Skip to content
GitLab
Explore
Sign in
Register
Primary navigation
Search or go to…
Project
aports
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Model registry
Monitor
Service Desk
Analyze
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
alpine
aports
Commits
8232ba5e
Commit
8232ba5e
authored
3 years ago
by
Ariadne Conill
Browse files
Options
Downloads
Patches
Plain Diff
main/patch: add mitigation for CVE-2019-20633
parent
9a74d65c
No related branches found
No related tags found
No related merge requests found
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
main/patch/APKBUILD
+9
-3
9 additions, 3 deletions
main/patch/APKBUILD
main/patch/CVE-2019-20633.patch
+26
-0
26 additions, 0 deletions
main/patch/CVE-2019-20633.patch
with
35 additions
and
3 deletions
main/patch/APKBUILD
+
9
−
3
View file @
8232ba5e
...
...
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname
=
patch
pkgver
=
2.7.6
pkgrel
=
6
pkgrel
=
7
pkgdesc
=
"Utility to apply diffs to files"
url
=
"https://www.gnu.org/software/patch/patch.html"
arch
=
"all"
...
...
@@ -20,10 +20,13 @@ source="https://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.xz
0002-Fix-arbitrary-command-execution-in-ed-style-patches-.patch
CVE-2019-13636.patch
CVE-2019-13638.patch
CVE-2019-20633.patch
"
builddir
=
"
$srcdir
"
/
$pkgname
-
$pkgver
# secfixes:
# 2.7.6-r7:
# - CVE-2019-20633
# 2.7.6-r6:
# - CVE-2018-1000156
# - CVE-2019-13638
...
...
@@ -66,10 +69,13 @@ package() {
rmdir
-p
"
$pkgdir
"
/usr/lib 2>/dev/null
||
true
}
sha512sums
=
"fcca87bdb67a88685a8a25597f9e015f5e60197b9a269fa350ae35a7991ed8da553939b4bbc7f7d3cfd863c67142af403b04165633acbce4339056a905e87fbd patch-2.7.6.tar.xz
sha512sums
=
"
fcca87bdb67a88685a8a25597f9e015f5e60197b9a269fa350ae35a7991ed8da553939b4bbc7f7d3cfd863c67142af403b04165633acbce4339056a905e87fbd patch-2.7.6.tar.xz
db51d0b791d38dd4f1b373621ee18620ae339b172f58a79420fdaa4a4b1b1d9df239cf61bbddc4e6a4896b28b8cffc7c99161eb5e2facaec8df86a1bf7755bc0 CVE-2018-6951.patch
5d2eaef629bae92e5b4e5e57d140c24a73e2811306d5f2854858f846646b034d2da315071f478bcf6f8d856a065b9bb073f76322e8e3a42616bc212281ce6945 CVE-2018-6952.patch
33e8a82f5ee6b896fd434e7de1ca9e16e8d317941a021bea8c53afd5bf210774e8727df22f8d8f63f255de10de5a26428047bc710b033423d1e7a459cbbaf83a 0001-Allow-input-files-to-be-missing-for-ed-style-patches.patch
d0d46e28c5fdcd5fe16826cbcf39d5a74fdf2593375d5206aa7bad759f16dbebeca3bf259239f99c13344579044a3de1000d705065cc19e917266bca6e5c0630 0002-Fix-arbitrary-command-execution-in-ed-style-patches-.patch
029b92bb899d0b1165cfe7f55b5a4c2d7090852f52e5c85a6bb1cf5913c914a5c68c6c34517e84f0a020a56d21814f8c18b934c8ebe059ba4eddece78a3a258c CVE-2019-13636.patch
d60f8c2364fca9b73aa73b5914cfd6571d11528d13fa7703ccfa93730cbdf8a6e4c9ca04cb7d02a40d33c38075890790b490052d5217e728b0948991da937980 CVE-2019-13638.patch"
d60f8c2364fca9b73aa73b5914cfd6571d11528d13fa7703ccfa93730cbdf8a6e4c9ca04cb7d02a40d33c38075890790b490052d5217e728b0948991da937980 CVE-2019-13638.patch
e988836c90946282e70fca0fe29a52405a357b14bfdc8fce3afb680d7d1b25c4bf9d9cbc5612e3bb2d9379192635d7f1bf1b7b16c23b13d77450ec87dc5e3fe4 CVE-2019-20633.patch
"
This diff is collapsed.
Click to expand it.
main/patch/CVE-2019-20633.patch
0 → 100644
+
26
−
0
View file @
8232ba5e
From 15b158db3ae11cb835f2eb8d2eb48e09d1a4af48 Mon Sep 17 00:00:00 2001
From: Andreas Gruenbacher <agruen@gnu.org>
Date: Mon, 15 Jul 2019 19:10:02 +0200
Subject: Avoid invalid memory access in context format diffs
* src/pch.c (another_hunk): Avoid invalid memory access in context format
diffs.
---
src/pch.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/pch.c b/src/pch.c
index a500ad9..cb54e03 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -1328,6 +1328,7 @@
another_hunk (enum diff difftype, bool rev)
ptrn_prefix_context = context;
ptrn_suffix_context = context;
if (repl_beginning
+ || p_end <= 0
|| (p_end
!= p_ptrn_lines + 1 + (p_Char[p_end - 1] == '\n')))
{
--
cgit v1.2.1
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment