diff options
| author | Ludovic Courtès <ludo@gnu.org> | 2019-06-13 13:24:35 +0200 |
|---|---|---|
| committer | Ludovic Courtès <ludo@gnu.org> | 2019-06-13 13:24:35 +0200 |
| commit | d9bbfe042e06df35c12e4b8f53bfb1889cba90bf (patch) | |
| tree | 9f34077cd824e8955be4ed2b5f1a459aa8076489 /gnu/packages/patches/libevent-2.0-CVE-2016-10196.patch | |
| parent | f87a7cc60e058d2e07560d0d602747b567d9dce4 (diff) | |
| parent | 47f2168b6fabb105565526b2a1243eeeb13008fe (diff) | |
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu/packages/patches/libevent-2.0-CVE-2016-10196.patch')
| -rw-r--r-- | gnu/packages/patches/libevent-2.0-CVE-2016-10196.patch | 41 |
1 files changed, 0 insertions, 41 deletions
diff --git a/gnu/packages/patches/libevent-2.0-CVE-2016-10196.patch b/gnu/packages/patches/libevent-2.0-CVE-2016-10196.patch deleted file mode 100644 index 03f96e938b..0000000000 --- a/gnu/packages/patches/libevent-2.0-CVE-2016-10196.patch +++ /dev/null @@ -1,41 +0,0 @@ -Fix CVE-2016-10196 (buffer overflow in evutil): - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10196 -https://github.com/libevent/libevent/issues/318 - -Patch copied from upstream source repository: - -https://github.com/libevent/libevent/commit/329acc18a0768c21ba22522f01a5c7f46cacc4d5 - -From 28bdc2f3f62259d21ccaf7be2b60ef0a53e6f342 Mon Sep 17 00:00:00 2001 -From: Azat Khuzhin <a3at.mail@gmail.com> -Date: Sun, 31 Jan 2016 00:57:16 +0300 -Subject: [PATCH] evutil_parse_sockaddr_port(): fix buffer overflow - ---- - evutil.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/evutil.c b/evutil.c -index 33445170..e2dfe6e4 100644 ---- a/evutil.c -+++ b/evutil.c -@@ -1808,12 +1808,12 @@ evutil_parse_sockaddr_port(const char *ip_as_string, struct sockaddr *out, int * - - cp = strchr(ip_as_string, ':'); - if (*ip_as_string == '[') { -- int len; -+ size_t len; - if (!(cp = strchr(ip_as_string, ']'))) { - return -1; - } -- len = (int) ( cp-(ip_as_string + 1) ); -- if (len > (int)sizeof(buf)-1) { -+ len = ( cp-(ip_as_string + 1) ); -+ if (len > sizeof(buf)-1) { - return -1; - } - memcpy(buf, ip_as_string+1, len); --- -2.11.0 - |