Skip to content
GitLab
Explore
Sign in
Register
Primary navigation
Search or go to…
Project
aports
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Model registry
Monitor
Service Desk
Analyze
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
alpine
aports
Commits
1c0a19ab
Verified
Commit
1c0a19ab
authored
2 years ago
by
J0WI
Committed by
alice
2 years ago
Browse files
Options
Downloads
Patches
Plain Diff
main/gnupg: patch CVE-2022-34903
parent
19470e4b
No related branches found
No related tags found
No related merge requests found
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
main/gnupg/APKBUILD
+5
-1
5 additions, 1 deletion
main/gnupg/APKBUILD
main/gnupg/CVE-2022-34903.patch
+41
-0
41 additions, 0 deletions
main/gnupg/CVE-2022-34903.patch
with
46 additions
and
1 deletion
main/gnupg/APKBUILD
+
5
−
1
View file @
1c0a19ab
...
...
@@ -3,7 +3,7 @@
pkgname
=
gnupg
pkgver
=
2.2.31
_ver
=
${
pkgver
/_beta/-beta
}
pkgrel
=
0
pkgrel
=
1
pkgdesc
=
"GNU Privacy Guard 2 - a PGP replacement tool"
url
=
"https://www.gnupg.org/"
arch
=
"all"
...
...
@@ -14,6 +14,7 @@ makedepends="gnutls-dev libksba-dev libgcrypt-dev libgpg-error-dev
sqlite-dev libusb-dev"
subpackages
=
"
$pkgname
-doc
$pkgname
-scdaemon"
source
=
"https://gnupg.org/ftp/gcrypt/gnupg/gnupg-
$_ver
.tar.bz2
CVE-2022-34903.patch
0001-Include-sys-select.h-for-FD_SETSIZE.patch
fix-i18n.patch
60-scdaemon.rules
...
...
@@ -21,6 +22,8 @@ source="https://gnupg.org/ftp/gcrypt/gnupg/gnupg-$_ver.tar.bz2
install
=
"
$pkgname
-scdaemon.pre-install"
# secfixes:
# 2.2.31-r1:
# - CVE-2022-34903
# 2.2.23-r0:
# - CVE-2020-25125
# 2.2.18-r0:
...
...
@@ -76,6 +79,7 @@ scdaemon() {
sha512sums
=
"
2f6fa200e08d6b8993b482e5825bea6083afc8686c4e1ae80386b36ae49e1c2d73066c508edaa359a7794cb26ba7a00f81555a906fa422d1117e41415cfa2fea gnupg-2.2.31.tar.bz2
658d5ff636f9b45de7501895c299146633c30bc249f94664573ecf847779ea27be853244ceb2cc0e95c0c56253bbb6ccff509027b23f20f003aa018235211a4d CVE-2022-34903.patch
c6cc4595081c5b025913fa3ebecf0dff87a84f3c669e3fef106e4fa040f1d4314ee52dd4c0e0002b213034fb0810221cfdd0033eae5349b6e3978f05d08bcac7 0001-Include-sys-select.h-for-FD_SETSIZE.patch
b19a44dacf061dd02b439ab8bd820e3c721aab77168f705f5ce65661f26527b03ea88eec16d78486a633c474120589ec8736692ebff57ab9b95f52f57190ba6b fix-i18n.patch
4bfb9742279c2d1c872d63cd4bcb01f6a2a13d94618eff954d3a37451fa870a9bb29687330854ee47e8876d6e60dc81cb2569c3931beaefacda33db23c464402 60-scdaemon.rules
...
...
This diff is collapsed.
Click to expand it.
main/gnupg/CVE-2022-34903.patch
0 → 100644
+
41
−
0
View file @
1c0a19ab
g10: Fix garbled status messages in NOTATION_DATA
* g10/cpr.c (write_status_text_and_buffer): Fix off-by-one
--
Depending on the escaping and line wrapping the computed remaining
buffer length could be wrong. Fixed by always using a break to
terminate the escape detection loop. Might have happened for all
status lines which may wrap.
GnuPG-bug-id: T6027
diff --git a/g10/cpr.c b/g10/cpr.c
index d502e8b52..bc4b715ed 100644
--- a/g10/cpr.c
+++ b/g10/cpr.c
@@ -328,20 +328,15 @@
write_status_text_and_buffer (int no, const char *string,
}
first = 0;
}
- for (esc=0, s=buffer, n=len; n && !esc; s++, n--)
+ for (esc=0, s=buffer, n=len; n; s++, n--)
{
if (*s == '%' || *(const byte*)s <= lower_limit
|| *(const byte*)s == 127 )
esc = 1;
if (wrap && ++count > wrap)
- {
- dowrap=1;
- break;
- }
- }
- if (esc)
- {
- s--; n++;
+ dowrap=1;
+ if (esc || dowrap)
+ break;
}
if (s != buffer)
es_fwrite (buffer, s-buffer, 1, statusfp);
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment