aboutsummaryrefslogtreecommitdiffstats
path: root/main/conky
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2011-10-17 19:33:14 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2011-10-17 19:33:14 +0000
commit88e633357b740fd805059e7902277ef67ec39ebc (patch)
tree85c1c86c935048d69af79c9f8a20194a2370dfa2 /main/conky
parent0197c4c3d23966bc4b7c2f7a2e9a351c8b0b2e72 (diff)
downloadaports-88e633357b740fd805059e7902277ef67ec39ebc.tar.bz2
aports-88e633357b740fd805059e7902277ef67ec39ebc.tar.xz
main/conky: security fix CVE-2011-3616
ref #767
Diffstat (limited to 'main/conky')
-rw-r--r--main/conky/APKBUILD26
-rw-r--r--main/conky/conky-1.8.1-curl-headers.patch24
-rw-r--r--main/conky/conky-1.8.1-secunia-SA43225.patch72
3 files changed, 116 insertions, 6 deletions
diff --git a/main/conky/APKBUILD b/main/conky/APKBUILD
index 0ff7ecf0d3..a392ae680d 100644
--- a/main/conky/APKBUILD
+++ b/main/conky/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=conky
pkgver=1.8.1
-pkgrel=1
+pkgrel=2
pkgdesc="An advanced, highly configurable system monitor for X based on torsmo"
url="http://conky.sourceforge.net/"
arch="all"
@@ -12,12 +12,23 @@ makedepends="pkgconfig alsa-lib-dev libxml2-dev curl-dev wireless-tools-dev
cairo-dev tolua++ ncurses-dev
"
subpackages="$pkgname-doc $pkgname-dev"
-source="http://downloads.sourceforge.net/project/conky/conky/$pkgver/conky-$pkgver.tar.bz2"
+source="http://downloads.sourceforge.net/project/conky/conky/$pkgver/conky-$pkgver.tar.bz2
+ conky-1.8.1-curl-headers.patch
+ conky-1.8.1-secunia-SA43225.patch"
_builddir="$srcdir"/$pkgname-$pkgver
-build ()
-{
- cd "$srcdir/$pkgname-$pkgver"
+prepare() {
+ cd "$_builddir"
+ local i
+ for i in $source; do
+ case $i in
+ *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
+ esac
+ done
+}
+
+build() {
+ cd "$_builddir"
./configure --prefix=/usr \
--sysconfdir=/etc \
--enable-wlan \
@@ -35,6 +46,9 @@ package() {
cd "$_builddir"
make DESTDIR="$pkgdir" install || return 1
install -D -m644 COPYING $pkgdir/usr/share/licenses/$pkgname/LICENSE
+ rm "$pkgdir"/usr/lib/conky/*.la
}
-md5sums="366dc6a5c2ebebfbe6f53da25061b5d6 conky-1.8.1.tar.bz2"
+md5sums="366dc6a5c2ebebfbe6f53da25061b5d6 conky-1.8.1.tar.bz2
+94e415b1189be5fb6d6ff5117c8df06e conky-1.8.1-curl-headers.patch
+e00e00b1e4dd77536f8caed7a2b851c1 conky-1.8.1-secunia-SA43225.patch"
diff --git a/main/conky/conky-1.8.1-curl-headers.patch b/main/conky/conky-1.8.1-curl-headers.patch
new file mode 100644
index 0000000000..5de2de14e6
--- /dev/null
+++ b/main/conky/conky-1.8.1-curl-headers.patch
@@ -0,0 +1,24 @@
+diff --git a/src/ccurl_thread.c b/src/ccurl_thread.c
+index 10e73a6..9bea299 100644
+--- a/src/ccurl_thread.c
++++ b/src/ccurl_thread.c
+@@ -33,7 +33,6 @@
+ #endif /* DEBUG */
+
+ #include <curl/curl.h>
+-#include <curl/types.h>
+ #include <curl/easy.h>
+
+ /*
+diff --git a/src/eve.c b/src/eve.c
+index dc07264..f62a5f6 100644
+--- a/src/eve.c
++++ b/src/eve.c
+@@ -37,7 +37,6 @@
+ #include <libxml/xmlwriter.h>
+
+ #include <curl/curl.h>
+-#include <curl/types.h>
+ #include <curl/easy.h>
+
+ #include <time.h>
diff --git a/main/conky/conky-1.8.1-secunia-SA43225.patch b/main/conky/conky-1.8.1-secunia-SA43225.patch
new file mode 100644
index 0000000000..cac4b2c08b
--- /dev/null
+++ b/main/conky/conky-1.8.1-secunia-SA43225.patch
@@ -0,0 +1,72 @@
+--- ./src/eve.c 2011-02-12 13:26:34.636269667 +0100
++++ ./src/eve.c 2011-02-12 13:26:48.242936334 +0100
+@@ -254,19 +254,6 @@
+ }
+ }
+
+-static int file_exists(const char *filename)
+-{
+- struct stat fi;
+-
+- if ((stat(filename, &fi)) == 0) {
+- if (fi.st_size > 0)
+- return 1;
+- else
+- return 0;
+- } else
+- return 0;
+-}
+-
+ static void writeSkilltree(char *content, const char *filename)
+ {
+ FILE *fp = fopen(filename, "w");
+@@ -283,13 +270,12 @@
+ xmlDocPtr doc = 0;
+ xmlNodePtr root = 0;
+
+- if (!file_exists(file)) {
+- skilltree = getXmlFromAPI(NULL, NULL, NULL, EVEURL_SKILLTREE);
+- writeSkilltree(skilltree, file);
+- free(skilltree);
+- }
++ skilltree = getXmlFromAPI(NULL, NULL, NULL, EVEURL_SKILLTREE);
++ writeSkilltree(skilltree, file);
++ free(skilltree);
+
+ doc = xmlReadFile(file, NULL, 0);
++ unlink(file);
+ if (!doc)
+ return NULL;
+
+@@ -340,7 +326,7 @@
+ static char *eve(char *userid, char *apikey, char *charid)
+ {
+ Character *chr = NULL;
+- const char *skillfile = "/tmp/.cesf";
++ char skillfile[] = "/tmp/.cesfXXXXXX";
+ int i = 0;
+ char *output = 0;
+ char *timel = 0;
+@@ -348,6 +334,7 @@
+ char *content = 0;
+ time_t now = 0;
+ char *error = 0;
++ int tmp_fd, old_umask;
+
+
+ for (i = 0; i < MAXCHARS; i++) {
+@@ -400,6 +387,14 @@
+
+ output = (char *)malloc(200 * sizeof(char));
+ timel = formatTime(&chr->ends);
++ old_umask = umask(0066);
++ tmp_fd = mkstemp(skillfile);
++ umask(old_umask);
++ if (tmp_fd == -1) {
++ error = strdup("Cannot create temporary file");
++ return error;
++ }
++ close(tmp_fd);
+ skill = getSkillname(skillfile, chr->skill);
+
+ chr->skillname = strdup(skill);