[Pkg-sdl-commits] [libsdl2-image] 05/06: Remove patches backported from upstream
Fabian Greffrath
fabian at moszumanska.debian.org
Fri Nov 10 12:51:47 UTC 2017
This is an automated email from the git hooks/post-receive script.
fabian pushed a commit to branch master
in repository libsdl2-image.
commit 041b7ea3fe03d20e0b52def07b0739e076d02f17
Author: Fabian Greffrath <fabian at debian.org>
Date: Fri Nov 10 13:46:00 2017 +0100
Remove patches backported from upstream
---
debian/patches/CVE-2017-2887.patch | 33 ---------------------------------
debian/patches/series | 1 -
2 files changed, 34 deletions(-)
diff --git a/debian/patches/CVE-2017-2887.patch b/debian/patches/CVE-2017-2887.patch
deleted file mode 100644
index 997f51f..0000000
--- a/debian/patches/CVE-2017-2887.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-# HG changeset patch
-# User Sam Lantinga <slouken at libsdl.org>
-# Date 1507329619 25200
-# Node ID 318484db0705d07d4d1f4c0a1d3d5ea69f6ba2b0
-# Parent 7ad06019831d474380fd5a63e518d21219031519
-Fixed security vulnerability in XCF image loader (thanks Yves!)
-
-diff -r 7ad06019831d -r 318484db0705 IMG_xcf.c
---- a/IMG_xcf.c Mon Sep 18 16:10:17 2017 -0700
-+++ b/IMG_xcf.c Fri Oct 06 15:40:19 2017 -0700
-@@ -251,6 +251,7 @@
- }
-
- static void xcf_read_property (SDL_RWops * src, xcf_prop * prop) {
-+ Uint32 len;
- prop->id = SDL_ReadBE32 (src);
- prop->length = SDL_ReadBE32 (src);
-
-@@ -274,7 +275,12 @@
- break;
- case PROP_COMPRESSION:
- case PROP_COLOR:
-- SDL_RWread (src, &prop->data, prop->length, 1);
-+ if (prop->length > sizeof(prop->data)) {
-+ len = sizeof(prop->data);
-+ } else {
-+ len = prop->length;
-+ }
-+ SDL_RWread(src, &prop->data, len, 1);
- break;
- case PROP_VISIBLE:
- prop->data.visible = SDL_ReadBE32 (src);
-
diff --git a/debian/patches/series b/debian/patches/series
deleted file mode 100644
index 1552f98..0000000
--- a/debian/patches/series
+++ /dev/null
@@ -1 +0,0 @@
-CVE-2017-2887.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-sdl/packages/libsdl2-image.git
More information about the pkg-sdl-commits
mailing list