diff options
author | Ludovic Courtès <ludo@gnu.org> | 2017-09-10 12:00:25 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2017-09-10 12:00:25 +0200 |
commit | 67a37c63118519ccc5c24f3325bad6f29ab21e59 (patch) | |
tree | 63716c34ee71e7e8ff63f8bac51cee2b4980c432 | |
parent | 5db0a1cd5ac06259a3d0b220cc47cf7229ed0d3a (diff) |
gnu: foomatic-filters: Add missing patches.
This is a followup to commit d02aabaf1b57eda3ef052c70df1322f915e7c736.
* gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch: New file.
* gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add them.
-rw-r--r-- | gnu/local.mk | 2 | ||||
-rw-r--r-- | gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch | 14 | ||||
-rw-r--r-- | gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch | 13 |
3 files changed, 29 insertions, 0 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index 1ac9d5efea..8ffa13b3ee 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -610,6 +610,8 @@ dist_patch_DATA = \ %D%/packages/patches/fltk-shared-lib-defines.patch \ %D%/packages/patches/fltk-xfont-on-demand.patch \ %D%/packages/patches/fontforge-svg-modtime.patch \ + %D%/packages/patches/foomatic-filters-CVE-2015-8327.patch \ + %D%/packages/patches/foomatic-filters-CVE-2015-8560.patch \ %D%/packages/patches/freeimage-CVE-2015-0852.patch \ %D%/packages/patches/freeimage-CVE-2016-5684.patch \ %D%/packages/patches/freeimage-fix-build-with-gcc-5.patch \ diff --git a/gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch b/gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch new file mode 100644 index 0000000000..d9f0cc1212 --- /dev/null +++ b/gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch @@ -0,0 +1,14 @@ +Fix for <https://nvd.nist.gov/vuln/detail?vulnId=CVE-2015-8327>. + +--- a/util.c 2014-06-20 19:26:18 +0000 ++++ b/util.c 2015-10-30 15:45:03 +0000 +@@ -31,7 +31,7 @@ + #include <assert.h> + + +-const char* shellescapes = "|<>&!$\'\"#*?()[]{}"; ++const char* shellescapes = "|<>&!$\'\"`#*?()[]{}"; + + const char * temp_dir() + { + diff --git a/gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch b/gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch new file mode 100644 index 0000000000..d3c3024220 --- /dev/null +++ b/gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch @@ -0,0 +1,13 @@ +Fix for <https://nvd.nist.gov/vuln/detail?vulnId=CVE-2015-8560>. + +--- a/util.c 2015-10-30 15:45:03 +0000 ++++ b/util.c 2015-12-12 23:27:21 +0000 +@@ -31,7 +31,7 @@ + #include <assert.h> + + +-const char* shellescapes = "|<>&!$\'\"`#*?()[]{}"; ++const char* shellescapes = "|;<>&!$\'\"`#*?()[]{}"; + + const char * temp_dir() + { |