diff options
| author | Marius Bakke <mbakke@fastmail.com> | 2017-10-24 22:00:23 +0200 |
|---|---|---|
| committer | Marius Bakke <mbakke@fastmail.com> | 2017-10-24 22:00:23 +0200 |
| commit | ca4fd41de892c7055ce140863382c332441b15d3 (patch) | |
| tree | 39872899c5bc649e11172dccb2f262a56f234661 /gnu/packages/patches/glibc-CVE-2017-15670-15671.patch | |
| parent | 7276eca4dcbe513922d5a778ee5fc8f2b2649642 (diff) | |
| parent | 648c896ad3b198a1742c1ee8f66a1922aa98c1d8 (diff) | |
| download | guix-patches-ca4fd41de892c7055ce140863382c332441b15d3.tar guix-patches-ca4fd41de892c7055ce140863382c332441b15d3.tar.gz | |
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu/packages/patches/glibc-CVE-2017-15670-15671.patch')
| -rw-r--r-- | gnu/packages/patches/glibc-CVE-2017-15670-15671.patch | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/gnu/packages/patches/glibc-CVE-2017-15670-15671.patch b/gnu/packages/patches/glibc-CVE-2017-15670-15671.patch new file mode 100644 index 0000000000..76d688c517 --- /dev/null +++ b/gnu/packages/patches/glibc-CVE-2017-15670-15671.patch @@ -0,0 +1,27 @@ +Fix CVE-2017-15670: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15670 +https://sourceware.org/bugzilla/show_bug.cgi?id=22320 +https://bugzilla.redhat.com/show_bug.cgi?id=1504804 + +And CVE-2017-15671: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15671 +https://sourceware.org/bugzilla/show_bug.cgi?id=22325 +https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15671 + +Copied from upstream: +<https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=2d1bd71ec70a31b01d01b734faa66bb1ed28961f> + +diff --git a/posix/glob.c b/posix/glob.c +--- a/posix/glob.c ++++ b/posix/glob.c +@@ -843,7 +843,7 @@ + *p = '\0'; + } + else +- *((char *) mempcpy (newp, dirname + 1, end_name - dirname)) ++ *((char *) mempcpy (newp, dirname + 1, end_name - dirname - 1)) + = '\0'; + user_name = newp; + } |