summaryrefslogtreecommitdiff
path: root/editors
diff options
context:
space:
mode:
authortonnerre <tonnerre@pkgsrc.org>2008-04-29 12:54:56 +0000
committertonnerre <tonnerre@pkgsrc.org>2008-04-29 12:54:56 +0000
commita8bfb3d824f3229f41e1e921cb7a5037d556a72b (patch)
tree1a2371fe6268d662d436e95d7956d47b823fb693 /editors
parentfe7f9f177e27e7046297f5427ac7c68572319b6d (diff)
downloadpkgsrc-a8bfb3d824f3229f41e1e921cb7a5037d556a72b.tar.gz
Fix two emacs vulnerabilities:
- Fix unsafe handling of local variables iin hack-local-variables (CVE-2007-5795). - Prevent symlink attack on arbitrary files using the temp files vcdiff generates (CVE-2008-1694).
Diffstat (limited to 'editors')
-rw-r--r--editors/emacs/Makefile6
-rw-r--r--editors/emacs/distinfo4
-rw-r--r--editors/emacs/patches/patch-ac15
-rw-r--r--editors/emacs/patches/patch-af37
4 files changed, 58 insertions, 4 deletions
diff --git a/editors/emacs/Makefile b/editors/emacs/Makefile
index 83374a16f0c..7f756bc1af5 100644
--- a/editors/emacs/Makefile
+++ b/editors/emacs/Makefile
@@ -1,10 +1,10 @@
-# $NetBSD: Makefile,v 1.107 2008/04/25 16:35:32 jlam Exp $
+# $NetBSD: Makefile,v 1.108 2008/04/29 12:54:56 tonnerre Exp $
PKGNAME?= ${DISTNAME}
COMMENT?= GNU editing macros (editor)
DISTNAME= emacs-22.1
-PKGREVISION= 2
+PKGREVISION= 3
CATEGORIES= editors
MASTER_SITES= ${MASTER_SITE_GNU:=emacs/}
@@ -18,7 +18,7 @@ CONFLICTS+= mule-[0-9]*
PKG_DESTDIR_SUPPORT= user-destdir
-USE_TOOLS+= gmake gzip perl:run pkg-config
+USE_TOOLS+= gmake gzip mktemp:run perl:run pkg-config
GNU_CONFIGURE= yes
INFO_FILES= # PLIST
diff --git a/editors/emacs/distinfo b/editors/emacs/distinfo
index c98c521b0c0..5c022d1cfd9 100644
--- a/editors/emacs/distinfo
+++ b/editors/emacs/distinfo
@@ -1,12 +1,14 @@
-$NetBSD: distinfo,v 1.35 2007/06/11 13:57:16 markd Exp $
+$NetBSD: distinfo,v 1.36 2008/04/29 12:54:56 tonnerre Exp $
SHA1 (emacs-22.1.tar.gz) = 327664173eabe5db49d4e7e4a4b1794577af902e
RMD160 (emacs-22.1.tar.gz) = da5360871db8b1d473ff7f0b0937ee6c278c0b19
Size (emacs-22.1.tar.gz) = 38172226 bytes
SHA1 (patch-aa) = d7ae318f2140dbd8f796bfcbb48f299fe6bf2d81
SHA1 (patch-ab) = 0e022290d305fd73ab7aa633f955fca10ac70799
+SHA1 (patch-ac) = 1fc45d38f879c2ae7287bc7f7a9cb868e2db74d8
SHA1 (patch-ad) = 39a11bc214ae3d2f9d634c30b196a46d473ab92f
SHA1 (patch-ae) = 30a31df58bbcae854ded212ad42bde5b855a7318
+SHA1 (patch-af) = 9b2b8c5dfe1b2dc9ca76587cdb323272f8cb103e
SHA1 (patch-aj) = 7707c5f8bb57bbacbd1d3c6f37a34916baacc363
SHA1 (patch-ak) = ef0bf533754e5392c419c251aac8278b5e90b438
SHA1 (patch-am) = 4e068210bcbea638d143bd9fb566795636d77b35
diff --git a/editors/emacs/patches/patch-ac b/editors/emacs/patches/patch-ac
new file mode 100644
index 00000000000..f8eba546d74
--- /dev/null
+++ b/editors/emacs/patches/patch-ac
@@ -0,0 +1,15 @@
+$NetBSD: patch-ac,v 1.16 2008/04/29 12:54:56 tonnerre Exp $
+
+--- lisp/files.el.orig 2007-05-25 13:43:31.000000000 +0100
++++ lisp/files.el 2008-04-29 12:41:52.000000000 +0100
+@@ -2736,8 +2736,8 @@
+ ;; If caller wants only the safe variables,
+ ;; install only them.
+ (dolist (elt result)
+- (unless (or (memq (car elt) unsafe-vars)
+- (memq (car elt) risky-vars))
++ (unless (or (member elt unsafe-vars)
++ (member elt risky-vars))
+ (hack-one-local-variable (car elt) (cdr elt))))
+ ;; Query, except in the case where all are known safe
+ ;; if the user wants no quuery in that case.
diff --git a/editors/emacs/patches/patch-af b/editors/emacs/patches/patch-af
new file mode 100644
index 00000000000..9942d5b628d
--- /dev/null
+++ b/editors/emacs/patches/patch-af
@@ -0,0 +1,37 @@
+$NetBSD: patch-af,v 1.11 2008/04/29 12:54:56 tonnerre Exp $
+
+--- lib-src/vcdiff.orig 2007-01-21 04:49:26.000000000 +0000
++++ lib-src/vcdiff 2008-04-29 12:48:03.000000000 +0100
+@@ -4,13 +4,13 @@
+ # This version is more compatible with rcsdiff(1).
+ #
+ # Copyright (C) 1992, 1993, 1995, 1997, 2001, 2002, 2003, 2004,
+-# 2005, 2006, 2007 Free Software Foundation, Inc.
++# 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
+ #
+ # This file is part of GNU Emacs.
+ #
+ # GNU Emacs is free software; you can redistribute it and/or modify
+ # it under the terms of the GNU General Public License as published by
+-# the Free Software Foundation; either version 2, or (at your option)
++# the Free Software Foundation; either version 3, or (at your option)
+ # any later version.
+ #
+ # GNU Emacs is distributed in the hope that it will be useful,
+@@ -84,14 +84,14 @@
+ case $f in
+ s.* | */s.*)
+ if
+- rev1=/tmp/geta$$
++ rev1=`mktemp /tmp/geta.XXXXXXXX`
+ get -s -p -k $sid1 "$f" > $rev1 &&
+ case $sid2 in
+ '')
+ workfile=`expr " /$f" : '.*/s.\(.*\)'`
+ ;;
+ *)
+- rev2=/tmp/getb$$
++ rev2=`mktemp /tmp/getb.XXXXXXXX`
+ get -s -p -k $sid2 "$f" > $rev2
+ workfile=$rev2
+ esac