Fix CVE-2017-12836:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-12836
https://security-tracker.debian.org/tracker/CVE-2017-12836

Patch adpated from Debian (comments and changelog annotations removed):

https://anonscm.debian.org/cgit/collab-maint/cvs.git/commit/?h=stretch&id=41e077396e35efb6c879951f44c62dd8a1d0f094

From 41e077396e35efb6c879951f44c62dd8a1d0f094 Mon Sep 17 00:00:00 2001
From: mirabilos <m@mirbsd.org>
Date: Sat, 12 Aug 2017 03:17:18 +0200
Subject: Fix CVE-2017-12836 (Closes: #871810) for stretch

---
 debian/changelog |  6 ++++++
 src/rsh-client.c | 10 ++++++++--
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/src/rsh-client.c b/src/rsh-client.c
index fe0cfc4..1fc860d 100644
--- a/src/rsh-client.c
+++ b/src/rsh-client.c
@@ -105,6 +106,9 @@ start_rsh_server (cvsroot_t *root, struct buffer **to_server_p,
 	rsh_argv[i++] = argvport;
     }
 
+    /* Only non-option arguments from here. (CVE-2017-12836) */
+    rsh_argv[i++] = "--";
+
     rsh_argv[i++] = root->hostname;
     rsh_argv[i++] = cvs_server;
     if (readonlyfs)
@@ -189,6 +193,8 @@ start_rsh_server (cvsroot_t *root, struct buffer **to_server_p,
 		*p++ = argvport;
 	}
 
+	*p++ = "--";
+
 	*p++ = root->hostname;
 	*p++ = command;
 	*p++ = NULL;
-- 
cgit v0.12

eror.scm?id=75a40e89d938d3da2bc0c9657beb15ad95e4ccbf'>tree</a><a href='/guix/commit/gnu/packages/conkeror.scm?id=75a40e89d938d3da2bc0c9657beb15ad95e4ccbf'>commit</a><a href='/guix/diff/gnu/packages/conkeror.scm?id=75a40e89d938d3da2bc0c9657beb15ad95e4ccbf'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/gnu/packages/conkeror.scm'>
<input type='hidden' name='id' value='75a40e89d938d3da2bc0c9657beb15ad95e4ccbf'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=75a40e89d938d3da2bc0c9657beb15ad95e4ccbf'>root</a>/<a href='/guix/log/gnu?id=75a40e89d938d3da2bc0c9657beb15ad95e4ccbf'>gnu</a>/<a href='/guix/log/gnu/packages?id=75a40e89d938d3da2bc0c9657beb15ad95e4ccbf'>packages</a>/<a href='/guix/log/gnu/packages/conkeror.scm?id=75a40e89d938d3da2bc0c9657beb15ad95e4ccbf'>conkeror.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/packages/conkeror.scm?id=75a40e89d938d3da2bc0c9657beb15ad95e4ccbf&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2017-10-29 11:21:12 +0100'>2017-10-29</span></td><td><a href='/guix/commit/gnu/packages/conkeror.scm?id=11e5e932ad037cb7f7c1b55989e13a4ca051b081'>gnu: conkeror: Update to 1.1.0.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/conkeror.scm (conkeror): Update to 1.1.0.
</span></span></td><td>Jan Nieuwenhuizen</td></tr>
<tr><td><span title='2016-07-03 20:30:08 +0300'>2016-07-03</span></td><td><a href='/guix/commit/gnu/packages/conkeror.scm?id=3fa3151f8c5fd73bfc9ba592b88066ac915358b1'>gnu: conkeror: Update to 1.0.3</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/conkeror.scm (conkeror): Update to 1.0.3.

Signed-off-by: Efraim Flashner &lt;efraim@flashner.co.il&gt;
</span></span></td><td>John J Foerch</td></tr>
<tr><td><span title='2015-11-13 23:45:55 +0800'>2015-11-13</span></td><td><a href='/guix/commit/gnu/packages/conkeror.scm?id=a124bbd2f41410e1c33654f4ff9865765baf28a7'>gnu: Adjust formatting as recommended by 'guix lint'.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/aidc.scm (barcode, qrencode),
  gnu/packages/bash.scm (bash, bash-completion),
  gnu/packages/busybox.scm (busybox),
  gnu/packages/cdrom.scm (cdparanoia),
  gnu/packages/cmake.scm (cmake),
  gnu/packages/conkeror.scm (conkeror),
  gnu/packages/cook.scm (cook),
  gnu/packages/curl.scm (curl),
  gnu/packages/docbook.scm (docbook-xsl),
  gnu/packages/enlightenment.scm (enlightenment),
  gnu/packages/games.scm (abbaye),
  gnu/packages/geeqie.scm (exiv2),
  gnu/packages/gimp.scm (gegl),
  gnu/packages/gl.scm (glu, freeglut, ftgl),
  gnu/packages/glib.scm (glib),
  gnu/packages/gnome.scm (orbit2, gconf, geocode-glib),
  gnu/packages/gstreamer.scm (gstreamer, gst-plugins-base),
  gnu/packages/linux.scm (util-linux),
  gnu/packages/lisp.scm (gcl, ecl),
  gnu/packages/maths.scm (gnuplot, hdf5),
  gnu/packages/ssh.scm (dropbear),
  gnu/packages/web.scm (json-c): Remove tabulations and trailing
  white spaces or reformat to fit within 80 columns.
* gnu/packages/audio.scm (aubio),
  gnu/packages/emacs.scm (emacs-s),
  gnu/packages/engineering.scm (geda-gaf),
  gnu/packages/games.scm (dosbox),
  gnu/packages/gnome.scm (gusb),
  gnu/packages/gtk.scm (gtk+),
  gnu/packages/guile.scm (guile-wisp),
  gnu/packages/hurd.scm (hurd-headers),
  gnu/packages/wm.scm (i3-wm): Adjust synopsis or description.
</span></span></td><td>宋文武</td></tr>