diff options
author | Gustavo Zacarias <gustavo@zacarias.com.ar> | 2015-01-26 17:58:14 -0300 |
---|---|---|
committer | Peter Korsgaard <peter@korsgaard.com> | 2015-01-26 23:13:44 +0100 |
commit | 3ae2f86cf29c52ab086f4d380fdb41f9c1f599f6 (patch) | |
tree | 29427d787f905757fded49a79a798e924c61836a /package/grep | |
parent | ddfce0448d7e1bbce70d8b5b5924a0ac39df1e9e (diff) |
grep: add patch to fix CVE-2015-1345
Fixes CVE-2015-1345 - heap buffer overrun.
See https://bugzilla.redhat.com/show_bug.cgi?id=1183651
Patch upstream.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'package/grep')
-rw-r--r-- | package/grep/0001-fix-CVE-2015-1345.patch | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/package/grep/0001-fix-CVE-2015-1345.patch b/package/grep/0001-fix-CVE-2015-1345.patch new file mode 100644 index 000000000..f7701aa01 --- /dev/null +++ b/package/grep/0001-fix-CVE-2015-1345.patch @@ -0,0 +1,20 @@ +Simplified patch from upstream to avoid autoreconf. Source: +http://git.savannah.gnu.org/cgit/grep.git/commit/?id=83a95bd8c8561875b948cadd417c653dbe7ef2e2 + +Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> +--- +diff --git a/src/kwset.c b/src/kwset.c +index 4003c8d..376f7c3 100644 +--- a/src/kwset.c ++++ b/src/kwset.c +@@ -643,6 +643,8 @@ bmexec_trans (kwset_t kwset, char const *text, size_t size) + if (! tp) + return -1; + tp++; ++ if (ep <= tp) ++ break; + } + } + } +-- +cgit v0.9.0.2 |