pkgsrc.se | The NetBSD package collection

Subject: CVS commit: pkgsrc/misc/rpm
From: Sevan Janiyan
Date: 2015-03-22 18:32:55
Message id: 20150322173255.21C5D98@cvs.netbsd.org

Log Message:
Add patch for CVE-2014-8118 - Integer overflow allows remote attackers to
execute arbitrary code via a crafted CPIO header in the payload section of an
RPM file, which triggers a stack-based buffer overflow.

https://bugzilla.redhat.com/show_bug.cgi?id=1168715

Reviewed by wiz@

Files:

Revision	Action	file
1.86	modify	pkgsrc/misc/rpm/Makefile
1.15	modify	pkgsrc/misc/rpm/distinfo
1.1	add	pkgsrc/misc/rpm/patches/patch-lib_cpio.c