[atril] 01/01: debian/patches: Add 0001-CVE-2017-1000083-comics-make-files-containing-checkpoint-action-unsupported.patch. Leave functionality intact _and_ properly address CVE-2017-1000083.
Vangelis Mouhtsis
gnugr-guest at moszumanska.debian.org
Tue Jul 25 16:59:27 UTC 2017
This is an automated email from the git hooks/post-receive script.
gnugr-guest pushed a commit to branch parrot/3.7
in repository atril.
commit 3ad1d8330c8ce9809ea2b12425e468955c6c7a28
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date: Tue Jul 25 18:05:12 2017 +0200
debian/patches: Add 0001-CVE-2017-1000083-comics-make-files-containing-checkpoint-action-unsupported.patch. Leave functionality intact _and_ properly address CVE-2017-1000083.
---
...-containing-checkpoint-action-unsupported.patch | 26 ++++++++++++++++++++++
debian/patches/series | 1 +
2 files changed, 27 insertions(+)
diff --git a/debian/patches/0001-CVE-2017-1000083-comics-make-files-containing-checkpoint-action-unsupported.patch b/debian/patches/0001-CVE-2017-1000083-comics-make-files-containing-checkpoint-action-unsupported.patch
new file mode 100644
index 0000000..a14910c
--- /dev/null
+++ b/debian/patches/0001-CVE-2017-1000083-comics-make-files-containing-checkpoint-action-unsupported.patch
@@ -0,0 +1,26 @@
+From 213c8788cc33ac925bb50bee38b8abdfb3c24002 Mon Sep 17 00:00:00 2001
+From: ZenWalker <scow at riseup.net>
+Date: Wed, 19 Jul 2017 11:00:09 +0200
+Subject: [PATCH] comics: make the files containing "--checkpoint-action="
+ unsupported
+
+Fixes #257
+---
+ backend/comics/comics-document.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/backend/comics/comics-document.c
++++ b/backend/comics/comics-document.c
+@@ -983,6 +983,12 @@
+ char *command_line, *quoted_archive, *quoted_filename;
+ GError *err = NULL;
+
++ if (g_strrstr (comics_document->page_names->pdata[page], "--checkpoint-action="))
++ {
++ g_warning ("File unsupported\n");
++ gtk_main_quit ();
++ }
++
+ if (page >= comics_document->page_names->len)
+ return NULL;
+
diff --git a/debian/patches/series b/debian/patches/series
index e69de29..5d48529 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -0,0 +1 @@
+0001-CVE-2017-1000083-comics-make-files-containing-checkpoint-action-unsupported.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-mate/atril.git
More information about the pkg-mate-commits
mailing list