diff options
| author | Leo Famulari <leo@famulari.name> | 2018-02-19 21:44:42 -0500 |
|---|---|---|
| committer | Leo Famulari <leo@famulari.name> | 2018-02-19 21:50:10 -0500 |
| commit | 2a5b5bfd84067ab691a280da1e85de6e1f647751 (patch) | |
| tree | f026eaeb9ae28623292b3671e26b1bd7f9b9f8f2 /gnu/packages/patches/libtasn1-CVE-2017-10790.patch | |
| parent | baef70bb8684f8bccc958c49c1f37250ca028b89 (diff) | |
| download | guix-2a5b5bfd84067ab691a280da1e85de6e1f647751.tar.gz | |
gnu: libtasn1: Update to 4.13.
* gnu/packages/tls.scm (libtasn1): Update to 4.13. [source]: Remove patches. * gnu/packages/patches/libtasn1-CVE-2017-10790.patch, gnu/packages/patches/libtasn1-CVE-2018-6003.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them.
Diffstat (limited to 'gnu/packages/patches/libtasn1-CVE-2017-10790.patch')
| -rw-r--r-- | gnu/packages/patches/libtasn1-CVE-2017-10790.patch | 63 |
1 files changed, 0 insertions, 63 deletions
diff --git a/gnu/packages/patches/libtasn1-CVE-2017-10790.patch b/gnu/packages/patches/libtasn1-CVE-2017-10790.patch deleted file mode 100644 index 6cec0c8030..0000000000 --- a/gnu/packages/patches/libtasn1-CVE-2017-10790.patch +++ /dev/null @@ -1,63 +0,0 @@ -Fix CVE-2017-10790: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10790 - -Patch copied from upstream source repository: - -https://git.savannah.nongnu.org/cgit/libtasn1.git/commit/?id=d8d805e1f2e6799bb2dff4871a8598dc83088a39 - -From d8d805e1f2e6799bb2dff4871a8598dc83088a39 Mon Sep 17 00:00:00 2001 -From: Nikos Mavrogiannopoulos <nmav@redhat.com> -Date: Thu, 22 Jun 2017 16:31:37 +0200 -Subject: [PATCH] _asn1_check_identifier: safer access to values read - -Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> ---- - lib/parser_aux.c | 17 ++++++++++++----- - 1 file changed, 12 insertions(+), 5 deletions(-) - -diff --git a/lib/parser_aux.c b/lib/parser_aux.c -index 976ab38..786ea64 100644 ---- a/lib/parser_aux.c -+++ b/lib/parser_aux.c -@@ -955,7 +955,7 @@ _asn1_check_identifier (asn1_node node) - if (p2 == NULL) - { - if (p->value) -- _asn1_strcpy (_asn1_identifierMissing, p->value); -+ _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p->value); - else - _asn1_strcpy (_asn1_identifierMissing, "(null)"); - return ASN1_IDENTIFIER_NOT_FOUND; -@@ -968,9 +968,15 @@ _asn1_check_identifier (asn1_node node) - if (p2 && (type_field (p2->type) == ASN1_ETYPE_DEFAULT)) - { - _asn1_str_cpy (name2, sizeof (name2), node->name); -- _asn1_str_cat (name2, sizeof (name2), "."); -- _asn1_str_cat (name2, sizeof (name2), (char *) p2->value); -- _asn1_strcpy (_asn1_identifierMissing, p2->value); -+ if (p2->value) -+ { -+ _asn1_str_cat (name2, sizeof (name2), "."); -+ _asn1_str_cat (name2, sizeof (name2), (char *) p2->value); -+ _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p2->value); -+ } -+ else -+ _asn1_strcpy (_asn1_identifierMissing, "(null)"); -+ - p2 = asn1_find_node (node, name2); - if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID) || - !(p2->type & CONST_ASSIGN)) -@@ -990,7 +996,8 @@ _asn1_check_identifier (asn1_node node) - _asn1_str_cpy (name2, sizeof (name2), node->name); - _asn1_str_cat (name2, sizeof (name2), "."); - _asn1_str_cat (name2, sizeof (name2), (char *) p2->value); -- _asn1_strcpy (_asn1_identifierMissing, p2->value); -+ _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p2->value); -+ - p2 = asn1_find_node (node, name2); - if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID) - || !(p2->type & CONST_ASSIGN)) --- -2.13.3 - |