Pullup ticket 3182 - requested by tron

security patch Revisions pulled up: - pkgsrc/audio/pulseaudio/Makefile 1.38 - pkgsrc/audio/pulseaudio/distinfo 1.21 Files added: pkgsrc/audio/pulseaudio/patches/patch-ba pkgsrc/audio/pulseaudio/patches/patch-bb ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Sat Jul 24 12:51:09 UTC 2010 Modified Files: pkgsrc/audio/pulseaudio: Makefile distinfo Added Files: pkgsrc/audio/pulseaudio/patches: patch-ba patch-bb Log Message: Add fix for symlink race reported in CVE-2009-1299 taken from Lennart Poettering's GIT repository. To generate a diff of this commit: cvs rdiff -u -r1.37 -r1.38 pkgsrc/audio/pulseaudio/Makefile cvs rdiff -u -r1.20 -r1.21 pkgsrc/audio/pulseaudio/distinfo cvs rdiff -u -r0 -r1.6 pkgsrc/audio/pulseaudio/patches/patch-ba cvs rdiff -u -r0 -r1.5 pkgsrc/audio/pulseaudio/patches/patch-bb
author: spz <spz> 2010-07-25 13:16:12 +0000
committer: spz <spz> 2010-07-25 13:16:12 +0000
commit: c1677e0848a7dcbdafd63c96e259f1c6d70cba44 (patch)
tree: f75b80c6e6b8885ef33a510bbe0736b3c9092c34 /audio
parent: 118540f51501485c99366710ca1a1e9c3b453e9e (diff)
download: pkgsrc-c1677e0848a7dcbdafd63c96e259f1c6d70cba44.tar.gz
4 files changed, 89 insertions, 3 deletions
diff --git a/audio/pulseaudio/Makefile b/audio/pulseaudio/Makefile
index 6aeb13a914a..0c367842d05 100644
--- a/audio/pulseaudio/Makefile
+++ b/audio/pulseaudio/Makefile
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile,v 1.37 2010/06/15 16:25:42 obache Exp $
+# $NetBSD: Makefile,v 1.37.2.1 2010/07/25 13:16:12 spz Exp $
 
 # NOTE: Please send a copy of any patches that are not pkgsrc-specific
 # to <pulseaudio-discuss@mail.0pointer.de>
 
 PULSEAUDIO_VER=	0.9.21
-PKGREVISION=	2
+PKGREVISION=	3
 DISTNAME=	pulseaudio-${PULSEAUDIO_VER}
 CATEGORIES=	audio
 MASTER_SITES=	http://0pointer.de/lennart/projects/pulseaudio/
diff --git a/audio/pulseaudio/distinfo b/audio/pulseaudio/distinfo
index 18b47c54df4..e7c66340faa 100644
--- a/audio/pulseaudio/distinfo
+++ b/audio/pulseaudio/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.19 2010/02/02 12:39:14 jmcneill Exp $
+$NetBSD: distinfo,v 1.19.4.1 2010/07/25 13:16:12 spz Exp $
 
