From ec6710dc4abaff22f1b1368cc80b40e0539af2da Mon Sep 17 00:00:00 2001 From: tomcruiseqi <10762123+tomcruiseqi@user.noreply.gitee.com> Date: Thu, 3 Jul 2025 09:27:21 +0800 Subject: [PATCH] [CVE] CVE-2025-4476 to #21118 add patch to fix CVE-2025-4476 Project: TC2024080204 Signed-off-by: tomcruiseqi <10762123+tomcruiseqi@user.noreply.gitee.com> --- 16-bugfix-for-CVE-2025-4476.patch | 37 +++++++++++++++++++++++++++++++ libsoup.spec | 6 ++++- 2 files changed, 42 insertions(+), 1 deletion(-) create mode 100644 16-bugfix-for-CVE-2025-4476.patch diff --git a/16-bugfix-for-CVE-2025-4476.patch b/16-bugfix-for-CVE-2025-4476.patch new file mode 100644 index 0000000..9bdb988 --- /dev/null +++ b/16-bugfix-for-CVE-2025-4476.patch @@ -0,0 +1,37 @@ +From e64c221f9c7d09b48b610c5626b3b8c400f0907c Mon Sep 17 00:00:00 2001 +From: Michael Catanzaro +Date: Thu, 8 May 2025 09:27:01 -0500 +Subject: [PATCH] auth-digest: fix crash in + soup_auth_digest_get_protection_space() + +We need to validate the Domain parameter in the WWW-Authenticate header. + +Unfortunately this crash only occurs when listening on default ports 80 +and 443, so there's no good way to test for this. The test would require +running as root. + +Fixes #440 + +Conflict: Context Adaptation and g_uri_get_host (uri)->uri->host,g_uri_get_host (source_uri)->source_uri->host and Modify file path adaptation:libsoup/auth/soup-auth-digest.c->libsoup/soup-auth-digest.c +Reference: https://gitlab.gnome.org/GNOME/libsoup/-/commit/e64c221f9c7d09b48b610c5626b3b8c400f0907c + +--- + libsoup/soup-auth-digest.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libsoup/soup-auth-digest.c b/libsoup/soup-auth-digest.c +index 318ebe2..efc84e9 100644 +--- a/libsoup/soup-auth-digest.c ++++ b/libsoup/soup-auth-digest.c +@@ -213,7 +213,7 @@ soup_auth_digest_get_protection_space (SoupAuth *auth, SoupURI *source_uri) + uri = soup_uri_new (d); + if (uri && uri->scheme == source_uri->scheme && + uri->port == source_uri->port && +- !strcmp (uri->host, source_uri->host)) ++ !g_strcmp0 (uri->host, source_uri->host)) + dir = g_strdup (uri->path); + else + dir = NULL; +-- +2.27.0 + diff --git a/libsoup.spec b/libsoup.spec index 019862d..76e1ba7 100644 --- a/libsoup.spec +++ b/libsoup.spec @@ -1,4 +1,4 @@ -%define anolis_release 15 +%define anolis_release 16 %define glib2_version 2.58 %{!?with_docs: %global with_docs 1} @@ -28,6 +28,7 @@ Patch13: 0013-bugfix-for-CVE-2025-32049.patch Patch14: 0014-bugfix-for-CVE-2025-2784.patch # From https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/463/ Patch15: 1015-bugfix-for-CVE-2025-4948.patch +Patch16: 16-bugfix-for-CVE-2025-4476.patch BuildRequires: gettext BuildRequires: glib-networking %if %{with_docs} @@ -136,6 +137,9 @@ This package contains developer documentation for %{name}. %endif %changelog +* Thu Jul 03 2025 tomcruiseqi <10762123+tomcruiseqi@user.noreply.gitee.com> - 2.74.3-16 +- Fix CVE-2025-4476 + * Mon Jun 18 2025 lzq11122 - 2.74.3-15 - add patch to fix CVE-2025-4948 -- Gitee