[arch-commits] Commit in connman/trunk (PKGBUILD)

Jonas Witschel diabonas at archlinux.org
Mon Feb 8 09:58:15 UTC 2021 

    Date: Monday, February 8, 2021 @ 09:58:15
  Author: diabonas
Revision: 848830

upgpkg: connman 1.38-2: fix CVE-2021-26675/CVE-2021-26676 (FS#69583)

Modified:
  connman/trunk/PKGBUILD

----------+
 PKGBUILD |   17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2021-02-08 09:50:01 UTC (rev 848829)
+++ PKGBUILD	2021-02-08 09:58:15 UTC (rev 848830)
@@ -4,7 +4,7 @@
 
 pkgname=connman
 pkgver=1.38
-pkgrel=1
+pkgrel=2
 pkgdesc="Intel's modular network connection manager"
 url="https://01.org/connman"
 arch=('x86_64')
@@ -19,15 +19,26 @@
             'iwd: for WiFi devices')
 source=("${pkgname}-${pkgver}.tar.xz::https://www.kernel.org/pub/linux/network/${pkgname}/${pkgname}-${pkgver}.tar.xz"
         "${pkgname}-${pkgver}.tar.sign::https://www.kernel.org/pub/linux/network/${pkgname}/${pkgname}-${pkgver}.tar.sign"
-        'allow_group_network.diff')
+        'allow_group_network.diff'
+        'connman-1.38_CVE-2021-26676_1.patch::https://git.kernel.org/pub/scm/network/connman/connman.git/patch/?id=58d397ba74873384aee449690a9070bacd5676fa'
+        'connman-1.38_CVE-2021-26676_2.patch::https://git.kernel.org/pub/scm/network/connman/connman.git/patch/?id=a74524b3e3fad81b0fd1084ffdf9f2ea469cd9b1'
+        'connman-1.38_CVE-2021-26675.patch::https://git.kernel.org/pub/scm/network/connman/connman.git/patch/?id=e4079a20f617a4b076af503f6e4e8b0304c9f2cb')
 sha512sums=('9c8f77c4dd62763ccb9ea5cc5d285a8a1c51bb09a82eafc73246231557a4f627ae1e5e4a9df5e104457390ebba643349d7d67800a4ee4c17c6dceff192afe8d4'
             'SKIP'
-            '06dd5867d460f1c3cf6c359e650ca2ef24495493a99cd03dbd17f23e587e9066d9bc98758d85d5c690d1ae21fa77ad8da5e2fa83d0b52c95d7a535784c5c4964')
+            '06dd5867d460f1c3cf6c359e650ca2ef24495493a99cd03dbd17f23e587e9066d9bc98758d85d5c690d1ae21fa77ad8da5e2fa83d0b52c95d7a535784c5c4964'
+            '8ce763511847ca826a06af1cece44b28bf57e8e1acd4ad711c997262b6aad70b28cbb4833fc7ad94ab8dfda7b3c0e4b8bff728980040669698e336f953dd31f2'
+            'c884996bacc842ede38ab752c2a7476f5c1c8bcff9a3d34b2a60ef77f7674e8c9e0104c85a7249de0e7bcb324c36fab9c8eac553c19d983ed0b9230f287411fc'
+            'cd33cfcaab5ac5ee58309442d75fbe414d62185cf9688cc2d5cfae19ee837b076b514a3e0e03b07360332760884140d02e07bc0f365edd4509d78166840d309a')
 validpgpkeys=('E932D120BC2AEC444E558F0106CA9F5D1DCF2659')
 
 prepare(){
   cd "${pkgname}-${pkgver}"
   patch -Np1 -i "${srcdir}/allow_group_network.diff"
+
+  # Fix CVE-2021-26675 and CVE-2021-26676 (FS#69583)
+  patch -Np1 -i "${srcdir}/connman-1.38_CVE-2021-26676_1.patch"
+  patch -Np1 -i "${srcdir}/connman-1.38_CVE-2021-26676_2.patch"
+  patch -Np1 -i "${srcdir}/connman-1.38_CVE-2021-26675.patch"
 }
 
 build() {

More information about the arch-commits mailing list