Accepting request 261258 from Archiving
1 OBS-URL: https://build.opensuse.org/request/show/261258 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libarchive?expand=0&rev=18
This commit is contained in:
commit
c84757ff1e
18
CVE-2013-0211.patch
Normal file
18
CVE-2013-0211.patch
Normal file
@ -0,0 +1,18 @@
|
||||
Index: libarchive-3.1.2/libarchive/archive_write.c
|
||||
===================================================================
|
||||
--- libarchive-3.1.2.orig/libarchive/archive_write.c
|
||||
+++ libarchive-3.1.2/libarchive/archive_write.c
|
||||
@@ -671,8 +671,13 @@ static ssize_t
|
||||
_archive_write_data(struct archive *_a, const void *buff, size_t s)
|
||||
{
|
||||
struct archive_write *a = (struct archive_write *)_a;
|
||||
+ size_t max_write = INT_MAX;
|
||||
+
|
||||
archive_check_magic(&a->archive, ARCHIVE_WRITE_MAGIC,
|
||||
ARCHIVE_STATE_DATA, "archive_write_data");
|
||||
+ /* This catches attempts to pass negative values. */
|
||||
+ if (s > max_write)
|
||||
+ s = max_write;
|
||||
archive_clear_error(&a->archive);
|
||||
return ((a->format_write_data)(a, buff, s));
|
||||
}
|
@ -1,3 +1,8 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Nov 11 12:07:46 UTC 2014 - jsegitz@novell.com
|
||||
|
||||
- Added CVE-2013-0211.patch to fix CVE-2013-0211 (bnc#800024)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed May 28 17:18:59 UTC 2014 - crrodriguez@opensuse.org
|
||||
|
||||
|
@ -56,6 +56,7 @@ BuildRequires: xz-devel
|
||||
BuildRequires: zlib-devel
|
||||
Patch0: libarchive-openssl.patch
|
||||
Patch1: libarchive-xattr.patch
|
||||
Patch2: CVE-2013-0211.patch
|
||||
|
||||
%description
|
||||
Libarchive is a programming library that can create and read several
|
||||
@ -165,6 +166,7 @@ static library for libarchive
|
||||
%patch0
|
||||
%endif
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
%build
|
||||
autoreconf -fiv
|
||||
%global optflags %{optflags} -D_REENTRANT -pipe
|
||||
|
Loading…
Reference in New Issue
Block a user