diff options
| author | Sascha Paunovic <azarus@posteo.net> | 2018-06-03 17:53:35 +0200 |
|---|---|---|
| committer | Timo Teräs <timo.teras@iki.fi> | 2018-07-19 11:53:13 +0300 |
| commit | 488c5e412cf61e781be4787348a1b6eb109690ba (patch) | |
| tree | 5a619f055f9bee4c9a1afbadb444a5517db767ce /community/gimp/CVE-2017-17787.patch | |
| parent | 7fe9dd2a07f52ae954b6c8f9a913ef6482fb90b9 (diff) | |
| download | aports-488c5e412cf61e781be4787348a1b6eb109690ba.tar.bz2 aports-488c5e412cf61e781be4787348a1b6eb109690ba.tar.xz | |
community/gimp: upgrade to 2.10.2
Diffstat (limited to 'community/gimp/CVE-2017-17787.patch')
| -rw-r--r-- | community/gimp/CVE-2017-17787.patch | 33 |
1 files changed, 0 insertions, 33 deletions
diff --git a/community/gimp/CVE-2017-17787.patch b/community/gimp/CVE-2017-17787.patch deleted file mode 100644 index 654726388e..0000000000 --- a/community/gimp/CVE-2017-17787.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 87ba505fff85989af795f4ab6a047713f4d9381d Mon Sep 17 00:00:00 2001 -From: Jehan <jehan@girinstud.io> -Date: Thu, 21 Dec 2017 12:49:41 +0100 -Subject: Bug 790853 - (CVE-2017-17787) heap overread in psp importer. - -As any external data, we have to check that strings being read at fixed -length are properly nul-terminated. - -(cherry picked from commit eb2980683e6472aff35a3117587c4f814515c74d) ---- - plug-ins/common/file-psp.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/plug-ins/common/file-psp.c b/plug-ins/common/file-psp.c -index 4cbafe3..e350e4d 100644 ---- a/plug-ins/common/file-psp.c -+++ b/plug-ins/common/file-psp.c -@@ -890,6 +890,12 @@ read_creator_block (FILE *f, - g_free (string); - return -1; - } -+ if (string[length - 1] != '\0') -+ { -+ g_message ("Creator keyword data not nul-terminated"); -+ g_free (string); -+ return -1; -+ } - switch (keyword) - { - case PSP_CRTR_FLD_TITLE: --- -cgit v0.12 - |