Debian Patches

Status for unadf/0.7.11a-7

Search:

Patch	Description	Author	Forwarded	Bugs	Origin	Last update
64-bit-fixes	Patch to make it work on 64 bit. See news from 11 April 2011 on http://lclevy.free.fr/adflib/. Source: http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=15;filename=adflib_stdint_diff.txt;att=1;bug=458129 http://grimnorth.se/~noname/tmp/adflib_stdint_diff.txt Slightly modified (and removed the .depend files from the patches) ===================================================================		no
add-hardening-flags-in-compiler-options	Add hardening flags in compiler options	Boris Pek <tehnick-8@mail.ru>	no			2012-06-19
CVE-2016-1243_CVE-2016-1244	Fix unsafe extraction by using mkdir() instead of shell command This commit fixes following vulnerabilities: - CVE-2016-1243: stack buffer overflow caused by blindly trusting on pathname lengths of archived files Stack allocated buffer sysbuf was filled with sprintf() without any bounds checking in extracTree() function. - CVE-2016-1244: execution of unsanitized input Shell command used for creating directory paths was constructed by concatenating names of archived files to the end of the command string. So, if the user was tricked to extract a specially crafted .adf file, the attacker was able to execute arbitrary code with privileges of the user. This commit fixes both issues by 1) replacing mkdir shell commands with mkdir() function calls 2) removing redundant sysbuf buffer --	Tuomas Räsänen <tuomasjjrasanen@tjjr.fi>	no			2016-09-20
privacy-breach.patch	Remove monitoring from FAQ	Stephen Kitt <skitt@debian.org>	no
source-code-fixes	fix header files		no			2012-05-31

Showing 1 to 5 of 5 entries

All known versions for source package 'unadf'

0.7.11a-7 (trixie, sid)
0.7.11a-5+deb12u1 (bookworm)
0.7.11a-4+deb11u1 (bullseye)

Links