From 178558ee367942d651ac30809d6d9a314bacc1f1 Mon Sep 17 00:00:00 2001
From: spz <spz@pkgsrc.org>
Date: Sun, 8 Aug 2010 16:42:51 +0000
Subject: Pullup ticket 3199 - requested by gls security patch

Revisions pulled up:
- pkgsrc/security/gnupg2/Makefile	1.30
- pkgsrc/security/gnupg2/distinfo	1.18

Files added:
pkgsrc/security/gnupg2/patches/patch-an

-------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   drochner
   Date:           Tue Aug  3 19:14:42 UTC 2010

   Modified Files:
           pkgsrc/security/gnupg2: Makefile distinfo
   Added Files:
           pkgsrc/security/gnupg2/patches: patch-an

   Log Message:
   add patch from upstream to fix a possible use-after-free problem
   (CVE-2010-2547), bump PKGREVISION


   To generate a diff of this commit:
   cvs rdiff -u -r1.29 -r1.30 pkgsrc/security/gnupg2/Makefile
   cvs rdiff -u -r1.17 -r1.18 pkgsrc/security/gnupg2/distinfo
   cvs rdiff -u -r0 -r1.1 pkgsrc/security/gnupg2/patches/patch-an
---
 security/gnupg2/Makefile         |  4 ++--
 security/gnupg2/distinfo         |  3 ++-
 security/gnupg2/patches/patch-an | 15 +++++++++++++++
 3 files changed, 19 insertions(+), 3 deletions(-)
 create mode 100644 security/gnupg2/patches/patch-an

(limited to 'security')

diff --git a/security/gnupg2/Makefile b/security/gnupg2/Makefile
index cbf36d0d34b..a1de9d1d337 100644
--- a/security/gnupg2/Makefile
+++ b/security/gnupg2/Makefile
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.29 2010/05/30 08:24:48 wiz Exp $
+# $NetBSD: Makefile,v 1.29.2.1 2010/08/08 16:42:51 spz Exp $
 #
 
 DISTNAME=		gnupg-2.0.14
 PKGNAME=		${DISTNAME:S/gnupg/gnupg2/}
-PKGREVISION=		2
+PKGREVISION=		3
 CATEGORIES=		security
 MASTER_SITES=		ftp://ftp.gnupg.org/gcrypt/gnupg/
 EXTRACT_SUFX=		.tar.bz2
diff --git a/security/gnupg2/distinfo b/security/gnupg2/distinfo
index 47765c90b1b..c164118024f 100644
--- a/security/gnupg2/distinfo
+++ b/security/gnupg2/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.17 2010/02/03 10:58:11 drochner Exp $
+$NetBSD: distinfo,v 1.17.4.1 2010/08/08 16:42:51 spz Exp $
 
 SHA1 (gnupg-2.0.14.tar.bz2) = cc5e4637f37f5bc82b00c73fc094ddadb7401821
 RMD160 (gnupg-2.0.14.tar.bz2) = 3e5ecf0108b65f7d2ecfd6f61b81e04e526ba52f
@@ -16,3 +16,4 @@ SHA1 (patch-aj) = 20be6b455167962ffa556979d8d0f167dd14131e
 SHA1 (patch-ak) = 74b26ce441ea99ff28a09a3f0c643456daf48f35
 SHA1 (patch-al) = ef7c698ed102c4e27bbf707ae5d1fce4c2b5d8d4
 SHA1 (patch-am) = 999cd57b90177df9d7c0510e3b8d11def7b47613
+SHA1 (patch-an) = 17e6f789af2853884eb6dd8488a2b91c9b06188d
diff --git a/security/gnupg2/patches/patch-an b/security/gnupg2/patches/patch-an
new file mode 100644
index 00000000000..2f97e287c24
--- /dev/null
+++ b/security/gnupg2/patches/patch-an
@@ -0,0 +1,15 @@
+$NetBSD: patch-an,v 1.1.2.2 2010/08/08 16:42:51 spz Exp $
+
+http://lists.gnupg.org/pipermail/gnupg-announce/2010q3/000302.html
+(CVE-2010-2547)
+
+--- kbx/keybox-blob.c.orig	2009-09-21 16:53:44.000000000 +0000
++++ kbx/keybox-blob.c
+@@ -898,6 +898,7 @@ _keybox_create_x509_blob (KEYBOXBLOB *r_
+               rc = gpg_error_from_syserror ();
+               goto leave;
+             }
++	  names = tmp;
+         }
+       names[blob->nuids++] = p;
+       if (!i && (p=x509_email_kludge (p)))
-- 
cgit v1.2.3