guix-commits
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/01: gnu: foomatic-filters: Add missing patches.


From: Ludovic Courtès
Subject: 01/01: gnu: foomatic-filters: Add missing patches.
Date: Sun, 10 Sep 2017 06:01:21 -0400 (EDT)

civodul pushed a commit to branch master
in repository guix.

commit 67a37c63118519ccc5c24f3325bad6f29ab21e59
Author: Ludovic Courtès <address@hidden>
Date:   Sun Sep 10 12:00:25 2017 +0200

    gnu: foomatic-filters: Add missing patches.
    
    This is a followup to commit d02aabaf1b57eda3ef052c70df1322f915e7c736.
    
    * gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch: New file.
    * gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch: New file.
    * gnu/local.mk (dist_patch_DATA): Add them.
---
 gnu/local.mk                                              |  2 ++
 gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch | 14 ++++++++++++++
 gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch | 13 +++++++++++++
 3 files changed, 29 insertions(+)

diff --git a/gnu/local.mk b/gnu/local.mk
index 1ac9d5e..8ffa13b 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -610,6 +610,8 @@ dist_patch_DATA =                                           
\
   %D%/packages/patches/fltk-shared-lib-defines.patch           \
   %D%/packages/patches/fltk-xfont-on-demand.patch              \
   %D%/packages/patches/fontforge-svg-modtime.patch             \
+  %D%/packages/patches/foomatic-filters-CVE-2015-8327.patch    \
+  %D%/packages/patches/foomatic-filters-CVE-2015-8560.patch    \
   %D%/packages/patches/freeimage-CVE-2015-0852.patch           \
   %D%/packages/patches/freeimage-CVE-2016-5684.patch           \
   %D%/packages/patches/freeimage-fix-build-with-gcc-5.patch    \
diff --git a/gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch 
b/gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch
new file mode 100644
index 0000000..d9f0cc1
--- /dev/null
+++ b/gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch
@@ -0,0 +1,14 @@
+Fix for <https://nvd.nist.gov/vuln/detail?vulnId=CVE-2015-8327>.
+
+--- a/util.c   2014-06-20 19:26:18 +0000
++++ b/util.c   2015-10-30 15:45:03 +0000
+@@ -31,7 +31,7 @@
+ #include <assert.h>
+ 
+ 
+-const char* shellescapes = "|<>&!$\'\"#*?()[]{}";
++const char* shellescapes = "|<>&!$\'\"`#*?()[]{}";
+ 
+ const char * temp_dir()
+ {
+
diff --git a/gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch 
b/gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch
new file mode 100644
index 0000000..d3c3024
--- /dev/null
+++ b/gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch
@@ -0,0 +1,13 @@
+Fix for <https://nvd.nist.gov/vuln/detail?vulnId=CVE-2015-8560>.
+
+--- a/util.c   2015-10-30 15:45:03 +0000
++++ b/util.c   2015-12-12 23:27:21 +0000
+@@ -31,7 +31,7 @@
+ #include <assert.h>
+ 
+ 
+-const char* shellescapes = "|<>&!$\'\"`#*?()[]{}";
++const char* shellescapes = "|;<>&!$\'\"`#*?()[]{}";
+ 
+ const char * temp_dir()
+ {



reply via email to

[Prev in Thread] Current Thread [Next in Thread]