pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/lang/perl5 perl5: patch for CVE-2017-12837, CVE-2017-1...
details: https://anonhg.NetBSD.org/pkgsrc/rev/42c06812b01c
branches: trunk
changeset: 368944:42c06812b01c
user: maya <maya%pkgsrc.org@localhost>
date: Sat Sep 23 05:29:07 2017 +0000
description:
perl5: patch for CVE-2017-12837, CVE-2017-12883
CVE-2017-12837: heap buffer overflow in regular expression compiler
CVE-2017-12883: buffer over-read in regular expression parser
>From upstream commits:
https://perl5.git.perl.org/perl.git/commitdiff/2be4edede4ae226e2eebd4eff28cedd2041f300f
https://perl5.git.perl.org/perl.git/commitdiff/96c83ed78aeea1a0496dd2b2d935869a822dc8a5
bump PKGREVISION
diffstat:
lang/perl5/Makefile | 4 +-
lang/perl5/distinfo | 3 +-
lang/perl5/patches/patch-regcomp.c | 51 ++++++++++++++++++++++++++++++++++++++
3 files changed, 55 insertions(+), 3 deletions(-)
diffs (87 lines):
diff -r 16580d2e6f73 -r 42c06812b01c lang/perl5/Makefile
--- a/lang/perl5/Makefile Sat Sep 23 05:26:30 2017 +0000
+++ b/lang/perl5/Makefile Sat Sep 23 05:29:07 2017 +0000
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile,v 1.240 2017/07/07 05:54:24 wiz Exp $
+# $NetBSD: Makefile,v 1.241 2017/09/23 05:29:07 maya Exp $
.include "license.mk"
.include "Makefile.common"
COMMENT= Practical Extraction and Report Language
-PKGREVISION= 2
+PKGREVISION= 3
CONFLICTS+= perl-base-[0-9]* perl-thread-[0-9]*
diff -r 16580d2e6f73 -r 42c06812b01c lang/perl5/distinfo
--- a/lang/perl5/distinfo Sat Sep 23 05:26:30 2017 +0000
+++ b/lang/perl5/distinfo Sat Sep 23 05:29:07 2017 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.144 2017/07/07 05:54:24 wiz Exp $
+$NetBSD: distinfo,v 1.145 2017/09/23 05:29:07 maya Exp $
SHA1 (perl-5.26.0.tar.bz2) = 2ca1b28f2c3ed4cc3b74be89d150ed0377f0336a
RMD160 (perl-5.26.0.tar.bz2) = a853a1ec299d7c6ba8239e8ed444ee6d922b8938
@@ -24,5 +24,6 @@
SHA1 (patch-hints_netbsd.sh) = 0d549a48800372d75fe34b783529a78cba90f646
SHA1 (patch-hints_sco.sh) = 8d43cdc0632799e1cdb5dc6fdb968052a9ae4216
SHA1 (patch-hints_solaris__2.sh) = 0e54889648a6f0f2a0232c5e01bef89d245c213d
+SHA1 (patch-regcomp.c) = e217518eda87c806962fe9dd7ef1010353919d90
SHA1 (patch-ta) = a9d13eeec22733e4087942f217a0d47a19498a6f
SHA1 (patch-ze) = d6fb718a1417e37a7d6bee1ae89fe2beec51c81b
diff -r 16580d2e6f73 -r 42c06812b01c lang/perl5/patches/patch-regcomp.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/lang/perl5/patches/patch-regcomp.c Sat Sep 23 05:29:07 2017 +0000
@@ -0,0 +1,51 @@
+$NetBSD: patch-regcomp.c,v 1.1 2017/09/23 05:29:07 maya Exp $
+
+Fixes for CVE-2017-12837: heap buffer overflow in regular expression compiler
+CVE-2017-12883 Buffer over-read in regular expression parser
+
+From 2be4edede4ae226e2eebd4eff28cedd2041f300f Mon Sep 17 00:00:00 2001
+From: Karl Williamson <khw%cpan.org@localhost>
+Date: Fri, 25 Aug 2017 11:33:58 -0600
+Subject: [PATCH] PATCH: [perl #131598]
+
+The cause of this is that the vFAIL macro uses RExC_parse, and that
+variable has just been changed in preparation for code after the vFAIL.
+The solution is to not change RExC_parse until after the vFAIL.
+
+This is a case where the macro hides stuff that can bite you.
+
+From 96c83ed78aeea1a0496dd2b2d935869a822dc8a5 Mon Sep 17 00:00:00 2001
+From: Karl Williamson <khw%cpan.org@localhost>
+Date: Wed, 21 Jun 2017 11:33:37 -0600
+Subject: [PATCH] regcomp [perl #131582]
+
+
+--- regcomp.c.orig 2017-04-19 13:37:08.000000000 +0000
++++ regcomp.c
+@@ -12159,14 +12159,16 @@ S_grok_bslash_N(pTHX_ RExC_state_t *pREx
+ }
+ sv_catpv(substitute_parse, ")");
+
+- RExC_parse = RExC_start = RExC_adjusted_start = SvPV(substitute_parse,
+- len);
++ len = SvCUR(substitute_parse);
+
+ /* Don't allow empty number */
+ if (len < (STRLEN) 8) {
+ RExC_parse = endbrace;
+ vFAIL("Invalid hexadecimal number in \\N{U+...}");
+ }
++
++ RExC_parse = RExC_start = RExC_adjusted_start
++ = SvPV_nolen(substitute_parse);
+ RExC_end = RExC_parse + len;
+
+ /* The values are Unicode, and therefore not subject to recoding, but
+@@ -13229,6 +13231,7 @@ S_regatom(pTHX_ RExC_state_t *pRExC_stat
+ goto loopdone;
+ }
+ p = RExC_parse;
++ RExC_parse = parse_start;
+ if (ender > 0xff) {
+ REQUIRE_UTF8(flagp);
+ }
Home |
Main Index |
Thread Index |
Old Index