Hello community, here is the log from the commit of package mpfr for openSUSE:Factory checked in at 2015-01-10 23:04:52 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/mpfr (Old) and /work/SRC/openSUSE:Factory/.mpfr.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "mpfr" Changes: -------- --- /work/SRC/openSUSE:Factory/mpfr/mpfr.changes 2013-07-30 18:40:36.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.mpfr.new/mpfr.changes 2015-01-10 23:04:56.000000000 +0100 @@ -1,0 +2,6 @@ +Thu Jan 8 09:55:31 UTC 2015 - rguent...@suse.com + +- Add mpfr-3.1.2-patch11.diff to fix possible buffer overflow in + mpfr_strtofr (CVE-2014-9474). [bnc#911812] + +------------------------------------------------------------------- New: ---- mpfr-3.1.2-patch11.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mpfr.spec ++++++ --- /var/tmp/diff_new_pack.CVxHrH/_old 2015-01-10 23:04:56.000000000 +0100 +++ /var/tmp/diff_new_pack.CVxHrH/_new 2015-01-10 23:04:56.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package mpfr # -# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -26,6 +26,7 @@ Url: http://www.mpfr.org/ Source: http://www.mpfr.org/mpfr-%{version}/mpfr-%{version}.tar.bz2 Source2: baselibs.conf +Patch1: mpfr-3.1.2-patch11.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -67,6 +68,7 @@ %prep %setup -q +%patch1 -p1 %build %configure \ ++++++ mpfr-3.1.2-patch11.diff ++++++ diff -Naurd mpfr-3.1.2-a/src/strtofr.c mpfr-3.1.2-b/src/strtofr.c --- mpfr-3.1.2-a/src/strtofr.c 2013-03-13 15:37:32.000000000 +0000 +++ mpfr-3.1.2-b/src/strtofr.c 2014-12-04 01:41:57.287791246 +0000 @@ -473,8 +473,10 @@ /* prec bits corresponds to ysize limbs */ ysize_bits = ysize * GMP_NUMB_BITS; /* and to ysize_bits >= prec > MPFR_PREC (x) bits */ - y = MPFR_TMP_LIMBS_ALLOC (2 * ysize + 1); - y += ysize; /* y has (ysize+1) allocated limbs */ + /* we need to allocate one more limb to work around bug + https://gmplib.org/list-archives/gmp-bugs/2013-December/003267.html */ + y = MPFR_TMP_LIMBS_ALLOC (2 * ysize + 2); + y += ysize; /* y has (ysize+2) allocated limbs */ /* pstr_size is the number of characters we read in pstr->mant to have at least ysize full limbs. -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org