rpms/libgcrypt
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix CVE-2024-2236

Browse Source 
Resolves: RHEL-58736
This commit is contained in:
Jakub Jelen 2024-08-01 12:09:39 +02:00
parent 81dbcd86e8
commit dff8a6912f
2 changed files with 2127 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2123
libgcrypt-1.11.0-marvin.patch Normal file
View File

File diff suppressed because it is too large Load Diff

4
libgcrypt.spec
View File

@ -29,6 +29,8 @@ Patch3: libgcrypt-1.11.0-covscan.patch
# https://dev.gnupg.org/T7220 # https://dev.gnupg.org/T7220
Patch4: libgcrypt-1.11.0-cf-protection.patch Patch4: libgcrypt-1.11.0-cf-protection.patch
Patch5: libgcrypt-1.11.0-pac-bti-protection.patch Patch5: libgcrypt-1.11.0-pac-bti-protection.patch
# https://gitlab.com/redhat-crypto/libgcrypt/libgcrypt-mirror/-/merge_requests/19/
Patch6: libgcrypt-1.11.0-marvin.patch
%global gcrylibdir %{_libdir} %global gcrylibdir %{_libdir}
%global gcrysoname libgcrypt.so.20 %global gcrysoname libgcrypt.so.20
@ -68,6 +70,7 @@ applications using libgcrypt.
%patch 3 -p1 %patch 3 -p1
%patch 4 -p1 %patch 4 -p1
%patch 5 -p1 %patch 5 -p1
%patch 6 -p1
%build %build
# should be all algorithms except SM3 and SM4, aria # should be all algorithms except SM3 and SM4, aria
@ -88,6 +91,7 @@ autoreconf -f
--disable-O-flag-munging \ --disable-O-flag-munging \
--enable-digests="$DIGESTS" \ --enable-digests="$DIGESTS" \
--enable-ciphers="$CIPHERS" \ --enable-ciphers="$CIPHERS" \
--enable-marvin-workaround \
--with-fips-module-version="$FIPS_MODULE_NAME %{version}-%{srpmhash}" --with-fips-module-version="$FIPS_MODULE_NAME %{version}-%{srpmhash}"
sed -i -e '/^sys_lib_dlsearch_path_spec/s,/lib /usr/lib,/usr/lib /lib64 /usr/lib64 /lib,g' libtool sed -i -e '/^sys_lib_dlsearch_path_spec/s,/lib /usr/lib,/usr/lib /lib64 /usr/lib64 /lib,g' libtool
%make_build %make_build