Index: unk/server/common/patches/gzip-cve-2009-2624.patch =================================================================== --- /trunk/server/common/patches/gzip-cve-2009-2624.patch (revision 1452) +++ (revision ) @@ -1,20 +1,0 @@ ---- inflate.c.orig 2010-01-21 05:31:35.000000000 -0500 -+++ inflate.c 2010-01-21 05:31:43.000000000 -0500 -@@ -335,13 +335,15 @@ - } while (--i); - if (c[0] == n) /* null input--all zero length codes */ - { -- q = (struct huft *) malloc (2 * sizeof *q); -+ q = (struct huft *) malloc (3 * sizeof *q); - if (!q) - return 3; -- hufts += 2; -+ hufts += 3; - q[0].v.t = (struct huft *) NULL; - q[1].e = 99; /* invalid code marker */ - q[1].b = 1; -+ q[2].e = 99; /* invalid code marker */ -+ q[2].b = 1; - *t = q + 1; - *m = 1; - return 0; Index: unk/server/common/patches/gzip-cve-2010-0001.patch =================================================================== --- /trunk/server/common/patches/gzip-cve-2010-0001.patch (revision 1452) +++ (revision ) @@ -1,12 +1,0 @@ ---- unlzw.c.orig 2010-01-21 05:23:53.000000000 -0500 -+++ unlzw.c 2010-01-21 05:25:51.000000000 -0500 -@@ -248,7 +248,8 @@ - int o; - - resetbuf: -- e = insize-(o = (posbits>>3)); -+ o = posbits >> 3; -+ e = o <= insize ? insize - o : 0; - - for (i = 0 ; i < e ; ++i) { - inbuf[i] = inbuf[i+o]; Index: /trunk/server/fedora/Makefile =================================================================== --- /trunk/server/fedora/Makefile (revision 1452) +++ /trunk/server/fedora/Makefile (revision 1453) @@ -19,5 +19,5 @@ # See /COPYRIGHT in this repository for more information. -upstream_yum = krb5 krb5.i586 httpd openssh gzip +upstream_yum = krb5 krb5.i586 httpd openssh upstream = openafs $(upstream_yum) moira oursrc = execsys tokensys accountadm httpdmods logview sql-signup nss_nonlocal nss_nonlocal.i586 whoisd mit-zephyr athrun php_scripts scripts-base Index: unk/server/fedora/specs/gzip.spec.patch =================================================================== --- /trunk/server/fedora/specs/gzip.spec.patch (revision 1452) +++ (revision ) @@ -1,40 +1,0 @@ ---- gzip.spec.orig 2010-01-21 05:33:38.000000000 -0500 -+++ gzip.spec 2010-01-21 05:37:54.000000000 -0500 -@@ -1,7 +1,7 @@ - Summary: The GNU data compression program - Name: gzip - Version: 1.3.12 --Release: 9%{?dist} -+Release: 9.scripts.%{scriptsversion}%{?dist} - # info pages are under GFDL license - License: GPLv2 and GFDL - Group: Applications/File -@@ -17,6 +17,8 @@ - Patch16: gzip-1.3.5-cve-2006-4337_len.patch - Patch17: gzip-1.3.12-futimens.patch - Patch18: gzip-1.3.12-zdiff.patch -+Patch100: gzip-cve-2009-2624.patch -+Patch101: gzip-cve-2010-0001.patch - URL: http://www.gzip.org/ - Requires: /sbin/install-info - Requires: mktemp less -@@ -43,6 +45,8 @@ - %patch16 -p1 -b .4337l - %patch17 -p1 -b .futimens - %patch18 -p1 -b .ret -+%patch100 -p0 -b .cve-2009-2624 -+%patch101 -p0 -b .cve-2010-0001 - %build - export DEFS="NO_ASM" - export CPPFLAGS="-DHAVE_LSTAT" -@@ -89,6 +93,10 @@ - %{_infodir}/gzip.info* - - %changelog -+* Thu Jan 21 2010 Mitchell Berger 1.3.12-9.scripts.1432 -+- Add patch for CVE-2009-2624 -+- Add patch for CVE-2010-0001 -+ - * Fri Mar 13 2009 Ivana Varekova - 1.3.12-9 - - fix #484213 - zdiff shows no output -