pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/archivers/p7zip

Module Name:    pkgsrc
Committed By:   sevan
Date:           Wed Nov 30 14:29:09 UTC 2016

Modified Files:
        pkgsrc/archivers/p7zip: Makefile distinfo
Added Files:
        pkgsrc/archivers/p7zip/patches: patch-CPP_7zip_Archive_7z_7zIn.cpp

Log Message:
Add patch for CVE-2016-9296 https://sourceforge.net/p/p7zip/bugs/185/
Bump rev


To generate a diff of this commit:
cvs rdiff -u -r1.63 -r1.64 pkgsrc/archivers/p7zip/Makefile
cvs rdiff -u -r1.50 -r1.51 pkgsrc/archivers/p7zip/distinfo
cvs rdiff -u -r0 -r1.1 \
    pkgsrc/archivers/p7zip/patches/patch-CPP_7zip_Archive_7z_7zIn.cpp

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: pkgsrc/archivers/p7zip/Makefile
diff -u pkgsrc/archivers/p7zip/Makefile:1.63 pkgsrc/archivers/p7zip/Makefile:1.64
--- pkgsrc/archivers/p7zip/Makefile:1.63        Tue Jul 19 08:26:10 2016
+++ pkgsrc/archivers/p7zip/Makefile     Wed Nov 30 14:29:09 2016
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.63 2016/07/19 08:26:10 mef Exp $
+# $NetBSD: Makefile,v 1.64 2016/11/30 14:29:09 sevan Exp $
 
 DISTNAME=      p7zip_16.02_src_all
 PKGNAME=       ${DISTNAME:S/_src_all//S/_/-/}
+PKGREVISION=   1
 CATEGORIES=    archivers
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=p7zip/}
 EXTRACT_SUFX=  .tar.bz2

Index: pkgsrc/archivers/p7zip/distinfo
diff -u pkgsrc/archivers/p7zip/distinfo:1.50 pkgsrc/archivers/p7zip/distinfo:1.51
--- pkgsrc/archivers/p7zip/distinfo:1.50        Tue Jul 19 08:26:10 2016
+++ pkgsrc/archivers/p7zip/distinfo     Wed Nov 30 14:29:09 2016
@@ -1,9 +1,10 @@
-$NetBSD: distinfo,v 1.50 2016/07/19 08:26:10 mef Exp $
+$NetBSD: distinfo,v 1.51 2016/11/30 14:29:09 sevan Exp $
 
 SHA1 (p7zip_16.02_src_all.tar.bz2) = e8819907132811aa1afe5ef296181d3a15cc8f22
 RMD160 (p7zip_16.02_src_all.tar.bz2) = 03550898e45b3eabe4ea0df5ee3787bd8f179fd0
 SHA512 (p7zip_16.02_src_all.tar.bz2) = d2c4d53817f96bb4c7683f42045198d4cd509cfc9c3e2cb85c8d9dc4ab6dfa7496449edeac4e300ecf986a9cbbc90bd8f8feef8156895d94617c04e507add55f
 Size (p7zip_16.02_src_all.tar.bz2) = 4239909 bytes
+SHA1 (patch-CPP_7zip_Archive_7z_7zIn.cpp) = cce409d45be6ae8e96314dad1c51d9feb09bc817
 SHA1 (patch-CPP_Windows_DLL.cpp) = 12fb3f3cf4d32b8848f741dde6bcb0e56a9c6745
 SHA1 (patch-aa) = 9c103fa831cc6ff099e3a604c763ff416f1b48ec
 SHA1 (patch-ab) = c680fb037b9ef5e19e4c8dc71dd710598277a61b

Added files:

Index: pkgsrc/archivers/p7zip/patches/patch-CPP_7zip_Archive_7z_7zIn.cpp
diff -u /dev/null pkgsrc/archivers/p7zip/patches/patch-CPP_7zip_Archive_7z_7zIn.cpp:1.1
--- /dev/null   Wed Nov 30 14:29:09 2016
+++ pkgsrc/archivers/p7zip/patches/patch-CPP_7zip_Archive_7z_7zIn.cpp   Wed Nov 30 14:29:09 2016
@@ -0,0 +1,14 @@
+$NetBSD: patch-CPP_7zip_Archive_7z_7zIn.cpp,v 1.1 2016/11/30 14:29:09 sevan Exp $
+
+CVE-2016-9296 https://sourceforge.net/p/p7zip/bugs/185/
+
+--- CPP/7zip/Archive/7z/7zIn.cpp.orig  2016-11-30 14:19:04.000000000 +0000
++++ CPP/7zip/Archive/7z/7zIn.cpp
+@@ -1097,6 +1097,7 @@ HRESULT CInArchive::ReadAndDecodePackedS
+       if (CrcCalc(data, unpackSize) != folders.FolderCRCs.Vals[i])
+         ThrowIncorrect();
+   }
++if (folders.PackPositions)
+   HeadersSize += folders.PackPositions[folders.NumPackStreams];
+   return S_OK;
+ }
Home | Main Index | Thread Index | Old Index