main/libmspack: security upgrade to 0.7.1alpha

fixes #9228
author: Natanael Copa <ncopa@alpinelinux.org> 2018-08-22 13:25:49 +0000
committer: Natanael Copa <ncopa@alpinelinux.org> 2018-08-22 15:33:20 +0200
commit: babf8851105592d4bc46ac85ef56f396f9e76c9f (patch)
tree: 0624dcc6b04f3fd50352ff257006a36045214c72
parent: c04db119f841cc84a86f7b8db44948c3b27513f9 (diff)
download: alpine_aports-babf8851105592d4bc46ac85ef56f396f9e76c9f.tar.bz2
alpine_aports-babf8851105592d4bc46ac85ef56f396f9e76c9f.tar.xz
alpine_aports-babf8851105592d4bc46ac85ef56f396f9e76c9f.zip
3 files changed, 12 insertions, 113 deletions
diff --git a/main/libmspack/APKBUILD b/main/libmspack/APKBUILD
index 95bc28f146..ede81fb87a 100644
--- a/main/libmspack/APKBUILD
+++ b/main/libmspack/APKBUILD
@@ -1,8 +1,8 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=libmspack
-pkgver=0.5_alpha
+pkgver=0.7.1_alpha
 _ver=${pkgver/_/}
-pkgrel=1
+pkgrel=0
 pkgdesc="Library for CAB and related files compression and decompression"
 url="http://www.cabextract.org.uk/libmspack/"
 arch="all"
@@ -12,13 +12,16 @@ depends_dev=""
 makedepends="$depends_dev"
 install=""
 subpackages="$pkgname-dev"
-source="http://www.cabextract.org.uk/libmspack/libmspack-$_ver.tar.gz
+source="https://www.cabextract.org.uk/libmspack/libmspack-$_ver.tar.gz"
-        CVE-2017-6419.patch
-        CVE-2017-11423.patch"
 _builddir="$srcdir"/libmspack-$_ver
 # secfixes:
+#   0.7.1_alpha-r0:
+#     - CVE-2018-14679
+#     - CVE-2018-14680
+#     - CVE-2018-14681
+#     - CVE-2018-14682
 #   0.5_alpha-r1:
 #     - CVE-2017-6419
 #     - CVE-2017-11423
@@ -44,7 +47,9 @@ build() {
                --localstatedir=/var \
                --disable-static \
                || return 1
-        make || return 1
+        # parallel build workaround
+        make libmspack.la libmscabd.la libmschmd.la
+        make
 }
 package() {
@@ -52,12 +57,4 @@ package() {
        make DESTDIR="$pkgdir" install || return 1
 }
-md5sums="3aa3f6b9ef101463270c085478fda1da  libmspack-0.5alpha.tar.gz
+sha512sums="e903629a34c29099a261a108e4eb9cda485ab999bbc3383e3cd6a39715077d00b26a1c641b0f3df0eef60d2e15a7ef623379df0cfe25b99d4eda080529ffec7b  libmspack-0.7.1alpha.tar.gz"
-a88236b4e1b9bb265945a455123648ed  CVE-2017-6419.patch
-e29cb11b947c191dbec80932f16b5d70  CVE-2017-11423.patch"
-sha256sums="8967f275525f5067b364cee43b73e44d0433668c39f9376dfff19f653d1c8110  libmspack-0.5alpha.tar.gz
-fed2f79b41b326ca0b5f1f968027ee320e9f3d14f14fc67a7b1bcf5650884dd8  CVE-2017-6419.patch
-164b7bbbc08abce0e7f995938b3b74084dcc71cc8871c9ab1e14dcadc8df6a58  CVE-2017-11423.patch"
-sha512sums="6d4efa0f43c43185ef91c97c1518aa70f09109d7332cda7e12019e146ec9cb0f2065fb1b57683b48bae9a7eaf8e82eb94096644c6d25c56d45878f630b719231  libmspack-0.5alpha.tar.gz
-5b40a114c8449f0c9f38536cb148c684a94e51607ec806da1a4a4466550202d63edbcd26e4a6cdec7b20483f3384f732ba952945e752a975be2e9a6653e036e0  CVE-2017-6419.patch
