diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2015-07-07 19:52:10 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2015-07-07 19:54:55 +0000 |
commit | eda97ba58d739a78737006295c03cbe3d77ebceb (patch) | |
tree | 8b47f2a2493bbc27213c00e9f2d7380b5ab3cc8f | |
parent | b892cb972e14e5d9abb90a9126123ab0d3fb5d96 (diff) | |
download | alpine_aports-eda97ba58d739a78737006295c03cbe3d77ebceb.tar.bz2 alpine_aports-eda97ba58d739a78737006295c03cbe3d77ebceb.tar.xz alpine_aports-eda97ba58d739a78737006295c03cbe3d77ebceb.zip |
main/squashfs-tools: security fix for CVE-2015-4645/4646
ref #4416
fixes #4420
(cherry picked from commit 10422f18285619f8f57b8b4ab5ca829eb21c115f)
-rw-r--r-- | main/squashfs-tools/APKBUILD | 12 | ||||
-rw-r--r-- | main/squashfs-tools/CVE-2015-4645.patch | 29 |
2 files changed, 37 insertions, 4 deletions
diff --git a/main/squashfs-tools/APKBUILD b/main/squashfs-tools/APKBUILD index 90e5e9f0d1..366c4eace7 100644 --- a/main/squashfs-tools/APKBUILD +++ b/main/squashfs-tools/APKBUILD | |||
@@ -1,7 +1,7 @@ | |||
1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> | 1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> |
2 | pkgname=squashfs-tools | 2 | pkgname=squashfs-tools |
3 | pkgver=4.3 | 3 | pkgver=4.3 |
4 | pkgrel=1 | 4 | pkgrel=2 |
5 | pkgdesc="Tools for squashfs, a highly compressed read-only filesystem for Linux." | 5 | pkgdesc="Tools for squashfs, a highly compressed read-only filesystem for Linux." |
6 | url="http://squashfs.sourceforge.net" | 6 | url="http://squashfs.sourceforge.net" |
7 | arch="all" | 7 | arch="all" |
@@ -11,6 +11,7 @@ makedepends="zlib-dev xz-dev lzo-dev attr-dev" | |||
11 | source="http://downloads.sourceforge.net/sourceforge/squashfs/squashfs$pkgver.tar.gz | 11 | source="http://downloads.sourceforge.net/sourceforge/squashfs/squashfs$pkgver.tar.gz |
12 | fix-compat.patch | 12 | fix-compat.patch |
13 | vla-overlow.patch | 13 | vla-overlow.patch |
14 | CVE-2015-4645.patch | ||
14 | " | 15 | " |
15 | 16 | ||
16 | _builddir="$srcdir/squashfs$pkgver/$pkgname" | 17 | _builddir="$srcdir/squashfs$pkgver/$pkgname" |
@@ -36,10 +37,13 @@ package() { | |||
36 | } | 37 | } |
37 | md5sums="d92ab59aabf5173f2a59089531e30dbf squashfs4.3.tar.gz | 38 | md5sums="d92ab59aabf5173f2a59089531e30dbf squashfs4.3.tar.gz |
38 | 1bb2bed6830d32b76f1ca1b6c0349fcd fix-compat.patch | 39 | 1bb2bed6830d32b76f1ca1b6c0349fcd fix-compat.patch |
39 | d34cb53db691f0fb58425bb5ab30f6d4 vla-overlow.patch" | 40 | d34cb53db691f0fb58425bb5ab30f6d4 vla-overlow.patch |
41 | c475b848e0c2e2b2eef3ddf2e3c23803 CVE-2015-4645.patch" | ||
40 | sha256sums="0d605512437b1eb800b4736791559295ee5f60177e102e4d4ccd0ee241a5f3f6 squashfs4.3.tar.gz | 42 | sha256sums="0d605512437b1eb800b4736791559295ee5f60177e102e4d4ccd0ee241a5f3f6 squashfs4.3.tar.gz |
41 | 249d10b4df7921fae5e0ab4c1f44f3346229f16851240d61a24e85006ed886e6 fix-compat.patch | 43 | 249d10b4df7921fae5e0ab4c1f44f3346229f16851240d61a24e85006ed886e6 fix-compat.patch |
