From: Tobias Geerinckx-Rice <me@tobias.gr>
Date: Thu, 28 Feb 2019 20:29:00 +0100
Subject: [PATCH] netpbm: Fix CVE-2017-2586.

Copied verbatim from Debian[0].

[0]: https://sources.debian.org/data/main/n/netpbm-free/2:10.78.05-0.1/debian/patches/netpbm-CVE-2017-2586.patch

---
diff -urNp old/converter/other/svgtopam.c new/converter/other/svgtopam.c
--- old/converter/other/svgtopam.c	2017-02-08 12:11:02.593690917 +0100
+++ new/converter/other/svgtopam.c	2017-02-08 12:13:05.192846469 +0100
@@ -676,7 +676,7 @@ stringToUint(const char *   const string
 
     /* TODO: move this to nstring.c */
 
-    if (strlen(string) == 0)
+    if (string == NULL || strlen(string) == 0)
         pm_asprintf(errorP, "Value is a null string");
     else {
         char * tailptr;
d'>koszko</option>
<option value='koszko-scripts'>koszko-scripts</option>
</select> <input type='submit' value='switch'/></form></td></tr>
<tr><td class='sub'>Wojtek's customized Guix</td><td class='sub right'></td></tr></table>
<table class='tabs'><tr><td>
<a href='/guix/about/'>about</a><a href='/guix/'>summary</a><a href='/guix/refs/?id=304d5193860ad4d378896fe81c25c76798deb261'>refs</a><a class='active' href='/guix/log/gnu/packages/rpm.scm'>log</a><a href='/guix/tree/gnu/packages/rpm.scm?id=304d5193860ad4d378896fe81c25c76798deb261'>tree</a><a href='/guix/commit/gnu/packages/rpm.scm?id=304d5193860ad4d378896fe81c25c76798deb261'>commit</a><a href='/guix/diff/gnu/packages/rpm.scm?id=304d5193860ad4d378896fe81c25c76798deb261'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/gnu/packages/rpm.scm'>
<input type='hidden' name='id' value='304d5193860ad4d378896fe81c25c76798deb261'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=304d5193860ad4d378896fe81c25c76798deb261'>root</a>/<a href='/guix/log/gnu?id=304d5193860ad4d378896fe81c25c76798deb261'>gnu</a>/<a href='/guix/log/gnu/packages?id=304d5193860ad4d378896fe81c25c76798deb261'>packages</a>/<a href='/guix/log/gnu/packages/rpm.scm?id=304d5193860ad4d378896fe81c25c76798deb261'>rpm.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/packages/rpm.scm?id=304d5193860ad4d378896fe81c25c76798deb261&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2023-09-10 02:00:00 +0200'>2023-09-10</span></td><td><a href='/guix/commit/gnu/packages/rpm.scm?id=521147d04c218186548b176ddd47a678ccf62d1d'>gnu: drpm: Update to 0.5.2.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/rpm.scm (drpm): Update to 0.5.2.
</span></span></td><td>Tobias Geerinckx-Rice</td></tr>
<tr><td><span title='2023-04-21 00:44:08 -0400'>2023-04-21</span></td><td><a href='/guix/commit/gnu/packages/rpm.scm?id=aee7fc2e41059e81050087deb0573b99ca868b95'>gnu: libmodulemd: Remove fix-docbook-references phase.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/rpm.scm (libmodulemd) [arguments]: Remove
fix-docbook-references phase.
[native-inputs]: Add libxml2.
</span></span></td><td>Maxim Cournoyer</td></tr>

Age	Commit message (Expand)	Author
2023-09-10	gnu: drpm: Update to 0.5.2....* gnu/packages/rpm.scm (drpm): Update to 0.5.2.	Tobias Geerinckx-Rice
2023-04-21	gnu: libmodulemd: Remove fix-docbook-references phase....* gnu/packages/rpm.scm (libmodulemd) [arguments]: Remove fix-docbook-references phase. [native-inputs]: Add libxml2.	Maxim Cournoyer