aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAriadne Conill <ariadne@dereferenced.org>2021-06-03 14:14:55 -0600
committerAriadne Conill <ariadne@dereferenced.org>2021-06-03 14:14:55 -0600
commit74c31d2fab361c7d1583054653f296aed19ada0c (patch)
tree06fadbf8e533499cc61ef91bd4729520774d93f3
parent7f631fbda76500d5658af0d6b60ecfe39aba9438 (diff)
downloadaports-74c31d2fab361c7d1583054653f296aed19ada0c.tar.gz
aports-74c31d2fab361c7d1583054653f296aed19ada0c.tar.bz2
aports-74c31d2fab361c7d1583054653f296aed19ada0c.tar.xz
community/networkmanager-elogind: add mitigation for CVE-2021-20297
-rw-r--r--community/networkmanager-elogind/APKBUILD14
-rw-r--r--community/networkmanager-elogind/CVE-2021-20297.patch13
2 files changed, 24 insertions, 3 deletions
diff --git a/community/networkmanager-elogind/APKBUILD b/community/networkmanager-elogind/APKBUILD
index 00a35e63e8..958aeef2d2 100644
--- a/community/networkmanager-elogind/APKBUILD
+++ b/community/networkmanager-elogind/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: Rasmus Thomsen <oss@cogitri.dev>
pkgname=networkmanager-elogind
pkgver=1.26.6
-pkgrel=0
+pkgrel=1
pkgdesc="Network Management daemon (with elogind hibernation support)"
url="https://wiki.gnome.org/Projects/NetworkManager"
arch="all !mips !mips64 !s390x" # polkit
@@ -57,6 +57,7 @@ source="$pkgname-$pkgver.tar.xz::https://download.gnome.org/sources/NetworkManag
musl-no-drand.patch
py3.patch
reallocarray.patch
+ CVE-2021-20297.patch
"
options="!check" # fail to compile on musl
provides="networkmanager"
@@ -65,6 +66,10 @@ install_if="networkmanager elogind"
builddir="$srcdir"/NetworkManager-$pkgver
+# secfixes:
+# 1.26.6-r1:
+# - CVE-2021-20297
+
build() {
abuild-meson \
-Dsystemdsystemunitdir=no \
@@ -144,7 +149,8 @@ bashcomp() {
amove usr/share/bash-completion
}
-sha512sums="f43869473bf625be270e3781a77310a877a8e945df08a6f9e668bb66fe173615e990fd9b3011c1c7b3aa23a9007db99c2f06c67f1185f7547771a816b06caf64 networkmanager-elogind-1.26.6.tar.xz
+sha512sums="
+f43869473bf625be270e3781a77310a877a8e945df08a6f9e668bb66fe173615e990fd9b3011c1c7b3aa23a9007db99c2f06c67f1185f7547771a816b06caf64 networkmanager-elogind-1.26.6.tar.xz
0f79016bf717dea43830962f524deae8d1cedc274376e40bd912ebe63208c5b1c3b7a5aa14379da19020c587dbd5588df2f0066ca1540070a226983a43e4159b networkmanager.conf
5ac6d11b588c479de9c7e1fef79ed0a2c04dc159a2173636a6a77a2867c839cc1609860756109e9e794f23a02238a6d94834d8fb6fcb81a6be3ef1dbf4a34e6f networkmanager.initd
9820ed2ead0af689644842de57657bb10330a1eaff0e85b21ae9913f55e399e47d8b41b0a12956f30de80272b4424c6e55f33acbc88e156879003a260bf576f6 networkmanager.rules
@@ -156,4 +162,6 @@ b5cd94928ca3ba1fb71aec28d9ff66f319f6d23131e02c90f1dfbfaf16c537935228a9981c95f29f
634377674691b52da80ca4c445a727d39cd40269f7deef0d3ccc1e1041cc262e8bc1423200e9a2b0cf1804e9950059ebbbc827f1200c6a97c58bc76080a6d6d2 musl-compar.patch
342fb3eef0e7057b6d8f1a00687af17dc633387d8a25d475e3e9c8de5712221eec8ada634a189e3458dcbb12b20625b99b552acda3927b5baa61b960ce5740eb musl-no-drand.patch
8f7bb0128881cd281f4f9b2335d9788cde715d9fc29c295bad234b97a2df9e5ed99061da4806702d9ab8aa163711ffa283e82216ea8d714bb54d2b37aa2607cb py3.patch
-423c97e0c08c53959f94c6e4de6388a0295b57f2d6404dca748bde82985e3eb25d1061ecb29ef7b568aa292b0169478c85f3c350206c34aafaa2ee99c4a6dc5f reallocarray.patch"
+423c97e0c08c53959f94c6e4de6388a0295b57f2d6404dca748bde82985e3eb25d1061ecb29ef7b568aa292b0169478c85f3c350206c34aafaa2ee99c4a6dc5f reallocarray.patch
+a59bf394d643e6570991e93c466c012a968415e27d9614ea26826d701a79a5e0b0a4acc6b4307caf6a48e381e4980cdca7518666cf340ee91ec20157305660af CVE-2021-20297.patch
+"
diff --git a/community/networkmanager-elogind/CVE-2021-20297.patch b/community/networkmanager-elogind/CVE-2021-20297.patch
new file mode 100644
index 0000000000..5906c2a534
--- /dev/null
+++ b/community/networkmanager-elogind/CVE-2021-20297.patch
@@ -0,0 +1,13 @@
+diff -urN NetworkManager-1.26.6.orig/src/nm-core-utils.c NetworkManager-1.26.6/src/nm-core-utils.c
+--- NetworkManager-1.26.6.orig/src/nm-core-utils.c 2021-06-03 14:10:00.375398397 -0600
++++ NetworkManager-1.26.6/src/nm-core-utils.c 2021-06-03 14:10:35.298882064 -0600
+@@ -1759,7 +1759,8 @@
+
+ _pattern_parse (patterns[i], &p, &is_inverted, &is_mandatory);
+
+- match = (fnmatch (p, str, 0) == 0);
++ match = (fnmatch (p, str ?: "", 0) == 0);
++
+ if (is_inverted)
+ match = !match;
+