fix CVE-2020-25125
This commit is contained in:
yixiangzhike
parent
f825478ea0
commit
a76bcb988b
35
backport-CVE-2020-25125.patch
Normal file
35
backport-CVE-2020-25125.patch
Normal file
@ -0,0 +1,35 @@
|
||||
From aeb8272ca8aad403a4baac33b8d5673719cfd8f0 Mon Sep 17 00:00:00 2001
|
||||
From: Werner Koch <wk@gnupg.org>
|
||||
Date: Thu, 3 Sep 2020 15:22:00 +0200
|
||||
Subject: [PATCH] gpg: Fix AEAD preference list overflow
|
||||
|
||||
* g10/getkey.c (fixup_uidnode): Increase size of prefs array.
|
||||
--
|
||||
|
||||
GnuPG-bug-id: 5050
|
||||
Fixes-commit: ab7a0b07024c432233e691b5e4be7e32baf8d80f
|
||||
which introduced a feature to show the AEAD preferences of keys
|
||||
created with rfc4880bis capable software (e.g. GnuPG 2.3-beta).
|
||||
The same code in 2.3 is correct, though.
|
||||
|
||||
Signed-off-by: Werner Koch <wk@gnupg.org>
|
||||
---
|
||||
g10/getkey.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/g10/getkey.c b/g10/getkey.c
|
||||
index 3d0dd0b..3f0a692 100644
|
||||
--- a/g10/getkey.c
|
||||
+++ b/g10/getkey.c
|
||||
@@ -2481,7 +2481,7 @@ fixup_uidnode (KBNODE uidnode, KBNODE signode, u32 keycreated)
|
||||
nzip = p ? n : 0;
|
||||
if (uid->prefs)
|
||||
xfree (uid->prefs);
|
||||
- n = nsym + nhash + nzip;
|
||||
+ n = nsym + naead + nhash + nzip;
|
||||
if (!n)
|
||||
uid->prefs = NULL;
|
||||
else
|
||||
--
|
||||
1.8.3.1
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
Name: gnupg2
|
||||
Version: 2.2.21
|
||||
Release: 1
|
||||
Release: 2
|
||||
Summary: Utility for secure communication and data storage
|
||||
|
||||
License: GPLv3+
|
||||
@ -16,9 +16,10 @@ Patch5: gnupg-2.1.21-large-rsa.patch
|
||||
Patch6: gnupg-2.2.16-ocsp-keyusage.patch
|
||||
Patch7: gnupg-2.2.18-gpg-accept-subkeys-with-a-good-revocation-but-no-self-sig.patch
|
||||
Patch8: gnupg-2.2.18-gpg-allow-import-of-previously-known-keys-even-without-UI.patch
|
||||
patch9: gnupg-2.2.18-tests-add-test-cases-for-import-without-uid.patch
|
||||
Patch9: gnupg-2.2.18-tests-add-test-cases-for-import-without-uid.patch
|
||||
Patch10: gnupg-2.2.20-file-is-digest.patch
|
||||
Patch11: gnupg-2.2.21-coverity.patch
|
||||
Patch12: backport-CVE-2020-25125.patch
|
||||
|
||||
BuildRequires: zlib-devel, npth-devel, gdb, texinfo
|
||||
BuildRequires: libgpg-error-devel >= 1.31
|
||||
@ -113,6 +114,9 @@ make check
|
||||
|
||||
|
||||
%changelog
|
||||
* Mon Dec 28 2020 yixiangzhike <zhangxingliang3@huawei.com> - 2.2.21-2
|
||||
- fix CVE-2020-25125
|
||||
|
||||
* Mon Aug 24 2020 yangzhuangzhuang <yangzhuangzhuang1@huawei.com> - 2.2.21-1
|
||||
- update version to 2.2.21
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user