diff options
Diffstat (limited to 'gnu/packages/patches/graphicsmagick-CVE-2016-5118.patch')
-rw-r--r-- | gnu/packages/patches/graphicsmagick-CVE-2016-5118.patch | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/gnu/packages/patches/graphicsmagick-CVE-2016-5118.patch b/gnu/packages/patches/graphicsmagick-CVE-2016-5118.patch new file mode 100644 index 0000000000..ddd1ce93f4 --- /dev/null +++ b/gnu/packages/patches/graphicsmagick-CVE-2016-5118.patch @@ -0,0 +1,19 @@ +Fix CVE-2016-5118 (popen() shell vulnerability via filename). + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5118 + +Upstream patch copied from the bug announcement: +http://seclists.org/oss-sec/2016/q2/432 +https://marc.info/?l=oss-security&m=146455222600609&w=2 + +diff -r 33200fc645f6 magick/blob.c +--- a/magick/blob.c Sat Nov 07 14:49:16 2015 -0600 ++++ b/magick/blob.c Sun May 29 14:12:57 2016 -0500 +@@ -68,6 +68,7 @@ + */ + #define DefaultBlobQuantum 65541 + ++#undef HAVE_POPEN + + /* + Enum declarations. |