diff options
| -rw-r--r-- | REUSE.toml | 5 | ||||
| -rw-r--r-- | bugs/README.md | 6 | ||||
| -rw-r--r-- | bugs/cve/2016/9264/globaloverflow | bin | 0 -> 8 bytes | |||
| -rw-r--r-- | loftix/bugs.scm | 16 |
4 files changed, 27 insertions, 0 deletions
diff --git a/REUSE.toml b/REUSE.toml index 8733793..a867a57 100644 --- a/REUSE.toml +++ b/REUSE.toml @@ -56,6 +56,11 @@ SPDX-FileCopyrightText = '2016 Kaixiang Zhang' SPDX-License-Identifier = 'CC0-1.0' [[annotations]] +path = 'bugs/cve/2016/9264/globaloverflow' +SPDX-FileCopyrightText = '2016 Agostino Sarubbo' +SPDX-License-Identifier = 'CC0-1.0' + +[[annotations]] path = 'bugs/cve/2016/9273/test049.tiff' SPDX-FileCopyrightText = '2016 Brian Carpenter' SPDX-License-Identifier = 'CC0-1.0' diff --git a/bugs/README.md b/bugs/README.md index c8ab237..a6a202a 100644 --- a/bugs/README.md +++ b/bugs/README.md @@ -79,6 +79,11 @@ ## libming +- CVE-2016-9264: [global buffer overflow][oss-sec-20161110-9] + + guix shell -e '(@@ (loftix bugs) libming-0.4.7-asan)' + listmp3 cve/2016/9264/globaloverflow + - CVE-2018-8806: [use after free][libming-128] guix shell -e '(@@ (loftix bugs) libming-0.4.8-asan)' @@ -242,6 +247,7 @@ [maptools-2656]: https://bugzilla.maptools.org/show_bug.cgi?id=2656 [mozjpeg-268]: https://github.com/mozilla/mozjpeg/issues/268 [oss-sec-20161105-3]: https://www.openwall.com/lists/oss-security/2016/11/05/3 +[oss-sec-20161110-9]: https://www.openwall.com/lists/oss-security/2016/11/10/9 [redhat-955808]: https://bugzilla.redhat.com/show_bug.cgi?id=955808 [redhat-1319503]: https://bugzilla.redhat.com/show_bug.cgi?id=1319503 [sourceware-21137]: https://sourceware.org/bugzilla/show_bug.cgi?id=21137 diff --git a/bugs/cve/2016/9264/globaloverflow b/bugs/cve/2016/9264/globaloverflow new file mode 100644 index 0000000..24f6f72 --- /dev/null +++ b/bugs/cve/2016/9264/globaloverflow Binary files differdiff --git a/loftix/bugs.scm b/loftix/bugs.scm index 5e6c9cf..dc75628 100644 --- a/loftix/bugs.scm +++ b/loftix/bugs.scm @@ -221,6 +221,22 @@ It can be used from PHP, Perl, Ruby, Python, C, C++ and Java.") (home-page "https://github.com/libming/libming") (license (list license:lgpl2.1+ license:gpl2+)))) +(define-public libming-0.4.7-asan + (package + (inherit libming-0.4.8-asan) + (name "libming") + (version "0.4.7") + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/libming/libming") + (commit "ming-0_4_7"))) + (sha256 + (base32 "17ngz1n1mnknixzchywkhbw9s3scad8ajmk97gx14xbsw1603gd2")) + (file-name (git-file-name name version)) + (patches (search-patches + "patches/libming-parallel-make.patch")))))) + (define-public libtiff-4.0.6 (package (inherit libtiff) |