On Tue, Feb 13, 2018 at 09:01:44AM +0100, Ricardo Wurmus wrote: > > Hi Leo, > > > The researcher's advisory recommends building UnZip with FORTIFY_SOURCE > > to reduce the impact of the bug. The attached patch does that. > […] > > + ;; Mitigate CVE-2018-1000035, an exploitable buffer > > overflow. > > + ;; This environment variable is recommended in > > 'unix/Makefile' > > + ;; for passing flags to the C compiler. > > + (setenv "LOCAL_UNZIP" "-D_FORTIFY_SOURCE=1") > > + #t)))))))) > > This looks good to me. Thank you!
Thanks, pushed as 77737e035491112a1e9c7d9a0e6f1e0397a4f930
Description: PGP signature