From 8cdd93154aeb43702a196270e3818bf2466c3e0c Mon Sep 17 00:00:00 2001
From: TBK <tbk@jjtc.eu>
Date: Tue, 25 Feb 2020 21:49:05 +0100
Subject: main/cvs: security upgrade to 1.12.12

Most distros uses 1.12.13 (https://repology.org/project/cvs/versions) but according to Gentoo it is usable, so following Gentoo (https://bugs.gentoo.org/124733) 1.12.12 is the way forward.

CVEs:
* CVE-2010-3846 - https://bugzilla.redhat.com/show_bug.cgi?id=642146
* CVE-2012-0804 - https://security-tracker.debian.org/tracker/CVE-2012-0804
* CVE-2017-12836 - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871810#10
---
 main/cvs/cvs-1.12.12-cvsbug-tmpfix.patch | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 main/cvs/cvs-1.12.12-cvsbug-tmpfix.patch

(limited to 'main/cvs/cvs-1.12.12-cvsbug-tmpfix.patch')

diff --git a/main/cvs/cvs-1.12.12-cvsbug-tmpfix.patch b/main/cvs/cvs-1.12.12-cvsbug-tmpfix.patch
new file mode 100644
index 0000000000..fcd4431e87
--- /dev/null
+++ b/main/cvs/cvs-1.12.12-cvsbug-tmpfix.patch
@@ -0,0 +1,22 @@
+Index: cvs-1.12.12/src/cvsbug.in
+===================================================================
+--- cvs-1.12.12.orig/src/cvsbug.in
++++ cvs-1.12.12/src/cvsbug.in
+@@ -109,14 +109,14 @@ elif [ -f /bin/domainname ]; then
+     /usr/bin/ypcat passwd 2>/dev/null | cat - /etc/passwd | grep "^$LOGNAME:" |
+       cut -f5 -d':' | sed -e 's/,.*//' > $TEMP
+     ORIGINATOR="`cat $TEMP`"
+-    rm -f $TEMP
++    > $TEMP
+   fi
+ fi
+
+ if [ "$ORIGINATOR" = "" ]; then
+   grep "^$LOGNAME:" /etc/passwd | cut -f5 -d':' | sed -e 's/,.*//' > $TEMP
+   ORIGINATOR="`cat $TEMP`"
+-  rm -f $TEMP
++  > $TEMP
+ fi
+
+ if [ -n "$ORGANIZATION" ]; then
+
-- 
cgit v1.2.3