summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlastair Tse <liquidx@gentoo.org>2005-01-25 17:59:43 +0000
committerAlastair Tse <liquidx@gentoo.org>2005-01-25 17:59:43 +0000
commit5b8419a3987d57a7d7d188d624676c2a19b99c25 (patch)
treeca6b46b78d41c60ea2a07329312ca9012d75b5d0 /app-i18n
parentUse properly the kde eclasses, and do not install in KDEDIR. (diff)
downloadhistorical-5b8419a3987d57a7d7d188d624676c2a19b99c25.tar.gz
historical-5b8419a3987d57a7d7d188d624676c2a19b99c25.tar.bz2
historical-5b8419a3987d57a7d7d188d624676c2a19b99c25.zip
security patch for unauthorised file access (CAN-2005-0072) bug #78117
Package-Manager: portage-2.0.51-r14
Diffstat (limited to 'app-i18n')
-rw-r--r--app-i18n/zhcon/ChangeLog8
-rw-r--r--app-i18n/zhcon/Manifest17
-rw-r--r--app-i18n/zhcon/files/digest-zhcon-0.2.3-r11
-rw-r--r--app-i18n/zhcon/files/zhcon-0.2.3-CAN-2005-0072.patch26
-rw-r--r--app-i18n/zhcon/zhcon-0.2.3-r1.ebuild39
5 files changed, 88 insertions, 3 deletions
diff --git a/app-i18n/zhcon/ChangeLog b/app-i18n/zhcon/ChangeLog
index cf2ab9239e1c..20e52f614642 100644
--- a/app-i18n/zhcon/ChangeLog
+++ b/app-i18n/zhcon/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for app-i18n/zhcon
# Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-i18n/zhcon/ChangeLog,v 1.5 2005/01/01 14:44:34 eradicator Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-i18n/zhcon/ChangeLog,v 1.6 2005/01/25 17:59:43 liquidx Exp $
+
+*zhcon-0.2.3-r1 (25 Jan 2005)
+
+ 25 Jan 2005; Alastair Tse <liquidx@gentoo.org>
+ +files/zhcon-0.2.3-CAN-2005-0072.patch, +zhcon-0.2.3-r1.ebuild:
+ security patch for unauthorised file access (CAN-2005-0072) bug #78117
25 Aug 2004; Karol Wojtaszek <sekretarz@gentoo.org>
+files/zhcon-0.2.3-gcc34.patch, zhcon-0.2.3.ebuild:
diff --git a/app-i18n/zhcon/Manifest b/app-i18n/zhcon/Manifest
index 75266dd0ff67..3f1c85273560 100644
--- a/app-i18n/zhcon/Manifest
+++ b/app-i18n/zhcon/Manifest
@@ -1,7 +1,20 @@
-MD5 60792f50772792349afcfdb18a0eac94 ChangeLog 735
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+MD5 ecbc6024f0a645631078026084a51622 ChangeLog 952
MD5 8ef70951aa06be1284427310a2ef8eb5 metadata.xml 466
+MD5 c51f9cb3d6880ccea8797d240eae6e57 zhcon-0.2.3-r1.ebuild 920
MD5 ea6f351bede075734fe8e3e3c218603e zhcon-0.2.3.ebuild 811
MD5 aaa0c58daca46525014d59831e32a3b8 files/digest-zhcon-0.2.3 64
MD5 527bb0c1a80fcb0f8c916d2be40271e4 files/zhcon-0.2.3-assert-gentoo.diff 1063
-MD5 33c30557b9d62f9593d178f718431a1b files/zhcon-0.2.3-gentoo.diff 4788
MD5 fa0b7fc976eef786cf9d61bbcd01584d files/zhcon-0.2.3-gcc34.patch 2127
+MD5 33c30557b9d62f9593d178f718431a1b files/zhcon-0.2.3-gentoo.diff 4788
+MD5 518fbcc054f6c160ab8c998cab64b8a1 files/zhcon-0.2.3-CAN-2005-0072.patch 547
+MD5 aaa0c58daca46525014d59831e32a3b8 files/digest-zhcon-0.2.3-r1 64
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.0 (GNU/Linux)
+
+iD8DBQFB9okkRkyva5PS18kRAtG7AJoCaLkATjch4sB43i0qNMX2jJrk/ACdGXYi
+LZPsQR9r5KBwiy/1sdQ6+WU=
+=dGH8
+-----END PGP SIGNATURE-----
diff --git a/app-i18n/zhcon/files/digest-zhcon-0.2.3-r1 b/app-i18n/zhcon/files/digest-zhcon-0.2.3-r1
new file mode 100644
index 000000000000..4de71f53731a
--- /dev/null
+++ b/app-i18n/zhcon/files/digest-zhcon-0.2.3-r1
@@ -0,0 +1 @@
+MD5 64b5d6c2d7055b4e45f4eadfd1303e8f zhcon-0.2.3.tar.gz 5030677
diff --git a/app-i18n/zhcon/files/zhcon-0.2.3-CAN-2005-0072.patch b/app-i18n/zhcon/files/zhcon-0.2.3-CAN-2005-0072.patch
new file mode 100644
index 000000000000..a54fd52cedd8
--- /dev/null
+++ b/app-i18n/zhcon/files/zhcon-0.2.3-CAN-2005-0072.patch
@@ -0,0 +1,26 @@
+--- zhcon-0.2.orig/src/configfile.cpp
++++ zhcon-0.2/src/configfile.cpp
+@@ -19,13 +19,23 @@
+ #include <stdexcept>
+ #include <fstream>
+ #include <cstdlib>
++#include <unistd.h>
++#include <sys/types.h>
+ #include "configfile.h"
+
+ ConfigFile::ConfigFile(const char *fn) {
++ uid_t ruid, euid;
++
++ ruid = getuid();
++ euid = geteuid();
++
++ setreuid(euid, ruid);
++
+ ifstream in(fn);
+ if (!in)
+ throw runtime_error("Could not open config file!");
+ ParseFile(in);
++ setreuid(ruid, euid);
+ }
+
+ ConfigFile::~ConfigFile() {}
diff --git a/app-i18n/zhcon/zhcon-0.2.3-r1.ebuild b/app-i18n/zhcon/zhcon-0.2.3-r1.ebuild
new file mode 100644
index 000000000000..16214265c689
--- /dev/null
+++ b/app-i18n/zhcon/zhcon-0.2.3-r1.ebuild
@@ -0,0 +1,39 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-i18n/zhcon/zhcon-0.2.3-r1.ebuild,v 1.1 2005/01/25 17:59:43 liquidx Exp $
+
+inherit eutils
+
+DESCRIPTION="A Fast CJK (Chinese/Japanese/Korean) Console Environment"
+HOMEPAGE="http://zhcon.sourceforge.net/"
+SRC_URI="mirror://sourceforge/zhcon/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="x86"
+IUSE=""
+
+DEPEND="virtual/libc
+ sys-devel/autoconf"
+RDEPEND="virtual/libc"
+
+src_unpack() {
+ unpack ${A}
+ cd ${S}
+ epatch ${FILESDIR}/${P}-gentoo.diff
+ epatch ${FILESDIR}/${P}-assert-gentoo.diff
+ epatch ${FILESDIR}/${P}-gcc34.patch
+
+ # bug #78117 - unauthorized file acess CAN-2005-0072
+ epatch ${FILESDIR}/${P}-CAN-2005-0072.patch
+}
+
+src_compile() {
+ autoconf || die "autoconf failed"
+ econf || die
+ emake || die "make failed"
+}
+
+src_install() {
+ make DESTDIR=${D} install || die
+}