summaryrefslogtreecommitdiff
path: root/libre/p7zip
diff options
context:
space:
mode:
Diffstat (limited to 'libre/p7zip')
-rw-r--r--libre/p7zip/CVE-2017-17969.patch26
-rw-r--r--libre/p7zip/PKGBUILD7
2 files changed, 32 insertions, 1 deletions
diff --git a/libre/p7zip/CVE-2017-17969.patch b/libre/p7zip/CVE-2017-17969.patch
new file mode 100644
index 000000000..ebc0ac93e
--- /dev/null
+++ b/libre/p7zip/CVE-2017-17969.patch
@@ -0,0 +1,26 @@
+From 79bca880ce7bcf07216c45f93afea545e0344418 Mon Sep 17 00:00:00 2001
+From: aone <aone@keka.io>
+Date: Mon, 5 Feb 2018 13:01:09 +0100
+Subject: [PATCH] Security fix CVE-2017-17969
+
+---
+ CPP/7zip/Compress/ShrinkDecoder.cpp | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/CPP/7zip/Compress/ShrinkDecoder.cpp b/CPP/7zip/Compress/ShrinkDecoder.cpp
+index 80b7e67..5bb0559 100644
+--- a/CPP/7zip/Compress/ShrinkDecoder.cpp
++++ b/CPP/7zip/Compress/ShrinkDecoder.cpp
+@@ -121,7 +121,12 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream *
+ {
+ _stack[i++] = _suffixes[cur];
+ cur = _parents[cur];
++ if (cur >= kNumItems || i >= kNumItems)
++ break;
+ }
++
++ if (cur >= kNumItems || i >= kNumItems)
++ break;
+
+ _stack[i++] = (Byte)cur;
+ lastChar2 = (Byte)cur;
diff --git a/libre/p7zip/PKGBUILD b/libre/p7zip/PKGBUILD
index f7fbae290..f7c09510a 100644
--- a/libre/p7zip/PKGBUILD
+++ b/libre/p7zip/PKGBUILD
@@ -11,7 +11,7 @@
_pkgname=p7zip-libre
pkgname=p7zip
pkgver=16.02
-pkgrel=3.parabola2
+pkgrel=5.parabola1
pkgdesc="Command-line file archiver with high compression ratio"
arch=('i686' 'x86_64' 'armv7h')
url="http://p7zip.sourceforge.net/"
@@ -25,10 +25,12 @@ install=$pkgname.install
mksource=(https://downloads.sourceforge.net/project/$pkgname/$pkgname/$pkgver/${pkgname}_${pkgver}_src_all.tar.bz2)
source=(https://repo.parabola.nu/other/${_pkgname}/${_pkgname}_${pkgver}_src_all.tar.bz2
CVE-2016-9296.patch
+ CVE-2017-17969.patch
libre.patch)
mksha256sums=('5eb20ac0e2944f6cb9c2d51dd6c4518941c185347d4089ea89087ffdd6e2341f')
sha256sums=('486e5784de9284c7123b401b3f27e684af772d03fc1fb8cdbbefb8123dc9f841'
'f9bcbf21d4aa8938861a6cba992df13dec19538286e9ed747ccec6d9a4e8f983'
+ 'c6af5ba588b8932a5e99f3741fcf1011b7c94b533de903176c7d1d4c02a9ebef'
'feeeb3b1b7a827b7a675d6c8a363ea6c2499a4f04b3160c7e8d7bba42e0b3c15')
mksource() {
@@ -51,6 +53,9 @@ prepare() {
# https://sourceforge.net/p/p7zip/bugs/185/
patch -Np1 -i ../CVE-2016-9296.patch
+ # https://sourceforge.net/p/p7zip/bugs/204/
+ patch -Np1 -i ../CVE-2017-17969.patch
+
if [[ $CARCH = x86_64 ]]; then
cp makefile.linux_amd64_asm makefile.machine
elif [[ $CARCH = i686 ]]; then