From: Julen Landa Alustiza Date: Tue, 17 Feb 2015 11:50:51 +0000 (+0100) Subject: grep: Fix CVE-2015-1345 heap buffer overrun X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=e0edca76dabb25ed158ab95aa45b065d23663aa6;p=feed%2Fpackages.git grep: Fix CVE-2015-1345 heap buffer overrun Signed-off-by: Julen Landa Alustiza --- diff --git a/utils/grep/Makefile b/utils/grep/Makefile index 42a4ef64fe..c4703bc569 100644 --- a/utils/grep/Makefile +++ b/utils/grep/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=grep PKG_VERSION:=2.21 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=@GNU/grep diff --git a/utils/grep/patches/0001-grep-F-fix-a-heap-buffer-read-overrun.patch b/utils/grep/patches/0001-grep-F-fix-a-heap-buffer-read-overrun.patch new file mode 100644 index 0000000000..df70359a66 --- /dev/null +++ b/utils/grep/patches/0001-grep-F-fix-a-heap-buffer-read-overrun.patch @@ -0,0 +1,15 @@ +diff --git a/src/kwset.c b/src/kwset.c +index 4003c8d..376f7c3 100644 +--- a/src/kwset.c ++++ b/src/kwset.c +@@ -643,6 +643,8 @@ bmexec_trans (kwset_t kwset, char const *text, size_t size) + if (! tp) + return -1; + tp++; ++ if (ep <= tp) ++ break; + } + } + } +-- +cgit v0.9.0.2