pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2006Q3]: pkgsrc/archivers/gtar-base Pullup ticket 1929 - reque...
details: https://anonhg.NetBSD.org/pkgsrc/rev/d09a79a8af71
branches: pkgsrc-2006Q3
changeset: 519217:d09a79a8af71
user: ghen <ghen%pkgsrc.org@localhost>
date: Mon Dec 04 08:46:25 2006 +0000
description:
Pullup ticket 1929 - requested by tron
security fix for gtar-base
- pkgsrc/archivers/gtar-base/Makefile 1.55
- pkgsrc/archivers/gtar-base/distinfo 1.19
- pkgsrc/archivers/gtar-base/patches/patch-ab 1.11
- pkgsrc/archivers/gtar-base/patches/patch-ag 1.4
- pkgsrc/archivers/gtar-base/patches/patch-aj 1.1
Module Name: pkgsrc
Committed By: tron
Date: Sun Dec 3 15:21:20 UTC 2006
Modified Files:
pkgsrc/archivers/gtar-base: Makefile distinfo
pkgsrc/archivers/gtar-base/patches: patch-ab patch-ag
Added Files:
pkgsrc/archivers/gtar-base/patches: patch-aj
Log Message:
Add Kees Cook's patch for CVE-2006-6097 taken from Ubuntu Linux.
Bump package revision.
diffstat:
archivers/gtar-base/Makefile | 5 +--
archivers/gtar-base/distinfo | 7 +++--
archivers/gtar-base/patches/patch-ab | 46 ++++++++++++++++++++++++++++-------
archivers/gtar-base/patches/patch-ag | 21 ++++++++++++++--
archivers/gtar-base/patches/patch-aj | 14 ++++++++++
5 files changed, 75 insertions(+), 18 deletions(-)
diffs (160 lines):
diff -r fecf2fdfde15 -r d09a79a8af71 archivers/gtar-base/Makefile
--- a/archivers/gtar-base/Makefile Fri Dec 01 13:01:13 2006 +0000
+++ b/archivers/gtar-base/Makefile Mon Dec 04 08:46:25 2006 +0000
@@ -1,9 +1,8 @@
-# $NetBSD: Makefile,v 1.54 2006/09/03 17:24:16 adrianp Exp $
-#
+# $NetBSD: Makefile,v 1.54.2.1 2006/12/04 08:46:25 ghen Exp $
DISTNAME= tar-1.15.1
PKGNAME= gtar-base-1.15.1
-PKGREVISION= 3
+PKGREVISION= 4
SVR4_PKGNAME= gtarb
CATEGORIES= archivers
MASTER_SITES= ${MASTER_SITE_GNU:=tar/}
diff -r fecf2fdfde15 -r d09a79a8af71 archivers/gtar-base/distinfo
--- a/archivers/gtar-base/distinfo Fri Dec 01 13:01:13 2006 +0000
+++ b/archivers/gtar-base/distinfo Mon Dec 04 08:46:25 2006 +0000
@@ -1,14 +1,15 @@
-$NetBSD: distinfo,v 1.17 2006/09/03 17:24:16 adrianp Exp $
+$NetBSD: distinfo,v 1.17.2.1 2006/12/04 08:46:25 ghen Exp $
SHA1 (tar-1.15.1.tar.gz) = 21574ae5d39b698f7f577e2cecc91a5ec89b659c
RMD160 (tar-1.15.1.tar.gz) = 83f35ee090d05f0865ebd9915bbd1b649a6555c5
Size (tar-1.15.1.tar.gz) = 2204322 bytes
SHA1 (patch-aa) = adbd252113bfb131de80bbcf8150b2a955e17058
-SHA1 (patch-ab) = db7dc670cab8ba4eab9cf7b8efd79395ac4ea43c
+SHA1 (patch-ab) = 59e75a2051738076ad948ebc4db1240d47e7d366
SHA1 (patch-ac) = 072a7eaff685093b86289e0b45281c41ae06f4fc
SHA1 (patch-ad) = 8f109cbc150cb7db48b7a59dcba9eefb654875e0
SHA1 (patch-ae) = 6518ab82e19c831f16bc772136fafc037a592df4
SHA1 (patch-af) = be20dafd1c65db4ca60a5aedbc7a972117cd7072
-SHA1 (patch-ag) = dc39d490b0085e452664b8ea7af0329f01f630d5
+SHA1 (patch-ag) = 39fd6e84665a632258c722a35359713a1e194287
SHA1 (patch-ah) = d8532a99bf2bd0c35a9d994101fbd722f52c9ead
SHA1 (patch-ai) = 444d47a539427df39404fcf4996082de1d00a4df
+SHA1 (patch-aj) = 409760785d3a0e12175760f2f71e192c3dd1ef52
diff -r fecf2fdfde15 -r d09a79a8af71 archivers/gtar-base/patches/patch-ab
--- a/archivers/gtar-base/patches/patch-ab Fri Dec 01 13:01:13 2006 +0000
+++ b/archivers/gtar-base/patches/patch-ab Mon Dec 04 08:46:25 2006 +0000
@@ -1,8 +1,16 @@
-$NetBSD: patch-ab,v 1.10 2005/01/09 22:52:14 recht Exp $
