net-irc/weechat: revbump for CVE-2020-8955

Bug: https://bugs.gentoo.org/709452
Package-Manager: Portage-2.3.88, Repoman-2.3.20
Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>

diff --git a/net-irc/weechat/files/2.7-CVE-2020-8955.patch b/net-irc/weechat/files/2.7-CVE-2020-8955.patch
new file mode 100644 (file)
index 0000000..0bad821
--- /dev/null
+++ b/net-irc/weechat/files/2.7-CVE-2020-8955.patch
@@ -0,0 +1,46 @@
+From 6f4f147d8e86adf9ad34a8ffd7e7f1f23a7e74da Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?S=C3=A9bastien=20Helleu?= <flashcode@flashtux.org>
+Date: Sat, 8 Feb 2020 20:24:50 +0100
+Subject: [PATCH] irc: fix crash when receiving a malformed message 324
+ (channel mode)
+
+Thanks to Stuart Nevans Locke for reporting the issue.
+---
+ ChangeLog.adoc             |  1 +
+ src/plugins/irc/irc-mode.c | 21 ++++++++++++---------
+ 2 files changed, 13 insertions(+), 9 deletions(-)
+
+diff --git a/src/plugins/irc/irc-mode.c b/src/plugins/irc/irc-mode.c
+index 2237a344b..e79f0deb7 100644
+--- a/src/plugins/irc/irc-mode.c
++++ b/src/plugins/irc/irc-mode.c
+@@ -224,17 +224,20 @@ irc_mode_channel_update (struct t_irc_server *server,
+                     current_arg++;
+                 if (pos[0] == chanmode)
+                 {
+-                    chanmode_found = 1;
+-                    if (set_flag == '+')
++                    if (!chanmode_found)
+                     {
+-                        str_mode[0] = pos[0];
+-                        str_mode[1] = '\0';
+-                        strcat (new_modes, str_mode);
+-                        if (argument)
++                        chanmode_found = 1;
++                        if (set_flag == '+')
+                         {
+-                            if (new_args[0])
+-                                strcat (new_args, " ");
+-                            strcat (new_args, argument);
++                            str_mode[0] = pos[0];
++                            str_mode[1] = '\0';
++                            strcat (new_modes, str_mode);
++                            if (argument)
++                            {
++                                if (new_args[0])
++                                    strcat (new_args, " ");
++                                strcat (new_args, argument);
++                            }
+                         }
+                     }
+                 }

diff --git a/net-irc/weechat/weechat-2.7-r1.ebuild b/net-irc/weechat/weechat-2.7-r2.ebuild
similarity index 98%
rename from net-irc/weechat/weechat-2.7-r1.ebuild
rename to net-irc/weechat/weechat-2.7-r2.ebuild
index 37b7a1e451824e2d09539d4064798eae5810a0ad..82a7c3922fbfaf9a96b6ae74273f6eaf12a88307 100644 (file)
--- a/net-irc/weechat/weechat-2.7-r1.ebuild
+++ b/net-irc/weechat/weechat-2.7-r2.ebuild
@@ -62,6 +62,8 @@ DOCS="AUTHORS.adoc ChangeLog.adoc Contributing.adoc ReleaseNotes.adoc README.ado
 # tests need to be fixed to not use system plugins if weechat is already installed
 RESTRICT="test"
 
+PATCHES=( "${FILESDIR}/${PV}-CVE-2020-8955.patch" )
+
 pkg_setup() {
        use python && python-single-r1_pkg_setup
 }