Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- I can see some regressions, especially due to fetchzip rename c3255fe. - Darwin is only half-rebuilt on Hydra ATM. - But there quite a few security fixes within.
- Loading branch information
Showing
38 changed files
with
346 additions
and
204 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
11 changes: 11 additions & 0 deletions
11
pkgs/development/libraries/db/CVE-2017-10140-4.8-cwd-db_config.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
--- a/env/env_open.c.old 2017-06-26 10:32:11.011419981 +0200 | ||
+++ b/env/env_open.c 2017-06-26 10:32:46.893721233 +0200 | ||
@@ -473,7 +473,7 @@ | ||
env->db_mode = mode == 0 ? DB_MODE_660 : mode; | ||
|
||
/* Read the DB_CONFIG file. */ | ||
- if ((ret = __env_read_db_config(env)) != 0) | ||
+ if (env->db_home != NULL && (ret = __env_read_db_config(env)) != 0) | ||
return (ret); | ||
|
||
/* |
11 changes: 11 additions & 0 deletions
11
pkgs/development/libraries/db/CVE-2017-10140-cwd-db_config.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
--- db-5.3.28/src/env/env_open.c.old 2017-06-26 10:32:11.011419981 +0200 | ||
+++ db-5.3.28/src/env/env_open.c 2017-06-26 10:32:46.893721233 +0200 | ||
@@ -473,7 +473,7 @@ | ||
env->db_mode = mode == 0 ? DB_MODE_660 : mode; | ||
|
||
/* Read the DB_CONFIG file. */ | ||
- if ((ret = __env_read_db_config(env)) != 0) | ||
+ if (env->db_home != NULL && (ret = __env_read_db_config(env)) != 0) | ||
return (ret); | ||
|
||
/* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
36 changes: 36 additions & 0 deletions
36
pkgs/development/libraries/libarchive/CVE-2017-14166.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
From fa7438a0ff4033e4741c807394a9af6207940d71 Mon Sep 17 00:00:00 2001 | ||
From: Joerg Sonnenberger <joerg@bec.de> | ||
Date: Tue, 5 Sep 2017 18:12:19 +0200 | ||
Subject: [PATCH] Do something sensible for empty strings to make fuzzers | ||
happy. | ||
|
||
--- | ||
libarchive/archive_read_support_format_xar.c | 8 +++++++- | ||
1 file changed, 7 insertions(+), 1 deletion(-) | ||
|
||
diff --git a/libarchive/archive_read_support_format_xar.c b/libarchive/archive_read_support_format_xar.c | ||
index 7a22beb9d..93eeacc5e 100644 | ||
--- a/libarchive/archive_read_support_format_xar.c | ||
+++ b/libarchive/archive_read_support_format_xar.c | ||
@@ -1040,6 +1040,9 @@ atol10(const char *p, size_t char_cnt) | ||
uint64_t l; | ||
int digit; | ||
|
||
+ if (char_cnt == 0) | ||
+ return (0); | ||
+ | ||
l = 0; | ||
digit = *p - '0'; | ||
while (digit >= 0 && digit < 10 && char_cnt-- > 0) { | ||
@@ -1054,7 +1057,10 @@ atol8(const char *p, size_t char_cnt) | ||
{ | ||
int64_t l; | ||
int digit; | ||
- | ||
+ | ||
+ if (char_cnt == 0) | ||
+ return (0); | ||
+ | ||
l = 0; | ||
while (char_cnt-- > 0) { | ||
if (*p >= '0' && *p <= '7') |
28 changes: 28 additions & 0 deletions
28
pkgs/development/libraries/libarchive/CVE-2017-14502.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
From 5562545b5562f6d12a4ef991fae158bf4ccf92b6 Mon Sep 17 00:00:00 2001 | ||
From: Joerg Sonnenberger <joerg@bec.de> | ||
Date: Sat, 9 Sep 2017 17:47:32 +0200 | ||
Subject: [PATCH] Avoid a read off-by-one error for UTF16 names in RAR | ||
archives. | ||
|
||
Reported-By: OSS-Fuzz issue 573 | ||
--- | ||
libarchive/archive_read_support_format_rar.c | 6 +++++- | ||
1 file changed, 5 insertions(+), 1 deletion(-) | ||
|
||
diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c | ||
index cbb14c32d..751de6979 100644 | ||
--- a/libarchive/archive_read_support_format_rar.c | ||
+++ b/libarchive/archive_read_support_format_rar.c | ||
@@ -1496,7 +1496,11 @@ read_header(struct archive_read *a, struct archive_entry *entry, | ||
return (ARCHIVE_FATAL); | ||
} | ||
filename[filename_size++] = '\0'; | ||
- filename[filename_size++] = '\0'; | ||
+ /* | ||
+ * Do not increment filename_size here as the computations below | ||
+ * add the space for the terminating NUL explicitly. | ||
+ */ | ||
+ filename[filename_size] = '\0'; | ||
|
||
/* Decoded unicode form is UTF-16BE, so we have to update a string | ||
* conversion object for it. */ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
Oops, something went wrong.