Fix CVE-2018-1000097: https://security-tracker.debian.org/tracker/CVE-2018-1000097 https://nvd.nist.gov/vuln/detail/CVE-2018-1000097 Patch taken from upstream bug report: https://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg00005.html diff --git a/src/unshar.c b/src/unshar.c index 80bc3a9..0fc3773 100644 --- a/src/unshar.c +++ b/src/unshar.c @@ -240,7 +240,7 @@ find_archive (char const * name, FILE * file, off_t start) off_t position = ftello (file); /* Read next line, fail if no more and no previous process. */ - if (!fgets (rw_buffer, BUFSIZ, file)) + if (!fgets (rw_buffer, rw_base_size, file)) { if (!start) error (0, 0, _("Found no shell commands in %s"), name); koszko' selected='selected'>koszko Wojtek's customized Guix
aboutsummaryrefslogtreecommitdiff
path: root/config-daemon.ac
AgeCommit message (Expand)Author
2021-11-16daemon: Do not deduplicate files smaller than 8 KiB....Ludovic Courtès
2021-06-18Start enabling substitutes from bordeaux.guix.gnu.org....Christopher Baines
2020-12-11maint: Remove unused 'NIX_VERSION' macro....Ludovic Courtès
2020-12-11maint: Avoid macros obsolete in Autoconf 2.70....Ludovic Courtès