diff options
author | drochner <drochner@pkgsrc.org> | 2007-11-05 11:28:50 +0000 |
---|---|---|
committer | drochner <drochner@pkgsrc.org> | 2007-11-05 11:28:50 +0000 |
commit | ae13fb82c8aa2ed31ccc7ac133b5c9ac97778502 (patch) | |
tree | a2c455c1879c7b5b5dfc58cc9e7b16aa10cef2ca /lang/mono | |
parent | 91812f0d5f2bc8fe72fa91206cfeea140a78386c (diff) | |
download | pkgsrc-ae13fb82c8aa2ed31ccc7ac133b5c9ac97778502.tar.gz |
apply a patch from Debian for CVE-2007-5197:
Buffer overflow in the Mono.Math.BigInteger class in Mono allows
context-dependent attackers to execute arbitrary code via
unspecified vectors
Diffstat (limited to 'lang/mono')
-rw-r--r-- | lang/mono/Makefile | 4 | ||||
-rw-r--r-- | lang/mono/distinfo | 4 | ||||
-rw-r--r-- | lang/mono/patches/patch-ca | 13 | ||||
-rw-r--r-- | lang/mono/patches/patch-cb | 13 |
4 files changed, 31 insertions, 3 deletions
diff --git a/lang/mono/Makefile b/lang/mono/Makefile index fae0ace3a50..56d22841d69 100644 --- a/lang/mono/Makefile +++ b/lang/mono/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.58 2007/08/13 16:41:34 taca Exp $ +# $NetBSD: Makefile,v 1.59 2007/11/05 11:28:50 drochner Exp $ DISTNAME= mono-1.1.13.8.1 -PKGREVISION= 2 +PKGREVISION= 3 CATEGORIES= lang MASTER_SITES= http://go-mono.com/sources/mono-1.1/ diff --git a/lang/mono/distinfo b/lang/mono/distinfo index 856e4a2d162..3c4cd962411 100644 --- a/lang/mono/distinfo +++ b/lang/mono/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.30 2007/08/13 16:41:34 taca Exp $ +$NetBSD: distinfo,v 1.31 2007/11/05 11:28:50 drochner Exp $ SHA1 (mono-1.1.13.8.1.tar.gz) = f2cb79844073694859b1fb92eb770e3705239a3d RMD160 (mono-1.1.13.8.1.tar.gz) = a100a96b19300b253c12a2ad70caf65721418209 @@ -24,3 +24,5 @@ SHA1 (patch-bc) = bbf1a903cf7fee1dbd3a070b0ef0d5aecbdf67e2 SHA1 (patch-bd) = a52007ae22f8b23d20abf4a56e5b9d57ccd1fbbe SHA1 (patch-be) = d7a6232690ecd15c32ed44dcc498e596c248f332 SHA1 (patch-bf) = cbe6c7a401a183eccc73ffb45120486c1cbc75b8 +SHA1 (patch-ca) = 46c16c507f0b1f127561f03d95711c91b6b26820 +SHA1 (patch-cb) = c99543e4a5d2c968871d51780500731e31d4ea36 diff --git a/lang/mono/patches/patch-ca b/lang/mono/patches/patch-ca new file mode 100644 index 00000000000..d0f628ca580 --- /dev/null +++ b/lang/mono/patches/patch-ca @@ -0,0 +1,13 @@ +$NetBSD: patch-ca,v 1.1 2007/11/05 11:28:50 drochner Exp $ + +--- mcs/class/Mono.Security/Mono.Math/BigInteger.cs.orig 2007-11-05 11:47:52.000000000 +0100 ++++ mcs/class/Mono.Security/Mono.Math/BigInteger.cs +@@ -1574,7 +1574,7 @@ namespace Mono.Math { + uint j = 1; + + // Multiply and add +- for (; j < m.length; j++) { ++ for (; j < m.length && j < A.length; j++) { + c += (ulong)u_i * (ulong)*(mP++) + *(aSP++); + *(aDP++) = (uint)c; + c >>= 32; diff --git a/lang/mono/patches/patch-cb b/lang/mono/patches/patch-cb new file mode 100644 index 00000000000..dffe458dfec --- /dev/null +++ b/lang/mono/patches/patch-cb @@ -0,0 +1,13 @@ +$NetBSD: patch-cb,v 1.1 2007/11/05 11:28:51 drochner Exp $ + +--- mcs/class/corlib/Mono.Math/BigInteger.cs.orig 2007-11-05 11:48:57.000000000 +0100 ++++ mcs/class/corlib/Mono.Math/BigInteger.cs +@@ -1574,7 +1574,7 @@ namespace Mono.Math { + uint j = 1; + + // Multiply and add +- for (; j < m.length; j++) { ++ for (; j < m.length && j < A.length; j++) { + c += (ulong)u_i * (ulong)*(mP++) + *(aSP++); + *(aDP++) = (uint)c; + c >>= 32; |