Miroirs/slackware-current
1
0
Fork 0
mirror of git://slackware.nl/current.git synced 2025-01-03 23:03:22 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
slackware-current/source/a/bash/bash-5.1-patches/bash51-009

60 lines
1.6 KiB
Text
Raw Normal View History

Thu Nov 18 21:13:10 UTC 2021 a/bash-5.1.012-x86_64-1.txz: Upgraded. a/cryptsetup-2.4.2-x86_64-1.txz: Upgraded. a/kernel-generic-5.15.3-x86_64-1.txz: Upgraded. a/kernel-huge-5.15.3-x86_64-1.txz: Upgraded. a/kernel-modules-5.15.3-x86_64-1.txz: Upgraded. d/ccache-4.5.1-x86_64-1.txz: Upgraded. d/kernel-headers-5.15.3-x86-1.txz: Upgraded. k/kernel-source-5.15.3-noarch-1.txz: Upgraded. kde/latte-dock-0.10.4-x86_64-1.txz: Upgraded. n/php-7.4.26-x86_64-1.txz: Upgraded. This update fixes bugs and a security issue: XML: special character is breaking the path in xml function. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21707 (* Security fix *) x/ibus-1.5.25-x86_64-5.txz: Rebuilt. Fixed paths in: [PATCH] client/gtk3/ibusimcontext: Fix wrong cursor location in gtk3 apps. Thanks to Lockywolf. xap/audacious-4.1-x86_64-3.txz: Rebuilt. Removed the extra menu entry for the GTK+ version as this can just be selected in the settings. Thanks to franzen. isolinux/initrd.img: Rebuilt. kernels/*: Upgraded. usb-and-pxe-installers/usbboot.img: Rebuilt.
2021-11-18 22:13:10 +01:00
BASH PATCH REPORT
=================
Bash-Release: 5.1
Patch-ID: bash51-009
Bug-Reported-by: Julien Moutinho <julm+bash@sourcephile.fr>
Bug-Reference-ID: <20211004035906.5kiobuzkpeckmvwg@sourcephile.fr>
Bug-Reference-URL: https://lists.gnu.org/archive/html/bug-bash/2021-10/msg00022.html
Bug-Description:
The bash malloc implementation of malloc_usable_size() does not follow the
specification. This can cause library functions that use it to overwrite
memory bounds checking.
Patch (apply with `patch -p0'):
*** ../bash-5.1-patched/lib/malloc/malloc.c 2020-07-08 10:19:30.000000000 -0400
--- lib/malloc/malloc.c 2021-10-05 16:10:55.000000000 -0400
***************
*** 1287,1297 ****
}
! /* XXX - should we return 0 if ISFREE? */
! maxbytes = binsize(p->mh_index);
!
! /* So the usable size is the maximum number of bytes in the bin less the
! malloc overhead */
! maxbytes -= MOVERHEAD + MSLOP;
! return (maxbytes);
}
--- 1358,1367 ----
}
! /* return 0 if ISFREE */
! if (p->mh_alloc == ISFREE)
! return 0;
!
! /* Since we use bounds checking, the usable size is the last requested size. */
! return (p->mh_nbytes);
}
*** ../bash-5.1/patchlevel.h 2020-06-22 14:51:03.000000000 -0400
--- patchlevel.h 2020-10-01 11:01:28.000000000 -0400
***************
*** 26,30 ****
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 8
#endif /* _PATCHLEVEL_H_ */
--- 26,30 ----
looks for to find the patch level (for the sccs version string). */
! #define PATCHLEVEL 9
#endif /* _PATCHLEVEL_H_ */
Reference in a new issue Copy permalink