diff options
author | Mark H Weaver <mhw@netris.org> | 2015-10-08 10:43:40 -0400 |
---|---|---|
committer | Mark H Weaver <mhw@netris.org> | 2015-10-08 10:46:30 -0400 |
commit | f956d661add890acb41592482a8a0c3fd90afd76 (patch) | |
tree | 796d7838d9fd3b8dac7020988bb963e0c325f7a9 /gnu/packages/patches/libwmf-CVE-2007-2756.patch | |
parent | 48e4a9f32f93c404b6fb4472164d8e00d12b2937 (diff) | |
download | guix-f956d661add890acb41592482a8a0c3fd90afd76.tar guix-f956d661add890acb41592482a8a0c3fd90afd76.tar.gz |
gnu: libwmf: Add fixes for several security flaws.
* gnu/packages/patches/libwmf-CAN-2004-0941.patch,
gnu/packages/patches/libwmf-CVE-2007-0455.patch,
gnu/packages/patches/libwmf-CVE-2007-2756.patch,
gnu/packages/patches/libwmf-CVE-2007-3472.patch,
gnu/packages/patches/libwmf-CVE-2007-3473.patch,
gnu/packages/patches/libwmf-CVE-2007-3477.patch,
gnu/packages/patches/libwmf-CVE-2009-3546.patch: New files.
* gnu/packages/patches/libwmf-CVE-2015-0848+4588+4695+4696.patch: Delete
file. Replace with ...
* gnu/packages/patches/libwmf-CVE-2015-0848+CVE-2015-4588.patch,
gnu/packages/patches/libwmf-CVE-2015-4695.patch,
gnu/packages/patches/libwmf-CVE-2015-4696.patch: ... these new files.
* gnu-system.am (dist_patch_DATA): Adjust accordingly.
* gnu/packages/image.scm (libwmf)[source]: Adjust set of patches.
Diffstat (limited to 'gnu/packages/patches/libwmf-CVE-2007-2756.patch')
-rw-r--r-- | gnu/packages/patches/libwmf-CVE-2007-2756.patch | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/gnu/packages/patches/libwmf-CVE-2007-2756.patch b/gnu/packages/patches/libwmf-CVE-2007-2756.patch new file mode 100644 index 0000000000..feafac535a --- /dev/null +++ b/gnu/packages/patches/libwmf-CVE-2007-2756.patch @@ -0,0 +1,20 @@ +Copied from Fedora. + +http://pkgs.fedoraproject.org/cgit/libwmf.git/tree/libwmf-0.2.8.4-CVE-2007-2756.patch + +--- libwmf-0.2.8.4/src/extra/gd/gd_png.c 1 Apr 2007 20:41:01 -0000 1.21.2.1 ++++ libwmf-0.2.8.4/src/extra/gd/gd_png.c 16 May 2007 19:06:11 -0000 +@@ -78,8 +78,11 @@ + gdPngReadData (png_structp png_ptr, + png_bytep data, png_size_t length) + { +- gdGetBuf (data, length, (gdIOCtx *) +- png_get_io_ptr (png_ptr)); ++ int check; ++ check = gdGetBuf (data, length, (gdIOCtx *) png_get_io_ptr (png_ptr)); ++ if (check != length) { ++ png_error(png_ptr, "Read Error: truncated data"); ++ } + } + + static void |