[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/01: gnu: libgxps: Fix CVE-2017-11590.
|
From: |
Leo Famulari |
|
Subject: |
01/01: gnu: libgxps: Fix CVE-2017-11590. |
|
Date: |
Thu, 21 Dec 2017 14:17:42 -0500 (EST) |
lfam pushed a commit to branch master
in repository guix.
commit 9c3ad422d0f4f2e552dcb73aae98c7db1fc2e584
Author: Leo Famulari <address@hidden>
Date: Wed Dec 20 19:53:40 2017 -0500
gnu: libgxps: Fix CVE-2017-11590.
* gnu/packages/patches/libgxps-CVE-2017-11590.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/gnome.scm (libgxps)[source]: Use it.
---
gnu/local.mk | 1 +
gnu/packages/gnome.scm | 1 +
gnu/packages/patches/libgxps-CVE-2017-11590.patch | 48 +++++++++++++++++++++++
3 files changed, 50 insertions(+)
diff --git a/gnu/local.mk b/gnu/local.mk
index 20b3c3e..ea9c424 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -810,6 +810,7 @@ dist_patch_DATA =
\
%D%/packages/patches/libgit2-0.25.1-mtime-0.patch \
%D%/packages/patches/libgdata-fix-tests.patch \
%D%/packages/patches/libgdata-glib-duplicate-tests.patch \
+ %D%/packages/patches/libgxps-CVE-2017-11590.patch \
%D%/packages/patches/libffi-3.2.1-complex-alpha.patch \
%D%/packages/patches/libjxr-fix-function-signature.patch \
%D%/packages/patches/libjxr-fix-typos.patch \
diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm
index 7b93ddd..b7f57b0 100644
--- a/gnu/packages/gnome.scm
+++ b/gnu/packages/gnome.scm
@@ -395,6 +395,7 @@ access the common Google services, and has full
asynchronous support.")
(uri (string-append "mirror://gnome/sources/" name "/"
(version-major+minor version) "/"
name "-" version ".tar.xz"))
+ (patches (search-patches "libgxps-CVE-2017-11590.patch"))
(sha256
(base32
"184r06s8g20cfigg7m169n42jjsc9wmzzlycr4g1fxxhr72r8x9y"))))
diff --git a/gnu/packages/patches/libgxps-CVE-2017-11590.patch
b/gnu/packages/patches/libgxps-CVE-2017-11590.patch
new file mode 100644
index 0000000..9caa79b
--- /dev/null
+++ b/gnu/packages/patches/libgxps-CVE-2017-11590.patch
@@ -0,0 +1,48 @@
+Fix CVE-2017-11590:
+
+https://bugzilla.gnome.org/show_bug.cgi?id=785479
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11590
+
+Patch copied from upstream source repository:
+
+https://git.gnome.org/browse/libgxps/commit/?id=9d5d292055250ed298f3b89dc332d6db4003a031
+
+From 9d5d292055250ed298f3b89dc332d6db4003a031 Mon Sep 17 00:00:00 2001
+From: Marek Kasik <address@hidden>
+Date: Wed, 26 Jul 2017 16:23:37 +0200
+Subject: archive: Check for pathname being NULL before dereferencing
+
+Check whether "archive_entry_pathname ()" returns a non-NULL pathname
+before using it to avoid a NULL pointer being dereferenced.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=785479
+---
+ libgxps/gxps-archive.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/libgxps/gxps-archive.c b/libgxps/gxps-archive.c
+index acf8d7d..e763773 100644
+--- a/libgxps/gxps-archive.c
++++ b/libgxps/gxps-archive.c
+@@ -257,6 +257,7 @@ gxps_archive_initable_init (GInitable *initable,
+ GXPSArchive *archive;
+ ZipArchive *zip;
+ struct archive_entry *entry;
++ const gchar *pathname;
+
+ archive = GXPS_ARCHIVE (initable);
+
+@@ -281,7 +282,9 @@ gxps_archive_initable_init (GInitable *initable,
+
+ while (gxps_zip_archive_iter_next (zip, &entry)) {
+ /* FIXME: We can ignore directories here */
+- g_hash_table_add (archive->entries, g_strdup
(archive_entry_pathname (entry)));
++ pathname = archive_entry_pathname (entry);
++ if (pathname != NULL)
++ g_hash_table_add (archive->entries, g_strdup
(pathname));
+ archive_read_data_skip (zip->archive);
+ }
+
+--
+cgit v0.12
+