* [gentoo-commits] gentoo-x86 commit in net-libs/libsmi/files: libsmi-0.4.8-CVE-2010-2891.patch
@ 2010-10-22 16:45 Jeroen Roovers (jer)
0 siblings, 0 replies; 2+ messages in thread
From: Jeroen Roovers (jer) @ 2010-10-22 16:45 UTC (permalink / raw
To: gentoo-commits
jer 10/10/22 16:45:21
Added: libsmi-0.4.8-CVE-2010-2891.patch
Log:
Patch for bug #342127.
(Portage version: 2.2_rc99/cvs/Linux i686)
Revision Changes Path
1.1 net-libs/libsmi/files/libsmi-0.4.8-CVE-2010-2891.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-libs/libsmi/files/libsmi-0.4.8-CVE-2010-2891.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-libs/libsmi/files/libsmi-0.4.8-CVE-2010-2891.patch?rev=1.1&content-type=text/plain
Index: libsmi-0.4.8-CVE-2010-2891.patch
===================================================================
Index: lib/smi.c
===================================================================
--- lib/smi.c (revision 29144)
+++ lib/smi.c (working copy)
@@ -1793,10 +1793,15 @@
}
if (isdigit((int)node2[0])) {
- for (oidlen = 0, p = strtok(node2, ". "); p;
+ for (oidlen = 0, p = strtok(node2, ". ");
+ p && oidlen < sizeof(oid)/sizeof(oid[0]);
oidlen++, p = strtok(NULL, ". ")) {
oid[oidlen] = strtoul(p, NULL, 0);
}
+ if (p) {
+ /* the numeric OID is too long */
+ return NULL;
+ }
nodePtr = getNode(oidlen, oid);
if (nodePtr) {
if (modulePtr) {
^ permalink raw reply [flat|nested] 2+ messages in thread
* [gentoo-commits] gentoo-x86 commit in net-libs/libsmi/files: libsmi-0.4.8-CVE-2010-2891.patch
@ 2014-07-18 15:31 Jeroen Roovers (jer)
0 siblings, 0 replies; 2+ messages in thread
From: Jeroen Roovers (jer) @ 2014-07-18 15:31 UTC (permalink / raw
To: gentoo-commits
jer 14/07/18 15:31:52
Modified: libsmi-0.4.8-CVE-2010-2891.patch
Log:
EAPI bump. Clean up patch. Add USE=static-libs.
(Portage version: 2.2.10/cvs/Linux x86_64, signed Manifest commit with key A792A613)
Revision Changes Path
1.2 net-libs/libsmi/files/libsmi-0.4.8-CVE-2010-2891.patch
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-libs/libsmi/files/libsmi-0.4.8-CVE-2010-2891.patch?rev=1.2&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-libs/libsmi/files/libsmi-0.4.8-CVE-2010-2891.patch?rev=1.2&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-libs/libsmi/files/libsmi-0.4.8-CVE-2010-2891.patch?r1=1.1&r2=1.2
Index: libsmi-0.4.8-CVE-2010-2891.patch
===================================================================
RCS file: /var/cvsroot/gentoo-x86/net-libs/libsmi/files/libsmi-0.4.8-CVE-2010-2891.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- libsmi-0.4.8-CVE-2010-2891.patch 22 Oct 2010 16:45:21 -0000 1.1
+++ libsmi-0.4.8-CVE-2010-2891.patch 18 Jul 2014 15:31:52 -0000 1.2
@@ -1,7 +1,5 @@
-Index: lib/smi.c
-===================================================================
---- lib/smi.c (revision 29144)
-+++ lib/smi.c (working copy)
+--- a/lib/smi.c
++++ b/lib/smi.c
@@ -1793,10 +1793,15 @@
}
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-07-18 15:31 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-07-18 15:31 [gentoo-commits] gentoo-x86 commit in net-libs/libsmi/files: libsmi-0.4.8-CVE-2010-2891.patch Jeroen Roovers (jer)
-- strict thread matches above, loose matches on Subject: below --
2010-10-22 16:45 Jeroen Roovers (jer)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox