[libstaroffice] 01/01: fix CVE-2017-9432
Rene Engelhard
rene at moszumanska.debian.org
Mon Jun 5 09:59:12 UTC 2017
This is an automated email from the git hooks/post-receive script.
rene pushed a commit to branch master
in repository libstaroffice.
commit 6acc8f6a5e5d8d3a6699a5625de292a33b6c5148
Author: Rene Engelhard <rene at rene-engelhard.de>
Date: Mon Jun 5 11:58:13 2017 +0200
fix CVE-2017-9432
---
debian/changelog | 6 ++++++
debian/patches/CVE-2017-9432.diff | 13 +++++++++++++
debian/patches/series | 1 +
3 files changed, 20 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index e9f2243..c71ecc7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+libstaroffice (0.0.3-3) unstable; urgency=medium
+
+ * backport upstream patch to fix CVE-2017-9432 (closes: #864207)
+
+ -- Rene Engelhard <rene at debian.org> Mon, 05 Jun 2017 11:53:29 +0200
+
libstaroffice (0.0.3-2) unstable; urgency=medium
* upload to unstable
diff --git a/debian/patches/CVE-2017-9432.diff b/debian/patches/CVE-2017-9432.diff
new file mode 100644
index 0000000..4a14bef
--- /dev/null
+++ b/debian/patches/CVE-2017-9432.diff
@@ -0,0 +1,13 @@
+diff --git a/src/lib/StarWriterStruct.cxx b/src/lib/StarWriterStruct.cxx
+index 5893302..d1ad366 100644
+--- a/src/lib/StarWriterStruct.cxx
++++ b/src/lib/StarWriterStruct.cxx
+@@ -327,7 +327,7 @@ bool DatabaseName::read(StarZone &zone)
+ }
+ data.m_name=libstoff::getString(text);
+ int positions[2];
+- for (int j=0; j<2; ++j) positions[i]=int(input->readULong(4));
++ for (int j=0; j<2; ++j) positions[j]=int(input->readULong(4));
+ data.m_selection=STOFFVec2i(positions[0],positions[1]);
+ m_dataList.push_back(data);
+ }
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..297dd33
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+CVE-2017-9432.diff
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-openoffice/libstaroffice.git
More information about the Pkg-openoffice-commits
mailing list