aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2018-11-29 12:36:10 +0100
committerNatanael Copa <ncopa@alpinelinux.org>2018-11-30 12:26:13 +0100
commit77ebb2a9270d15652313ccf62a06fd2960b8b9ba (patch)
tree5dd6fb115a46287f25d59acd60ab4ca1dbd1757a
parent43dd52bda87e3f1fd92433e5e9a42273dcdfec51 (diff)
downloadaports-77ebb2a9270d15652313ccf62a06fd2960b8b9ba.tar.bz2
aports-77ebb2a9270d15652313ccf62a06fd2960b8b9ba.tar.xz
main/git: security fix (CVE-2018-19486)
fixes #9713 also fix secfixes comment
-rw-r--r--main/git/APKBUILD12
-rw-r--r--main/git/CVE-2018-19486.patch101
2 files changed, 108 insertions, 5 deletions
diff --git a/main/git/APKBUILD b/main/git/APKBUILD
index 9cd4567703..b8acf6e737 100644
--- a/main/git/APKBUILD
+++ b/main/git/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=git
pkgver=2.13.7
-pkgrel=1
+pkgrel=2
pkgdesc="A distributed version control system"
url="https://www.git-scm.com/"
arch="all"
@@ -11,6 +11,10 @@ depends=
replaces="git-perl"
# secfixes:
+# 2.13.7-r2:
+# - CVE-2018-19486
+# 2.13.7-r1:
+# - CVE-2018-17456
# 2.13.7:
# - CVE-2018-11233
# - CVE-2018-11235
@@ -39,6 +43,7 @@ makedepends="zlib-dev libressl-dev curl-dev expat-dev perl-dev python2-dev
pcre-dev asciidoc xmlto perl-error tcl tk"
source="https://www.kernel.org/pub/software/scm/git/git-$pkgver.tar.xz
bb-tar.patch
+ CVE-2018-19486.patch
git-daemon.initd
git-daemon.confd
CVE-2018-17456.patch
@@ -54,10 +59,6 @@ _makeopts="
_gitcoredir=/usr/libexec/git-core
_builddir="$srcdir"/$pkgname-$pkgver
-# secfixes:
-# 2.13.7-r1:
-# - CVE-2018-17456
-
build() {
cd "$_builddir"
make -j1 prefix=/usr DESTDIR="$pkgdir" $_makeopts perl/perl.mak || return 1
@@ -229,6 +230,7 @@ _git_perl() {
sha512sums="b3480fe342610ff31637d95cf3f49d68ee9411a546315588d55eefb6af22846ea3f0bd1a28626574078523414b2806a4d76e23f27b5710bda383c447abd618b7 git-2.13.7.tar.xz
85767b5e03137008d6a96199e769e3979f75d83603ac8cb13a3481a915005637409a4fd94e0720da2ec6cd1124f35eba7cf20109a94816c4b4898a81fbc46bd2 bb-tar.patch
+98e4d87d492f2e65930b842e2de3f2043d737dcb1cbcb09e504a21a387ad5e5ce7fbe8f9eea2594eec302c45d0f8f069c6b6767deba1ed61b4636f43dfe2a7aa CVE-2018-19486.patch
89528cdd14c51fd568aa61cf6c5eae08ea0844e59f9af9292da5fc6c268261f4166017d002d494400945e248df6b844e2f9f9cd2d9345d516983f5a110e4c42a git-daemon.initd
fbf1f425206a76e2a8f82342537ed939ff7e623d644c086ca2ced5f69b36734695f9f80ebda1728f75a94d6cd2fcb71bf845b64239368caab418e4d368c141ec git-daemon.confd
c0745aac540be9206341c8cc59c4ba3a7158a4b3d2c6eb8c2e84f601b9c642668e7624e42c1af993ffcc16e1c7ad530f9f38769565c9089b14f8ae73ed14fc86 CVE-2018-17456.patch"
diff --git a/main/git/CVE-2018-19486.patch b/main/git/CVE-2018-19486.patch
new file mode 100644
index 0000000000..5cbf096687
--- /dev/null
+++ b/main/git/CVE-2018-19486.patch
@@ -0,0 +1,101 @@
+From 321fd82389742398d2924640ce3a61791fd27d60 Mon Sep 17 00:00:00 2001
+From: Jeff King <peff@peff.net>
+Date: Wed, 24 Oct 2018 03:38:00 -0400
+Subject: run-command: mark path lookup errors with ENOENT
+
+Since commit e3a434468f (run-command: use the
+async-signal-safe execv instead of execvp, 2017-04-19),
+prepare_cmd() does its own PATH lookup for any commands we
+run (on non-Windows platforms).
