packages/fwupd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!14 [sync] PR-13: fix CVE-2020-10759

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @gitee-cmd 
Signed-off-by: @gitee-cmd
This commit is contained in:
openeuler-ci-bot 2022-07-27 10:23:22 +00:00 committed by Gitee
commit 4b15a49dd0
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
3 changed files with 59 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
0002-Compilation-failure-due-to-assertion-error.patch Normal file
View File

@ -0,0 +1,35 @@
diff -Naru fwupd-1.2.9/src/fu-self-test.c fwupd-1.2.9-new/src/fu-self-test.c
--- fwupd-1.2.9/src/fu-self-test.c 2019-05-20 18:18:00.000000000 +0800
+++ fwupd-1.2.9-new/src/fu-self-test.c 2022-07-25 11:22:05.787729000 +0800
@@ -2823,23 +2823,6 @@
g_assert_cmpint (lines, ==, 6);
}
-static void
-fu_common_spawn_timeout_func (void)
-{
- gboolean ret;
- guint lines = 0;
- g_autoptr(GError) error = NULL;
- g_autofree gchar *fn = NULL;
- const gchar *argv[3] = { "replace", "test", NULL };
-
- fn = fu_test_get_filename (TESTDATADIR, "spawn.sh");
- g_assert (fn != NULL);
- argv[0] = fn;
- ret = fu_common_spawn_sync (argv, fu_test_stdout_cb, &lines, 50, NULL, &error);
- g_assert_error (error, G_IO_ERROR, G_IO_ERROR_CANCELLED);
- g_assert (!ret);
- g_assert_cmpint (lines, ==, 1);
-}
static void
fu_progressbar_func (void)
@@ -3751,7 +3734,6 @@
g_test_add_func ("/fwupd/common{cab-error-missing-file}", fu_common_store_cab_error_missing_file_func);
g_test_add_func ("/fwupd/common{cab-error-size}", fu_common_store_cab_error_size_func);
g_test_add_func ("/fwupd/common{spawn)", fu_common_spawn_func);
- g_test_add_func ("/fwupd/common{spawn-timeout)", fu_common_spawn_timeout_func);
g_test_add_func ("/fwupd/common{firmware-builder}", fu_common_firmware_builder_func);
return g_test_run ();
}

17
CVE-2020-10759.patch Normal file
View File

@ -0,0 +1,17 @@
diff -Naru fwupd-1.2.9/src/fu-keyring-gpg.c fwupd-1.2.9-new/src/fu-keyring-gpg.c
--- fwupd-1.2.9/src/fu-keyring-gpg.c 2019-05-20 18:18:00.000000000 +0800
+++ fwupd-1.2.9-new/src/fu-keyring-gpg.c 2022-07-25 10:51:37.434242000 +0800
@@ -297,6 +297,13 @@
"no result record from libgpgme");
return NULL;
}
+ if (result->signatures == NULL) {
+ g_set_error_literal (error,
+ FWUPD_ERROR,
+ FWUPD_ERROR_INTERNAL,
+ "no signatures from libgpgme");
+ return NULL;
+ }
/* look at each signature */
for (s = result->signatures; s != NULL ; s = s->next ) {

8
fwupd.spec
View File

@ -9,7 +9,7 @@
Name: fwupd
Version: 1.2.9
Release: 3
Release: 4
Summary: Make updating firmware on Linux automatic, safe and reliable
License: LGPLv2+
URL: https://github.com/fwupd/fwupd/releases
@ -18,6 +18,8 @@ Source0: http://people.freedesktop.org/~hughsient/releases/%{name}-%{vers
#Self-tests are failing due to an expired cert #1264
Patch0000: 0001-Relax-the-certificate-time-checks-in-the-self-tests-.patch
Patch6000: Set-polling-self-tests-to-slow.patch
Patch0002: 0002-Compilation-failure-due-to-assertion-error.patch
Patch0003: CVE-2020-10759.patch
BuildRequires: gettext glib2-devel libxmlb-devel valgrind valgrind-devel libgcab1-devel
BuildRequires: gpgme-devel libgudev1-devel libgusb-devel libsoup-devel polkit-devel sqlite-devel libxslt
@ -175,6 +177,10 @@ mkdir -pm 0700 %{buildroot}%{_localstatedir}/lib/%{name}/gnupg
%{_datadir}/man/man1/*
%changelog
* Thu Jul 14 2022 yangweidong <yangweidong9@huawei.com> - 1.2.9-4
- Solve 0002-Compilation-failure-due-to-assertion-error
- Fix CVE-2020-10759.patch
* Sun Jun 28 2020 huanghaitao <huanghaitao@huawei.com> - 1.2.9-3
- Solve build problem with check