Sean Finney
2007-Apr-20 23:14 UTC
[Secure-testing-commits] r5690 - in data: . patches/MOPB/php4-etch
Author: seanius
Date: 2007-04-20 23:14:27 +0000 (Fri, 20 Apr 2007)
New Revision: 5690
Modified:
data/mopb.txt
data/patches/MOPB/php4-etch/071-CVE-2007-1380-MOPB-10.patch
Log:
fixed mopb 10 patch and add testing info for php4/etch
Modified: data/mopb.txt
==================================================================---
data/mopb.txt 2007-04-20 21:16:39 UTC (rev 5689)
+++ data/mopb.txt 2007-04-20 23:14:27 UTC (rev 5690)
@@ -176,20 +176,22 @@
# php4 checklist
Sarge Etch
-41 ? ?
-35 ? ?
-34 / a
-32 a a
-30
-26
-22 a a
-10 a a
-04 a a
+41 ? x
+35 ? x
+34 / t
+32 a T
+30 n
+26
+22 a t
+10 a T <- seemed already fixed but this completes the patch
+04 a T
? = more info
x = fix needed
* = extracted
a = patch generated and commited to SVN
+n = didn''t seem affected
+t = didn''t seem affected, but patch makes sense
T = code tested
/ = not affected
Modified: data/patches/MOPB/php4-etch/071-CVE-2007-1380-MOPB-10.patch
==================================================================---
data/patches/MOPB/php4-etch/071-CVE-2007-1380-MOPB-10.patch 2007-04-20 21:16:39
UTC (rev 5689)
+++ data/patches/MOPB/php4-etch/071-CVE-2007-1380-MOPB-10.patch 2007-04-20
23:14:27 UTC (rev 5690)
@@ -5,7 +5,7 @@
namelen = *p & (~PS_BIN_UNDEF);
- if (namelen > PS_BIN_MAX || (p + namelen) >= endptr) {
-+ if ((namelen < 0 || namelen > PS_BIN_MAX || (p + namelen) >=
endptr) {
++ if (namelen < 0 || namelen > PS_BIN_MAX || (p + namelen) >= endptr)
{
return FAILURE;
}