aboutsummaryrefslogtreecommitdiffstats
path: root/main
diff options
context:
space:
mode:
Diffstat (limited to 'main')
-rw-r--r--main/gnupg/APKBUILD6
-rw-r--r--main/gnupg/CVE-2022-34903.patch41
2 files changed, 46 insertions, 1 deletions
diff --git a/main/gnupg/APKBUILD b/main/gnupg/APKBUILD
index 1142f0067c..fa535538a5 100644
--- a/main/gnupg/APKBUILD
+++ b/main/gnupg/APKBUILD
@@ -3,7 +3,7 @@
pkgname=gnupg
pkgver=2.2.31
_ver=${pkgver/_beta/-beta}
-pkgrel=0
+pkgrel=1
pkgdesc="GNU Privacy Guard 2 - a PGP replacement tool"
url="https://www.gnupg.org/"
arch="all"
@@ -14,6 +14,7 @@ makedepends="gnutls-dev libksba-dev libgcrypt-dev libgpg-error-dev
sqlite-dev libusb-dev"
subpackages="$pkgname-doc $pkgname-scdaemon"
source="https://gnupg.org/ftp/gcrypt/gnupg/gnupg-$_ver.tar.bz2
+ CVE-2022-34903.patch
0001-Include-sys-select.h-for-FD_SETSIZE.patch
fix-i18n.patch
60-scdaemon.rules
@@ -21,6 +22,8 @@ source="https://gnupg.org/ftp/gcrypt/gnupg/gnupg-$_ver.tar.bz2
install="$pkgname-scdaemon.pre-install"
# secfixes:
+# 2.2.31-r1:
+# - CVE-2022-34903
# 2.2.23-r0:
# - CVE-2020-25125
# 2.2.18-r0:
@@ -76,6 +79,7 @@ scdaemon() {
sha512sums="
2f6fa200e08d6b8993b482e5825bea6083afc8686c4e1ae80386b36ae49e1c2d73066c508edaa359a7794cb26ba7a00f81555a906fa422d1117e41415cfa2fea gnupg-2.2.31.tar.bz2
+658d5ff636f9b45de7501895c299146633c30bc249f94664573ecf847779ea27be853244ceb2cc0e95c0c56253bbb6ccff509027b23f20f003aa018235211a4d CVE-2022-34903.patch
c6cc4595081c5b025913fa3ebecf0dff87a84f3c669e3fef106e4fa040f1d4314ee52dd4c0e0002b213034fb0810221cfdd0033eae5349b6e3978f05d08bcac7 0001-Include-sys-select.h-for-FD_SETSIZE.patch
b19a44dacf061dd02b439ab8bd820e3c721aab77168f705f5ce65661f26527b03ea88eec16d78486a633c474120589ec8736692ebff57ab9b95f52f57190ba6b fix-i18n.patch
4bfb9742279c2d1c872d63cd4bcb01f6a2a13d94618eff954d3a37451fa870a9bb29687330854ee47e8876d6e60dc81cb2569c3931beaefacda33db23c464402 60-scdaemon.rules
diff --git a/main/gnupg/CVE-2022-34903.patch b/main/gnupg/CVE-2022-34903.patch
new file mode 100644
index 0000000000..20bb9a2371
--- /dev/null
+++ b/main/gnupg/CVE-2022-34903.patch
@@ -0,0 +1,41 @@
+g10: Fix garbled status messages in NOTATION_DATA
+
+* g10/cpr.c (write_status_text_and_buffer): Fix off-by-one
+--
+
+Depending on the escaping and line wrapping the computed remaining
+buffer length could be wrong. Fixed by always using a break to
+terminate the escape detection loop. Might have happened for all
+status lines which may wrap.
+
+GnuPG-bug-id: T6027
+
+diff --git a/g10/cpr.c b/g10/cpr.c
+index d502e8b52..bc4b715ed 100644
+--- a/g10/cpr.c
++++ b/g10/cpr.c
+@@ -328,20 +328,15 @@ write_status_text_and_buffer (int no, const char *string,
+ }
+ first = 0;
+ }
+- for (esc=0, s=buffer, n=len; n && !esc; s++, n--)
++ for (esc=0, s=buffer, n=len; n; s++, n--)
+ {
+ if (*s == '%' || *(const byte*)s <= lower_limit
+ || *(const byte*)s == 127 )
+ esc = 1;
+ if (wrap && ++count > wrap)
+- {
+- dowrap=1;
+- break;
+- }
+- }
+- if (esc)
+- {
+- s--; n++;
++ dowrap=1;
++ if (esc || dowrap)
++ break;
+ }
+ if (s != buffer)
+ es_fwrite (buffer, s-buffer, 1, statusfp);