-b426584d967c53f61491f1d47205a8db0bab5ca0a9ba75868f0437d697f5c81df20652c6eedf7825d00851555ff10f4a388275024fdc41d638d1d6ee9387dad2  CVE-2017-11423.patch"
diff --git a/main/libmspack/CVE-2017-11423.patch b/main/libmspack/CVE-2017-11423.patch
deleted file mode 100644
index 868ff83482..0000000000
--- a/main/libmspack/CVE-2017-11423.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-diff --git a/mspack/cabd.c b/mspack/cabd.c
-index 16021ee..8b10934 100644
--- a/mspack/cabd.c
-+++ b/mspack/cabd.c
-@@ -521,10 +521,13 @@ static char *cabd_read_string(struct mspack_system *sys,
- {
-   off_t base = sys->tell(fh);
-   char buf[256], *str;
-  unsigned int len, i, ok;
-+  int len, i, ok;
- 
-   /* read up to 256 bytes */
-  len = sys->read(fh, &buf[0], 256);
-+  if ((len = sys->read(fh, &buf[0], 256)) <= 0) {
-+    *error = MSPACK_ERR_READ;
-+    return NULL;
-+  }
- 
-   /* search for a null terminator in the buffer */
-   for (i = 0, ok = 0; i < len; i++) if (!buf[i]) { ok = 1; break; }
diff --git a/main/libmspack/CVE-2017-6419.patch b/main/libmspack/CVE-2017-6419.patch
deleted file mode 100644
index 4945f5fba5..0000000000
--- a/main/libmspack/CVE-2017-6419.patch
+++ /dev/null
@@ -1,78 +0,0 @@
-diff --git a/mspack/chmd.c b/mspack/chmd.c
-index 5a6ef54..1a486c8 100644
--- a/mspack/chmd.c
-+++ b/mspack/chmd.c
-@@ -1269,9 +1269,15 @@ static int read_spaninfo(struct mschm_decompressor_p *self,
- 
-     /* get the uncompressed length of the LZX stream */
-     err = read_off64(length_ptr, data, sys, self->d->infh);
-
-     sys->free(data);
-    return (err) ? MSPACK_ERR_DATAFORMAT : MSPACK_ERR_OK;
-+    if (err) return MSPACK_ERR_DATAFORMAT;
-+
-+    if (*length_ptr <= 0) {
-+        D(("output length is invalid"))
-+        return MSPACK_ERR_DATAFORMAT;
-+    }
-+
-+    return MSPACK_ERR_OK;
- }
- 
- /***************************************
-diff --git a/mspack/lzxd.c b/mspack/lzxd.c
-index 2281e7b..d164df9 100644
--- a/mspack/lzxd.c
-+++ b/mspack/lzxd.c
-@@ -300,8 +300,14 @@ struct lzxd_stream *lzxd_init(struct mspack_system *system,
-       if (window_bits < 15 || window_bits > 21) return NULL;
-   }
- 
-+  if (reset_interval < 0 || output_length < 0) {
-+      D(("reset interval or output length < 0"))
-+      return NULL;
-+  }
-+
-+  /* round up input buffer size to multiple of two */
-   input_buffer_size = (input_buffer_size + 1) & -2;
-  if (!input_buffer_size) return NULL;
-+  if (input_buffer_size < 2) return NULL;
- 
-   /* allocate decompression state */
-   if (!(lzx = (struct lzxd_stream *) system->alloc(system, sizeof(struct lzxd_stream)))) {
-@@ -382,7 +388,7 @@ int lzxd_set_reference_data(struct lzxd_stream *lzx,
- }
- 
- void lzxd_set_output_length(struct lzxd_stream *lzx, off_t out_bytes) {
-  if (lzx) lzx->length = out_bytes;
