wok-current diff glibc/stuff/CVE-2024-33601_CVE-2024-33602_2.patch @ rev 25785
Mass rebuild after bump to glibc 2.31, add epson printer and scanner package
| author | Stanislas Leduc <shann@slitaz.org> |
|---|---|
| date | Tue Jul 15 20:40:17 2025 +0000 (3 months ago) |
| parents | |
| children |
line diff
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/glibc/stuff/CVE-2024-33601_CVE-2024-33602_2.patch Tue Jul 15 20:40:17 2025 +0000 1.3 @@ -0,0 +1,33 @@ 1.4 +From 1e398f406bb7ad8ffac66e664a44f11d2a0b8f36 Mon Sep 17 00:00:00 2001 1.5 +From: Florian Weimer <fweimer@redhat.com> 1.6 +Date: Thu, 2 May 2024 17:06:19 +0200 1.7 +Subject: [PATCH] nscd: Use time_t for return type of addgetnetgrentX 1.8 + 1.9 +Using int may give false results for future dates (timeouts after the 1.10 +year 2028). 1.11 + 1.12 +Fixes commit 04a21e050d64a1193a6daab872bca2528bda44b ("CVE-2024-33601, 1.13 +CVE-2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX 1.14 +(bug 31680)"). 1.15 + 1.16 +Reviewed-by: Carlos O'Donell <carlos@redhat.com> 1.17 +(cherry picked from commit 4bbca1a44691a6e9adcee5c6798a707b626bc331) 1.18 +--- 1.19 + nscd/netgroupcache.c | 4 ++-- 1.20 + 1 file changed, 2 insertions(+), 2 deletions(-) 1.21 + 1.22 +diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c 1.23 +index ee98ffd96ed..7a4e767be2b 100644 1.24 +--- a/nscd/netgroupcache.c 1.25 ++++ b/nscd/netgroupcache.c 1.26 +@@ -681,8 +681,8 @@ readdinnetgr (struct database_dyn *db, struct hashentry *he, 1.27 + .key_len = he->len 1.28 + }; 1.29 + 1.30 +- int timeout = addinnetgrX (db, -1, &req, db->data + he->key, he->owner, 1.31 +- he, dh); 1.32 ++ time_t timeout = addinnetgrX (db, -1, &req, db->data + he->key, he->owner, 1.33 ++ he, dh); 1.34 + if (timeout < 0) 1.35 + timeout = 0; 1.36 + return timeout;