[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
branch core-updates updated: gnu: Remove dead cups-CVE-2020-10001.patch.
From: |
guix-commits |
Subject: |
branch core-updates updated: gnu: Remove dead cups-CVE-2020-10001.patch. |
Date: |
Wed, 23 Jun 2021 12:53:41 -0400 |
This is an automated email from the git hooks/post-receive script.
nckx pushed a commit to branch core-updates
in repository guix.
The following commit(s) were added to refs/heads/core-updates by this push:
new a3d9af5 gnu: Remove dead cups-CVE-2020-10001.patch.
a3d9af5 is described below
commit a3d9af5eb11cb4b85d011cea3c0da4a1a5aede2f
Author: Tobias Geerinckx-Rice <me@tobias.gr>
AuthorDate: Wed Jun 23 18:53:11 2021 +0200
gnu: Remove dead cups-CVE-2020-10001.patch.
* gnu/packages/patches/cups-CVE-2020-10001.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
---
gnu/local.mk | 1 -
gnu/packages/patches/cups-CVE-2020-10001.patch | 47 --------------------------
2 files changed, 48 deletions(-)
diff --git a/gnu/local.mk b/gnu/local.mk
index 65f35a1..cbc835a 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -934,7 +934,6 @@ dist_patch_DATA =
\
%D%/packages/patches/crda-optional-gcrypt.patch \
%D%/packages/patches/clucene-contribs-lib.patch \
%D%/packages/patches/cube-nocheck.patch \
- %D%/packages/patches/cups-CVE-2020-10001.patch \
%D%/packages/patches/curl-use-ssl-cert-env.patch \
%D%/packages/patches/curl-7.77-tls-priority-string.patch \
%D%/packages/patches/cursynth-wave-rand.patch \
diff --git a/gnu/packages/patches/cups-CVE-2020-10001.patch
b/gnu/packages/patches/cups-CVE-2020-10001.patch
deleted file mode 100644
index 1b16c7d..0000000
--- a/gnu/packages/patches/cups-CVE-2020-10001.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From efbea1742bd30f842fbbfb87a473e5c84f4162f9 Mon Sep 17 00:00:00 2001
-From: Michael R Sweet <msweet@msweet.org>
-Date: Mon, 1 Feb 2021 15:02:32 -0500
-Subject: [PATCH] Fix a buffer (read) overflow in ippReadIO (CVE-2020-10001)
-
----
-
-diff --git a/cups/ipp.c b/cups/ipp.c
-index 3d529346c..adbb26fba 100644
---- a/cups/ipp.c
-+++ b/cups/ipp.c
-@@ -2866,7 +2866,8 @@ ippReadIO(void *src, /* I - Data
source */
- unsigned char *buffer, /* Data buffer */
- string[IPP_MAX_TEXT],
- /* Small string buffer */
-- *bufptr; /* Pointer into buffer */
-+ *bufptr, /* Pointer into buffer */
-+ *bufend; /* End of buffer */
- ipp_attribute_t *attr; /* Current attribute */
- ipp_tag_t tag; /* Current tag */
- ipp_tag_t value_tag; /* Current value tag */
-@@ -3441,6 +3442,7 @@ ippReadIO(void *src, /* I - Data
source */
- }
-
- bufptr = buffer;
-+ bufend = buffer + n;
-
- /*
- * text-with-language and name-with-language are composite
-@@ -3454,7 +3456,7 @@ ippReadIO(void *src, /* I - Data
source */
-
- n = (bufptr[0] << 8) | bufptr[1];
-
-- if ((bufptr + 2 + n) >= (buffer + IPP_BUF_SIZE) || n >=
(int)sizeof(string))
-+ if ((bufptr + 2 + n + 2) > bufend || n >= (int)sizeof(string))
- {
- _cupsSetError(IPP_STATUS_ERROR_INTERNAL,
- _("IPP language length overflows value."), 1);
-@@ -3481,7 +3483,7 @@ ippReadIO(void *src, /* I - Data
source */
- bufptr += 2 + n;
- n = (bufptr[0] << 8) | bufptr[1];
-
-- if ((bufptr + 2 + n) >= (buffer + IPP_BUF_SIZE))
-+ if ((bufptr + 2 + n) > bufend)
- {
- _cupsSetError(IPP_STATUS_ERROR_INTERNAL,
- _("IPP string length overflows value."), 1);
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- branch core-updates updated: gnu: Remove dead cups-CVE-2020-10001.patch.,
guix-commits <=