gnu: foomatic-filters: Add missing patches.

This is a followup to commit d02aabaf1b.

* gnu/packages/patches/foomatic-filters-CVE-2015-8327.patch: New file.
* gnu/packages/patches/foomatic-filters-CVE-2015-8560.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add them.
This commit is contained in:
Ludovic Courtès 2017-09-10 12:00:25 +02:00
parent 5db0a1cd5a
commit 67a37c6311
No known key found for this signature in database
GPG key ID: 090B11993D9AEBB5
3 changed files with 29 additions and 0 deletions

View file

@ -610,6 +610,8 @@ dist_patch_DATA = \
%D%/packages/patches/fltk-shared-lib-defines.patch \ %D%/packages/patches/fltk-shared-lib-defines.patch \
%D%/packages/patches/fltk-xfont-on-demand.patch \ %D%/packages/patches/fltk-xfont-on-demand.patch \
%D%/packages/patches/fontforge-svg-modtime.patch \ %D%/packages/patches/fontforge-svg-modtime.patch \
%D%/packages/patches/foomatic-filters-CVE-2015-8327.patch \
%D%/packages/patches/foomatic-filters-CVE-2015-8560.patch \
%D%/packages/patches/freeimage-CVE-2015-0852.patch \ %D%/packages/patches/freeimage-CVE-2015-0852.patch \
%D%/packages/patches/freeimage-CVE-2016-5684.patch \ %D%/packages/patches/freeimage-CVE-2016-5684.patch \
%D%/packages/patches/freeimage-fix-build-with-gcc-5.patch \ %D%/packages/patches/freeimage-fix-build-with-gcc-5.patch \

View file

@ -0,0 +1,14 @@
Fix for <https://nvd.nist.gov/vuln/detail?vulnId=CVE-2015-8327>.
--- a/util.c 2014-06-20 19:26:18 +0000
+++ b/util.c 2015-10-30 15:45:03 +0000
@@ -31,7 +31,7 @@
#include <assert.h>
-const char* shellescapes = "|<>&!$\'\"#*?()[]{}";
+const char* shellescapes = "|<>&!$\'\"`#*?()[]{}";
const char * temp_dir()
{

View file

@ -0,0 +1,13 @@
Fix for <https://nvd.nist.gov/vuln/detail?vulnId=CVE-2015-8560>.
--- a/util.c 2015-10-30 15:45:03 +0000
+++ b/util.c 2015-12-12 23:27:21 +0000
@@ -31,7 +31,7 @@
#include <assert.h>
-const char* shellescapes = "|<>&!$\'\"`#*?()[]{}";
+const char* shellescapes = "|;<>&!$\'\"`#*?()[]{}";
const char * temp_dir()
{