diff options
author | drochner <drochner@pkgsrc.org> | 2010-08-03 19:14:42 +0000 |
---|---|---|
committer | drochner <drochner@pkgsrc.org> | 2010-08-03 19:14:42 +0000 |
commit | 81585dfb37c7962305b3b9e8a160996776642101 (patch) | |
tree | 9add3ed7f67015d21cd363e3cdba73faa2ae0539 /security | |
parent | ad8b1141ccdeba43e05ede0e89b60ca150fe36aa (diff) | |
download | pkgsrc-81585dfb37c7962305b3b9e8a160996776642101.tar.gz |
add patch from upstream to fix a possible use-after-free problem
(CVE-2010-2547), bump PKGREVISION
Diffstat (limited to 'security')
-rw-r--r-- | security/gnupg2/Makefile | 4 | ||||
-rw-r--r-- | security/gnupg2/distinfo | 3 | ||||
-rw-r--r-- | security/gnupg2/patches/patch-an | 15 |
3 files changed, 19 insertions, 3 deletions
diff --git a/security/gnupg2/Makefile b/security/gnupg2/Makefile index cbf36d0d34b..4d08455cc52 100644 --- a/security/gnupg2/Makefile +++ b/security/gnupg2/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.29 2010/05/30 08:24:48 wiz Exp $ +# $NetBSD: Makefile,v 1.30 2010/08/03 19:14:42 drochner Exp $ # DISTNAME= gnupg-2.0.14 PKGNAME= ${DISTNAME:S/gnupg/gnupg2/} -PKGREVISION= 2 +PKGREVISION= 3 CATEGORIES= security MASTER_SITES= ftp://ftp.gnupg.org/gcrypt/gnupg/ EXTRACT_SUFX= .tar.bz2 diff --git a/security/gnupg2/distinfo b/security/gnupg2/distinfo index 47765c90b1b..3813e907c62 100644 --- a/security/gnupg2/distinfo +++ b/security/gnupg2/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.17 2010/02/03 10:58:11 drochner Exp $ +$NetBSD: distinfo,v 1.18 2010/08/03 19:14:42 drochner Exp $ SHA1 (gnupg-2.0.14.tar.bz2) = cc5e4637f37f5bc82b00c73fc094ddadb7401821 RMD160 (gnupg-2.0.14.tar.bz2) = 3e5ecf0108b65f7d2ecfd6f61b81e04e526ba52f @@ -16,3 +16,4 @@ SHA1 (patch-aj) = 20be6b455167962ffa556979d8d0f167dd14131e SHA1 (patch-ak) = 74b26ce441ea99ff28a09a3f0c643456daf48f35 SHA1 (patch-al) = ef7c698ed102c4e27bbf707ae5d1fce4c2b5d8d4 SHA1 (patch-am) = 999cd57b90177df9d7c0510e3b8d11def7b47613 +SHA1 (patch-an) = 17e6f789af2853884eb6dd8488a2b91c9b06188d diff --git a/security/gnupg2/patches/patch-an b/security/gnupg2/patches/patch-an new file mode 100644 index 00000000000..73c412d49b4 --- /dev/null +++ b/security/gnupg2/patches/patch-an @@ -0,0 +1,15 @@ +$NetBSD: patch-an,v 1.1 2010/08/03 19:14:42 drochner Exp $ + +http://lists.gnupg.org/pipermail/gnupg-announce/2010q3/000302.html +(CVE-2010-2547) + +--- kbx/keybox-blob.c.orig 2009-09-21 16:53:44.000000000 +0000 ++++ kbx/keybox-blob.c +@@ -898,6 +898,7 @@ _keybox_create_x509_blob (KEYBOXBLOB *r_ + rc = gpg_error_from_syserror (); + goto leave; + } ++ names = tmp; + } + names[blob->nuids++] = p; + if (!i && (p=x509_email_kludge (p))) |