diff options
-rw-r--r-- | gnu/local.mk | 1 | ||||
-rw-r--r-- | gnu/packages/gnupg.scm | 9 | ||||
-rw-r--r-- | gnu/packages/patches/gnupg-CVE-2022-34903.patch | 54 |
3 files changed, 0 insertions, 64 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index d61453b24b..a4238e5141 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1209,7 +1209,6 @@ dist_patch_DATA = \ %D%/packages/patches/gnome-session-support-elogind.patch \ %D%/packages/patches/gnome-todo-libportal.patch \ %D%/packages/patches/gnome-tweaks-search-paths.patch \ - %D%/packages/patches/gnupg-CVE-2022-34903.patch \ %D%/packages/patches/gnupg-default-pinentry.patch \ %D%/packages/patches/gnupg-1-build-with-gcc10.patch \ %D%/packages/patches/gnutls-skip-trust-store-test.patch \ diff --git a/gnu/packages/gnupg.scm b/gnu/packages/gnupg.scm index 27d053c94b..349cd58bcb 100644 --- a/gnu/packages/gnupg.scm +++ b/gnu/packages/gnupg.scm @@ -362,15 +362,6 @@ libskba (working with X.509 certificates and CMS data).") (properties '((ftp-server . "ftp.gnupg.org") (ftp-directory . "/gcrypt/gnupg"))))) -(define gnupg/fixed - (package - (inherit gnupg) - (source (origin - (inherit (package-source gnupg)) - (patches - (append (origin-patches (package-source gnupg)) - (search-patches "gnupg-CVE-2022-34903.patch"))))))) - (define-public gnupg-1 (package (inherit gnupg) (version "1.4.23") diff --git a/gnu/packages/patches/gnupg-CVE-2022-34903.patch b/gnu/packages/patches/gnupg-CVE-2022-34903.patch deleted file mode 100644 index 19c055282a..0000000000 --- a/gnu/packages/patches/gnupg-CVE-2022-34903.patch +++ /dev/null @@ -1,54 +0,0 @@ -https://dev.gnupg.org/T6027 -https://www.openwall.com/lists/oss-security/2022/06/30/1 -https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=34c649b3601383cd11dbc76221747ec16fd68e1b - -From 34c649b3601383cd11dbc76221747ec16fd68e1b Mon Sep 17 00:00:00 2001 -From: Werner Koch <wk@gnupg.org> -Date: Tue, 14 Jun 2022 11:33:27 +0200 -Subject: [PATCH] g10: Fix garbled status messages in NOTATION_DATA - -* g10/cpr.c (write_status_text_and_buffer): Fix off-by-one --- - -Depending on the escaping and line wrapping the computed remaining -buffer length could be wrong. Fixed by always using a break to -terminate the escape detection loop. Might have happened for all -status lines which may wrap. - -GnuPG-bug-id: T6027 ---- - g10/cpr.c | 13 ++++--------- - 1 file changed, 4 insertions(+), 9 deletions(-) - -diff --git a/g10/cpr.c b/g10/cpr.c -index 9bfdd3c34..fa8005d6f 100644 ---- a/g10/cpr.c -+++ b/g10/cpr.c -@@ -372,20 +372,15 @@ write_status_text_and_buffer (int no, const char *string, - } - first = 0; - } -- for (esc=0, s=buffer, n=len; n && !esc; s++, n--) -+ for (esc=0, s=buffer, n=len; n; s++, n--) - { - if (*s == '%' || *(const byte*)s <= lower_limit - || *(const byte*)s == 127 ) - esc = 1; - if (wrap && ++count > wrap) -- { -- dowrap=1; -- break; -- } -- } -- if (esc) -- { -- s--; n++; -+ dowrap=1; -+ if (esc || dowrap) -+ break; - } - if (s != buffer) - es_fwrite (buffer, s-buffer, 1, statusfp); --- -2.11.0 - |