summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--debian/patches/series1
-rw-r--r--debian/patches/upstream/0001-zcat-buffer-overrun.patch18
2 files changed, 0 insertions, 19 deletions
diff --git a/debian/patches/series b/debian/patches/series
index fdb9b2d..a353e88 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,2 @@
debian/0001-build.patch
debian/0002-zupdate.patch
-upstream/0001-zcat-buffer-overrun.patch
diff --git a/debian/patches/upstream/0001-zcat-buffer-overrun.patch b/debian/patches/upstream/0001-zcat-buffer-overrun.patch
deleted file mode 100644
index ba81c1f..0000000
--- a/debian/patches/upstream/0001-zcat-buffer-overrun.patch
+++ /dev/null
@@ -1,18 +0,0 @@
-Author: Antonio Diaz-Diaz <antonio@gnu.org>
-Description: zcat.cc: Fixed a buffer overrun on outbuf when '-v' is used [CVE-2018-1000637] (Closes: #902936).
-
-diff -Naurp zutils/zcat.cc zutils/zcat.cc
---- zutils/zcat.cc
-+++ zutils/zcat.cc
-@@ -232,8 +232,9 @@ int cat( int infd, const int format_inde
- enum { buffer_size = 4096 };
- // buffer with space for sentinel newline at the end
- uint8_t * const inbuf = new uint8_t[buffer_size+1];
-- // buffer with space for character quoting and 255-digit line number
-- uint8_t * const outbuf = new uint8_t[(4*buffer_size)+256];
-+ // buffer with space for character quoting, 255-digit line number and
-+ // worst case flushing respect to inbuf.
-+ uint8_t * const outbuf = new uint8_t[(5*buffer_size)+256];
- int retval = 0;
- Children children;
- if( !set_data_feeder( input_filename, &infd, children, format_index ) )