+
+However, its logic does not match the old execvp call when
+we fail to find a matching entry in the PATH. Instead of
+feeding the name directly to execv, execvp would consider
+that an ENOENT error. By continuing and passing the name
+directly to execv, we effectively behave as if "." was
+included at the end of the PATH. This can have confusing and
+even dangerous results.
+
+The fix itself is pretty straight-forward. There's a new
+test in t0061 to cover this explicitly, and I've also added
+a duplicate of the ENOENT test to ensure that we return the
+correct errno for this case.
+
+Signed-off-by: Jeff King <peff@peff.net>
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+---
+ run-command.c | 21 +++++++++++++++++----
+ t/t0061-run-command.sh | 13 ++++++++++++-
+ 2 files changed, 29 insertions(+), 5 deletions(-)
+
+diff --git a/run-command.c b/run-command.c
+index 014b2165b..8d42a4f53 100644
+--- a/run-command.c
++++ b/run-command.c
+@@ -378,7 +378,7 @@ static void child_err_spew(struct child_process *cmd, struct child_err *cerr)
+ set_error_routine(old_errfn);
+ }
+
+-static void prepare_cmd(struct argv_array *out, const struct child_process *cmd)
++static int prepare_cmd(struct argv_array *out, const struct child_process *cmd)
+ {
+ if (!cmd->argv[0])
+ die("BUG: command is empty");
+@@ -401,16 +401,22 @@ static void prepare_cmd(struct argv_array *out, const struct child_process *cmd)
+ /*
+ * If there are no '/' characters in the command then perform a path
+ * lookup and use the resolved path as the command to exec. If there
+- * are no '/' characters or if the command wasn't found in the path,
+- * have exec attempt to invoke the command directly.
++ * are '/' characters, we have exec attempt to invoke the command
++ * directly.
+ */
+ if (!strchr(out->argv[1], '/')) {
+ char *program = locate_in_PATH(out->argv[1]);
+ if (program) {
+ free((char *)out->argv[1]);
+ out->argv[1] = program;
++ } else {
++ argv_array_clear(out);
++ errno = ENOENT;
++ return -1;
+ }
+ }
++
++ return 0;
+ }
+
+ static char **prep_childenv(const char *const *deltaenv)
+@@ -635,6 +641,12 @@ fail_pipe:
+ struct child_err cerr;
+ struct atfork_state as;
+
++ if (prepare_cmd(&argv, cmd) < 0) {
++ failed_errno = errno;
++ cmd->pid = -1;
++ goto end_of_spawn;
++ }
++
+ if (pipe(notify_pipe))
+ notify_pipe[0] = notify_pipe[1] = -1;
+
+@@ -645,7 +657,6 @@ fail_pipe:
+ set_cloexec(null_fd);
+ }
+
+- prepare_cmd(&argv, cmd);
+ childenv = prep_childenv(cmd->env);
+ atfork_prepare(&as);
+
+@@ -773,6 +784,8 @@ fail_pipe:
+ argv_array_clear(&argv);
+ free(childenv);
+ }
++end_of_spawn:
++
+ #else
+ {
+ int fhin = 0, fhout = 1, fherr = 2;
+--
+cgit 1.2-0.3.lf.el7
+