aboutsummaryrefslogtreecommitdiff
path: root/debian
diff options
context:
space:
mode:
authorMike Gabriel <mike.gabriel@das-netzwerkteam.de>2015-02-16 09:57:17 +0100
committerMike Gabriel <mike.gabriel@das-netzwerkteam.de>2015-02-16 10:05:33 +0100
commitac2937e717f29e38583eca34657988e7b6da7eb6 (patch)
tree9957f2574172bda4066b521403fc50abecccb3db /debian
parent650181c23b32378b4ec829880cc20700bf5b2ddf (diff)
downloadnx-libs-ac2937e717f29e38583eca34657988e7b6da7eb6.tar.gz
nx-libs-ac2937e717f29e38583eca34657988e7b6da7eb6.tar.bz2
nx-libs-ac2937e717f29e38583eca34657988e7b6da7eb6.zip
Update 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch. Fix broken comment paragraph, whitespace fix.
Diffstat (limited to 'debian')
-rw-r--r--debian/changelog2
-rw-r--r--debian/patches/1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch19
2 files changed, 12 insertions, 9 deletions
diff --git a/debian/changelog b/debian/changelog
index 523d7a5a2..05a86f477 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -31,6 +31,8 @@ nx-libs (2:3.5.0.29-0x2go2) UNRELEASED; urgency=medium
rely on nxproxy/Makefile.in.
* Makefile.nx-libs: Fix uninstall-lite rule. The nxproxy and nxcomp
uninstallation has to be in uninstall-lite, not in uninstall-full.
+ * Update 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch.
+ Fix broken comment paragraph, whitespace fix.
* NX code reduction efforts (from 93Mb to 41Mb):
- Drop more unused code in nx-X11/programs/Xserver/hw/. Do this in
diff --git a/debian/patches/1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch b/debian/patches/1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch
index 04910353c..9ea330101 100644
--- a/debian/patches/1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch
+++ b/debian/patches/1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch
@@ -1,4 +1,4 @@
-From 6acafc9334828da22446380c81af81bde14b5d86 Mon Sep 17 00:00:00 2001
+From 36368e658a2b83753230af5296978ce27f468d8b Mon Sep 17 00:00:00 2001
From: Joerg Sonnenberger <joerg@britannica.bec.de>
Date: Sun, 21 Aug 2011 18:51:53 +0200
Subject: [PATCH 02/02] Do proper input validation to fix for CVE-2011-2895.
@@ -9,6 +9,7 @@ validation of the LZW stream and doesn't pessimize the inner loop for
no good reason. It's derived from a change in libarchive from 2004.
v2: backports to nx-libs 3.6.x (Mihai Moldovan)
+v3: fix comment lines starting with "+" + whitespace fixes (Mike Gabriel)
Signed-off-by: Matthieu Herrb <matthieu.herrb@laas.fr>
Reviewed-by: Tomas Hoger <thoger@redhat.com>
---
@@ -16,7 +17,7 @@ Reviewed-by: Tomas Hoger <thoger@redhat.com>
1 file changed, 17 insertions(+), 14 deletions(-)
diff --git a/nx-X11/lib/font/fontfile/decompress.c b/nx-X11/lib/font/fontfile/decompress.c
-index 553b315..12b9f0a 100644
+index 553b315..c7e649f 100644
--- a/nx-X11/lib/font/fontfile/decompress.c
+++ b/nx-X11/lib/font/fontfile/decompress.c
@@ -99,7 +99,7 @@ static char_type magic_header[] = { "\037\235" }; /* 1F 9D */
@@ -78,12 +79,12 @@ index 553b315..12b9f0a 100644
code = oldcode;
}
-
-++ /*
-++ * The above condition ensures that code < free_ent.
-++ * The construction of tab_prefixof in turn guarantees that
-++ * each iteration decreases code and therefore stack usage is
-++ * bound by 1 << BITS - 256.
-++ */
++ /*
++ * The above condition ensures that code < free_ent.
++ * The construction of tab_prefixof in turn guarantees that
++ * each iteration decreases code and therefore stack usage is
++ * bound by 1 << BITS - 256.
++ */
+
/*
* Generate output characters in reverse order
@@ -100,7 +101,7 @@ index 553b315..12b9f0a 100644
* Generate the new entry.
*/
- if ( (code=file->free_ent) < file->maxmaxcode ) {
-+ if ( (code=file->free_ent) < file->maxmaxcode && oldcode != -1) {
++ if ( (code=file->free_ent) < file->maxmaxcode && oldcode != -1) {
file->tab_prefix[code] = (unsigned short)oldcode;
file->tab_suffix[code] = finchar;
file->free_ent = code+1;