From 2c72cb7a75cc98d9b40c7e3dfbbb67f2ac41c8d8 Mon Sep 17 00:00:00 2001 From: Brian C. Lane Date: Jun 16 2018 00:46:10 +0000 Subject: - New upstream v1.4.23 (#1589802,#1589620,#1589624) - Remove patches included in upstream release - Note that this includes the fix for [CVE-2018-12020] --- diff --git a/0006-doc-Remove-documentation-for-future-option-faked-sys.patch b/0006-doc-Remove-documentation-for-future-option-faked-sys.patch deleted file mode 100644 index b33382d..0000000 --- a/0006-doc-Remove-documentation-for-future-option-faked-sys.patch +++ /dev/null @@ -1,35 +0,0 @@ -From eb15d5ed8e4a765998e9de7698bdc65328bcaaa3 Mon Sep 17 00:00:00 2001 -From: Marcus Brinkmann -Date: Fri, 4 Aug 2017 20:24:27 +0200 -Subject: [PATCH 06/15] doc: Remove documentation for future option - --faked-system-time. - -doc/gpg.texi: Remove documentation for --faked-system-time. - -Signed-off-by: Marcus Brinkmann -GnuPG-bug-id: 3329 ---- - doc/gpg.texi | 7 ------- - 1 file changed, 7 deletions(-) - -diff --git a/doc/gpg.texi b/doc/gpg.texi -index 00ed82888..42658c9a7 100644 ---- a/doc/gpg.texi -+++ b/doc/gpg.texi -@@ -2275,13 +2275,6 @@ Set all useful debugging flags. - Enable debug output from the included CCID driver for smartcards. - Note that this option is only available on some system. - --@item --faked-system-time @var{epoch} --@opindex faked-system-time --This option is only useful for testing; it sets the system time back or --forth to @var{epoch} which is the number of seconds elapsed since the year --1970. Alternatively @var{epoch} may be given as a full ISO time string --(e.g. "20070924T154812"). -- - @item --enable-progress-filter - @opindex enable-progress-filter - Enable certain PROGRESS status outputs. This option allows frontends --- -2.17.1 - diff --git a/0008-build-Don-t-use-dev-srandom-on-OpenBSD.patch b/0008-build-Don-t-use-dev-srandom-on-OpenBSD.patch deleted file mode 100644 index 01269c3..0000000 --- a/0008-build-Don-t-use-dev-srandom-on-OpenBSD.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 96f3b1de1cb16b51c34910dfd61b6f1402b9d784 Mon Sep 17 00:00:00 2001 -From: Jeremie Courreges-Anglas -Date: Wed, 1 Nov 2017 17:13:53 +0100 -Subject: [PATCH 08/15] build: Don't use /dev/srandom on OpenBSD - --- -All /dev/*random devices have been equivalent since OpenBSD 4.9, on -purpose (/dev/random doesn't block). /dev/srandom has been removed in -the OpenBSD 6.3 development cycle, /dev/arandom will likely follow. - -Signed-off-by: Jeremie Courreges-Anglas ---- - configure.ac | 6 ------ - 1 file changed, 6 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 028d48552..b92440c2e 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -847,12 +847,6 @@ AC_DEFINE_UNQUOTED(PRINTABLE_OS_NAME, "$PRINTABLE_OS_NAME", - # - NAME_OF_DEV_RANDOM="/dev/random" - NAME_OF_DEV_URANDOM="/dev/urandom" --case "${host}" in -- *-openbsd*) -- NAME_OF_DEV_RANDOM="/dev/srandom" -- NAME_OF_DEV_URANDOM="/dev/urandom" -- ;; --esac - AC_DEFINE_UNQUOTED(NAME_OF_DEV_RANDOM, "$NAME_OF_DEV_RANDOM", - [defined to the name of the strong random device]) - AC_DEFINE_UNQUOTED(NAME_OF_DEV_URANDOM, "$NAME_OF_DEV_URANDOM", --- -2.17.1 - diff --git a/0009-Do-not-use-C99-feature.patch b/0009-Do-not-use-C99-feature.patch deleted file mode 100644 index 14531b9..0000000 --- a/0009-Do-not-use-C99-feature.