Hello community,

here is the log from the commit of package openslp for openSUSE:Factory checked 
in at 2016-10-14 09:27:34
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/openslp (Old)
 and      /work/SRC/openSUSE:Factory/.openslp.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "openslp"

Changes:
--------
--- /work/SRC/openSUSE:Factory/openslp/openslp.changes  2016-09-17 
14:36:51.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.openslp.new/openslp.changes     2016-10-14 
09:27:35.000000000 +0200
@@ -1,0 +2,7 @@
+Wed Oct 12 13:53:08 CEST 2016 - m...@suse.de
+
+- Fix bounds check in SLPFoldWhiteSpace
+  [bnc#1001600] [CVE-2016-7567]
+  new patch: openslp.foldws.diff
+
+-------------------------------------------------------------------

New:
----
  openslp.foldws.diff

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ openslp.spec ++++++
--- /var/tmp/diff_new_pack.tyHvLR/_old  2016-10-14 09:27:36.000000000 +0200
+++ /var/tmp/diff_new_pack.tyHvLR/_new  2016-10-14 09:27:36.000000000 +0200
@@ -61,6 +61,7 @@
 Patch14:        openslp.doubleequal.diff
 Patch15:        openslp.noconvenience.diff
 Patch16:        openslp.xrealloc.diff
+Patch17:        openslp.foldws.diff
 
 %description
 Service Location Protocol is an IETF standards track protocol that
@@ -129,6 +130,7 @@
 %patch14
 %patch15
 %patch16
+%patch17
 
 %build
 autoreconf -fiv

++++++ openslp.foldws.diff ++++++
--- ./common/slp_compare.c.orig 2016-10-12 11:44:17.925163946 +0000
+++ ./common/slp_compare.c      2016-10-12 11:50:22.658115399 +0000
@@ -204,7 +204,7 @@ static int SLPFoldWhiteSpace(size_t len,
       if (isspace(*p))
       {
          char * ws2p = ++p;         /* Point ws2p to the second ws char. */
-         while (isspace(*p))        /* Scan till we hit a non-ws char. */
+         while (p < ep && isspace(*p)) /* Scan till we hit a non-ws char. */
             p++;
          len -= p - ws2p;           /* Reduce the length by extra ws. */
          memmove(ws2p, p, ep - p);  /* Overwrite the extra white space. */


Reply via email to