+$NetBSD: patch-ab,v 1.10.14.1 2006/12/04 08:46:26 ghen Exp $
---- src/tar.c.orig Sat Dec 18 21:01:07 2004
-+++ src/tar.c Sun Jan 9 18:21:37 2005
-@@ -203,6 +203,7 @@
+--- src/tar.c.orig 2004-12-21 14:11:26.000000000 +0000
++++ src/tar.c 2006-12-03 15:13:25.000000000 +0000
+@@ -181,6 +181,7 @@
+ enum
+ {
+ ANCHORED_OPTION = CHAR_MAX + 1,
++ ALLOW_NAME_MANGLING_OPTION,
+ ATIME_PRESERVE_OPTION,
+ BACKUP_OPTION,
+ CHECKPOINT_OPTION,
+@@ -203,6 +204,7 @@
NO_RECURSION_OPTION,
NO_SAME_OWNER_OPTION,
NO_SAME_PERMISSIONS_OPTION,
@@ -10,7 +18,7 @@
NO_WILDCARDS_OPTION,
NO_WILDCARDS_MATCH_SLASH_OPTION,
NULL_OPTION,
-@@ -340,6 +341,8 @@
+@@ -340,6 +342,8 @@
N_("try extracting files with the same ownership"), 31 },
{"no-same-owner", NO_SAME_OWNER_OPTION, 0, 0,
N_("extract files as yourself"), 31 },
@@ -19,14 +27,34 @@
{"numeric-owner", NUMERIC_OWNER_OPTION, 0, 0,
N_("always use numbers for user/group names"), 31 },
{"preserve-permissions", 'p', 0, 0,
-@@ -864,6 +867,10 @@
-
+@@ -528,6 +532,8 @@
+
+ {NULL, 'o', 0, 0,
+ N_("when creating, same as --old-archive. When extracting, same as --no-same-owner"), 91 },
++ {"allow-name-mangling", ALLOW_NAME_MANGLING_OPTION, 0, 0,
++ N_("when creating, allow GNUTYPE_NAMES mangling -- considered dangerous"), 91 },
+
+ {NULL, 0, NULL, 0,
+ N_("Other options:"), 100 },
+@@ -865,6 +871,10 @@
case 'U':
old_files_option = UNLINK_FIRST_OLD_FILES;
-+ break;
+ break;
+
+ case NO_UNLINK_FIRST_OPTION:
+ old_files_option = 0;
- break;
++ break;
case UTC_OPTION:
+ utc_option = true;
+@@ -913,6 +923,10 @@
+ case 'Z':
+ set_use_compress_program_option ("compress");
+ break;
++
++ case ALLOW_NAME_MANGLING_OPTION:
++ allow_name_mangling_option = true;
++ break;
+
+ case ANCHORED_OPTION:
+ args->exclude_options |= EXCLUDE_ANCHORED;
diff -r fecf2fdfde15 -r d09a79a8af71 archivers/gtar-base/patches/patch-ag
--- a/archivers/gtar-base/patches/patch-ag Fri Dec 01 13:01:13 2006 +0000
+++ b/archivers/gtar-base/patches/patch-ag Mon Dec 04 08:46:25 2006 +0000
@@ -1,7 +1,7 @@
-$NetBSD: patch-ag,v 1.3 2005/01/09 22:52:14 recht Exp $
+$NetBSD: patch-ag,v 1.3.14.1 2006/12/04 08:46:26 ghen Exp $
---- src/extract.c.orig Mon Sep 13 10:12:04 2004
-+++ src/extract.c Sun Jan 9 18:26:07 2005
+--- src/extract.c.orig 2004-12-21 09:55:12.000000000 +0000
++++ src/extract.c 2006-12-03 15:13:25.000000000 +0000
@@ -195,7 +195,11 @@
mode = cur_info->st_mode ^ invert_permissions;
}
@@ -52,3 +52,18 @@
utime_error (file_name);
else
{
+@@ -1101,7 +1121,13 @@
+ break;
+
+ case GNUTYPE_NAMES:
+- extract_mangle ();
++ if (allow_name_mangling_option) {
++ extract_mangle ();
++ }
++ else {
++ ERROR ((0, 0, _("GNUTYPE_NAMES mangling ignored")));
++ skip_member ();
++ }
+ break;
+
+ case GNUTYPE_MULTIVOL:
diff -r fecf2fdfde15 -r d09a79a8af71 archivers/gtar-base/patches/patch-aj
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/archivers/gtar-base/patches/patch-aj Mon Dec 04 08:46:25 2006 +0000
@@ -0,0 +1,14 @@
+$NetBSD: patch-aj,v 1.1.2.2 2006/12/04 08:46:26 ghen Exp $
+
+--- src/common.h.orig 2004-12-21 14:31:58.000000000 +0000
++++ src/common.h 2006-12-03 15:13:25.000000000 +0000
+@@ -124,6 +124,9 @@
+
+ GLOBAL bool absolute_names_option;
+
++/* Allow GNUTYPE_NAMES type? */
++GLOBAL bool allow_name_mangling_option;
++
+ /* Display file times in UTC */
+ GLOBAL bool utc_option;
+
Home |
Main Index |
Thread Index |
Old Index