[Git][debian-gis-team/shapelib][master] 3 commits: Add upstream patch to fix CVE-2022-0699. (closes: #1022557)
Bas Couwenberg (@sebastic)
gitlab at salsa.debian.org
Mon Oct 24 05:07:27 BST 2022
Bas Couwenberg pushed to branch master at Debian GIS Project / shapelib
Commits:
ab94dcc7 by Bas Couwenberg at 2022-10-24T05:38:50+02:00
Add upstream patch to fix CVE-2022-0699. (closes: #1022557)
- - - - -
62be6a94 by Bas Couwenberg at 2022-10-24T05:54:19+02:00
Update lintian overrides.
- - - - -
1ef35f5c by Bas Couwenberg at 2022-10-24T05:54:19+02:00
Set distribution to unstable.
- - - - -
4 changed files:
- debian/changelog
- + debian/patches/0001-Remove-double-free-in-contrib-shpsrt-issue-39.patch
- + debian/patches/series
- + debian/source/lintian-overrides
Changes:
=====================================
debian/changelog
=====================================
@@ -1,12 +1,14 @@
-shapelib (1.5.0-3) UNRELEASED; urgency=medium
+shapelib (1.5.0-3) unstable; urgency=high
* Bump watch file version to 4.
* Update lintian overrides.
* Bump Standards-Version to 4.6.1, no changes.
* Bump debhelper compat to 12, changes:
- Drop --list-missing from dh_install
+ * Add upstream patch to fix CVE-2022-0699.
+ (closes: #1022557)
- -- Bas Couwenberg <sebastic at debian.org> Fri, 06 Nov 2020 19:59:25 +0100
+ -- Bas Couwenberg <sebastic at debian.org> Mon, 24 Oct 2022 05:38:54 +0200
shapelib (1.5.0-2) unstable; urgency=medium
=====================================
debian/patches/0001-Remove-double-free-in-contrib-shpsrt-issue-39.patch
=====================================
@@ -0,0 +1,16 @@
+Description: Remove double free() in contrib/shpsrt, issue #39
+Author: Albin Eldstål-Ahrens <laeder.keps at gmail.com>
+Origin: https://github.com/OSGeo/shapelib/commit/c75b9281a5b9452d92e1682bdfe6019a13ed819f
+Bug: https://github.com/OSGeo/shapelib/issues/39
+Bug-Debian: https://bugs.debian.org/1022557
+
+--- a/contrib/shpsort.c
++++ b/contrib/shpsort.c
+@@ -279,7 +279,6 @@ static char ** split(const char *arg, co
+ free(result[--i]);
+ }
+ free(result);
+- free(copy);
+ return NULL;
+ }
+ result = tmp;
=====================================
debian/patches/series
=====================================
@@ -0,0 +1 @@
+0001-Remove-double-free-in-contrib-shpsrt-issue-39.patch
=====================================
debian/source/lintian-overrides
=====================================
@@ -0,0 +1,3 @@
+# False positive
+source-is-missing [web/shapelib-tools.html]
+
View it on GitLab: https://salsa.debian.org/debian-gis-team/shapelib/-/compare/a275380d8bd8605d6d466f8946935115161c4cd9...1ef35f5cf52cae9933799c4a8c9f934f667d0d8a
--
View it on GitLab: https://salsa.debian.org/debian-gis-team/shapelib/-/compare/a275380d8bd8605d6d466f8946935115161c4cd9...1ef35f5cf52cae9933799c4a8c9f934f667d0d8a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-grass-devel/attachments/20221024/f2840c1b/attachment-0001.htm>
More information about the Pkg-grass-devel
mailing list