From 9c3ad422d0f4f2e552dcb73aae98c7db1fc2e584 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Wed, 20 Dec 2017 19:53:40 -0500 Subject: gnu: libgxps: Fix CVE-2017-11590. * gnu/packages/patches/libgxps-CVE-2017-11590.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/gnome.scm (libgxps)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/gnome.scm | 1 + gnu/packages/patches/libgxps-CVE-2017-11590.patch | 48 +++++++++++++++++++++++ 3 files changed, 50 insertions(+) create mode 100644 gnu/packages/patches/libgxps-CVE-2017-11590.patch (limited to 'gnu') diff --git a/gnu/local.mk b/gnu/local.mk index 20b3c3e366..ea9c42449a 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -810,6 +810,7 @@ dist_patch_DATA = \ %D%/packages/patches/libgit2-0.25.1-mtime-0.patch \ %D%/packages/patches/libgdata-fix-tests.patch \ %D%/packages/patches/libgdata-glib-duplicate-tests.patch \ + %D%/packages/patches/libgxps-CVE-2017-11590.patch \ %D%/packages/patches/libffi-3.2.1-complex-alpha.patch \ %D%/packages/patches/libjxr-fix-function-signature.patch \ %D%/packages/patches/libjxr-fix-typos.patch \ diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index 7b93ddd14e..b7f57b030e 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -395,6 +395,7 @@ access the common Google services, and has full asynchronous support.") (uri (string-append "mirror://gnome/sources/" name "/" (version-major+minor version) "/" name "-" version ".tar.xz")) + (patches (search-patches "libgxps-CVE-2017-11590.patch")) (sha256 (base32 "184r06s8g20cfigg7m169n42jjsc9wmzzlycr4g1fxxhr72r8x9y")))) diff --git a/gnu/packages/patches/libgxps-CVE-2017-11590.patch b/gnu/packages/patches/libgxps-CVE-2017-11590.patch new file mode 100644 index 0000000000..9caa79b6f0 --- /dev/null +++ b/gnu/packages/patches/libgxps-CVE-2017-11590.patch @@ -0,0 +1,48 @@ +Fix CVE-2017-11590: + +https://bugzilla.gnome.org/show_bug.cgi?id=785479 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11590 + +Patch copied from upstream source repository: + +https://git.gnome.org/browse/libgxps/commit/?id=9d5d292055250ed298f3b89dc332d6db4003a031 + +From 9d5d292055250ed298f3b89dc332d6db4003a031 Mon Sep 17 00:00:00 2001 +From: Marek Kasik +Date: Wed, 26 Jul 2017 16:23:37 +0200 +Subject: archive: Check for pathname being NULL before dereferencing + +Check whether "archive_entry_pathname ()" returns a non-NULL pathname +before using it to avoid a NULL pointer being dereferenced. + +https://bugzilla.gnome.org/show_bug.cgi?id=785479 +--- + libgxps/gxps-archive.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/libgxps/gxps-archive.c b/libgxps/gxps-archive.c +index acf8d7d..e763773 100644 +--- a/libgxps/gxps-archive.c ++++ b/libgxps/gxps-archive.c +@@ -257,6 +257,7 @@ gxps_archive_initable_init (GInitable *initable, + GXPSArchive *archive; + ZipArchive *zip; + struct archive_entry *entry; ++ const gchar *pathname; + + archive = GXPS_ARCHIVE (initable); + +@@ -281,7 +282,9 @@ gxps_archive_initable_init (GInitable *initable, + + while (gxps_zip_archive_iter_next (zip, &entry)) { + /* FIXME: We can ignore directories here */ +- g_hash_table_add (archive->entries, g_strdup (archive_entry_pathname (entry))); ++ pathname = archive_entry_pathname (entry); ++ if (pathname != NULL) ++ g_hash_table_add (archive->entries, g_strdup (pathname)); + archive_read_data_skip (zip->archive); + } + +-- +cgit v0.12 + -- cgit v1.2.3