 SHA1 (pulseaudio-0.9.21.tar.gz) = 0309c97f7e0812e243c1bb80a4b74dc26369ac22
 RMD160 (pulseaudio-0.9.21.tar.gz) = 6db0725253228b673a78cbfae4824fadce2198ed
@@ -10,6 +10,8 @@ SHA1 (patch-ad) = 7340114467bc6d2fedb604e0b01ffbf1d319adc1
 SHA1 (patch-ae) = 5e6957e73ffd96d2e63e5ea4eb9b0ca9ea016b30
 SHA1 (patch-af) = e11fb419787e3cd1f305b66c995915f11276770e
 SHA1 (patch-ag) = 523743b49476a219f76b108a605b2b57ea63098a
+SHA1 (patch-ba) = d05d290d90120986654aa86f090b6c20c68e8594
+SHA1 (patch-bb) = e6f4095eb460c605b8dcc02980c5cff0cd0715a8
 SHA1 (patch-ca) = 3016b290943c006392bff01d6eae75a432a7e171
 SHA1 (patch-da) = d56957d37bec15bd41d77b99ce60bcdea0ef4f20
 SHA1 (patch-db) = e1e48577618b4eb2586d8b37953b2474e2dcc864
diff --git a/audio/pulseaudio/patches/patch-ba b/audio/pulseaudio/patches/patch-ba
new file mode 100644
index 00000000000..46310ea0512
--- /dev/null
+++ b/audio/pulseaudio/patches/patch-ba
@@ -0,0 +1,17 @@
+$NetBSD: patch-ba,v 1.6.2.2 2010/07/25 13:16:12 spz Exp $
+
+Fix for security vulnerability reported in CVE-2009-1299, taken from here:
+
+http://git.0pointer.de/?p=pulseaudio.git;a=patch;h=d3efa43d85ac132c6a5a416a2b6f2115f5d577ee
+
+--- configure.ac.orig	2009-11-23 04:06:47.000000000 +0000
++++ configure.ac	2010-07-24 13:33:30.000000000 +0100
+@@ -424,7 +424,7 @@
+ AC_FUNC_FORK
+ AC_FUNC_GETGROUPS
+ AC_FUNC_SELECT_ARGTYPES
+-AC_CHECK_FUNCS_ONCE([chmod chown clock_gettime getaddrinfo getgrgid_r getgrnam_r \
++AC_CHECK_FUNCS_ONCE([chmod chown fstat fchown fchmod clock_gettime getaddrinfo getgrgid_r getgrnam_r \
+     getpwnam_r getpwuid_r gettimeofday getuid inet_ntop inet_pton mlock nanosleep \
+     pipe posix_fadvise posix_madvise posix_memalign setpgid setsid shm_open \
+     sigaction sleep sysconf pthread_setaffinity_np])
diff --git a/audio/pulseaudio/patches/patch-bb b/audio/pulseaudio/patches/patch-bb
new file mode 100644
index 00000000000..bc97990cf83
--- /dev/null
+++ b/audio/pulseaudio/patches/patch-bb
@@ -0,0 +1,67 @@
+$NetBSD: patch-bb,v 1.5.2.2 2010/07/25 13:16:12 spz Exp $
+
+Fix for security vulnerability reported in CVE-2009-1299, taken from here:
+
+http://git.0pointer.de/?p=pulseaudio.git;a=patch;h=d3efa43d85ac132c6a5a416a2b6f2115f5d577ee
+
+--- src/pulsecore/core-util.c.orig	2009-11-23 03:57:07.000000000 +0000
++++ src/pulsecore/core-util.c	2010-07-24 13:33:30.000000000 +0100
+@@ -196,7 +196,7 @@
+ /** Creates a directory securely */
+ int pa_make_secure_dir(const char* dir, mode_t m, uid_t uid, gid_t gid) {
+     struct stat st;
+-    int r, saved_errno;
++    int r, saved_errno, fd;
+ 
+     pa_assert(dir);
+ 
+@@ -214,16 +214,45 @@
+     if (r < 0 && errno != EEXIST)
+         return -1;
+ 
+-#ifdef HAVE_CHOWN
++#ifdef HAVE_FSTAT
++    if ((fd = open(dir,
++#ifdef O_CLOEXEC
++                   O_CLOEXEC|
++#endif
++#ifdef O_NOCTTY
++                   O_NOCTTY|
++#endif
++#ifdef O_NOFOLLOW
++                   O_NOFOLLOW|
++#endif
++                   O_RDONLY)) < 0)
++        goto fail;
++
++    if (fstat(fd, &st) < 0) {
++        pa_assert_se(pa_close(fd) >= 0);
++        goto fail;
++    }
++
++    if (!S_ISDIR(st.st_mode)) {
++        pa_assert_se(pa_close(fd) >= 0);
++        errno = EEXIST;
++        goto fail;
++    }
++
++#ifdef HAVE_FCHOWN
+     if (uid == (uid_t)-1)
+         uid = getuid();
+     if (gid == (gid_t)-1)
+         gid = getgid();
+-    (void) chown(dir, uid, gid);
++    (void) fchown(fd, uid, gid);
++#endif
++
++#ifdef HAVE_FCHMOD
++    (void) fchmod(fd, m);
+ #endif
+ 
+-#ifdef HAVE_CHMOD
+-    chmod(dir, m);
++    pa_assert_se(pa_close(fd) >= 0);
++
+ #endif
+ 
+ #ifdef HAVE_LSTAT
author	spz <spz>	2010-07-25 13:16:12 +0000
committer	spz <spz>	2010-07-25 13:16:12 +0000
commit	c1677e0848a7dcbdafd63c96e259f1c6d70cba44 (patch)
tree	f75b80c6e6b8885ef33a510bbe0736b3c9092c34 /audio
parent	118540f51501485c99366710ca1a1e9c3b453e9e (diff)
download	pkgsrc-c1677e0848a7dcbdafd63c96e259f1c6d70cba44.tar.gz