gnu: libxvmc: Update to 1.0.10.

* gnu/packages/xorg.scm (libxvmc): Update to 1.0.10.
[replacement]: Remove field.
(libxvmc/fixed): Remove variable.
* gnu/packages/patches/libxvmc-CVE-2016-7953.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
This commit is contained in:
Leo Famulari 2016-10-05 19:33:50 -04:00
parent 62ad505603
commit 22f08f0605
No known key found for this signature in database
GPG Key ID: 2646FA30BACA7F08
3 changed files with 2 additions and 54 deletions

View File

@ -668,7 +668,6 @@ dist_patch_DATA = \
%D%/packages/patches/libwmf-CVE-2015-0848+CVE-2015-4588.patch \ %D%/packages/patches/libwmf-CVE-2015-0848+CVE-2015-4588.patch \
%D%/packages/patches/libwmf-CVE-2015-4695.patch \ %D%/packages/patches/libwmf-CVE-2015-4695.patch \
%D%/packages/patches/libwmf-CVE-2015-4696.patch \ %D%/packages/patches/libwmf-CVE-2015-4696.patch \
%D%/packages/patches/libxvmc-CVE-2016-7953.patch \
%D%/packages/patches/libxslt-generated-ids.patch \ %D%/packages/patches/libxslt-generated-ids.patch \
%D%/packages/patches/linux-pam-no-setfsuid.patch \ %D%/packages/patches/linux-pam-no-setfsuid.patch \
%D%/packages/patches/lirc-localstatedir.patch \ %D%/packages/patches/lirc-localstatedir.patch \

View File

@ -1,42 +0,0 @@
Fix CVE-2016-7953:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7953
Patch copied from upstream source repository:
https://cgit.freedesktop.org/xorg/lib/libXvMC/commit/?id=2cd95e7da8367cccdcdd5c9b160012d1dec5cbdb
From 2cd95e7da8367cccdcdd5c9b160012d1dec5cbdb Mon Sep 17 00:00:00 2001
From: Tobias Stoeckmann <tobias@stoeckmann.org>
Date: Sun, 25 Sep 2016 22:34:27 +0200
Subject: [PATCH] Avoid buffer underflow on empty strings.
If an empty string is received from an x-server, do not underrun the
buffer by accessing "rep.nameLen - 1" unconditionally, which could end
up being -1.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
---
src/XvMC.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/XvMC.c b/src/XvMC.c
index 7336760..3ee4212 100644
--- a/src/XvMC.c
+++ b/src/XvMC.c
@@ -576,9 +576,9 @@ Status XvMCGetDRInfo(Display *dpy, XvPortID port,
if (*name && *busID && tmpBuf) {
_XRead(dpy, tmpBuf, realSize);
strncpy(*name,tmpBuf,rep.nameLen);
- (*name)[rep.nameLen - 1] = '\0';
+ (*name)[rep.nameLen == 0 ? 0 : rep.nameLen - 1] = '\0';
strncpy(*busID,tmpBuf+rep.nameLen,rep.busIDLen);
- (*busID)[rep.busIDLen - 1] = '\0';
+ (*busID)[rep.busIDLen == 0 ? 0 : rep.busIDLen - 1] = '\0';
XFree(tmpBuf);
} else {
XFree(*name);
--
2.10.1

View File

@ -4943,8 +4943,7 @@ new API's in libXft, or the legacy API's in libX11.")
(define-public libxvmc (define-public libxvmc
(package (package
(name "libxvmc") (name "libxvmc")
(replacement libxvmc/fixed) (version "1.0.10")
(version "1.0.9")
(source (source
(origin (origin
(method url-fetch) (method url-fetch)
@ -4954,7 +4953,7 @@ new API's in libXft, or the legacy API's in libX11.")
".tar.bz2")) ".tar.bz2"))
(sha256 (sha256
(base32 (base32
"0mjp1b21dvkaz7r0iq085r92nh5vkpmx99awfgqq9hgzyvgxf0q7")))) "0bpffxr5dal90a8miv2w0rif61byqxq2f5angj4z1bnznmws00g5"))))
(build-system gnu-build-system) (build-system gnu-build-system)
(propagated-inputs (propagated-inputs
`(("libxv" ,libxv))) `(("libxv" ,libxv)))
@ -4969,14 +4968,6 @@ new API's in libXft, or the legacy API's in libX11.")
(description "Xorg XvMC library.") (description "Xorg XvMC library.")
(license license:x11))) (license license:x11)))
(define libxvmc/fixed
(package
(inherit libxvmc)
(source (origin
(inherit (package-source libxvmc))
(patches (search-patches
"libxvmc-CVE-2016-7953.patch"))))))
(define-public libxxf86vm (define-public libxxf86vm
(package (package
(name "libxxf86vm") (name "libxxf86vm")