diff options
Diffstat (limited to 'meta/recipes-devtools/dpkg/dpkg/dpkg-CVE-2015-0860.patch')
-rw-r--r-- | meta/recipes-devtools/dpkg/dpkg/dpkg-CVE-2015-0860.patch | 35 |
1 files changed, 0 insertions, 35 deletions
diff --git a/meta/recipes-devtools/dpkg/dpkg/dpkg-CVE-2015-0860.patch b/meta/recipes-devtools/dpkg/dpkg/dpkg-CVE-2015-0860.patch deleted file mode 100644 index 2fd3c3bb90..0000000000 --- a/meta/recipes-devtools/dpkg/dpkg/dpkg-CVE-2015-0860.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 708e60ea4e16afb1d85da60dd73cb374a987653d Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Hanno=20B=C3=B6ck?= <hanno@hboeck.de> -Date: Thu, 19 Nov 2015 20:03:10 +0100 -Subject: [PATCH 1/1] dpkg-deb: Fix off-by-one write access on ctrllenbuf - variable - -This affects old format .deb packages. - -CVE: CVE-2015-0860 -Warned-by: afl -Signed-off-by: Guillem Jover <guillem@debian.org> - -Upstream-Status: Backport - -Signed-off-by: Catalin Enache <catalin.enache@windriver.com> ---- - dpkg-deb/extract.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/dpkg-deb/extract.c b/dpkg-deb/extract.c -index 5a9587a..e39fb35 100644 ---- a/dpkg-deb/extract.c -+++ b/dpkg-deb/extract.c -@@ -247,7 +247,7 @@ extracthalf(const char *debar, const char *dir, - if (errstr) - ohshit(_("archive has invalid format version: %s"), errstr); - -- r = read_line(arfd, ctrllenbuf, 1, sizeof(ctrllenbuf)); -+ r = read_line(arfd, ctrllenbuf, 1, sizeof(ctrllenbuf) - 1); - if (r < 0) - read_fail(r, debar, _("archive control member size")); - if (sscanf(ctrllenbuf, "%jd%c%d", &ctrllennum, &nlc, &dummy) != 2 || --- -1.9.1 - |