aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches/zziplib-CVE-2017-5974.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/zziplib-CVE-2017-5974.patch')
-rw-r--r--gnu/packages/patches/zziplib-CVE-2017-5974.patch28
1 files changed, 0 insertions, 28 deletions
diff --git a/gnu/packages/patches/zziplib-CVE-2017-5974.patch b/gnu/packages/patches/zziplib-CVE-2017-5974.patch
deleted file mode 100644
index 9ae02103e7..0000000000
--- a/gnu/packages/patches/zziplib-CVE-2017-5974.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-Fix CVE-2017-5974:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5974
-
-Patch copied from Debian.
-
-Index: zziplib-0.13.62/zzip/memdisk.c
-===================================================================
---- zziplib-0.13.62.orig/zzip/memdisk.c
-+++ zziplib-0.13.62/zzip/memdisk.c
-@@ -216,12 +216,12 @@ zzip_mem_entry_new(ZZIP_DISK * disk, ZZI
- /* override sizes/offsets with zip64 values for largefile support */
- zzip_extra_zip64 *block = (zzip_extra_zip64 *)
- zzip_mem_entry_extra_block(item, ZZIP_EXTRA_zip64);
-- if (block)
-+ if (block && ZZIP_GET16(block->z_datasize) >= (8 + 8 + 8 + 4))
- {
-- item->zz_usize = __zzip_get64(block->z_usize);
-- item->zz_csize = __zzip_get64(block->z_csize);
-- item->zz_offset = __zzip_get64(block->z_offset);
-- item->zz_diskstart = __zzip_get32(block->z_diskstart);
-+ item->zz_usize = ZZIP_GET64(block->z_usize);
-+ item->zz_csize = ZZIP_GET64(block->z_csize);
-+ item->zz_offset = ZZIP_GET64(block->z_offset);
-+ item->zz_diskstart = ZZIP_GET32(block->z_diskstart);
- }
- }
- /* NOTE: