1 files changed, 63 insertions, 0 deletions

diff --git a/meta/recipes-support/gnupg/gnupg-2.0.19/GnuPG2-CVE-2012-6085.patch b/meta/recipes-support/gnupg/gnupg-2.0.19/GnuPG2-CVE-2012-6085.patch
new file mode 100644
index 0000000000..64c30342cc
--- /dev/null
+++ b/meta/recipes-support/gnupg/gnupg-2.0.19/GnuPG2-CVE-2012-6085.patch
@@ -0,0 +1,63 @@
+commit 498882296ffac7987c644aaf2a0aa108a2925471
+Author: Werner Koch <wk@gnupg.org>
+Date:   Thu Dec 20 09:43:41 2012 +0100
+
+    gpg: Import only packets which are allowed in a keyblock.
+    
+    * g10/import.c (valid_keyblock_packet): New.
+    (read_block): Store only valid packets.
+    --
+    
+    A corrupted key, which for example included a mangled public key
+    encrypted packet, used to corrupt the keyring.  This change skips all
+    packets which are not allowed in a keyblock.
+    
+    GnuPG-bug-id: 1455
+    
+    (cherry-picked from commit 3a4b96e665fa639772854058737ee3d54ba0694e)
+
+Upstream-Status: Backport
+
+Signed-off-by: Saul Wold <sgw@linux.intel.com>
+
+diff --git a/g10/import.c b/g10/import.c
+index ba2439d..ad112d6 100644
+--- a/g10/import.c
++++ b/g10/import.c
+@@ -347,6 +347,27 @@ import_print_stats (void *hd)
+ }
+ 
+ 
++/* Return true if PKTTYPE is valid in a keyblock.  */
++static int
++valid_keyblock_packet (int pkttype)
++{
++  switch (pkttype)
++    {
++    case PKT_PUBLIC_KEY:
++    case PKT_PUBLIC_SUBKEY:
++    case PKT_SECRET_KEY:
++    case PKT_SECRET_SUBKEY:
++    case PKT_SIGNATURE:
++    case PKT_USER_ID:
++    case PKT_ATTRIBUTE:
++    case PKT_RING_TRUST:
++      return 1;
++    default:
++      return 0;
++    }
++}
++
++
+ /****************
+  * Read the next keyblock from stream A.
+  * PENDING_PKT should be initialzed to NULL
+@@ -424,7 +445,7 @@ read_block( IOBUF a, PACKET **pending_pkt, KBNODE *ret_root )
+ 	    }
+ 	    in_cert = 1;
+ 	  default:
+-	    if( in_cert ) {
++	    if (in_cert && valid_keyblock_packet (pkt->pkttype)) {
+ 		if( !root )
+ 		    root = new_kbnode( pkt );
+ 		else