Backport patch for CVE-2026-1761
Resolves: RHEL-145672
This commit is contained in:
Michael Catanzaro
parent
97c1ca5c80
commit
d29b797ff5
32
CVE-2026-1761.patch
Normal file
32
CVE-2026-1761.patch
Normal file
@ -0,0 +1,32 @@
|
||||
From b8a709dd9da6724feea5ce632f666d53f335700f Mon Sep 17 00:00:00 2001
|
||||
From: Carlos Garcia Campos <cgarcia@igalia.com>
|
||||
Date: Mon, 19 Jan 2026 15:14:58 +0100
|
||||
Subject: [PATCH] multipart: check length of bytes read
|
||||
soup_filter_input_stream_read_until()
|
||||
|
||||
We do make sure the read length is smaller than the buffer length when
|
||||
the boundary is not found, but we should do the same when the boundary
|
||||
is found.
|
||||
|
||||
Spotted in #YWH-PGM9867-149
|
||||
Closes #493
|
||||
---
|
||||
libsoup/soup-filter-input-stream.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/libsoup/soup-filter-input-stream.c b/libsoup/soup-filter-input-stream.c
|
||||
index 2c30bf98..d46bff20 100644
|
||||
--- a/libsoup/soup-filter-input-stream.c
|
||||
+++ b/libsoup/soup-filter-input-stream.c
|
||||
@@ -272,6 +272,7 @@ soup_filter_input_stream_read_until (SoupFilterInputStream *fstream,
|
||||
if (eof && !*got_boundary)
|
||||
read_length = MIN (fstream->priv->buf->len, length);
|
||||
else
|
||||
- read_length = p - buf;
|
||||
+ read_length = MIN ((gsize)(p - buf), length);
|
||||
+
|
||||
return read_from_buf (fstream, buffer, read_length);
|
||||
}
|
||||
--
|
||||
2.52.0
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
Name: libsoup
|
||||
Version: 2.62.3
|
||||
Release: 12%{?dist}
|
||||
Release: 13%{?dist}
|
||||
Summary: Soup, an HTTP library implementation
|
||||
|
||||
License: LGPLv2
|
||||
@ -51,6 +51,8 @@ Patch0024: CVE-2025-14523.patch
|
||||
Patch0025: no-ntlm-in-fips-mode.patch
|
||||
# https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/494
|
||||
Patch0026: CVE-2026-0719.patch
|
||||
# https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/496
|
||||
Patch0027: CVE-2026-1761.patch
|
||||
|
||||
BuildRequires: chrpath
|
||||
BuildRequires: glib2-devel >= %{glib2_version}
|
||||
@ -125,6 +127,9 @@ chrpath --delete $RPM_BUILD_ROOT%{_libdir}/*.so
|
||||
%{_datadir}/vala/vapi/libsoup-2.4.vapi
|
||||
|
||||
%changelog
|
||||
* Mon Feb 02 2026 Michael Catanzaro <mcatanzaro@redhat.com> - 2.62.3-13
|
||||
- Backport patch for CVE-2026-1761
|
||||
|
||||
* Fri Jan 30 2026 Michael Catanzaro <mcatanzaro@redhat.com> - 2.62.3-12
|
||||
- Backport patch for CVE-2026-0719
|
||||
- Fix NTLM authentication test failures in FIPS mode
|
||||
|
||||
Loading…
Reference in New Issue
Block a user