import grilo-0.3.6-3.el8
This commit is contained in:
parent
9164d014a8
commit
837e263b2f
@ -0,0 +1,33 @@
|
|||||||
|
From cd2472e506dafb1bb8ae510e34ad4797f63e263e Mon Sep 17 00:00:00 2001
|
||||||
|
From: Bastien Nocera <hadess@hadess.net>
|
||||||
|
Date: Mon, 21 Jun 2021 15:00:14 +0200
|
||||||
|
Subject: [PATCH 2/2] net: Fix TLS cert validation not being done for any
|
||||||
|
network call
|
||||||
|
|
||||||
|
The default SoupSessionAsync behaviour does not perform any TLS certificate
|
||||||
|
validation, unless the ssl-use-system-ca-file property is set to true.
|
||||||
|
|
||||||
|
See https://blogs.gnome.org/mcatanzaro/2021/05/25/reminder-soupsessionsync-and-soupsessionasync-default-to-no-tls-certificate-verification/
|
||||||
|
|
||||||
|
This mitigates CVE-2016-20011.
|
||||||
|
|
||||||
|
Closes: #146
|
||||||
|
---
|
||||||
|
libs/net/grl-net-wc.c | 1 +
|
||||||
|
1 file changed, 1 insertion(+)
|
||||||
|
|
||||||
|
diff --git a/libs/net/grl-net-wc.c b/libs/net/grl-net-wc.c
|
||||||
|
index 5a8e89f..5ff1d17 100644
|
||||||
|
--- a/libs/net/grl-net-wc.c
|
||||||
|
+++ b/libs/net/grl-net-wc.c
|
||||||
|
@@ -314,6 +314,7 @@ grl_net_wc_init (GrlNetWc *wc)
|
||||||
|
wc->priv = grl_net_wc_get_instance_private (wc);
|
||||||
|
|
||||||
|
wc->priv->session = soup_session_async_new ();
|
||||||
|
+ g_object_set (G_OBJECT (wc->priv->session), "ssl-use-system-ca-file", TRUE, NULL);
|
||||||
|
wc->priv->pending = g_queue_new ();
|
||||||
|
|
||||||
|
set_thread_context (wc);
|
||||||
|
--
|
||||||
|
2.31.1
|
||||||
|
|
@ -3,15 +3,18 @@
|
|||||||
|
|
||||||
Name: grilo
|
Name: grilo
|
||||||
Version: 0.3.6
|
Version: 0.3.6
|
||||||
Release: 2%{?dist}
|
Release: 3%{?dist}
|
||||||
Summary: Content discovery framework
|
Summary: Content discovery framework
|
||||||
|
|
||||||
License: LGPLv2+
|
License: LGPLv2+
|
||||||
URL: https://wiki.gnome.org/Projects/Grilo
|
URL: https://wiki.gnome.org/Projects/Grilo
|
||||||
Source0: https://download.gnome.org/sources/grilo/%{release_version}/grilo-%{version}.tar.xz
|
Source0: https://download.gnome.org/sources/grilo/%{release_version}/grilo-%{version}.tar.xz
|
||||||
Patch0001: 0001-Include-file-to-build-docs-with-meson.patch
|
Patch0001: 0001-Include-file-to-build-docs-with-meson.patch
|
||||||
|
# https://gitlab.gnome.org/GNOME/grilo/-/merge_requests/78
|
||||||
|
Patch0002: 0002-net-Fix-TLS-cert-validation-not-being-done-for-any-n.patch
|
||||||
|
|
||||||
BuildRequires: meson
|
BuildRequires: meson
|
||||||
|
BuildRequires: git
|
||||||
BuildRequires: chrpath
|
BuildRequires: chrpath
|
||||||
BuildRequires: gnome-common
|
BuildRequires: gnome-common
|
||||||
BuildRequires: intltool
|
BuildRequires: intltool
|
||||||
@ -45,7 +48,7 @@ This package contains the core library and elements, as well as
|
|||||||
general and API documentation.
|
general and API documentation.
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%autosetup -p1
|
%autosetup -p1 -S git
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%meson -Denable-gtk-doc=true
|
%meson -Denable-gtk-doc=true
|
||||||
@ -97,6 +100,11 @@ rm -f $RPM_BUILD_ROOT%{_bindir}/grilo-simple-playlist
|
|||||||
%{_datadir}/vala/
|
%{_datadir}/vala/
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Aug 25 2021 Bastien Nocera <bnocera@redhat.com> - 0.3.6-3
|
||||||
|
+ grilo-0.3.6-3
|
||||||
|
- Fix TLS not being validated correctly
|
||||||
|
- Resolves: rhbz#1997234
|
||||||
|
|
||||||
* Sat Jul 28 2018 Victor Toso <victortoso@redhat.com> - 0.3.6-2
|
* Sat Jul 28 2018 Victor Toso <victortoso@redhat.com> - 0.3.6-2
|
||||||
- Switch to meson build system
|
- Switch to meson build system
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user