pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2018Q1]: pkgsrc/security/mcrypt Pullup ticket #5765 - requeste...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/ca06ad36aedd
branches:  pkgsrc-2018Q1
changeset: 408504:ca06ad36aedd
user:      spz <spz%pkgsrc.org@localhost>
date:      Sun Jun 17 11:40:03 2018 +0000

description:
Pullup ticket #5765 - requested by bsiegert
security/mcrypt: security patches

Revisions pulled up:
- security/mcrypt/Makefile                                      1.27
- security/mcrypt/distinfo                                      1.9
- security/mcrypt/patches/patch-doc_mcrypt.1                    1.1
- security/mcrypt/patches/patch-src_errors.c                    1.1
- security/mcrypt/patches/patch-src_extra.c                     1.1
- security/mcrypt/patches/patch-src_gaaout.c                    1.1
- security/mcrypt/patches/patch-src_mcrypt.c                    1.1
- security/mcrypt/patches/patch-src_mcrypt.gaa                  1.1
- security/mcrypt/patches/patch-src_mcrypt__int.h               1.1
- security/mcrypt/patches/patch-src_rfc2440.c                   1.1

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   ginsbach
   Date:           Wed May 30 14:58:03 UTC 2018

   Modified Files:
           pkgsrc/security/mcrypt: Makefile distinfo
   Added Files:
           pkgsrc/security/mcrypt/patches: patch-doc_mcrypt.1 patch-src_errors.c
               patch-src_extra.c patch-src_gaaout.c patch-src_mcrypt.c
               patch-src_mcrypt.gaa patch-src_mcrypt__int.h patch-src_rfc2440.c

   Log Message:
   Add various patches from (Brew, Debian, Red Hat, SUSE)

   Upstream for mcrypt is effectively dead so incorporate patches from
   other OSS packaging systems.  These patches address the following:

   * CVE-2012-4409 (fix)
   * CVE-2012-4527 (fix)
   * Spelling and grammar fixes for man page
   * Fix potential format-string attacks (no vulnerability Id)
   * Fix potential buffer overflows (no vulnerability Id)
   * Make native format default as in Debian, Red Hat, and SUSE since
     openpgp format handling is seriously broken.
   * Fix ARM build [unclear if this is necessary for non-Linux systems]
   * Correct include file for OSX


   To generate a diff of this commit:
   cvs rdiff -u -r1.26 -r1.27 pkgsrc/security/mcrypt/Makefile
   cvs rdiff -u -r1.8 -r1.9 pkgsrc/security/mcrypt/distinfo
   cvs rdiff -u -r0 -r1.1 pkgsrc/security/mcrypt/patches/patch-doc_mcrypt.1 \
       pkgsrc/security/mcrypt/patches/patch-src_errors.c \
       pkgsrc/security/mcrypt/patches/patch-src_extra.c \
       pkgsrc/security/mcrypt/patches/patch-src_gaaout.c \
       pkgsrc/security/mcrypt/patches/patch-src_mcrypt.c \
       pkgsrc/security/mcrypt/patches/patch-src_mcrypt.gaa \
       pkgsrc/security/mcrypt/patches/patch-src_mcrypt__int.h \
       pkgsrc/security/mcrypt/patches/patch-src_rfc2440.c

diffstat:

 security/mcrypt/Makefile                        |   4 +-
 security/mcrypt/distinfo                        |  10 +++-
 security/mcrypt/patches/patch-doc_mcrypt.1      |  70 +++++++++++++++++++++++++
 security/mcrypt/patches/patch-src_errors.c      |  38 +++++++++++++
 security/mcrypt/patches/patch-src_extra.c       |  51 ++++++++++++++++++
 security/mcrypt/patches/patch-src_gaaout.c      |  36 ++++++++++++
 security/mcrypt/patches/patch-src_mcrypt.c      |  57 ++++++++++++++++++++
 security/mcrypt/patches/patch-src_mcrypt.gaa    |  27 +++++++++
 security/mcrypt/patches/patch-src_mcrypt__int.h |  17 ++++++
 security/mcrypt/patches/patch-src_rfc2440.c     |  30 ++++++++++
 10 files changed, 337 insertions(+), 3 deletions(-)

