Added security fix for CVE-2021-34825
This commit is contained in:
parent
88bf4b40ab
commit
a3338edcfa
|
@ -4,7 +4,7 @@
|
||||||
Name: quassel
|
Name: quassel
|
||||||
Summary: A modern distributed IRC system
|
Summary: A modern distributed IRC system
|
||||||
Version: 0.13.1
|
Version: 0.13.1
|
||||||
Release: 7%{?dist}
|
Release: 8%{?dist}
|
||||||
|
|
||||||
License: GPLv2 or GPLv3
|
License: GPLv2 or GPLv3
|
||||||
URL: http://quassel-irc.org/
|
URL: http://quassel-irc.org/
|
||||||
|
@ -14,6 +14,7 @@ Source0: http://quassel-irc.org/pub/quassel-%{version}.tar.bz2
|
||||||
#https://github.com/freebsd/freebsd-ports/blob/b6c49e02ef34b163293e453c7245093cb7668a40/irc/quassel/files/patch-src_common_types.h
|
#https://github.com/freebsd/freebsd-ports/blob/b6c49e02ef34b163293e453c7245093cb7668a40/irc/quassel/files/patch-src_common_types.h
|
||||||
Patch0: https://raw.githubusercontent.com/freebsd/freebsd-ports/b6c49e02ef34b163293e453c7245093cb7668a40/irc/quassel/files/patch-src_common_types.h
|
Patch0: https://raw.githubusercontent.com/freebsd/freebsd-ports/b6c49e02ef34b163293e453c7245093cb7668a40/irc/quassel/files/patch-src_common_types.h
|
||||||
Patch1: %{name}-gcc11.patch
|
Patch1: %{name}-gcc11.patch
|
||||||
|
Patch2: quassel_0.13.1_CVE-2021-34825.patch
|
||||||
|
|
||||||
BuildRequires: cmake
|
BuildRequires: cmake
|
||||||
BuildRequires: dbusmenu-qt5-devel
|
BuildRequires: dbusmenu-qt5-devel
|
||||||
|
@ -174,6 +175,9 @@ exit 0
|
||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Jun 17 2021 Chris Egeland <chris@chrisegeland.com> - 0.13.1-8
|
||||||
|
- Added security fix for CVE-2021-34825
|
||||||
|
|
||||||
* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 0.13.1-7
|
* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 0.13.1-7
|
||||||
- Rebuilt for updated systemd-rpm-macros
|
- Rebuilt for updated systemd-rpm-macros
|
||||||
See https://pagure.io/fesco/issue/2583.
|
See https://pagure.io/fesco/issue/2583.
|
||||||
|
|
|
@ -0,0 +1,18 @@
|
||||||
|
diff --git a/src/core/sslserver.cpp b/src/core/sslserver.cpp
|
||||||
|
index 9c3c7edc..1c1f05cd 100644
|
||||||
|
--- a/src/core/sslserver.cpp
|
||||||
|
+++ b/src/core/sslserver.cpp
|
||||||
|
@@ -49,6 +49,13 @@ SslServer::SslServer(QObject* parent)
|
||||||
|
|
||||||
|
// Initialize the certificates for first-time usage
|
||||||
|
if (!loadCerts()) {
|
||||||
|
+ // If the core is unable to load a certificate, and "--require-ssl" is specified,
|
||||||
|
+ // do not proceed, throw an exception and quit. This prevents the core from falling
|
||||||
|
+ // back to a plaintext-only core when they should be expecting SSL/TLS only.
|
||||||
|
+ if (Quassel::isOptionSet("require-ssl")) {
|
||||||
|
+ throw ExitException{EXIT_FAILURE, tr("--require-ssl is set, but no SSL certificate is available. Exiting.\n"
|
||||||
|
+ "Please see https://quassel-irc.org/faq/cert to learn how to enable SSL support.")};
|
||||||
|
+ }
|
||||||
|
if (!sslWarningShown) {
|
||||||
|
qWarning() << "SslServer: Unable to set certificate file\n"
|
||||||
|
<< " Quassel Core will still work, but cannot provide SSL for client connections.\n"
|
Loading…
Reference in New Issue