packages/engrampa
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2023-52138

Browse Source
This commit is contained in:
Yudong Cui 2024-07-29 17:52:30 +08:00
parent 522031b52f
commit f25db0b276
2 changed files with 54 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
CVE-2023-52138.patch Normal file
View File

@ -0,0 +1,49 @@
From 7adf9de007304769bc1857eca85bf72d98cb7bbe Mon Sep 17 00:00:00 2001
From: peijiankang <peijiankang@kylinos.cn>
Date: Tue, 30 Apr 2024 14:02:32 +0800
Subject: [PATCH] CVE-2023-52138
---
src/fr-command-cpio.c | 6 +++---
src/fr-command-unarchiver.c | 1 +
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/fr-command-cpio.c b/src/fr-command-cpio.c
index 6cbe61d..f048fdb 100644
--- a/src/fr-command-cpio.c
+++ b/src/fr-command-cpio.c
@@ -222,7 +222,7 @@ fr_command_cpio_extract (FrCommand *comm,
}
-const char *cpio_mime_type[] = { "application/x-cpio", NULL };
+const char *cpio_mime_type[] = { /*"application/x-cpio",*/ NULL };
static const char **
@@ -240,8 +240,8 @@ fr_command_cpio_get_capabilities (FrCommand *comm,
FrCommandCap capabilities;
capabilities = FR_COMMAND_CAN_ARCHIVE_MANY_FILES;
- if (is_program_available (CPIO_PATH, check_command))
- capabilities |= FR_COMMAND_CAN_READ;
+/* if (is_program_available (CPIO_PATH, check_command))
+ capabilities |= FR_COMMAND_CAN_READ;*/
return capabilities;
}
diff --git a/src/fr-command-unarchiver.c b/src/fr-command-unarchiver.c
index 5e2acd4..548c7da 100644
--- a/src/fr-command-unarchiver.c
+++ b/src/fr-command-unarchiver.c
@@ -255,6 +255,7 @@ fr_command_unarchiver_handle_error (FrCommand *comm,
const char *unarchiver_mime_type[] = { "application/zip",
"application/x-cbr",
"application/x-rar",
+ "application/x-cpio",
NULL };
--
2.43.0

6
engrampa.spec
View File

@ -14,7 +14,7 @@
Name: engrampa
Version: 1.24.1
Release: 1
Release: 2
Summary: MATE Desktop file archiver
License: GPLv2+ and LGPLv2+
URL: http://mate-desktop.org
@ -33,6 +33,7 @@ BuildRequires: json-glib-devel
#BuildRequires: caja-devel
BuildRequires: libSM-devel
Patch001: CVE-2023-52138.patch
%description
Mate File Archiver is an application for creating and viewing archives files,
such as zip, xv, bzip2, cab, rar and other compress formats.
@ -95,5 +96,8 @@ find %{buildroot} -name "*.la" -exec rm -f {} ';'
%changelog
* Mon July 29 2024 cuiyudong <cuiyudong@kylinos.cn> - 1.24.1-2
- fix CVE-2023-52138
* Wed Sep 02 2020 douyan <douyan@kylinos.cn> - 1.24.1-1
- package init