summaryrefslogtreecommitdiff
path: root/archivers
diff options
context:
space:
mode:
authorsalo <salo@pkgsrc.org>2005-10-06 14:23:39 +0000
committersalo <salo@pkgsrc.org>2005-10-06 14:23:39 +0000
commit1405e0a7e302fccd5859390949810f7b46f81c6f (patch)
treec37475b222969b5799f757855fbfb06ea45bbdb1 /archivers
parent73e1d674663fd43b2daa80937134f074f1eb57a9 (diff)
downloadpkgsrc-1405e0a7e302fccd5859390949810f7b46f81c6f.tar.gz
Security fix for CAN-2005-2945 and CAN-2005-2992:
"arc 5.21j and earlier create temporary files with world-readable permissions, which allows local users to read sensitive information from files created by arc or marc." http://www.zataz.net/adviso/arc-09052005.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2945 Patch from Debian.
Diffstat (limited to 'archivers')
-rw-r--r--archivers/arc/Makefile4
-rw-r--r--archivers/arc/distinfo3
-rw-r--r--archivers/arc/patches/patch-ae30
3 files changed, 34 insertions, 3 deletions
diff --git a/archivers/arc/Makefile b/archivers/arc/Makefile
index 576cde1baaf..478afd58f95 100644
--- a/archivers/arc/Makefile
+++ b/archivers/arc/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.23 2005/04/15 04:36:45 snj Exp $
+# $NetBSD: Makefile,v 1.24 2005/10/06 14:23:39 salo Exp $
DISTNAME= arc521e.pl8
PKGNAME= arc-5.21e
-PKGREVISION= 1
+PKGREVISION= 2
CATEGORIES= archivers
MASTER_SITES= ftp://ftp.kiarchive.ru/pub/unix/arcers/
EXTRACT_SUFX= .tar.Z
diff --git a/archivers/arc/distinfo b/archivers/arc/distinfo
index ba384b7e43b..518a4cc7b60 100644
--- a/archivers/arc/distinfo
+++ b/archivers/arc/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.8 2005/05/08 05:45:42 minskim Exp $
+$NetBSD: distinfo,v 1.9 2005/10/06 14:23:39 salo Exp $
SHA1 (arc521e.pl8.tar.Z) = 34210f9aeaac39a15b34e6aa400b38127b6a2a20
RMD160 (arc521e.pl8.tar.Z) = 1fcd823b93b4e633244797ed231318c5bc741965
@@ -7,3 +7,4 @@ SHA1 (patch-aa) = 62324f346559b2997eba56698b1c0c1c29a328c3
SHA1 (patch-ab) = 64fba2f0b5d03f26e427ecddc70e2a9b6b2fc521
SHA1 (patch-ac) = 64d87af431c6bc0ded0b26167782309a7bfadd8a
SHA1 (patch-ad) = 6f82d17b8eb2f2353d7ebfffaec1d52673acc7a0
+SHA1 (patch-ae) = bb176dee99c3fbc43e0fa00a2ae2ebe00865cc72
diff --git a/archivers/arc/patches/patch-ae b/archivers/arc/patches/patch-ae
new file mode 100644
index 00000000000..759c05fe3bf
--- /dev/null
+++ b/archivers/arc/patches/patch-ae
@@ -0,0 +1,30 @@
+$NetBSD: patch-ae,v 1.1 2005/10/06 14:23:39 salo Exp $
+
+Security fix for CAN-2005-2945 and CAN-2005-2992, from Debian.
+
+--- arcsvc.c.orig 1992-04-15 00:58:40.000000000 +0200
++++ arcsvc.c 2005-10-06 16:07:28.000000000 +0200
+@@ -17,6 +17,9 @@
+ Computer Innovations Optimizing C86
+ */
+ #include <stdio.h>
++#include <sys/types.h>
++#include <sys/stat.h>
++#include <fcntl.h>
+ #include "arc.h"
+ #if _MTS
+ #include <mts.h>
+@@ -52,7 +55,12 @@
+ }
+ #endif
+ if (chg) { /* if opening for changes */
+- if (!(new = fopen(newname, OPEN_W)))
++ int fd;
++
++ if ((fd = open(newname, O_CREAT|O_EXCL|O_RDWR, S_IREAD|S_IWRITE)) == -1)
++ arcdie("Cannot create archive copy: %s", newname);
++
++ if (!(new = fdopen(fd, OPEN_W)))
+ arcdie("Cannot create archive copy: %s", newname);
+
+ changing = chg; /* note if open for changes */