aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches/sharutils-CVE-2018-1000097.patch
blob: 8d58218184e237319370583c2fdd238c617abd0c (about) (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

Fix CVE-2018-1000097:

https://security-tracker.debian.org/tracker/CVE-2018-1000097
https://nvd.nist.gov/vuln/detail/CVE-2018-1000097

Patch taken from upstream bug report:
https://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg00005.html

diff --git a/src/unshar.c b/src/unshar.c
index 80bc3a9..0fc3773 100644
--- a/src/unshar.c
+++ b/src/unshar.c
@@ -240,7 +240,7 @@ find_archive (char const * name, FILE * file, off_t start)
       off_t position = ftello (file);
 
       /* Read next line, fail if no more and no previous process.  */
-      if (!fgets (rw_buffer, BUFSIZ, file))
+      if (!fgets (rw_buffer, rw_base_size, file))
 	{
 	  if (!start)
 	    error (0, 0, _("Found no shell commands in %s"), name);
generated by cgit
-kdeinit-extra_libs.patch?id=1dd1076c5e80141ab65dddce053e93fc5af18c84'>gnu: kde-frameworks: Update to 5.63.0....KHolidays is part of frameworks since version 5.43 already. * gnu/packages/kde.scm(kholidays): Move to … * gnu/packages/kde-frameworks.scm(kholidays) … here, update to 5.63.0 and [source]: Update path. (attica, baloo, bluez-qt, breeze- icons, extra-cmake-modules, kactivities, kactivities-stats, kapidox, karchive, kauth, kbookmarks, kcmutils, kcodecs, kcompletion, kconfig, kcoreaddons, kcrash, kdbusaddons, kde-frameworkintegration, kdeclarative, kded, kdelibs4support, kdesu, kdnssd, kdoctools, kemoticons, kglobalaccel, kguiaddons, khtml, ki18n, kidletime, kimageformats, kinit, kirigami, kitemmodels, kitemviews, kjobwidgets, kjs, kjsembed, kmediaplayer, knewstuff, knotifications, knotifyconfig, kpackage, kparts, kpeople, kpty, kross, krunner, kservice, ksyntaxhighlighting, ktexteditor, kunitconversion, kwallet, kwidgetsaddons, kxmlrpcclient, modemmanager-qt, networkmanager-qt, oxygen-icons, plasma-framework, prison, qqc2-desktop-style, solid, sonnet, threadweaver): Update to 5.63.0. (kconfigwidgets): Update to 5.63.0; [inputs]: Add qttools. (kdesignerplugin): Update to 5.63.0; [source]: Update path. (kdewebkit): Update to 5.63.0; [source]: Update path.; [inputs]: Add qttools. (kfilemetadata): Update to 5.63.0; [inputs]: Add kcoreaddons; [arguments]<#pahses>: Add a test-case to the blacklist (kiconthemes): Update to 5.63.0; [inputs]: Add qttools. (kio): Update to 5.63.0; [inputs]: Add qttools. (kplotting): Update to 5.63.0; [inputs]: Add qttools. (ktextwidgets): Update to 5.63.0; [inputs]: Add qttools. (kwayland): Update to 5.63.0; [inputs]: Add wayland-protocols. (kwindowsystem): Update to 5.63.0, update blacklist or tests, explicitly set XDG_RUNTIME_DIR; [inputs]: Add xcb-util-wm. (kxmlgui): Update to 5.63.0; [inputs]: Add qttools. * gnu/packages/patches/kinit-kdeinit-extra_libs.patch: Adjust. * gnu/packages/patches/kwindowsystem-qt-compat.patch: Remove obsolete patch. Hartmut Goebel