bzip2: fix CVE-2016-3189

This commit is contained in:
Alessio Sergi 2016-07-04 12:40:39 +02:00
parent adacc1ccbd
commit fc86793716
2 changed files with 13 additions and 1 deletions

View File

@ -0,0 +1,12 @@
Patch from: https://bugzilla.redhat.com/show_bug.cgi?id=1319648
--- ./bzip2recover.c.old 2016-03-22 08:49:38.855620000 +0100
+++ ./bzip2recover.c 2016-03-30 10:22:27.341430099 +0200
@@ -458,6 +458,7 @@ Int32 main ( Int32 argc, Char** argv )
bsPutUChar ( bsWr, 0x50 ); bsPutUChar ( bsWr, 0x90 );
bsPutUInt32 ( bsWr, blockCRC );
bsClose ( bsWr );
+ outFile = NULL;
}
if (wrBlock >= rbCtr) break;
wrBlock++;

View File

@ -1,7 +1,7 @@
# Template build file for 'bzip2'.
pkgname=bzip2
version=1.0.6
revision=10
revision=11
bootstrap=yes
homepage="http://www.bzip.org"
distfiles="http://www.bzip.org/$version/$pkgname-$version.tar.gz"