aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages')
-rw-r--r--gnu/packages/file.scm5
-rw-r--r--gnu/packages/patches/file-CVE-2014-3587.patch16
2 files changed, 19 insertions, 2 deletions
diff --git a/gnu/packages/file.scm b/gnu/packages/file.scm
index 067f20e67c..601b158128 100644
--- a/gnu/packages/file.scm
+++ b/gnu/packages/file.scm
@@ -27,13 +27,14 @@
(define-public file
(package
(name "file")
- (version "5.18")
+ (version "5.19")
(source (origin
(method url-fetch)
(uri (string-append "ftp://ftp.astron.com/pub/file/file-"
version ".tar.gz"))
(sha256 (base32
- "01xz106biz6x4h5ilymg5v3367djvgnfp4lm87132cjqdmqgn6b5"))))
+ "0z1sgrcfy6d285kj5izy1yypf371bjl3247plh9ppk0svaxv714l"))
+ (patches (list (search-patch "file-CVE-2014-3587.patch")))))
(build-system gnu-build-system)
(synopsis "file, a file type guesser")
(description
diff --git a/gnu/packages/patches/file-CVE-2014-3587.patch b/gnu/packages/patches/file-CVE-2014-3587.patch
new file mode 100644
index 0000000000..cf88bf5f3e
--- /dev/null
+++ b/gnu/packages/patches/file-CVE-2014-3587.patch
@@ -0,0 +1,16 @@
+Fixes CVE-2014-3587. Copied from upstream commit
+0641e56be1af003aa02c7c6b0184466540637233.
+
+--- file-5.19/src/cdf.c.orig 2014-06-09 09:04:37.000000000 -0400
++++ file-5.19/src/cdf.c 2014-08-26 11:55:23.887118898 -0400
+@@ -824,6 +824,10 @@
+ q = (const uint8_t *)(const void *)
+ ((const char *)(const void *)p + ofs
+ - 2 * sizeof(uint32_t));
++ if (q < p) {
++ DPRINTF(("Wrapped around %p < %p\n", q, p));
++ goto out;
++ }
+ if (q > e) {
+ DPRINTF(("Ran of the end %p > %p\n", q, e));
+ goto out;