Miroirs/slackware-current
1
0
Fork 0
mirror of git://slackware.nl/current.git synced 2025-01-03 23:03:22 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
slackware-current/patches/source/libcue/fdf72c8bded8d24cfa0608b8e97f2eed210a920e.patch

25 lines
692 B
Diff
Raw Normal View History

Tue Oct 10 19:27:56 UTC 2023 patches/packages/libcue-2.2.1-x86_64-4_slack15.0.txz: Rebuilt. Fixed a bug which could allow memory corruption resulting in arbitrary code execution. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-43641 (* Security fix *) patches/packages/libnotify-0.8.3-x86_64-1_slack15.0.txz: Upgraded. This release contains a critical stability/minor security update which affects Electron applications that utilize Portal notifications (eg, through Flatpak). It is highly recommended that all users of libnotify 0.8.x update to this release. (* Security fix *)
2023-10-10 21:27:56 +02:00
From fdf72c8bded8d24cfa0608b8e97f2eed210a920e Mon Sep 17 00:00:00 2001
From: Kevin Backhouse <kevinbackhouse@github.com>
Date: Wed, 27 Sep 2023 20:22:43 +0100
Subject: [PATCH] Check that the array index isn't negative. This fixes
CVE-2023-43641.
Signed-off-by: Kevin Backhouse <kevinbackhouse@github.com>
---
cd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/cd.c b/cd.c
index cf77a18..4bbea19 100644
--- a/cd.c
+++ b/cd.c
@@ -339,7 +339,7 @@ track_get_rem(const Track* track)
void track_set_index(Track *track, int i, long ind)
{
- if (i > MAXINDEX) {
+ if (i < 0 || i > MAXINDEX) {
fprintf(stderr, "too many indexes\n");
return;
}
Reference in a new issue Copy permalink