From 10ce8b7ddaee462b3d8aae3028df2937610712ee Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Wed, 8 May 2024 07:02:29 +0200
Subject: Adding debian version 2.33.1-0.1+deb10u1.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 debian/patches/CVE-2021-37600.patch | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 debian/patches/CVE-2021-37600.patch

(limited to 'debian/patches/CVE-2021-37600.patch')

diff --git a/debian/patches/CVE-2021-37600.patch b/debian/patches/CVE-2021-37600.patch
new file mode 100644
index 0000000..b2bb7f0
--- /dev/null
+++ b/debian/patches/CVE-2021-37600.patch
@@ -0,0 +1,26 @@
+From: Karel Zak <kzak@redhat.com>
+Date: Tue, 27 Jul 2021 11:58:31 +0200
+Subject: sys-utils/ipcutils: be careful when call calloc() for uint64 nmembs
+
+Signed-off-by: Karel Zak <kzak@redhat.com>
+Bug: https://github.com/karelzak/util-linux/issues/1395
+Origin: https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
+Bug-Debian: https://bugs.debian.org/991619
+Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2021-37600
+---
+ sys-utils/ipcutils.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/sys-utils/ipcutils.c b/sys-utils/ipcutils.c
+index 5fe297f..989e299 100644
+--- a/sys-utils/ipcutils.c
++++ b/sys-utils/ipcutils.c
+@@ -215,7 +215,7 @@ static void get_sem_elements(struct sem_data *p)
+ {
+ 	size_t i;
+ 
+-	if (!p || !p->sem_nsems || p->sem_perm.id < 0)
++	if (!p || !p->sem_nsems || p->sem_nsems > SIZE_MAX || p->sem_perm.id < 0)
+ 		return;
+ 
+ 	p->elements = xcalloc(p->sem_nsems, sizeof(struct sem_elem));
-- 
cgit v1.2.3