/[packages]/updates/5/irssi/current/SOURCES/CVE-2018-5207.patch
ViewVC logotype

Contents of /updates/5/irssi/current/SOURCES/CVE-2018-5207.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1192409 - (show annotations) (download)
Thu Jan 11 18:41:00 2018 UTC (8 months ago) by wally
File size: 1075 byte(s)
- add patches from Ubuntu to fix CVE-2018-520[5-8] (mga#22328)

1 From cc17837a9b326ec9100a35981348fa0f5d6316fa Mon Sep 17 00:00:00 2001
2 From: ailin-nemui <ailin-nemui@users.noreply.github.com>
3 Date: Wed, 3 Jan 2018 15:51:51 +0100
4 Subject: [PATCH] disable variable arguments code
5
6 ---
7 src/core/special-vars.c | 4 ++++
8 1 file changed, 4 insertions(+)
9
10 Index: irssi-0.8.20/src/core/special-vars.c
11 ===================================================================
12 --- irssi-0.8.20.orig/src/core/special-vars.c 2018-01-08 14:38:31.207900068 -0500
13 +++ irssi-0.8.20/src/core/special-vars.c 2018-01-08 14:38:31.203900063 -0500
14 @@ -378,6 +378,7 @@ char *parse_special(char **cmd, SERVER_R
15 }
16
17 nest_free = FALSE; nest_value = NULL;
18 +#if 0 /* this code is disabled due to security issues until it is fixed */
19 if (**cmd == '(' && (*cmd)[1] != '\0') {
20 /* subvariable */
21 int toplevel = nested_orig_cmd == NULL;
22 @@ -406,6 +407,9 @@ char *parse_special(char **cmd, SERVER_R
23
24 if (toplevel) nested_orig_cmd = NULL;
25 }
26 +#else
27 + if (nested_orig_cmd) nested_orig_cmd = NULL;
28 +#endif
29
30 if (**cmd != '{')
31 brackets = FALSE;

  ViewVC Help
Powered by ViewVC 1.1.26