From 37f590756a23e167808f76f1389c36f0a2d39f11 Mon Sep 17 00:00:00 2001 From: Raphaël Hertzog Date: Tue, 25 Aug 2015 22:30:28 +0200 Subject: Restore all patches available in 2.9.1+dfsg1-5 in stretch, ensuring CVE-2014-3660 is fixed too. --- ...Correctly-initialise-a-stack-allocated-st.patch | 29 ++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 debian/patches/0042-HTMLparser-Correctly-initialise-a-stack-allocated-st.patch (limited to 'debian/patches/0042-HTMLparser-Correctly-initialise-a-stack-allocated-st.patch') diff --git a/debian/patches/0042-HTMLparser-Correctly-initialise-a-stack-allocated-st.patch b/debian/patches/0042-HTMLparser-Correctly-initialise-a-stack-allocated-st.patch new file mode 100644 index 0000000..e991045 --- /dev/null +++ b/debian/patches/0042-HTMLparser-Correctly-initialise-a-stack-allocated-st.patch @@ -0,0 +1,29 @@ +From: Philip Withnall +Date: Fri, 20 Jun 2014 21:03:42 +0100 +Subject: HTMLparser: Correctly initialise a stack allocated structure +MIME-Version: 1.0 +Content-Type: text/plain; charset="utf-8" +Content-Transfer-Encoding: 8bit + +If not initialised, the ‘node’ member remains undefined. + +Coverity issue: #60466 + +https://bugzilla.gnome.org/show_bug.cgi?id=731990 +--- + HTMLparser.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/HTMLparser.c b/HTMLparser.c +index 79b1adf..4c51cc5 100644 +--- a/HTMLparser.c ++++ b/HTMLparser.c +@@ -4366,7 +4366,7 @@ static void + htmlParseElementInternal(htmlParserCtxtPtr ctxt) { + const xmlChar *name; + const htmlElemDesc * info; +- htmlParserNodeInfo node_info; ++ htmlParserNodeInfo node_info = { 0, }; + int failed; + + if ((ctxt == NULL) || (ctxt->input == NULL)) { -- cgit v1.2.3