Add 'nixpkgs/' from commit 'abf060725d7614bd3b9f96764262dfbc2f9c2199'

git-subtree-dir: nixpkgs git-subtree-mainline: 4e31070265257dc67d120c27e0f75c2344fdfa9a git-subtree-split: abf060725d7614bd3b9f96764262dfbc2f9c2199
author: Alyssa Ross <hi@alyssa.is> 2019-01-07 02:18:36 +0000
committer: Alyssa Ross <hi@alyssa.is> 2019-01-07 02:18:47 +0000
commit: 36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2 (patch)
tree: b3faaf573407b32aa645237a4d16b82778a39a92 /nixpkgs/pkgs/applications/version-management/cvs/CVE-2017-12836.patch
parent: 4e31070265257dc67d120c27e0f75c2344fdfa9a (diff)
parent: abf060725d7614bd3b9f96764262dfbc2f9c2199 (diff)
download: nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar
nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.gz
nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.bz2
nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.lz
nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.xz
nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.zst
nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.zip
1 files changed, 29 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/applications/version-management/cvs/CVE-2017-12836.patch b/nixpkgs/pkgs/applications/version-management/cvs/CVE-2017-12836.patch
new file mode 100644
index 000000000000..950079423685
--- /dev/null
+++ b/nixpkgs/pkgs/applications/version-management/cvs/CVE-2017-12836.patch
@@ -0,0 +1,29 @@
+--- a/src/rsh-client.c.orig	2005-10-02 17:17:21.000000000 +0200
++++ b/src/rsh-client.c	2017-11-07 16:56:06.957370469 +0100
+@@ -53,7 +53,7 @@
+     char *cvs_server = (root->cvs_server != NULL
+ 			? root->cvs_server : getenv ("CVS_SERVER"));
+     int i = 0;
+-    /* This needs to fit "rsh", "-b", "-l", "USER", "host",
++    /* This needs to fit "rsh", "-b", "-l", "USER", "--", "host",
+        "cmd (w/ args)", and NULL.  We leave some room to grow. */
+     char *rsh_argv[10];
+ 
+@@ -97,6 +97,9 @@
+ 	rsh_argv[i++] = root->username;
+     }
+ 
++    /* Only non-option arguments from here. (CVE-2017-12836) */
++    rsh_argv[i++] = "--";
++
+     rsh_argv[i++] = root->hostname;
+     rsh_argv[i++] = cvs_server;
+     rsh_argv[i++] = "server";
+@@ -171,6 +174,7 @@
+ 	    *p++ = root->username;
+ 	}
+ 
++	*p++ = "--";
+ 	*p++ = root->hostname;
+ 	*p++ = command;
+ 	*p++ = NULL;
author	Alyssa Ross <hi@alyssa.is>	2019-01-07 02:18:36 +0000
committer	Alyssa Ross <hi@alyssa.is>	2019-01-07 02:18:47 +0000
commit	36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2 (patch)
tree	b3faaf573407b32aa645237a4d16b82778a39a92 /nixpkgs/pkgs/applications/version-management/cvs/CVE-2017-12836.patch
parent	4e31070265257dc67d120c27e0f75c2344fdfa9a (diff)
parent	abf060725d7614bd3b9f96764262dfbc2f9c2199 (diff)
download	nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.gz nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.bz2 nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.lz nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.xz nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.tar.zst nixlib-36f56d99fa0a0765c9f1de4a5f17a9b05830c3f2.zip