diff options
| author | salo <salo@pkgsrc.org> | 2005-02-05 17:22:21 +0000 |
|---|---|---|
| committer | salo <salo@pkgsrc.org> | 2005-02-05 17:22:21 +0000 |
| commit | de62b2429b096155ddf224ecacaaa36e1c917980 (patch) | |
| tree | a6c82a08ce3a3b5dbea9c8dd71eea9e28c35d373 | |
| parent | 12d47072ac99579316cd83ccf6034cab160c5a48 (diff) | |
| download | pkgsrc-de62b2429b096155ddf224ecacaaa36e1c917980.tar.gz | |
Pullup ticket 268 - requested by Johnny C. Lam
security fix fod perl58
Patch provided by the submitter. PKGREVISION bumped.
Fixes for:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0155
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0156
| -rw-r--r-- | lang/perl58/Makefile | 4 | ||||
| -rw-r--r-- | lang/perl58/distinfo | 3 | ||||
| -rw-r--r-- | lang/perl58/patches/patch-bf | 24 |
3 files changed, 28 insertions, 3 deletions
diff --git a/lang/perl58/Makefile b/lang/perl58/Makefile index 0d7085cd14e..5490ed2b328 100644 --- a/lang/perl58/Makefile +++ b/lang/perl58/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.68.2.1 2005/01/05 11:46:51 salo Exp $ +# $NetBSD: Makefile,v 1.68.2.2 2005/02/05 17:22:21 salo Exp $ # The following two variables should have empty values unless we're # building a perl snapshot or release candidate. @@ -9,7 +9,7 @@ PERL5_RC_VERS= # empty .if empty(PERL5_SNAPSHOT) && empty(PERL5_RC_VERS) DISTNAME= perl-${PERL5_VERS} PKGNAME= perl-${PERL5_VERS} -PKGREVISION= 7 +PKGREVISION= 8 SNAPSHOT_SITES= # empty .else . if !empty(PERL5_SNAPSHOT) diff --git a/lang/perl58/distinfo b/lang/perl58/distinfo index 18f1721b291..051af26d234 100644 --- a/lang/perl58/distinfo +++ b/lang/perl58/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.23.2.1 2005/01/05 11:46:51 salo Exp $ +$NetBSD: distinfo,v 1.23.2.2 2005/02/05 17:22:21 salo Exp $ SHA1 (perl-5.8.5.tar.bz2) = 6fec546bd96070c3c14b5b5fd2cd9af3185905fe Size (perl-5.8.5.tar.bz2) = 9464689 bytes @@ -8,6 +8,7 @@ SHA1 (patch-ah) = b180ba8d91d2ac5e685b7d23a265245605e7eb74 SHA1 (patch-ba) = 74a01f3a86f263720b9f07d1fdbaadbaecafb012 SHA1 (patch-bd) = 9f96ba1912f2a8db93db31f7a63c0b49a045318d SHA1 (patch-be) = 768f472fdd9c1aaea8d0262cfa1d53197348f3e4 +SHA1 (patch-bf) = c216ffa53ef5a24a04c6df3c8541a4e055b626c3 SHA1 (patch-ca) = ffe5eecd1162e7c8b591a74582d4c92b7a70ea96 SHA1 (patch-cb) = 2221fb87bddd29406d925d1cb5351eb4f3087f76 SHA1 (patch-cc) = 721459e0123c3306c44cca20e37680ec7026dd09 diff --git a/lang/perl58/patches/patch-bf b/lang/perl58/patches/patch-bf new file mode 100644 index 00000000000..057c3a2afe4 --- /dev/null +++ b/lang/perl58/patches/patch-bf @@ -0,0 +1,24 @@ +$NetBSD: patch-bf,v 1.1.2.2 2005/02/05 17:22:21 salo Exp $ + +--- perlio.c.orig 2004-09-10 03:06:52.000000000 -0400 ++++ perlio.c +@@ -448,7 +448,8 @@ PerlIO_debug(const char *fmt, ...) + va_list ap; + dSYS; + va_start(ap, fmt); +- if (!dbg) { ++ /* Tighten uid/gid checks [CAN-2005-0155] */ ++ if (!dbg && !PL_tainting && PL_uid == PL_euid && PL_gid == PL_egid) { + char *s = PerlEnv_getenv("PERLIO_DEBUG"); + if (s && *s) + dbg = PerlLIO_open3(s, O_WRONLY | O_CREAT | O_APPEND, 0666); +@@ -465,7 +466,8 @@ PerlIO_debug(const char *fmt, ...) + s = CopFILE(PL_curcop); + if (!s) + s = "(none)"; +- sprintf(buffer, "%s:%" IVdf " ", s, (IV) CopLINE(PL_curcop)); ++ /* Avoid PERLIO_DEBUG buffer overflow [CAN-2005-0156] */ ++ sprintf(buffer, "%.40s:%" IVdf " ", s, (IV) CopLINE(PL_curcop)); + len = strlen(buffer); + vsprintf(buffer+len, fmt, ap); + PerlLIO_write(dbg, buffer, strlen(buffer)); |