File gnupg-CVE-2018-9234.patch of Package gpg2.7706

From: Karol Babioch <kbabioch@suse.de>
Date: Thu Apr  5 10:32:21 CEST 2018
Upstream: merged
References: https://dev.gnupg.org/rGa17d2d1f690ebe5d005b4589a5fe378b6487c657
References: https://dev.gnupg.org/T3844
Subject: Fix for bnc#1088255 (CVE-2018-9234)
---
 g10/getkey.c |    2 ++
 1 file changed, 2 insertions(+)

Index: gnupg-2.2.5/g10/getkey.c
===================================================================
--- gnupg-2.2.5.orig/g10/getkey.c
+++ gnupg-2.2.5/g10/getkey.c
@@ -1810,6 +1810,8 @@ get_pubkey_byfprint (ctrl_t ctrl, PKT_pu
       ctx.items[0].mode = fprint_len == 16 ? KEYDB_SEARCH_MODE_FPR16
 	: KEYDB_SEARCH_MODE_FPR20;
       memcpy (ctx.items[0].u.fpr, fprint, fprint_len);
+      if (pk)
+        ctx.req_usage = pk->req_usage;
       rc = lookup (ctrl, &ctx, 0, &kb, &found_key);
       if (!rc && pk)
 	pk_from_block (pk, kb, found_key);
openSUSE Build Service is sponsored by