From 29a780147d066d5ce218d1fa2678a0a36a1145e3 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Thu, 28 Jan 2016 00:22:49 -0500 Subject: gnu: icecat: Add fixes for CVE-2016-{1930,1935} and other bugs. * gnu/packages/patches/icecat-CVE-2016-1930-pt01.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt02.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt03.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt04.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt05.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt06.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt07.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt08.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt09.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt10.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt11.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt12.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt13.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt14.patch, gnu/packages/patches/icecat-CVE-2016-1930-pt15.patch, gnu/packages/patches/icecat-CVE-2016-1935.patch, gnu/packages/patches/icecat-bug-1146335-pt1.patch, gnu/packages/patches/icecat-bug-1146335-pt2.patch, gnu/packages/patches/icecat-limit-max-buffers-size-for-ANGLE.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/gnuzilla.scm (icecat)[source]: Add patches. --- .../patches/icecat-CVE-2016-1930-pt01.patch | 34 ++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 gnu/packages/patches/icecat-CVE-2016-1930-pt01.patch (limited to 'gnu/packages/patches/icecat-CVE-2016-1930-pt01.patch') diff --git a/gnu/packages/patches/icecat-CVE-2016-1930-pt01.patch b/gnu/packages/patches/icecat-CVE-2016-1930-pt01.patch new file mode 100644 index 0000000000..27768fa1ac --- /dev/null +++ b/gnu/packages/patches/icecat-CVE-2016-1930-pt01.patch @@ -0,0 +1,34 @@ +Copied from: https://hg.mozilla.org/releases/mozilla-esr38/rev/925215cae26f +Security advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2016-01/ +Mozilla Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1233346 + +# HG changeset patch +# User Nils Ohlmeier +# Date 1451439902 18000 +# Node ID 925215cae26f9c0ccff07ef403a5b3194a4c45c4 +# Parent ff8e52467d793e935b80bf22a722a71a96fe2d63 +Bug 1233346 - r=ekr a=abillings + +diff --git a/media/mtransport/third_party/nICEr/src/stun/addrs.c b/media/mtransport/third_party/nICEr/src/stun/addrs.c +--- a/media/mtransport/third_party/nICEr/src/stun/addrs.c ++++ b/media/mtransport/third_party/nICEr/src/stun/addrs.c +@@ -530,16 +530,18 @@ stun_get_win32_addrs(nr_local_addr addrs + + for (tmpAddress = AdapterAddresses; tmpAddress != NULL; tmpAddress = tmpAddress->Next) { + char *c; + + if (tmpAddress->OperStatus != IfOperStatusUp) + continue; + + snprintf(munged_ifname, IFNAMSIZ, "%S%c", tmpAddress->FriendlyName, 0); ++ munged_ifname[IFNAMSIZ-1] = '\0'; ++ + /* replace spaces with underscores */ + c = strchr(munged_ifname, ' '); + while (c != NULL) { + *c = '_'; + c = strchr(munged_ifname, ' '); + } + c = strchr(munged_ifname, '.'); + while (c != NULL) { + -- cgit 1.4.1