<pre style='margin:0'>
Ryan Schmidt (ryandesign) pushed a commit to branch master
in repository macports-ports.
</pre>
<p><a href="https://github.com/macports/macports-ports/commit/dceab68671c4b322cd7aaa1d9d3a2f4b78f31b72">https://github.com/macports/macports-ports/commit/dceab68671c4b322cd7aaa1d9d3a2f4b78f31b72</a></p>
<pre style="white-space: pre; background: #F8F8F8">The following commit(s) were added to refs/heads/master by this push:
<span style='display:block; white-space:pre;color:#404040;'> new dceab68671c zlib: fix CVE-2022-37434
</span>dceab68671c is described below
<span style='display:block; white-space:pre;color:#808000;'>commit dceab68671c4b322cd7aaa1d9d3a2f4b78f31b72
</span>Author: aeiouaeiouaeiouaeiouaeiouaeiou <aeioudev@outlook.com>
AuthorDate: Tue Oct 4 14:34:55 2022 +0300
<span style='display:block; white-space:pre;color:#404040;'> zlib: fix CVE-2022-37434
</span>---
archivers/zlib/Portfile | 5 +++--
archivers/zlib/files/patch-CVE-2022-37434.patch | 15 +++++++++++++++
2 files changed, 18 insertions(+), 2 deletions(-)
<span style='display:block; white-space:pre;color:#808080;'>diff --git a/archivers/zlib/Portfile b/archivers/zlib/Portfile
</span><span style='display:block; white-space:pre;color:#808080;'>index 21864bda3c2..3f4ce1f51d5 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/archivers/zlib/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/archivers/zlib/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -48,10 +48,11 @@ test.run yes
</span> destroot.destdir prefix=${destroot}${prefix}
if {${name} eq ${subport}} {
<span style='display:block; white-space:pre;background:#ffe0e0;'>- revision 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ revision 2
</span>
patchfiles patch-cc-logic.patch \
<span style='display:block; white-space:pre;background:#ffe0e0;'>- patch-crc-functions.patch
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ patch-crc-functions.patch \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ patch-CVE-2022-37434.patch
</span>
post-destroot {
platform darwin {
<span style='display:block; white-space:pre;color:#808080;'>diff --git a/archivers/zlib/files/patch-CVE-2022-37434.patch b/archivers/zlib/files/patch-CVE-2022-37434.patch
</span>new file mode 100644
<span style='display:block; white-space:pre;color:#808080;'>index 00000000000..5e448f85082
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--- /dev/null
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/archivers/zlib/files/patch-CVE-2022-37434.patch
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -0,0 +1,15 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+https://github.com/advisories/GHSA-cfmr-vrgj-vqwv
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- inflate.c
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ inflate.c
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -764,8 +764,9 @@ int flush;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if (copy > have) copy = have;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if (copy) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if (state->head != Z_NULL &&
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- state->head->extra != Z_NULL) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- len = state->head->extra_len - state->length;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ state->head->extra != Z_NULL &&
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ (len = state->head->extra_len - state->length) <
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ state->head->extra_max) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ zmemcpy(state->head->extra + len, next,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ len + copy > state->head->extra_max ?
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ state->head->extra_max - len : copy);
</span></pre><pre style='margin:0'>
</pre>