aboutsummaryrefslogtreecommitdiff
From 4876e3a692739bb9ca00d0f500fd5f4b3eb16ce3 Mon Sep 17 00:00:00 2001
From: Tom Callaway <spot@fedoraproject.org>
Date: Fri, 7 Sep 2012 11:39:29 -0400
Subject: apply fix for CVE-2012-4409 (thanks to Raphael Geissert)

--- mcrypt-2.6.8/src/extra.c.CVE-2012-4409	2012-09-07 11:00:55.906870746 -0400
+++ mcrypt-2.6.8/src/extra.c	2012-09-07 11:00:27.967858365 -0400
@@ -242,6 +242,8 @@ int check_file_head(FILE * fstream, char
 			if (m_getbit(0, sflag) != 0) { /* if the first bit is set */
 				*salt_size = m_setbit(0, sflag, 0);
 				if (*salt_size > 0) {
+					if (*salt_size > sizeof(tmp_buf))
+						err_quit(_("Salt is too long\n"));
 					fread(tmp_buf, 1, *salt_size,
 					      fstream);
 					memmove(salt, tmp_buf, *salt_size);
 
-- 
cgit v0.12

ar): Reference patch, and update. Brett Gilio 2020-11-16gnu: bam: Cross-compile....* gnu/packages/build-tools.scm (bam)[arguments]: Use cc-for-target in make-flags. Efraim Flashner 2020-11-16gnu: premake4: Cross compile....* gnu/packages/build-tools.scm (premake4)[arguments]: Use cc-for-target in make-flags. Efraim Flashner 2020-10-19gnu: gn: Update to 0.0-1819.e327ffd....* gnu/packages/build-tools.scm (gn): Update to 0.0-1819.e327ffd. Marius Bakke 2020-09-14gnu: bear: Update to 2.4.4....* gnu/packages/build-tools.scm (bear): Update to 2.4.4. Tobias Geerinckx-Rice 2020-09-13gnu: Add meson 0.55.1....* gnu/packages/build-tools.scm (meson-0.55): New variable. Co-authored-by: Ludovic Courtès <ludo@gnu.org> Alexandros Theodotou 2020-07-12gnu: Remove ".git" from "https://github/…/….git"....Until now, 'lookup-origin' and thus 'lookup-origin-revision' in (guix swh) would sometimes return #f for these because the ".git" URLs are redirects to the non-".git" URLs. Consequently, 'guix lint -c archival' would keep saying "scheduled Software Heritage archival"; likewise, the fallback download code would fail. * gnu/packages/ada.scm, gnu/packages/admin.scm, gnu/packages/aidc.scm, gnu/packages/algebra.scm, gnu/packages/android.scm, gnu/packages/animation.scm, gnu/packages/arcan.scm, gnu/packages/assembly.scm, gnu/packages/audio.scm, gnu/packages/authentication.scm, gnu/packages/avr.scm, gnu/packages/axoloti.scm, gnu/packages/backup.scm, gnu/packages/bash.scm, gnu/packages/benchmark.scm, gnu/packages/bioconductor.scm, gnu/packages/bioinformatics.scm, gnu/packages/bittorrent.scm, gnu/packages/boost.scm, gnu/packages/build-tools.scm, gnu/packages/c.scm, gnu/packages/calendar.scm, gnu/packages/cdrom.scm, gnu/packages/check.scm, gnu/packages/chemistry.scm, gnu/packages/chez.scm, gnu/packages/clojure.scm, gnu/packages/code.scm, gnu/packages/compression.scm, gnu/packages/compton.scm, gnu/packages/coq.scm, gnu/packages/cpp.scm, gnu/packages/cran.scm, gnu/packages/crypto.scm, gnu/packages/curl.scm, gnu/packages/databases.scm, gnu/packages/datastructures.scm, gnu/packages/debug.scm, gnu/packages/disk.scm, gnu/packages/distributed.scm, gnu/packages/django.scm, gnu/packages/dlang.scm, gnu/packages/dns.scm, gnu/packages/docker.scm, gnu/packages/education.scm, gnu/packages/efi.scm, gnu/packages/elixir.scm, gnu/packages/emacs-xyz.scm, gnu/packages/embedded.scm, gnu/packages/emulators.scm, gnu/packages/engineering.scm, gnu/packages/erlang.scm, gnu/packages/fabric-management.scm, gnu/packages/file-systems.scm, gnu/packages/finance.scm, gnu/packages/firmware.scm, gnu/packages/flashing-tools.scm, gnu/packages/fonts.scm, gnu/packages/fontutils.scm, gnu/packages/fpga.scm, gnu/packages/game-development.scm, gnu/packages/games.scm, gnu/packages/genealogy.scm, gnu/packages/genimage.scm, gnu/packages/geo.scm, gnu/packages/gimp.scm, gnu/packages/gl.scm, gnu/packages/gnome-xyz.scm, gnu/packages/gnome.scm, gnu/packages/gnuzilla.scm, gnu/packages/golang.scm, gnu/packages/gpodder.scm, gnu/packages/graph.scm, gnu/packages/graphics.scm, gnu/packages/graphviz.scm, gnu/packages/groff.scm, gnu/packages/groovy.scm, gnu/packages/gtk.scm, gnu/packages/guile-xyz.scm, gnu/packages/guile.scm, gnu/