-+  if (lzx && out_bytes > 0) lzx->length = out_bytes;
- }
- 
- int lzxd_decompress(struct lzxd_stream *lzx, off_t out_bytes) {
-diff --git a/mspack/mszipd.c b/mspack/mszipd.c
-index 5b4756d..6ecd96d 100644
--- a/mspack/mszipd.c
-+++ b/mspack/mszipd.c
-@@ -349,8 +349,9 @@ struct mszipd_stream *mszipd_init(struct mspack_system *system,
- 
-   if (!system) return NULL;
- 
-+  /* round up input buffer size to multiple of two */
-   input_buffer_size = (input_buffer_size + 1) & -2;
-  if (!input_buffer_size) return NULL;
-+  if (input_buffer_size < 2) return NULL;
- 
-   /* allocate decompression state */
-   if (!(zip = (struct mszipd_stream *) system->alloc(system, sizeof(struct mszipd_stream)))) {
-diff --git a/mspack/qtmd.c b/mspack/qtmd.c
-index 12b27f5..5d2c76f 100644
--- a/mspack/qtmd.c
-+++ b/mspack/qtmd.c
-@@ -197,6 +197,7 @@ struct qtmd_stream *qtmd_init(struct mspack_system *system,
-   /* Quantum supports window sizes of 2^10 (1Kb) through 2^21 (2Mb) */
-   if (window_bits < 10 || window_bits > 21) return NULL;
- 
-+  /* round up input buffer size to multiple of two */
-   input_buffer_size = (input_buffer_size + 1) & -2;
-   if (input_buffer_size < 2) return NULL;
-
author	Natanael Copa <ncopa@alpinelinux.org>	2018-08-22 13:25:49 +0000
committer	Natanael Copa <ncopa@alpinelinux.org>	2018-08-22 15:33:20 +0200
commit	babf8851105592d4bc46ac85ef56f396f9e76c9f (patch)
tree	0624dcc6b04f3fd50352ff257006a36045214c72
parent	c04db119f841cc84a86f7b8db44948c3b27513f9 (diff)
download	alpine_aports-babf8851105592d4bc46ac85ef56f396f9e76c9f.tar.bz2 alpine_aports-babf8851105592d4bc46ac85ef56f396f9e76c9f.tar.xz alpine_aports-babf8851105592d4bc46ac85ef56f396f9e76c9f.zip

diff --git a/main/libmspack/APKBUILD b/main/libmspack/APKBUILD index 95bc28f146..ede81fb87a 100644 --- a/main/libmspack/APKBUILD +++ b/main/libmspack/APKBUILD
@@ -1,8 +1,8 @@
1	# Maintainer: Natanael Copa <ncopa@alpinelinux.org>	1	# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
2	pkgname=libmspack	2	pkgname=libmspack
3	pkgver=0.5_alpha	3	pkgver=0.7.1_alpha
4	_ver=${pkgver/_/}	4	_ver=${pkgver/_/}
5	pkgrel=1	5	pkgrel=0
6	pkgdesc="Library for CAB and related files compression and decompression"	6	pkgdesc="Library for CAB and related files compression and decompression"
7	url="http://www.cabextract.org.uk/libmspack/"	7	url="http://www.cabextract.org.uk/libmspack/"
8	arch="all"	8	arch="all"
@@ -12,13 +12,16 @@ depends_dev=""
12	makedepends="$depends_dev"	12	makedepends="$depends_dev"
13	install=""	13	install=""
14	subpackages="$pkgname-dev"	14	subpackages="$pkgname-dev"
15	source="http://www.cabextract.org.uk/libmspack/libmspack-$_ver.tar.gz	15	source="https://www.cabextract.org.uk/libmspack/libmspack-$_ver.tar.gz"
16	CVE-2017-6419.patch
17	CVE-2017-11423.patch"
18		16
19	_builddir="$srcdir"/libmspack-$_ver	17	_builddir="$srcdir"/libmspack-$_ver
