import libreoffice-6.4.7.2-11.el8
This commit is contained in:
parent
077b73594d
commit
c5711baf0e
69
SOURCES/0001-CVE-2021-25636.patch
Normal file
69
SOURCES/0001-CVE-2021-25636.patch
Normal file
@ -0,0 +1,69 @@
|
|||||||
|
From ae1bd20a2d4d7b7d64edc3b06d7f901c05175b7d Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm@redhat.com>
|
||||||
|
Date: Mon, 20 Dec 2021 17:05:44 +0000
|
||||||
|
Subject: [PATCH] only use X509Data
|
||||||
|
|
||||||
|
Change-Id: I52e6588f5fac04bb26d77c1f3af470db73e41f72
|
||||||
|
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/127193
|
||||||
|
Tested-by: Jenkins
|
||||||
|
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
||||||
|
(cherry picked from commit be446d81e07b5499152efeca6ca23034e51ea5ff)
|
||||||
|
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/127178
|
||||||
|
Reviewed-by: Adolfo Jayme Barrientos <fitojb@ubuntu.com>
|
||||||
|
(cherry picked from commit b0404f80577de9ff69e58390c6f6ef949fdb0139)
|
||||||
|
---
|
||||||
|
.../source/xmlsec/mscrypt/xmlsignature_mscryptimpl.cxx | 6 ++++++
|
||||||
|
xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx | 6 ++++++
|
||||||
|
2 files changed, 12 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.cxx b/xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.cxx
|
||||||
|
index db400e6..39f9d7f 100644
|
||||||
|
--- a/xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.cxx
|
||||||
|
+++ b/xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.cxx
|
||||||
|
@@ -21,6 +21,8 @@
|
||||||
|
#include <sal/log.hxx>
|
||||||
|
#include <rtl/uuid.h>
|
||||||
|
|
||||||
|
+#include <xmlsec/mscng/x509.h>
|
||||||
|
+
|
||||||
|
#include <com/sun/star/xml/crypto/SecurityOperationStatus.hpp>
|
||||||
|
#include <com/sun/star/xml/crypto/XXMLSignature.hpp>
|
||||||
|
|
||||||
|
@@ -229,6 +231,10 @@ SAL_CALL XMLSignature_MSCryptImpl::validate(
|
||||||
|
// We do certificate verification ourselves.
|
||||||
|
pDsigCtx->keyInfoReadCtx.flags |= XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS;
|
||||||
|
|
||||||
|
+ // limit possible key data to valid X509 certificates only, no KeyValues
|
||||||
|
+ if (xmlSecPtrListAdd(&(pDsigCtx->keyInfoReadCtx.enabledKeyData), BAD_CAST xmlSecMSCngKeyDataX509GetKlass()) < 0)
|
||||||
|
+ throw RuntimeException("failed to limit allowed key data");
|
||||||
|
+
|
||||||
|
//Verify signature
|
||||||
|
//The documentation says that the signature is only valid if the return value is 0 (that is, not < 0)
|
||||||
|
//AND pDsigCtx->status == xmlSecDSigStatusSucceeded. That is, we must not make any assumptions, if
|
||||||
|
diff --git a/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx
|
||||||
|
index 827580b..8f4d6f8 100644
|
||||||
|
--- a/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx
|
||||||
|
+++ b/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx
|
||||||
|
@@ -19,6 +19,8 @@
|
||||||
|
|
||||||
|
#include <sal/config.h>
|
||||||
|
|
||||||
|
+#include <xmlsec/nss/x509.h>
|
||||||
|
+
|
||||||
|
#include <xmlelementwrapper_xmlsecimpl.hxx>
|
||||||
|
#include <xmlsec/xmlstreamio.hxx>
|
||||||
|
#include <xmlsec/errorcallback.hxx>
|
||||||
|
@@ -243,6 +245,10 @@ SAL_CALL XMLSignature_NssImpl::validate(
|
||||||
|
// We do certificate verification ourselves.
|
||||||
|
pDsigCtx->keyInfoReadCtx.flags |= XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS;
|
||||||
|
|
||||||
|
+ // limit possible key data to valid X509 certificates only, no KeyValues
|
||||||
|
+ if (xmlSecPtrListAdd(&(pDsigCtx->keyInfoReadCtx.enabledKeyData), BAD_CAST xmlSecNssKeyDataX509GetKlass()) < 0)
|
||||||
|
+ throw RuntimeException("failed to limit allowed key data");
|
||||||
|
+
|
||||||
|
//Verify signature
|
||||||
|
int rs = xmlSecDSigCtxVerify( pDsigCtx.get() , pNode );
|
||||||
|
|
||||||
|
--
|
||||||
|
2.33.1
|
||||||
|
|
@ -54,7 +54,7 @@ Summary: Free Software Productivity Suite
|
|||||||
Name: libreoffice
|
Name: libreoffice
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
Version: %{libo_version}.2
|
Version: %{libo_version}.2
|
||||||
Release: 10%{?libo_prerelease}%{?dist}
|
Release: 11%{?libo_prerelease}%{?dist}
|
||||||
License: (MPLv1.1 or LGPLv3+) and LGPLv3 and LGPLv2+ and BSD and (MPLv1.1 or GPLv2 or LGPLv2 or Netscape) and Public Domain and ASL 2.0 and MPLv2.0 and CC0
|
License: (MPLv1.1 or LGPLv3+) and LGPLv3 and LGPLv2+ and BSD and (MPLv1.1 or GPLv2 or LGPLv2 or Netscape) and Public Domain and ASL 2.0 and MPLv2.0 and CC0
|
||||||
URL: http://www.libreoffice.org/
|
URL: http://www.libreoffice.org/
|
||||||
|
|
||||||
@ -279,6 +279,7 @@ Patch35: 0001-Correctly-read-PNG-into-bitmaps-N32BitTcA.-formats-w.patch
|
|||||||
Patch36: 0001-Read-MOSDocumentLockFile-UTF-16-string-data-with-sam.patch
|
Patch36: 0001-Read-MOSDocumentLockFile-UTF-16-string-data-with-sam.patch
|
||||||
Patch37: 0001-Convert-attribute-value-to-UTF-8-when-passing-it-to-.patch
|
Patch37: 0001-Convert-attribute-value-to-UTF-8-when-passing-it-to-.patch
|
||||||
Patch38: 0001-Fix-endianness-issues-in-OOX-crypto-routines.patch
|
Patch38: 0001-Fix-endianness-issues-in-OOX-crypto-routines.patch
|
||||||
|
Patch39: 0001-CVE-2021-25636.patch
|
||||||
|
|
||||||
%if 0%{?rhel}
|
%if 0%{?rhel}
|
||||||
# not upstreamed
|
# not upstreamed
|
||||||
@ -2275,6 +2276,9 @@ done
|
|||||||
%{_includedir}/LibreOfficeKit
|
%{_includedir}/LibreOfficeKit
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Mar 07 2022 Caolán McNamara <caolanm@redhat.com> - 1:6.4.7.2-11
|
||||||
|
- Resolves: rhbz#2060559 CVE-2021-25636
|
||||||
|
|
||||||
* Mon Feb 07 2022 Caolán McNamara <caolanm@redhat.com> - 1:6.4.7.2-10
|
* Mon Feb 07 2022 Caolán McNamara <caolanm@redhat.com> - 1:6.4.7.2-10
|
||||||
- Related: rhbz#2029810 bump n-v-r
|
- Related: rhbz#2029810 bump n-v-r
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user