[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] gnu: mupdf: Fix CVE-2016-8674.
From: |
Mark H Weaver |
Subject: |
Re: [PATCH] gnu: mupdf: Fix CVE-2016-8674. |
Date: |
Tue, 25 Oct 2016 21:46:09 -0400 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) |
Leo Famulari <address@hidden> writes:
> On Tue, Oct 25, 2016 at 12:53:28PM -0400, Kei Kebreau wrote:
>> Fix for
>> https://blogs.gentoo.org/ago/2016/09/22/mupdf-use-after-free-in-pdf_to_num-pdf-object-c/.
>
>> From 97312c3c9e13688081aa513d1c94a9fff1274f75 Mon Sep 17 00:00:00 2001
>> From: Kei Kebreau <address@hidden>
>> Date: Tue, 25 Oct 2016 12:49:52 -0400
>> Subject: [PATCH] gnu: mupdf: Fix CVE-2016-8674.
>>
>> * gnu/packages/patches/mupdf-CVE-2016-8674.patch: New file.
>> * gnu/local.mk (dist_patch_DATA): Add it.
>> * gnu/packages/pdf.scm (mupdf): Use it.
>
> Thank you, please push!
mupdf-CVE-2016-8674.patch fails to apply:
https://hydra.gnu.org/build/1581228/nixlog/2/tail-reload
Kei, did you test this?
Mark