20		18
21	# secfixes:	19	# secfixes:
		20	# 0.7.1_alpha-r0:
		21	# - CVE-2018-14679
		22	# - CVE-2018-14680
		23	# - CVE-2018-14681
		24	# - CVE-2018-14682
22	# 0.5_alpha-r1:	25	# 0.5_alpha-r1:
23	# - CVE-2017-6419	26	# - CVE-2017-6419
24	# - CVE-2017-11423	27	# - CVE-2017-11423
@@ -44,7 +47,9 @@ build() {
44	--localstatedir=/var \	47	--localstatedir=/var \
45	--disable-static \	48	--disable-static \
46	\|\| return 1	49	\|\| return 1
47	make \|\| return 1	50	# parallel build workaround
		51	make libmspack.la libmscabd.la libmschmd.la
		52	make
48	}	53	}
49		54
50	package() {	55	package() {
@@ -52,12 +57,4 @@ package() {
52	make DESTDIR="$pkgdir" install \|\| return 1	57	make DESTDIR="$pkgdir" install \|\| return 1
53	}	58	}
54		59
55	md5sums="3aa3f6b9ef101463270c085478fda1da libmspack-0.5alpha.tar.gz	60	sha512sums="e903629a34c29099a261a108e4eb9cda485ab999bbc3383e3cd6a39715077d00b26a1c641b0f3df0eef60d2e15a7ef623379df0cfe25b99d4eda080529ffec7b libmspack-0.7.1alpha.tar.gz"
56	a88236b4e1b9bb265945a455123648ed CVE-2017-6419.patch
57	e29cb11b947c191dbec80932f16b5d70 CVE-2017-11423.patch"
58	sha256sums="8967f275525f5067b364cee43b73e44d0433668c39f9376dfff19f653d1c8110 libmspack-0.5alpha.tar.gz
59	fed2f79b41b326ca0b5f1f968027ee320e9f3d14f14fc67a7b1bcf5650884dd8 CVE-2017-6419.patch
60	164b7bbbc08abce0e7f995938b3b74084dcc71cc8871c9ab1e14dcadc8df6a58 CVE-2017-11423.patch"
61	sha512sums="6d4efa0f43c43185ef91c97c1518aa70f09109d7332cda7e12019e146ec9cb0f2065fb1b57683b48bae9a7eaf8e82eb94096644c6d25c56d45878f630b719231 libmspack-0.5alpha.tar.gz
62	5b40a114c8449f0c9f38536cb148c684a94e51607ec806da1a4a4466550202d63edbcd26e4a6cdec7b20483f3384f732ba952945e752a975be2e9a6653e036e0 CVE-2017-6419.patch
63	b426584d967c53f61491f1d47205a8db0bab5ca0a9ba75868f0437d697f5c81df20652c6eedf7825d00851555ff10f4a388275024fdc41d638d1d6ee9387dad2 CVE-2017-11423.patch"


diff --git a/main/libmspack/CVE-2017-11423.patch b/main/libmspack/CVE-2017-11423.patch deleted file mode 100644 index 868ff83482..0000000000 --- a/main/libmspack/CVE-2017-11423.patch +++ /dev/null
@@ -1,20 +0,0 @@
1	diff --git a/mspack/cabd.c b/mspack/cabd.c
2	index 16021ee..8b10934 100644
3	--- a/mspack/cabd.c
4	+++ b/mspack/cabd.c
5	@@ -521,10 +521,13 @@ static char cabd_read_string(struct mspack_system sys,
6	{
7	off_t base = sys->tell(fh);
8	char buf[256], *str;
9	- unsigned int len, i, ok;
10	+ int len, i, ok;
11
12	/* read up to 256 bytes */
13	- len = sys->read(fh, &buf[0], 256);
14	+ if ((len = sys->read(fh, &buf[0], 256)) <= 0) {
15	+ *error = MSPACK_ERR_READ;
16	+ return NULL;
17	+ }
18
19	/* search for a null terminator in the buffer */
20	for (i = 0, ok = 0; i < len; i++) if (!buf[i]) { ok = 1; break; }


diff --git a/main/libmspack/CVE-2017-6419.patch b/main/libmspack/CVE-2017-6419.patch deleted file mode 100644 index 4945f5fba5..0000000000 --- a/main/libmspack/CVE-2017-6419.patch +++ /dev/null
