diff options
author | Tim Steinbach <NeQuissimus@users.noreply.github.com> | 2017-11-07 17:12:15 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-11-07 17:12:15 +0000 |
commit | cbd458a1b170053103fca04ec92c4c2bf8896023 (patch) | |
tree | f2bd3a96847dffef68ea87cdf96c19343024880e /pkgs/applications/version-management | |
parent | 5b84cdfd3c8d4c6fc87f57b562794e7c50c0f826 (diff) | |
parent | d0c8c66068ffaa0bc10f4749c7e4d8df728fc9c3 (diff) | |
download | nixlib-cbd458a1b170053103fca04ec92c4c2bf8896023.tar nixlib-cbd458a1b170053103fca04ec92c4c2bf8896023.tar.gz nixlib-cbd458a1b170053103fca04ec92c4c2bf8896023.tar.bz2 nixlib-cbd458a1b170053103fca04ec92c4c2bf8896023.tar.lz nixlib-cbd458a1b170053103fca04ec92c4c2bf8896023.tar.xz nixlib-cbd458a1b170053103fca04ec92c4c2bf8896023.tar.zst nixlib-cbd458a1b170053103fca04ec92c4c2bf8896023.zip |
Merge pull request #31365 from andir/fix-cvs-CVE-2017-12836
cvs: fix CVE-2017-12836
Diffstat (limited to 'pkgs/applications/version-management')
-rw-r--r-- | pkgs/applications/version-management/cvs/CVE-2017-12836.patch | 29 | ||||
-rw-r--r-- | pkgs/applications/version-management/cvs/default.nix | 1 |
2 files changed, 30 insertions, 0 deletions
diff --git a/pkgs/applications/version-management/cvs/CVE-2017-12836.patch b/pkgs/applications/version-management/cvs/CVE-2017-12836.patch new file mode 100644 index 000000000000..950079423685 --- /dev/null +++ b/pkgs/applications/version-management/cvs/CVE-2017-12836.patch @@ -0,0 +1,29 @@ +--- a/src/rsh-client.c.orig 2005-10-02 17:17:21.000000000 +0200 ++++ b/src/rsh-client.c 2017-11-07 16:56:06.957370469 +0100 +@@ -53,7 +53,7 @@ + char *cvs_server = (root->cvs_server != NULL + ? root->cvs_server : getenv ("CVS_SERVER")); + int i = 0; +- /* This needs to fit "rsh", "-b", "-l", "USER", "host", ++ /* This needs to fit "rsh", "-b", "-l", "USER", "--", "host", + "cmd (w/ args)", and NULL. We leave some room to grow. */ + char *rsh_argv[10]; + +@@ -97,6 +97,9 @@ + rsh_argv[i++] = root->username; + } + ++ /* Only non-option arguments from here. (CVE-2017-12836) */ ++ rsh_argv[i++] = "--"; ++ + rsh_argv[i++] = root->hostname; + rsh_argv[i++] = cvs_server; + rsh_argv[i++] = "server"; +@@ -171,6 +174,7 @@ + *p++ = root->username; + } + ++ *p++ = "--"; + *p++ = root->hostname; + *p++ = command; + *p++ = NULL; diff --git a/pkgs/applications/version-management/cvs/default.nix b/pkgs/applications/version-management/cvs/default.nix index 8c69517a7506..a330db6a8d67 100644 --- a/pkgs/applications/version-management/cvs/default.nix +++ b/pkgs/applications/version-management/cvs/default.nix @@ -11,6 +11,7 @@ stdenv.mkDerivation { patches = [ ./getcwd-chroot.patch ./CVE-2012-0804.patch + ./CVE-2017-12836.patch ]; hardeningDisable = [ "fortify" "format" ]; |