diff options
author | drochner <drochner@pkgsrc.org> | 2014-03-28 16:02:01 +0000 |
---|---|---|
committer | drochner <drochner@pkgsrc.org> | 2014-03-28 16:02:01 +0000 |
commit | 93e4b7108b84f1539740f8dfa2fbb2505eb3c5ed (patch) | |
tree | cab4f9f183740e64d6f4db0fff284ea2a885aed1 /textproc | |
parent | ba106a275eb5b0d2d160be4411987d479ed8369d (diff) | |
download | pkgsrc-93e4b7108b84f1539740f8dfa2fbb2505eb3c5ed.tar.gz |
add patch from upstream to fix heap-based buffer overflow which can lead
to arbitrary code execution (CVE-2014-2525)
bump PKGREV
Diffstat (limited to 'textproc')
-rw-r--r-- | textproc/libyaml/Makefile | 3 | ||||
-rw-r--r-- | textproc/libyaml/distinfo | 4 | ||||
-rw-r--r-- | textproc/libyaml/patches/patch-CVE-2014-2525_1 | 16 | ||||
-rw-r--r-- | textproc/libyaml/patches/patch-CVE-2014-2525_2 | 19 |
4 files changed, 40 insertions, 2 deletions
diff --git a/textproc/libyaml/Makefile b/textproc/libyaml/Makefile index 2de72b1d916..a34b2afbe4f 100644 --- a/textproc/libyaml/Makefile +++ b/textproc/libyaml/Makefile @@ -1,8 +1,9 @@ -# $NetBSD: Makefile,v 1.6 2014/02/05 11:14:07 drochner Exp $ +# $NetBSD: Makefile,v 1.7 2014/03/28 16:02:01 drochner Exp $ # DISTNAME= yaml-0.1.5 PKGNAME= lib${DISTNAME} +PKGREVISION= 1 CATEGORIES= textproc MASTER_SITES= http://pyyaml.org/download/libyaml/ diff --git a/textproc/libyaml/distinfo b/textproc/libyaml/distinfo index 3e64d773c12..872e31b1325 100644 --- a/textproc/libyaml/distinfo +++ b/textproc/libyaml/distinfo @@ -1,5 +1,7 @@ -$NetBSD: distinfo,v 1.4 2014/02/05 11:14:07 drochner Exp $ +$NetBSD: distinfo,v 1.5 2014/03/28 16:02:01 drochner Exp $ SHA1 (yaml-0.1.5.tar.gz) = 8b78cb9f759c7d80db8a7328c0ebecfe34fde737 RMD160 (yaml-0.1.5.tar.gz) = 58d5a60ccc13c728bed48013cd0a5f001d7bde04 Size (yaml-0.1.5.tar.gz) = 504897 bytes +SHA1 (patch-CVE-2014-2525_1) = b7695050a303b14c118fa4ff889cdb92ce338ac9 +SHA1 (patch-CVE-2014-2525_2) = 6239cc15e6f5503839c81fde2c31df00a880f061 diff --git a/textproc/libyaml/patches/patch-CVE-2014-2525_1 b/textproc/libyaml/patches/patch-CVE-2014-2525_1 new file mode 100644 index 00000000000..da02bccb941 --- /dev/null +++ b/textproc/libyaml/patches/patch-CVE-2014-2525_1 @@ -0,0 +1,16 @@ +$NetBSD: patch-CVE-2014-2525_1,v 1.1 2014/03/28 16:02:01 drochner Exp $ + +https://bitbucket.org/xi/libyaml/commits/bce8b60f0b9af69fa9fab3093d0a41ba243de048 + +--- src/scanner.c.orig 2014-03-28 15:47:54.000000000 +0000 ++++ src/scanner.c +@@ -2629,6 +2629,9 @@ yaml_parser_scan_tag_uri(yaml_parser_t * + /* Check if it is a URI-escape sequence. */ + + if (CHECK(parser->buffer, '%')) { ++ if (!STRING_EXTEND(parser, string)) ++ goto error; ++ + if (!yaml_parser_scan_uri_escapes(parser, + directive, start_mark, &string)) goto error; + } diff --git a/textproc/libyaml/patches/patch-CVE-2014-2525_2 b/textproc/libyaml/patches/patch-CVE-2014-2525_2 new file mode 100644 index 00000000000..4642914e3dd --- /dev/null +++ b/textproc/libyaml/patches/patch-CVE-2014-2525_2 @@ -0,0 +1,19 @@ +$NetBSD: patch-CVE-2014-2525_2,v 1.1 2014/03/28 16:02:01 drochner Exp $ + +--- src/yaml_private.h.orig 2014-03-28 15:50:03.000000000 +0000 ++++ src/yaml_private.h +@@ -143,9 +143,12 @@ yaml_string_join( + (string).start = (string).pointer = (string).end = 0) + + #define STRING_EXTEND(context,string) \ +- (((string).pointer+5 < (string).end) \ ++ ((((string).pointer+5 < (string).end) \ + || yaml_string_extend(&(string).start, \ +- &(string).pointer, &(string).end)) ++ &(string).pointer, &(string).end)) ? \ ++ 1 : \ ++ ((context)->error = YAML_MEMORY_ERROR, \ ++ 0)) + + #define CLEAR(context,string) \ + ((string).pointer = (string).start, \ |