@@ -1,78 +0,0 @@
1	diff --git a/mspack/chmd.c b/mspack/chmd.c
2	index 5a6ef54..1a486c8 100644
3	--- a/mspack/chmd.c
4	+++ b/mspack/chmd.c
5	@@ -1269,9 +1269,15 @@ static int read_spaninfo(struct mschm_decompressor_p *self,
6
7	/* get the uncompressed length of the LZX stream */
8	err = read_off64(length_ptr, data, sys, self->d->infh);
9	-
10	sys->free(data);
11	- return (err) ? MSPACK_ERR_DATAFORMAT : MSPACK_ERR_OK;
12	+ if (err) return MSPACK_ERR_DATAFORMAT;
13	+
14	+ if (*length_ptr <= 0) {
15	+ D(("output length is invalid"))
16	+ return MSPACK_ERR_DATAFORMAT;
17	+ }
18	+
19	+ return MSPACK_ERR_OK;
20	}
21
22	/***************************************
23	diff --git a/mspack/lzxd.c b/mspack/lzxd.c
24	index 2281e7b..d164df9 100644
25	--- a/mspack/lzxd.c
26	+++ b/mspack/lzxd.c
27	@@ -300,8 +300,14 @@ struct lzxd_stream lzxd_init(struct mspack_system system,
28	if (window_bits < 15 \|\| window_bits > 21) return NULL;
29	}
30
31	+ if (reset_interval < 0 \|\| output_length < 0) {
32	+ D(("reset interval or output length < 0"))
33	+ return NULL;
34	+ }
35	+
36	+ /* round up input buffer size to multiple of two */
37	input_buffer_size = (input_buffer_size + 1) & -2;
38	- if (!input_buffer_size) return NULL;
39	+ if (input_buffer_size < 2) return NULL;
40
41	/* allocate decompression state */
42	if (!(lzx = (struct lzxd_stream *) system->alloc(system, sizeof(struct lzxd_stream)))) {
43	@@ -382,7 +388,7 @@ int lzxd_set_reference_data(struct lzxd_stream *lzx,
44	}
45
46	void lzxd_set_output_length(struct lzxd_stream *lzx, off_t out_bytes) {
47	- if (lzx) lzx->length = out_bytes;
48	+ if (lzx && out_bytes > 0) lzx->length = out_bytes;
49	}
50
51	int lzxd_decompress(struct lzxd_stream *lzx, off_t out_bytes) {
52	diff --git a/mspack/mszipd.c b/mspack/mszipd.c
53	index 5b4756d..6ecd96d 100644
54	--- a/mspack/mszipd.c
55	+++ b/mspack/mszipd.c
56	@@ -349,8 +349,9 @@ struct mszipd_stream mszipd_init(struct mspack_system system,
57
58	if (!system) return NULL;
59
60	+ /* round up input buffer size to multiple of two */
61	input_buffer_size = (input_buffer_size + 1) & -2;
62	- if (!input_buffer_size) return NULL;
63	+ if (input_buffer_size < 2) return NULL;
64
65	/* allocate decompression state */
66	if (!(zip = (struct mszipd_stream *) system->alloc(system, sizeof(struct mszipd_stream)))) {
67	diff --git a/mspack/qtmd.c b/mspack/qtmd.c
68	index 12b27f5..5d2c76f 100644
69	--- a/mspack/qtmd.c
70	+++ b/mspack/qtmd.c
71	@@ -197,6 +197,7 @@ struct qtmd_stream qtmd_init(struct mspack_system system,
72	/* Quantum supports window sizes of 2^10 (1Kb) through 2^21 (2Mb) */
73	if (window_bits < 10 \|\| window_bits > 21) return NULL;
74
75	+ /* round up input buffer size to multiple of two */
76	input_buffer_size = (input_buffer_size + 1) & -2;
77	if (input_buffer_size < 2) return NULL;
78