pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/misc/bsdiff

Module Name:    pkgsrc
Committed By:   nros
Date:           Mon Jul 31 07:09:54 UTC 2017

Modified Files:
        pkgsrc/misc/bsdiff: Makefile distinfo
Added Files:
        pkgsrc/misc/bsdiff/patches: patch-bspatch.c

Log Message:
Add patch to bsdiff to fix CVE-2014-9862.
Bump PKGREVISION.


To generate a diff of this commit:
cvs rdiff -u -r1.12 -r1.13 pkgsrc/misc/bsdiff/Makefile
cvs rdiff -u -r1.6 -r1.7 pkgsrc/misc/bsdiff/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/misc/bsdiff/patches/patch-bspatch.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: pkgsrc/misc/bsdiff/Makefile
diff -u pkgsrc/misc/bsdiff/Makefile:1.12 pkgsrc/misc/bsdiff/Makefile:1.13
--- pkgsrc/misc/bsdiff/Makefile:1.12    Mon Oct  8 09:57:17 2012
+++ pkgsrc/misc/bsdiff/Makefile Mon Jul 31 07:09:54 2017
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.12 2012/10/08 09:57:17 asau Exp $
+# $NetBSD: Makefile,v 1.13 2017/07/31 07:09:54 nros Exp $
 #
 
 DISTNAME=              bsdiff-4.3
+PKGREVISION=           1
 CATEGORIES=            misc
 MASTER_SITES=          http://www.daemonology.net/bsdiff/
 

Index: pkgsrc/misc/bsdiff/distinfo
diff -u pkgsrc/misc/bsdiff/distinfo:1.6 pkgsrc/misc/bsdiff/distinfo:1.7
--- pkgsrc/misc/bsdiff/distinfo:1.6     Thu Sep  8 14:37:05 2016
+++ pkgsrc/misc/bsdiff/distinfo Mon Jul 31 07:09:54 2017
@@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.6 2016/09/08 14:37:05 jperkin Exp $
+$NetBSD: distinfo,v 1.7 2017/07/31 07:09:54 nros Exp $
 
 SHA1 (bsdiff-4.3.tar.gz) = 0c0a89d604fc55ef2b5e69cd18372b2972edd8b8
 RMD160 (bsdiff-4.3.tar.gz) = 27bb255b5dd5aa56d3a076dac9ca76d238a79a04
 SHA512 (bsdiff-4.3.tar.gz) = bde46b393b74bcc9f05532ea4d45b12c104c4f182fdd49d4176aad5f02a2b357f435819f13a5a7ddefe27df0ca82980f06fad764094014a6d068622263e319c3
 Size (bsdiff-4.3.tar.gz) = 5740 bytes
 SHA1 (patch-Makefile) = 203d6a8acfc001cc23abfba953b7f3d40b10b20e
+SHA1 (patch-bspatch.c) = e1b0f00a10fcb3b2b0eca5c86130be150c87e13f

Added files:

Index: pkgsrc/misc/bsdiff/patches/patch-bspatch.c
diff -u /dev/null pkgsrc/misc/bsdiff/patches/patch-bspatch.c:1.1
--- /dev/null   Mon Jul 31 07:09:54 2017
+++ pkgsrc/misc/bsdiff/patches/patch-bspatch.c  Mon Jul 31 07:09:54 2017
@@ -0,0 +1,17 @@
+$NetBSD: patch-bspatch.c,v 1.1 2017/07/31 07:09:54 nros Exp $
+* Fix CVE-2014-9862
+  From the chromium project:
+  http://chromium-review.googlesource.com/c/199377/2/dev-util/bsdiff/files/4.3_sanity_check.patch
+--- bspatch.c.orig     2005-08-16 22:14:00.000000000 +0000
++++ bspatch.c
+@@ -152,6 +152,10 @@ int main(int argc,char * argv[])
+               };
+ 
+               /* Sanity-check */
++              if ((ctrl[0] < 0) || (ctrl[1] < 0))
++                      errx(1,"Corrupt patch\n");
++
++              /* Sanity-check */
+               if(newpos+ctrl[0]>newsize)
+                       errx(1,"Corrupt patch\n");
+
Home | Main Index | Thread Index | Old Index