diff options
| author | Leonardo Arena <rnalrd@alpinelinux.org> | 2018-02-28 13:42:51 +0000 |
|---|---|---|
| committer | Leonardo Arena <rnalrd@alpinelinux.org> | 2018-02-28 13:52:05 +0000 |
| commit | 7c67371afe718c4bf2e0d7175a1fc590fe7233b7 (patch) | |
| tree | e4f4cef5eae86042907e56d9ed41e65cfdf85eec | |
| parent | 034cdecfa97d19069fbd8c757be0bca3b7096645 (diff) | |
| download | aports-7c67371afe718c4bf2e0d7175a1fc590fe7233b7.tar.bz2 aports-7c67371afe718c4bf2e0d7175a1fc590fe7233b7.tar.xz | |
main/patch: security fix (CVE-2018-6951)
Partially fixes #8566
Patch for CVE-2018-6952 not yet available:
https://savannah.gnu.org/bugs/index.php?53133
| -rw-r--r-- | main/patch/APKBUILD | 16 | ||||
| -rw-r--r-- | main/patch/CVE-2018-6951.patch | 29 |
2 files changed, 40 insertions, 5 deletions
diff --git a/main/patch/APKBUILD b/main/patch/APKBUILD index f6648ba890..a72bdda650 100644 --- a/main/patch/APKBUILD +++ b/main/patch/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=patch pkgver=2.7.5 -pkgrel=1 +pkgrel=2 pkgdesc="Utility to apply diffs to files" url="http://www.gnu.org/software/patch/patch.html" arch="all" @@ -12,9 +12,16 @@ depends_dev="" makedepends="" install="" subpackages="$pkgname-doc" -source="ftp://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.xz" +source="ftp://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.xz + CVE-2018-6951.patch + " _builddir="$srcdir"/$pkgname-$pkgver + +# secfixes: +# 2.7.5-r2: +# - CVE-2018-6951 + build() { cd "$_builddir" ./configure \ @@ -38,6 +45,5 @@ package() { rmdir -p "$pkgdir"/usr/lib 2>/dev/null || true } -md5sums="e3da7940431633fb65a01b91d3b7a27a patch-2.7.5.tar.xz" -sha256sums="fd95153655d6b95567e623843a0e77b81612d502ecf78a489a4aed7867caa299 patch-2.7.5.tar.xz" -sha512sums="6620ac8101f60c0b456ce339fa5e371f40be0b391e2e9728f34f3625f9907e516de61dac2f91bc76e6fd28a9bd1224efc3ba827cfaa606d857730c1af4195a0f patch-2.7.5.tar.xz" +sha512sums="6620ac8101f60c0b456ce339fa5e371f40be0b391e2e9728f34f3625f9907e516de61dac2f91bc76e6fd28a9bd1224efc3ba827cfaa606d857730c1af4195a0f patch-2.7.5.tar.xz +db51d0b791d38dd4f1b373621ee18620ae339b172f58a79420fdaa4a4b1b1d9df239cf61bbddc4e6a4896b28b8cffc7c99161eb5e2facaec8df86a1bf7755bc0 CVE-2018-6951.patch" diff --git a/main/patch/CVE-2018-6951.patch b/main/patch/CVE-2018-6951.patch new file mode 100644 index 0000000000..002d8ffd9d --- /dev/null +++ b/main/patch/CVE-2018-6951.patch @@ -0,0 +1,29 @@ +From f290f48a621867084884bfff87f8093c15195e6a Mon Sep 17 00:00:00 2001 +From: Andreas Gruenbacher <agruen@gnu.org> +Date: Mon, 12 Feb 2018 16:48:24 +0100 +Subject: Fix segfault with mangled rename patch + +http://savannah.gnu.org/bugs/?53132 +* src/pch.c (intuit_diff_type): Ensure that two filenames are specified +for renames and copies (fix the existing check). +--- + src/pch.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/pch.c b/src/pch.c +index ff9ed2c..bc6278c 100644 +--- a/src/pch.c ++++ b/src/pch.c +@@ -974,7 +974,8 @@ intuit_diff_type (bool need_header, mode_t *p_file_type) + if ((pch_rename () || pch_copy ()) + && ! inname + && ! ((i == OLD || i == NEW) && +- p_name[! reverse] && ++ p_name[reverse] && p_name[! reverse] && ++ name_is_valid (p_name[reverse]) && + name_is_valid (p_name[! reverse]))) + { + say ("Cannot %s file without two valid file names\n", pch_rename () ? "rename" : "copy"); +-- +cgit v1.0-41-gc330 + |