aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches/glib-CVE-2021-27219-13.patch
diff options
context:
space:
mode:
authorEfraim Flashner <efraim@flashner.co.il>2021-03-24 15:28:33 +0200
committerEfraim Flashner <efraim@flashner.co.il>2021-03-24 20:50:44 +0200
commit2aab587f842908a886e3bd08b028885dddd650e0 (patch)
tree87c0723a9ae2c69ab6920d90b6e87ad8510492fe /gnu/packages/patches/glib-CVE-2021-27219-13.patch
parent5664bcdcb0e4c10dfe48dd5e4730fc3c746a21e2 (diff)
parent65c46e79e0495fe4d32f6f2725d7233fff10fd70 (diff)
downloadguix-2aab587f842908a886e3bd08b028885dddd650e0.tar.gz
guix-2aab587f842908a886e3bd08b028885dddd650e0.zip
Merge remote-tracking branch 'origin/master' into core-updates
Diffstat (limited to 'gnu/packages/patches/glib-CVE-2021-27219-13.patch')
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27219-13.patch32
1 files changed, 32 insertions, 0 deletions
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-13.patch b/gnu/packages/patches/glib-CVE-2021-27219-13.patch
new file mode 100644
index 0000000000..6a287cc3a2
--- /dev/null
+++ b/gnu/packages/patches/glib-CVE-2021-27219-13.patch
@@ -0,0 +1,32 @@
+From e069c50467712e6d607822afd6b6c15c2c343dff Mon Sep 17 00:00:00 2001
+From: Simon McVittie <smcv@collabora.com>
+Date: Mon, 8 Feb 2021 10:34:50 +0000
+Subject: [PATCH 2/5] giochannel: Don't store negative line_term_len in
+ GIOChannel struct
+
+Adding test coverage indicated that this was another bug in 0cc11f74.
+
+Fixes: 0cc11f74 "giochannel: Forbid very long line terminator strings"
+Resolves: https://gitlab.gnome.org/GNOME/glib/-/issues/2323
+Signed-off-by: Simon McVittie <smcv@collabora.com>
+(cherry picked from commit 5dc8b0014c03e7491d93b90275ab442e888a9628)
+---
+ glib/giochannel.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/glib/giochannel.c b/glib/giochannel.c
+index 0d9d5f223..4c39b9dc0 100644
+--- a/glib/giochannel.c
++++ b/glib/giochannel.c
+@@ -903,7 +903,7 @@ g_io_channel_set_line_term (GIOChannel *channel,
+
+ g_free (channel->line_term);
+ channel->line_term = line_term ? g_memdup2 (line_term, length_unsigned) : NULL;
+- channel->line_term_len = length;
++ channel->line_term_len = length_unsigned;
+ }
+
+ /**
+--
+2.30.1
+
generated by cgit
u.org/issue/47335>. * gnu/packages/haskell.scm (ghc-8.8)[name]: Rename to ghc-next. Lars-Dominik Braun 2021-09-15gnu: Add ghc-8.10....This fixes <https://issues.guix.gnu.org/49606>. * gnu/packages/haskell.scm (ghc-8.10): New variable. Signed-off-by: Lars-Dominik Braun <lars@6xq.net> Xinglu Chen 2021-07-29Merge branch 'master' into core-updates-frozen... Conflicts: gnu/packages/bioinformatics.scm gnu/packages/cmake.scm gnu/packages/curl.scm gnu/packages/emacs-xyz.scm gnu/packages/gpodder.scm gnu/packages/music.scm gnu/packages/patches/glibc-bootstrap-system.patch gnu/packages/python-xyz.scm gnu/packages/shells.scm gnu/packages/statistics.scm Marius Bakke 2021-07-26gnu: ghc-8.8: Update to 8.8.4....* gnu/packages/haskell.scm (ghc-8.8): Update to 8.8.4. [arguments]: Add 'fix-cc-reference phase. Signed-off-by: Ludovic Courtès <ludo@gnu.org> Matthew James Kraai 2021-07-24gnu: Use 'search-input-file' when looking for *.so and *.a....* gnu/packages/bioinformatics.scm (sailfish)[arguments]: Use 'search-input-file' when looking for *.a and *.so. * gnu/packages/emulators.scm (dolphin-emu): Likewise. * gnu/packages/engineering.scm (lepton-eda): Likewise. (pcb): Likewise. * gnu/packages/golang.scm (go-1.4): Likewise. (go-1.14): Likewise. * gnu/packages/haskell.scm (ghc-7): Likewise. * gnu/packages/irods.scm (irods): Likewise. * gnu/packages/language.scm (python2-tegaki-pygtk): Likewise. * gnu/packages/lisp-xyz.scm (sbcl-lzlib): Likewise. (sbcl-cl-gobject-introspection): Likewise. (sbcl-cl-ana): Likewise. (sbcl-cl-libuv): Likewise. (sbcl-cl-async): Likewise. (sbcl-mcclim): Likewise. (sbcl-zstd): Likewise. (sbcl-cl-opengl): Likewise. (sbcl-lev): Likewise. (sbcl-cl-glfw3): Likewise. * gnu/packages/machine-learning.scm (tensorflow): Likewise. * gnu/packages/messaging.scm (utox): Likewise. * gnu/packages/mpi.scm (java-openmpi): Likewise. * gnu/packages/music.scm (jack-select): Likewise. * gnu/packages/pascal.scm (fpc): Likewise. * gnu/packages/python-crypto.scm (python-libnacl): Likewise. * gnu/packages/python-xyz.scm (python-cairocffi): Likewise. (python-pyev): Likewise. (python-pytidylib): Likewise. * gnu/packages/radio.scm (unixcw): Likewise. * gnu/packages/rust.scm (rust-1.32): Likewise. * gnu/packages/security-token.scm (opensc): Likewise. (python-pyscard): Likewise. * gnu/packages/selinux.scm (python-setools): Likewise. * gnu/packages/spice.scm (libcacard): Likewise. * gnu/packages/telephony.scm (libtgvoip): Likewise. Ludovic Courtès