly to GNU IceCat.
-
-# HG changeset patch
-# User David Keeler <dkeeler@mozilla.com>
-# Date 1531860660 25200
-# Node ID 300efdbc9fe1f9165428c7934861033935b5abfa
-# Parent 80a4a7ef281374dbb2afda8edac54665b14b9ef8
-Bug 1475775 - Clean up old NSS DB file after upgrade if necessary. r=franziskus, r=mattn, a=RyanVM
-
-Reviewers: franziskus, mattn
-
-Bug #: 1475775
-
-Differential Revision: https://phabricator.services.mozilla.com/D2202
-
-diff --git a/security/manager/ssl/nsNSSComponent.cpp b/security/manager/ssl/nsNSSComponent.cpp
---- a/security/manager/ssl/nsNSSComponent.cpp
-+++ b/security/manager/ssl/nsNSSComponent.cpp
-@@ -1935,16 +1935,61 @@ AttemptToRenameBothPKCS11ModuleDBVersion
- NS_NAMED_LITERAL_CSTRING(sqlModuleDBFilename, "pkcs11.txt");
- nsresult rv = AttemptToRenamePKCS11ModuleDB(profilePath,
- legacyModuleDBFilename);
- if (NS_FAILED(rv)) {
- return rv;
- }
- return AttemptToRenamePKCS11ModuleDB(profilePath, sqlModuleDBFilename);
- }
-+
-+// When we changed from the old dbm database format to the newer sqlite
-+// implementation, the upgrade process left behind the existing files. Suppose a
-+// user had not set a password for the old key3.db (which is about 99% of
-+// users). After upgrading, both the old database and the new database are
-+// unprotected. If the user then sets a password for the new database, the old
-+// one will not be protected. In this scenario, we should probably just remove
-+// the old database (it would only be relevant if the user downgraded to a
-+// version of IceCat before 58, but we have to trade this off against the
-+// user's old private keys being unexpectedly unprotected after setting a
-+// password).
-+// This was never an issue on Android because we always used the new
-+// implementation.
-+static void
-+MaybeCleanUpOldNSSFiles(const nsACString& profilePath)
-+{
-+ UniquePK11SlotInfo slot(PK11_GetInternalKeySlot());
-+ if (!slot) {
-+ return;
-+ }
-+ // Unfortunately we can't now tell the difference between "there already was a
-+ // password when the upgrade happened" and "there was not a password but then
-+ // the user added one after upgrading".
-+ bool hasPassword = PK11_NeedLogin(slot.get()) &&
-+ !PK11_NeedUserInit(slot.get());
-+ if (!hasPassword) {
-+ return;
-+ }
-+ nsCOMPtr<nsIFile> dbFile = do_CreateInstance("@mozilla.org/file/local;1");
-+ if (!dbFile) {
-+ return;
-+ }
-+ nsresult rv = dbFile->InitWithNativePath(profilePath);
-+ if (NS_FAILED(rv)) {
-+ return;
-+ }
-+ NS_NAMED_LITERAL_CSTRING(keyDBFilename, "key3.db");
-+ rv = dbFile->AppendNative(keyDBFilename);
-+ if (NS_FAILED(rv)) {
-+ return;
-+ }
-+ // Since this isn't a directory, the `recursive` argument to `Remove` is
-+ // irrelevant.
-+ Unused << dbFile->Remove(false);
-+}
- #endif // ifndef ANDROID
-
- // Given a profile directory, attempt to initialize NSS. If nocertdb is true,
- // (or if we don't have a profile directory) simply initialize NSS in no DB mode
- // and return. Otherwise, first attempt to initialize in read/write mode, and
- // then read-only mode if that fails. If both attempts fail, we may be failing
- // to initialize an NSS DB collection that has FIPS mode enabled. Attempt to
- // ascertain if this is the case, and if so, rename the offending PKCS#11 module
-@@ -1966,16 +2011,19 @@ InitializeNSSWithFallbacks(const nsACStr
-
- // Try read/write mode. If we're in safeMode, we won't load PKCS#11 modules.
- #ifndef ANDROID
- PRErrorCode savedPRErrorCode1;
- #endif // ifndef ANDROID
- SECStatus srv = ::mozilla::psm::InitializeNSS(profilePath, false, !safeMode);
- if (srv == SECSuccess) {
- MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("initialized NSS in r/w mode"));
-+#ifndef ANDROID
-+ MaybeCleanUpOldNSSFiles(profilePath);
-+#endif // ifndef ANDROID
- return NS_OK;
- }
- #ifndef ANDROID
- savedPRErrorCode1 = PR_GetError();
- PRErrorCode savedPRErrorCode2;
- #endif // ifndef ANDROID
- // That failed. Try read-only mode.
