diff options
| author | Thorsten Alteholz <debian@alteholz.de> | 2020-05-01 11:30:11 +0000 |
|---|---|---|
| committer | Tatsuya Kinoshita <tats@debian.org> | 2020-05-01 11:30:11 +0000 |
| commit | 1db054fee2d6dc00904228898af5ad363d7305cb (patch) | |
| tree | 675488be3c488e2370595b2120cb721e484d16b2 /debian/patches/955_CVE-2018-6196_tbl-indent.patch | |
| parent | Debian release 0.5.3-19+deb8u2 (diff) | |
| download | w3m-1db054fee2d6dc00904228898af5ad363d7305cb.tar.gz w3m-1db054fee2d6dc00904228898af5ad363d7305cb.zip | |
Update to 0.5.3-19+deb8u3 for jessie-securitydebian/0.5.3-19+deb8u3debian-jessie
Diffstat (limited to 'debian/patches/955_CVE-2018-6196_tbl-indent.patch')
| -rw-r--r-- | debian/patches/955_CVE-2018-6196_tbl-indent.patch | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/debian/patches/955_CVE-2018-6196_tbl-indent.patch b/debian/patches/955_CVE-2018-6196_tbl-indent.patch new file mode 100644 index 0000000..279d2dd --- /dev/null +++ b/debian/patches/955_CVE-2018-6196_tbl-indent.patch @@ -0,0 +1,24 @@ +Subject: Prevent negative indent value in feed_table_block_tag() +From: Tatsuya Kinoshita <tats@debian.org> +Bug-Debian: https://github.com/tats/w3m/issues/88 [CVE-2018-6196] +Origin: https://salsa.debian.org/debian/w3m/commit/8354763b90490d4105695df52674d0fcef823e92 + +Index: w3m-0.5.3/table.c +=================================================================== +--- w3m-0.5.3.orig/table.c 2020-04-29 13:52:52.596689311 +0200 ++++ w3m-0.5.3/table.c 2020-04-29 13:52:52.592689010 +0200 +@@ -2357,10 +2357,14 @@ + if (mode->indent_level < MAX_INDENT_LEVEL) + tbl->indent -= INDENT_INCR; + } ++ if (tbl->indent < 0) ++ tbl->indent = 0; + offset = tbl->indent; + if (cmd == HTML_DT) { + if (mode->indent_level > 0 && mode->indent_level <= MAX_INDENT_LEVEL) + offset -= INDENT_INCR; ++ if (offset < 0) ++ offset = 0; + } + if (tbl->indent > 0) { + check_minimum0(tbl, 0); |