summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBen Lutgens <lamer@gentoo.org>2001-07-12 19:43:49 +0000
committerBen Lutgens <lamer@gentoo.org>2001-07-12 19:43:49 +0000
commitecdb58b09896ef22fd4ffe45b6a2a51a9b60c837 (patch)
tree903bbed15c508f003253726c818d51f22cfa5bed
parentfixed doc installs. (diff)
downloadgentoo-2-ecdb58b09896ef22fd4ffe45b6a2a51a9b60c837.tar.gz
gentoo-2-ecdb58b09896ef22fd4ffe45b6a2a51a9b60c837.tar.bz2
gentoo-2-ecdb58b09896ef22fd4ffe45b6a2a51a9b60c837.zip
Some security fixes and some touch ups. tar and unzip are both prone to
undesirable directory traversal (nothing like leaving .. unlinked *shudder*) I package.masked unzip-5.42 since thier server is busted and I can't test it yet. http://www.security.nnov.ru/advisories <-- is the advisories. rar is also suceptible. Remeber you should run archivers under a privleged UID.
-rw-r--r--app-arch/unzip/files/unzip-5.42.patch31
-rw-r--r--app-arch/unzip/unzip-5.42.ebuild40
-rw-r--r--gnome-apps/gnome-pilot/gnome-pilot-0.1.54.ebuild7
-rw-r--r--gnome-extra/gnome-pilot/gnome-pilot-0.1.54.ebuild7
-rw-r--r--net-misc/x11-ssh-askpass/x11-ssh-askpass-1.2.2.ebuild4
-rw-r--r--profiles/package.mask2
-rw-r--r--sys-apps/tar/files/digest-tar-1.13.191
-rw-r--r--sys-apps/tar/files/tar-1.13.19.patch40
-rw-r--r--sys-apps/tar/tar-1.13.19.ebuild61
9 files changed, 182 insertions, 11 deletions
diff --git a/app-arch/unzip/files/unzip-5.42.patch b/app-arch/unzip/files/unzip-5.42.patch
new file mode 100644
index 000000000000..a39d3c7d137e
--- /dev/null
+++ b/app-arch/unzip/files/unzip-5.42.patch
@@ -0,0 +1,31 @@
+*** extract.orig Sun Jan 14 00:40:20 2001
+--- extract.c Mon Jul 9 14:45:42 2001
+***************
+*** 154,159 ****
+--- 154,161 ----
+ #ifndef WINDLL
+ static ZCONST char Far ReplaceQuery[] =
+ "replace %s? [y]es, [n]o, [A]ll, [N]one, [r]ename: ";
++ static ZCONST char Far TraversalWarning[] =
++ "%s skipped because of directory traversal\n";
+ static ZCONST char Far AssumeNone[] = " NULL\n(assuming [N]one)\n";
+ static ZCONST char Far NewNameQuery[] = "new name: ";
+ static ZCONST char Far InvalidResponse[] = "error: invalid response [%c]\n";
+***************
+*** 877,882 ****
+--- 879,893 ----
+ } /* end switch (*answerbuf) */
+ #endif /* ?WINDLL */
+ } /* end if (query) */
++ if(*__G__ G.filename=='/' || !strncmp(__G__ G.filename, "../", 3)
++ || strstr(__G__ G.filename,"/../")){
++ skip_entry = SKIP_Y_EXISTING;
++ #ifndef WINDLL
++ Info(slide, 0x81, ((char *)slide,
++ LoadFarString(TraversalWarning),
++ FnFilter1(G.filename)));
++ #endif
++ }
+ if (skip_entry != SKIP_NO) {
+ #ifdef WINDLL
+ if (skip_entry == SKIP_Y_EXISTING) {
diff --git a/app-arch/unzip/unzip-5.42.ebuild b/app-arch/unzip/unzip-5.42.ebuild
new file mode 100644
index 000000000000..eddd5e509403
--- /dev/null
+++ b/app-arch/unzip/unzip-5.42.ebuild
@@ -0,0 +1,40 @@
+# Copyright 1999-2000 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License, v2 or later
+# Author Achim Gottinger <achim@gentoo.org>
+# $Header: /var/cvsroot/gentoo-x86/app-arch/unzip/unzip-5.42.ebuild,v 1.1 2001/07/12 19:43:49 lamer Exp $
+
+A=unzip542.tar.gz
+S=${WORKDIR}/${P}
+DESCRIPTION="Unzipper for pkzip-compressed files"
+SRC_URI="ftp://ftp.freesoftware.com/pub/infozip/src/${A}"
+HOMEPAGE="ftp://ftp.info-zip.org/pub/infozip/UnZip.html"
+
+DEPEND="virtual/glibc"
+
+src_unpack() {
+ unpack ${A}
+ cd ${S}
+ patch -p0 < ${FILEDIR}/unzip-5.42.patch
+}
+
+
+src_compile() {
+
+ cp unix/Makefile unix/Makefile.orig
+ sed -e "s:-O3:${CFLAGS}:" unix/Makefile.orig > unix/Makefile
+
+ try make -f unix/Makefile linux
+
+}
+
+src_install() {
+
+ dobin unzip funzip unzipsfx unix/zipgrep
+ doman man/*.1
+ dodoc BUGS COPYING History* LICENSE README ToDo WHERE
+
+
+}
+
+
+
diff --git a/gnome-apps/gnome-pilot/gnome-pilot-0.1.54.ebuild b/gnome-apps/gnome-pilot/gnome-pilot-0.1.54.ebuild
