[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] gnu: mupdf: Fix CVE-2016-8674.
|
From: |
Kei Kebreau |
|
Subject: |
Re: [PATCH] gnu: mupdf: Fix CVE-2016-8674. |
|
Date: |
Tue, 25 Oct 2016 23:49:18 -0400 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) |
Mark H Weaver <address@hidden> writes:
> Leo Famulari <address@hidden> writes:
>
>> On Tue, Oct 25, 2016 at 12:53:28PM -0400, Kei Kebreau wrote:
>>> Fix for
>>> https://blogs.gentoo.org/ago/2016/09/22/mupdf-use-after-free-in-pdf_to_num-pdf-object-c/.
>>
>>> From 97312c3c9e13688081aa513d1c94a9fff1274f75 Mon Sep 17 00:00:00 2001
>>> From: Kei Kebreau <address@hidden>
>>> Date: Tue, 25 Oct 2016 12:49:52 -0400
>>> Subject: [PATCH] gnu: mupdf: Fix CVE-2016-8674.
>>>
>>> * gnu/packages/patches/mupdf-CVE-2016-8674.patch: New file.
>>> * gnu/local.mk (dist_patch_DATA): Add it.
>>> * gnu/packages/pdf.scm (mupdf): Use it.
>>
>> Thank you, please push!
>
> mupdf-CVE-2016-8674.patch fails to apply:
>
> https://hydra.gnu.org/build/1581228/nixlog/2/tail-reload
>
> Kei, did you test this?
>
> Mark
I did not. It was a bad slip up, as I tested all of the rest of my
patches today. I'll be significantly more careful with future security
commits.
Is it frowned upon to revert that commit on its own (it's the third to
last commit as I write this), or should I attempt to patch on top of it?
signature.asc
Description: PGP signature