1 files changed, 0 insertions, 51 deletions

diff --git a/gnu/packages/patches/slock-CVE-2016-6866.patch b/gnu/packages/patches/slock-CVE-2016-6866.patch
deleted file mode 100644
index 2f94b8c1a9..0000000000
--- a/gnu/packages/patches/slock-CVE-2016-6866.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-Fix CVE-2016-6866.
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6866
-https://security-tracker.debian.org/tracker/CVE-2016-6866
-
-Copied from upstream source repository:
-http://git.suckless.org/slock/commit/?id=d8bec0f6fdc8a246d78cb488a0068954b46fcb29
-
-From d8bec0f6fdc8a246d78cb488a0068954b46fcb29 Mon Sep 17 00:00:00 2001
-From: Markus Teich <markus.teich@stusta.mhn.de>
-Date: Tue, 30 Aug 2016 22:59:06 +0000
-Subject: fix CVE-2016-6866
-
----
-diff --git a/slock.c b/slock.c
-index 847b328..8ed59ca 100644
---- a/slock.c
-+++ b/slock.c
-@@ -123,7 +123,7 @@ readpw(Display *dpy)
- readpw(Display *dpy, const char *pws)
- #endif
- {
--	char buf[32], passwd[256];
-+	char buf[32], passwd[256], *encrypted;
- 	int num, screen;
- 	unsigned int len, color;
- 	KeySym ksym;
-@@ -159,7 +159,11 @@ readpw(Display *dpy, const char *pws)
- #ifdef HAVE_BSD_AUTH
- 				running = !auth_userokay(getlogin(), NULL, "auth-slock", passwd);
- #else
--				running = !!strcmp(crypt(passwd, pws), pws);
-+				errno = 0;
-+				if (!(encrypted = crypt(passwd, pws)))
-+					fprintf(stderr, "slock: crypt: %s\n", strerror(errno));
-+				else
-+					running = !!strcmp(encrypted, pws);
- #endif
- 				if (running) {
- 					XBell(dpy, 100);
-@@ -312,6 +316,8 @@ main(int argc, char **argv) {
- 
- #ifndef HAVE_BSD_AUTH
- 	pws = getpw();
-+	if (strlen(pws) < 2)
-+		die("slock: failed to get user password hash.\n");
- #endif
- 
- 	if (!(dpy = XOpenDisplay(NULL)))
---
-cgit v0.9.0.3-65-g4555