aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2018-08-08 17:29:33 +0200
committerNatanael Copa <ncopa@alpinelinux.org>2018-08-08 17:31:12 +0200
commit8df17e769fc14be8892c248aa366ad2b872a838e (patch)
tree6614d6ac749670d76d128b45a3e614b5c4c0c611
parent3b59bf1ceb65a93255af5cf0093680e635415adc (diff)
downloadalpine_aports-8df17e769fc14be8892c248aa366ad2b872a838e.tar.bz2
alpine_aports-8df17e769fc14be8892c248aa366ad2b872a838e.tar.xz
alpine_aports-8df17e769fc14be8892c248aa366ad2b872a838e.zip
main/p7zip: secfix (CVE-2017-17969)
Diffstat
-rw-r--r--main/p7zip/APKBUILD14
-rw-r--r--main/p7zip/CVE-2017-17969.patch16
2 files changed, 23 insertions, 7 deletions
diff --git a/main/p7zip/APKBUILD b/main/p7zip/APKBUILD
index 0d5ea4305a..ae8b960c3b 100644
--- a/main/p7zip/APKBUILD
+++ b/main/p7zip/APKBUILD
@@ -3,7 +3,7 @@
3# Maintainer: Natanael Copa <ncopa@alpinelinux.org> 3# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
4pkgname=p7zip 4pkgname=p7zip
5pkgver=16.02 5pkgver=16.02
6pkgrel=1 6pkgrel=2
7pkgdesc="A command-line port of the 7zip compression utility" 7pkgdesc="A command-line port of the 7zip compression utility"
8url="http://p7zip.sourceforge.net" 8url="http://p7zip.sourceforge.net"
9arch="all" 9arch="all"
@@ -12,12 +12,15 @@ subpackages="$pkgname-doc"
12depends="" 12depends=""
13makedepends="bash yasm nasm" 13makedepends="bash yasm nasm"
14source="http://downloads.sourceforge.net/sourceforge/$pkgname/${pkgname}_${pkgver}_src_all.tar.bz2 14source="http://downloads.sourceforge.net/sourceforge/$pkgname/${pkgname}_${pkgver}_src_all.tar.bz2
15 CVE-2016-9296.patch" 15 CVE-2016-9296.patch
16 CVE-2017-17969.patch"
16builddir="$srcdir/${pkgname}_$pkgver" 17builddir="$srcdir/${pkgname}_$pkgver"
17 18
18# secfixes: 19# secfixes:
19# 16.02-r1: 20# 16.02-r1:
20# - CVE-2016-9296 21# - CVE-2016-9296
22# 16.02-r2:
23# - CVE-2017-17969
21 24
22prepare() { 25prepare() {
23 default_prepare || return 1 26 default_prepare || return 1
@@ -52,9 +55,6 @@ package() {
52 "$pkgdir"/usr/share/man/man1/$pkgname.1 || return 1 55 "$pkgdir"/usr/share/man/man1/$pkgname.1 || return 1
53} 56}
54 57
55md5sums="a0128d661cfe7cc8c121e73519c54fbf p7zip_16.02_src_all.tar.bz2
560f0535ca888273f3779ca14e8f186813 CVE-2016-9296.patch"
57sha256sums="5eb20ac0e2944f6cb9c2d51dd6c4518941c185347d4089ea89087ffdd6e2341f p7zip_16.02_src_all.tar.bz2
58f9bcbf21d4aa8938861a6cba992df13dec19538286e9ed747ccec6d9a4e8f983 CVE-2016-9296.patch"
59sha512sums="d2c4d53817f96bb4c7683f42045198d4cd509cfc9c3e2cb85c8d9dc4ab6dfa7496449edeac4e300ecf986a9cbbc90bd8f8feef8156895d94617c04e507add55f p7zip_16.02_src_all.tar.bz2 58sha512sums="d2c4d53817f96bb4c7683f42045198d4cd509cfc9c3e2cb85c8d9dc4ab6dfa7496449edeac4e300ecf986a9cbbc90bd8f8feef8156895d94617c04e507add55f p7zip_16.02_src_all.tar.bz2
607a7fddf4122c3f5d4632640149a94c285a18515f38510388709c2fb9ecd450f9f34ae2e5fe4926c1c68507567b0affa2c8e9194c732673171dd5ee625192b194 CVE-2016-9296.patch" 597a7fddf4122c3f5d4632640149a94c285a18515f38510388709c2fb9ecd450f9f34ae2e5fe4926c1c68507567b0affa2c8e9194c732673171dd5ee625192b194 CVE-2016-9296.patch
6022b6437770f2fb70675ed6971239ec3d40d5b9c7e1c5aa28c670d082bd2e7d861863f2f00feacec759eab216081dc49544b980b2ebe9fe40c7d0d1ca1dfc3069 CVE-2017-17969.patch"
diff --git a/main/p7zip/CVE-2017-17969.patch b/main/p7zip/CVE-2017-17969.patch
new file mode 100644
index 0000000000..af9e03931f
--- /dev/null
+++ b/main/p7zip/CVE-2017-17969.patch
@@ -0,0 +1,16 @@
1--- p7zip_16.02/CPP/7zip/Compress/ShrinkDecoder.cpp.orig
2+++ p7zip_16.02/CPP/7zip/Compress/ShrinkDecoder.cpp
3@@ -121,7 +121,12 @@
4 {
5 _stack[i++] = _suffixes[cur];
6 cur = _parents[cur];
7- }
8+ if (i >= kNumItems)
9+ break;
10+ }
11+
12+ if (i >= kNumItems)
13+ break;
14
15 _stack[i++] = (Byte)cur;
16 lastChar2 = (Byte)cur;
© 2015 Mike Crute