diff options
author | Marius Bakke <mbakke@fastmail.com> | 2018-11-14 21:20:46 +0100 |
---|---|---|
committer | Marius Bakke <mbakke@fastmail.com> | 2018-11-14 21:20:46 +0100 |
commit | 79ee97a144aaaa890be0724aaf796e2a771179d7 (patch) | |
tree | fddd2f20003d60e42eed7a614acea91a13d854d7 /gnu/packages/patches | |
parent | 7d9d521fbcf1423f66d6f33208c03d5dacb7ba50 (diff) | |
parent | e921993c25626541385f191f0463cad8e5e5c5c7 (diff) |
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r-- | gnu/packages/patches/icecat-CVE-2018-12383.patch | 103 | ||||
-rw-r--r-- | gnu/packages/patches/poppler-CVE-2018-19149.patch | 80 |
2 files changed, 80 insertions, 103 deletions
diff --git a/gnu/packages/patches/icecat-CVE-2018-12383.patch b/gnu/packages/patches/icecat-CVE-2018-12383.patch deleted file mode 100644 index 17ca0f3773..0000000000 --- a/gnu/packages/patches/icecat-CVE-2018-12383.patch +++ /dev/null @@ -1,103 +0,0 @@ -Based on upstream changeset: - https://hg.mozilla.org/releases/mozilla-esr60/rev/300efdbc9fe1 -but with the git binary patch and related test changes omitted, -and adapted to apply cleanly to GNU IceCat. - -# HG changeset patch -# User David Keeler <dkeeler@mozilla.com> -# Date 1531860660 25200 -# Node ID 300efdbc9fe1f9165428c7934861033935b5abfa -# Parent 80a4a7ef281374dbb2afda8edac54665b14b9ef8 -Bug 1475775 - Clean up old NSS DB file after upgrade if necessary. r=franziskus, r=mattn, a=RyanVM - -Reviewers: franziskus, mattn - -Bug #: 1475775 - -Differential Revision: https://phabricator.services.mozilla.com/D2202 - -diff --git a/security/manager/ssl/nsNSSComponent.cpp b/security/manager/ssl/nsNSSComponent.cpp ---- a/security/manager/ssl/nsNSSComponent.cpp -+++ b/security/manager/ssl/nsNSSComponent.cpp -@@ -1935,16 +1935,61 @@ AttemptToRenameBothPKCS11ModuleDBVersion - NS_NAMED_LITERAL_CSTRING(sqlModuleDBFilename, "pkcs11.txt"); - nsresult rv = AttemptToRenamePKCS11ModuleDB(profilePath, - legacyModuleDBFilename); - if (NS_FAILED(rv)) { - return rv; - } - return AttemptToRenamePKCS11ModuleDB(profilePath, sqlModuleDBFilename); - } -+ -+// When we changed from the old dbm database format to the newer sqlite -+// implementation, the upgrade process left behind the existing files. Suppose a -+// user had not set a password for the old key3.db (which is about 99% of -+// users). After upgrading, both the old database and the new database are -+// unprotected. If the user then sets a password for the new database, the old -+// one will not be protected. In this scenario, we should probably just remove -+// the old database (it would only be relevant if the user downgraded to a -+// version of IceCat before 58, but we have to trade this off against the -+// user's old private keys being unexpectedly unprotected after setting a -+// password). -+// This was never an issue on Android because we always used the new -+// implementation. -+static void -+MaybeCleanUpOldNSSFiles(const nsACString& profilePath) -+{ -+ UniquePK11SlotInfo slot(PK11_GetInternalKeySlot()); -+ if (!slot) { -+ return; -+ } -+ // Unfortunately we can't now tell the difference between "there already was a -+ // password when the upgrade happened" and "there was not a password but then -+ // the user added one after upgrading". -+ bool hasPassword = PK11_NeedLogin(slot.get()) && -+ !PK11_NeedUserInit(slot.get()); -+ if (!hasPassword) { -+ return; -+ } -+ nsCOMPtr<nsIFile> dbFile = do_CreateInstance("@mozilla.org/file/local;1"); -+ if (!dbFile) { -+ return; -+ } -+ nsresult rv = dbFile->InitWithNativePath(profilePath); -+ if (NS_FAILED(rv)) { -+ return; -+ } -+ NS_NAMED_LITERAL_CSTRING(keyDBFilename, "key3.db"); -+ rv = dbFile->AppendNative(keyDBFilename); -+ if (NS_FAILED(rv)) { -+ return; -+ } -+ // Since this isn't a directory, the `recursive` argument to `Remove` is -+ // irrelevant. -+ Unused << dbFile->Remove(false); -+} - #endif // ifndef ANDROID - - // Given a profile directory, attempt to initialize NSS. If nocertdb is true, - // (or if we don't have a profile directory) simply initialize NSS in no DB mode - // and return. Otherwise, first attempt to initialize in read/write mode, and - // then read-only mode if that fails. If both attempts