diff options
| author | spz <spz@pkgsrc.org> | 2018-10-20 16:24:01 +0000 |
|---|---|---|
| committer | spz <spz@pkgsrc.org> | 2018-10-20 16:24:01 +0000 |
| commit | f02ee40e0ba084482a201fd5f94ade7a999f6283 (patch) | |
| tree | 73eeab92e8ac8c86ea06b0a389d78ae81908f0ea | |
| parent | 5bf4b461eb499e836cb35b92edf59e27f45f7f50 (diff) | |
| download | pkgsrc-f02ee40e0ba084482a201fd5f94ade7a999f6283.tar.gz | |
Pullup ticket #5849 - requested by bsiegert
devel/ncurses: security patch
devel/ncursesw: security patch
Revisions pulled up:
- devel/ncurses/Makefile 1.100
- devel/ncurses/distinfo 1.35
- devel/ncurses/patches/patch-ncurses_tinfo_parse__entry.c 1.3
- devel/ncursesw/Makefile 1.17
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: leot
Date: Thu Oct 18 19:42:50 UTC 2018
Modified Files:
pkgsrc/devel/ncurses: Makefile distinfo
pkgsrc/devel/ncursesw: Makefile
Added Files:
pkgsrc/devel/ncurses/patches: patch-ncurses_tinfo_parse__entry.c
Log Message:
ncurses{,w}: Backport patch for CVE-2018-10754
Patch provided by Attila Fülöp via NetBSD/pkgsrc#34, thanks!
Bump PKGREVISION
To generate a diff of this commit:
cvs rdiff -u -r1.99 -r1.100 pkgsrc/devel/ncurses/Makefile
cvs rdiff -u -r1.34 -r1.35 pkgsrc/devel/ncurses/distinfo
cvs rdiff -u -r0 -r1.3 \
pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_parse__entry.c
cvs rdiff -u -r1.16 -r1.17 pkgsrc/devel/ncursesw/Makefile
| -rw-r--r-- | devel/ncurses/Makefile | 4 | ||||
| -rw-r--r-- | devel/ncurses/distinfo | 3 | ||||
| -rw-r--r-- | devel/ncurses/patches/patch-ncurses_tinfo_parse__entry.c | 23 | ||||
| -rw-r--r-- | devel/ncursesw/Makefile | 3 |
4 files changed, 29 insertions, 4 deletions
diff --git a/devel/ncurses/Makefile b/devel/ncurses/Makefile index dc9127d5619..06d144aa57c 100644 --- a/devel/ncurses/Makefile +++ b/devel/ncurses/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.99 2018/09/15 22:47:41 wiz Exp $ +# $NetBSD: Makefile,v 1.99.2.1 2018/10/20 16:24:01 spz Exp $ .include "Makefile.common" -PKGREVISION= 2 +PKGREVISION= 3 COMMENT= CRT screen handling and optimization package INSTALLATION_DIRS+= share/examples diff --git a/devel/ncurses/distinfo b/devel/ncurses/distinfo index 8328cfbcb18..2eabebfeec6 100644 --- a/devel/ncurses/distinfo +++ b/devel/ncurses/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.34 2018/04/02 16:26:03 spz Exp $ +$NetBSD: distinfo,v 1.34.4.1 2018/10/20 16:24:01 spz Exp $ SHA1 (ncurses-6.1.tar.gz) = 57acf6bc24cacd651d82541929f726f4def780cc RMD160 (ncurses-6.1.tar.gz) = 938235f3922f9c6ef0f1081d643ecb2da1347a17 @@ -12,3 +12,4 @@ SHA1 (patch-c++_Makefile.in) = 68ff81c719ec4aa13beb962cb66d7cd6749d7af5 SHA1 (patch-configure.in) = 48a705b3f4de3a65c0c1c3648f5a24c5310ed3fa SHA1 (patch-misc_ncurses-config.in) = 43e4dc8abe85804513da1189aeffa5c7746ffcca SHA1 (patch-ncurses_base_MKlib__gen.sh) = f8ce67fbd273529e4161a2820677d05a623fd527 +SHA1 (patch-ncurses_tinfo_parse__entry.c) = 06d2b52e84595f8acd47ad36ded7b7d5bec95b8a diff --git a/devel/ncurses/patches/patch-ncurses_tinfo_parse__entry.c b/devel/ncurses/patches/patch-ncurses_tinfo_parse__entry.c new file mode 100644 index 00000000000..cbda178bac3 --- /dev/null +++ b/devel/ncurses/patches/patch-ncurses_tinfo_parse__entry.c @@ -0,0 +1,23 @@ +$NetBSD: patch-ncurses_tinfo_parse__entry.c,v 1.3.2.2 2018/10/20 16:24:02 spz Exp $ + + - Fixes CVE-2018-10754 + +--- ncurses/tinfo/parse_entry.c.orig 2018-10-09 21:41:29.020445746 +0000 ++++ ncurses/tinfo/parse_entry.c +@@ -543,11 +543,12 @@ _nc_parse_entry(ENTRY * entryp, int lite + * Otherwise, look for a base entry that will already + * have picked up defaults via translation. + */ +- for (i = 0; i < entryp->nuses; i++) +- if (!strchr((char *) entryp->uses[i].name, '+')) +- has_base_entry = TRUE; ++ for (i = 0; i < entryp->nuses; i++) { ++ if (entryp->uses[i].name != 0 ++ && !strchr(entryp->uses[i].name, '+')) ++ has_base_entry = TRUE; ++ } + } +- + postprocess_termcap(&entryp->tterm, has_base_entry); + } else + postprocess_terminfo(&entryp->tterm); diff --git a/devel/ncursesw/Makefile b/devel/ncursesw/Makefile index d93afc4b04f..a348f195b2c 100644 --- a/devel/ncursesw/Makefile +++ b/devel/ncursesw/Makefile @@ -1,9 +1,10 @@ -# $NetBSD: Makefile,v 1.16 2018/04/02 16:26:04 spz Exp $ +# $NetBSD: Makefile,v 1.16.4.1 2018/10/20 16:24:02 spz Exp $ .include "../../devel/ncurses/Makefile.common" PKGNAME= ${DISTNAME:S/ncurses/ncursesw/} COMMENT= Wide character CRT screen handling and optimization package +PKGREVISION= 1 PATCHDIR= ${.CURDIR}/../../devel/ncurses/patches DISTINFO_FILE= ${.CURDIR}/../../devel/ncurses/distinfo |