Git-Url: 
http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=3544127928d88971eb582a9c224011be4a8b020c

commit 3544127928d88971eb582a9c224011be4a8b020c
Author: Miklos Vajna <vmik...@frugalware.org>
Date:   Wed Jan 20 16:23:12 2010 +0100

gzip-1.3.13-2-i686

- add CVE-2010-0001.patch

diff --git a/source/base/gzip/CVE-2010-0001.patch 
b/source/base/gzip/CVE-2010-0001.patch
new file mode 100644
index 0000000..400b850
--- /dev/null
+++ b/source/base/gzip/CVE-2010-0001.patch
@@ -0,0 +1,12 @@
+--- gzip-1.3.13/unlzw.c.orig   2010-01-20 16:10:44.000000000 +0100
++++ gzip-1.3.13/unlzw.c        2010-01-20 16:11:02.000000000 +0100
+@@ -244,7 +244,8 @@
+       int  o;
+
+     resetbuf:
+-      e = insize-(o = (posbits>>3));
++      o = posbits >> 3;
++      e = o <= insize ? insize - o : 0;
+
+       for (i = 0 ; i < e ; ++i) {
+           inbuf[i] = inbuf[i+o];
diff --git a/source/base/gzip/FrugalBuild b/source/base/gzip/FrugalBuild
index a8c7b52..2c85343 100644
--- a/source/base/gzip/FrugalBuild
+++ b/source/base/gzip/FrugalBuild
@@ -4,7 +4,7 @@

pkgname=gzip
pkgver=1.3.13
-pkgrel=1
+pkgrel=2
pkgdesc="A file compression utility"
url="http://www.gzip.org";
depends=('bash>=3.2_039-3')
@@ -12,12 +12,13 @@ replaces=('gzip-devel')
groups=('base' 'chroot-core')
archs=('i686' 'x86_64' 'ppc')
Fup2gnugz
-source=(ftp://ftp.gnu.org/pub/gnu/gzip/gzip-$pkgver.tar.gz)
-signatures=($source.sig)
+source=(ftp://ftp.gnu.org/pub/gnu/gzip/gzip-$pkgver.tar.gz CVE-2010-0001.patch)
+signatures=($source.sig '')

build()
{
Fbuild
+       make check || Fdie
Fmkdir /bin
for i in gunzip gzip uncompress zcat
do
_______________________________________________
Frugalware-git mailing list
Frugalware-git@frugalware.org
http://frugalware.org/mailman/listinfo/frugalware-git

Reply via email to