diff options
| author | A. Wilcox <awilcox@wilcox-tech.com> | 2019-06-21 23:38:53 +0000 |
|---|---|---|
| committer | A. Wilcox <awilcox@wilcox-tech.com> | 2019-06-21 23:38:53 +0000 |
| commit | fd45ed897742614bd2867cb46578557beb820026 (patch) | |
| tree | 8eaa82bc50ad1a89272b146743ec1544163d48f3 /system/sharutils/CVE-2018-1000097.patch | |
| parent | 86d0de126ffdebdb8cee9581ce51c16a6f20b58b (diff) | |
| parent | 332e0a40fabc1c4047a631273e5d5df46cbf4bb2 (diff) | |
| download | packages-fd45ed897742614bd2867cb46578557beb820026.tar.gz packages-fd45ed897742614bd2867cb46578557beb820026.tar.bz2 packages-fd45ed897742614bd2867cb46578557beb820026.tar.xz packages-fd45ed897742614bd2867cb46578557beb820026.zip | |
Merge branch 'cve' into 'master'
CVE bumps: part one
See merge request !249
Diffstat (limited to 'system/sharutils/CVE-2018-1000097.patch')
| -rw-r--r-- | system/sharutils/CVE-2018-1000097.patch | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/system/sharutils/CVE-2018-1000097.patch b/system/sharutils/CVE-2018-1000097.patch new file mode 100644 index 000000000..f61662040 --- /dev/null +++ b/system/sharutils/CVE-2018-1000097.patch @@ -0,0 +1,16 @@ +From: Petr Pisar +Subject: Fix CVE-2018-1000097, heap buffer overflow in unshar +Bug-Debian: https://bugs.debian.org/893525 +X-Debian-version: 1:4.15.2-3 + +--- a/src/unshar.c ++++ b/src/unshar.c +@@ -240,7 +240,7 @@ + off_t position = ftello (file); + + /* Read next line, fail if no more and no previous process. */ +- if (!fgets (rw_buffer, BUFSIZ, file)) ++ if (!fgets (rw_buffer, rw_base_size, file)) + { + if (!start) + error (0, 0, _("Found no shell commands in %s"), name); |