diffs (truncated from 390 to 300 lines):

diff -r 1401337fd32b -r ca06ad36aedd security/mcrypt/Makefile
--- a/security/mcrypt/Makefile  Fri Jun 08 10:47:40 2018 +0000
+++ b/security/mcrypt/Makefile  Sun Jun 17 11:40:03 2018 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.26 2015/03/05 22:47:54 tnn Exp $
+# $NetBSD: Makefile,v 1.26.28.1 2018/06/17 11:40:03 spz Exp $
 
 DISTNAME=      mcrypt-2.6.8
-PKGREVISION=   3
+PKGREVISION=   4
 CATEGORIES=    security devel
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=mcrypt/}
 
diff -r 1401337fd32b -r ca06ad36aedd security/mcrypt/distinfo
--- a/security/mcrypt/distinfo  Fri Jun 08 10:47:40 2018 +0000
+++ b/security/mcrypt/distinfo  Sun Jun 17 11:40:03 2018 +0000
@@ -1,6 +1,14 @@
-$NetBSD: distinfo,v 1.8 2015/11/04 01:17:50 agc Exp $
+$NetBSD: distinfo,v 1.8.22.1 2018/06/17 11:40:03 spz Exp $
 
 SHA1 (mcrypt-2.6.8.tar.gz) = 8ae0e866714fbbb96a0a6fa9f099089dc93f1d86
 RMD160 (mcrypt-2.6.8.tar.gz) = 5115c679ee5d34b9fb9e976c12240c48370df514
 SHA512 (mcrypt-2.6.8.tar.gz) = eae5f831e950df69eb93efc8314100b4b5dc8a535b1d00f500e6b25382efcec321346776a92dadf101b878ef46a47de2e9e81f5ddf5c73563ece4741f169c8d1
 Size (mcrypt-2.6.8.tar.gz) = 471915 bytes
+SHA1 (patch-doc_mcrypt.1) = 93ccc6b07b09535e09d65e2862571b1c592fc141
+SHA1 (patch-src_errors.c) = b8467130c6cc7f3a650d8a737e1b5a75c8db5e9e
+SHA1 (patch-src_extra.c) = f265989f7e8ad7ec6fd8afece3b8a785f49d13ae
+SHA1 (patch-src_gaaout.c) = 73001f8b98dc87354f7550e2080ac7ab3a59ceb6
+SHA1 (patch-src_mcrypt.c) = c1c99aa4dcf5912e43ab831f0ee32611ea029400
+SHA1 (patch-src_mcrypt.gaa) = 1fefccbf336a99bcb83dd05739c53a40b1f0a9ce
+SHA1 (patch-src_mcrypt__int.h) = 94caaff9bb0d48c6c6406e3f8965db82e7f93408
+SHA1 (patch-src_rfc2440.c) = 4c7b885bfa9e451f3082e3338eadcaedbbb9d6cc
diff -r 1401337fd32b -r ca06ad36aedd security/mcrypt/patches/patch-doc_mcrypt.1
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/mcrypt/patches/patch-doc_mcrypt.1        Sun Jun 17 11:40:03 2018 +0000
@@ -0,0 +1,70 @@
+$NetBSD: patch-doc_mcrypt.1,v 1.1.2.2 2018/06/17 11:40:03 spz Exp $
+
+* Spelling and grammar fixes. 
+
+  From: Red Hat, SUSE
+
+--- doc/mcrypt.1.orig  2003-09-08 17:25:41.000000000 +0000
++++ doc/mcrypt.1
+@@ -81,7 +81,7 @@ two blocks in CBC and CFB modes, but onl
+ Mcrypt uses a 32 bit CRC to check for errors in the encrypted files.
+ .PP
+ .B Extra security:
+-For the very paranoid, if mcrypt is executed with superuser priviledges it
++For the very paranoid, if mcrypt is executed with superuser privileges it
+ ensures that no important data (keys etc.) are written to disk, as swap etc.
+ Keep in mind that mcrypt was not designed to be a setuid program, so you
+ shouldn't make it one.
+@@ -165,11 +165,11 @@ license and quit.
+ .TP
+ .B \-o --keymode MODE
+ MODE may be one of the keymodes listed by the --list-keymodes parameter.
+-It actually is the convertion to the key before it is fed to the algorithm.
++It actually is the conversion to the key before it is fed to the algorithm.
+ It is recommended to leave it as is, if you do not know what it is.
+ However if you still want to use this option, you might want to
+ use the 'hex' mode which allows you to specify the key in hex