42 | 213f3f23576c99099305f717a279507913ab2b8df4dd8f502153e73b2d0a9df5 vla-overlow.patch" | 44 | 213f3f23576c99099305f717a279507913ab2b8df4dd8f502153e73b2d0a9df5 vla-overlow.patch |
45 | ff71a62a435a9089b0fc95280aa3a8310b131653d37e55eed10a0f7d0100359b CVE-2015-4645.patch" | ||
43 | sha512sums="854ed7acc99920f24ecf11e0da807e5a2a162eeda55db971aba63a03f0da2c13b20ec0564a906c4b0e415bd8258b273a10208c7abc0704f2ceea773aa6148a79 squashfs4.3.tar.gz | 46 | sha512sums="854ed7acc99920f24ecf11e0da807e5a2a162eeda55db971aba63a03f0da2c13b20ec0564a906c4b0e415bd8258b273a10208c7abc0704f2ceea773aa6148a79 squashfs4.3.tar.gz |
44 | 868e3923f98a7f8bb980fe8ab0d648e9ae9a55e324bea3830d6047aa348a4302dcb96d65bf59c6e04665891d822e18fad367a37c6704505b8492f64d749fc140 fix-compat.patch | 47 | 868e3923f98a7f8bb980fe8ab0d648e9ae9a55e324bea3830d6047aa348a4302dcb96d65bf59c6e04665891d822e18fad367a37c6704505b8492f64d749fc140 fix-compat.patch |
45 | 975d09d047f4122866e83c4322ce3a15795c051b850d14a85a615c3beef970378e5a620ee16058b9c5104c53f973f9b3804d96c3ba1ab4f622f1e096c04e0360 vla-overlow.patch" | 48 | 975d09d047f4122866e83c4322ce3a15795c051b850d14a85a615c3beef970378e5a620ee16058b9c5104c53f973f9b3804d96c3ba1ab4f622f1e096c04e0360 vla-overlow.patch |
49 | 77431a0a4a529ce63f1613a65a23af2fb8683a16d14ad1a5cfed3a9fac4df6a1212f081d1879ede188a25b77e860445058012131423c546657fb562069865d2c CVE-2015-4645.patch" | ||
diff --git a/main/squashfs-tools/CVE-2015-4645.patch b/main/squashfs-tools/CVE-2015-4645.patch new file mode 100644 index 0000000000..f69025f180 --- /dev/null +++ b/main/squashfs-tools/CVE-2015-4645.patch | |||
@@ -0,0 +1,29 @@ | |||
1 | diff --git a/squashfs-tools/unsquash-4.c b/squashfs-tools/unsquash-4.c | ||
2 | index ecdaac796f09..2c0cf63daf67 100644 | ||
3 | --- a/squashfs-tools/unsquash-4.c | ||
4 | +++ b/squashfs-tools/unsquash-4.c | ||
5 | @@ -31,9 +31,9 @@ static unsigned int *id_table; | ||
6 | int read_fragment_table_4(long long *directory_table_end) | ||
7 | { | ||
8 | int res, i; | ||
9 | - int bytes = SQUASHFS_FRAGMENT_BYTES(sBlk.s.fragments); | ||
10 | - int indexes = SQUASHFS_FRAGMENT_INDEXES(sBlk.s.fragments); | ||
11 | - long long fragment_table_index[indexes]; | ||
12 | + size_t bytes = SQUASHFS_FRAGMENT_BYTES(sBlk.s.fragments); | ||
13 | + size_t indexes = SQUASHFS_FRAGMENT_INDEXES(sBlk.s.fragments); | ||
14 | + long long *fragment_table_index; | ||
15 | |||
16 | TRACE("read_fragment_table: %d fragments, reading %d fragment indexes " | ||
17 | "from 0x%llx\n", sBlk.s.fragments, indexes, | ||
18 | @@ -44,6 +44,11 @@ int read_fragment_table_4(long long *directory_table_end) | ||
19 | return TRUE; | ||
20 | } | ||
21 | |||
22 | + fragment_table_index = malloc(indexes*sizeof(long long)); | ||
23 | + if(fragment_table_index == NULL) | ||
24 | + EXIT_UNSQUASH("read_fragment_table: failed to allocate " | ||
25 | + "fragment table index\n"); | ||
26 | + | ||
27 | fragment_table = malloc(bytes); | ||
28 | if(fragment_table == NULL) | ||
29 | EXIT_UNSQUASH("read_fragment_table: failed to allocate " | ||