Browse Source

patch: Add missing CVE-2018-6951 patch

The last commit added PKG_CPE_ID and now uscan detects a CVE that I missed

Reordered patches by date

Signed-off-by: Rosen Penev <rosenp@gmail.com>
[tweaked commit message]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
lilik-openwrt-22.03
Rosen Penev 6 years ago
committed by Kevin Darbyshire-Bryant
parent
commit
394ff73e53
4 changed files with 38 additions and 9 deletions
  1. +1
    -1
      devel/patch/Makefile
  2. +29
    -0
      devel/patch/patches/010-CVE-2018-6951.patch
  3. +5
    -5
      devel/patch/patches/020-CVE-2018-1000156.patch
  4. +3
    -3
      devel/patch/patches/030-CVE-2018-6952.patch

+ 1
- 1
devel/patch/Makefile View File

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=patch
PKG_VERSION:=2.7.6
PKG_RELEASE:=2
PKG_RELEASE:=3
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=@GNU/patch


+ 29
- 0
devel/patch/patches/010-CVE-2018-6951.patch View File

@ -0,0 +1,29 @@
From 9bf998b5fcbcde1dea0e472dc1538abb97e9012e Mon Sep 17 00:00:00 2001
From: Andreas Gruenbacher <agruen@gnu.org>
Date: Mon, 12 Feb 2018 16:48:24 +0100
Subject: [PATCH] Fix segfault with mangled rename patch
http://savannah.gnu.org/bugs/?53132
* src/pch.c (intuit_diff_type): Ensure that two filenames are specified
for renames and copies (fix the existing check).
---
src/pch.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/pch.c b/src/pch.c
index ff9ed2c..bc6278c 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -974,7 +974,8 @@ intuit_diff_type (bool need_header, mode_t *p_file_type)
if ((pch_rename () || pch_copy ())
&& ! inname
&& ! ((i == OLD || i == NEW) &&
- p_name[! reverse] &&
+ p_name[reverse] && p_name[! reverse] &&
+ name_is_valid (p_name[reverse]) &&
name_is_valid (p_name[! reverse])))
{
say ("Cannot %s file without two valid file names\n", pch_rename () ? "rename" : "copy");
--
2.19.1

devel/patch/patches/010-CVE-2018-1000156.patch → devel/patch/patches/020-CVE-2018-1000156.patch View File


devel/patch/patches/020-CVE-2018-6952.patch → devel/patch/patches/030-CVE-2018-6952.patch View File


Loading…
Cancel
Save