Hello community, here is the log from the commit of package util-linux for openSUSE:Factory checked in at 2013-09-29 17:54:14 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/util-linux (Old) and /work/SRC/openSUSE:Factory/.util-linux.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "util-linux" Changes: -------- --- /work/SRC/openSUSE:Factory/util-linux/util-linux.changes 2013-09-23 11:18:31.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.util-linux.new/util-linux.changes 2013-09-29 17:54:15.000000000 +0200 @@ -1,0 +2,5 @@ +Fri Sep 27 16:58:40 UTC 2013 - mgo...@suse.com + +- Add more-fix-buffer-overflow.patch (bnc#829720). + +------------------------------------------------------------------- New: ---- more-fix-buffer-overflow.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ util-linux.spec ++++++ --- /var/tmp/diff_new_pack.dttut9/_old 2013-09-29 17:54:17.000000000 +0200 +++ /var/tmp/diff_new_pack.dttut9/_new 2013-09-29 17:54:17.000000000 +0200 @@ -100,6 +100,8 @@ Patch4: make-sure-sbin-resp-usr-sbin-are-in-PATH.diff # PATCH-FIX-UPSTREAM eject-scsi-check-host_status-and-driver_status.patch bnc358033 ani...@suse.cz -- Check eject host_status and driver_status when using SG_IO. Patch5: eject-scsi-check-host_status-and-driver_status.patch +# PATCH-FIX-UPSTREAM more-fix-buffer-overflow.patch bnc839720 mgo...@suse.com -- More: Fix under-allocation of memory. +Patch6: more-fix-buffer-overflow.patch # disable encryption Patch12: util-linux-2.23.1-noenc-suse.diff @@ -219,6 +221,7 @@ %patch3 -p1 %patch4 -p1 %patch5 -p1 +%patch6 -p1 %patch12 -p1 # %patch20 -p1 ++++++ more-fix-buffer-overflow.patch ++++++ >From 1ef2db5a5672e09fa1337099b7d9d6ab61c19bdc Mon Sep 17 00:00:00 2001 From: Karel Zak <k...@redhat.com> Date: Thu, 1 Aug 2013 12:58:22 +0200 Subject: [PATCH] more: fix buffer overflow The bug has been probably introduced by commit 1ac300932deab8dea2c43050921bbbdb36d62ff1. Reported-by: "Dr. David Alan Gilbert" <d...@treblig.org> References: https://bugzilla.novell.com/show_bug.cgi?id=829720 Signed-off-by: Karel Zak <k...@redhat.com> --- text-utils/more.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/text-utils/more.c b/text-utils/more.c index 3bbeede..3377118 100644 --- a/text-utils/more.c +++ b/text-utils/more.c @@ -835,7 +835,8 @@ void prepare_line_buffer(void) if (nsz < LINSIZ) nsz = LINSIZ; - nline = xrealloc(Line, nsz); + /* alloc nsz and extra space for \n\0 */ + nline = xrealloc(Line, nsz + 2); Line = nline; LineLen = nsz; } -- 1.8.4 -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org