gnu: mcrypt: Fix CVE-2012-4409, CVE-2012-4426, CVE-2012-4527.

* gnu/packages/mcrypt.scm (mcrypt)[source]: Add patches. * gnu/packages/patches/mcrypt-CVE-2012-4409.patch, gnu/packages/patches/mcrypt-CVE-2012-4426.patch, gnu/packages/patches/mcrypt-CVE-2012-4527.patch: New variables. * gnu/local.mk (dist_patch_DATA): Add them.
2025-10-02 02:15:12 +00:00 · 2016-05-30 21:45:00 +03:00 · 2016-05-30 21:45:00 +03:00 · fd1461879c
commit fd1461879c
parent 5ae77a6f5a
5 changed files with 189 additions and 1 deletions
--- a/gnu/packages/patches/mcrypt-CVE-2012-4426.patch
+++ b/gnu/packages/patches/mcrypt-CVE-2012-4426.patch
@ -0,0 +1,36 @@
+diff --git a/mcrypt-CVE-2012-4426.patch b/mcrypt-CVE-2012-4426.patch
+new file mode 100644
+index 0000000..747f428
+--- mcrypt-2.6.8/src/errors.c
+++ mcrypt-2.6.8/src/errors.c
+@@ -25,24 +25,24 @@
+ 
+ void err_quit(char *errmsg)
+ {
+-	fprintf(stderr, errmsg);
+	fprintf(stderr, "%s", errmsg);
+ 	exit(-1);
+ }
+ 
+ void err_warn(char *errmsg)
+ {
+ 	if (quiet <= 1)
+-		fprintf(stderr, errmsg);
+		fprintf(stderr, "%s", errmsg);
+ }
+ 
+ void err_info(char *errmsg)
+ {
+ 	if (quiet == 0)
+-		fprintf(stderr, errmsg);
+		fprintf(stderr, "%s", errmsg);
+ }
+ 
+ void err_crit(char *errmsg)
+ {
+ 	if (quiet <= 2)
+-		fprintf(stderr, errmsg);
+		fprintf(stderr, "%s", errmsg);
+ }
+
+---