diff options
| author | dinoex <dinoex@FreeBSD.org> | 2015-11-17 02:38:56 +0800 |
|---|---|---|
| committer | dinoex <dinoex@FreeBSD.org> | 2015-11-17 02:38:56 +0800 |
| commit | 0bc38fb8a52d36532fc56a36943b41586d5b1d2a (patch) | |
| tree | fbf2979cee86170e692147b193cc3c3704954d03 /print/a2ps | |
| parent | 8f22f2528a06c8e5e8f50188c9e8993fca9bea62 (diff) | |
| download | freebsd-ports-gnome-0bc38fb8a52d36532fc56a36943b41586d5b1d2a.tar.gz freebsd-ports-gnome-0bc38fb8a52d36532fc56a36943b41586d5b1d2a.tar.zst freebsd-ports-gnome-0bc38fb8a52d36532fc56a36943b41586d5b1d2a.zip | |
- fix for malicious crafted a2ps prologue files
Security: CVE-2015-8107
Security: http://www.openwall.com/lists/oss-security/2015/11/16/4
Submitted by: feld
Obtained from: http://www.openwall.com/
Diffstat (limited to 'print/a2ps')
| -rw-r--r-- | print/a2ps/files/patch-output.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/print/a2ps/files/patch-output.c b/print/a2ps/files/patch-output.c new file mode 100644 index 000000000000..691d2d15dc5d --- /dev/null +++ b/print/a2ps/files/patch-output.c @@ -0,0 +1,13 @@ +Fix for CVE-2015-8107 +http://www.openwall.com/lists/oss-security/2015/11/16/4 +--- lib/output.c.orig 2015-11-16 15:29:38 UTC ++++ lib/output.c +@@ -525,7 +525,7 @@ output_file (struct output * out, a2ps_j + expand_user_string (job, FIRST_FILE (job), + (const uchar *) "Expand: requirement", + (const uchar *) token)); +- output (dest, expansion); ++ output (dest, "%s", expansion); + continue; + } + |