summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authortron <tron@pkgsrc.org>2006-12-03 15:21:20 +0000
committertron <tron@pkgsrc.org>2006-12-03 15:21:20 +0000
commit6ed7991e16661089b8f3b6c4625de944d95b95dd (patch)
treef83a3a978b99f5dd277e8a6702ce89fadf532991
parent32e8220fcf3c56b9a7bc11ffb445320b7de854b8 (diff)
downloadpkgsrc-6ed7991e16661089b8f3b6c4625de944d95b95dd.tar.gz
Add Kees Cook's patch for CVE-2006-6097 taken from Ubuntu Linux.
Bump package revision.
-rw-r--r--archivers/gtar-base/Makefile5
-rw-r--r--archivers/gtar-base/distinfo7
-rw-r--r--archivers/gtar-base/patches/patch-ab46
-rw-r--r--archivers/gtar-base/patches/patch-ag21
-rw-r--r--archivers/gtar-base/patches/patch-aj14
5 files changed, 75 insertions, 18 deletions
diff --git a/archivers/gtar-base/Makefile b/archivers/gtar-base/Makefile
index e4e2206238b..a4a8f7ec4c3 100644
--- a/archivers/gtar-base/Makefile
+++ b/archivers/gtar-base/Makefile
@@ -1,9 +1,8 @@
-# $NetBSD: Makefile,v 1.54 2006/09/03 17:24:16 adrianp Exp $
-#
+# $NetBSD: Makefile,v 1.55 2006/12/03 15:21:20 tron Exp $
DISTNAME= tar-1.15.1
PKGNAME= gtar-base-1.15.1
-PKGREVISION= 3
+PKGREVISION= 4
SVR4_PKGNAME= gtarb
CATEGORIES= archivers
MASTER_SITES= ${MASTER_SITE_GNU:=tar/}
diff --git a/archivers/gtar-base/distinfo b/archivers/gtar-base/distinfo
index 9ac85908242..f5aca43a8f8 100644
--- a/archivers/gtar-base/distinfo
+++ b/archivers/gtar-base/distinfo
@@ -1,14 +1,15 @@
-$NetBSD: distinfo,v 1.18 2006/11/27 22:05:34 tv Exp $
+$NetBSD: distinfo,v 1.19 2006/12/03 15:21:20 tron Exp $
SHA1 (tar-1.15.1.tar.gz) = 21574ae5d39b698f7f577e2cecc91a5ec89b659c
RMD160 (tar-1.15.1.tar.gz) = 83f35ee090d05f0865ebd9915bbd1b649a6555c5
Size (tar-1.15.1.tar.gz) = 2204322 bytes
SHA1 (patch-aa) = adbd252113bfb131de80bbcf8150b2a955e17058
-SHA1 (patch-ab) = db7dc670cab8ba4eab9cf7b8efd79395ac4ea43c
+SHA1 (patch-ab) = 59e75a2051738076ad948ebc4db1240d47e7d366
SHA1 (patch-ac) = 072a7eaff685093b86289e0b45281c41ae06f4fc
SHA1 (patch-ad) = 8f109cbc150cb7db48b7a59dcba9eefb654875e0
SHA1 (patch-ae) = 6518ab82e19c831f16bc772136fafc037a592df4
SHA1 (patch-af) = be20dafd1c65db4ca60a5aedbc7a972117cd7072
-SHA1 (patch-ag) = dc39d490b0085e452664b8ea7af0329f01f630d5
+SHA1 (patch-ag) = 39fd6e84665a632258c722a35359713a1e194287
SHA1 (patch-ah) = d8532a99bf2bd0c35a9d994101fbd722f52c9ead
SHA1 (patch-ai) = 9e065a4bbe3fcaee7e08a53b64e863b8fbd0d32a
+SHA1 (patch-aj) = 409760785d3a0e12175760f2f71e192c3dd1ef52
diff --git a/archivers/gtar-base/patches/patch-ab b/archivers/gtar-base/patches/patch-ab
index 4512b775611..812ca478105 100644
--- a/archivers/gtar-base/patches/patch-ab
+++ b/archivers/gtar-base/patches/patch-ab
@@ -1,8 +1,16 @@
-$NetBSD: patch-ab,v 1.10 2005/01/09 22:52:14 recht Exp $
+$NetBSD: patch-ab,v 1.11 2006/12/03 15:21:20 tron Exp $
---- src/tar.c.orig Sat Dec 18 21:01:07 2004
-+++ src/tar.c Sun Jan 9 18:21:37 2005
-@@ -203,6 +203,7 @@
+--- src/tar.c.orig 2004-12-21 14:11:26.000000000 +0000
++++ src/tar.c 2006-12-03 15:13:25.000000000 +0000
+@@ -181,6 +181,7 @@
+ enum
+ {
+ ANCHORED_OPTION = CHAR_MAX + 1,
++ ALLOW_NAME_MANGLING_OPTION,