+-(and no convertion will by applied).
++(and no conversion will be applied).
+ .TP
+ .B \-h --hash HASH_ALGORITHM
+ HASH_ALGORITHM may be one of the algorithms listed by the --list-hash parameter.
+@@ -194,10 +194,10 @@ The security lies on the algorithm not o
+ default. This flag must also be specified when decrypting a bare encrypted 
+ file. 
+ When the bare flag is specified decryption and encryption are faster. This
+-may be usefull when using mcrypt to encrypt a link or something like that.
++may be useful when using mcrypt to encrypt a link or something like that.
+ .TP
+ .B --flush
+-Flushes the output (ciphertext or plaintext) immediately. Usefull if mcrypt
++Flushes the output (ciphertext or plaintext) immediately. Useful if mcrypt
+ is used with pipes.
+ .TP
+ .B --time
+@@ -205,7 +205,7 @@ Prints some timing information (encrypti
+ .TP
+ .B --nodelete
+ When this option is specified mcrypt does not delete the output file, even
+-if decryption failed. This is usefull if you want to decrypt a corrupted
++if decryption failed. This is useful if you want to decrypt a corrupted
+ file.
+ .TP
+ .B \-q --quiet
+@@ -217,13 +217,13 @@ succeeds. This is not the default in ord
+ to remove sensitive data.
+ .TP
+ .B \ --list
+-Lists all the algorithms current supported.
++Lists all the algorithms currently supported.
+ .TP
+ .B \ --list-keymodes
+-Lists all the key modes current supported.
++Lists all the key modes currently supported.
+ .TP
+ .B \ --list-hash
+-Lists all the hash algorithms current supported.
++Lists all the hash algorithms currently supported.
+ .TP
+ .B \-r --random
+ Use /dev/(s)random instead of /dev/urandom. This may need some key input
diff -r 1401337fd32b -r ca06ad36aedd security/mcrypt/patches/patch-src_errors.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/mcrypt/patches/patch-src_errors.c        Sun Jun 17 11:40:03 2018 +0000
@@ -0,0 +1,38 @@
+$NetBSD: patch-src_errors.c,v 1.1.2.2 2018/06/17 11:40:03 spz Exp $
+
+* Fix potential format-string attacks via filename arguments and
+  possibly others. (No vulnerability Id)
+       
+  From: Debian, Red Hat, SUSE
+
+--- src/errors.c.orig  2007-11-07 17:10:19.000000000 +0000
++++ src/errors.c
+@@ -24,24 +24,24 @@ extern int quiet;
+ 
+ void err_quit(char *errmsg)
+ {
+-      fprintf(stderr, errmsg);
++      fprintf(stderr, "%s", errmsg);
+       exit(-1);
+ }
+ 
+ void err_warn(char *errmsg)
+ {
+       if (quiet <= 1)
+-              fprintf(stderr, errmsg);
++              fprintf(stderr, "%s", errmsg);
+ }
+ 
+ void err_info(char *errmsg)
+ {
+       if (quiet == 0)
+-              fprintf(stderr, errmsg);
++              fprintf(stderr, "%s", errmsg);
+ }
+ 
+ void err_crit(char *errmsg)
+ {
+       if (quiet <= 2)
+-              fprintf(stderr, errmsg);
++              fprintf(stderr, "%s", errmsg);
+ }
diff -r 1401337fd32b -r ca06ad36aedd security/mcrypt/patches/patch-src_extra.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/mcrypt/patches/patch-src_extra.c Sun Jun 17 11:40:03 2018 +0000
@@ -0,0 +1,51 @@
+$NetBSD: patch-src_extra.c,v 1.1.2.2 2018/06/17 11:40:03 spz Exp $
+
+* Fix buffer overflow when decrypting a file with a too long salt.
