diff --git a/0016-bugfix-for-CVE-2025-4476.patch b/0016-bugfix-for-CVE-2025-4476.patch new file mode 100644 index 0000000000000000000000000000000000000000..3df98244a68d62553d0e32e511c3b80e829de70c --- /dev/null +++ b/0016-bugfix-for-CVE-2025-4476.patch @@ -0,0 +1,32 @@ +From e64c221f9c7d09b48b610c5626b3b8c400f0907c Mon Sep 17 00:00:00 2001 +From: Michael Catanzaro +Date: Thu, 8 May 2025 09:27:01 -0500 +Subject: [PATCH] auth-digest: fix crash in + soup_auth_digest_get_protection_space() + +We need to validate the Domain parameter in the WWW-Authenticate header. + +Unfortunately this crash only occurs when listening on default ports 80 +and 443, so there's no good way to test for this. The test would require +running as root. + +Fixes #440 +--- + libsoup/auth/soup-auth-digest.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libsoup/auth/soup-auth-digest.c b/libsoup/auth/soup-auth-digest.c +index d8bb2910..292f2045 100644 +--- a/libsoup/auth/soup-auth-digest.c ++++ b/libsoup/auth/soup-auth-digest.c +@@ -220,7 +220,7 @@ soup_auth_digest_get_protection_space (SoupAuth *auth, GUri *source_uri) + if (uri && + g_strcmp0 (g_uri_get_scheme (uri), g_uri_get_scheme (source_uri)) == 0 && + g_uri_get_port (uri) == g_uri_get_port (source_uri) && +- !strcmp (g_uri_get_host (uri), g_uri_get_host (source_uri))) ++ !g_strcmp0 (g_uri_get_host (uri), g_uri_get_host (source_uri))) + dir = g_strdup (g_uri_get_path (uri)); + else + dir = NULL; +-- +GitLab diff --git a/libsoup.spec b/libsoup.spec index 019862d7fa6c7843866e8ebcfff9b1736969ed8a..1b46818fda1f29a591b2a9eeccb97e8a51c31017 100644 --- a/libsoup.spec +++ b/libsoup.spec @@ -1,4 +1,4 @@ -%define anolis_release 15 +%define anolis_release 16 %define glib2_version 2.58 %{!?with_docs: %global with_docs 1} @@ -28,6 +28,8 @@ Patch13: 0013-bugfix-for-CVE-2025-32049.patch Patch14: 0014-bugfix-for-CVE-2025-2784.patch # From https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/463/ Patch15: 1015-bugfix-for-CVE-2025-4948.patch +# https://gitlab.gnome.org/GNOME/libsoup/-/commit/e64c221f9c7d09b48b610c5626b3b8c400f0907c +Patch16: 0016-bugfix-for-CVE-2025-4476.patch BuildRequires: gettext BuildRequires: glib-networking %if %{with_docs} @@ -136,6 +138,9 @@ This package contains developer documentation for %{name}. %endif %changelog +* Thu Jul 03 2025 wenxin - 2.74.3-16 +- add patch to fix CVE-2025-4476 + * Mon Jun 18 2025 lzq11122 - 2.74.3-15 - add patch to fix CVE-2025-4948