diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2017-10-09 18:53:29 +0100 |
commit | 4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch) | |
tree | ba5f07bf3f9d22d82e54a462313f5d244036c768 /dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7376.patch |
reinit the tree, so we can have metadata
Diffstat (limited to 'dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7376.patch')
-rw-r--r-- | dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7376.patch | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7376.patch b/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7376.patch new file mode 100644 index 000000000000..14ec773608b6 --- /dev/null +++ b/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7376.patch @@ -0,0 +1,31 @@ +From 43cd3b6222bda2332e963eb1c9ead78f29912b0a Mon Sep 17 00:00:00 2001 +From: Daniel Veillard <veillard@redhat.com> +Date: Fri, 7 Apr 2017 17:13:28 +0200 +Subject: [PATCH 2/3] Increase buffer space for port in HTTP redirect support + +For https://bugzilla.gnome.org/show_bug.cgi?id=780690 + +nanohttp.c: the code wrongly assumed a short int port value. +--- + nanohttp.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/nanohttp.c b/nanohttp.c +index 26e4290e..9c17530e 100644 +--- a/nanohttp.c ++++ b/nanohttp.c +@@ -1423,9 +1423,9 @@ retry: + if (ctxt->port != 80) { + /* reserve space for ':xxxxx', incl. potential proxy */ + if (proxy) +- blen += 12; ++ blen += 17; + else +- blen += 6; ++ blen += 11; + } + bp = (char*)xmlMallocAtomic(blen); + if ( bp == NULL ) { +-- +2.14.1 + |