From 7af4d29cc43df5ee4b8c43e29a7d799aa7034600 Mon Sep 17 00:00:00 2001 From: Kalev Lember Date: Thu, 28 Jun 2018 19:46:44 +0200 Subject: [PATCH] Backport an upstream patch for CVE-2018-12910 --- ...-bail-if-hostname-is-an-empty-string.patch | 29 +++++++++++++++++++ libsoup.spec | 9 ++++-- 2 files changed, 36 insertions(+), 2 deletions(-) create mode 100644 0001-cookie-jar-bail-if-hostname-is-an-empty-string.patch diff --git a/0001-cookie-jar-bail-if-hostname-is-an-empty-string.patch b/0001-cookie-jar-bail-if-hostname-is-an-empty-string.patch new file mode 100644 index 0000000..843b2e6 --- /dev/null +++ b/0001-cookie-jar-bail-if-hostname-is-an-empty-string.patch @@ -0,0 +1,29 @@ +From db2b0d5809d5f8226d47312b40992cadbcde439f Mon Sep 17 00:00:00 2001 +From: Michael Catanzaro +Date: Sun, 24 Jun 2018 19:46:19 -0500 +Subject: [PATCH] cookie-jar: bail if hostname is an empty string + +There are several other ways to fix the problem with this function, but +skipping over all of the code is probably the simplest. + +Fixes #3 +--- + libsoup/soup-cookie-jar.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libsoup/soup-cookie-jar.c b/libsoup/soup-cookie-jar.c +index 2369c8a..b2b7890 100644 +--- a/libsoup/soup-cookie-jar.c ++++ b/libsoup/soup-cookie-jar.c +@@ -307,7 +307,7 @@ get_cookies (SoupCookieJar *jar, SoupURI *uri, gboolean for_http, gboolean copy_ + + priv = soup_cookie_jar_get_instance_private (jar); + +- if (!uri->host) ++ if (!uri->host || !uri->host[0]) + return NULL; + + /* The logic here is a little weird, but the plan is that if +-- +2.17.1 + diff --git a/libsoup.spec b/libsoup.spec index ed8c82a..a346407 100644 --- a/libsoup.spec +++ b/libsoup.spec @@ -2,12 +2,14 @@ Name: libsoup Version: 2.62.2 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Soup, an HTTP library implementation License: LGPLv2 URL: https://wiki.gnome.org/Projects/libsoup Source0: https://download.gnome.org/sources/%{name}/2.62/%{name}-%{version}.tar.xz +# Backported from upstream +Patch0: 0001-cookie-jar-bail-if-hostname-is-an-empty-string.patch BuildRequires: chrpath BuildRequires: glib2-devel >= %{glib2_version} @@ -42,7 +44,7 @@ Libsoup is an HTTP library implementation in C. This package allows you to develop applications that use the libsoup library. %prep -%setup -q +%autosetup -p1 %build %configure --disable-static @@ -81,6 +83,9 @@ chrpath --delete $RPM_BUILD_ROOT%{_libdir}/*.so %{_datadir}/vala/vapi/libsoup-2.4.vapi %changelog +* Thu Jun 28 2018 Kalev Lember - 2.62.2-2 +- Backport an upstream patch for CVE-2018-12910 + * Tue May 08 2018 Kalev Lember - 2.62.2-1 - Update to 2.62.2