[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 1/1] gnu: unrtf: Fix CVE-2016-10091.
From: |
Leo Famulari |
Subject: |
Re: [PATCH 1/1] gnu: unrtf: Fix CVE-2016-10091. |
Date: |
Wed, 4 Jan 2017 02:27:57 -0500 |
User-agent: |
Mutt/1.7.2 (2016-11-26) |
On Wed, Jan 04, 2017 at 02:13:25AM -0500, Leo Famulari wrote:
> On Tue, Jan 03, 2017 at 05:49:29PM +0100, Marius Bakke wrote:
> > Leo Famulari <address@hidden> writes:
> > > +diff --git a/debian/patches/series b/debian/patches/series
> > > +new file mode 100644
> > > +index 0000000..7868249
> > > +--- /dev/null
> > > ++++ b/debian/patches/series
> > > +@@ -0,0 +1 @@
> > > ++0001-Replace-all-instances-of-sprintf-with-snprintf-and-a.patch
> >
> > This part we surely don't need ;-)
>
> Oops!
x2
Of course, the patch I sent on January 1 was completely broken.
The patch it included from Debian was meant to be applied to the Debian
package tree, not the UnRTF source code.
I've attached a revision!
0001-gnu-unrtf-Fix-CVE-2016-10091.patch
Description: Text document
signature.asc
Description: PGP signature