Hi Leo, > The researcher's advisory recommends building UnZip with FORTIFY_SOURCE > to reduce the impact of the bug. The attached patch does that. […] > + ;; Mitigate CVE-2018-1000035, an exploitable buffer > overflow. > + ;; This environment variable is recommended in > 'unix/Makefile' > + ;; for passing flags to the C compiler. > + (setenv "LOCAL_UNZIP" "-D_FORTIFY_SOURCE=1") > + #t))))))))
This looks good to me. Thank you! -- Ricardo GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC https://elephly.net
