From f79a576e776eb299af52d60cdd51f4a4f79beee3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org>
Date: Sat, 28 Nov 2015 16:29:11 +0100
Subject: gnu: jasper: Patch CVE-2008-3522.

* gnu/packages/patches/jasper-CVE-2008-3522.patch: New file.
* gnu/packages/image.scm (jasper)[source]: Use it.
* gnu-system.am (dist_patch_DATA): Add it.
---
 gnu/packages/patches/jasper-CVE-2008-3522.patch | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 gnu/packages/patches/jasper-CVE-2008-3522.patch

(limited to 'gnu/packages/patches')

diff --git a/gnu/packages/patches/jasper-CVE-2008-3522.patch b/gnu/packages/patches/jasper-CVE-2008-3522.patch
new file mode 100644
index 0000000000..10cfec99a5
--- /dev/null
+++ b/gnu/packages/patches/jasper-CVE-2008-3522.patch
@@ -0,0 +1,14 @@
+Fix CVE-2008-3522 (buffer overflow in 'jas_stream_printf').
+Patch from <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3522>.
+
+--- jasper-1.900.1/src/libjasper/base/jas_stream.c	2008-09-08 14:56:01.000000000 +0200
++++ jasper-1.900.1/src/libjasper/base/jas_stream.c	2008-09-08 14:58:16.000000000 +0200
+@@ -553,7 +553,7 @@ int jas_stream_printf(jas_stream_t *stre
+ 	int ret;
+ 
+ 	va_start(ap, fmt);
+-	ret = vsprintf(buf, fmt, ap);
++	ret = vsnprintf(buf, sizeof buf, fmt, ap);
+ 	jas_stream_puts(stream, buf);
+ 	va_end(ap);
+ 	return ret;
-- 
cgit v1.2.3