<pre style='margin:0'>
Ryan Schmidt (ryandesign) pushed a commit to branch master
in repository macports-ports.

</pre>
<p><a href="https://github.com/macports/macports-ports/commit/dceab68671c4b322cd7aaa1d9d3a2f4b78f31b72">https://github.com/macports/macports-ports/commit/dceab68671c4b322cd7aaa1d9d3a2f4b78f31b72</a></p>
<pre style="white-space: pre; background: #F8F8F8">The following commit(s) were added to refs/heads/master by this push:
<span style='display:block; white-space:pre;color:#404040;'>     new dceab68671c zlib: fix CVE-2022-37434
</span>dceab68671c is described below

<span style='display:block; white-space:pre;color:#808000;'>commit dceab68671c4b322cd7aaa1d9d3a2f4b78f31b72
</span>Author: aeiouaeiouaeiouaeiouaeiouaeiou <aeioudev@outlook.com>
AuthorDate: Tue Oct 4 14:34:55 2022 +0300

<span style='display:block; white-space:pre;color:#404040;'>    zlib: fix CVE-2022-37434
</span>---
 archivers/zlib/Portfile                         |  5 +++--
 archivers/zlib/files/patch-CVE-2022-37434.patch | 15 +++++++++++++++
 2 files changed, 18 insertions(+), 2 deletions(-)

<span style='display:block; white-space:pre;color:#808080;'>diff --git a/archivers/zlib/Portfile b/archivers/zlib/Portfile
</span><span style='display:block; white-space:pre;color:#808080;'>index 21864bda3c2..3f4ce1f51d5 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/archivers/zlib/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/archivers/zlib/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -48,10 +48,11 @@ test.run                yes
</span> destroot.destdir        prefix=${destroot}${prefix}
 
 if {${name} eq ${subport}} {
<span style='display:block; white-space:pre;background:#ffe0e0;'>-    revision            1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+    revision            2
</span> 
     patchfiles          patch-cc-logic.patch \
<span style='display:block; white-space:pre;background:#ffe0e0;'>-                        patch-crc-functions.patch
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+                        patch-crc-functions.patch \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+                        patch-CVE-2022-37434.patch
</span> 
     post-destroot {
         platform darwin {
<span style='display:block; white-space:pre;color:#808080;'>diff --git a/archivers/zlib/files/patch-CVE-2022-37434.patch b/archivers/zlib/files/patch-CVE-2022-37434.patch
</span>new file mode 100644
<span style='display:block; white-space:pre;color:#808080;'>index 00000000000..5e448f85082
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--- /dev/null
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/archivers/zlib/files/patch-CVE-2022-37434.patch
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -0,0 +1,15 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+https://github.com/advisories/GHSA-cfmr-vrgj-vqwv
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- inflate.c
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ inflate.c
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -764,8 +764,9 @@ int flush;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+                 if (copy > have) copy = have;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+                 if (copy) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+                     if (state->head != Z_NULL &&
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-                        state->head->extra != Z_NULL) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-                        len = state->head->extra_len - state->length;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++                        state->head->extra != Z_NULL &&
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++                        (len = state->head->extra_len - state->length) <
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++                            state->head->extra_max) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+                         zmemcpy(state->head->extra + len, next,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+                                 len + copy > state->head->extra_max ?
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+                                 state->head->extra_max - len : copy);
</span></pre><pre style='margin:0'>

</pre>