34 lines
1.1 KiB
Diff
34 lines
1.1 KiB
Diff
From a7d3d5cbf64647c1ed8978b2a33a3be35f888129 Mon Sep 17 00:00:00 2001
|
|
From: "Douglas R. Reno" <renodr@linuxfromscratch.org>
|
|
Date: Wed, 15 Sep 2021 17:40:00 +0000
|
|
Subject: [PATCH] Fix CVE-2021-39358 by forcing TLS certificate
|
|
validation
|
|
|
|
This is similar to the fix performed in other packages. See
|
|
https://gitlab.gnome.org/Teams/Releng/security/-/issues/57 for more
|
|
details.
|
|
|
|
Tested on Linux From Scratch 11.0 and on Debian 11.
|
|
|
|
Fixes #17
|
|
|
|
---
|
|
gfbgraph/gfbgraph-photo.c | 1 +
|
|
1 file changed, 1 insertion(+)
|
|
|
|
diff --git a/gfbgraph/gfbgraph-photo.c b/gfbgraph/gfbgraph-photo.c
|
|
index 1e8955c..f6281a6 100644
|
|
--- a/gfbgraph/gfbgraph-photo.c
|
|
+++ b/gfbgraph/gfbgraph-photo.c
|
|
@@ -424,6 +424,7 @@ gfbgraph_photo_download_default_size (GFBGraphPhoto *photo, GFBGraphAuthorizer *
|
|
|
|
session = soup_session_sync_new ();
|
|
requester = soup_requester_new ();
|
|
+ g_object_set (G_OBJECT (session), "ssl-use-system-ca-file", TRUE, NULL);
|
|
soup_session_add_feature (session, SOUP_SESSION_FEATURE (requester));
|
|
|
|
request = soup_requester_request (requester, priv->source, error);
|
|
--
|
|
2.27.0
|
|
|