diff options
| author | snj <snj@pkgsrc.org> | 2005-06-09 20:05:49 +0000 |
|---|---|---|
| committer | snj <snj@pkgsrc.org> | 2005-06-09 20:05:49 +0000 |
| commit | 309f07e4e77bd6c97a675a744129eaac2f7e4ce0 (patch) | |
| tree | aba50de499e1e703196d548adbda2f9368c9741c | |
| parent | 72a5cd461824d822f0dffa2b39b93f3d2959127f (diff) | |
| download | pkgsrc-309f07e4e77bd6c97a675a744129eaac2f7e4ce0.tar.gz | |
Pullup ticket 545 - requested by Lubomir Sedlacik
security fix for a2ps
Revisions pulled up:
- pkgsrc/print/a2ps/Makefile 1.54
- pkgsrc/print/a2ps/distinfo 1.9
- pkgsrc/print/a2ps/patches/patch-ad 1.4
- pkgsrc/print/a2ps/patches/patch-ae 1.4
Module Name: pkgsrc
Committed By: salo
Date: Thu Jun 9 14:53:49 UTC 2005
Modified Files:
pkgsrc/print/a2ps: Makefile distinfo
Added Files:
pkgsrc/print/a2ps/patches: patch-ad patch-ae
Log Message:
Security fix for CAN-2004-1377:
"The fixps and psmandup scripts in a2ps allow local users to overwrite
arbitrary files via a symlink attack on temporary files."
Patches from Gentoo with few minor issues corrected.
| -rw-r--r-- | print/a2ps/Makefile | 10 | ||||
| -rw-r--r-- | print/a2ps/distinfo | 4 | ||||
| -rw-r--r-- | print/a2ps/patches/patch-ad | 31 | ||||
| -rw-r--r-- | print/a2ps/patches/patch-ae | 32 |
4 files changed, 74 insertions, 3 deletions
diff --git a/print/a2ps/Makefile b/print/a2ps/Makefile index 64012722e8a..57b7a985146 100644 --- a/print/a2ps/Makefile +++ b/print/a2ps/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.51 2004/12/31 13:27:06 minskim Exp $ +# $NetBSD: Makefile,v 1.51.2.1 2005/06/09 20:05:49 snj Exp $ DISTNAME= a2ps-4.13b PKGNAME= a2ps-4.13.0.2 -PKGREVISION= 6 +PKGREVISION= 7 CATEGORIES= print MASTER_SITES= ${MASTER_SITE_GNU:=a2ps/} \ ftp://ftp.enst.fr/pub/unix/a2ps/ @@ -14,6 +14,12 @@ COMMENT= Formats an ascii file for printing on a postscript printer DEPENDS+= papersize>=1.0.2:../../print/papersize DEPENDS+= psutils>=1.17:../../print/psutils +.include "../../mk/bsd.prefs.mk" + +.if empty(OPSYS:M*BSD) +DEPENDS+= mktemp>=1.5:../../sysutils/mktemp +.endif + WRKSRC= ${WRKDIR}/a2ps-4.13 STRIP= # empty diff --git a/print/a2ps/distinfo b/print/a2ps/distinfo index b4c1d780a1e..ce299d0993c 100644 --- a/print/a2ps/distinfo +++ b/print/a2ps/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.8 2005/02/24 12:51:41 agc Exp $ +$NetBSD: distinfo,v 1.8.2.1 2005/06/09 20:05:49 snj Exp $ SHA1 (a2ps-4.13b.tar.gz) = cfc79a3e54115e569f667fa3fd2c2ec16d22b31a RMD160 (a2ps-4.13b.tar.gz) = affc47a7487f2459184be0be76e49b1e185fc53d @@ -6,3 +6,5 @@ Size (a2ps-4.13b.tar.gz) = 1944289 bytes SHA1 (patch-aa) = 67f0c9ddf6e9829aeecb3de596c925d451990877 SHA1 (patch-ab) = ba7446a32733d60910036190be957045d4ec1218 SHA1 (patch-ac) = 5daaedd3866c731206b829124d8a3f4741512d17 +SHA1 (patch-ad) = a9ed67aeb2723153e1023980ff69086bca0f1f59 +SHA1 (patch-ae) = 34b45a6c37b721547d23c1d65e51b6e919cb3671 diff --git a/print/a2ps/patches/patch-ad b/print/a2ps/patches/patch-ad new file mode 100644 index 00000000000..19cf3db553e --- /dev/null +++ b/print/a2ps/patches/patch-ad @@ -0,0 +1,31 @@ +$NetBSD: patch-ad,v 1.3.12.1 2005/06/09 20:05:49 snj Exp $ + +Fix for CAN-2004-1377 + +--- contrib/fixps.in.orig 2000-02-21 09:16:15.000000000 +0100 ++++ contrib/fixps.in 2005-06-09 16:45:42.000000000 +0200 +@@ -38,7 +38,6 @@ + run_gs=0 + # What action to perform: fixps, cat, check, and gs + task=fixps +-tmpdir=/tmp/$program.$$ + verbose=echo + + # The version/usage strings +@@ -183,6 +182,8 @@ + exit 1;; + esac + ++tmpdir=`mktemp -d -t fixps.XXXXXX` || { echo "$program: Cannot create temporary directory!" >&2 ; exit 1; } ++ + if test -n "$debug"; then + # Set -x now if debugging + set -x +@@ -191,7 +192,6 @@ + trap "/bin/rm -rf $tmpdir" 0 1 2 3 13 15 + fi + +-mkdir $tmpdir + fixps_sed=$tmpdir/fixps.sed + + # If printing from stdin, save into a tmp file diff --git a/print/a2ps/patches/patch-ae b/print/a2ps/patches/patch-ae new file mode 100644 index 00000000000..151f6939259 --- /dev/null +++ b/print/a2ps/patches/patch-ae @@ -0,0 +1,32 @@ +$NetBSD: patch-ae,v 1.3.12.1 2005/06/09 20:05:49 snj Exp $ + +Fix for CAN-2004-1377 + +--- contrib/psmandup.in.orig 1999-10-24 15:06:42.000000000 +0200 ++++ contrib/psmandup.in 2005-06-09 16:46:24.000000000 +0200 +@@ -36,7 +36,6 @@ + message= + psselect=${PSSELECT:-psselect} + psset=${PSSET:-psset} +-tmpdir=/tmp/$program.$$ + + # These two must be kept in synch. They are opposed. + verbose=echo +@@ -177,6 +176,8 @@ + exit 1;; + esac + ++tmpdir=`mktemp -d -t psmandup.XXXXXX` || { echo "$program: Cannot create temporary directory!" >&2 ; exit 1; } ++ + if test -n "$debug"; then + # Set -x now if debugging + set -x +@@ -185,8 +186,6 @@ + trap "/bin/rm -rf $tmpdir" 0 1 2 3 13 15 + fi + +-mkdir $tmpdir +- + # If printing from stdin, save into a tmp file + if test $file = '-'; then + file=$tmpdir/stdin.ps |