diff options
Diffstat (limited to 'media-gfx/gimp/files/gimp-2.8.22-cve-2017-17788.patch')
| -rw-r--r-- | media-gfx/gimp/files/gimp-2.8.22-cve-2017-17788.patch | 29 |
1 files changed, 0 insertions, 29 deletions
diff --git a/media-gfx/gimp/files/gimp-2.8.22-cve-2017-17788.patch b/media-gfx/gimp/files/gimp-2.8.22-cve-2017-17788.patch deleted file mode 100644 index 2bf16b85e607..000000000000 --- a/media-gfx/gimp/files/gimp-2.8.22-cve-2017-17788.patch +++ /dev/null @@ -1,29 +0,0 @@ -From: Hanno Boeck <hanno@hboeck.de> -Date: Mon, 27 Nov 2017 00:37:29 +0100 -Subject: 790783 - buffer overread in XCF parser if version field... -Origin: https://git.gnome.org/browse/GIMP/commit/?id=702c4227e8b6169f781e4bb5ae4b5733f51ab126 -Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-17788 -Bug-Debian: https://bugs.debian.org/885347 -Bug: https://bugzilla.gnome.org/show_bug.cgi?id=790783 - -...has no null terminator - -Check for the presence of '\0' before using atoi() on the version -string. Patch slightly modified (mitch). -[carnil: backport to gimp-2-8: affected code in xcf_load_invoker] ---- - app/xcf/xcf.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - ---- a/app/xcf/xcf.c -+++ b/app/xcf/xcf.c -@@ -318,7 +318,8 @@ xcf_load_invoker (GimpProcedure *pr - { - info.file_version = 0; - } -- else if (id[9] == 'v') -+ else if (id[9] == 'v' && -+ id[13] == '\0') - { - info.file_version = atoi (id + 10); - } |