[mod_nss] The patch to fix overlapping memory wasn't applied. Do that.
Stephen Gallagher
sgallagh at fedoraproject.org
Fri Jun 15 15:36:31 UTC 2012
commit be31bd18dabac3b23ecfc9ac2e3c6054f6396089
Author: Rob Crittenden <rcritten at redhat.com>
Date: Fri Jun 15 09:06:29 2012 -0400
The patch to fix overlapping memory wasn't applied. Do that.
mod_nss.spec | 8 +++++++-
1 files changed, 7 insertions(+), 1 deletions(-)
---
diff --git a/mod_nss.spec b/mod_nss.spec
index b79f6ec..71f86de 100644
--- a/mod_nss.spec
+++ b/mod_nss.spec
@@ -7,7 +7,7 @@
Name: mod_nss
Version: 1.0.8
-Release: 17%{?dist}
+Release: 18%{?dist}
Summary: SSL/TLS module for the Apache HTTP server
Group: System Environment/Daemons
License: ASL 2.0
@@ -30,6 +30,7 @@ Patch6: mod_nss-pcachesignal.h
Patch7: mod_nss-reseterror.patch
Patch8: mod_nss-lockpcache.patch
Patch9: mod_nss-httpd24.patch
+Patch10: mod_nss-overlapping_memcpy.patch
%description
The mod_nss module provides strong cryptography for the Apache Web
@@ -50,6 +51,7 @@ security library.
%if 0%{?fedora} >= 18
%patch9 -p1 -b .httpd24
%endif
+%patch10 -p1 -b .overlap
# Touch expression parser sources to prevent regenerating it
touch nss_expr_*.[chyl]
@@ -148,6 +150,10 @@ fi
%{_sbindir}/gencert
%changelog
+* Fri Jun 15 2012 Rob Crittenden <rcritten at redhat.com> - 1.0.8-18
+- Actually apply the patch to use memmove in place of memcpy since the
+ buffers can overlap (#669118)
+
* Tue Jun 12 2012 Nathan Kinder <nkinder at redhat.com> - 1.0.8-17
- Port mod_nss to work with httpd 2.4
More information about the scm-commits
mailing list