summary refs log tree commit diff
diff options
context:
space:
mode:
authorEfraim Flashner <efraim@flashner.co.il>2019-07-10 12:45:08 +0300
committerEfraim Flashner <efraim@flashner.co.il>2019-07-10 12:47:47 +0300
commit841bddb4b45fd6e47a8991f74380ba20dacbe1be (patch)
tree366e4a97004435ac1de8500201f1260ca3c9e28a
parent3e4afe029861b0205eed401a751f049e9deb128f (diff)
downloadguix-841bddb4b45fd6e47a8991f74380ba20dacbe1be.tar.gz
gnu: a2ps: Fix CVE-2015-8107.
* gnu/packages/pretty-print.scm (a2ps)[source]: Add patch.
* gnu/packages/patches/a2ps-CVE-2015-8107.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/patches/a2ps-CVE-2015-8107.patch80
-rw-r--r--gnu/packages/pretty-print.scm5
3 files changed, 84 insertions, 2 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 01c3ce011f..2821cdcca9 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -660,6 +660,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/4store-unset-preprocessor-directive.patch	\
   %D%/packages/patches/a2ps-CVE-2001-1593.patch	\
   %D%/packages/patches/a2ps-CVE-2014-0466.patch	\
+  %D%/packages/patches/a2ps-CVE-2015-8107.patch	\
   %D%/packages/patches/abiword-explictly-cast-bools.patch	\
   %D%/packages/patches/abiword-black-drawing-with-gtk322.patch	\
   %D%/packages/patches/acl-fix-perl-regex.patch		\
diff --git a/gnu/packages/patches/a2ps-CVE-2015-8107.patch b/gnu/packages/patches/a2ps-CVE-2015-8107.patch
new file mode 100644
index 0000000000..5ea35d45da
--- /dev/null
+++ b/gnu/packages/patches/a2ps-CVE-2015-8107.patch
@@ -0,0 +1,80 @@
+https://sources.debian.org/data/main/a/a2ps/1:4.14-2/debian/patches/fix-format-security.diff
+
+Index: b/lib/psgen.c
+===================================================================
+--- a/lib/psgen.c
++++ b/lib/psgen.c
+@@ -232,7 +232,7 @@
+     default:
+       *buf = '\0';
+       ps_escape_char (job, cp[i], buf);
+-      output (jdiv, (char *) buf);
++      output (jdiv, "%s", (char *) buf);
+       break;
+     }
+   }
+Index: b/lib/output.c
+===================================================================
+--- a/lib/output.c
++++ b/lib/output.c
+@@ -525,7 +525,7 @@
+ 		     expand_user_string (job, FIRST_FILE (job),
+ 					 (const uchar *) "Expand: requirement",
+ 					 (const uchar *) token));
+-	output (dest, expansion);
++	output (dest, "%s", expansion);
+ 	continue;
+       }
+ 
+Index: b/lib/parseppd.y
+===================================================================
+--- a/lib/parseppd.y
++++ b/lib/parseppd.y
+@@ -154,7 +154,7 @@
+ void
+ yyerror (const char *msg)
+ {
+-  error_at_line (1, 0, ppdfilename, ppdlineno, msg);
++  error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg);
+ }
+ 
+ /*
+Index: b/src/parsessh.y
+===================================================================
+--- a/src/parsessh.y
++++ b/src/parsessh.y
+@@ -740,7 +740,7 @@
+ void
+ yyerror (const char *msg)
+ {
+-  error_at_line (1, 0, sshfilename, sshlineno, msg);
++  error_at_line (1, 0, sshfilename, sshlineno, "%s", msg);
+ }
+ 
+ /*
+Index: b/lib/parseppd.c
+===================================================================
+--- a/lib/parseppd.c
++++ b/lib/parseppd.c
+@@ -1707,7 +1707,7 @@
+ void
+ yyerror (const char *msg)
+ {
+-  error_at_line (1, 0, ppdfilename, ppdlineno, msg);
++  error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg);
+ }
+ 
+ /*
+Index: b/src/parsessh.c
+===================================================================
+--- a/src/parsessh.c
++++ b/src/parsessh.c
+@@ -2639,7 +2639,7 @@
+ void
+ yyerror (const char *msg)
+ {
+-  error_at_line (1, 0, sshfilename, sshlineno, msg);
++  error_at_line (1, 0, sshfilename, sshlineno, "%s", msg);
+ }
+ 
+ /*
diff --git a/gnu/packages/pretty-print.scm b/gnu/packages/pretty-print.scm
index 405ad08ba4..7a5b98c698 100644
--- a/gnu/packages/pretty-print.scm
+++ b/gnu/packages/pretty-print.scm
@@ -1,5 +1,5 @@
 ;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2016, 2019 Efraim Flashner <efraim@flashner.co.il>
 ;;; Copyright © 2016 Ricardo Wurmus <rekado@elephly.net>
 ;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
 ;;; Copyright © 2017 Ludovic Courtès <ludo@gnu.org>
@@ -63,7 +63,8 @@
                   #t))
               (patches (search-patches
                         "a2ps-CVE-2001-1593.patch"
-                        "a2ps-CVE-2014-0466.patch"))))
+                        "a2ps-CVE-2014-0466.patch"
+                        "a2ps-CVE-2015-8107.patch"))))
     (build-system gnu-build-system)
     (inputs
      `(("psutils" ,psutils)