[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
05/05: gnu: a2ps: Fix CVE-2015-8107.
From: |
guix-commits |
Subject: |
05/05: gnu: a2ps: Fix CVE-2015-8107. |
Date: |
Wed, 10 Jul 2019 05:48:12 -0400 (EDT) |
efraim pushed a commit to branch master
in repository guix.
commit 841bddb4b45fd6e47a8991f74380ba20dacbe1be
Author: Efraim Flashner <address@hidden>
Date: Wed Jul 10 12:45:08 2019 +0300
gnu: a2ps: Fix CVE-2015-8107.
* gnu/packages/pretty-print.scm (a2ps)[source]: Add patch.
* gnu/packages/patches/a2ps-CVE-2015-8107.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
---
gnu/local.mk | 1 +
gnu/packages/patches/a2ps-CVE-2015-8107.patch | 80 +++++++++++++++++++++++++++
gnu/packages/pretty-print.scm | 5 +-
3 files changed, 84 insertions(+), 2 deletions(-)
diff --git a/gnu/local.mk b/gnu/local.mk
index 01c3ce0..2821cdc 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -660,6 +660,7 @@ dist_patch_DATA =
\
%D%/packages/patches/4store-unset-preprocessor-directive.patch \
%D%/packages/patches/a2ps-CVE-2001-1593.patch \
%D%/packages/patches/a2ps-CVE-2014-0466.patch \
+ %D%/packages/patches/a2ps-CVE-2015-8107.patch \
%D%/packages/patches/abiword-explictly-cast-bools.patch \
%D%/packages/patches/abiword-black-drawing-with-gtk322.patch \
%D%/packages/patches/acl-fix-perl-regex.patch \
diff --git a/gnu/packages/patches/a2ps-CVE-2015-8107.patch
b/gnu/packages/patches/a2ps-CVE-2015-8107.patch
new file mode 100644
index 0000000..5ea35d4
--- /dev/null
+++ b/gnu/packages/patches/a2ps-CVE-2015-8107.patch
@@ -0,0 +1,80 @@
+https://sources.debian.org/data/main/a/a2ps/1:4.14-2/debian/patches/fix-format-security.diff
+
+Index: b/lib/psgen.c
+===================================================================
+--- a/lib/psgen.c
++++ b/lib/psgen.c
+@@ -232,7 +232,7 @@
+ default:
+ *buf = '\0';
+ ps_escape_char (job, cp[i], buf);
+- output (jdiv, (char *) buf);
++ output (jdiv, "%s", (char *) buf);
+ break;
+ }
+ }
+Index: b/lib/output.c
+===================================================================
+--- a/lib/output.c
++++ b/lib/output.c
+@@ -525,7 +525,7 @@
+ expand_user_string (job, FIRST_FILE (job),
+ (const uchar *) "Expand: requirement",
+ (const uchar *) token));
+- output (dest, expansion);
++ output (dest, "%s", expansion);
+ continue;
+ }
+
+Index: b/lib/parseppd.y
+===================================================================
+--- a/lib/parseppd.y
++++ b/lib/parseppd.y
+@@ -154,7 +154,7 @@
+ void
+ yyerror (const char *msg)
+ {
+- error_at_line (1, 0, ppdfilename, ppdlineno, msg);
++ error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg);
+ }
+
+ /*
+Index: b/src/parsessh.y
+===================================================================
+--- a/src/parsessh.y
++++ b/src/parsessh.y
+@@ -740,7 +740,7 @@
+ void
+ yyerror (const char *msg)
+ {
+- error_at_line (1, 0, sshfilename, sshlineno, msg);
++ error_at_line (1, 0, sshfilename, sshlineno, "%s", msg);
+ }
+
+ /*
+Index: b/lib/parseppd.c
+===================================================================
+--- a/lib/parseppd.c
++++ b/lib/parseppd.c
+@@ -1707,7 +1707,7 @@
+ void
+ yyerror (const char *msg)
+ {
+- error_at_line (1, 0, ppdfilename, ppdlineno, msg);
++ error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg);
+ }
+
+ /*
+Index: b/src/parsessh.c
+===================================================================
+--- a/src/parsessh.c
++++ b/src/parsessh.c
+@@ -2639,7 +2639,7 @@
+ void
+ yyerror (const char *msg)
+ {
+- error_at_line (1, 0, sshfilename, sshlineno, msg);
++ error_at_line (1, 0, sshfilename, sshlineno, "%s", msg);
+ }
+
+ /*
diff --git a/gnu/packages/pretty-print.scm b/gnu/packages/pretty-print.scm
index 405ad08..7a5b98c 100644
--- a/gnu/packages/pretty-print.scm
+++ b/gnu/packages/pretty-print.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2016 Efraim Flashner <address@hidden>
+;;; Copyright © 2016, 2019 Efraim Flashner <address@hidden>
;;; Copyright © 2016 Ricardo Wurmus <address@hidden>
;;; Copyright © 2017 Marius Bakke <address@hidden>
;;; Copyright © 2017 Ludovic Courtès <address@hidden>
@@ -63,7 +63,8 @@
#t))
(patches (search-patches
"a2ps-CVE-2001-1593.patch"
- "a2ps-CVE-2014-0466.patch"))))
+ "a2ps-CVE-2014-0466.patch"
+ "a2ps-CVE-2015-8107.patch"))))
(build-system gnu-build-system)
(inputs
`(("psutils" ,psutils)
- branch master updated (11450f1 -> 841bddb), guix-commits, 2019/07/10
- 01/05: gnu: python-gnupg: Update to 0.4.4 [fixes CVE-2019-6690]., guix-commits, 2019/07/10
- 02/05: gnu: plib: Fix CVE-2011-4620, CVE-2012-4552., guix-commits, 2019/07/10
- 03/05: gnu: mujs: Update to 1.0.6 [fixes CVE-2019-1141{1, 2, 3}, CVE-2019-12798]., guix-commits, 2019/07/10
- 04/05: gnu: mupdf: Update to 1.15.0 [fixes CVE-2018-18662, CVE-2018-19777, CVE-2018-1988{1, 2}, CVE-2019-613{0, 1}, CVE-2019-7321]., guix-commits, 2019/07/10
- 05/05: gnu: a2ps: Fix CVE-2015-8107.,
guix-commits <=