diff options
author | Leo <thinkabit.ukim@gmail.com> | 2020-03-26 15:03:23 -0300 |
---|---|---|
committer | Leo <thinkabit.ukim@gmail.com> | 2020-03-26 18:13:45 +0000 |
commit | a80261c4dde42201d0c53b6f7297c02b2b441827 (patch) | |
tree | 6c8b9154ab8f13ca2bdc4622fbdaf75ab1315df9 | |
parent | c352863a011aa92c700a861de9b92c6f7a923964 (diff) | |
download | alpine_aports-a80261c4dde42201d0c53b6f7297c02b2b441827.tar.bz2 alpine_aports-a80261c4dde42201d0c53b6f7297c02b2b441827.tar.xz alpine_aports-a80261c4dde42201d0c53b6f7297c02b2b441827.zip |
main/libmspack: fix CVE-2019-1010305
see #10814
-rw-r--r-- | main/libmspack/APKBUILD | 11 | ||||
-rw-r--r-- | main/libmspack/CVE-2019-1010305.patch | 39 |
2 files changed, 47 insertions, 3 deletions
diff --git a/main/libmspack/APKBUILD b/main/libmspack/APKBUILD index 83f62b4eab..10fa5d6869 100644 --- a/main/libmspack/APKBUILD +++ b/main/libmspack/APKBUILD | |||
@@ -2,18 +2,22 @@ | |||
2 | pkgname=libmspack | 2 | pkgname=libmspack |
3 | pkgver=0.8_alpha | 3 | pkgver=0.8_alpha |
4 | _ver=${pkgver/_/} | 4 | _ver=${pkgver/_/} |
5 | pkgrel=0 | 5 | pkgrel=1 |
6 | pkgdesc="Library for Microsoft CAB compression formats" | 6 | pkgdesc="Library for Microsoft CAB compression formats" |
7 | url="https://www.cabextract.org.uk/libmspack/" | 7 | url="https://www.cabextract.org.uk/libmspack/" |
8 | arch="all" | 8 | arch="all" |
9 | license="LGPL-2.1-only" | 9 | license="LGPL-2.1-only" |
10 | makedepends="$depends_dev" | 10 | makedepends="$depends_dev" |
11 | subpackages="$pkgname-dev $pkgname-utils" | 11 | subpackages="$pkgname-dev $pkgname-utils" |
12 | source="https://www.cabextract.org.uk/libmspack/libmspack-$_ver.tar.gz" | 12 | source="https://www.cabextract.org.uk/libmspack/libmspack-$_ver.tar.gz |
13 | CVE-2019-1010305.patch | ||
14 | " | ||
13 | 15 | ||
14 | builddir="$srcdir"/libmspack-$_ver | 16 | builddir="$srcdir"/libmspack-$_ver |
15 | 17 | ||
16 | # secfixes: | 18 | # secfixes: |
19 | # 0.8_alpha-r1: | ||
20 | # - CVE-2019-1010305 | ||
17 | # 0.8_alpha-r0: | 21 | # 0.8_alpha-r0: |
18 | # - CVE-2018-18584 | 22 | # - CVE-2018-18584 |
19 | # - CVE-2018-18585 | 23 | # - CVE-2018-18585 |
@@ -58,4 +62,5 @@ utils() { | |||
58 | mv "$pkgdir"/usr/bin "$subpkgdir"/usr | 62 | mv "$pkgdir"/usr/bin "$subpkgdir"/usr |
59 | } | 63 | } |
60 | 64 | ||
61 | sha512sums="d178afc4d2eded204594c81af1c91be17d3be4f1a09829e08c103023aa7badc6b2595e9ec13cc7f77e3262d2cd874ed40ce6da01695c5c839682562740d2bf0a libmspack-0.8alpha.tar.gz" | 65 | sha512sums="d178afc4d2eded204594c81af1c91be17d3be4f1a09829e08c103023aa7badc6b2595e9ec13cc7f77e3262d2cd874ed40ce6da01695c5c839682562740d2bf0a libmspack-0.8alpha.tar.gz |
66 | 4c5f5ab9d597538303ce2adf27014db715603afdde50904cd3cb363077f2ff883086cf9ccf1072fa516f73df4652bec3bddd81854aeac5f11c0698d1cfb59cdf CVE-2019-1010305.patch" | ||
diff --git a/main/libmspack/CVE-2019-1010305.patch b/main/libmspack/CVE-2019-1010305.patch new file mode 100644 index 0000000000..af113af2d3 --- /dev/null +++ b/main/libmspack/CVE-2019-1010305.patch | |||
@@ -0,0 +1,39 @@ | |||
1 | diff --git a/mspack/chmd.c b/mspack/chmd.c | ||
2 | index 1d198bf..26c1b18 100644 | ||
3 | --- a/mspack/chmd.c | ||
4 | +++ b/mspack/chmd.c | ||
5 | @@ -482,21 +482,19 @@ static int chmd_read_headers(struct mspack_system *sys, struct mspack_file *fh, | ||
6 | fi->filename[name_len] = '\0'; | ||
7 | |||
8 | if (name[0] == ':' && name[1] == ':') { | ||
9 | - /* system file */ | ||
10 | - if (mspack_memcmp(&name[2], &content_name[2], 31L) == 0) { | ||
11 | - if (mspack_memcmp(&name[33], &content_name[33], 8L) == 0) { | ||
12 | - chm->sec1.content = fi; | ||
13 | - } | ||
14 | - else if (mspack_memcmp(&name[33], &control_name[33], 11L) == 0) { | ||
15 | - chm->sec1.control = fi; | ||
16 | - } | ||
17 | - else if (mspack_memcmp(&name[33], &spaninfo_name[33], 8L) == 0) { | ||
18 | - chm->sec1.spaninfo = fi; | ||
19 | - } | ||
20 | - else if (mspack_memcmp(&name[33], &rtable_name[33], 72L) == 0) { | ||
21 | - chm->sec1.rtable = fi; | ||
22 | - } | ||
23 | - } | ||
24 | + /* system file */ | ||
25 | + if (name_len == 40 && memcmp(name, content_name, 40) == 0) { | ||
26 | + chm->sec1.content = fi; | ||
27 | + } | ||
28 | + else if (name_len == 44 && memcmp(name, control_name, 44) == 0) { | ||
29 | + chm->sec1.control = fi; | ||
30 | + } | ||
31 | + else if (name_len == 41 && memcmp(name, spaninfo_name, 41) == 0) { | ||
32 | + chm->sec1.spaninfo = fi; | ||
33 | + } | ||
34 | + else if (name_len == 105 && memcmp(name, rtable_name, 105) == 0) { | ||
35 | + chm->sec1.rtable = fi; | ||
36 | + } | ||
37 | fi->next = chm->sysfiles; | ||
38 | chm->sysfiles = fi; | ||
39 | } | ||