diff options
| author | tonnerre <tonnerre> | 2008-07-13 14:38:41 +0000 |
|---|---|---|
| committer | tonnerre <tonnerre> | 2008-07-13 14:38:41 +0000 |
| commit | fa44582a8d4a56a1f72c8dd79575afd759c5d2f1 (patch) | |
| tree | 343e43502c69bf88363ad909ad6f150391cd5a08 /devel | |
| parent | 2e3ff2c29bc81eb743b84f1af088c5a0c3daa70f (diff) | |
| download | pkgsrc-fa44582a8d4a56a1f72c8dd79575afd759c5d2f1.tar.gz | |
Fix overlong string DoS in pwlib's PString::vsprintf code (CVE-2007-4897).
Diffstat (limited to 'devel')
| -rw-r--r-- | devel/pwlib/Makefile | 4 | ||||
| -rw-r--r-- | devel/pwlib/distinfo | 3 | ||||
| -rw-r--r-- | devel/pwlib/patches/patch-ax | 13 |
3 files changed, 17 insertions, 3 deletions
diff --git a/devel/pwlib/Makefile b/devel/pwlib/Makefile index 8cf2613f2d5..ebe79c94e7c 100644 --- a/devel/pwlib/Makefile +++ b/devel/pwlib/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.58 2008/01/18 05:14:38 tnn Exp $ +# $NetBSD: Makefile,v 1.59 2008/07/13 14:38:41 tonnerre Exp $ DISTNAME= pwlib-v1_8_3-src PKGNAME= pwlib-1.8.3 -PKGREVISION= 7 +PKGREVISION= 8 CATEGORIES= devel MASTER_SITES+= http://www.voxgratia.org/releases/ EXTRACT_SUFX= -tar.gz diff --git a/devel/pwlib/distinfo b/devel/pwlib/distinfo index df87293dac3..8f54f68d9b3 100644 --- a/devel/pwlib/distinfo +++ b/devel/pwlib/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.24 2007/10/10 15:16:12 rillig Exp $ +$NetBSD: distinfo,v 1.25 2008/07/13 14:38:41 tonnerre Exp $ SHA1 (pwlib-v1_8_3-src-tar.gz) = d3a6eff571ebfd37889e75cbaef75983e6119d2e RMD160 (pwlib-v1_8_3-src-tar.gz) = 1ce2544ef631c8344543e62988f97022c998bb05 @@ -26,6 +26,7 @@ SHA1 (patch-at) = 87bbff9a5426c18c3e8407406b244eef2413cdbd SHA1 (patch-au) = 4947ee29e91c84f39a370ebc128c1e67737234d1 SHA1 (patch-av) = 2bb533f6a29f10d357aed1b12c0bfc43af8a4f3b SHA1 (patch-aw) = 236cb19fc7f0b78055b0634b3821c099318abb9f +SHA1 (patch-ax) = ef77c8c1f767490eba3400e1d784419e7cbfd335 SHA1 (patch-ay) = 4a7978e13956172e9190444cb773c950c2e95ace SHA1 (patch-az) = b82405bea8da7d93d965457f1090e64149e5f561 SHA1 (patch-ba) = 5695be7e37677e7d4db84bb997404030e8a8523f diff --git a/devel/pwlib/patches/patch-ax b/devel/pwlib/patches/patch-ax new file mode 100644 index 00000000000..45cd4fe2928 --- /dev/null +++ b/devel/pwlib/patches/patch-ax @@ -0,0 +1,13 @@ +$NetBSD: patch-ax,v 1.1 2008/07/13 14:38:41 tonnerre Exp $ + +--- ptlib/common/contain.cxx.orig 2004-10-21 15:04:21.000000000 +0200 ++++ ptlib/common/contain.cxx +@@ -2454,7 +2454,7 @@ PString & PString::vsprintf(const char * + PAssert(SetSize(2000), POutOfMemory); + ::vsprintf(theArray+len, fmt, arg); + #else +- PINDEX size = 0; ++ PINDEX size = len; + do { + size += 1000; + PAssert(SetSize(size), POutOfMemory); |