[Pkg-mono-svn-commits] rev 3425 - in mono/branches/1.2.2.1-1etchX/debian: . patches
Mirco Bauer
meebey-guest at alioth.debian.org
Sun Nov 4 10:59:04 UTC 2007
Author: meebey-guest
Date: 2007-11-04 10:59:04 +0000 (Sun, 04 Nov 2007)
New Revision: 3425
Added:
mono/branches/1.2.2.1-1etchX/debian/patches/fix_BigInteger_overflow_CVE-2007-5197.dpatch
Modified:
mono/branches/1.2.2.1-1etchX/debian/changelog
mono/branches/1.2.2.1-1etchX/debian/patches/00list
Log:
- flush
Modified: mono/branches/1.2.2.1-1etchX/debian/changelog
===================================================================
--- mono/branches/1.2.2.1-1etchX/debian/changelog 2007-10-31 00:55:34 UTC (rev 3424)
+++ mono/branches/1.2.2.1-1etchX/debian/changelog 2007-11-04 10:59:04 UTC (rev 3425)
@@ -1,3 +1,10 @@
+mono (1.2.2.1-1etch1) stable-security; urgency=high
+
+ * debian/patches/fix_BigInteger_overflow_CVE-2007-5197.dpatch:
+ + Fixes CVE-2007-5197
+
+ -- Mirco Bauer <meebey at debian.org> Sun, 28 Oct 2007 22:25:15 +0100
+
mono (1.2.2.1-1) unstable; urgency=low
* New upstream release
Modified: mono/branches/1.2.2.1-1etchX/debian/patches/00list
===================================================================
--- mono/branches/1.2.2.1-1etchX/debian/patches/00list 2007-10-31 00:55:34 UTC (rev 3424)
+++ mono/branches/1.2.2.1-1etchX/debian/patches/00list 2007-11-04 10:59:04 UTC (rev 3425)
@@ -1,2 +1,3 @@
remove_broken_dllmap_from_mono-shlib-cop.dpatch
console-no-utf8-bom.dpatch
+fix_BigInteger_overflow_CVE-2007-5197.dpatch
Added: mono/branches/1.2.2.1-1etchX/debian/patches/fix_BigInteger_overflow_CVE-2007-5197.dpatch
===================================================================
--- mono/branches/1.2.2.1-1etchX/debian/patches/fix_BigInteger_overflow_CVE-2007-5197.dpatch (rev 0)
+++ mono/branches/1.2.2.1-1etchX/debian/patches/fix_BigInteger_overflow_CVE-2007-5197.dpatch 2007-11-04 10:59:04 UTC (rev 3425)
@@ -0,0 +1,31 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## fix_BigInteger_overflow_CVE-2007-5197.dpatch by Mirco Bauer <meebey at debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
+ at DPATCH@
+diff -urNad mono-1.2.2.1~/mcs/class/Mono.Security/Mono.Math/BigInteger.cs mono-1.2.2.1/mcs/class/Mono.Security/Mono.Math/BigInteger.cs
+--- mono-1.2.2.1~/mcs/class/Mono.Security/Mono.Math/BigInteger.cs 2006-04-14 19:51:24.000000000 +0200
++++ mono-1.2.2.1/mcs/class/Mono.Security/Mono.Math/BigInteger.cs 2007-10-28 22:42:47.000000000 +0100
+@@ -1574,7 +1574,7 @@
+ uint j = 1;
+
+ // Multiply and add
+- for (; j < m.length; j++) {
++ for (; j < m.length && j < A.length; j++) {
+ c += (ulong)u_i * (ulong)*(mP++) + *(aSP++);
+ *(aDP++) = (uint)c;
+ c >>= 32;
+diff -urNad mono-1.2.2.1~/mcs/class/corlib/Mono.Math/BigInteger.cs mono-1.2.2.1/mcs/class/corlib/Mono.Math/BigInteger.cs
+--- mono-1.2.2.1~/mcs/class/corlib/Mono.Math/BigInteger.cs 2006-04-14 19:50:35.000000000 +0200
++++ mono-1.2.2.1/mcs/class/corlib/Mono.Math/BigInteger.cs 2007-10-28 22:42:15.000000000 +0100
+@@ -1574,7 +1574,7 @@
+ uint j = 1;
+
+ // Multiply and add
+- for (; j < m.length; j++) {
++ for (; j < m.length && j < A.length; j++) {
+ c += (ulong)u_i * (ulong)*(mP++) + *(aSP++);
+ *(aDP++) = (uint)c;
+ c >>= 32;
Property changes on: mono/branches/1.2.2.1-1etchX/debian/patches/fix_BigInteger_overflow_CVE-2007-5197.dpatch
___________________________________________________________________
Name: svn:executable
+ *
More information about the Pkg-mono-svn-commits
mailing list