[firebird/el5] added patch from upstream to fix Firebird CORE-4058 CVE-2013-2492
Philippe Makowski
makowski at fedoraproject.org
Sun Mar 10 19:26:16 UTC 2013
commit d9d4b04343085e20cc41725f3becde2919684d98
Author: Philippe Makowski <pmakowski at espelida.com>
Date: Sun Mar 10 20:25:56 2013 +0100
added patch from upstream to fix Firebird CORE-4058 CVE-2013-2492
firebird-2.1.6-svn-CORE-4058.patch | 13 +++++++++++++
firebird-2.5.2-svn-CORE-4058.patch | 11 -----------
firebird.spec | 2 +-
3 files changed, 14 insertions(+), 12 deletions(-)
---
diff --git a/firebird-2.1.6-svn-CORE-4058.patch b/firebird-2.1.6-svn-CORE-4058.patch
new file mode 100644
index 0000000..650bd56
--- /dev/null
+++ b/firebird-2.1.6-svn-CORE-4058.patch
@@ -0,0 +1,13 @@
+Index: src/remote/inet.cpp
+===================================================================
+--- src/remote/inet.cpp (révision 57727)
++++ src/remote/inet.cpp (révision 57728)
+@@ -1154,7 +1154,7 @@
+ case CNCT_group:
+ {
+ int length = id.getClumpLength();
+- if (length != 0) {
++ if (length <= sizeof(eff_gid) && length > 0) {
+ eff_gid = 0;
+ memcpy(&eff_gid, id.getBytes(), length);
+ eff_gid = ntohl(eff_gid);
diff --git a/firebird.spec b/firebird.spec
index 5913d6b..a0eef79 100644
--- a/firebird.spec
+++ b/firebird.spec
@@ -20,7 +20,7 @@ Source2: README.Fedora
Patch0: firebird-mcpu-to-mtune.patch
Patch2: firebird-fix-initscript.patch
Patch3: firebird_lock-file-location.patch
-Patch4: firebird-2.5.2-svn-CORE-4058.patch
+Patch4: firebird-2.1.6-svn-CORE-4058.patch
BuildRequires: autoconf
More information about the scm-commits
mailing list