diff options
Diffstat (limited to 'gnu')
-rw-r--r-- | gnu/local.mk | 2 | ||||
-rw-r--r-- | gnu/packages/mail.scm | 6 | ||||
-rw-r--r-- | gnu/packages/patches/ytnef-CVE-2021-3403.patch | 32 | ||||
-rw-r--r-- | gnu/packages/patches/ytnef-CVE-2021-3404.patch | 30 |
4 files changed, 2 insertions, 68 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index 00a6649404..06826ee0cc 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1988,8 +1988,6 @@ dist_patch_DATA = \ %D%/packages/patches/xterm-370-explicit-xcursor.patch \ %D%/packages/patches/xygrib-fix-finding-data.patch \ %D%/packages/patches/yggdrasil-extra-config.patch \ - %D%/packages/patches/ytnef-CVE-2021-3403.patch \ - %D%/packages/patches/ytnef-CVE-2021-3404.patch \ %D%/packages/patches/zig-use-system-paths.patch MISC_DISTRO_FILES = \ diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm index 0794fd921c..49325116fb 100644 --- a/gnu/packages/mail.scm +++ b/gnu/packages/mail.scm @@ -4024,7 +4024,7 @@ It is a replacement for the @command{urlview} program.") (define-public ytnef (package (name "ytnef") - (version "1.9.3") + (version "2.0") (source (origin (method git-fetch) (uri (git-reference @@ -4033,9 +4033,7 @@ It is a replacement for the @command{urlview} program.") (file-name (git-file-name name version)) (sha256 (base32 - "07h48s5qf08503pp9kafqbwipdqghiif22ghki7z8j67gyp04l6l")) - (patches (search-patches "ytnef-CVE-2021-3403.patch" - "ytnef-CVE-2021-3404.patch")))) + "0pk7jp8yc91nahcb7659khwdid0ibfi7n0135kwfnasak8gr75rz")))) (build-system gnu-build-system) (native-inputs (list autoconf automake libtool)) diff --git a/gnu/packages/patches/ytnef-CVE-2021-3403.patch b/gnu/packages/patches/ytnef-CVE-2021-3403.patch deleted file mode 100644 index 4b1c9d659f..0000000000 --- a/gnu/packages/patches/ytnef-CVE-2021-3403.patch +++ /dev/null @@ -1,32 +0,0 @@ -From f2380a53fb84d370eaf6e6c3473062c54c57fac7 Mon Sep 17 00:00:00 2001 -From: Oliver Giles <ohw.giles@gmail.com> -Date: Mon, 1 Feb 2021 10:12:16 +1300 -Subject: [PATCH] Prevent potential double-free in TNEFSubjectHandler - -If TNEFSubjectHandler is called multiple times, but the last time -failed due to the PREALLOCCHECK, the subject.data member will be -a freed, but invalid pointer. To prevent a double-free next time -TNEFSubjectHandler is entered, set it to zero after freeing. - -Resolves: #85 -Reported-by: jasperla ---- - lib/ytnef.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/lib/ytnef.c b/lib/ytnef.c -index b148719..b06c807 100644 ---- a/lib/ytnef.c -+++ b/lib/ytnef.c -@@ -301,8 +301,10 @@ int TNEFFromHandler STD_ARGLIST { - } - // ----------------------------------------------------------------------------- - int TNEFSubjectHandler STD_ARGLIST { -- if (TNEF->subject.data) -+ if (TNEF->subject.data) { - free(TNEF->subject.data); -+ TNEF->subject.data = NULL; -+ } - - PREALLOCCHECK(size, 100); - TNEF->subject.data = calloc(size+1, sizeof(BYTE)); diff --git a/gnu/packages/patches/ytnef-CVE-2021-3404.patch b/gnu/packages/patches/ytnef-CVE-2021-3404.patch deleted file mode 100644 index e991d6aff1..0000000000 --- a/gnu/packages/patches/ytnef-CVE-2021-3404.patch +++ /dev/null @@ -1,30 +0,0 @@ -From f9ff4a203b8c155d51a208cadadb62f224fba715 Mon Sep 17 00:00:00 2001 -From: Oliver Giles <ohw.giles@gmail.com> -Date: Mon, 1 Feb 2021 10:18:17 +1300 -Subject: [PATCH] Ensure the size of the version field is 4 bytes - -A corrupted version field size can cause TNEFVersion to access outside -of allocated memory. Check the version is the expected size and raise -an error if not. - -Resolves: #86 -Reported-by: jasperla ---- - lib/ytnef.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/lib/ytnef.c b/lib/ytnef.c -index b148719..ffede44 100644 ---- a/lib/ytnef.c -+++ b/lib/ytnef.c -@@ -335,6 +335,10 @@ int TNEFRendData STD_ARGLIST { - int TNEFVersion STD_ARGLIST { - WORD major; - WORD minor; -+ if (size != 2 * sizeof(WORD)) { -+ printf("Incorrect size of version field, suspected corruption\n"); -+ return -1; -+ } - minor = SwapWord((BYTE*)data, size); - major = SwapWord((BYTE*)data + 2, size - 2); - |