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 877e3073d731fec55a88673f91ed646a75e786c8 Mon Sep 17 00:00:00 2001 -From: Dario Niedermann -Date: Fri, 10 Nov 2017 15:45:59 +0100 -Subject: [PATCH 09/15] Do not use C99 feature. - -* cipher/rsa.c (secret): Move var decl to the beginning. --- - -Trivial patch; ChangeLog written by wk. - -Signed-off-by: Werner Koch ---- - cipher/rsa.c | 7 ++++--- - 1 file changed, 4 insertions(+), 3 deletions(-) - -diff --git a/cipher/rsa.c b/cipher/rsa.c -index 51b76404f..b3ecd3bea 100644 ---- a/cipher/rsa.c -+++ b/cipher/rsa.c -@@ -304,6 +304,9 @@ secret(MPI output, MPI input, RSA_secret_key *skey ) - #if 0 - mpi_powm( output, input, skey->d, skey->n ); - #else -+ MPI D_blind; -+ MPI rr; -+ unsigned int rr_nbits; - int nlimbs = mpi_get_nlimbs (skey->n)+1; - MPI m1 = mpi_alloc_secure (nlimbs); - MPI m2 = mpi_alloc_secure (nlimbs); -@@ -326,9 +329,7 @@ secret(MPI output, MPI input, RSA_secret_key *skey ) - # endif /* USE_BLINDING */ - - /* RSA secret operation: */ -- MPI D_blind = mpi_alloc_secure (nlimbs); -- MPI rr; -- unsigned int rr_nbits; -+ D_blind = mpi_alloc_secure (nlimbs); - - rr_nbits = mpi_get_nbits (skey->p) / 4; - if (rr_nbits < 96) --- -2.17.1 - diff --git a/0011-g10-Fix-regexp-sanitization.patch b/0011-g10-Fix-regexp-sanitization.patch deleted file mode 100644 index 8dbbd94..0000000 --- a/0011-g10-Fix-regexp-sanitization.patch +++ /dev/null @@ -1,64 +0,0 @@ -From 9441946e1824eb58249c58432ed1f554d0d8a102 Mon Sep 17 00:00:00 2001 -From: NIIBE Yutaka -Date: Thu, 9 Nov 2017 14:03:22 +0900 -Subject: [PATCH 11/15] g10: Fix regexp sanitization. - -* g10/trustdb.c (sanitize_regexp): Only escape operators. - --- - -Backport from master commit: - ccf3ba92087e79abdeaa0208795829b431c6f201 - -To sanitize a regular expression, quoting by backslash should be only -done for defined characters. POSIX defines 12 characters including -dot and backslash. - -Quoting other characters is wrong, in two ways; It may build an -operator like: \b, \s, \w when using GNU library. Case ignored match -doesn't work, because quoting lower letter means literally and no -much to upper letter. - -GnuPG-bug-id: 2923 -Co-authored-by: Damien Goutte-Gattat -Signed-off-by: NIIBE Yutaka ---- - g10/trustdb.c | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) - -diff --git a/g10/trustdb.c b/g10/trustdb.c -index 1e3ef5f1a..13fa32142 100644 ---- a/g10/trustdb.c -+++ b/g10/trustdb.c -@@ -1817,6 +1817,11 @@ clean_key(KBNODE keyblock,int noisy,int self_only, - - /* Returns a sanitized copy of the regexp (which might be "", but not - NULL). */ -+#ifndef DISABLE_REGEX -+/* Operator charactors except '.' and backslash. -+ See regex(7) on BSD. */ -+#define REGEXP_OPERATOR_CHARS "^[$()|*+?{" -+ - static char * - sanitize_regexp(const char *old) - { -@@ -1856,7 +1861,7 @@ sanitize_regexp(const char *old) - { - if(!escaped && old[start]=='\\') - escaped=1; -- else if(!escaped && old[start]!