1 |
jlec 13/02/23 10:32:18 |
2 |
|
3 |
Modified: gajim-0.15.2-CVE-2012-5524.patch |
4 |
Log: |
5 |
net-im/gajim: Drop parts of upstream which should fix CVE-2012-5524 but added more code which is incompatible with current implementation |
6 |
|
7 |
(Portage version: 2.2.0_alpha163/cvs/Linux x86_64, RepoMan options: --force, signed Manifest commit with key 8009D6F070EB7916) |
8 |
|
9 |
Revision Changes Path |
10 |
1.3 net-im/gajim/files/gajim-0.15.2-CVE-2012-5524.patch |
11 |
|
12 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-im/gajim/files/gajim-0.15.2-CVE-2012-5524.patch?rev=1.3&view=markup |
13 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-im/gajim/files/gajim-0.15.2-CVE-2012-5524.patch?rev=1.3&content-type=text/plain |
14 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-im/gajim/files/gajim-0.15.2-CVE-2012-5524.patch?r1=1.2&r2=1.3 |
15 |
|
16 |
Index: gajim-0.15.2-CVE-2012-5524.patch |
17 |
=================================================================== |
18 |
RCS file: /var/cvsroot/gentoo-x86/net-im/gajim/files/gajim-0.15.2-CVE-2012-5524.patch,v |
19 |
retrieving revision 1.2 |
20 |
retrieving revision 1.3 |
21 |
diff -u -r1.2 -r1.3 |
22 |
--- gajim-0.15.2-CVE-2012-5524.patch 20 Feb 2013 10:46:25 -0000 1.2 |
23 |
+++ gajim-0.15.2-CVE-2012-5524.patch 23 Feb 2013 10:32:18 -0000 1.3 |
24 |
@@ -5,7 +5,7 @@ |
25 |
index 8240652..6d3037a 100644 |
26 |
--- a/src/common/connection.py |
27 |
+++ b/src/common/connection.py |
28 |
-@@ -1309,36 +1309,42 @@ class Connection(CommonConnection, ConnectionHandlers): |
29 |
+@@ -1309,25 +1309,28 @@ class Connection(CommonConnection, ConnectionHandlers): |
30 |
hostname = gajim.config.get_per('accounts', self.name, 'hostname') |
31 |
self.connection = con |
32 |
try: |
33 |
@@ -50,32 +50,3 @@ |
34 |
'ssl_fingerprint_sha1') |
35 |
if saved_fingerprint: |
36 |
# Check sha1 fingerprint |
37 |
-- if con.Connection.ssl_fingerprint_sha1 != saved_fingerprint: |
38 |
-+ if con.Connection.ssl_fingerprint_sha1[-1] != saved_fingerprint: |
39 |
- gajim.nec.push_incoming_event(FingerprintErrorEvent(None, |
40 |
-- conn=self, certificate=con.Connection.ssl_certificate, |
41 |
-- new_fingerprint=con.Connection.ssl_fingerprint_sha1)) |
42 |
-+ conn=self, |
43 |
-+ certificate=con.Connection.ssl_certificate, |
44 |
-+ new_fingerprint=con.Connection.ssl_fingerprint_sha1[ |
45 |
-+ -1])) |
46 |
- return True |
47 |
- else: |
48 |
- gajim.config.set_per('accounts', self.name, |
49 |
-- 'ssl_fingerprint_sha1', con.Connection.ssl_fingerprint_sha1) |
50 |
-+ 'ssl_fingerprint_sha1', |
51 |
-+ con.Connection.ssl_fingerprint_sha1[-1]) |
52 |
- if not check_X509.check_certificate(con.Connection.ssl_certificate, |
53 |
- hostname) and '100' not in gajim.config.get_per('accounts', |
54 |
- self.name, 'ignore_ssl_errors').split(): |
55 |
-@@ -1347,8 +1353,8 @@ class Connection(CommonConnection, ConnectionHandlers): |
56 |
- hostname |
57 |
- gajim.nec.push_incoming_event(SSLErrorEvent(None, conn=self, |
58 |
- error_text=txt, error_num=100, |
59 |
-- cert=con.Connection.ssl_cert_pem, |
60 |
-- fingerprint=con.Connection.ssl_fingerprint_sha1, |
61 |
-+ cert=con.Connection.ssl_cert_pem[-1], |
62 |
-+ fingerprint=con.Connection.ssl_fingerprint_sha1[-1], |
63 |
- certificate=con.Connection.ssl_certificate)) |
64 |
- return True |
65 |
- |