+  (CVE-2012-4409)
+* Fix other potential buffer overflows in check_file_head.
+  (No vulnerability Id)
+
+  From: Debian, Red Hat, SUSE
+
+--- src/extra.c.orig   2007-11-07 17:10:20.000000000 +0000
++++ src/extra.c
+@@ -223,7 +223,8 @@ int check_file_head(FILE * fstream, char
+               }
+ 
+               read_until_null(tmp_buf, fstream);
+-              strcpy(algorithm, tmp_buf);
++              strncpy(algorithm, tmp_buf, 50);
++              algorithm[49] = '\0';
+ 
+               fread(&keylen, sizeof(short int), 1, fstream);
+ #ifdef WORDS_BIGENDIAN
+@@ -233,15 +234,19 @@ int check_file_head(FILE * fstream, char
+ #endif
+ 
+               read_until_null(tmp_buf, fstream);
+-              strcpy(mode, tmp_buf);
++              strncpy(mode, tmp_buf, 50);
++              mode[49] = '\0';
+ 
+               read_until_null(tmp_buf, fstream);
+-              strcpy(keymode, tmp_buf);
++              strncpy(keymode, tmp_buf, 50);
++              keymode[49] = '\0';
+               fread(&sflag, 1, 1, fstream);
+               if (m_getbit(6, flags) == 1) { /* if the salt bit is set */
+                       if (m_getbit(0, sflag) != 0) { /* if the first bit is set */
+                               *salt_size = m_setbit(0, sflag, 0);
+                               if (*salt_size > 0) {
++                                      if (*salt_size > sizeof(tmp_buf))
++                                              err_quit(_("Salt is too long\n"));
+                                       fread(tmp_buf, 1, *salt_size,
+                                             fstream);
+                                       memmove(salt, tmp_buf, *salt_size);
+@@ -503,6 +508,7 @@ char **read_key_file(char *file, int *nu
+       }
+ 
+       *num = x;
++      fclose(FROMF);
+ 
+       return keys;
+ 
diff -r 1401337fd32b -r ca06ad36aedd security/mcrypt/patches/patch-src_gaaout.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/mcrypt/patches/patch-src_gaaout.c        Sun Jun 17 11:40:03 2018 +0000
@@ -0,0 +1,36 @@
+$NetBSD: patch-src_gaaout.c,v 1.1.2.2 2018/06/17 11:40:03 spz Exp $
+
+* Fix ARM build [XXX needed?]
+* Make native format default like in Debian, Red Hat, and SUSE since
+  openpgp format handling is seriously broken.
+
+From: Debian, Red Hat, SUSE
+
+--- src/gaaout.c.orig  2007-06-09 08:39:14.000000000 +0000
++++ src/gaaout.c
+@@ -5,6 +5,7 @@
+ 
+ 
+ #include <defines.h>
++#include "mcrypt_int.h"
+ 
+ #include <stdio.h>
+ #include <string.h>
+@@ -123,7 +124,7 @@ void gaa_help(void)
+ {
+       printf(_("Mcrypt encrypts and decrypts files with symmetric encryption algorithms.\nUsage: mcrypt [-dFusgbhLvrzp] [-f keyfile] [-k key1 key2 ...] [-m mode] [-o keymode] [-s keysize] [-a 
algorithm] [-c config_file] [file ...]\n\n"));
+       __gaa_helpsingle('g', "openpgp", "", _("Use the OpenPGP (RFC2440) file format."));
+-      __gaa_helpsingle(0, "no-openpgp", "", _("Use the native (mcrypt) file format."));
++      __gaa_helpsingle(0, "no-openpgp", "", _("Use the native (mcrypt) file format. (DEFAULT)"));
+       __gaa_helpsingle(0, "openpgp-z", _("INTEGER "), _("Sets the compression level for openpgp packets (0 disables)."));