='.') -+ else if (!escaped && strchr (REGEXP_OPERATOR_CHARS, old[start])) - new[idx++]='\\'; - else - escaped=0; -@@ -1877,6 +1882,7 @@ sanitize_regexp(const char *old) - - return new; - } -+#endif /*!DISABLE_REGEX*/ - - /* Used by validate_one_keyblock to confirm a regexp within a trust - signature. Returns 1 for match, and 0 for no match or regex --- -2.17.1 - diff --git a/0014-g10-Push-compress-filter-only-if-compressed.patch b/0014-g10-Push-compress-filter-only-if-compressed.patch deleted file mode 100644 index e3f44b0..0000000 --- a/0014-g10-Push-compress-filter-only-if-compressed.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 0f8fd95ab32a6d29dac79e19f0850037c7d0c16f Mon Sep 17 00:00:00 2001 -From: NIIBE Yutaka -Date: Fri, 13 Apr 2018 10:09:02 +0900 -Subject: [PATCH 14/15] g10: Push compress filter only if compressed. - -* g10/compress.c (handle_compressed): Fix memory leak. - --- - -(backport from STABLE-BRANCH-2-2 commit: -c31abf84659dbda5503dd9f3aa3449520bcd1b84) - -All other calls of push_compress_filter checks ALGO, -so, do it here, too. - -GnuPG-bug-id: 3898 -Signed-off-by: NIIBE Yutaka ---- - g10/compress.c | 13 ++++++++----- - 1 file changed, 8 insertions(+), 5 deletions(-) - -diff --git a/g10/compress.c b/g10/compress.c -index 4598affff..aad8a751c 100644 ---- a/g10/compress.c -+++ b/g10/compress.c -@@ -313,15 +313,18 @@ int - handle_compressed( void *procctx, PKT_compressed *cd, - int (*callback)(IOBUF, void *), void *passthru ) - { -- compress_filter_context_t *cfx; - int rc; - - if(check_compress_algo(cd->algorithm)) - return G10ERR_COMPR_ALGO; -- cfx = xmalloc_clear (sizeof *cfx); -- cfx->release = release_context; -- cfx->algo = cd->algorithm; -- push_compress_filter(cd->buf,cfx,cd->algorithm); -+ if(cd->algorithm) { -+ compress_filter_context_t *cfx; -+ -+ cfx = xmalloc_clear (sizeof *cfx); -+ cfx->release = release_context; -+ cfx->algo = cd->algorithm; -+ push_compress_filter(cd->buf,cfx,cd->algorithm); -+ } - if( callback ) - rc = callback(cd->buf, passthru ); - else --- -2.17.1 - diff --git a/0015-gpg-Sanitize-diagnostic-with-the-original-file-name.patch b/0015-gpg-Sanitize-diagnostic-with-the-original-file-name.patch deleted file mode 100644 index 866a0f8..0000000 --- a/0015-gpg-Sanitize-diagnostic-with-the-original-file-name.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 2326851c60793653069494379b16d84e4c10a0ac Mon Sep 17 00:00:00 2001 -From: Werner Koch -Date: Fri, 8 Jun 2018 10:45:21 +0200 -Subject: [PATCH 15/15] gpg: Sanitize diagnostic with the original file name. - -* g10/mainproc.c (proc_plaintext): Sanitize verbose output. --- - -This fixes a forgotten sanitation of user supplied data in a verbose -mode diagnostic. The mention CVE is about using this to inject -status-fd lines into the stderr output. Other harm good as well be -done. Note that GPGME based applications are not affected because -GPGME does not fold status output into stderr. - -CVE-id: CVE-2018-12020 -GnuPG-bug-id: 4012 -(cherry