fail, we may be failing - // to initialize an NSS DB collection that has FIPS mode enabled. Attempt to - // ascertain if this is the case, and if so, rename the offending PKCS#11 module -@@ -1966,16 +2011,19 @@ InitializeNSSWithFallbacks(const nsACStr - - // Try read/write mode. If we're in safeMode, we won't load PKCS#11 modules. - #ifndef ANDROID - PRErrorCode savedPRErrorCode1; - #endif // ifndef ANDROID - SECStatus srv = ::mozilla::psm::InitializeNSS(profilePath, false, !safeMode); - if (srv == SECSuccess) { - MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("initialized NSS in r/w mode")); -+#ifndef ANDROID -+ MaybeCleanUpOldNSSFiles(profilePath); -+#endif // ifndef ANDROID - return NS_OK; - } - #ifndef ANDROID - savedPRErrorCode1 = PR_GetError(); - PRErrorCode savedPRErrorCode2; - #endif // ifndef ANDROID - // That failed. Try read-only mode. - srv = ::mozilla::psm::InitializeNSS(profilePath, true, !safeMode); diff --git a/gnu/packages/patches/poppler-CVE-2018-19149.patch b/gnu/packages/patches/poppler-CVE-2018-19149.patch new file mode 100644 index 0000000000..3641f5f078 --- /dev/null +++ b/gnu/packages/patches/poppler-CVE-2018-19149.patch @@ -0,0 +1,80 @@ +Fix CVE-2018-19149: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19149 +https://gitlab.freedesktop.org/poppler/poppler/issues/664 + +Patch copied from upstream source repository: + +https://gitlab.freedesktop.org/poppler/poppler/commit/f162ecdea0dda5dbbdb45503c1d55d9afaa41d44 + +From f162ecdea0dda5dbbdb45503c1d55d9afaa41d44 Mon Sep 17 00:00:00 2001 +From: Marek Kasik <mkasik@redhat.com> +Date: Fri, 20 Apr 2018 11:38:13 +0200 +Subject: [PATCH] Fix crash on missing embedded file + +Check whether an embedded file is actually present in the PDF +and show warning in that case. + +https://bugs.freedesktop.org/show_bug.cgi?id=106137 +https://gitlab.freedesktop.org/poppler/poppler/issues/236 +--- + glib/poppler-attachment.cc | 26 +++++++++++++++++--------- + glib/poppler-document.cc | 3 ++- + 2 files changed, 19 insertions(+), 10 deletions(-) + +diff --git a/glib/poppler-attachment.cc b/glib/poppler-attachment.cc +index c6502e9d..11ba5bb5 100644 +--- a/glib/poppler-attachment.cc ++++ b/glib/poppler-attachment.cc +@@ -111,17 +111,25 @@ _poppler_attachment_new (FileSpec *emb_file) + attachment->description = _poppler_goo_string_to_utf8 (emb_file->getDescription ()); + + embFile = emb_file->getEmbeddedFile(); +- attachment->size = embFile->size (); ++ if (embFile != NULL && embFile->streamObject()->isStream()) ++ { ++ attachment->size = embFile->size (); + +- if (embFile->createDate ()) +- _poppler_convert_pdf_date_to_gtime (embFile->createDate (), (time_t *)&attachment->ctime); +- if (embFile->modDate ()) +- _poppler_convert_pdf_date_to_gtime (embFile->modDate (), (time_t *)&attachment->mtime); ++ if (embFile->createDate ()) ++ _poppler_convert_pdf_date_to_gtime (embFile->createDate (), (time_t *)&attachment->ctime); ++ if (embFile->modDate ()) ++ _poppler_convert_pdf_date_to_gtime (embFile->modDate (), (time_t *)&attachment->mtime); + +- if (embFile->checksum () && embFile->checksum ()->getLength () > 0) +- attachment->checksum = g_string_new_len (embFile->checksum ()->getCString (), +- embFile->checksum ()->getLength ()); +- priv->obj_stream = embFile->streamObject()->copy(); ++ if (embFile->checksum () && embFile->checksum ()->getLength () > 0) ++ attachment->checksum = g_string_new_len (embFile->checksum ()->getCString (), ++ embFile->checksum ()->getLength ()); ++ priv->obj_stream = embFile->streamObject()->copy(); ++ } ++ else ++ { ++ g_warning ("Missing stream object for embedded file"); ++ g_clear_object (&attachment); ++ } + + return attachment; + } +diff --git a/glib/poppler-document.cc b/glib/poppler-document.cc +index 83f6aea6..ea319344 100644 +--- a/glib/poppler-document.cc ++++ b/glib/poppler-document.cc +@@ -670,7 +670,8 @@ poppler_document_get_attachments (PopplerDocument *document) + attachment = _poppler_attachment_new (emb_file); + delete emb_file; + +- retval = g_list_prepend (retval, attachment); ++ if (attachment != NULL) ++ retval = g_list_prepend (retval, attachment); + } + return g_list_reverse (retval); + } +-- +2.19.1 + |