[pkgsrc/trunk]: pkgsrc/editors/emacs21 Add patch for CVE-2008-1694 (insecure ...

[dholland <dholland%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/6312a44b3cf7
branches:  trunk
changeset: 544166:6312a44b3cf7
user:      dholland <dholland%pkgsrc.org@localhost>
date:      Sun Jul 13 18:03:01 2008 +0000

description:
Add patch for CVE-2008-1694 (insecure temp files in SCCS vc handling)
PKGREVISION -> 13.

diffstat:

 editors/emacs21/Makefile         |   4 ++--
 editors/emacs21/distinfo         |   3 ++-
 editors/emacs21/patches/patch-al |  38 ++++++++++++++++++++++++++++++++++++++
 3 files changed, 42 insertions(+), 3 deletions(-)

diffs (71 lines):

diff -r 5cad6845154f -r 6312a44b3cf7 editors/emacs21/Makefile
--- a/editors/emacs21/Makefile  Sun Jul 13 17:58:06 2008 +0000
+++ b/editors/emacs21/Makefile  Sun Jul 13 18:03:01 2008 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.9 2008/06/03 22:17:00 markd Exp $
+# $NetBSD: Makefile,v 1.10 2008/07/13 18:03:01 dholland Exp $
 
-PKGREVISION=   12
+PKGREVISION=   13
 CATEGORIES=    editors
 COMMENT=       GNU editing macros (editor)
 
diff -r 5cad6845154f -r 6312a44b3cf7 editors/emacs21/distinfo
--- a/editors/emacs21/distinfo  Sun Jul 13 17:58:06 2008 +0000
+++ b/editors/emacs21/distinfo  Sun Jul 13 18:03:01 2008 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.6 2008/06/03 22:17:00 markd Exp $
+$NetBSD: distinfo,v 1.7 2008/07/13 18:03:01 dholland Exp $
 
 SHA1 (emacs-21.4a.tar.gz) = cdb33731180fe4a912838af805dd35e3f55394d4
 RMD160 (emacs-21.4a.tar.gz) = c312e739935b56d08783bbfe97992297a363cb8a
@@ -14,6 +14,7 @@
 SHA1 (patch-ai) = 20fb931d649a55ae7ee6eb27ec5ba7cc938db0f7
 SHA1 (patch-aj) = 7f28335b3da583e5cef9e527cd1f9d4b0d92faa7
 SHA1 (patch-ak) = c37ecdcb1e0b0211b15baa7100dd43eab3f0830b
+SHA1 (patch-al) = 124356413e49d056d513d905b9e6afda28817be6
 SHA1 (patch-am) = 7109d3a5cf1470e11e33abe97297cde24cf0ec91
 SHA1 (patch-an) = b541a2e78398aba03a43bf5b38140661dd959e76
 SHA1 (patch-ao) = 6e57a5a12742a09c2365933f580717ded232cf51
diff -r 5cad6845154f -r 6312a44b3cf7 editors/emacs21/patches/patch-al
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/editors/emacs21/patches/patch-al  Sun Jul 13 18:03:01 2008 +0000
@@ -0,0 +1,38 @@
+$NetBSD: patch-al,v 1.1 2008/07/13 18:03:01 dholland Exp $
+
+--- lib-src/vcdiff.orig        2001-02-20 07:36:28.000000000 -0500
++++ lib-src/vcdiff     2008-07-13 14:05:46.000000000 -0400
+@@ -3,14 +3,14 @@
+ # Enhanced sccs diff utility for use with vc mode.
+ # This version is more compatible with rcsdiff(1).
+ #
+-# Copyright (C) 1992, 1993, 1995, 1997, 2001
++# Copyright (C) 1992, 1993, 1995, 1997, 2001, 2008
+ #   Free Software Foundation, Inc.
+ #
+ # This file is part of GNU Emacs.
+ #
+ # GNU Emacs is free software; you can redistribute it and/or modify
+ # it under the terms of the GNU General Public License as published by
+-# the Free Software Foundation; either version 2, or (at your option)
++# the Free Software Foundation; either version 3, or (at your option)
+ # any later version.
+ #
+ # GNU Emacs is distributed in the hope that it will be useful,
+@@ -86,14 +86,14 @@
+       case $f in
+       s.* | */s.*)
+               if
+-                      rev1=/tmp/geta$$
++                      rev1=`mktemp /tmp/geta.XXXXXXXX`
+                       get -s -p -k $sid1 "$f" > $rev1 &&
+                       case $sid2 in
+                       '')
+                               workfile=`expr " /$f" : '.*/s.\(.*\)'`
+                               ;;
+                       *)
+-                              rev2=/tmp/getb$$
++                              rev2=`mktemp /tmp/getb.XXXXXXXX`
+                               get -s -p -k $sid2 "$f" > $rev2
+                               workfile=$rev2
+                       esac