From 754137e70cf58a64ad524b704a86b651ba0cde07 Mon Sep 17 00:00:00 2001 From: Petr Stodulka Date: Wed, 14 Dec 2016 16:30:36 +0100 Subject: [PATCH] Fix CVE-2016-9844 (rhbz#1404283) Fixes buffer overflow in zipinfo in similar way like fix for CVE-2014-9913 provided by upstream. --- zipinfo.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/zipinfo.c b/zipinfo.c index c03620e..accca2a 100644 --- a/zipinfo.c +++ b/zipinfo.c @@ -1984,7 +1984,19 @@ static int zi_short(__G) /* return PK-type error code */ ush dnum=(ush)((G.crec.general_purpose_bit_flag>>1) & 3); methbuf[3] = dtype[dnum]; } else if (methnum >= NUM_METHODS) { /* unknown */ - sprintf(&methbuf[1], "%03u", G.crec.compression_method); + /* 2016-12-05 SMS. + * https://launchpad.net/bugs/1643750 + * Unexpectedly large compression methods overflow + * &methbuf[]. Use the old, three-digit decimal format + * for values which fit. Otherwise, sacrifice the "u", + * and use four-digit hexadecimal. + */ + if (G.crec.compression_method <= 999) { + sprintf( &methbuf[ 1], "%03u", G.crec.compression_method); + } else { + sprintf( &methbuf[ 0], "%04X", G.crec.compression_method); + } + } for (k = 0; k < 15; ++k) -- 2.5.5 d=597cbf63458dcf178ef5765fcf3715bfa438c33e'>commitdiff
path: root/gnu/installer/services.scm
AgeCommit message (Expand)Author
2024-04-18system: Remove nss-certs from OS templates, adjust doc....This is a follow-up to commit 86afaadb51 ("system: Add 'nss-certs' to %base-packages-networking.") * doc/guix-cookbook.texi (Running Guix on a Linode Server): Remove nss-certs from operating system's packages field. (Running Guix on a Kimsufi Server): Likewise. * doc/guix.texi (Using the Configuration System): Likewise. (X.509 Certificates): Adjust to mention nss-certs *is* part of %base-packages. * gnu/installer/services.scm (%system-services): Remove recommendation to install nss-certs. * gnu/system/examples/bare-bones.tmpl (host-name): Remove obsolete comments. * gnu/system/examples/desktop.tmpl (packages): Remove nss-certs. * gnu/system/examples/lightweight-desktop.tmpl (packages): Likewise. * gnu/system/examples/plasma.tmpl (packages): Likewise. * gnu/system/examples/raspberry-pi-64-nfs-root.tmpl (packages): Likewise. * gnu/system/examples/raspberry-pi-64.tmpl (packages): Likewise. * gnu/system/examples/vm-image.tmpl (packages): Likewise. * gnu/system/images/orangepi-r1-plus-lts-rk3328.scm (packages): Likewise. * gnu/system/images/pine64.scm (packages): Likewise. * gnu/system/install.scm (installation-os) [packages]: Likewise. Change-Id: If09123a69b987178bcb0aab61c4570c14fc1286f Maxim Cournoyer
2023-07-06installer: Restore LatGrkCyr-8x16 console font depending on language....Partially-Fixes: <https://issues.guix.gnu.org/64006> * gnu/installer/services.scm (system-services->configuration): When the LANGUAGE environment variable matches a known native console font, wrap the base services with modify-services, configuring console-font-service-type to set the native console font on every tty instead of the default console font. Signed-off-by: Florian Pelz <pelzflorian@pelzflorian.de> Denys Nykula
2022-11-20installer: Add comment above the 'packages' field....* gnu/installer/services.scm (system-services->configuration): Add heading above the 'packages' field. Rename 'heading' to 'service-heading'. Ludovic Courtès
2022-08-08installer: Add comments and vertical space to the generated config....* gnu/installer/parted.scm (user-partitions->configuration): Introduce vertical space and a comment. * gnu/installer/services.scm (G_): New macro. (%system-services): Add comment for OpenSSH. (system-services->configuration): Add vertical space and comments. * gnu/installer/user.scm (users->configuration): Add comment. * gnu/installer/steps.scm (format-configuration): Add comment. (configuration->file): Expound leading comment. Pass #:format-comment to 'pretty-print-with-comments/splice'. Ludovic Courtès