diff options
author | Douglas R. Reno <renodr@linuxfromscratch.org> | 2021-09-15 17:40:00 +0000 |
---|---|---|
committer | Douglas R. Reno <renodr@linuxfromscratch.org> | 2021-10-14 11:04:36 -0500 |
commit | 0ddb634dde56dbd7c589ce1fb7c8871fd183e1e9 (patch) | |
tree | 8f39cfb05629906953543436407ff1693cbe96a3 | |
parent | f22e9902b5992e0b46c27fb4c11c82e10d3e56cc (diff) | |
download | libgfbgraph-0ddb634dde56dbd7c589ce1fb7c8871fd183e1e9.tar.gz |
Fix CVE-2021-39358 by forcing TLS certificate validation
This is similar to the fix performed in other packages. See
https://gitlab.gnome.org/Teams/Releng/security/-/issues/57 for more
details.
Tested on Linux From Scratch 11.0 and on Debian 11.
Fixes #17
-rw-r--r-- | gfbgraph/gfbgraph-photo.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/gfbgraph/gfbgraph-photo.c b/gfbgraph/gfbgraph-photo.c index af3cfb6..d865609 100644 --- a/gfbgraph/gfbgraph-photo.c +++ b/gfbgraph/gfbgraph-photo.c @@ -452,6 +452,7 @@ gfbgraph_photo_download_default_size (GFBGraphPhoto *photo, session = soup_session_sync_new (); requester = soup_requester_new (); + g_object_set (G_OBJECT (session), "ssl-use-system-ca-file", TRUE, NULL); soup_session_add_feature (session, SOUP_SESSION_FEATURE (requester)); request = soup_requester_request (requester, priv->source, error); |