mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2025-01-18 17:01:51 -05:00
d8862778c1
* gnu/packages/patches/graphicsmagick-CVE-2016-5118.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/imagemagick.scm (graphicsmagick): Use it.
19 lines
514 B
Diff
19 lines
514 B
Diff
Fix CVE-2016-5118 (popen() shell vulnerability via filename).
|
|
|
|
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5118
|
|
|
|
Upstream patch copied from the bug announcement:
|
|
http://seclists.org/oss-sec/2016/q2/432
|
|
https://marc.info/?l=oss-security&m=146455222600609&w=2
|
|
|
|
diff -r 33200fc645f6 magick/blob.c
|
|
--- a/magick/blob.c Sat Nov 07 14:49:16 2015 -0600
|
|
+++ b/magick/blob.c Sun May 29 14:12:57 2016 -0500
|
|
@@ -68,6 +68,7 @@
|
|
*/
|
|
#define DefaultBlobQuantum 65541
|
|
|
|
+#undef HAVE_POPEN
|
|
|
|
/*
|
|
Enum declarations.
|