summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/patches/libxvmc-CVE-2016-7953.patch42
-rw-r--r--gnu/packages/xorg.scm13
3 files changed, 2 insertions, 54 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 578693f07e..4a1a0ec382 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -668,7 +668,6 @@ dist_patch_DATA =						\
   %D%/packages/patches/libwmf-CVE-2015-0848+CVE-2015-4588.patch	\
   %D%/packages/patches/libwmf-CVE-2015-4695.patch		\
   %D%/packages/patches/libwmf-CVE-2015-4696.patch		\
-  %D%/packages/patches/libxvmc-CVE-2016-7953.patch		\
   %D%/packages/patches/libxslt-generated-ids.patch		\
   %D%/packages/patches/linux-pam-no-setfsuid.patch		\
   %D%/packages/patches/lirc-localstatedir.patch			\
diff --git a/gnu/packages/patches/libxvmc-CVE-2016-7953.patch b/gnu/packages/patches/libxvmc-CVE-2016-7953.patch
deleted file mode 100644
index 737abdeb9f..0000000000
--- a/gnu/packages/patches/libxvmc-CVE-2016-7953.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-Fix CVE-2016-7953:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7953
-
-Patch copied from upstream source repository:
-
-https://cgit.freedesktop.org/xorg/lib/libXvMC/commit/?id=2cd95e7da8367cccdcdd5c9b160012d1dec5cbdb
-
-From 2cd95e7da8367cccdcdd5c9b160012d1dec5cbdb Mon Sep 17 00:00:00 2001
-From: Tobias Stoeckmann <tobias@stoeckmann.org>
-Date: Sun, 25 Sep 2016 22:34:27 +0200
-Subject: [PATCH] Avoid buffer underflow on empty strings.
-
-If an empty string is received from an x-server, do not underrun the
-buffer by accessing "rep.nameLen - 1" unconditionally, which could end
-up being -1.
-
-Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
-Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
----
- src/XvMC.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/XvMC.c b/src/XvMC.c
-index 7336760..3ee4212 100644
---- a/src/XvMC.c
-+++ b/src/XvMC.c
-@@ -576,9 +576,9 @@ Status XvMCGetDRInfo(Display *dpy, XvPortID port,
- 	if (*name && *busID && tmpBuf) {
- 	    _XRead(dpy, tmpBuf, realSize);
- 	    strncpy(*name,tmpBuf,rep.nameLen);
--	    (*name)[rep.nameLen - 1] = '\0';
-+	    (*name)[rep.nameLen == 0 ? 0 : rep.nameLen - 1] = '\0';
- 	    strncpy(*busID,tmpBuf+rep.nameLen,rep.busIDLen);
--	    (*busID)[rep.busIDLen - 1] = '\0';
-+	    (*busID)[rep.busIDLen == 0 ? 0 : rep.busIDLen - 1] = '\0';
- 	    XFree(tmpBuf);
- 	} else {
- 	    XFree(*name);
--- 
-2.10.1
-
diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index 3793c2b3a7..1b2b0cafcd 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -4943,8 +4943,7 @@ new API's in libXft, or the legacy API's in libX11.")
 (define-public libxvmc
   (package
     (name "libxvmc")
-    (replacement libxvmc/fixed)
-    (version "1.0.9")
+    (version "1.0.10")
     (source
       (origin
         (method url-fetch)
@@ -4954,7 +4953,7 @@ new API's in libXft, or the legacy API's in libX11.")
                ".tar.bz2"))
         (sha256
           (base32
-            "0mjp1b21dvkaz7r0iq085r92nh5vkpmx99awfgqq9hgzyvgxf0q7"))))
+            "0bpffxr5dal90a8miv2w0rif61byqxq2f5angj4z1bnznmws00g5"))))
     (build-system gnu-build-system)
     (propagated-inputs
       `(("libxv" ,libxv)))
@@ -4969,14 +4968,6 @@ new API's in libXft, or the legacy API's in libX11.")
     (description "Xorg XvMC library.")
     (license license:x11)))
 
-(define libxvmc/fixed
-  (package
-    (inherit libxvmc)
-    (source (origin
-              (inherit (package-source libxvmc))
-              (patches (search-patches
-                         "libxvmc-CVE-2016-7953.patch"))))))
-
 (define-public libxxf86vm
   (package
     (name "libxxf86vm")