[libgfbgraph/stable-0.2.x] Fix CVE-2021-39358 by forcing TLS certificate validation

From: Leesoo Ahn <yisooan src gnome org>
To: commits-list gnome org
Cc:
Subject: [libgfbgraph/stable-0.2.x] Fix CVE-2021-39358 by forcing TLS certificate validation
Date: Fri, 15 Oct 2021 12:14:04 +0000 (UTC)

commit 4d722b8e89b5ecaf68cb6dd918fd48afd45ba884
Author: Douglas R. Reno <renodr linuxfromscratch org>
Date:   Wed Sep 15 17:40:00 2021 +0000

    Fix CVE-2021-39358 by forcing TLS certificate validation
    
    This is similar to the fix performed in other packages. See
    https://gitlab.gnome.org/Teams/Releng/security/-/issues/57 for more
    details.
    
    Tested on Linux From Scratch 11.0 and on Debian 11.
    
    Fixes #17

 gfbgraph/gfbgraph-photo.c | 1 +
 1 file changed, 1 insertion(+)
---
diff --git a/gfbgraph/gfbgraph-photo.c b/gfbgraph/gfbgraph-photo.c
index 69eb98d..2ebb9aa 100644
--- a/gfbgraph/gfbgraph-photo.c
+++ b/gfbgraph/gfbgraph-photo.c
@@ -422,6 +422,7 @@ gfbgraph_photo_download_default_size (GFBGraphPhoto *photo, GFBGraphAuthorizer *
 
         session = soup_session_sync_new ();
         requester = soup_requester_new ();
+        g_object_set (G_OBJECT (session), "ssl-use-system-ca-file", TRUE, NULL);
         soup_session_add_feature (session, SOUP_SESSION_FEATURE (requester));
 
         request = soup_requester_request (requester, priv->source, error);

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]