diff options
| author | Marius Bakke <mbakke@fastmail.com> | 2019-03-01 17:33:00 +0100 |
|---|---|---|
| committer | Marius Bakke <mbakke@fastmail.com> | 2019-03-01 17:33:00 +0100 |
| commit | 19464173bafdc42adfc8dd7277c491c40ddef66b (patch) | |
| tree | 2842e0f62404e307ef0432f2ccce8b5ce60ab392 /gnu/packages/patches/netpbm-CVE-2017-2586.patch | |
| parent | 85ef07c4b278200db7c396f4021146916588f2fb (diff) | |
| parent | 81bb55459af85c408977470673e718ed1c0d6a25 (diff) | |
| download | guix-19464173bafdc42adfc8dd7277c491c40ddef66b.tar.gz | |
Merge branch 'master' into staging
Diffstat (limited to 'gnu/packages/patches/netpbm-CVE-2017-2586.patch')
| -rw-r--r-- | gnu/packages/patches/netpbm-CVE-2017-2586.patch | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/gnu/packages/patches/netpbm-CVE-2017-2586.patch b/gnu/packages/patches/netpbm-CVE-2017-2586.patch new file mode 100644 index 0000000000..99921870af --- /dev/null +++ b/gnu/packages/patches/netpbm-CVE-2017-2586.patch @@ -0,0 +1,21 @@ +From: Tobias Geerinckx-Rice <me@tobias.gr> +Date: Thu, 28 Feb 2019 20:29:00 +0100 +Subject: [PATCH] netpbm: Fix CVE-2017-2586. + +Copied verbatim from Debian[0]. + +[0]: https://sources.debian.org/data/main/n/netpbm-free/2:10.78.05-0.1/debian/patches/netpbm-CVE-2017-2586.patch + +--- +diff -urNp old/converter/other/svgtopam.c new/converter/other/svgtopam.c +--- old/converter/other/svgtopam.c 2017-02-08 12:11:02.593690917 +0100 ++++ new/converter/other/svgtopam.c 2017-02-08 12:13:05.192846469 +0100 +@@ -676,7 +676,7 @@ stringToUint(const char * const string + + /* TODO: move this to nstring.c */ + +- if (strlen(string) == 0) ++ if (string == NULL || strlen(string) == 0) + pm_asprintf(errorP, "Value is a null string"); + else { + char * tailptr; |