From bebdffb4de586fb43fd07ac549121f4b22f6812d Mon Sep 17 00:00:00 2001 From: "Douglas R. Reno" Date: Mon, 18 Oct 2021 13:18:01 -0500 Subject: [PATCH] Fix CVE-2021-39359 by forcing TLS certificate validation This was done by adding "ssl-use-system-ca-file", TRUE to the options for each soup_session_new_with_options() call that was made. Tested on Linux From Scratch 11.0 and Debian 11. Fixes #249 --- providers/web/gda-web-provider.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/providers/web/gda-web-provider.c b/providers/web/gda-web-provider.c index cf8d14dc3..cc818895f 100644 --- a/providers/web/gda-web-provider.c +++ b/providers/web/gda-web-provider.c @@ -355,8 +355,8 @@ gda_web_provider_open_connection (GdaServerProvider *provider, GdaConnection *cn g_rec_mutex_init (& (cdata->mutex)); cdata->server_id = NULL; cdata->forced_closing = FALSE; - cdata->worker_session = soup_session_new (); - cdata->front_session = soup_session_new_with_options ("max-conns-per-host", 1, NULL); + cdata->worker_session = soup_session_new_with_options ("ssl-use-system-ca-file", TRUE, NULL); + cdata->front_session = soup_session_new_with_options ("max-conns-per-host", 1, "ssl-use-system-ca-file", TRUE, NULL); if (use_ssl) { server_url = g_string_new ("https://"); g_print ("USING SSL\n"); -- GitLab 5114e5dd9ae56581c730b73149de28d2765ce7'>commitdiff
path: root/tests/guix-describe.sh
AgeCommit message (Expand)Author
2018-09-07Add 'guix describe'....* guix/scripts/describe.scm: New file. * Makefile.am (MODULES): Add it. (SH_TESTS): Add tests/guix-describe.sh. * po/guix/POTFILES.in: Add it. * guix/scripts/pull.scm (display-profile-content): Export. * guix/describe.scm (current-profile, current-profile-entries): Export. * tests/guix-describe.sh: New file. * doc/guix.texi (Features): Mention 'guix pull' and provenance tracking. (Invoking guix pull): Link to 'guix describe'. (Channels): Likewise. (Invoking guix describe): New node. Ludovic Courtès