guix-commits
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/01: gnu: bluez: Remove leftover patch.


From: Marius Bakke
Subject: 01/01: gnu: bluez: Remove leftover patch.
Date: Wed, 20 Sep 2017 14:50:34 -0400 (EDT)

mbakke pushed a commit to branch staging
in repository guix.

commit a9bd50e3527d1f16cf7e70c457dd165cafeb6372
Author: Marius Bakke <address@hidden>
Date:   Wed Sep 20 20:50:00 2017 +0200

    gnu: bluez: Remove leftover patch.
    
    This is a follow-up to commit 164fccea7eead86c6ebe389bc0255c72b161d109.
    
    * gnu/packages/patches/bluez-CVE-2017-1000250.patch: Delete file.
    * gnu/local.mk (dist_patch_DATA): Remove it.
---
 gnu/local.mk                                      |  1 -
 gnu/packages/patches/bluez-CVE-2017-1000250.patch | 42 -----------------------
 2 files changed, 43 deletions(-)

diff --git a/gnu/local.mk b/gnu/local.mk
index 24aaf94..8dfc1b7 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -538,7 +538,6 @@ dist_patch_DATA =                                           
\
   %D%/packages/patches/binutils-ld-new-dtags.patch             \
   %D%/packages/patches/binutils-loongson-workaround.patch      \
   %D%/packages/patches/blast+-fix-makefile.patch               \
-  %D%/packages/patches/bluez-CVE-2017-1000250.patch            \
   %D%/packages/patches/byobu-writable-status.patch             \
   %D%/packages/patches/cairo-CVE-2016-9082.patch                       \
   %D%/packages/patches/calibre-no-updates-dialog.patch         \
diff --git a/gnu/packages/patches/bluez-CVE-2017-1000250.patch 
b/gnu/packages/patches/bluez-CVE-2017-1000250.patch
deleted file mode 100644
index 81f209d..0000000
--- a/gnu/packages/patches/bluez-CVE-2017-1000250.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-Description: CVE-2017-1000250: information disclosure vulnerability in 
service_search_attr_req
-Origin: vendor
-Bug-Debian: https://bugs.debian.org/875633
-Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1489446
-Bug-SuSE: https://bugzilla.suse.com/show_bug.cgi?id=1057342
-Forwarded: no
-Author: Armis Security <address@hidden>
-Reviewed-by: Salvatore Bonaccorso <address@hidden>
-Last-Update: 2017-09-13
-
---- a/src/sdpd-request.c
-+++ b/src/sdpd-request.c
-@@ -918,15 +918,20 @@ static int service_search_attr_req(sdp_r
-               /* continuation State exists -> get from cache */
-               sdp_buf_t *pCache = sdp_get_cached_rsp(cstate);
-               if (pCache) {
--                      uint16_t sent = MIN(max, pCache->data_size - 
cstate->cStateValue.maxBytesSent);
--                      pResponse = pCache->data;
--                      memcpy(buf->data, pResponse + 
cstate->cStateValue.maxBytesSent, sent);
--                      buf->data_size += sent;
--                      cstate->cStateValue.maxBytesSent += sent;
--                      if (cstate->cStateValue.maxBytesSent == 
pCache->data_size)
--                              cstate_size = sdp_set_cstate_pdu(buf, NULL);
--                      else
--                              cstate_size = sdp_set_cstate_pdu(buf, cstate);
-+                      if (cstate->cStateValue.maxBytesSent >= 
pCache->data_size) {
-+                              status = SDP_INVALID_CSTATE;
-+                              SDPDBG("Got bad cstate with invalid size");
-+                      } else {
-+                              uint16_t sent = MIN(max, pCache->data_size - 
cstate->cStateValue.maxBytesSent);
-+                              pResponse = pCache->data;
-+                              memcpy(buf->data, pResponse + 
cstate->cStateValue.maxBytesSent, sent);
-+                              buf->data_size += sent;
-+                              cstate->cStateValue.maxBytesSent += sent;
-+                              if (cstate->cStateValue.maxBytesSent == 
pCache->data_size)
-+                                      cstate_size = sdp_set_cstate_pdu(buf, 
NULL);
-+                              else
-+                                      cstate_size = sdp_set_cstate_pdu(buf, 
cstate);
-+                      }
-               } else {
-                       status = SDP_INVALID_CSTATE;
-                       SDPDBG("Non-null continuation state, but null cache 
buffer");



reply via email to

[Prev in Thread] Current Thread [Next in Thread]