This is an automated email from the git hooks/post-receive script. sebastic pushed a commit to branch jessie-backports in repository mapserver.
commit eec93e1d1203f2f99eede0b95181ae92b1cb46e3 Author: Bas Couwenberg <[email protected]> Date: Sat Jan 28 16:23:49 2017 +0100 Drop 0001-security-fix-patch-by-EvenR.patch, included upstream. --- debian/changelog | 1 + .../patches/0001-security-fix-patch-by-EvenR.patch | 27 ---------------------- debian/patches/series | 1 - 3 files changed, 1 insertion(+), 28 deletions(-) diff --git a/debian/changelog b/debian/changelog index 49ba3ab..da468ed 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,7 @@ mapserver (7.0.4-1~bpo8+1) jessie-backports; urgency=medium * Rebuild for jessie-backports. + * Drop 0001-security-fix-patch-by-EvenR.patch, included upstream. -- Bas Couwenberg <[email protected]> Sat, 28 Jan 2017 16:21:19 +0100 diff --git a/debian/patches/0001-security-fix-patch-by-EvenR.patch b/debian/patches/0001-security-fix-patch-by-EvenR.patch deleted file mode 100644 index 010aefa..0000000 --- a/debian/patches/0001-security-fix-patch-by-EvenR.patch +++ /dev/null @@ -1,27 +0,0 @@ -Description: security fix (patch by EvenR) - Fixes CVE-2017-5522 (stack buffer overflow) -Author: Even Rouault <[email protected]> -Origin: https://github.com/mapserver/mapserver/commit/e52a436c0e1c5e9f7ef13428dba83194a800f4df - ---- a/mapogcfilter.c -+++ b/mapogcfilter.c -@@ -3004,6 +3004,8 @@ char *FLTGetIsLikeComparisonExpression(F - - pszValue = psFilterNode->psRightNode->pszValue; - nLength = strlen(pszValue); -+ if( 1 + 2 * nLength + 1 + 1 >= sizeof(szTmp) ) -+ return NULL; - - iTmp =0; - if (nLength > 0 && pszValue[0] != pszWild[0] && ---- a/mapogcfiltercommon.c -+++ b/mapogcfiltercommon.c -@@ -88,6 +88,8 @@ char *FLTGetIsLikeComparisonCommonExpres - - pszValue = psFilterNode->psRightNode->pszValue; - nLength = strlen(pszValue); -+ if( 1 + 2 * nLength + 1 + 1 >= sizeof(szTmp) ) -+ return NULL; - - iTmp =0; - if (nLength > 0 && pszValue[0] != pszWild[0] && pszValue[0] != pszSingle[0] && pszValue[0] != pszEscape[0]) { diff --git a/debian/patches/series b/debian/patches/series index 5dc9dc4..78cc1a1 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -2,4 +2,3 @@ hardening.patch perl-mapscript-install.patch ruby-mapscript-install.patch java-hardening.patch -0001-security-fix-patch-by-EvenR.patch -- Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-grass/mapserver.git _______________________________________________ Pkg-grass-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-grass-devel
