Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:GA
libgda
libgda-force-tls-validation.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libgda-force-tls-validation.patch of Package libgda
From bebdffb4de586fb43fd07ac549121f4b22f6812d Mon Sep 17 00:00:00 2001 From: "Douglas R. Reno" <renodr@linuxfromscratch.org> Date: Mon, 18 Oct 2021 13:18:01 -0500 Subject: [PATCH] Fix CVE-2021-39359 by forcing TLS certificate validation This was done by adding "ssl-use-system-ca-file", TRUE to the options for each soup_session_new_with_options() call that was made. Tested on Linux From Scratch 11.0 and Debian 11. Fixes #249 Backported by Mike Gorse <mgorse@suse.com> --- diff -urp libgda-5.2.4.orig/providers/web/gda-web-provider.c libgda-5.2.4/providers/web/gda-web-provider.c --- libgda-5.2.4.orig/providers/web/gda-web-provider.c 2015-06-13 03:36:25.000000000 -0500 +++ libgda-5.2.4/providers/web/gda-web-provider.c 2022-08-29 15:11:06.324299791 -0500 @@ -385,8 +385,8 @@ gda_web_provider_open_connection (GdaSer cdata->mutex = gda_mutex_new (); cdata->server_id = NULL; cdata->forced_closing = FALSE; - cdata->worker_session = soup_session_sync_new (); - cdata->front_session = soup_session_sync_new_with_options ("max-conns-per-host", 1, NULL); + cdata->worker_session = soup_session_sync_new_with_options ("ssl-use-system-ca-file", TRUE, NULL); + cdata->front_session = soup_session_sync_new_with_options ("max-conns-per-host", 1, "ssl-use-system-ca-file", TRUE, NULL); if (use_ssl) { server_url = g_string_new ("https://"); g_print ("USING SSL\n");
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor