From 3578bdf698ca90637aefb7b75556fcde427a8d4417fbc6beaceabbeb29f1df33 Mon Sep 17 00:00:00 2001 From: Dominique Leuenberger Date: Tue, 7 Jun 2016 21:43:36 +0000 Subject: [PATCH] Accepting request 399868 from Base:System - add gnupg-fix-signature-checking.patch (bsc#981020) https://bugs.gnupg.org/gnupg/issue2351 OBS-URL: https://build.opensuse.org/request/show/399868 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gpg2?expand=0&rev=104 --- gnupg-fix-signature-checking.patch | 50 ++++++++++++++++++++++++++++++ gpg2.changes | 6 ++++ gpg2.spec | 2 ++ 3 files changed, 58 insertions(+) create mode 100644 gnupg-fix-signature-checking.patch diff --git a/gnupg-fix-signature-checking.patch b/gnupg-fix-signature-checking.patch new file mode 100644 index 0000000..9ede8fe --- /dev/null +++ b/gnupg-fix-signature-checking.patch @@ -0,0 +1,50 @@ +From 83a90a916e8e2f8e44c3b11d11e1dd75f65a87fb Mon Sep 17 00:00:00 2001 +From: NIIBE Yutaka +Date: Wed, 11 May 2016 19:27:03 +0900 +Subject: [PATCH] g10: Fix signature checking. + +* g10/sig-check.c (check_signature_over_key_or_uid): Fix call to +walk_kbnode. + +-- + +Thanks to Vincent Brillault (Feandil). + +GnuPG-bug-id: 2351 +Signed-off-by: NIIBE Yutaka +--- + g10/sig-check.c | 13 +++++++++---- + 1 file changed, 9 insertions(+), 4 deletions(-) + +diff --git a/g10/sig-check.c b/g10/sig-check.c +index 290f19a..7000b48 100644 +--- a/g10/sig-check.c ++++ b/g10/sig-check.c +@@ -797,15 +797,20 @@ check_signature_over_key_or_uid (PKT_public_key *signer, + *is_selfsig = 1; + } + else +- /* See if one of the subkeys was the signer (although this is +- extremely unlikely). */ + { + kbnode_t ctx = NULL; + kbnode_t n; + +- while ((n = walk_kbnode (kb, &ctx, PKT_PUBLIC_SUBKEY))) ++ /* See if one of the subkeys was the signer (although this ++ is extremely unlikely). */ ++ while ((n = walk_kbnode (kb, &ctx, 0))) + { +- PKT_public_key *subk = n->pkt->pkt.public_key; ++ PKT_public_key *subk; ++ ++ if (n->pkt->pkttype != PKT_PUBLIC_SUBKEY) ++ continue; ++ ++ subk = n->pkt->pkt.public_key; + if (sig->keyid[0] == subk->keyid[0] + && sig->keyid[1] == subk->keyid[1]) + /* Issued by a subkey. */ +-- +2.8.0.rc3 + diff --git a/gpg2.changes b/gpg2.changes index 91a16d4..cb5faec 100644 --- a/gpg2.changes +++ b/gpg2.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Thu Jun 2 16:01:40 UTC 2016 - pjanouch@suse.de + +- add gnupg-fix-signature-checking.patch (bsc#981020) + https://bugs.gnupg.org/gnupg/issue2351 + ------------------------------------------------------------------- Wed May 4 15:37:12 UTC 2016 - astieger@suse.com diff --git a/gpg2.spec b/gpg2.spec index 93be054..467e25a 100644 --- a/gpg2.spec +++ b/gpg2.spec @@ -34,6 +34,7 @@ Patch6: gnupg-dont-fail-with-seahorse-agent.patch Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch Patch11: gnupg-add_legacy_FIPS_mode_option.patch +Patch12: gnupg-fix-signature-checking.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libadns-devel @@ -84,6 +85,7 @@ gpg-agent, and a keybox library. %patch8 -p1 %patch9 -p1 %patch11 -p1 +%patch12 -p1 %build date=$(date -u +%{Y}-%{m}-%{dT}%{H}:%{M}+0000 -r %{SOURCE99})