index 938b545287a7..3b5b2b05b2e1 100644
--- a/gnome-apps/gnome-pilot/gnome-pilot-0.1.54.ebuild
+++ b/gnome-apps/gnome-pilot/gnome-pilot-0.1.54.ebuild
@@ -1,7 +1,7 @@
# Copyright 1999-2000 Gentoo Technologies, Inc.
# Distributed under the terms of the GNU General Public License, v2 or later
# Author Your Name <your email>
-# $Header: /var/cvsroot/gentoo-x86/gnome-apps/gnome-pilot/gnome-pilot-0.1.54.ebuild,v 1.1 2001/06/28 14:52:27 lamer Exp $
+# $Header: /var/cvsroot/gentoo-x86/gnome-apps/gnome-pilot/gnome-pilot-0.1.54.ebuild,v 1.2 2001/07/12 19:43:49 lamer Exp $
#P=
A=${P}.tar.gz
@@ -13,12 +13,11 @@ HOMEPAGE="http://www.gnome.org/gnome-pilot/"
DEPEND=">=gnome-base/gnome-core-1.4.0.4
>=gnome-base/gnome-env-1.0
>=gnome-base/control-center-1.4.0.1
- >=dev-libs/pilot-link-0.9.3"
+ >=dev-libs/pilot-link-0.9.5"
src_compile() {
- try ./configure --prefix=/opt/gnome --with-oaf\
- --with-gnome-libs=/opt/gnome/lib\
+ try ./configure --prefix=/opt/gnome --with-gnome-libs=/opt/gnome/lib\
--sysconfdir=/etc/opt/gnome --enable-usb-visor=yes --host=${CHOST}
try make
diff --git a/gnome-extra/gnome-pilot/gnome-pilot-0.1.54.ebuild b/gnome-extra/gnome-pilot/gnome-pilot-0.1.54.ebuild
index 16a328b4d21d..1279c0703b63 100644
--- a/gnome-extra/gnome-pilot/gnome-pilot-0.1.54.ebuild
+++ b/gnome-extra/gnome-pilot/gnome-pilot-0.1.54.ebuild
@@ -1,7 +1,7 @@
# Copyright 1999-2000 Gentoo Technologies, Inc.
# Distributed under the terms of the GNU General Public License, v2 or later
# Author Your Name <your email>
-# $Header: /var/cvsroot/gentoo-x86/gnome-extra/gnome-pilot/gnome-pilot-0.1.54.ebuild,v 1.1 2001/06/28 14:52:27 lamer Exp $
+# $Header: /var/cvsroot/gentoo-x86/gnome-extra/gnome-pilot/gnome-pilot-0.1.54.ebuild,v 1.2 2001/07/12 19:43:49 lamer Exp $
#P=
A=${P}.tar.gz
@@ -13,12 +13,11 @@ HOMEPAGE="http://www.gnome.org/gnome-pilot/"
DEPEND=">=gnome-base/gnome-core-1.4.0.4
>=gnome-base/gnome-env-1.0
>=gnome-base/control-center-1.4.0.1
- >=dev-libs/pilot-link-0.9.3"
+ >=dev-libs/pilot-link-0.9.5"
src_compile() {
- try ./configure --prefix=/opt/gnome --with-oaf\
- --with-gnome-libs=/opt/gnome/lib\
+ try ./configure --prefix=/opt/gnome --with-gnome-libs=/opt/gnome/lib\
--sysconfdir=/etc/opt/gnome --enable-usb-visor=yes --host=${CHOST}
try make
diff --git a/net-misc/x11-ssh-askpass/x11-ssh-askpass-1.2.2.ebuild b/net-misc/x11-ssh-askpass/x11-ssh-askpass-1.2.2.ebuild
index e44bc4627e84..b4b1c826e51a 100644
--- a/net-misc/x11-ssh-askpass/x11-ssh-askpass-1.2.2.ebuild
+++ b/net-misc/x11-ssh-askpass/x11-ssh-askpass-1.2.2.ebuild
@@ -15,8 +15,8 @@ RDEPEND=">=net-misc/openssh-2.3.0 virtual/x11"
src_compile() {
try ./configure --prefix=/usr --libexecdir=/usr/lib/misc
try xmkmf
- try make includes
- try make
+ try make $MAKEOPTS includes
+ try make
}
diff --git a/profiles/package.mask b/profiles/package.mask
index 8b6f38e1ec31..f385d3297618 100644
--- a/profiles/package.mask
+++ b/profiles/package.mask
@@ -49,7 +49,7 @@ app-editors/gtk-xemacs
>=media-libs/freetype-2.0.4
>=dev-db/unixODBC-2.0.8
=sys-devel/spython-2.0-r5
-
+=app-arch/unzip-5.42
#OK, I assume that the XFS in 2.4.4-r5 is hosed; alkaline?
