diff options
author | spz <spz@pkgsrc.org> | 2010-08-08 16:42:51 +0000 |
---|---|---|
committer | spz <spz@pkgsrc.org> | 2010-08-08 16:42:51 +0000 |
commit | 178558ee367942d651ac30809d6d9a314bacc1f1 (patch) | |
tree | 095cd5b393e5f070522540fa68ec37b9091f3bfb | |
parent | 7776e34e55a8688b7889086e31974ec1cc2efcc9 (diff) | |
download | pkgsrc-178558ee367942d651ac30809d6d9a314bacc1f1.tar.gz |
Pullup ticket 3199 - requested by gls
security patch
Revisions pulled up:
- pkgsrc/security/gnupg2/Makefile 1.30
- pkgsrc/security/gnupg2/distinfo 1.18
Files added:
pkgsrc/security/gnupg2/patches/patch-an
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Tue Aug 3 19:14:42 UTC 2010
Modified Files:
pkgsrc/security/gnupg2: Makefile distinfo
Added Files:
pkgsrc/security/gnupg2/patches: patch-an
Log Message:
add patch from upstream to fix a possible use-after-free problem
(CVE-2010-2547), bump PKGREVISION
To generate a diff of this commit:
cvs rdiff -u -r1.29 -r1.30 pkgsrc/security/gnupg2/Makefile
cvs rdiff -u -r1.17 -r1.18 pkgsrc/security/gnupg2/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/security/gnupg2/patches/patch-an
-rw-r--r-- | security/gnupg2/Makefile | 4 | ||||
-rw-r--r-- | security/gnupg2/distinfo | 3 | ||||
-rw-r--r-- | security/gnupg2/patches/patch-an | 15 |
3 files changed, 19 insertions, 3 deletions
diff --git a/security/gnupg2/Makefile b/security/gnupg2/Makefile index cbf36d0d34b..a1de9d1d337 100644 --- a/security/gnupg2/Makefile +++ b/security/gnupg2/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.29 2010/05/30 08:24:48 wiz Exp $ +# $NetBSD: Makefile,v 1.29.2.1 2010/08/08 16:42:51 spz Exp $ # DISTNAME= gnupg-2.0.14 PKGNAME= ${DISTNAME:S/gnupg/gnupg2/} -PKGREVISION= 2 +PKGREVISION= 3 CATEGORIES= security MASTER_SITES= ftp://ftp.gnupg.org/gcrypt/gnupg/ EXTRACT_SUFX= .tar.bz2 diff --git a/security/gnupg2/distinfo b/security/gnupg2/distinfo index 47765c90b1b..c164118024f 100644 --- a/security/gnupg2/distinfo +++ b/security/gnupg2/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.17 2010/02/03 10:58:11 drochner Exp $ +$NetBSD: distinfo,v 1.17.4.1 2010/08/08 16:42:51 spz Exp $ SHA1 (gnupg-2.0.14.tar.bz2) = cc5e4637f37f5bc82b00c73fc094ddadb7401821 RMD160 (gnupg-2.0.14.tar.bz2) = 3e5ecf0108b65f7d2ecfd6f61b81e04e526ba52f @@ -16,3 +16,4 @@ SHA1 (patch-aj) = 20be6b455167962ffa556979d8d0f167dd14131e SHA1 (patch-ak) = 74b26ce441ea99ff28a09a3f0c643456daf48f35 SHA1 (patch-al) = ef7c698ed102c4e27bbf707ae5d1fce4c2b5d8d4 SHA1 (patch-am) = 999cd57b90177df9d7c0510e3b8d11def7b47613 +SHA1 (patch-an) = 17e6f789af2853884eb6dd8488a2b91c9b06188d diff --git a/security/gnupg2/patches/patch-an b/security/gnupg2/patches/patch-an new file mode 100644 index 00000000000..2f97e287c24 --- /dev/null +++ b/security/gnupg2/patches/patch-an @@ -0,0 +1,15 @@ +$NetBSD: patch-an,v 1.1.2.2 2010/08/08 16:42:51 spz Exp $ + +http://lists.gnupg.org/pipermail/gnupg-announce/2010q3/000302.html +(CVE-2010-2547) + +--- kbx/keybox-blob.c.orig 2009-09-21 16:53:44.000000000 +0000 ++++ kbx/keybox-blob.c +@@ -898,6 +898,7 @@ _keybox_create_x509_blob (KEYBOXBLOB *r_ + rc = gpg_error_from_syserror (); + goto leave; + } ++ names = tmp; + } + names[blob->nuids++] = p; + if (!i && (p=x509_email_kludge (p))) |