diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2014-04-18 08:20:52 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2014-04-18 08:21:32 +0000 |
commit | 9544460de3b7282c473654a2a67586c6645a05c1 (patch) | |
tree | b7affc06c18f993842a0bb7741da2b36e609ead4 | |
parent | f31cfb7cf7a3cc4f5167eff89e859a71b6c735ea (diff) | |
download | aports-9544460de3b7282c473654a2a67586c6645a05c1.tar.bz2 aports-9544460de3b7282c473654a2a67586c6645a05c1.tar.xz |
main/a2ps: security fix for CVE-2001-1593 and CVE-2014-0466
ref #2821
-rw-r--r-- | main/a2ps/APKBUILD | 16 | ||||
-rw-r--r-- | main/a2ps/CVE-2001-1593.patch | 65 | ||||
-rw-r--r-- | main/a2ps/CVE-2014-0466.patch | 30 |
3 files changed, 107 insertions, 4 deletions
diff --git a/main/a2ps/APKBUILD b/main/a2ps/APKBUILD index cdde8b4d7c..1767d237dc 100644 --- a/main/a2ps/APKBUILD +++ b/main/a2ps/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=a2ps pkgver=4.14 -pkgrel=4 +pkgrel=5 pkgdesc="a2ps is an Any to PostScript filter" url="http://www.gnu.org/software/a2ps/" arch="all" @@ -19,6 +19,8 @@ source="ftp://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.gz fix-redeclarations.patch a2ps-automake-1.12.patch automake.patch + CVE-2001-1593.patch + CVE-2014-0466.patch " prepare() { @@ -63,7 +65,9 @@ md5sums="781ac3d9b213fa3e1ed0d79f986dc8c7 a2ps-4.14.tar.gz 4b4fbc19a6b79fa64df7e26945fcdcf9 a2ps-4.14-fix-stpcpy-proto.patch 2161408fcb532ac22dba95eb6e60ace6 fix-redeclarations.patch 72e8f0a6cd234945df92549d8a5451f8 a2ps-automake-1.12.patch -868217fde7f9a4c1350c99431b0c1671 automake.patch" +868217fde7f9a4c1350c99431b0c1671 automake.patch +fa3c5f09f47619fbee347256e940fcce CVE-2001-1593.patch +f1c0a955f604ccf7d592b92d67c7d255 CVE-2014-0466.patch" sha256sums="f3ae8d3d4564a41b6e2a21f237d2f2b104f48108591e8b83497500182a3ab3a4 a2ps-4.14.tar.gz 5d1b8a8791fa2a36c23f43ef153a724cce1f8eec8fb92ab886f52fae7f8f3be3 a2ps-4.13c-fnmatch-replacement.patch 943739a788db47f10942477754f42c8c9b22cdaad4463bea4103c31a330de76a a2ps-4.13c-emacs.patch @@ -72,7 +76,9 @@ sha256sums="f3ae8d3d4564a41b6e2a21f237d2f2b104f48108591e8b83497500182a3ab3a4 a2 547a50e7bd577222fac71ce1ab7fd25db2096a8874ae667bd09e118fb39bf5a9 a2ps-4.14-fix-stpcpy-proto.patch 49532bc45d91f198791063f5c0438c163399f8dd8e497e660b2099f24c8914c1 fix-redeclarations.patch 167a4639b008c123b54fe627a6fcbb1db12c37023f5c37a9994f2eeb212b1d55 a2ps-automake-1.12.patch -ded40b73e44729ebf3cf4777eaea92915dde0429ab8a137ca53358333474f515 automake.patch" +ded40b73e44729ebf3cf4777eaea92915dde0429ab8a137ca53358333474f515 automake.patch +fbfeb3d421e81540839e25f7a3efdab977e86e3c5748442eefe4560c85816a12 CVE-2001-1593.patch +458601076b6e3cc241d121602cc455d2d3ae5fce47eeb57dd56c9acb9995db02 CVE-2014-0466.patch" sha512sums="fd6ac8ab47d789114c283e8ca508f7f56feabd1a189f4ac772cad9e6be7e3791e210892cfffd04ad1d39efe4b15386b2e61bf4cd56b70ed581c0554f36bfe06f a2ps-4.14.tar.gz 5509ae1277ff1f1f487fb106ed6673eb67fa7d1531a35bfa087f78a0bdb4dc0bf38c69b7fab95161a19406fc1acaef09b22b8a05ef603c6d43a8d7a8c3077b56 a2ps-4.13c-fnmatch-replacement.patch 0ef1a215ecb757e249c4d4bdf9a789419c6cd433f7e330783fef13a0158c57c5c5e6a22526d8abcca0919bdb1dc08337869fdd3f0fe192284ca087eafad322a3 a2ps-4.13c-emacs.patch @@ -81,4 +87,6 @@ f3dc2698ee989928b3179b65b01bf12d828f4428bd860f6f1a3811daaa9d6256b353c2acb5cd4bf3 605385c355b15f2f8142b4a05390ce131d3f2b7a8d56bf37b70457db64c0ce458778daf05ef015c9059482483907a629f12d210bcaa91cc007af4f708b66b765 a2ps-4.14-fix-stpcpy-proto.patch 08382d49982190779f3070e06af773c0dd730e8f1a81310a537c149a438954e5c4b360c72a908fb50b1fb95fcf4b556c28ffd90932bae81140cab30b3419f364 fix-redeclarations.patch 