=sys-kernel/linux-sources-2.4.4-r5
diff --git a/sys-apps/tar/files/digest-tar-1.13.19 b/sys-apps/tar/files/digest-tar-1.13.19
new file mode 100644
index 000000000000..5c266195c6f9
--- /dev/null
+++ b/sys-apps/tar/files/digest-tar-1.13.19
@@ -0,0 +1 @@
+MD5 ff10ade59f5b312869ffb2f229177e14 tar-1.13.19.tar.gz
diff --git a/sys-apps/tar/files/tar-1.13.19.patch b/sys-apps/tar/files/tar-1.13.19.patch
new file mode 100644
index 000000000000..26c0d63bedc1
--- /dev/null
+++ b/sys-apps/tar/files/tar-1.13.19.patch
@@ -0,0 +1,40 @@
+*** misc.c.orig Sat Jan 13 08:59:29 2001
+--- misc.c Mon Jul 9 15:45:09 2001
+***************
+*** 201,217 ****
+ {
+ char const *p = name + FILESYSTEM_PREFIX_LEN (name);
+
+ for (;;)
+ {
+! if (p[0] == '.' && p[1] == '.' && (ISSLASH (p[2]) || !p[2]))
+ return 1;
+
+ do
+ {
+! if (! *p++)
+ return 0;
+ }
+! while (! ISSLASH (*p));
+ }
+ }
+
+--- 201,218 ----
+ {
+ char const *p = name + FILESYSTEM_PREFIX_LEN (name);
+
++ if(ISSLASH (*p) ) return 1;
+ for (;;)
+ {
+! if (p[0] == '.' && p[1] == '.' && (!p[2] || ISSLASH (p[2])))
+ return 1;
+
+ do
+ {
+! if (! *p)
+ return 0;
+ }
+! while (! ISSLASH (*p++));
+ }
+ }
+
diff --git a/sys-apps/tar/tar-1.13.19.ebuild b/sys-apps/tar/tar-1.13.19.ebuild
new file mode 100644
index 000000000000..cd32405d9a99
--- /dev/null
+++ b/sys-apps/tar/tar-1.13.19.ebuild
@@ -0,0 +1,61 @@
+# Copyright 1999-2000 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License, v2 or later
+# Author Achim Gottinger <achim@gentoo.org>
+# $Header: /var/cvsroot/gentoo-x86/sys-apps/tar/tar-1.13.19.ebuild,v 1.1 2001/07/12 19:43:49 lamer Exp $
+
+A=${P}.tar.gz
+S=${WORKDIR}/${P}
+
+DESCRIPTION="Use this to try make tarballs :)"
+SRC_URI="ftp://alpha.gnu.org/gnu/tar/"${A}
+HOMEPAGE="http://www.gnu.org/software/tar/"
+
+DEPEND="virtual/glibc
+ nls? ( sys-devel/gettext-0.10.35 )"
+
+RDEPEND="virtual/glibc"
+
+src_unpack() {
+ unpack ${A}
+ cd ${S}/src
+ patch -p0 < ${FILESDIR}/tar-1.13.19.patch
+}
+
+src_compile() {
+
+ local myconf
+ if [ -z "`use nls`" ]
+ then
+ myconf="--disable-nls"
+ fi
+ try ./configure --prefix=/usr --bindir=/bin --libexecdir=/usr/lib/misc \
+ --infodir=/usr/share/info --host=${CHOST} ${myconf}
+
+ if [ -z "`use static`" ]
+ then
+ try make ${MAKEOPTS}
+ else
+ try make ${MAKEOPTS} LDFLAGS=-static
+ fi
+}
+
+src_install() {
+ try make DESTDIR=${D} install
+ #FHS 2.1 stuff
+ dodir /usr/sbin
+ cd ${D}
+ mv usr/lib/misc/rmt usr/sbin/rmt.gnu
+ dosym rmt.gnu /usr/sbin/rmt
+ if [ -z "`use build`" ]
+ then
+ dodoc AUTHORS ChangeLog* COPYING NEWS README* PORTS THANKS
+
+ #we're using Schilly's enhanced rmt command included with star
+# rm -rf ${D}/usr/lib
+ else
+ rm -rf ${D}/usr/share/info
+ fi
+
+}
+
+