packages/hardware.scm, gnu/packages/haskell-apps.scm, gnu/packages/haskell-xyz.scm, gnu/packages/hexedit.scm, gnu/packages/i2p.scm, gnu/packages/ibus.scm, gnu/packages/image-processing.scm, gnu/packages/image-viewers.scm, gnu/packages/image.scm, gnu/packages/ipfs.scm, gnu/packages/java-graphics.scm, gnu/packages/java-maths.scm, gnu/packages/java.scm, gnu/packages/javascript.scm, gnu/packages/jrnl.scm, gnu/packages/julia.scm, gnu/packages/jupyter.scm, gnu/packages/kodi.scm, gnu/packages/language.scm, gnu/packages/lego.scm, gnu/packages/less.scm, gnu/packages/libusb.scm, gnu/packages/linux.scm, gnu/packages/lirc.scm, gnu/packages/lisp-xyz.scm, gnu/packages/llvm.scm, gnu/packages/logging.scm, gnu/packages/lolcode.scm, gnu/packages/lua.scm, gnu/packages/lxde.scm, gnu/packages/lxqt.scm, gnu/packages/machine-learning.scm, gnu/packages/mail.scm, gnu/packages/markup.scm, gnu/packages/maths.scm, gnu/packages/maven.scm, gnu/packages/mes.scm, gnu/packages/messaging.scm, gnu/packages/monitoring.scm, gnu/packages/mpd.scm, gnu/packages/music.scm, gnu/packages/networking.scm, gnu/packages/node-xyz.scm, gnu/packages/ocaml.scm, gnu/packages/ocr.scm, gnu/packages/onc-rpc.scm, gnu/packages/opencl.scm, gnu/packages/opencog.scm, gnu/packages/pantheon.scm, gnu/packages/password-utils.scm, gnu/packages/patchutils.scm, gnu/packages/pdf.scm, gnu/packages/perl6.scm, gnu/packages/phabricator.scm, gnu/packages/popt.scm, gnu/packages/printers.scm, gnu/packages/prolog.scm, gnu/packages/protobuf.scm, gnu/packages/pulseaudio.scm, gnu/packages/python-crypto.scm, gnu/packages/python-web.scm, gnu/packages/python-xyz.scm, gnu/packages/qt.scm, gnu/packages/radio.scm, gnu/packages/rails.scm, gnu/packages/rdf.scm, gnu/packages/rednotebook.scm, gnu/packages/rpc.scm, gnu/packages/rsync.scm, gnu/packages/ruby.scm, gnu/packages/rust.scm, gnu/packages/scheme.scm, gnu/packages/screen.scm, gnu/packages/security-token.scm, gnu/packages/selinux.scm, gnu/packages/serialization.scm, gnu/packages/shells.scm, gnu/packages/shellutils.scm, gnu/packages/simh.scm, gnu/packages/sml.scm, gnu/packages/ssh.scm, gnu/packages/statistics.scm, gnu/packages/stenography.scm, gnu/packages/sync.scm, gnu/packages/syncthing.scm, gnu/packages/synergy.scm, gnu/packages/telephony.scm, gnu/packages/terminals.scm, gnu/packages/tex.scm, gnu/packages/texinfo.scm, gnu/packages/text-editors.scm, gnu/packages/textutils.scm, gnu/packages/time.scm, gnu/packages/tmux.scm, gnu/packages/tor.scm, gnu/packages/toys.scm, gnu/packages/version-control.scm, gnu/packages/video.scm, gnu/packages/vim.scm, gnu/packages/virtualization.scm, gnu/packages/vlang.scm, gnu/packages/vnc.scm, gnu/packages/vpn.scm, gnu/packages/web-browsers.scm, gnu/packages/web.scm, gnu/packages/wireservice.scm, gnu/packages/wm.scm, gnu/packages/wxwidgets.scm, gnu/packages/xdisorg.scm, gnu/packages/xml.scm, gnu/packages/xorg.scm, tests/lint.scm: Remove trailing ".git" from 'git-reference' URL. Ludovic Courtès 2020-07-01gnu: premake@5: Update to 5.0.0-alpha15....* gnu/packages/build-tools.scm (premake5): Update to 5.0.0-alpha15. [arguments]: Modify ‘enter-source’ phase. Tobias Geerinckx-Rice 2020-06-22gnu: gn: Update to 0.0-1794.eb997b5....* gnu/packages/build-tools.scm (gn): Update to 0.0-1794.eb997b5. Marius Bakke 2020-06-16gnu: tup: Update to 0.7.9....* gnu/packages/build-tools.scm (tup): Update to 0.7.9. Tobias Geerinckx-Rice 2020-06-14gnu: Add tup....* gnu/packages/build-tools.scm (tup): New variable. * gnu/packages/patches/tup-unbundle-dependencies.patch: New file. * gnu/local.mk (dist_patch_DATA): Register new file. Jakub Kądziołka 2020-05-28gnu: Add compiledb....* gnu/packages/build-tools.scm (compiledb): New variable. Signed-off-by: Leo Famulari <leo@famulari.name> Yuval Kogman 2020-04-13Merge branch 'master' into core-updatesMarius Bakke 2020-04-12gnu: gn: Update to 0.0-1736.ec938dd....* gnu/packages/build-tools.scm (gn): Update to 0.0-1736.ec938dd. [arguments]: Adjust last_commit_position.h for upstream changes. Marius Bakke