packages/engrampa
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2023-52138

Browse Source
This commit is contained in:
Yudong Cui 2024-07-29 17:52:30 +08:00
parent 522031b52f
commit f25db0b276
2 changed files with 54 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
CVE-2023-52138.patch Normal file
View File

@ -0,0 +1,49 @@
From 7adf9de007304769bc1857eca85bf72d98cb7bbe Mon Sep 17 00:00:00 2001
From: peijiankang <peijiankang@kylinos.cn>
Date: Tue, 30 Apr 2024 14:02:32 +0800
Subject: [PATCH] CVE-2023-52138
---
src/fr-command-cpio.c | 6 +++---
src/fr-command-unarchiver.c | 1 +
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/fr-command-cpio.c b/src/fr-command-cpio.c
index 6cbe61d..f048fdb 100644
--- a/src/fr-command-cpio.c
+++ b/src/fr-command-cpio.c
@@ -222,7 +222,7 @@ fr_command_cpio_extract (FrCommand *comm,
}
-const char *cpio_mime_type[] = { "application/x-cpio", NULL };
+const char *cpio_mime_type[] = { /*"application/x-cpio",*/ NULL };
static const char **
@@ -240,8 +240,8 @@ fr_command_cpio_get_capabilities (FrCommand *comm,
FrCommandCap capabilities;
capabilities = FR_COMMAND_CAN_ARCHIVE_MANY_FILES;
- if (is_program_available (CPIO_PATH, check_command))
- capabilities |= FR_COMMAND_CAN_READ;
+/* if (is_program_available (CPIO_PATH, check_command))
+ capabilities |= FR_COMMAND_CAN_READ;*/
return capabilities;
}
diff --git a/src/fr-command-unarchiver.c b/src/fr-command-unarchiver.c
index 5e2acd4..548c7da 100644
--- a/src/fr-command-unarchiver.c
+++ b/src/fr-command-unarchiver.c
@@ -255,6 +255,7 @@ fr_command_unarchiver_handle_error (FrCommand *comm,
const char *unarchiver_mime_type[] = { "application/zip",
"application/x-cbr",
"application/x-rar",
+ "application/x-cpio",
NULL };
--
2.43.0

6
engrampa.spec
View File

@ -14,7 +14,7 @@
Name: engrampa Name: engrampa
Version: 1.24.1 Version: 1.24.1
Release: 1 Release: 2
Summary: MATE Desktop file archiver Summary: MATE Desktop file archiver
License: GPLv2+ and LGPLv2+ License: GPLv2+ and LGPLv2+
URL: http://mate-desktop.org URL: http://mate-desktop.org
@ -33,6 +33,7 @@ BuildRequires: json-glib-devel
#BuildRequires: caja-devel #BuildRequires: caja-devel
BuildRequires: libSM-devel BuildRequires: libSM-devel
Patch001: CVE-2023-52138.patch
%description %description
Mate File Archiver is an application for creating and viewing archives files, Mate File Archiver is an application for creating and viewing archives files,
such as zip, xv, bzip2, cab, rar and other compress formats. such as zip, xv, bzip2, cab, rar and other compress formats.
@ -95,5 +96,8 @@ find %{buildroot} -name "*.la" -exec rm -f {} ';'
%changelog %changelog
* Mon July 29 2024 cuiyudong <cuiyudong@kylinos.cn> - 1.24.1-2
- fix CVE-2023-52138
* Wed Sep 02 2020 douyan <douyan@kylinos.cn> - 1.24.1-1 * Wed Sep 02 2020 douyan <douyan@kylinos.cn> - 1.24.1-1
- package init - package init