picked from commit 13f135c7a252cc46cff96e75968d92b6dc8dce1b) ---- - g10/mainproc.c | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/g10/mainproc.c b/g10/mainproc.c -index 33a654b34..ffa7ef6d8 100644 ---- a/g10/mainproc.c -+++ b/g10/mainproc.c -@@ -638,7 +638,11 @@ proc_plaintext( CTX c, PACKET *pkt ) - if( pt->namelen == 8 && !memcmp( pt->name, "_CONSOLE", 8 ) ) - log_info(_("NOTE: sender requested \"for-your-eyes-only\"\n")); - else if( opt.verbose ) -- log_info(_("original file name='%.*s'\n"), pt->namelen, pt->name); -+ { -+ char *tmp = make_printable_string (pt->name, pt->namelen, 0); -+ log_info (_("original file name='%.*s'\n"), (int)strlen (tmp), tmp); -+ xfree (tmp); -+ } - free_md_filter_context( &c->mfx ); - c->mfx.md = md_open( 0, 0); - /* fixme: we may need to push the textfilter if we have sigclass 1 --- -2.17.1 - diff --git a/gnupg.spec b/gnupg.spec index 35fc4d2..55dd7d9 100644 --- a/gnupg.spec +++ b/gnupg.spec @@ -1,7 +1,7 @@ Summary: A GNU utility for secure communication and data storage Name: gnupg -Version: 1.4.22 -Release: 4%{?dist} +Version: 1.4.23 +Release: 1%{?dist} License: GPLv3+ with exceptions Group: Applications/System URL: http://www.gnupg.org/ @@ -9,12 +9,6 @@ Source0: https://gnupg.org/ftp/gcrypt/gnupg/gnupg-%{version}.tar.bz2 Source1: https://gnupg.org/ftp/gcrypt/gnupg/gnupg-%{version}.tar.bz2.sig Source2: gnupg-shm-coprocessing.expect Patch0000: gnupg-1.4.1-gcc.patch -Patch0006: 0006-doc-Remove-documentation-for-future-option-faked-sys.patch -Patch0008: 0008-build-Don-t-use-dev-srandom-on-OpenBSD.patch -Patch0009: 0009-Do-not-use-C99-feature.patch -Patch0011: 0011-g10-Fix-regexp-sanitization.patch -Patch0014: 0014-g10-Push-compress-filter-only-if-compressed.patch -Patch0015: 0015-gpg-Sanitize-diagnostic-with-the-original-file-name.patch # Requires autoconf >= 2.60 because earlier autoconf didn't define $localedir. BuildRequires: autoconf >= 2.60 @@ -118,6 +112,11 @@ exit 0 %{_mandir}/man1/gpgv.1.gz %changelog +* Fri Jun 15 2018 Brian C. Lane - 1.4.23-1 +- New upstream v1.4.23 (#1589802,#1589620,#1589624) +- Remove patches included in upstream release +- Note that this includes the fix for [CVE-2018-12020] + * Fri Jun 08 2018 Brian C. Lane - 1.4.22-4 - doc Remove documentation for future option faked sys - build Don't use dev srandom on OpenBSD diff --git a/sources b/sources index 4cb8bab..022a513 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (gnupg-1.4.22.tar.bz2) = c03acac0fa55761470bb085d78a44e2b99ebb187e8396cbb031a184b1e40bef2a40c91da07755d1a20610a3daa6aa1eefea2d12a0dbd5a79a45466166419c708 -SHA512 (gnupg-1.4.22.tar.bz2.sig) = 14155496b052fc3ae84a9ce4db6338cad2f6362c21acf50442fb228c7f662f23062ba0ba77bc0f879664832fa133d326eec72a33697e0bb645a6de6a2584317c +SHA512 (gnupg-1.4.23.tar.bz2) = 78dc52a2010202a4afc8814b29fda657a6c9fe230d5e7db11ae040edd2b0ca819e1baa4dbd6c0d04d36cd353df484e83f52d17759d2891c2cf7025c0b5d36612 +SHA512 (gnupg-1.4.23.tar.bz2.sig) = f6761c63ee10c0ba8443f55d3dd9189ebc43bda31c944116015180b27e5a66d972fc84ca6dbea162e48e0b0b8c43b9eebd84bed5d7df8c6f3290b9ea95d4b477