[pkgsrc/trunk]: pkgsrc/databases/gnats Add a patch from gnats CSV to fix the ...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/databases/gnats Add a patch from gnats CSV to fix the ...
From: recht <recht%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 02:13:27 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/e1244a24d0e1
branches:  trunk
changeset: 498640:e1244a24d0e1
user:      recht <recht%pkgsrc.org@localhost>
date:      Sun Aug 28 12:36:42 2005 +0000

description:
Add a patch from gnats CSV to fix the security problem noted in:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2180

Patch by adrianp@.

ChangeLog from gnats CSV:
* Makefile.in (install-gnats-tools, install-gnats-bin): Removed chown
and chmod entries for setting binaries suid.  CAN-2005-2180 advisory.
gen-index as setuid root can overwrite any system file.

Bump PKGREVISION to 1.

diffstat:

 databases/gnats/Makefile         |   3 +-
 databases/gnats/distinfo         |   4 +-
 databases/gnats/patches/patch-aa |  51 ++++++++++++++++++++++++++++++++-------
 3 files changed, 45 insertions(+), 13 deletions(-)

diffs (133 lines):

diff -r 73852c509115 -r e1244a24d0e1 databases/gnats/Makefile
--- a/databases/gnats/Makefile  Sun Aug 28 09:07:21 2005 +0000
+++ b/databases/gnats/Makefile  Sun Aug 28 12:36:42 2005 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.20 2005/08/27 22:24:02 recht Exp $
+# $NetBSD: Makefile,v 1.21 2005/08/28 12:36:42 recht Exp $
 
 DISTNAME=      gnats-4.1.0
+PKGREVISION=   1
 CATEGORIES=    databases
 MASTER_SITES=  ${MASTER_SITE_GNU:=gnats/}
 
diff -r 73852c509115 -r e1244a24d0e1 databases/gnats/distinfo
--- a/databases/gnats/distinfo  Sun Aug 28 09:07:21 2005 +0000
+++ b/databases/gnats/distinfo  Sun Aug 28 12:36:42 2005 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.7 2005/08/27 22:24:02 recht Exp $
+$NetBSD: distinfo,v 1.8 2005/08/28 12:36:42 recht Exp $
 
 SHA1 (gnats-4.1.0.tar.gz) = 7f8ce7fbb7594698c5ba71421cad3cbc7e079003
 RMD160 (gnats-4.1.0.tar.gz) = b16bfa3ffa4f1c7dc351d1c5639061c358c64afd
 Size (gnats-4.1.0.tar.gz) = 1221364 bytes
-SHA1 (patch-aa) = 6a97819d475bb669921c04f4ab6f3c975f284137
+SHA1 (patch-aa) = 46ee888dd1726d7c7178247dd8c11c3bc8790911
 SHA1 (patch-ab) = 605e0caaed659405fff46af6c610d52c9dca948e
 SHA1 (patch-ac) = f6fdd1c2353961d47bd0e58866b56ac6f0d6173a
 SHA1 (patch-ad) = ffacd88288036eb74eccd6687292c5a456e2f027
diff -r 73852c509115 -r e1244a24d0e1 databases/gnats/patches/patch-aa
--- a/databases/gnats/patches/patch-aa  Sun Aug 28 09:07:21 2005 +0000
+++ b/databases/gnats/patches/patch-aa  Sun Aug 28 12:36:42 2005 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-aa,v 1.3 2005/08/27 22:24:02 recht Exp $
+$NetBSD: patch-aa,v 1.4 2005/08/28 12:36:42 recht Exp $
 
 --- gnats/Makefile.in.orig     2005-02-24 21:35:55.000000000 +0100
-+++ gnats/Makefile.in
-@@ -93,7 +93,7 @@ M4 = @M4@
++++ gnats/Makefile.in  2005-08-28 14:24:22.000000000 +0200
+@@ -93,7 +93,7 @@
  
  INSTALL = $(srcdir)/../install-sh -c
  INSTALL_PROGRAM = @INSTALL_PROGRAM@
@@ -11,7 +11,7 @@
  INSTALL_DATA = @INSTALL_DATA@
  
  SUB_INSTALL = `echo $(INSTALL) | sed 's,^\([^/]\),../\1,'`
-@@ -250,7 +250,7 @@ diff-prs: diff-prs.sh Makefile
+@@ -250,7 +250,7 @@
  
  mkcat: mkcat.sh Makefile
        @echo Creating mkcat...
@@ -20,7 +20,7 @@
        @mv $@-t $@
        @chmod a+x $@
  
-@@ -265,7 +265,7 @@ mkdb: mkdb.sh Makefile
+@@ -265,7 +265,7 @@
  
  rmcat: rmcat.sh Makefile
        @echo Creating rmcat...
@@ -29,7 +29,7 @@
        @mv $@-t $@
        @chmod a+x $@
  
-@@ -369,7 +369,7 @@ install-tools-arch-dep: install-tools-bi
+@@ -369,7 +369,7 @@
  
  install-tools-arch-indep: all-tools
        $(SHELL) $(srcdir)/../mkinstalldirs $(DESTDIR)$(datadir)/gnats
@@ -38,7 +38,7 @@
        @if [ `whoami` = root -o `whoami` = $(GNATS_USER) ] ; then \
          echo "chown $(GNATS_USER) $(DESTDIR)$(datadir)/gnats" ; \
          chown $(GNATS_USER) $(DESTDIR)$(datadir)/gnats ; \
-@@ -379,9 +379,9 @@ install-tools-arch-indep: all-tools
+@@ -379,9 +379,9 @@
        $(INSTALL_DATA) $(srcdir)/gnats.el $(DESTDIR)$(lispdir)/gnats.el
        for i in categories submitters responsible gnatsd.user_access addresses states classes dbconfig ; do \
            if [ -f "$$i" ] ; then \
@@ -50,7 +50,7 @@
            fi ; \
        done
  
