diff options
author | Sören Tempel <soeren+git@soeren-tempel.net> | 2018-06-10 20:40:38 +0200 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2018-08-16 16:52:42 +0200 |
commit | f98e469b6d7abeef7b518467b71cd523b0dbc6e1 (patch) | |
tree | 6a92162a1380a8ea9ddbaeb2c120006d0e181a3b | |
parent | 9e8163ee0315aa8fe5163b8bd01f757e4245414e (diff) | |
download | alpine_aports-f98e469b6d7abeef7b518467b71cd523b0dbc6e1.tar.bz2 alpine_aports-f98e469b6d7abeef7b518467b71cd523b0dbc6e1.tar.xz alpine_aports-f98e469b6d7abeef7b518467b71cd523b0dbc6e1.zip |
main/gnupg1: fix CVE-2018-12020
-rw-r--r-- | main/gnupg1/0001-gpg-Sanitize-diagnostic-with-the-original-file-name.patch | 41 | ||||
-rw-r--r-- | main/gnupg1/APKBUILD | 23 |
2 files changed, 56 insertions, 8 deletions
diff --git a/main/gnupg1/0001-gpg-Sanitize-diagnostic-with-the-original-file-name.patch b/main/gnupg1/0001-gpg-Sanitize-diagnostic-with-the-original-file-name.patch new file mode 100644 index 0000000000..3592fc5500 --- /dev/null +++ b/main/gnupg1/0001-gpg-Sanitize-diagnostic-with-the-original-file-name.patch | |||
@@ -0,0 +1,41 @@ | |||
1 | From 2326851c60793653069494379b16d84e4c10a0ac Mon Sep 17 00:00:00 2001 | ||
2 | From: Werner Koch <wk@gnupg.org> | ||
3 | Date: Fri, 8 Jun 2018 10:45:21 +0200 | ||
4 | Subject: [PATCH] gpg: Sanitize diagnostic with the original file name. | ||
5 | |||
6 | * g10/mainproc.c (proc_plaintext): Sanitize verbose output. | ||
7 | -- | ||
8 | |||
9 | This fixes a forgotten sanitation of user supplied data in a verbose | ||
10 | mode diagnostic. The mention CVE is about using this to inject | ||
11 | status-fd lines into the stderr output. Other harm good as well be | ||
12 | done. Note that GPGME based applications are not affected because | ||
13 | GPGME does not fold status output into stderr. | ||
14 | |||
15 | CVE-id: CVE-2018-12020 | ||
16 | GnuPG-bug-id: 4012 | ||
17 | (cherry picked from commit 13f135c7a252cc46cff96e75968d92b6dc8dce1b) | ||
18 | --- | ||
19 | g10/mainproc.c | 6 +++++- | ||
20 | 1 file changed, 5 insertions(+), 1 deletion(-) | ||
21 | |||
22 | diff --git a/g10/mainproc.c b/g10/mainproc.c | ||
23 | index 33a654b34..ffa7ef6d8 100644 | ||
24 | --- a/g10/mainproc.c | ||
25 | +++ b/g10/mainproc.c | ||
26 | @@ -638,7 +638,11 @@ proc_plaintext( CTX c, PACKET *pkt ) | ||
27 | if( pt->namelen == 8 && !memcmp( pt->name, "_CONSOLE", 8 ) ) | ||
28 | log_info(_("NOTE: sender requested \"for-your-eyes-only\"\n")); | ||
29 | else if( opt.verbose ) | ||
30 | - log_info(_("original file name='%.*s'\n"), pt->namelen, pt->name); | ||
31 | + { | ||
32 | + char *tmp = make_printable_string (pt->name, pt->namelen, 0); | ||
33 | + log_info (_("original file name='%.*s'\n"), (int)strlen (tmp), tmp); | ||
34 | + xfree (tmp); | ||
35 | + } | ||
36 | free_md_filter_context( &c->mfx ); | ||
37 | c->mfx.md = md_open( 0, 0); | ||
38 | /* fixme: we may need to push the textfilter if we have sigclass 1 | ||
39 | -- | ||
40 | 2.17.1 | ||
41 | |||
