Re: autotrace CVE-2016-7392
Brian May <bam@debian.org> writes:
> Confirmed this fixes the problem, at least on wheezy.
I have a package available for testing.
https://people.debian.org/~bam/debian/pool/main/a/autotrace/
Attached is the debdiff.
--
Brian May <bam@debian.org>
diff -Nru autotrace-0.31.1/debian/changelog autotrace-0.31.1/debian/changelog
--- autotrace-0.31.1/debian/changelog 2011-08-08 10:23:33.000000000 +1000
+++ autotrace-0.31.1/debian/changelog 2016-09-12 18:05:03.000000000 +1000
@@ -1,3 +1,10 @@
+autotrace (0.31.1-16+deb7u1) wheezy-security; urgency=high
+
+ * Non-maintainer upload by the LTS Team.
+ * Apply patch to fix CVE-2016-7392.
+
+ -- Brian May <bam@debian.org> Mon, 12 Sep 2016 18:03:32 +1000
+
autotrace (0.31.1-16) unstable; urgency=low
* Bumped Standards-Version to 3.9.2
diff -Nru autotrace-0.31.1/debian/patches/CVE-2016-7392.patch autotrace-0.31.1/debian/patches/CVE-2016-7392.patch
--- autotrace-0.31.1/debian/patches/CVE-2016-7392.patch 1970-01-01 10:00:00.000000000 +1000
+++ autotrace-0.31.1/debian/patches/CVE-2016-7392.patch 2016-09-12 18:03:28.000000000 +1000
@@ -0,0 +1,11 @@
+--- a/output-pstoedit.c
++++ b/output-pstoedit.c
+@@ -84,7 +84,7 @@
+ dd_tmp = dd_start;
+ while (dd_tmp->symbolicname)
+ dd_tmp++;
+- XMALLOC(pstoedit_suffix_table, sizeof(char *) * 2 * (dd_tmp - dd_start) + 1);
++ XMALLOC(pstoedit_suffix_table, sizeof(char *) * (2 * (dd_tmp - dd_start) + 1));
+
+ #if defined (OUTPUT_PSTOEDIT_DEBUG) && defined(__GNUC__)
+ fprintf(stderr, "OUTPUT PSTOEDIT BACKEND DEBUG(%s)\n", __FUNCTION__);
diff -Nru autotrace-0.31.1/debian/patches/series autotrace-0.31.1/debian/patches/series
--- autotrace-0.31.1/debian/patches/series 2011-08-08 19:14:31.000000000 +1000
+++ autotrace-0.31.1/debian/patches/series 2016-09-12 18:02:37.000000000 +1000
@@ -10,3 +10,4 @@
output-pstoedit.c.patch
output-pstoedit.h.patch
README.patch
+CVE-2016-7392.patch
Reply to: