diff options
| author | Mark H Weaver <mhw@netris.org> | 2015-11-06 22:08:30 -0500 |
|---|---|---|
| committer | Mark H Weaver <mhw@netris.org> | 2015-11-07 08:33:16 -0500 |
| commit | 0ca1eb705d29c20f901fc385ee4e1bb1eaa52f75 (patch) | |
| tree | 83964c88051d0ce95ece8eafde5c0133b3afa7df /gnu/packages/patches/icecat-CVE-2015-7194.patch | |
| parent | fe88f636e3bfbbf143bd87f57e0d65a2e532d7dd (diff) | |
| download | guix-0ca1eb705d29c20f901fc385ee4e1bb1eaa52f75.tar.gz | |
gnu: icecat: Add several security fixes.
* gnu/packages/patches/icecat-CVE-2015-4513-pt01.patch, gnu/packages/patches/icecat-CVE-2015-4513-pt02.patch, gnu/packages/patches/icecat-CVE-2015-4513-pt03.patch, gnu/packages/patches/icecat-CVE-2015-4513-pt04.patch, gnu/packages/patches/icecat-CVE-2015-4513-pt05.patch, gnu/packages/patches/icecat-CVE-2015-4513-pt06.patch, gnu/packages/patches/icecat-CVE-2015-4513-pt07.patch, gnu/packages/patches/icecat-CVE-2015-4513-pt08.patch, gnu/packages/patches/icecat-CVE-2015-4513-pt09.patch, gnu/packages/patches/icecat-CVE-2015-4513-pt10.patch, gnu/packages/patches/icecat-CVE-2015-4513-pt11.patch, gnu/packages/patches/icecat-CVE-2015-7188.patch, gnu/packages/patches/icecat-CVE-2015-7189.patch, gnu/packages/patches/icecat-CVE-2015-7193.patch, gnu/packages/patches/icecat-CVE-2015-7194.patch, gnu/packages/patches/icecat-CVE-2015-7196.patch, gnu/packages/patches/icecat-CVE-2015-7197.patch, gnu/packages/patches/icecat-CVE-2015-7198.patch, gnu/packages/patches/icecat-CVE-2015-7199.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/gnuzilla.scm (icecat)[source]: Add patches.
Diffstat (limited to 'gnu/packages/patches/icecat-CVE-2015-7194.patch')
| -rw-r--r-- | gnu/packages/patches/icecat-CVE-2015-7194.patch | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/gnu/packages/patches/icecat-CVE-2015-7194.patch b/gnu/packages/patches/icecat-CVE-2015-7194.patch new file mode 100644 index 0000000000..481da06a7f --- /dev/null +++ b/gnu/packages/patches/icecat-CVE-2015-7194.patch @@ -0,0 +1,32 @@ +From 382a08fa0b21d46c44c46af39041324f304a9dfa Mon Sep 17 00:00:00 2001 +From: Aaron Klotz <aklotz@mozilla.com> +Date: Tue, 13 Oct 2015 12:20:25 -0600 +Subject: [PATCH] Bug 1211262: Ensure that STORED entries in ZIP are considered + corrupt if compressed and uncompressed sizes differ; r=mwu, a=ritu + +--HG-- +extra : source : 673d9f45b802f1fd1ffaaeae19d433622fe68a5e +extra : intermediate-source : db9d3e806685d72a2891830ffbc42ef3cde559ae +--- + modules/libjar/nsZipArchive.cpp | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/modules/libjar/nsZipArchive.cpp b/modules/libjar/nsZipArchive.cpp +index bb1e21b..eaf22ac 100644 +--- a/modules/libjar/nsZipArchive.cpp ++++ b/modules/libjar/nsZipArchive.cpp +@@ -828,8 +828,10 @@ MOZ_WIN_MEM_TRY_BEGIN + // -- check if there is enough source data in the file + if (!offset || + mFd->mLen < aItem->Size() || +- offset > mFd->mLen - aItem->Size()) ++ offset > mFd->mLen - aItem->Size() || ++ (aItem->Compression() == STORED && aItem->Size() != aItem->RealSize())) { + return nullptr; ++ } + + return mFd->mFileData + offset; + MOZ_WIN_MEM_TRY_CATCH(return nullptr) +-- +2.5.0 + |