diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2018-08-08 17:29:33 +0200 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2018-08-08 17:31:12 +0200 |
commit | 8df17e769fc14be8892c248aa366ad2b872a838e (patch) | |
tree | 6614d6ac749670d76d128b45a3e614b5c4c0c611 | |
parent | 3b59bf1ceb65a93255af5cf0093680e635415adc (diff) | |
download | alpine_aports-8df17e769fc14be8892c248aa366ad2b872a838e.tar.bz2 alpine_aports-8df17e769fc14be8892c248aa366ad2b872a838e.tar.xz alpine_aports-8df17e769fc14be8892c248aa366ad2b872a838e.zip |
main/p7zip: secfix (CVE-2017-17969)
-rw-r--r-- | main/p7zip/APKBUILD | 14 | ||||
-rw-r--r-- | main/p7zip/CVE-2017-17969.patch | 16 |
2 files changed, 23 insertions, 7 deletions
diff --git a/main/p7zip/APKBUILD b/main/p7zip/APKBUILD index 0d5ea4305a..ae8b960c3b 100644 --- a/main/p7zip/APKBUILD +++ b/main/p7zip/APKBUILD | |||
@@ -3,7 +3,7 @@ | |||
3 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> | 3 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> |
4 | pkgname=p7zip | 4 | pkgname=p7zip |
5 | pkgver=16.02 | 5 | pkgver=16.02 |
6 | pkgrel=1 | 6 | pkgrel=2 |
7 | pkgdesc="A command-line port of the 7zip compression utility" | 7 | pkgdesc="A command-line port of the 7zip compression utility" |
8 | url="http://p7zip.sourceforge.net" | 8 | url="http://p7zip.sourceforge.net" |
9 | arch="all" | 9 | arch="all" |
@@ -12,12 +12,15 @@ subpackages="$pkgname-doc" | |||
12 | depends="" | 12 | depends="" |
13 | makedepends="bash yasm nasm" | 13 | makedepends="bash yasm nasm" |
14 | source="http://downloads.sourceforge.net/sourceforge/$pkgname/${pkgname}_${pkgver}_src_all.tar.bz2 | 14 | source="http://downloads.sourceforge.net/sourceforge/$pkgname/${pkgname}_${pkgver}_src_all.tar.bz2 |
15 | CVE-2016-9296.patch" | 15 | CVE-2016-9296.patch |
16 | CVE-2017-17969.patch" | ||
16 | builddir="$srcdir/${pkgname}_$pkgver" | 17 | builddir="$srcdir/${pkgname}_$pkgver" |
17 | 18 | ||
18 | # secfixes: | 19 | # secfixes: |
19 | # 16.02-r1: | 20 | # 16.02-r1: |
20 | # - CVE-2016-9296 | 21 | # - CVE-2016-9296 |
22 | # 16.02-r2: | ||
23 | # - CVE-2017-17969 | ||
21 | 24 | ||
22 | prepare() { | 25 | prepare() { |
23 | default_prepare || return 1 | 26 | default_prepare || return 1 |
@@ -52,9 +55,6 @@ package() { | |||
52 | "$pkgdir"/usr/share/man/man1/$pkgname.1 || return 1 | 55 | "$pkgdir"/usr/share/man/man1/$pkgname.1 || return 1 |
53 | } | 56 | } |
54 | 57 | ||
55 | md5sums="a0128d661cfe7cc8c121e73519c54fbf p7zip_16.02_src_all.tar.bz2 | ||
56 | 0f0535ca888273f3779ca14e8f186813 CVE-2016-9296.patch" | ||
57 | sha256sums="5eb20ac0e2944f6cb9c2d51dd6c4518941c185347d4089ea89087ffdd6e2341f p7zip_16.02_src_all.tar.bz2 | ||
58 | f9bcbf21d4aa8938861a6cba992df13dec19538286e9ed747ccec6d9a4e8f983 CVE-2016-9296.patch" | ||
59 | sha512sums="d2c4d53817f96bb4c7683f42045198d4cd509cfc9c3e2cb85c8d9dc4ab6dfa7496449edeac4e300ecf986a9cbbc90bd8f8feef8156895d94617c04e507add55f p7zip_16.02_src_all.tar.bz2 | 58 | sha512sums="d2c4d53817f96bb4c7683f42045198d4cd509cfc9c3e2cb85c8d9dc4ab6dfa7496449edeac4e300ecf986a9cbbc90bd8f8feef8156895d94617c04e507add55f p7zip_16.02_src_all.tar.bz2 |
60 | 7a7fddf4122c3f5d4632640149a94c285a18515f38510388709c2fb9ecd450f9f34ae2e5fe4926c1c68507567b0affa2c8e9194c732673171dd5ee625192b194 CVE-2016-9296.patch" | 59 | 7a7fddf4122c3f5d4632640149a94c285a18515f38510388709c2fb9ecd450f9f34ae2e5fe4926c1c68507567b0affa2c8e9194c732673171dd5ee625192b194 CVE-2016-9296.patch |
60 | 22b6437770f2fb70675ed6971239ec3d40d5b9c7e1c5aa28c670d082bd2e7d861863f2f00feacec759eab216081dc49544b980b2ebe9fe40c7d0d1ca1dfc3069 CVE-2017-17969.patch" | ||
diff --git a/main/p7zip/CVE-2017-17969.patch b/main/p7zip/CVE-2017-17969.patch new file mode 100644 index 0000000000..af9e03931f --- /dev/null +++ b/main/p7zip/CVE-2017-17969.patch | |||
@@ -0,0 +1,16 @@ | |||
1 | --- p7zip_16.02/CPP/7zip/Compress/ShrinkDecoder.cpp.orig | ||
2 | +++ p7zip_16.02/CPP/7zip/Compress/ShrinkDecoder.cpp | ||
3 | @@ -121,7 +121,12 @@ | ||
4 | { | ||
5 | _stack[i++] = _suffixes[cur]; | ||
6 | cur = _parents[cur]; | ||
7 | - } | ||
8 | + if (i >= kNumItems) | ||
9 | + break; | ||
10 | + } | ||
11 | + | ||
12 | + if (i >= kNumItems) | ||
13 | + break; | ||
14 | |||
15 | _stack[i++] = (Byte)cur; | ||
16 | lastChar2 = (Byte)cur; | ||