01/01: gnu: grep: Apply fix for CVE-2015-1345.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/01: gnu: grep: Apply fix for CVE-2015-1345.

From:	Mark H. Weaver
Subject:	01/01: gnu: grep: Apply fix for CVE-2015-1345.
Date:	Thu, 26 Feb 2015 10:17:11 +0000

mhw pushed a commit to branch core-updates
in repository guix.

commit a068dba78bde9c83a69c755df1131c286d065850
Author: Mark H Weaver <address@hidden>
Date:   Thu Feb 26 04:26:16 2015 -0500

    gnu: grep: Apply fix for CVE-2015-1345.
    
    * gnu/packages/patches/grep-CVE-2015-1345.patch: New file.
    * gnu-system.am (dist_patch_DATA): Add it.
    * gnu/packages/base.scm (grep): Add patch.
---
 gnu-system.am                                 |    1 +
 gnu/packages/base.scm                         |    3 ++-
 gnu/packages/patches/grep-CVE-2015-1345.patch |   17 +++++++++++++++++
 3 files changed, 20 insertions(+), 1 deletions(-)

diff --git a/gnu-system.am b/gnu-system.am
index 561b66c..6849b9c 100644
--- a/gnu-system.am
+++ b/gnu-system.am
@@ -398,6 +398,7 @@ dist_patch_DATA =                                           
\
   gnu/packages/patches/gobject-introspection-absolute-shlib-path.patch \
   gnu/packages/patches/gobject-introspection-cc.patch          \
   gnu/packages/patches/gobject-introspection-girepository.patch        \
+  gnu/packages/patches/grep-CVE-2015-1345.patch                        \
   gnu/packages/patches/grub-gets-undeclared.patch              \
   gnu/packages/patches/gstreamer-0.10-bison3.patch             \
   gnu/packages/patches/gstreamer-0.10-silly-test.patch         \
diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm
index dae9ff0..698a6b6 100644
--- a/gnu/packages/base.scm
+++ b/gnu/packages/base.scm
@@ -73,7 +73,8 @@ command-line arguments, multiple languages, and so on.")
                                 version ".tar.xz"))
             (sha256
              (base32
-              "1pp5n15qwxrw1pibwjhhgsibyv5cafhamf8lwzjygs6y00fa2i2j"))))
+              "1pp5n15qwxrw1pibwjhhgsibyv5cafhamf8lwzjygs6y00fa2i2j"))
+            (patches (list (search-patch "grep-CVE-2015-1345.patch")))))
    (build-system gnu-build-system)
    (synopsis "Print lines matching a pattern")
    (description
diff --git a/gnu/packages/patches/grep-CVE-2015-1345.patch 
b/gnu/packages/patches/grep-CVE-2015-1345.patch
new file mode 100644
index 0000000..b0d0c8e
--- /dev/null
+++ b/gnu/packages/patches/grep-CVE-2015-1345.patch
@@ -0,0 +1,17 @@
+Fix CVE-2015-1345.  From upstream commit
+83a95bd8c8561875b948cadd417c653dbe7ef2e2
+by Yuliy Pisetsky <address@hidden>.
+
+diff --git a/src/kwset.c b/src/kwset.c
+index 4003c8d..376f7c3 100644
+--- a/src/kwset.c
++++ b/src/kwset.c
+@@ -643,6 +643,8 @@ bmexec_trans (kwset_t kwset, char const *text, size_t size)
+                     if (! tp)
+                       return -1;
+                     tp++;
++                    if (ep <= tp)
++                      break;
+                   }
+               }
+           }

[Prev in Thread]

Current Thread

[Next in Thread]

branch core-updates updated (8a00b93 -> a068dba), Mark H. Weaver, 2015/02/26
- 01/01: gnu: grep: Apply fix for CVE-2015-1345., Mark H. Weaver <=

Prev by Date: branch core-updates updated (8a00b93 -> a068dba)
Next by Date: branch master updated (baece08 -> e150917)
Previous by thread: branch core-updates updated (8a00b93 -> a068dba)
Next by thread: branch master updated (baece08 -> e150917)
Index(es):
- Date
- Thread