0003-patchlevel-3.patch 1.1 KB
edit raw blame history



1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51


From http://ftp.gnu.org/pub/gnu/readline/readline-6.3-patches/readline63-003

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>

			   READLINE PATCH REPORT
			   =====================

Readline-Release: 6.3
Patch-ID: readline63-003

Bug-Reported-by:
Bug-Reference-ID:
Bug-Reference-URL:

Bug-Description:

There are debugging functions in the readline release that are theoretically
exploitable as security problems.  They are not public functions, but have
global linkage.

Patch (apply with `patch -p0'):

*** a/readline-6.3/util.c	2013-09-02 13:36:12.000000000 -0400
--- b/util.c	2014-03-20 10:25:53.000000000 -0400
***************
*** 477,480 ****
--- 479,483 ----
  }
  
+ #if defined (DEBUG)
  #if defined (USE_VARARGS)
  static FILE *_rl_tracefp;
***************
*** 539,542 ****
--- 542,546 ----
  }
  #endif
+ #endif /* DEBUG */
  
  
*** a/readline-6.3/patchlevel	2013-11-15 08:11:11.000000000 -0500
--- b/patchlevel	2014-03-21 08:28:40.000000000 -0400
***************
*** 1,3 ****
  # Do not edit -- exists only for use by patch
  
! 2
--- 1,3 ----
  # Do not edit -- exists only for use by patch
  
! 3