packages/engrampa
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!21 修复CVE-2023-52138

Browse Source 
From: @cuiyudong123 
Reviewed-by: @peijiankang 
Signed-off-by: @peijiankang
This commit is contained in:
openeuler-ci-bot 2024-08-19 01:45:29 +00:00 committed by Gitee
commit f874b2a103
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 54 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
CVE-2023-52138.patch Normal file
View File

@ -0,0 +1,49 @@
From 7adf9de007304769bc1857eca85bf72d98cb7bbe Mon Sep 17 00:00:00 2001
From: peijiankang <peijiankang@kylinos.cn>
Date: Tue, 30 Apr 2024 14:02:32 +0800
Subject: [PATCH] CVE-2023-52138
---
src/fr-command-cpio.c | 6 +++---
src/fr-command-unarchiver.c | 1 +
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/fr-command-cpio.c b/src/fr-command-cpio.c
index 6cbe61d..f048fdb 100644
--- a/src/fr-command-cpio.c
+++ b/src/fr-command-cpio.c
@@ -222,7 +222,7 @@ fr_command_cpio_extract (FrCommand *comm,
}
-const char *cpio_mime_type[] = { "application/x-cpio", NULL };
+const char *cpio_mime_type[] = { /*"application/x-cpio",*/ NULL };
static const char **
@@ -240,8 +240,8 @@ fr_command_cpio_get_capabilities (FrCommand *comm,
FrCommandCap capabilities;
capabilities = FR_COMMAND_CAN_ARCHIVE_MANY_FILES;
- if (is_program_available (CPIO_PATH, check_command))
- capabilities |= FR_COMMAND_CAN_READ;
+/* if (is_program_available (CPIO_PATH, check_command))
+ capabilities |= FR_COMMAND_CAN_READ;*/
return capabilities;
}
diff --git a/src/fr-command-unarchiver.c b/src/fr-command-unarchiver.c
index 5e2acd4..548c7da 100644
--- a/src/fr-command-unarchiver.c
+++ b/src/fr-command-unarchiver.c
@@ -255,6 +255,7 @@ fr_command_unarchiver_handle_error (FrCommand *comm,
const char *unarchiver_mime_type[] = { "application/zip",
"application/x-cbr",
"application/x-rar",
+ "application/x-cpio",
NULL };
--
2.43.0

6
engrampa.spec
View File

@ -14,7 +14,7 @@
Name: engrampa Name: engrampa
Version: 1.24.1 Version: 1.24.1
Release: 1 Release: 2
Summary: MATE Desktop file archiver Summary: MATE Desktop file archiver
License: GPLv2+ and LGPLv2+ License: GPLv2+ and LGPLv2+
URL: http://mate-desktop.org URL: http://mate-desktop.org
@ -33,6 +33,7 @@ BuildRequires: json-glib-devel
#BuildRequires: caja-devel #BuildRequires: caja-devel
BuildRequires: libSM-devel BuildRequires: libSM-devel
Patch001: CVE-2023-52138.patch
%description %description
Mate File Archiver is an application for creating and viewing archives files, Mate File Archiver is an application for creating and viewing archives files,
such as zip, xv, bzip2, cab, rar and other compress formats. such as zip, xv, bzip2, cab, rar and other compress formats.
@ -95,5 +96,8 @@ find %{buildroot} -name "*.la" -exec rm -f {} ';'
%changelog %changelog
* Mon July 29 2024 cuiyudong <cuiyudong@kylinos.cn> - 1.24.1-2
- fix CVE-2023-52138
* Wed Sep 02 2020 douyan <douyan@kylinos.cn> - 1.24.1-1 * Wed Sep 02 2020 douyan <douyan@kylinos.cn> - 1.24.1-1
- package init - package init