diff options
| author | Léo Le Bouter <lle-bout@zaclys.net> | 2021-03-10 08:29:53 +0100 |
|---|---|---|
| committer | Léo Le Bouter <lle-bout@zaclys.net> | 2021-03-14 06:11:20 +0100 |
| commit | 31d289a4759909d24dd309ac24d42902a8c20da0 (patch) | |
| tree | 1896b64e72e6c18e65455d7323468d8659125ca5 /gnu/packages/patches/unzip-x-option.patch | |
| parent | 92d0949a268fe8479af5851d5bb3733e207a5c81 (diff) | |
| download | guix-patches-31d289a4759909d24dd309ac24d42902a8c20da0.tar guix-patches-31d289a4759909d24dd309ac24d42902a8c20da0.tar.gz | |
gnu: unzip: Add patches from Fedora [security fixes].
Non-exhaustively fixes CVE-2016-9844, CVE-2018-1000035, CVE-2018-18384, and
CVE-2019-13232.
* gnu/packages/patches/unzip-COVSCAN-fix-unterminated-string.patch,
gnu/packages/patches/unzip-CVE-2016-9844.patch,
gnu/packages/patches/unzip-CVE-2018-1000035.patch,
gnu/packages/patches/unzip-CVE-2018-18384.patch,
gnu/packages/patches/unzip-case-insensitive.patch,
gnu/packages/patches/unzip-alt-iconv-utf8-print.patch,
gnu/packages/patches/unzip-alt-iconv-utf8.patch,
gnu/packages/patches/unzip-close.patch,
gnu/packages/patches/unzip-exec-shield.patch,
gnu/packages/patches/unzip-fix-recmatch.patch,
gnu/packages/patches/unzip-manpage-fix.patch,
gnu/packages/patches/unzip-overflow.patch,
gnu/packages/patches/unzip-symlink.patch,
gnu/packages/patches/unzip-timestamp.patch,
gnu/packages/patches/unzip-valgrind.patch,
gnu/packages/patches/unzip-x-option.patch,
gnu/packages/patches/unzip-zipbomb-manpage.patch,
gnu/packages/patches/unzip-zipbomb-part1.patch,
gnu/packages/patches/unzip-zipbomb-part2.patch,
gnu/packages/patches/unzip-zipbomb-part3.patch: New patches.
* gnu/local.mk (dist_patch_DATA): Register them.
* gnu/packages/compression.scm (unzip/fixed): New variable. Apply patches.
(unzip)[replacement]: Graft.
Diffstat (limited to 'gnu/packages/patches/unzip-x-option.patch')
| -rw-r--r-- | gnu/packages/patches/unzip-x-option.patch | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/gnu/packages/patches/unzip-x-option.patch b/gnu/packages/patches/unzip-x-option.patch new file mode 100644 index 0000000000..72c77aeb78 --- /dev/null +++ b/gnu/packages/patches/unzip-x-option.patch @@ -0,0 +1,28 @@ +--- ./process.c.orig 2009-03-06 02:25:10.000000000 +0100 ++++ ./process.c 2013-09-12 10:51:16.000000000 +0200 +@@ -2901,9 +2901,9 @@ + */ + + #ifdef IZ_HAVE_UXUIDGID +- if (eb_len >= EB_UX3_MINLEN +- && z_uidgid != NULL +- && (*((EB_HEADSIZE + 0) + ef_buf) == 1) ++ if ((eb_len >= EB_UX3_MINLEN) ++ && (z_uidgid != NULL) ++ && ((*((EB_HEADSIZE + 0) + ef_buf) == 1))) + /* only know about version 1 */ + { + uch uid_size; +@@ -2915,10 +2915,10 @@ + flags &= ~0x0ff; /* ignore any previous UNIX field */ + + if ( read_ux3_value((EB_HEADSIZE + 2) + ef_buf, +- uid_size, z_uidgid[0]) ++ uid_size, &z_uidgid[0]) + && + read_ux3_value((EB_HEADSIZE + uid_size + 3) + ef_buf, +- gid_size, z_uidgid[1]) ) ++ gid_size, &z_uidgid[1]) ) + { + flags |= EB_UX2_VALID; /* signal success */ + } |