diff options
| author | tonnerre <tonnerre@pkgsrc.org> | 2008-04-29 12:54:56 +0000 |
|---|---|---|
| committer | tonnerre <tonnerre@pkgsrc.org> | 2008-04-29 12:54:56 +0000 |
| commit | a8bfb3d824f3229f41e1e921cb7a5037d556a72b (patch) | |
| tree | 1a2371fe6268d662d436e95d7956d47b823fb693 /editors | |
| parent | fe7f9f177e27e7046297f5427ac7c68572319b6d (diff) | |
| download | pkgsrc-a8bfb3d824f3229f41e1e921cb7a5037d556a72b.tar.gz | |
Fix two emacs vulnerabilities:
- Fix unsafe handling of local variables iin hack-local-variables
(CVE-2007-5795).
- Prevent symlink attack on arbitrary files using the temp files vcdiff
generates (CVE-2008-1694).
Diffstat (limited to 'editors')
| -rw-r--r-- | editors/emacs/Makefile | 6 | ||||
| -rw-r--r-- | editors/emacs/distinfo | 4 | ||||
| -rw-r--r-- | editors/emacs/patches/patch-ac | 15 | ||||
| -rw-r--r-- | editors/emacs/patches/patch-af | 37 |
4 files changed, 58 insertions, 4 deletions
diff --git a/editors/emacs/Makefile b/editors/emacs/Makefile index 83374a16f0c..7f756bc1af5 100644 --- a/editors/emacs/Makefile +++ b/editors/emacs/Makefile @@ -1,10 +1,10 @@ -# $NetBSD: Makefile,v 1.107 2008/04/25 16:35:32 jlam Exp $ +# $NetBSD: Makefile,v 1.108 2008/04/29 12:54:56 tonnerre Exp $ PKGNAME?= ${DISTNAME} COMMENT?= GNU editing macros (editor) DISTNAME= emacs-22.1 -PKGREVISION= 2 +PKGREVISION= 3 CATEGORIES= editors MASTER_SITES= ${MASTER_SITE_GNU:=emacs/} @@ -18,7 +18,7 @@ CONFLICTS+= mule-[0-9]* PKG_DESTDIR_SUPPORT= user-destdir -USE_TOOLS+= gmake gzip perl:run pkg-config +USE_TOOLS+= gmake gzip mktemp:run perl:run pkg-config GNU_CONFIGURE= yes INFO_FILES= # PLIST diff --git a/editors/emacs/distinfo b/editors/emacs/distinfo index c98c521b0c0..5c022d1cfd9 100644 --- a/editors/emacs/distinfo +++ b/editors/emacs/distinfo @@ -1,12 +1,14 @@ -$NetBSD: distinfo,v 1.35 2007/06/11 13:57:16 markd Exp $ +$NetBSD: distinfo,v 1.36 2008/04/29 12:54:56 tonnerre Exp $ SHA1 (emacs-22.1.tar.gz) = 327664173eabe5db49d4e7e4a4b1794577af902e RMD160 (emacs-22.1.tar.gz) = da5360871db8b1d473ff7f0b0937ee6c278c0b19 Size (emacs-22.1.tar.gz) = 38172226 bytes SHA1 (patch-aa) = d7ae318f2140dbd8f796bfcbb48f299fe6bf2d81 SHA1 (patch-ab) = 0e022290d305fd73ab7aa633f955fca10ac70799 +SHA1 (patch-ac) = 1fc45d38f879c2ae7287bc7f7a9cb868e2db74d8 SHA1 (patch-ad) = 39a11bc214ae3d2f9d634c30b196a46d473ab92f SHA1 (patch-ae) = 30a31df58bbcae854ded212ad42bde5b855a7318 +SHA1 (patch-af) = 9b2b8c5dfe1b2dc9ca76587cdb323272f8cb103e SHA1 (patch-aj) = 7707c5f8bb57bbacbd1d3c6f37a34916baacc363 SHA1 (patch-ak) = ef0bf533754e5392c419c251aac8278b5e90b438 SHA1 (patch-am) = 4e068210bcbea638d143bd9fb566795636d77b35 diff --git a/editors/emacs/patches/patch-ac b/editors/emacs/patches/patch-ac new file mode 100644 index 00000000000..f8eba546d74 --- /dev/null +++ b/editors/emacs/patches/patch-ac @@ -0,0 +1,15 @@ +$NetBSD: patch-ac,v 1.16 2008/04/29 12:54:56 tonnerre Exp $ + +--- lisp/files.el.orig 2007-05-25 13:43:31.000000000 +0100 ++++ lisp/files.el 2008-04-29 12:41:52.000000000 +0100 +@@ -2736,8 +2736,8 @@ + ;; If caller wants only the safe variables, + ;; install only them. + (dolist (elt result) +- (unless (or (memq (car elt) unsafe-vars) +- (memq (car elt) risky-vars)) ++ (unless (or (member elt unsafe-vars) ++ (member elt risky-vars)) + (hack-one-local-variable (car elt) (cdr elt)))) + ;; Query, except in the case where all are known safe + ;; if the user wants no quuery in that case. diff --git a/editors/emacs/patches/patch-af b/editors/emacs/patches/patch-af new file mode 100644 index 00000000000..9942d5b628d --- /dev/null +++ b/editors/emacs/patches/patch-af @@ -0,0 +1,37 @@ +$NetBSD: patch-af,v 1.11 2008/04/29 12:54:56 tonnerre Exp $ + +--- lib-src/vcdiff.orig 2007-01-21 04:49:26.000000000 +0000 ++++ lib-src/vcdiff 2008-04-29 12:48:03.000000000 +0100 +@@ -4,13 +4,13 @@ + # This version is more compatible with rcsdiff(1). + # + # Copyright (C) 1992, 1993, 1995, 1997, 2001, 2002, 2003, 2004, +-# 2005, 2006, 2007 Free Software Foundation, Inc. ++# 2005, 2006, 2007, 2008 Free Software Foundation, Inc. + # + # This file is part of GNU Emacs. + # + # GNU Emacs is free software; you can redistribute it and/or modify + # it under the terms of the GNU General Public License as published by +-# the Free Software Foundation; either version 2, or (at your option) ++# the Free Software Foundation; either version 3, or (at your option) + # any later version. + # + # GNU Emacs is distributed in the hope that it will be useful, +@@ -84,14 +84,14 @@ + case $f in + s.* | */s.*) + if +- rev1=/tmp/geta$$ ++ rev1=`mktemp /tmp/geta.XXXXXXXX` + get -s -p -k $sid1 "$f" > $rev1 && + case $sid2 in + '') + workfile=`expr " /$f" : '.*/s.\(.*\)'` + ;; + *) +- rev2=/tmp/getb$$ ++ rev2=`mktemp /tmp/getb.XXXXXXXX` + get -s -p -k $sid2 "$f" > $rev2 + workfile=$rev2 + esac |