422dba4b43fb14d68263361dd917a866a9ff033d4a5f60faf668385b80093f7f3f6025de149810f9287790acc07ed5f5feb15c7b23ff083ab74eb21c22bf0f05 a2ps-automake-1.12.patch -4336ad6b40ecfd16ac01304a4d27b7715e5c19ef3777b57f0ea152fa1a57db476605c330b5c0091dfbf95705e4345806c8393e6c3f3e89d528bd94cc91a9beb9 automake.patch" +4336ad6b40ecfd16ac01304a4d27b7715e5c19ef3777b57f0ea152fa1a57db476605c330b5c0091dfbf95705e4345806c8393e6c3f3e89d528bd94cc91a9beb9 automake.patch +22b9e23d74a914a3332615b911c655cf5e63ce445073e2cd7faa353c16b3e9c813cc4f3b20db68795f09da8b5a8952effe4727e6d1a429699ad66487bd2cab32 CVE-2001-1593.patch +1816c8c98c8902801c5376ed86821b60d67c18fe9f5534936e3fa9ffaae01f1b1f5b4cf84fa176ba30ee7350737fffa3c2e4b60cf03cb9e64bc93487a6448bb1 CVE-2014-0466.patch" diff --git a/main/a2ps/CVE-2001-1593.patch b/main/a2ps/CVE-2001-1593.patch new file mode 100644 index 0000000000..cff6225355 --- /dev/null +++ b/main/a2ps/CVE-2001-1593.patch @@ -0,0 +1,65 @@ +--- a2ps-4.13/lib/routines.c.security Sat Oct 16 05:46:37 1999 ++++ a2ps-4.13/lib/routines.c Mon Feb 12 17:45:15 2001 +@@ -242,3 +242,50 @@ + /* Don't complain if you can't unlink. Who cares of a tmp file? */ + unlink (filename); + } ++ ++/* ++ * Securely generate a temp file, and make sure it gets ++ * deleted upon exit. ++ */ ++static char ** tempfiles; ++static unsigned ntempfiles; ++ ++static void ++cleanup_tempfiles() ++{ ++ while (ntempfiles--) ++ unlink(tempfiles[ntempfiles]); ++} ++ ++char * ++safe_tempnam(const char *pfx) ++{ ++ char *dirname, *filename; ++ int fd; ++ ++ if (!(dirname = getenv("TMPDIR"))) ++ dirname = "/tmp"; ++ ++ tempfiles = (char **) realloc(tempfiles, ++ (ntempfiles+1) * sizeof(char *)); ++ if (tempfiles == NULL) ++ return NULL; ++ ++ filename = malloc(strlen(dirname) + strlen(pfx) + sizeof("/XXXXXX")); ++ if (!filename) ++ return NULL; ++ ++ sprintf(filename, "%s/%sXXXXXX", dirname, pfx); ++ ++ if ((fd = mkstemp(filename)) < 0) { ++ free(filename); ++ return NULL; ++ } ++ close(fd); ++ ++ if (ntempfiles == 0) ++ atexit(cleanup_tempfiles); ++ tempfiles[ntempfiles++] = filename; ++ ++ return filename; ++} +--- a2ps-4.13/lib/routines.h.security Mon Oct 18 21:24:41 1999 ++++ a2ps-4.13/lib/routines.h Mon Feb 12 17:39:30 2001 +@@ -255,7 +255,8 @@ + /* If _STR_ is not defined, give it a tempname in _TMPDIR_ */ + #define tempname_ensure(Str) \ + do { \ +- (Str) = (Str) ? (Str) : tempnam (NULL, "a2_"); \ ++ (Str) = (Str) ? (Str) : safe_tempnam("a2_"); \ + } while (0) ++char * safe_tempnam(const char *); + + #endif diff --git a/main/a2ps/CVE-2014-0466.patch b/main/a2ps/CVE-2014-0466.patch new file mode 100644 index 0000000000..85199e35b0 --- /dev/null +++ b/main/a2ps/CVE-2014-0466.patch @@ -0,0 +1,30 @@ +Description: CVE-2014-0466: fixps does not invoke gs with -dSAFER + A malicious PostScript file could delete files with the privileges of + the invoking user. +Origin: vendor +Bug-Debian: http://bugs.debian.org/742902 +Author: Salvatore Bonaccorso <carnil@debian.org> +Last-Update: 2014-03-28 + +--- a/contrib/fixps.in ++++ b/contrib/fixps.in +@@ -389,7 +389,7 @@ + eval "$command" ;; + gs) + $verbose "$program: making a full rewrite of the file ($gs)." >&2 +- $gs -q -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;; ++ $gs -q -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;; + esac + ) + fi +--- a/contrib/fixps.m4 ++++ b/contrib/fixps.m4 +@@ -307,7 +307,7 @@ + eval "$command" ;; + gs) + $verbose "$program: making a full rewrite of the file ($gs)." >&2 +- $gs -q -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;; ++ $gs -q -dSAFER -dNOPAUSE -dBATCH -sDEVICE=pswrite -sOutputFile=- -c save pop -f $file ;; + esac + ) + fi |