gnu: sharutils: Fix CVE-2018-1000097.

* gnu/packages/patches/sharutils-CVE-2018-1000097.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/compression.scm (sharutils)[source](patches): Use it.
This commit is contained in:
Marius Bakke 2018-04-15 17:48:37 +02:00
parent 452454e30c
commit d0ee11b2f0
No known key found for this signature in database
GPG key ID: A2A06DF2A33A54FA
3 changed files with 23 additions and 0 deletions

View file

@ -1093,6 +1093,7 @@ dist_patch_DATA = \
%D%/packages/patches/sdl-libx11-1.6.patch \ %D%/packages/patches/sdl-libx11-1.6.patch \
%D%/packages/patches/seq24-rename-mutex.patch \ %D%/packages/patches/seq24-rename-mutex.patch \
%D%/packages/patches/shadow-CVE-2018-7169.patch \ %D%/packages/patches/shadow-CVE-2018-7169.patch \
%D%/packages/patches/sharutils-CVE-2018-1000097.patch \
%D%/packages/patches/shishi-fix-libgcrypt-detection.patch \ %D%/packages/patches/shishi-fix-libgcrypt-detection.patch \
%D%/packages/patches/slim-session.patch \ %D%/packages/patches/slim-session.patch \
%D%/packages/patches/slim-config.patch \ %D%/packages/patches/slim-config.patch \

View file

@ -533,6 +533,7 @@ (define-public sharutils
(method url-fetch) (method url-fetch)
(uri (string-append "mirror://gnu/sharutils/sharutils-" (uri (string-append "mirror://gnu/sharutils/sharutils-"
version ".tar.xz")) version ".tar.xz"))
(patches (search-patches "sharutils-CVE-2018-1000097.patch"))
(sha256 (sha256
(base32 (base32
"16isapn8f39lnffc3dp4dan05b7x6mnc76v6q5nn8ysxvvvwy19b")))) "16isapn8f39lnffc3dp4dan05b7x6mnc76v6q5nn8ysxvvvwy19b"))))

View file

@ -0,0 +1,21 @@
Fix CVE-2018-1000097:
https://security-tracker.debian.org/tracker/CVE-2018-1000097
https://nvd.nist.gov/vuln/detail/CVE-2018-1000097
Patch taken from upstream bug report:
https://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg00005.html
diff --git a/src/unshar.c b/src/unshar.c
index 80bc3a9..0fc3773 100644
--- a/src/unshar.c
+++ b/src/unshar.c
@@ -240,7 +240,7 @@ find_archive (char const * name, FILE * file, off_t start)
off_t position = ftello (file);
/* Read next line, fail if no more and no previous process. */
- if (!fgets (rw_buffer, BUFSIZ, file))
+ if (!fgets (rw_buffer, rw_base_size, file))
{
if (!start)
error (0, 0, _("Found no shell commands in %s"), name);