-@@ -391,7 +391,7 @@ install-tools-bin: all-tools
+@@ -391,17 +391,9 @@
        $(INSTALL_SCRIPT) edit-pr $(DESTDIR)$(bindir)/edit-pr
        $(INSTALL_SCRIPT) diff-prs $(DESTDIR)$(libexecdir)/gnats/diff-prs
        $(INSTALL_SCRIPT) mail-agent $(DESTDIR)$(libexecdir)/gnats/mail-agent
@@ -58,8 +58,18 @@
 +      $(INSTALL_SCRIPT) file-pr $(DESTDIR)$(libexecdir)/gnats/file-pr
        $(INSTALL_PROGRAM) pr-age $(DESTDIR)$(libexecdir)/gnats/pr-age
        $(INSTALL_PROGRAM) pr-edit $(DESTDIR)$(libexecdir)/gnats/pr-edit
-       @if [ `whoami` = root -o `whoami` = $(GNATS_USER) ] ; then \
-@@ -409,29 +409,42 @@ install-gnats: install-gnats-bin install
+-      @if [ `whoami` = root -o `whoami` = $(GNATS_USER) ] ; then \
+-        echo "chown $(GNATS_USER) $(DESTDIR)$(libexecdir)/gnats/pr-edit" ; \
+-        echo "chmod 4555 $(DESTDIR)$(libexecdir)/gnats/pr-edit" ; \
+-        chown $(GNATS_USER) $(DESTDIR)$(libexecdir)/gnats/pr-edit ; \
+-        chmod 4555 $(DESTDIR)$(libexecdir)/gnats/pr-edit ; \
+-        else \
+-        echo "*** Warning: Must make pr-edit suid $(DESTDIR)$(GNATS_USER)" ; \
+-      fi
+ 
+ EXTRA_INSTALL =
+ 
+@@ -409,29 +401,42 @@
  install-gnats-arch-dep: install-gnats-bin $(EXTRA_INSTALL)
  
  install-gnats-arch-indep: all-gnats install-tools-arch-indep
@@ -112,3 +122,24 @@
          fi \
        fi
        @echo "*** If you're a first-time user, you'll want to create a new database";
+@@ -450,20 +455,6 @@
+       $(INSTALL_PROGRAM) gen-index $(DESTDIR)$(libexecdir)/gnats/gen-index
+       $(INSTALL_SCRIPT) mail-query $(DESTDIR)$(libexecdir)/gnats/mail-query
+       $(INSTALL_PROGRAM) gnats-pwconv $(DESTDIR)$(libexecdir)/gnats/gnats-pwconv
+-      @if [ `whoami` = root -o `whoami` = $(GNATS_USER) ] ; then \
+-        echo "chown $(GNATS_USER) $(DESTDIR)$(libexecdir)/gnats/queue-pr $(DESTDIR)$(libexecdir)/gnats/file-pr $(DESTDIR)$(libexecdir)/gnats/gen-index" ; \
+-        echo "chmod 4555 $(DESTDIR)$(libexecdir)/gnats/queue-pr $(DESTDIR)$(libexecdir)/gnats/file-pr $(DESTDIR)$(libexecdir)/gnats/gen-index" ; \
+-        echo "chown $(GNATS_USER) $(DESTDIR)$(libexecdir)/gnats/gnatsd" ; \
+-        echo "chmod 555 $(DESTDIR)$(libexecdir)/gnats/gnatsd" ; \
+-        chown $(GNATS_USER) $(DESTDIR)$(libexecdir)/gnats/queue-pr ; \
+-        chown $(GNATS_USER) $(DESTDIR)$(libexecdir)/gnats/gen-index ; \
+-        chmod 4555 $(DESTDIR)$(libexecdir)/gnats/queue-pr ; \
+-        chmod 4555 $(DESTDIR)$(libexecdir)/gnats/gen-index ; \
+-        chown $(GNATS_USER) $(DESTDIR)$(libexecdir)/gnats/gnatsd ; \
+-        chmod 555 $(DESTDIR)$(libexecdir)/gnats/gnatsd ; \
+-      else \
+-        echo "*** Warning: must make queue-pr and gen-index suid $(GNATS_USER)." ; \
+-      fi
+ 
+ # regex.c is pretty badly broken, and I don't feel like fixing it.
+ regex.o: $(srcdir)/regex.c

Prev by Date: [pkgsrc/trunk]: pkgsrc/devel/doxygen Added a patch to resolve a type ambiguit...
Next by Date: [pkgsrc/trunk]: pkgsrc/security/pam-ldap update to 180
Previous by Thread: [pkgsrc/trunk]: pkgsrc/devel/doxygen Added a patch to resolve a type ambiguit...
Next by Thread: [pkgsrc/trunk]: pkgsrc/security/pam-ldap update to 180
Indexes:

Home | Main Index | Thread Index | Old Index