diff --git a/gnupg-2.3.2-agent-crash.patch b/gnupg-2.3.2-agent-crash.patch new file mode 100644 index 0000000..edf8716 --- /dev/null +++ b/gnupg-2.3.2-agent-crash.patch @@ -0,0 +1,31 @@ +From af3b1901549baa8fbe8140d9fa75a4a2b7a77a7e Mon Sep 17 00:00:00 2001 +From: Werner Koch +Date: Tue, 7 Sep 2021 08:57:44 +0200 +Subject: [PATCH GnuPG] agent: Fix segv in GET_PASSPHRASE (regression) + +* agent/command.c (cmd_get_passphrase): Do not deref PI. PI is always +NULL. +-- + +Fixes-commit: b89b1f35c29ceaebe39b31444936aa66c9297f2c +GnuPG-bug-id: 5577 +--- + agent/command.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/agent/command.c b/agent/command.c +index 5e2dbc809..3e074443a 100644 +--- a/agent/command.c ++++ b/agent/command.c +@@ -1955,7 +1955,7 @@ cmd_get_passphrase (assuan_context_t ctx, char *line) + opt_qualbar, cacheid, CACHE_MODE_USER, NULL); + xfree (entry_errtext); + entry_errtext = NULL; +- is_generated = !!(pi->status & PINENTRY_STATUS_PASSWORD_GENERATED); ++ is_generated = 0; + + if (!rc) + { +-- +2.31.1 + diff --git a/gnupg2.spec b/gnupg2.spec index 9a020ca..4a2e779 100644 --- a/gnupg2.spec +++ b/gnupg2.spec @@ -27,6 +27,7 @@ Patch21: gnupg-2.2.18-gpg-allow-import-of-previously-known-keys-even-without-UI. Patch22: gnupg-2.2.18-gpg-accept-subkeys-with-a-good-revocation-but-no-self-sig.patch # Fixes for issues found in Coverity scan - reported upstream Patch30: gnupg-2.2.21-coverity.patch +Patch31: gnupg-2.3.2-agent-crash.patch URL: https://www.gnupg.org/ @@ -107,6 +108,7 @@ to the base GnuPG package %patch22 -p1 -b .good_revoc %patch30 -p1 -b .coverity +%patch31 -p1 -b .agent-crash # pcsc-lite library major: 0 in 1.2.0, 1 in 1.2.9+ (dlopen()'d in pcsc-wrapper) # Note: this is just the name of the default shared lib to load in scdaemon,