[gpgme/f21] CVE-2014-3564, rhbz#1125170, gpgme-1.3.2-bufferoverflow.patch

Frantisek Kluknavsky fkluknav at fedoraproject.org
Sat Dec 6 04:14:52 UTC 2014 

commit 950ea8dff2f39528a6b5f23afdd57d3695906d71
Author: Frantisek Kluknavsky <fkluknav at redhat.com>
Date:   Sat Dec 6 05:01:09 2014 +0100

    CVE-2014-3564, rhbz#1125170, gpgme-1.3.2-bufferoverflow.patch

 gpgme-1.3.2-bufferoverflow.patch |   26 ++++++++++++++++++++++++++
 gpgme.spec                       |    8 +++++++-
 2 files changed, 33 insertions(+), 1 deletions(-)
---
diff --git a/gpgme-1.3.2-bufferoverflow.patch b/gpgme-1.3.2-bufferoverflow.patch
new file mode 100644
index 0000000..f99f555
--- /dev/null
+++ b/gpgme-1.3.2-bufferoverflow.patch
@@ -0,0 +1,26 @@
+diff -up wrk/src/engine-gpgsm.c.wrk wrk/src/engine-gpgsm.c
+--- wrk/src/engine-gpgsm.c.wrk	2014-12-06 04:22:35.944109162 +0100
++++ wrk/src/engine-gpgsm.c	2014-12-06 04:24:15.127086534 +0100
+@@ -834,7 +834,8 @@ status_handler (void *opaque, int fd)
+ 	      else
+ 		{
+ 		  *aline = newline;
+-		  gpgsm->colon.attic.linesize += linelen + 1;
++		  //  gpgsm->colon.attic.linesize += linelen + 1; - cherrypicked security fix
++		  gpgsm->colon.attic.linesize = *alinelen + linelen + 1;
+ 		}
+ 	    }
+ 	  if (!err)
+diff -up wrk/src/engine-uiserver.c.wrk wrk/src/engine-uiserver.c
+--- wrk/src/engine-uiserver.c.wrk	2014-12-06 04:24:32.200254777 +0100
++++ wrk/src/engine-uiserver.c	2014-12-06 04:25:16.718693472 +0100
+@@ -699,7 +699,8 @@ status_handler (void *opaque, int fd)
+ 	      else
+ 		{
+ 		  *aline = newline;
+-		  uiserver->colon.attic.linesize += linelen + 1;
++		  //uiserver->colon.attic.linesize += linelen + 1; - cherrypicked security fix
++		  uiserver->colon.attic.linesize = *alinelen + linelen + 1;
+ 		}
+ 	    }
+ 	  if (!err)
diff --git a/gpgme.spec b/gpgme.spec
index 0d2486d..c50feeb 100644
--- a/gpgme.spec
+++ b/gpgme.spec
@@ -5,7 +5,7 @@
 Name:    gpgme
 Summary: GnuPG Made Easy - high level crypto API
 Version: 1.4.3
-Release: 4%{?dist}
+Release: 5%{?dist}
 
 License: LGPLv2+
 URL:     http://www.gnupg.org/related_software/gpgme/
@@ -22,6 +22,8 @@ Patch2: gpgme-1.4.3-no_gpgsm_t-verify.patch
 # add -D_FILE_OFFSET_BITS... to gpgme-config, upstreamable
 Patch3:  gpgme-1.3.2-largefile.patch
 
+Patch4: gpgme-1.3.2-bufferoverflow.patch
+
 BuildRequires: gawk
 # see patch2 above, else we only need 2.0.4
 BuildRequires: gnupg2 >= 2.0.22
@@ -61,6 +63,7 @@ Requires(postun): /sbin/install-info
 %patch1 -p1 -b .config_extras
 #patch2 -p1 -b .no_gpgsm_t-verify
 %patch3 -p1 -b .largefile
+%patch4 -p1 -b .overflow
 
 ## HACK ALERT
 # The config script already suppresses the -L if it's /usr/lib, so cheat and
@@ -134,6 +137,9 @@ fi
 
 
 %changelog
+* Sat Dec 06 2014 Frantisek Kluknavsky <fkluknav at redhat.com> - 1.4.3-5
+- CVE-2014-3564, rhbz#1125170, gpgme-1.3.2-bufferoverflow.patch
+
 * Sat Aug 16 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.4.3-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild

More information about the scm-commits mailing list