diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2011-10-17 19:33:14 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2011-10-17 19:33:14 +0000 |
commit | 88e633357b740fd805059e7902277ef67ec39ebc (patch) | |
tree | 85c1c86c935048d69af79c9f8a20194a2370dfa2 /main/conky | |
parent | 0197c4c3d23966bc4b7c2f7a2e9a351c8b0b2e72 (diff) | |
download | aports-88e633357b740fd805059e7902277ef67ec39ebc.tar.bz2 aports-88e633357b740fd805059e7902277ef67ec39ebc.tar.xz |
main/conky: security fix CVE-2011-3616
ref #767
Diffstat (limited to 'main/conky')
-rw-r--r-- | main/conky/APKBUILD | 26 | ||||
-rw-r--r-- | main/conky/conky-1.8.1-curl-headers.patch | 24 | ||||
-rw-r--r-- | main/conky/conky-1.8.1-secunia-SA43225.patch | 72 |
3 files changed, 116 insertions, 6 deletions
diff --git a/main/conky/APKBUILD b/main/conky/APKBUILD index 0ff7ecf0d3..a392ae680d 100644 --- a/main/conky/APKBUILD +++ b/main/conky/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=conky pkgver=1.8.1 -pkgrel=1 +pkgrel=2 pkgdesc="An advanced, highly configurable system monitor for X based on torsmo" url="http://conky.sourceforge.net/" arch="all" @@ -12,12 +12,23 @@ makedepends="pkgconfig alsa-lib-dev libxml2-dev curl-dev wireless-tools-dev cairo-dev tolua++ ncurses-dev " subpackages="$pkgname-doc $pkgname-dev" -source="http://downloads.sourceforge.net/project/conky/conky/$pkgver/conky-$pkgver.tar.bz2" +source="http://downloads.sourceforge.net/project/conky/conky/$pkgver/conky-$pkgver.tar.bz2 + conky-1.8.1-curl-headers.patch + conky-1.8.1-secunia-SA43225.patch" _builddir="$srcdir"/$pkgname-$pkgver -build () -{ - cd "$srcdir/$pkgname-$pkgver" +prepare() { + cd "$_builddir" + local i + for i in $source; do + case $i in + *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; + esac + done +} + +build() { + cd "$_builddir" ./configure --prefix=/usr \ --sysconfdir=/etc \ --enable-wlan \ @@ -35,6 +46,9 @@ package() { cd "$_builddir" make DESTDIR="$pkgdir" install || return 1 install -D -m644 COPYING $pkgdir/usr/share/licenses/$pkgname/LICENSE + rm "$pkgdir"/usr/lib/conky/*.la } -md5sums="366dc6a5c2ebebfbe6f53da25061b5d6 conky-1.8.1.tar.bz2" +md5sums="366dc6a5c2ebebfbe6f53da25061b5d6 conky-1.8.1.tar.bz2 +94e415b1189be5fb6d6ff5117c8df06e conky-1.8.1-curl-headers.patch +e00e00b1e4dd77536f8caed7a2b851c1 conky-1.8.1-secunia-SA43225.patch" diff --git a/main/conky/conky-1.8.1-curl-headers.patch b/main/conky/conky-1.8.1-curl-headers.patch new file mode 100644 index 0000000000..5de2de14e6 --- /dev/null +++ b/main/conky/conky-1.8.1-curl-headers.patch @@ -0,0 +1,24 @@ +diff --git a/src/ccurl_thread.c b/src/ccurl_thread.c +index 10e73a6..9bea299 100644 +--- a/src/ccurl_thread.c ++++ b/src/ccurl_thread.c +@@ -33,7 +33,6 @@ + #endif /* DEBUG */ + + #include <curl/curl.h> +-#include <curl/types.h> + #include <curl/easy.h> + + /* +diff --git a/src/eve.c b/src/eve.c +index dc07264..f62a5f6 100644 +--- a/src/eve.c ++++ b/src/eve.c +@@ -37,7 +37,6 @@ + #include <libxml/xmlwriter.h> + + #include <curl/curl.h> +-#include <curl/types.h> + #include <curl/easy.h> + + #include <time.h> diff --git a/main/conky/conky-1.8.1-secunia-SA43225.patch b/main/conky/conky-1.8.1-secunia-SA43225.patch new file mode 100644 index 0000000000..cac4b2c08b --- /dev/null +++ b/main/conky/conky-1.8.1-secunia-SA43225.patch @@ -0,0 +1,72 @@ +--- ./src/eve.c 2011-02-12 13:26:34.636269667 +0100 ++++ ./src/eve.c 2011-02-12 13:26:48.242936334 +0100 +@@ -254,19 +254,6 @@ + } + } + +-static int file_exists(const char *filename) +-{ +- struct stat fi; +- +- if ((stat(filename, &fi)) == 0) { +- if (fi.st_size > 0) +- return 1; +- else +- return 0; +- } else +- return 0; +-} +- + static void writeSkilltree(char *content, const char *filename) + { + FILE *fp = fopen(filename, "w"); +@@ -283,13 +270,12 @@ + xmlDocPtr doc = 0; + xmlNodePtr root = 0; + +- if (!file_exists(file)) { +- skilltree = getXmlFromAPI(NULL, NULL, NULL, EVEURL_SKILLTREE); +- writeSkilltree(skilltree, file); +- free(skilltree); +- } ++ skilltree = getXmlFromAPI(NULL, NULL, NULL, EVEURL_SKILLTREE); ++ writeSkilltree(skilltree, file); ++ free(skilltree); + + doc = xmlReadFile(file, NULL, 0); ++ unlink(file); + if (!doc) + return NULL; + +@@ -340,7 +326,7 @@ + static char *eve(char *userid, char *apikey, char *charid) + { + Character *chr = NULL; +- const char *skillfile = "/tmp/.cesf"; ++ char skillfile[] = "/tmp/.cesfXXXXXX"; + int i = 0; + char *output = 0; + char *timel = 0; +@@ -348,6 +334,7 @@ + char *content = 0; + time_t now = 0; + char *error = 0; ++ int tmp_fd, old_umask; + + + for (i = 0; i < MAXCHARS; i++) { +@@ -400,6 +387,14 @@ + + output = (char *)malloc(200 * sizeof(char)); + timel = formatTime(&chr->ends); ++ old_umask = umask(0066); ++ tmp_fd = mkstemp(skillfile); ++ umask(old_umask); ++ if (tmp_fd == -1) { ++ error = strdup("Cannot create temporary file"); ++ return error; ++ } ++ close(tmp_fd); + skill = getSkillname(skillfile, chr->skill); + + chr->skillname = strdup(skill); |