Debian Patches
Status for unace/1.2b-27
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 001_cpp_define.patch | Fix compilations flags | Guillem Jover <guillem@hadrons.org> | not-needed | vendor | ||
| 002_fix_warnings.patch | Fix compilations warnings =================================================================== |
Guillem Jover <guillem@hadrons.org> | not-needed | vendor | ||
| 003_security.patch | Fix compilations warnings =================================================================== |
Ulf Härnhammar <Ulf.Harnhammar.9485@student.uu.se> | not-needed | vendor | ||
| 004_64_bit_clean.patch | Make the program 64 bit clean, by using <stdint.h> to typedef the data types independently of the target system. =================================================================== |
Guillem Jover <guillem@hadrons.org> | not-needed | debian | vendor | |
| 005_format-security.patch | Fix format-security build failures. | Guillem Jover <guillem@hadrons.org> | not-needed | vendor | ||
| 006_security-afl.patch | Fixes a buffer overflow when reading bogus file headers The header parser was not checking if it had read enough data when trying to parse the header from memory, causing it to accept files with headers smaller than expected. . Fixes CVE-2015-2063. |
Guillem Jover <guillem@debian.org> | not-needed | debian | vendor | 2015-02-24 |
| 007_cross-compiling.patch | Fixes cross-compilation support The gccmaked program does not support cross-compilation. Move the dependency information into a new makefile.dep, and generate that directly from the makefile via «$(CPP) -MM». |
Guillem Jover <guillem@debian.org> | not-needed | vendor | 2019-07-11 | |
| 008_comm_parsing.patch | Fixes comment parsing We need to honor the header comment buffer maximum size and not try to write or read out-of-bounds. |
Guillem Jover <guillem@debian.org> | not-needed | vendor | 2022-08-18 | |
| 009_fix_buffer_overread.patch | Fix heap buffer over read We are searching for the file magic value within a 1024 buffer, and iterating over each byte in the buffer, comparing against the magic value, which is 7 bytes long. But instead of stopping 6 bytes before the end of the buffer we continue until the last one, where we will have exceeded the memory for all of those 6 last comparisons. |
Xiang Chen <x14ngch3n@gmail.com> | not-needed | debian |