+       __gaa_helpsingle('d', "decrypt", "", _("decrypts."));
+       __gaa_helpsingle('s', "keysize", _("INTEGER "), _("Set the algorithm's key size (in bytes)."));
+@@ -1036,7 +1037,7 @@ int gaa(int argc, char **argv, gaainfo *
+        gaaval->config_file=NULL; gaaval->mode=NULL; gaaval->input=NULL; gaaval->ed_specified=0;
+        gaaval->double_check=0; gaaval->noecho=1; gaaval->flush=0; gaaval->keysize=0;
+        gaaval->algorithms_directory=NULL; gaaval->modes_directory=NULL; gaaval->nodelete=0;
+-       gaaval->hash=NULL; gaaval->timer=0; gaaval->openpgp=1; gaaval->openpgp_z = 0; ;};
++       gaaval->hash=NULL; gaaval->timer=0; gaaval->openpgp=0; gaaval->openpgp_z = 0; ;};
+ 
+     }
+     inited = 1;
diff -r 1401337fd32b -r ca06ad36aedd security/mcrypt/patches/patch-src_mcrypt.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/mcrypt/patches/patch-src_mcrypt.c        Sun Jun 17 11:40:03 2018 +0000
@@ -0,0 +1,57 @@
+$NetBSD: patch-src_mcrypt.c,v 1.1.2.2 2018/06/17 11:40:03 spz Exp $
+
+* Fix potential long filename buffer overlow (CVE-2012-4527)
+
+From: Debian, Red Hat, SUSE
+
+--- src/mcrypt.c.orig  2007-11-07 17:10:21.000000000 +0000
++++ src/mcrypt.c
+@@ -46,3 +46,3 @@ static char rcsid[] =
+ 
+-char tmperr[128];
++char tmperr[PATH_MAX + 128];
+ unsigned int stream_flag = FALSE;
+@@ -484,3 +484,3 @@ int main(int argc, char **argv)
+        if (is_normal_file(file[i]) == FALSE) {
+-          sprintf(tmperr,
++          snprintf(tmperr, sizeof(tmperr),
+                   _
+@@ -503,3 +503,3 @@ int main(int argc, char **argv)
+            && (stream_flag == TRUE) && (force == 0)) {        /* not a tty */
+-          sprintf(tmperr,
++          snprintf(tmperr, sizeof(tmperr),
+                   _
+@@ -522,3 +522,3 @@ int main(int argc, char **argv)
+            && (stream_flag == TRUE) && (force == 0)) {        /* not a tty */
+-          sprintf(tmperr,
++          snprintf(tmperr, sizeof(tmperr),
+                   _
+@@ -546,3 +546,3 @@ int main(int argc, char **argv)
+           if (strstr(outfile, ".nc") != NULL) {
+-             sprintf(tmperr,
++             snprintf(tmperr, sizeof(tmperr),
+                      _
+@@ -592,3 +592,5 @@ int main(int argc, char **argv)
+           if (stream_flag == FALSE) {
+-             sprintf(tmperr, _("File %s was decrypted.\n"), dinfile);
++             snprintf(tmperr, sizeof(tmperr),
++                      _
++                      ("File %s was decrypted.\n"), dinfile);
+              err_warn(tmperr);
+@@ -612,3 +614,3 @@ int main(int argc, char **argv)
+           if (stream_flag == FALSE) {
+-             sprintf(tmperr,
++             snprintf(tmperr, sizeof(tmperr),
+                      _
+@@ -638,3 +640,5 @@ int main(int argc, char **argv)
+           if (stream_flag == FALSE) {
+-             sprintf(tmperr, _("File %s was encrypted.\n"), einfile);
++             snprintf(tmperr, sizeof(tmperr),
++                      _
++                      ("File %s was encrypted.\n"), einfile);
+              err_warn(tmperr);
+@@ -657,3 +661,3 @@ int main(int argc, char **argv)



Home | Main Index | Thread Index | Old Index