- srv = ::mozilla::psm::InitializeNSS(profilePath, true, !safeMode);
diff --git a/gnu/packages/patches/poppler-CVE-2018-19149.patch b/gnu/packages/patches/poppler-CVE-2018-19149.patch
new file mode 100644
index 0000000000..3641f5f078
--- /dev/null
+++ b/gnu/packages/patches/poppler-CVE-2018-19149.patch
@@ -0,0 +1,80 @@
+Fix CVE-2018-19149:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19149
+https://gitlab.freedesktop.org/poppler/poppler/issues/664
+
+Patch copied from upstream source repository:
+
+https://gitlab.freedesktop.org/poppler/poppler/commit/f162ecdea0dda5dbbdb45503c1d55d9afaa41d44
+
+From f162ecdea0dda5dbbdb45503c1d55d9afaa41d44 Mon Sep 17 00:00:00 2001
+From: Marek Kasik <mkasik@redhat.com>
+Date: Fri, 20 Apr 2018 11:38:13 +0200
+Subject: [PATCH] Fix crash on missing embedded file
+
+Check whether an embedded file is actually present in the PDF
+and show warning in that case.
+
+https://bugs.freedesktop.org/show_bug.cgi?id=106137
+https://gitlab.freedesktop.org/poppler/poppler/issues/236
+---
+ glib/poppler-attachment.cc | 26 +++++++++++++++++---------
+ glib/poppler-document.cc | 3 ++-
+ 2 files changed, 19 insertions(+), 10 deletions(-)
+
+diff --git a/glib/poppler-attachment.cc b/glib/poppler-attachment.cc
+index c6502e9d..11ba5bb5 100644
+--- a/glib/poppler-attachment.cc
++++ b/glib/poppler-attachment.cc
+@@ -111,17 +111,25 @@ _poppler_attachment_new (FileSpec *emb_file)
+ attachment->description = _poppler_goo_string_to_utf8 (emb_file->getDescription ());
+
+ embFile = emb_file->getEmbeddedFile();
+- attachment->size = embFile->size ();
++ if (embFile != NULL && embFile->streamObject()->isStream())
++ {
++ attachment->size = embFile->size ();
+
+- if (embFile->createDate ())
+- _poppler_convert_pdf_date_to_gtime (embFile->createDate (), (time_t *)&attachment->ctime);
+- if (embFile->modDate ())
+- _poppler_convert_pdf_date_to_gtime (embFile->modDate (), (time_t *)&attachment->mtime);
++ if (embFile->createDate ())
++ _poppler_convert_pdf_date_to_gtime (embFile->createDate (), (time_t *)&attachment->ctime);
++ if (embFile->modDate ())
++ _poppler_convert_pdf_date_to_gtime (embFile->modDate (), (time_t *)&attachment->mtime);
+
+- if (embFile->checksum () && embFile->checksum ()->getLength () > 0)
+- attachment->checksum = g_string_new_len (embFile->checksum ()->getCString (),
+- embFile->checksum ()->getLength ());
+- priv->obj_stream = embFile->streamObject()->copy();
++ if (embFile->checksum () && embFile->checksum ()->getLength () > 0)
++ attachment->checksum = g_string_new_len (embFile->checksum ()->getCString (),
++ embFile->checksum ()->getLength ());
++ priv->obj_stream = embFile->streamObject()->copy();
++ }
++ else
++ {
++ g_warning ("Missing stream object for embedded file");
++ g_clear_object (&attachment);
++ }
+
+ return attachment;
+ }
+diff --git a/glib/poppler-document.cc b/glib/poppler-document.cc
+index 83f6aea6..ea319344 100644
+--- a/glib/poppler-document.cc
++++ b/glib/poppler-document.cc
+@@ -670,7 +670,8 @@ poppler_document_get_attachments (PopplerDocument *document)
+ attachment = _poppler_attachment_new (emb_file);
+ delete emb_file;
+
+- retval = g_list_prepend (retval, attachment);
++ if (attachment != NULL)
++ retval = g_list_prepend (retval, attachment);
+ }
+ return g_list_reverse (retval);
+ }
+--
+2.19.1
+