aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2020-11-28 18:47:25 +0100
committerLudovic Courtès <ludo@gnu.org>2020-11-28 18:47:25 +0100
commit8ae794ed4b0ef342a9cfc7ac31c2d9dd43723c7c (patch)
treebe255ba94f7ce086ce499e6702fa27c53ebb1f34 /gnu/packages/patches
parent8cbfd108acbf971e14659fc82959e7b505a8a443 (diff)
downloadguix-8ae794ed4b0ef342a9cfc7ac31c2d9dd43723c7c.tar.gz
guix-8ae794ed4b0ef342a9cfc7ac31c2d9dd43723c7c.zip
gnu: dbus: Update to 1.13.18.
* gnu/packages/glib.scm (dbus): Update to 1.13.18. [source]: Remove "dbus-CVE-2020-12049.patch". * gnu/packages/patches/dbus-CVE-2020-12049.patch: Remove. * gnu/local.mk (dist_patch_DATA): Remove it.
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/dbus-CVE-2020-12049.patch58
1 files changed, 0 insertions, 58 deletions
diff --git a/gnu/packages/patches/dbus-CVE-2020-12049.patch b/gnu/packages/patches/dbus-CVE-2020-12049.patch
deleted file mode 100644
index 71280144a1..0000000000
--- a/gnu/packages/patches/dbus-CVE-2020-12049.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-Fix CVE-2020-12049:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12049
-https://lists.freedesktop.org/archives/ftp-release/2020-June/000753.html
-
-Taken from upstream:
-
-https://gitlab.freedesktop.org/dbus/dbus/-/commit/272d484283883fa9ff95b69d924fff6cd34842f5
-
-diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c
---- a/dbus/dbus-sysdeps-unix.c
-+++ b/dbus/dbus-sysdeps-unix.c
-@@ -435,18 +435,6 @@ _dbus_read_socket_with_unix_fds (DBusSocket fd,
- struct cmsghdr *cm;
- dbus_bool_t found = FALSE;
-
-- if (m.msg_flags & MSG_CTRUNC)
-- {
-- /* Hmm, apparently the control data was truncated. The bad
-- thing is that we might have completely lost a couple of fds
-- without chance to recover them. Hence let's treat this as a
-- serious error. */
--
-- errno = ENOSPC;
-- _dbus_string_set_length (buffer, start);
-- return -1;
-- }
--
- for (cm = CMSG_FIRSTHDR(&m); cm; cm = CMSG_NXTHDR(&m, cm))
- if (cm->cmsg_level == SOL_SOCKET && cm->cmsg_type == SCM_RIGHTS)
- {
-@@ -501,6 +489,26 @@ _dbus_read_socket_with_unix_fds (DBusSocket fd,
- if (!found)
- *n_fds = 0;
-
-+ if (m.msg_flags & MSG_CTRUNC)
-+ {
-+ unsigned int i;
-+
-+ /* Hmm, apparently the control data was truncated. The bad
-+ thing is that we might have completely lost a couple of fds
-+ without chance to recover them. Hence let's treat this as a
-+ serious error. */
-+
-+ /* We still need to close whatever fds we *did* receive,
-+ * otherwise they'll never get closed. (CVE-2020-12049) */
-+ for (i = 0; i < *n_fds; i++)
-+ close (fds[i]);
-+
-+ *n_fds = 0;
-+ errno = ENOSPC;
-+ _dbus_string_set_length (buffer, start);
-+ return -1;
-+ }
-+
- /* put length back (doesn't actually realloc) */
- _dbus_string_set_length (buffer, start + bytes_read);
-