diff --git a/main/gnupg1/APKBUILD b/main/gnupg1/APKBUILD index 60469903b9..db58f6a67a 100644 --- a/main/gnupg1/APKBUILD +++ b/main/gnupg1/APKBUILD | |||
@@ -1,22 +1,28 @@ | |||
1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> | 1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> |
2 | pkgname=gnupg1 | 2 | pkgname=gnupg1 |
3 | pkgver=1.4.22 | 3 | pkgver=1.4.22 |
4 | pkgrel=0 | 4 | pkgrel=1 |
5 | pkgdesc="GNU Privacy Guard 1 - a PGP replacement tool" | 5 | pkgdesc="GNU Privacy Guard 1 - a PGP replacement tool" |
6 | url="http://www.gnupg.org/" | 6 | url="http://www.gnupg.org/" |
7 | arch="all" | 7 | arch="all" |
8 | license="GPL" | 8 | license="GPL" |
9 | depends="pinentry" | 9 | depends="pinentry" |
10 | makedepends="curl-dev libassuan libksba-dev libgcrypt-dev libgpg-error-dev | 10 | makedepends="curl-dev libassuan libksba-dev libgcrypt-dev libgpg-error-dev |
11 | zlib-dev libassuan-dev" | 11 | zlib-dev libassuan-dev" |
12 | subpackages="$pkgname-doc" | 12 | subpackages="$pkgname-doc" |
13 | provides="gnupg=$pkgver-r$pkgrel" | 13 | provides="gnupg=$pkgver-r$pkgrel" |
14 | replaces="gnupg" | 14 | replaces="gnupg" |
15 | source="ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-$pkgver.tar.bz2" | 15 | source="ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-$pkgver.tar.bz2 |
16 | 0001-gpg-Sanitize-diagnostic-with-the-original-file-name.patch" | ||
16 | 17 | ||
17 | _builddir="$srcdir/gnupg-$pkgver" | 18 | # secfixes: |
19 | # 1.4.22-r1: | ||
20 | # - CVE-2018-12020 | ||
21 | |||
22 | builddir="$srcdir/gnupg-$pkgver" | ||
18 | prepare() { | 23 | prepare() { |
19 | cd "$_builddir" | 24 | cd "$builddir" |
25 | default_prepare | ||
20 | 26 | ||
21 | # Fix PIC definitions | 27 | # Fix PIC definitions |
22 | sed -i -e 's:PIC:__PIC__:' \ | 28 | sed -i -e 's:PIC:__PIC__:' \ |
@@ -27,7 +33,7 @@ prepare() { | |||
27 | } | 33 | } |
28 | 34 | ||
29 | build() { | 35 | build() { |
30 | cd "$_builddir" | 36 | cd "$builddir" |
31 | export CFLAGS="$CFLAGS -g" | 37 | export CFLAGS="$CFLAGS -g" |
32 | ./configure \ | 38 | ./configure \ |
33 | --build=$CBUILD \ | 39 | --build=$CBUILD \ |
@@ -40,7 +46,7 @@ build() { | |||
40 | } | 46 | } |
41 | 47 | ||
42 | package() { | 48 | package() { |
43 | cd "$_builddir" | 49 | cd "$builddir" |
44 | make -j1 DESTDIR="$pkgdir" install | 50 | make -j1 DESTDIR="$pkgdir" install |
45 | } | 51 | } |
46 | 52 | ||
@@ -49,4 +55,5 @@ doc() { | |||
49 | provides="gnupg-doc=$pkgver-r$pkgrel" | 55 | provides="gnupg-doc=$pkgver-r$pkgrel" |
50 | } | 56 | } |
51 | 57 | ||
52 | sha512sums="c03acac0fa55761470bb085d78a44e2b99ebb187e8396cbb031a184b1e40bef2a40c91da07755d1a20610a3daa6aa1eefea2d12a0dbd5a79a45466166419c708 gnupg-1.4.22.tar.bz2" | 58 | sha512sums="c03acac0fa55761470bb085d78a44e2b99ebb187e8396cbb031a184b1e40bef2a40c91da07755d1a20610a3daa6aa1eefea2d12a0dbd5a79a45466166419c708 gnupg-1.4.22.tar.bz2 |
59 | 0fecf8735ed56380699d91ff739aac3cf4a8b0fc2b248e403fb8c1411b05ac701eaebed6898f37a13e45df53cab3c319deac05b18a74d40c19409652a500d32b 0001-gpg-Sanitize-diagnostic-with-the-original-file-name.patch" | ||