diff options
author | Alastair Tse <liquidx@gentoo.org> | 2005-01-25 17:59:43 +0000 |
---|---|---|
committer | Alastair Tse <liquidx@gentoo.org> | 2005-01-25 17:59:43 +0000 |
commit | 5b8419a3987d57a7d7d188d624676c2a19b99c25 (patch) | |
tree | ca6b46b78d41c60ea2a07329312ca9012d75b5d0 /app-i18n | |
parent | Use properly the kde eclasses, and do not install in KDEDIR. (diff) | |
download | historical-5b8419a3987d57a7d7d188d624676c2a19b99c25.tar.gz historical-5b8419a3987d57a7d7d188d624676c2a19b99c25.tar.bz2 historical-5b8419a3987d57a7d7d188d624676c2a19b99c25.zip |
security patch for unauthorised file access (CAN-2005-0072) bug #78117
Package-Manager: portage-2.0.51-r14
Diffstat (limited to 'app-i18n')
-rw-r--r-- | app-i18n/zhcon/ChangeLog | 8 | ||||
-rw-r--r-- | app-i18n/zhcon/Manifest | 17 | ||||
-rw-r--r-- | app-i18n/zhcon/files/digest-zhcon-0.2.3-r1 | 1 | ||||
-rw-r--r-- | app-i18n/zhcon/files/zhcon-0.2.3-CAN-2005-0072.patch | 26 | ||||
-rw-r--r-- | app-i18n/zhcon/zhcon-0.2.3-r1.ebuild | 39 |
5 files changed, 88 insertions, 3 deletions
diff --git a/app-i18n/zhcon/ChangeLog b/app-i18n/zhcon/ChangeLog index cf2ab9239e1c..20e52f614642 100644 --- a/app-i18n/zhcon/ChangeLog +++ b/app-i18n/zhcon/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for app-i18n/zhcon # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-i18n/zhcon/ChangeLog,v 1.5 2005/01/01 14:44:34 eradicator Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-i18n/zhcon/ChangeLog,v 1.6 2005/01/25 17:59:43 liquidx Exp $ + +*zhcon-0.2.3-r1 (25 Jan 2005) + + 25 Jan 2005; Alastair Tse <liquidx@gentoo.org> + +files/zhcon-0.2.3-CAN-2005-0072.patch, +zhcon-0.2.3-r1.ebuild: + security patch for unauthorised file access (CAN-2005-0072) bug #78117 25 Aug 2004; Karol Wojtaszek <sekretarz@gentoo.org> +files/zhcon-0.2.3-gcc34.patch, zhcon-0.2.3.ebuild: diff --git a/app-i18n/zhcon/Manifest b/app-i18n/zhcon/Manifest index 75266dd0ff67..3f1c85273560 100644 --- a/app-i18n/zhcon/Manifest +++ b/app-i18n/zhcon/Manifest @@ -1,7 +1,20 @@ -MD5 60792f50772792349afcfdb18a0eac94 ChangeLog 735 +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA1 + +MD5 ecbc6024f0a645631078026084a51622 ChangeLog 952 MD5 8ef70951aa06be1284427310a2ef8eb5 metadata.xml 466 +MD5 c51f9cb3d6880ccea8797d240eae6e57 zhcon-0.2.3-r1.ebuild 920 MD5 ea6f351bede075734fe8e3e3c218603e zhcon-0.2.3.ebuild 811 MD5 aaa0c58daca46525014d59831e32a3b8 files/digest-zhcon-0.2.3 64 MD5 527bb0c1a80fcb0f8c916d2be40271e4 files/zhcon-0.2.3-assert-gentoo.diff 1063 -MD5 33c30557b9d62f9593d178f718431a1b files/zhcon-0.2.3-gentoo.diff 4788 MD5 fa0b7fc976eef786cf9d61bbcd01584d files/zhcon-0.2.3-gcc34.patch 2127 +MD5 33c30557b9d62f9593d178f718431a1b files/zhcon-0.2.3-gentoo.diff 4788 +MD5 518fbcc054f6c160ab8c998cab64b8a1 files/zhcon-0.2.3-CAN-2005-0072.patch 547 +MD5 aaa0c58daca46525014d59831e32a3b8 files/digest-zhcon-0.2.3-r1 64 +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.0 (GNU/Linux) + +iD8DBQFB9okkRkyva5PS18kRAtG7AJoCaLkATjch4sB43i0qNMX2jJrk/ACdGXYi +LZPsQR9r5KBwiy/1sdQ6+WU= +=dGH8 +-----END PGP SIGNATURE----- diff --git a/app-i18n/zhcon/files/digest-zhcon-0.2.3-r1 b/app-i18n/zhcon/files/digest-zhcon-0.2.3-r1 new file mode 100644 index 000000000000..4de71f53731a --- /dev/null +++ b/app-i18n/zhcon/files/digest-zhcon-0.2.3-r1 @@ -0,0 +1 @@ +MD5 64b5d6c2d7055b4e45f4eadfd1303e8f zhcon-0.2.3.tar.gz 5030677 diff --git a/app-i18n/zhcon/files/zhcon-0.2.3-CAN-2005-0072.patch b/app-i18n/zhcon/files/zhcon-0.2.3-CAN-2005-0072.patch new file mode 100644 index 000000000000..a54fd52cedd8 --- /dev/null +++ b/app-i18n/zhcon/files/zhcon-0.2.3-CAN-2005-0072.patch @@ -0,0 +1,26 @@ +--- zhcon-0.2.orig/src/configfile.cpp ++++ zhcon-0.2/src/configfile.cpp +@@ -19,13 +19,23 @@ + #include <stdexcept> + #include <fstream> + #include <cstdlib> ++#include <unistd.h> ++#include <sys/types.h> + #include "configfile.h" + + ConfigFile::ConfigFile(const char *fn) { ++ uid_t ruid, euid; ++ ++ ruid = getuid(); ++ euid = geteuid(); ++ ++ setreuid(euid, ruid); ++ + ifstream in(fn); + if (!in) + throw runtime_error("Could not open config file!"); + ParseFile(in); ++ setreuid(ruid, euid); + } + + ConfigFile::~ConfigFile() {} diff --git a/app-i18n/zhcon/zhcon-0.2.3-r1.ebuild b/app-i18n/zhcon/zhcon-0.2.3-r1.ebuild new file mode 100644 index 000000000000..16214265c689 --- /dev/null +++ b/app-i18n/zhcon/zhcon-0.2.3-r1.ebuild @@ -0,0 +1,39 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-i18n/zhcon/zhcon-0.2.3-r1.ebuild,v 1.1 2005/01/25 17:59:43 liquidx Exp $ + +inherit eutils + +DESCRIPTION="A Fast CJK (Chinese/Japanese/Korean) Console Environment" +HOMEPAGE="http://zhcon.sourceforge.net/" +SRC_URI="mirror://sourceforge/zhcon/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="x86" +IUSE="" + +DEPEND="virtual/libc + sys-devel/autoconf" +RDEPEND="virtual/libc" + +src_unpack() { + unpack ${A} + cd ${S} + epatch ${FILESDIR}/${P}-gentoo.diff + epatch ${FILESDIR}/${P}-assert-gentoo.diff + epatch ${FILESDIR}/${P}-gcc34.patch + + # bug #78117 - unauthorized file acess CAN-2005-0072 + epatch ${FILESDIR}/${P}-CAN-2005-0072.patch +} + +src_compile() { + autoconf || die "autoconf failed" + econf || die + emake || die "make failed" +} + +src_install() { + make DESTDIR=${D} install || die +} |