diff options
Diffstat (limited to 'gnu/packages/patches/gimp-CVE-2017-17787.patch')
-rw-r--r-- | gnu/packages/patches/gimp-CVE-2017-17787.patch | 42 |
1 files changed, 0 insertions, 42 deletions
diff --git a/gnu/packages/patches/gimp-CVE-2017-17787.patch b/gnu/packages/patches/gimp-CVE-2017-17787.patch deleted file mode 100644 index b5310d33d9..0000000000 --- a/gnu/packages/patches/gimp-CVE-2017-17787.patch +++ /dev/null @@ -1,42 +0,0 @@ -Fix CVE-2017-17787: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17787 -https://bugzilla.gnome.org/show_bug.cgi?id=790853 - -Patch copied from upstream source repository: - -https://git.gnome.org/browse/gimp/commit/?id=87ba505fff85989af795f4ab6a047713f4d9381d - -From 87ba505fff85989af795f4ab6a047713f4d9381d Mon Sep 17 00:00:00 2001 -From: Jehan <jehan@girinstud.io> -Date: Thu, 21 Dec 2017 12:49:41 +0100 -Subject: [PATCH] Bug 790853 - (CVE-2017-17787) heap overread in psp importer. - -As any external data, we have to check that strings being read at fixed -length are properly nul-terminated. - -(cherry picked from commit eb2980683e6472aff35a3117587c4f814515c74d) ---- - plug-ins/common/file-psp.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/plug-ins/common/file-psp.c b/plug-ins/common/file-psp.c -index 4cbafe37b1..e350e4d88d 100644 ---- a/plug-ins/common/file-psp.c -+++ b/plug-ins/common/file-psp.c -@@ -890,6 +890,12 @@ read_creator_block (FILE *f, - g_free (string); - return -1; - } -+ if (string[length - 1] != '\0') -+ { -+ g_message ("Creator keyword data not nul-terminated"); -+ g_free (string); -+ return -1; -+ } - switch (keyword) - { - case PSP_CRTR_FLD_TITLE: --- -2.15.1 - |