pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2004Q4]: pkgsrc/lang/perl58 Pullup ticket 206 - requested by J...
details: https://anonhg.NetBSD.org/pkgsrc/rev/129cb4b848ca
branches: pkgsrc-2004Q4
changeset: 485795:129cb4b848ca
user: salo <salo%pkgsrc.org@localhost>
date: Wed Jan 05 11:46:51 2005 +0000
description:
Pullup ticket 206 - requested by Johnny C. Lam
security fix for perl58
Module Name: pkgsrc
Committed By: jlam
Date: Tue Jan 4 09:50:15 UTC 2005
Modified Files:
pkgsrc/lang/perl58: Makefile distinfo
pkgsrc/lang/perl58/patches: patch-ca
Added Files:
pkgsrc/lang/perl58/patches: patch-bd patch-be
Log Message:
Fix instances of insecure use of /tmp that is subject to symlink
attacks due to race conditions [CAN-2004-0976]. Also fix builds
on *BSD boxes without a hostname set. Bump PKGREVISION.
diffstat:
lang/perl58/Makefile | 4 ++--
lang/perl58/distinfo | 6 ++++--
lang/perl58/patches/patch-bd | 28 ++++++++++++++++++++++++++++
lang/perl58/patches/patch-be | 24 ++++++++++++++++++++++++
lang/perl58/patches/patch-ca | 31 ++++++++++++++++++++++++++++++-
5 files changed, 88 insertions(+), 5 deletions(-)
diffs (139 lines):
diff -r 760847923bfb -r 129cb4b848ca lang/perl58/Makefile
--- a/lang/perl58/Makefile Wed Jan 05 11:19:42 2005 +0000
+++ b/lang/perl58/Makefile Wed Jan 05 11:46:51 2005 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.68 2004/12/20 13:25:09 grant Exp $
+# $NetBSD: Makefile,v 1.68.2.1 2005/01/05 11:46:51 salo Exp $
# The following two variables should have empty values unless we're
# building a perl snapshot or release candidate.
@@ -9,7 +9,7 @@
.if empty(PERL5_SNAPSHOT) && empty(PERL5_RC_VERS)
DISTNAME= perl-${PERL5_VERS}
PKGNAME= perl-${PERL5_VERS}
-PKGREVISION= 6
+PKGREVISION= 7
SNAPSHOT_SITES= # empty
.else
. if !empty(PERL5_SNAPSHOT)
diff -r 760847923bfb -r 129cb4b848ca lang/perl58/distinfo
--- a/lang/perl58/distinfo Wed Jan 05 11:19:42 2005 +0000
+++ b/lang/perl58/distinfo Wed Jan 05 11:46:51 2005 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.23 2004/12/11 16:19:29 jlam Exp $
+$NetBSD: distinfo,v 1.23.2.1 2005/01/05 11:46:51 salo Exp $
SHA1 (perl-5.8.5.tar.bz2) = 6fec546bd96070c3c14b5b5fd2cd9af3185905fe
Size (perl-5.8.5.tar.bz2) = 9464689 bytes
@@ -6,7 +6,9 @@
SHA1 (patch-ae) = fa3bbb1561192ce9214a7a7c756ccb2595a52c80
SHA1 (patch-ah) = b180ba8d91d2ac5e685b7d23a265245605e7eb74
SHA1 (patch-ba) = 74a01f3a86f263720b9f07d1fdbaadbaecafb012
-SHA1 (patch-ca) = d234dd0c90a4417b87b3c1708ba9e86dc566990c
+SHA1 (patch-bd) = 9f96ba1912f2a8db93db31f7a63c0b49a045318d
+SHA1 (patch-be) = 768f472fdd9c1aaea8d0262cfa1d53197348f3e4
+SHA1 (patch-ca) = ffe5eecd1162e7c8b591a74582d4c92b7a70ea96
SHA1 (patch-cb) = 2221fb87bddd29406d925d1cb5351eb4f3087f76
SHA1 (patch-cc) = 721459e0123c3306c44cca20e37680ec7026dd09
SHA1 (patch-cd) = d9420f57f036567abac821a8144768a2a7057b47
diff -r 760847923bfb -r 129cb4b848ca lang/perl58/patches/patch-bd
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/perl58/patches/patch-bd Wed Jan 05 11:46:51 2005 +0000
@@ -0,0 +1,28 @@
+$NetBSD: patch-bd,v 1.1.2.2 2005/01/05 11:46:51 salo Exp $
+
+--- lib/ExtUtils/instmodsh.orig 2004-01-05 17:34:59.000000000 -0500
++++ lib/ExtUtils/instmodsh
+@@ -58,16 +58,13 @@ while (1)
+ $reply =~ /^t\s*/ and do
+ {
+ my $file = (split(' ', $reply))[1];
+- my $tmp = "/tmp/inst.$$";
+- if (my $fh = IO::File->new($tmp, "w"))
+- {
+- $fh->print(join("\n", $Inst->files($module)));
+- $fh->close();
+- system("tar cvf $file -I $tmp");
+- unlink($tmp);
+- last CASE;
+- }
+- else { print("Can't open $file: $!\n"); }
++ # Use File::Temp to create the tempfile and avoid possible symlink
++ # race attacks against a known filename in /tmp [CAN-2004-0976].
