From 6ed7991e16661089b8f3b6c4625de944d95b95dd Mon Sep 17 00:00:00 2001 From: tron Date: Sun, 3 Dec 2006 15:21:20 +0000 Subject: Add Kees Cook's patch for CVE-2006-6097 taken from Ubuntu Linux. Bump package revision. --- archivers/gtar-base/Makefile | 5 ++-- archivers/gtar-base/distinfo | 7 +++--- archivers/gtar-base/patches/patch-ab | 46 +++++++++++++++++++++++++++++------- archivers/gtar-base/patches/patch-ag | 21 +++++++++++++--- archivers/gtar-base/patches/patch-aj | 14 +++++++++++ 5 files changed, 75 insertions(+), 18 deletions(-) create mode 100644 archivers/gtar-base/patches/patch-aj diff --git a/archivers/gtar-base/Makefile b/archivers/gtar-base/Makefile index e4e2206238b..a4a8f7ec4c3 100644 --- a/archivers/gtar-base/Makefile +++ b/archivers/gtar-base/Makefile @@ -1,9 +1,8 @@ -# $NetBSD: Makefile,v 1.54 2006/09/03 17:24:16 adrianp Exp $ -# +# $NetBSD: Makefile,v 1.55 2006/12/03 15:21:20 tron Exp $ DISTNAME= tar-1.15.1 PKGNAME= gtar-base-1.15.1 -PKGREVISION= 3 +PKGREVISION= 4 SVR4_PKGNAME= gtarb CATEGORIES= archivers MASTER_SITES= ${MASTER_SITE_GNU:=tar/} diff --git a/archivers/gtar-base/distinfo b/archivers/gtar-base/distinfo index 9ac85908242..f5aca43a8f8 100644 --- a/archivers/gtar-base/distinfo +++ b/archivers/gtar-base/distinfo @@ -1,14 +1,15 @@ -$NetBSD: distinfo,v 1.18 2006/11/27 22:05:34 tv Exp $ +$NetBSD: distinfo,v 1.19 2006/12/03 15:21:20 tron Exp $ SHA1 (tar-1.15.1.tar.gz) = 21574ae5d39b698f7f577e2cecc91a5ec89b659c RMD160 (tar-1.15.1.tar.gz) = 83f35ee090d05f0865ebd9915bbd1b649a6555c5 Size (tar-1.15.1.tar.gz) = 2204322 bytes SHA1 (patch-aa) = adbd252113bfb131de80bbcf8150b2a955e17058 -SHA1 (patch-ab) = db7dc670cab8ba4eab9cf7b8efd79395ac4ea43c +SHA1 (patch-ab) = 59e75a2051738076ad948ebc4db1240d47e7d366 SHA1 (patch-ac) = 072a7eaff685093b86289e0b45281c41ae06f4fc SHA1 (patch-ad) = 8f109cbc150cb7db48b7a59dcba9eefb654875e0 SHA1 (patch-ae) = 6518ab82e19c831f16bc772136fafc037a592df4 SHA1 (patch-af) = be20dafd1c65db4ca60a5aedbc7a972117cd7072 -SHA1 (patch-ag) = dc39d490b0085e452664b8ea7af0329f01f630d5 +SHA1 (patch-ag) = 39fd6e84665a632258c722a35359713a1e194287 SHA1 (patch-ah) = d8532a99bf2bd0c35a9d994101fbd722f52c9ead SHA1 (patch-ai) = 9e065a4bbe3fcaee7e08a53b64e863b8fbd0d32a +SHA1 (patch-aj) = 409760785d3a0e12175760f2f71e192c3dd1ef52 diff --git a/archivers/gtar-base/patches/patch-ab b/archivers/gtar-base/patches/patch-ab index 4512b775611..812ca478105 100644 --- a/archivers/gtar-base/patches/patch-ab +++ b/archivers/gtar-base/patches/patch-ab @@ -1,8 +1,16 @@ -$NetBSD: patch-ab,v 1.10 2005/01/09 22:52:14 recht Exp $ +$NetBSD: patch-ab,v 1.11 2006/12/03 15:21:20 tron Exp $ ---- src/tar.c.orig Sat Dec 18 21:01:07 2004 -+++ src/tar.c Sun Jan 9 18:21:37 2005 -@@ -203,6 +203,7 @@ +--- src/tar.c.orig 2004-12-21 14:11:26.000000000 +0000 ++++ src/tar.c 2006-12-03 15:13:25.000000000 +0000 +@@ -181,6 +181,7 @@ + enum + { + ANCHORED_OPTION = CHAR_MAX + 1, ++ ALLOW_NAME_MANGLING_OPTION, + ATIME_PRESERVE_OPTION, + BACKUP_OPTION, + CHECKPOINT_OPTION, +@@ -203,6 +204,7 @@ NO_RECURSION_OPTION, NO_SAME_OWNER_OPTION, NO_SAME_PERMISSIONS_OPTION, @@ -10,7 +18,7 @@ $NetBSD: patch-ab,v 1.10 2005/01/09 22:52:14 recht Exp $ NO_WILDCARDS_OPTION, NO_WILDCARDS_MATCH_SLASH_OPTION, NULL_OPTION, -@@ -340,6 +341,8 @@ +@@ -340,6 +342,8 @@ N_("try extracting files with the same ownership"), 31 }, {"no-same-owner", NO_SAME_OWNER_OPTION, 0, 0, N_("extract files as yourself"), 31 }, @@ -19,14 +27,34 @@ $NetBSD: patch-ab,v 1.10 2005/01/09 22:52:14 recht Exp $ {"numeric-owner", NUMERIC_OWNER_OPTION, 0, 0, N_("always use numbers for user/group names"), 31 }, {"preserve-permissions", 'p', 0, 0, -@@ -864,6 +867,10 @@ - +@@ -528,6 +532,8 @@ + + {NULL, 'o', 0, 0, + N_("when creating, same as --old-archive. When extracting, same as --no-same-owner"), 91 }, ++ {"allow-name-mangling", ALLOW_NAME_MANGLING_OPTION, 0, 0, ++ N_("when creating, allow GNUTYPE_NAMES mangling -- considered dangerous"), 91 }, + + {NULL, 0, NULL, 0, + N_("Other options:"), 100 }, +@@ -865,6 +871,10 @@ case 'U': old_files_option = UNLINK_FIRST_OLD_FILES; -+ break; + break; + + case NO_UNLINK_FIRST_OPTION: + old_files_option = 0; - break; ++ break; case UTC_OPTION: + utc_option = true; +@@ -913,6 +923,10 @@ + case 'Z': + set_use_compress_program_option ("compress"); + break; ++ ++ case ALLOW_NAME_MANGLING_OPTION: ++ allow_name_mangling_option = true; ++ break; + + case ANCHORED_OPTION: + args->exclude_options |= EXCLUDE_ANCHORED; diff --git a/archivers/gtar-base/patches/patch-ag b/archivers/gtar-base/patches/patch-ag index e07084f974c..581ff3d3533 100644 --- a/archivers/gtar-base/patches/patch-ag +++ b/archivers/gtar-base/patches/patch-ag @@ -1,7 +1,7 @@ -$NetBSD: patch-ag,v 1.3 2005/01/09 22:52:14 recht Exp $ +$NetBSD: patch-ag,v 1.4 2006/12/03 15:21:20 tron Exp $ ---- src/extract.c.orig Mon Sep 13 10:12:04 2004 -+++ src/extract.c Sun Jan 9 18:26:07 2005 +--- src/extract.c.orig 2004-12-21 09:55:12.000000000 +0000 ++++ src/extract.c 2006-12-03 15:13:25.000000000 +0000 @@ -195,7 +195,11 @@ mode = cur_info->st_mode ^ invert_permissions; } @@ -52,3 +52,18 @@ $NetBSD: patch-ag,v 1.3 2005/01/09 22:52:14 recht Exp $ utime_error (file_name); else { +@@ -1101,7 +1121,13 @@ + break; + + case GNUTYPE_NAMES: +- extract_mangle (); ++ if (allow_name_mangling_option) { ++ extract_mangle (); ++ } ++ else { ++ ERROR ((0, 0, _("GNUTYPE_NAMES mangling ignored"))); ++ skip_member (); ++ } + break; + + case GNUTYPE_MULTIVOL: diff --git a/archivers/gtar-base/patches/patch-aj b/archivers/gtar-base/patches/patch-aj new file mode 100644 index 00000000000..559b4e5c9c4 --- /dev/null +++ b/archivers/gtar-base/patches/patch-aj @@ -0,0 +1,14 @@ +$NetBSD: patch-aj,v 1.1 2006/12/03 15:21:20 tron Exp $ + +--- src/common.h.orig 2004-12-21 14:31:58.000000000 +0000 ++++ src/common.h 2006-12-03 15:13:25.000000000 +0000 +@@ -124,6 +124,9 @@ + + GLOBAL bool absolute_names_option; + ++/* Allow GNUTYPE_NAMES type? */ ++GLOBAL bool allow_name_mangling_option; ++ + /* Display file times in UTC */ + GLOBAL bool utc_option; + -- cgit v1.2.3