tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
fork atom

Merge branch 'staging-19.03' into release-19.03

Vladimír Čunát 47d7882b d5a3e5f4

+14
unified split
+13
pkgs/tools/compression/bzip2/cve-2019-12900.patch
··· 1 + https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d 2 + diff --git a/decompress.c b/decompress.c 3 + --- a/decompress.c 4 + +++ b/decompress.c 5 + @@ -287,7 +287,7 @@ 6 + GET_BITS(BZ_X_SELECTOR_1, nGroups, 3); 7 + if (nGroups < 2 || nGroups > 6) RETURN(BZ_DATA_ERROR); 8 + GET_BITS(BZ_X_SELECTOR_2, nSelectors, 15); 9 + - if (nSelectors < 1) RETURN(BZ_DATA_ERROR); 10 + + if (nSelectors < 1 || nSelectors > BZ_MAX_SELECTORS) RETURN(BZ_DATA_ERROR); 11 + for (i = 0; i < nSelectors; i++) { 12 + j = 0; 13 + while (True) {
+1
pkgs/tools/compression/bzip2/default.nix
··· 22 22 23 23 patches = [ 24 24 ./CVE-2016-3189.patch 25 + ./cve-2019-12900.patch 25 26 ]; 26 27 27 28