!83 修复cve-2022-48337造成的后续问题
From: @leeffo Reviewed-by: @weidongkl Signed-off-by: @weidongkl
This commit is contained in:
openeuler-ci-bot
Gitee
commit
9511786565
25
backport-0002-CVE-2022-48337.patch
Normal file
25
backport-0002-CVE-2022-48337.patch
Normal file
@ -0,0 +1,25 @@
|
||||
From c6ece14812f32a7f9f0d69497c886d178730a75f Mon Sep 17 00:00:00 2001
|
||||
From: Super User <root@localhost.localdomain>
|
||||
Date: Mon, 25 Sep 2023 14:14:02 +0800
|
||||
Subject: [PATCH] backport 0002 CVE-2022-48337
|
||||
|
||||
---
|
||||
lib-src/etags.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/lib-src/etags.c b/lib-src/etags.c
|
||||
index a6bd7f6..ea80ba6 100644
|
||||
--- a/lib-src/etags.c
|
||||
+++ b/lib-src/etags.c
|
||||
@@ -1714,6 +1714,8 @@ process_file_name (char *file, language *lang)
|
||||
int buf_len = strlen (compr->command) + strlen (" > ") + strlen (new_real_name) + strlen (new_tmp_name) + 1;
|
||||
char *cmd = xmalloc (buf_len);
|
||||
snprintf (cmd, buf_len, "%s %s > %s", compr->command, new_real_name, new_tmp_name);
|
||||
+ free (new_real_name);
|
||||
+ free (new_tmp_name);
|
||||
#endif
|
||||
inf = (system (cmd) == -1
|
||||
? NULL
|
||||
--
|
||||
2.41.0
|
||||
|
||||
10
emacs.spec
10
emacs.spec
@ -8,7 +8,7 @@
|
||||
Name: emacs
|
||||
Epoch: 1
|
||||
Version: 28.2
|
||||
Release: 4
|
||||
Release: 5
|
||||
Summary: An extensible GNU text editor
|
||||
License: GPLv3+ and CC0-1.0
|
||||
URL: http://www.gnu.org/software/emacs
|
||||
@ -31,10 +31,11 @@ Patch6003: backport-CVE-2022-45939.patch
|
||||
Patch6004: backport-CVE-2022-48337.patch
|
||||
Patch6005: backport-CVE-2022-48338.patch
|
||||
Patch6006: backport-CVE-2022-48339.patch
|
||||
Patch6007: backport-CVE-2023-27985.patch
|
||||
Patch6008: backport-CVE-2023-27986.patch
|
||||
Patch6007: backport-CVE-2023-27985.patch
|
||||
Patch6008: backport-CVE-2023-27986.patch
|
||||
Patch6009: backport-0001-CVE-2023-28617.patch
|
||||
Patch6010: backport-0002-CVE-2023-28617.patch
|
||||
Patch6011: backport-0002-CVE-2022-48337.patch
|
||||
|
||||
Patch9000: emacs-deal-taboo-words.patch
|
||||
|
||||
@ -419,6 +420,9 @@ fi
|
||||
%{_mandir}/*/*
|
||||
|
||||
%changelog
|
||||
* Mon Sep 25 2023 leeffo <liweiganga@uniontech.com> - 1:28.2-5
|
||||
- fix CVE-2022-48337
|
||||
|
||||
* Fri Mar 24 2023 zhangpan <zhangpan103@h-partners.com> - 1:28.2-4
|
||||
- fix CVE-2023-28617
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user