++ my ($fh, $tmp) = File::Temp::tempfile(UNLINK => 1);
++ $fh->print(join("\n", $Inst->files($module)));
++ $fh->close();
++ system("tar cvf $file -T $tmp");
++ unlink($tmp);
+ last CASE;
+ };
+ $reply eq 'v' and do
diff -r 760847923bfb -r 129cb4b848ca lang/perl58/patches/patch-be
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/perl58/patches/patch-be Wed Jan 05 11:46:51 2005 +0000
@@ -0,0 +1,24 @@
+$NetBSD: patch-be,v 1.1.2.2 2005/01/05 11:46:51 salo Exp $
+
+--- lib/perl5db.pl.orig 2004-05-11 07:11:37.000000000 -0400
++++ lib/perl5db.pl
+@@ -207,7 +207,7 @@ the TTY to use for debugging i/o.
+ =item * noTTY
+
+ if set, goes in NonStop mode. On interrupt, if TTY is not set,
+-uses the value of noTTY or "/tmp/perldbtty$$" to find TTY using
++uses the value of noTTY or "$HOME/.perldbtty$$" to find TTY using
+ Term::Rendezvous. Current variant is to have the name of TTY in this
+ file.
+
+@@ -5810,8 +5810,8 @@ sub setterm {
+ eval "require Term::Rendezvous;" or die;
+
+ # See if we have anything to pass to Term::Rendezvous.
+- # Use /tmp/perldbtty$$ if not.
+- my $rv = $ENV{PERLDB_NOTTY} || "/tmp/perldbtty$$";
++ # Use $HOME/.perldbtty$$ if not [CAN-2004-0976].
++ my $rv = $ENV{PERLDB_NOTTY} || "$ENV{HOME}/.perldbtty$$";
+
+ # Rendezvous and get the filehandles.
+ my $term_rv = new Term::Rendezvous $rv;
diff -r 760847923bfb -r 129cb4b848ca lang/perl58/patches/patch-ca
--- a/lang/perl58/patches/patch-ca Wed Jan 05 11:19:42 2005 +0000
+++ b/lang/perl58/patches/patch-ca Wed Jan 05 11:46:51 2005 +0000
@@ -1,7 +1,36 @@
-$NetBSD: patch-ca,v 1.5 2004/11/23 17:32:36 jlam Exp $
+$NetBSD: patch-ca,v 1.5.2.1 2005/01/05 11:46:51 salo Exp $
--- Configure.orig 2004-05-12 07:00:41.000000000 -0400
+++ Configure
+@@ -3109,7 +3109,7 @@ EOM
+ osvers=`echo "$4"|sed 's/^v//'`
+ ;;
+ freebsd) osname=freebsd
+- osvers="$3" ;;
++ osvers=`$uname -r | UU/tr '[A-Z]' '[a-z]'` ;;
+ genix) osname=genix ;;
+ gnu) osname=gnu
+ osvers="$3" ;;
+@@ -3131,7 +3131,7 @@ EOM
+ MiNT) osname=mint
+ ;;
+ netbsd*) osname=netbsd
+- osvers="$3"
++ osvers=`$uname -r | UU/tr '[A-Z]' '[a-z]'`
+ ;;
+ news-os) osvers="$3"
+ case "$3" in
+@@ -3142,8 +3142,8 @@ EOM
+ next*) osname=next ;;
+ nonstop-ux) osname=nonstopux ;;
+ openbsd) osname=openbsd
+- osvers="$3"
+- ;;
++ osvers=`$uname -r | UU/tr '[A-Z]' '[a-z]'`
++ ;;
+ os2) osname=os2
+ osvers="$4"
+ ;;
@@ -7850,7 +7850,7 @@ if "$useshrplib"; then
solaris)
xxx="-R $shrpdir"
Home |
Main Index |
Thread Index |
Old Index