Corrected package name
[openwrt.git] / openwrt / package / zlib / patches / zlib-1.2.2-CAN-2005-2096.patch
1 Name: CAN-2005-2096 (under review)
2 Description:
3 Buffer overflow in zlib 1.2 and later versions allows remote attackers
4 to cause a denial of service (crash) via a crafted compressed stream, as
5 demonstrated using a crafted PNG file.
6
7 References:
8 * DEBIAN:DSA-740
9 http://www.debian.org/security/2005/dsa-740
10 * REDHAT:RHSA-2005:569
11 http://www.redhat.com/support/errata/RHSA-2005-569.html
12
13 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096
14
15 diff -ruN zlib-1.2.2-old/inftrees.c zlib-1.2.2-new/inftrees.c
16 --- zlib-1.2.2-old/inftrees.c 2004-09-15 16:30:06.000000000 +0200
17 +++ zlib-1.2.2-new/inftrees.c 2005-07-08 21:18:58.000000000 +0200
18 @@ -134,7 +134,7 @@
19 left -= count[len];
20 if (left < 0) return -1; /* over-subscribed */
21 }
22 - if (left > 0 && (type == CODES || (codes - count[0] != 1)))
23 + if (left > 0 && (type == CODES || max != 1))
24 return -1; /* incomplete set */
25
26 /* generate offsets into symbol table for each length for sorting */
This page took 0.043462 seconds and 5 git commands to generate.