From d87262dd706fec50cd150aab3e93883b6337466d Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sat, 14 Jul 2018 20:56:41 +0100 Subject: gentoo resync : 14.07.2018 --- .../evince/files/3.24.2-CVE-2017-1000159.patch | 42 ---------------------- 1 file changed, 42 deletions(-) delete mode 100644 app-text/evince/files/3.24.2-CVE-2017-1000159.patch (limited to 'app-text/evince/files/3.24.2-CVE-2017-1000159.patch') diff --git a/app-text/evince/files/3.24.2-CVE-2017-1000159.patch b/app-text/evince/files/3.24.2-CVE-2017-1000159.patch deleted file mode 100644 index 80861fdc4dea..000000000000 --- a/app-text/evince/files/3.24.2-CVE-2017-1000159.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 350404c76dc8601e2cdd2636490e2afc83d3090e Mon Sep 17 00:00:00 2001 -From: Tobias Mueller -Date: Fri, 14 Jul 2017 12:52:14 +0200 -Subject: [PATCH] dvi: Mitigate command injection attacks by quoting filename - -With commit 1fcca0b8041de0d6074d7e17fba174da36c65f99 came a DVI backend. -It exports to PDF via the dvipdfm tool. -It calls that tool with the filename of the currently loaded document. -If that filename is cleverly crafted, it can escape the currently -used manual quoting of the filename. Instead of manually quoting the -filename, we use g_shell_quote. - -https://bugzilla.gnome.org/show_bug.cgi?id=784947 ---- - backend/dvi/dvi-document.c | 8 +++++--- - 1 file changed, 5 insertions(+), 3 deletions(-) - -diff --git a/backend/dvi/dvi-document.c b/backend/dvi/dvi-document.c -index 4a896e21..28877700 100644 ---- a/backend/dvi/dvi-document.c -+++ b/backend/dvi/dvi-document.c -@@ -300,12 +300,14 @@ dvi_document_file_exporter_end (EvFileExporter *exporter) - gboolean success; - - DviDocument *dvi_document = DVI_DOCUMENT(exporter); -+ gchar* quoted_filename = g_shell_quote (dvi_document->context->filename); - -- command_line = g_strdup_printf ("dvipdfm %s -o %s \"%s\"", /* dvipdfm -s 1,2,.., -o exporter_filename dvi_filename */ -+ command_line = g_strdup_printf ("dvipdfm %s -o %s %s", /* dvipdfm -s 1,2,.., -o exporter_filename dvi_filename */ - dvi_document->exporter_opts->str, - dvi_document->exporter_filename, -- dvi_document->context->filename); -- -+ quoted_filename); -+ g_free (quoted_filename); -+ - success = g_spawn_command_line_sync (command_line, - NULL, - NULL, --- -2.17.0 - -- cgit v1.2.3