+ ATIME_PRESERVE_OPTION,
+ BACKUP_OPTION,
+ CHECKPOINT_OPTION,
+@@ -203,6 +204,7 @@
NO_RECURSION_OPTION,
NO_SAME_OWNER_OPTION,
NO_SAME_PERMISSIONS_OPTION,
@@ -10,7 +18,7 @@ $NetBSD: patch-ab,v 1.10 2005/01/09 22:52:14 recht Exp $
NO_WILDCARDS_OPTION,
NO_WILDCARDS_MATCH_SLASH_OPTION,
NULL_OPTION,
-@@ -340,6 +341,8 @@
+@@ -340,6 +342,8 @@
N_("try extracting files with the same ownership"), 31 },
{"no-same-owner", NO_SAME_OWNER_OPTION, 0, 0,
N_("extract files as yourself"), 31 },
@@ -19,14 +27,34 @@ $NetBSD: patch-ab,v 1.10 2005/01/09 22:52:14 recht Exp $
{"numeric-owner", NUMERIC_OWNER_OPTION, 0, 0,
N_("always use numbers for user/group names"), 31 },
{"preserve-permissions", 'p', 0, 0,
-@@ -864,6 +867,10 @@
-
+@@ -528,6 +532,8 @@
+
+ {NULL, 'o', 0, 0,
+ N_("when creating, same as --old-archive. When extracting, same as --no-same-owner"), 91 },
++ {"allow-name-mangling", ALLOW_NAME_MANGLING_OPTION, 0, 0,
++ N_("when creating, allow GNUTYPE_NAMES mangling -- considered dangerous"), 91 },
+
+ {NULL, 0, NULL, 0,
+ N_("Other options:"), 100 },
+@@ -865,6 +871,10 @@
case 'U':
old_files_option = UNLINK_FIRST_OLD_FILES;
-+ break;
+ break;
+
+ case NO_UNLINK_FIRST_OPTION:
+ old_files_option = 0;
- break;
++ break;
case UTC_OPTION:
+ utc_option = true;
+@@ -913,6 +923,10 @@
+ case 'Z':
+ set_use_compress_program_option ("compress");
+ break;
++
++ case ALLOW_NAME_MANGLING_OPTION:
++ allow_name_mangling_option = true;
++ break;
+
+ case ANCHORED_OPTION:
+ args->exclude_options |= EXCLUDE_ANCHORED;
diff --git a/archivers/gtar-base/patches/patch-ag b/archivers/gtar-base/patches/patch-ag
index e07084f974c..581ff3d3533 100644
--- a/archivers/gtar-base/patches/patch-ag
+++ b/archivers/gtar-base/patches/patch-ag
@@ -1,7 +1,7 @@
-$NetBSD: patch-ag,v 1.3 2005/01/09 22:52:14 recht Exp $
+$NetBSD: patch-ag,v 1.4 2006/12/03 15:21:20 tron Exp $
---- src/extract.c.orig Mon Sep 13 10:12:04 2004
-+++ src/extract.c Sun Jan 9 18:26:07 2005
+--- src/extract.c.orig 2004-12-21 09:55:12.000000000 +0000
++++ src/extract.c 2006-12-03 15:13:25.000000000 +0000
@@ -195,7 +195,11 @@
mode = cur_info->st_mode ^ invert_permissions;
}
@@ -52,3 +52,18 @@ $NetBSD: patch-ag,v 1.3 2005/01/09 22:52:14 recht Exp $
utime_error (file_name);
else
{
+@@ -1101,7 +1121,13 @@
+ break;
+
+ case GNUTYPE_NAMES:
+- extract_mangle ();
++ if (allow_name_mangling_option) {
++ extract_mangle ();
++ }
++ else {
++ ERROR ((0, 0, _("GNUTYPE_NAMES mangling ignored")));
++ skip_member ();
++ }
+ break;
+
+ case GNUTYPE_MULTIVOL:
diff --git a/archivers/gtar-base/patches/patch-aj b/archivers/gtar-base/patches/patch-aj
new file mode 100644
index 00000000000..559b4e5c9c4
--- /dev/null
+++ b/archivers/gtar-base/patches/patch-aj
@@ -0,0 +1,14 @@
+$NetBSD: patch-aj,v 1.1 2006/12/03 15:21:20 tron Exp $
+
+--- src/common.h.orig 2004-12-21 14:31:58.000000000 +0000
++++ src/common.h 2006-12-03 15:13:25.000000000 +0000
+@@ -124,6 +124,9 @@
+
+ GLOBAL bool absolute_names_option;
+
++/* Allow GNUTYPE_NAMES type? */
++GLOBAL bool allow_name_mangling_option;
++
+ /* Display file times in UTC */
+ GLOBAL bool utc_option;
+