Date: Sat, 10 Feb 2018 10:59:12 +0000 (UTC) From: Raphael Kubo da Costa <rakuco@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r461379 - in head/archivers/p7zip: . files Message-ID: <201802101059.w1AAxCC5021800@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rakuco Date: Sat Feb 10 10:59:11 2018 New Revision: 461379 URL: https://svnweb.freebsd.org/changeset/ports/461379 Log: Add patch from CVE-2017-17969 Heap-based buffer overflow in 7zip/Compress/ShrinkDecoder.cpp. Obtained from: Debian (link in the actual patch) MFH: 2018Q1 Security: 6d337396-0e4a-11e8-94c0-5453ed2e2b49 Added: head/archivers/p7zip/files/patch-CVE-2017-17969 (contents, props changed) Modified: head/archivers/p7zip/Makefile Modified: head/archivers/p7zip/Makefile ============================================================================== --- head/archivers/p7zip/Makefile Sat Feb 10 10:57:07 2018 (r461378) +++ head/archivers/p7zip/Makefile Sat Feb 10 10:59:11 2018 (r461379) @@ -3,7 +3,7 @@ PORTNAME= p7zip PORTVERSION= 16.02 -PORTREVISION?= 0 +PORTREVISION?= 1 CATEGORIES= archivers MASTER_SITES= SF DISTNAME= ${PORTNAME}_${DISTVERSION}_src_all Added: head/archivers/p7zip/files/patch-CVE-2017-17969 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/archivers/p7zip/files/patch-CVE-2017-17969 Sat Feb 10 10:59:11 2018 (r461379) @@ -0,0 +1,35 @@ +Obtained-from: https://anonscm.debian.org/cgit/users/robert/p7zip.git/tree/debian/patches/13-CVE-2017-17969.patch +--- +From: =?utf-8?q?Antoine_Beaupr=C3=A9?= <anarcat@debian.org> +Date: Fri, 2 Feb 2018 11:11:41 +0100 +Subject: Heap-based buffer overflow in 7zip/Compress/ShrinkDecoder.cpp + +Origin: vendor, https://sourceforge.net/p/p7zip/bugs/_discuss/thread/0920f369/27d7/attachment/CVE-2017-17969.patch +Forwarded: https://sourceforge.net/p/p7zip/bugs/_discuss/thread/0920f369/#27d7 +Bug: https://sourceforge.net/p/p7zip/bugs/204/ +Bug-Debian: https://bugs.debian.org/888297 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-17969 +Reviewed-by: Salvatore Bonaccorso <carnil@debian.org> +Last-Update: 2018-02-01 +Applied-Upstream: 18.00-beta +--- + CPP/7zip/Compress/ShrinkDecoder.cpp | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +--- CPP/7zip/Compress/ShrinkDecoder.cpp ++++ CPP/7zip/Compress/ShrinkDecoder.cpp +@@ -121,8 +121,13 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream * + { + _stack[i++] = _suffixes[cur]; + cur = _parents[cur]; ++ if (cur >= kNumItems || i >= kNumItems) ++ break; + } +- ++ ++ if (cur >= kNumItems || i >= kNumItems) ++ break; ++ + _stack[i++] = (Byte)cur; + lastChar2 = (Byte)cur; +
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201802101059.w1AAxCC5021800>