GitList

Browse code

zsh : Fix CVE-2018-7549

Change-Id: I11bd7d27d997706b9ecba69356a76c49c95964f2
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/5013
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Anish Swaminathan <anishs@vmware.com>

Xiaolin Li authored on 2018/04/18 05:37:41
Showing 2 changed files

SPECS/zsh/zsh-CVE-2018-7549.patch index 0000000..95891e2
SPECS/zsh/zsh.spec index 3a01d91..fa27f18 100644

SPECS/zsh/zsh-CVE-2018-7549.patch

History View file @ 07f9ec5

                     new file mode 100644
@@ -0,0 +1,20 @@
                     +--- a/Src/params.c
                     +@@ -549,10 +549,13 @@
                     + HashTable
                     + copyparamtable(HashTable ht, char *name)
                     + {
                     +-    HashTable nht = newparamtable(ht->hsize, name);
                     +-    outtable = nht;
                     +-    scanhashtable(ht, 0, 0, 0, scancopyparams, 0);
                     +-    outtable = NULL;
                     ++    HashTable nht = 0;
                     ++    if (ht) {
                     ++	nht = newparamtable(ht->hsize, name);
                     ++	outtable = nht;
                     ++	scanhashtable(ht, 0, 0, 0, scancopyparams, 0);
                     ++	outtable = NULL;
                     ++    }
                     +     return nht;
                     + }
+                    +
                     \ No newline at end of file

SPECS/zsh/zsh.spec

History View file @ 07f9ec5

@@ -3,7 +3,7 @@
                      Summary:      Z shell
                      Name:         zsh
                      Version:      5.3.1
                     -Release:      5%{?dist}
                     +Release:      6%{?dist}
                      License:      MIT
                      URL:          http://zsh.sourceforge.net/
                      Group:        System Environment/Shells
@@ -14,6 +14,7 @@ Source0:      http://www.zsh.org/pub/%{name}-%{version}.tar.xz
                      Source1:      zprofile.rhs
                      Source2:      zshrc
                      Patch0:       zsh-CVE-2018-7548.patch
                     +Patch1:       zsh-CVE-2018-7549.patch
                      BuildRequires: coreutils
                      BuildRequires: tar
@@ -60,6 +61,7 @@ This package contains the Zsh manual in html format.
                      %setup -q
                      %patch0 -p1
                     +%patch1 -p1
                      %build
                      # make loading of module's dependencies work again (#1277996)
@@ -146,6 +148,8 @@ fi
                      %doc Doc/*.html
                      %changelog
                     +*   Tue Apr 17 2018 Xiaolin Li <xiaolinl@vmware.com> 5.3.1-6
                     +-   Fix CVE-2018-7549
                      *   Mon Mar 19 2018 Xiaolin Li <xiaolinl@vmware.com> 5.3.1-5
                      -   Fix CVE-2018-7548
                      *   Mon Sep 18 2017 Alexey Makhalov <amakhalov@vmware.com> 5.3.1-4