aboutsummaryrefslogtreecommitdiffstats
path: root/main/patch
diff options
context:
space:
mode:
authorLeonardo Arena <rnalrd@alpinelinux.org>2018-02-28 13:42:51 +0000
committerLeonardo Arena <rnalrd@alpinelinux.org>2018-02-28 13:43:35 +0000
commit58fc65d2b14f59efea945f9dc2dc39d9db45d72e (patch)
treeba1feb6610e4f65334c3751723b070dd130c4100 /main/patch
parent70734a7d94989236c215eda0309e71320585fcdc (diff)
downloadaports-58fc65d2b14f59efea945f9dc2dc39d9db45d72e.tar.bz2
aports-58fc65d2b14f59efea945f9dc2dc39d9db45d72e.tar.xz
main/patch: security fix (CVE-2018-6951)
Partially fixes #8563 Patch for CVE-2018-6952 not yet available: https://savannah.gnu.org/bugs/index.php?53133
Diffstat (limited to 'main/patch')
-rw-r--r--main/patch/APKBUILD14
-rw-r--r--main/patch/CVE-2018-6951.patch29
2 files changed, 40 insertions, 3 deletions
diff --git a/main/patch/APKBUILD b/main/patch/APKBUILD
index c469ec8473..146e4f908a 100644
--- a/main/patch/APKBUILD
+++ b/main/patch/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=patch
pkgver=2.7.6
-pkgrel=1
+pkgrel=2
pkgdesc="Utility to apply diffs to files"
url="https://www.gnu.org/software/patch/patch.html"
arch="all"
@@ -12,9 +12,16 @@ makedepends=""
checkdepends="bash ed"
install=""
subpackages="$pkgname-doc"
-source="ftp://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.xz"
+source="ftp://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.xz
+ CVE-2018-6951.patch
+ "
builddir="$srcdir"/$pkgname-$pkgver
+# secfixes:
+# 2.7.6-r2:
+# - CVE-2016-10713
+# - CVE-2018-6951
+
build() {
cd "$builddir"
./configure \
@@ -42,4 +49,5 @@ package() {
rmdir -p "$pkgdir"/usr/lib 2>/dev/null || true
}
-sha512sums="fcca87bdb67a88685a8a25597f9e015f5e60197b9a269fa350ae35a7991ed8da553939b4bbc7f7d3cfd863c67142af403b04165633acbce4339056a905e87fbd patch-2.7.6.tar.xz"
+sha512sums="fcca87bdb67a88685a8a25597f9e015f5e60197b9a269fa350ae35a7991ed8da553939b4bbc7f7d3cfd863c67142af403b04165633acbce4339056a905e87fbd patch-2.7.6.tar.xz
+db51d0b791d38dd4f1b373621ee18620ae339b172f58a79420fdaa4a4b1b1d9df239cf61bbddc4e6a4896b28b8cffc7c99161eb5e2facaec8df86a1bf7755bc0 CVE-2018-6951.patch"
diff --git a/main/patch/CVE-2018-6951.patch b/main/patch/CVE-2018-6951.patch
new file mode 100644
index 0000000000..002d8ffd9d
--- /dev/null
+++ b/main/patch/CVE-2018-6951.patch
@@ -0,0 +1,29 @@
+From f290f48a621867084884bfff87f8093c15195e6a Mon Sep 17 00:00:00 2001
+From: Andreas Gruenbacher <agruen@gnu.org>
+Date: Mon, 12 Feb 2018 16:48:24 +0100
+Subject: Fix segfault with mangled rename patch
+
+http://savannah.gnu.org/bugs/?53132
+* src/pch.c (intuit_diff_type): Ensure that two filenames are specified
+for renames and copies (fix the existing check).
+---
+ src/pch.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/pch.c b/src/pch.c
+index ff9ed2c..bc6278c 100644
+--- a/src/pch.c
++++ b/src/pch.c
+@@ -974,7 +974,8 @@ intuit_diff_type (bool need_header, mode_t *p_file_type)
+ if ((pch_rename () || pch_copy ())
+ && ! inname
+ && ! ((i == OLD || i == NEW) &&
+- p_name[! reverse] &&
++ p_name[reverse] && p_name[! reverse] &&
++ name_is_valid (p_name[reverse]) &&
+ name_is_valid (p_name[! reverse])))
+ {
+ say ("Cannot %s file without two valid file names\n", pch_rename () ? "rename" : "copy");
+--
+cgit v1.0-41-gc330
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-01 18:17:20 +0000