diff options
| author | salo <salo@pkgsrc.org> | 2005-10-10 15:14:49 +0000 |
|---|---|---|
| committer | salo <salo@pkgsrc.org> | 2005-10-10 15:14:49 +0000 |
| commit | 0f8922cc215adb6984b7e90e8b692cc597b21fad (patch) | |
| tree | 56d01e6419c8e6948ba01c4b855168779ec06f2b /devel/gtexinfo | |
| parent | 78549386ce63020367442a8acab2ba0d3ccadf1b (diff) | |
| download | pkgsrc-0f8922cc215adb6984b7e90e8b692cc597b21fad.tar.gz | |
Security fix for CAN-2005-3011:
"texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary
files via a symlink attack on temporary files."
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3011
Patch from Ubuntu.
Diffstat (limited to 'devel/gtexinfo')
| -rw-r--r-- | devel/gtexinfo/Makefile | 3 | ||||
| -rw-r--r-- | devel/gtexinfo/distinfo | 3 | ||||
| -rw-r--r-- | devel/gtexinfo/patches/patch-al | 34 |
3 files changed, 38 insertions, 2 deletions
diff --git a/devel/gtexinfo/Makefile b/devel/gtexinfo/Makefile index 0ccdbbdd185..cfd80a0298d 100644 --- a/devel/gtexinfo/Makefile +++ b/devel/gtexinfo/Makefile @@ -1,7 +1,8 @@ -# $NetBSD: Makefile,v 1.57 2005/04/11 21:45:24 tv Exp $ +# $NetBSD: Makefile,v 1.58 2005/10/10 15:14:49 salo Exp $ DISTNAME= texinfo-4.8 PKGNAME= g${DISTNAME} +PKGREVISION= 1 CATEGORIES= devel MASTER_SITES= ${MASTER_SITE_GNU:=texinfo/} EXTRACT_SUFX= .tar.bz2 diff --git a/devel/gtexinfo/distinfo b/devel/gtexinfo/distinfo index 0d9e8531261..68ea9234329 100644 --- a/devel/gtexinfo/distinfo +++ b/devel/gtexinfo/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.21 2005/02/28 13:06:46 wiz Exp $ +$NetBSD: distinfo,v 1.22 2005/10/10 15:14:49 salo Exp $ SHA1 (texinfo-4.8.tar.bz2) = b19e906f7220294c1e8b087d583c50f5c4d7c420 RMD160 (texinfo-4.8.tar.bz2) = 5cb82cd240d1f22da813c7142df8828b4f6f1ea4 @@ -9,3 +9,4 @@ SHA1 (patch-ac) = 01baf8634edcecab0b5edaeddf1e38811cab490d SHA1 (patch-ad) = c5c3374322eb8a2c8dfc7871971b73194ab1b14c SHA1 (patch-aj) = d9071c62c993550d253c9e1889880d4fccf7d278 SHA1 (patch-ak) = 2cef2ae464ddb5324acae000420017d4faf7b145 +SHA1 (patch-al) = 5d50cfe1c783b91d5983e67e8fe8a33a0476b531 diff --git a/devel/gtexinfo/patches/patch-al b/devel/gtexinfo/patches/patch-al new file mode 100644 index 00000000000..5097a8f3c82 --- /dev/null +++ b/devel/gtexinfo/patches/patch-al @@ -0,0 +1,34 @@ +$NetBSD: patch-al,v 1.1 2005/10/10 15:14:49 salo Exp $ + +Security fix for CAN-2005-3011, from Ubuntu. + +--- util/texindex.c.orig 2004-04-11 19:56:47.000000000 +0200 ++++ util/texindex.c 2005-10-10 16:46:44.000000000 +0200 +@@ -390,11 +390,12 @@ + maketempname (int count) + { + static char *tempbase = NULL; ++ char *tempname; + char tempsuffix[10]; ++ int fd; + + if (!tempbase) + { +- int fd; + tempbase = concat (tempdir, "txidxXXXXXX"); + + fd = mkstemp (tempbase); +@@ -403,7 +404,12 @@ + } + + sprintf (tempsuffix, ".%d", count); +- return concat (tempbase, tempsuffix); ++ tempname = concat (tempbase, tempsuffix); ++ fd = open (tempname, O_CREAT|O_EXCL|O_WRONLY, 0600); ++ if (fd == -1) ++ pfatal_with_name (tempname); ++ close (fd); ++ return tempname; + } + + |