MIRRORS/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2025-12-15 23:05:34 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

libsoup-2.4: fix CVE-2025-32912

Browse Source 
Refer:
https://gitlab.gnome.org/GNOME/libsoup/-/issues/434

Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Changqing Li 2025-06-13 14:54:35 +08:00 committed by Khem Raj
parent 2bf1705ee2
commit e9f7afcfb4
No known key found for this signature in database
GPG Key ID: BB053355919D3314
2 changed files with 33 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
meta-oe/recipes-support/libsoup/libsoup-2.4/CVE-2025-32912.patch Normal file
View File

@ -0,0 +1,32 @@
From 0984dddb11daf14fdf5ca24077cd0ebda796439a Mon Sep 17 00:00:00 2001
From: Changqing Li <changqing.li@windriver.com>
Date: Fri, 16 May 2025 13:25:32 +0800
Subject: [PATCH] auth-digest: Handle missing nonce
CVE: CVE-2025-32912
Upstream-Status: Backport
[https://gitlab.gnome.org/GNOME/libsoup/-/commit/cd077513f267e43ce4b659eb18a1734d8a369992?merge_request_iid=434
https://gitlab.gnome.org/GNOME/libsoup/-/commit/910ebdcd3dd82386717a201c13c834f3a63eed7f]
Signed-off-by: Changqing Li <changqing.li@windriver.com>
---
libsoup/soup-auth-digest.c | 2 +-
1 files changed, 1 insertions(+), 1 deletion(-)
diff --git a/libsoup/soup-auth-digest.c b/libsoup/soup-auth-digest.c
index 6d965d2..f1621ec 100644
--- a/libsoup/soup-auth-digest.c
+++ b/libsoup/soup-auth-digest.c
@@ -156,7 +156,7 @@ soup_auth_digest_update (SoupAuth *auth, SoupMessage *msg,
guint qop_options;
gboolean ok = TRUE;
- if (!soup_auth_get_realm (auth))
+ if (!soup_auth_get_realm (auth) || !g_hash_table_lookup (auth_params, "nonce"))
return FALSE;
g_free (priv->domain);
--
2.34.1

1
meta-oe/recipes-support/libsoup/libsoup-2.4_2.74.3.bb
View File

@ -32,6 +32,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
file://CVE-2025-32910-1.patch \ file://CVE-2025-32910-1.patch \
file://CVE-2025-32910-2.patch \ file://CVE-2025-32910-2.patch \
file://CVE-2025-32910-3.patch \ file://CVE-2025-32910-3.patch \
file://CVE-2025-32912.patch \
" "
SRC_URI[sha256sum] = "e4b77c41cfc4c8c5a035fcdc320c7bc6cfb75ef7c5a034153df1413fa1d92f13" SRC_URI[sha256sum] = "e4b77c41cfc4c8c5a035fcdc320c7bc6cfb75ef7c5a034153df1413fa1d92f13"