[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/01: gnu: foomatic-filters: Add missing patches.
From: |
Ludovic Courtès |
Subject: |
01/01: gnu: foomatic-filters: Add missing patches. |
Date: |
Sun, 10 Sep 2017 06:01:21 -0400 (EDT) |
civodul pushed a commit to branch master
in repository guix.
commit 67a37c63118519ccc5c24f3325bad6f29ab21e59
Author: Ludovic Courtès <address@hidden>
Date: Sun Sep 10 12:00:25 2017 +0200
gnu: foomatic-filters: Add missing patches.
This is a followup to commit d02aabaf1b57eda3ef052c70df1322f915e7c736.
* gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch: New file.
* gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add them.
---
gnu/local.mk | 2 ++
gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch | 14 ++++++++++++++
gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch | 13 +++++++++++++
3 files changed, 29 insertions(+)
diff --git a/gnu/local.mk b/gnu/local.mk
index 1ac9d5e..8ffa13b 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -610,6 +610,8 @@ dist_patch_DATA =
\
%D%/packages/patches/fltk-shared-lib-defines.patch \
%D%/packages/patches/fltk-xfont-on-demand.patch \
%D%/packages/patches/fontforge-svg-modtime.patch \
+ %D%/packages/patches/foomatic-filters-CVE-2015-8327.patch \
+ %D%/packages/patches/foomatic-filters-CVE-2015-8560.patch \
%D%/packages/patches/freeimage-CVE-2015-0852.patch \
%D%/packages/patches/freeimage-CVE-2016-5684.patch \
%D%/packages/patches/freeimage-fix-build-with-gcc-5.patch \
diff --git a/gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch
b/gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch
new file mode 100644
index 0000000..d9f0cc1
--- /dev/null
+++ b/gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch
@@ -0,0 +1,14 @@
+Fix for <https://nvd.nist.gov/vuln/detail?vulnId=CVE-2015-8327>.
+
+--- a/util.c 2014-06-20 19:26:18 +0000
++++ b/util.c 2015-10-30 15:45:03 +0000
+@@ -31,7 +31,7 @@
+ #include <assert.h>
+
+
+-const char* shellescapes = "|<>&!$\'\"#*?()[]{}";
++const char* shellescapes = "|<>&!$\'\"`#*?()[]{}";
+
+ const char * temp_dir()
+ {
+
diff --git a/gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch
b/gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch
new file mode 100644
index 0000000..d3c3024
--- /dev/null
+++ b/gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch
@@ -0,0 +1,13 @@
+Fix for <https://nvd.nist.gov/vuln/detail?vulnId=CVE-2015-8560>.
+
+--- a/util.c 2015-10-30 15:45:03 +0000
++++ b/util.c 2015-12-12 23:27:21 +0000
+@@ -31,7 +31,7 @@
+ #include <assert.h>
+
+
+-const char* shellescapes = "|<>&!$\'\"`#*?()[]{}";
++const char* shellescapes = "|;<>&!$\'\"`#*?()[]{}";
+
+ const char * temp_dir()
+ {