[pkgsrc/trunk]: pkgsrc/time/wyrd Add patches for wyrd privilege escalation (C...

[tonnerre <tonnerre%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/da4ba85ab55c
branches:  trunk
changeset: 544179:da4ba85ab55c
user:      tonnerre <tonnerre%pkgsrc.org@localhost>
date:      Sun Jul 13 20:57:50 2008 +0000

description:
Add patches for wyrd privilege escalation (CVE-2008-0806). Thanks, agc!

diffstat:

 time/wyrd/Makefile         |   3 ++-
 time/wyrd/distinfo         |   4 +++-
 time/wyrd/patches/patch-ab |  28 ++++++++++++++++++++++++++++
 time/wyrd/patches/patch-ac |  13 +++++++++++++
 4 files changed, 46 insertions(+), 2 deletions(-)

diffs (75 lines):

diff -r 76f1a7ca41f0 -r da4ba85ab55c time/wyrd/Makefile
--- a/time/wyrd/Makefile        Sun Jul 13 20:41:46 2008 +0000
+++ b/time/wyrd/Makefile        Sun Jul 13 20:57:50 2008 +0000
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.2 2008/06/20 01:09:39 joerg Exp $
+# $NetBSD: Makefile,v 1.3 2008/07/13 20:57:50 tonnerre Exp $
 #
 
 DISTNAME=              wyrd-1.4.1
+PKGREVISION=           1
 CATEGORIES=            time
 MASTER_SITES=          http://www.eecs.umich.edu/~pelzlpj/wyrd/
 
diff -r 76f1a7ca41f0 -r da4ba85ab55c time/wyrd/distinfo
--- a/time/wyrd/distinfo        Sun Jul 13 20:41:46 2008 +0000
+++ b/time/wyrd/distinfo        Sun Jul 13 20:57:50 2008 +0000
@@ -1,6 +1,8 @@
-$NetBSD: distinfo,v 1.1.1.1 2006/07/24 23:03:35 wiz Exp $
+$NetBSD: distinfo,v 1.2 2008/07/13 20:57:50 tonnerre Exp $
 
 SHA1 (wyrd-1.4.1.tar.gz) = 5d34bdef0ae5a28f47ac7fc927fe60639926a568
 RMD160 (wyrd-1.4.1.tar.gz) = cb6ce509c140f97123a544aaf94d390d59811e9f
 Size (wyrd-1.4.1.tar.gz) = 198530 bytes
 SHA1 (patch-aa) = d4ad2bbfbc1e493797d4c078863e233b9422b5d3
+SHA1 (patch-ab) = 1e9df7b2ac5adc59937363d957dd9dd97fe8203e
+SHA1 (patch-ac) = 4f48b6ce3efc43c39a15c4c05dc4f52cd4f77b11
diff -r 76f1a7ca41f0 -r da4ba85ab55c time/wyrd/patches/patch-ab
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/time/wyrd/patches/patch-ab        Sun Jul 13 20:57:50 2008 +0000
@@ -0,0 +1,28 @@
+$NetBSD: patch-ab,v 1.1 2008/07/13 20:57:50 tonnerre Exp $
+
+--- interface_main.ml.orig     2006-07-17 00:29:41.000000000 +0200
++++ interface_main.ml
+@@ -884,9 +884,9 @@ let handle_view_keybindings (iface : int
+    in
+    Hashtbl.iter find_binding Rcfile.table_commandstr_command;
+    let sorted_list = List.fast_sort Pervasives.compare !bindings in
+-   let out_channel = open_out Rcfile.tmpfile in
++   let out_channel = Rcfile.tmpfd in
+    List.iter (output_string out_channel) sorted_list;
+-   close_out out_channel;
++   flush out_channel;
+    def_prog_mode ();
+    endwin ();
+    let _ = Unix.system ("less " ^ Rcfile.tmpfile) in 
+@@ -1640,8 +1640,9 @@ let handle_keypress_normal key (iface : 
+          let i = draw_msg iface in
+          handle_refresh i reminders
+       |Rcfile.Quit ->
+-         let new_iface = {iface with run_wyrd = false} in
+-         (new_iface, reminders)
++           let out_channel = Rcfile.tmpfd in
++           close_out out_channel;Sys.remove Rcfile.tmpfile;let new_iface = {iface with run_wyrd = false} in
++           (new_iface, reminders)
+    with Not_found ->
+       let _ = beep () in
+       draw_error iface "key is not bound." false;
diff -r 76f1a7ca41f0 -r da4ba85ab55c time/wyrd/patches/patch-ac
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/time/wyrd/patches/patch-ac        Sun Jul 13 20:57:50 2008 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-ac,v 1.1 2008/07/13 20:57:50 tonnerre Exp $
+
+--- rcfile.ml.orig     2006-07-17 00:29:41.000000000 +0200
++++ rcfile.ml
+@@ -128,7 +128,7 @@ let inverse_color_table = Hashtbl.create
+ (* Final hash table that maps from object to color_pair index *)
+ let object_palette      = Hashtbl.create 20
+ 
+-let tmpfile = "/tmp/wyrd-tmp." ^ (string_of_int (Unix.getuid ()))
++let tmpfile,tmpfd = Filename.open_temp_file "wyrd" "-temp"
+       
+ 
+ (* Turn colors on and off *)