OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Thomas Lotterer
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 11-Jan-2005 15:57:34
Branch: HEAD Handle: 2005011114573400
Modified files:
openpkg-src/perl perl.patch perl.spec
Log:
SA-2005.001-perl; CAN-2004-0452, CAN-2004-0976
Summary:
Revision Changes Path
1.14 +108 -0 openpkg-src/perl/perl.patch
1.98 +1 -1 openpkg-src/perl/perl.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/perl/perl.patch
============================================================================
$ cvs diff -u -r1.13 -r1.14 perl.patch
--- openpkg-src/perl/perl.patch 8 Nov 2004 20:59:17 -0000 1.13
+++ openpkg-src/perl/perl.patch 11 Jan 2005 14:57:34 -0000 1.14
@@ -223,3 +223,111 @@
# keep the module symbols with the modules.
lddlflags="$lddlflags -msym -std"
+http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0452
+ Race condition in the rmtree function in the File::Path module in
+ Perl 5.6.1 and 5.8.4 sets read/write permissions for the world,
+ which allows local users to delete arbitrary files and directories,
+ and possibly read files and directories, via a symlink attack.
+
+http://security.debian.org/pool/updates/main/p/perl/perl_5.6.1-8.8.diff.gz
+[Adapted from Chip Turner's 5.8.0 patch]
+Fix for CAN-2004-0452. Change chmod's to make files writable/executable
+by the current user only and not by the entire world. chmod's necessary
+in the first place but at least this makes them less dangerous. If, for
+some reason the rm process dies halfway through, at worst some files and
+dirs were revoked from others, not made available.
+
+--- lib/File/Path.pm 2001-03-21 04:40:22.000000000 +1100
++++ lib/File/Path.pm 2004-12-22 23:46:54.000000000 +1100
+@@ -174,7 +174,7 @@
+ # it's also intended to change it to writable in case we have
+ # to recurse in which case we are better than rm -rf for
+ # subtrees with strange permissions
+- chmod(0777, ($Is_VMS ? VMS::Filespec::fileify($root) : $root))
++ chmod(0700, ($Is_VMS ? VMS::Filespec::fileify($root) : $root))
+ or carp "Can't make directory $root read+writeable: $!"
+ unless $safe;
+
+@@ -202,7 +202,7 @@
+ print "skipped $root\n" if $verbose;
+ next;
+ }
+- chmod 0777, $root
++ chmod 0700, $root
+ or carp "Can't make directory $root writeable: $!"
+ if $force_writeable;
+ print "rmdir $root\n" if $verbose;
+@@ -224,7 +224,7 @@
+ print "skipped $root\n" if $verbose;
+ next;
+ }
+- chmod 0666, $root
++ chmod 0600, $root
+ or carp "Can't make file $root writeable: $!"
+ if $force_writeable;
+ print "unlink $root\n" if $verbose;
+
+http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0976
+ Multiple scripts in the perl package in Trustix Secure Linux 1.5
+ through 2.1, and possibly other operating systems, allows local
+ users to overwrite files via a symlink attack on temporary files.
+
+--- lib/CGI/Cookie.pm 2001-03-04 06:53:20.000000000 +1100
++++ lib/CGI/Cookie.pm 2004-12-22 22:29:46.000000000 +1100
+@@ -363,7 +363,7 @@
+ You may also retrieve cookies that were stored in some external
+ form using the parse() class method:
+
+- $COOKIES = `cat /usr/tmp/Cookie_stash`;
++ $COOKIES = `cat /var/run/www/Cookie_stash`;
+ %cookies = parse CGI::Cookie($COOKIES);
+
+ =head2 Manipulating Cookies
+
+--- lib/ExtUtils/MakeMaker.pm 2001-02-23 13:57:55.000000000 +1100
++++ lib/ExtUtils/MakeMaker.pm 2004-12-22 22:33:57.000000000 +1100
+@@ -898,7 +898,7 @@
+ The Makefile to be produced may be altered by adding arguments of the
+ form C<KEY=VALUE>. E.g.
+
+- perl Makefile.PL PREFIX=/tmp/myperl5
++ perl Makefile.PL PREFIX=~/myperl5
+
+ Other interesting targets in the generated Makefile are
+
+
+--- lib/Shell.pm.orig 2004-06-01 11:42:17 +0200
++++ lib/Shell.pm 2005-01-11 15:07:37 +0100
+@@ -127,7 +127,7 @@
+ use Shell qw(cat ps cp);
+ $passwd = cat('</etc/passwd');
+ @pslines = ps('-ww'),
+- cp("/etc/passwd", "/tmp/passwd");
++ cp("/etc/passwd", "/etc/passwd.orig");
+
+ # object oriented
+ my $sh = Shell->new;
+
+--- lib/perl5db.pl.orig 2004-11-17 13:51:18 +0100
++++ lib/perl5db.pl 2005-01-11 14:47:21 +0100
+@@ -215,7 +215,7 @@
+ =item * noTTY
+
+ if set, goes in NonStop mode. On interrupt, if TTY is not set,
+-uses the value of noTTY or F</tmp/perldbtty$$> to find TTY using
++uses the value of noTTY or F<$HOME/.perldbtty$$> to find TTY using
+ Term::Rendezvous. Current variant is to have the name of TTY in this
+ file.
+
+@@ -6004,8 +6004,8 @@
+ eval "require Term::Rendezvous;" or die;
+
+ # See if we have anything to pass to Term::Rendezvous.
+- # Use /tmp/perldbtty$$ if not.
+- my $rv = $ENV{PERLDB_NOTTY} || "/tmp/perldbtty$$";
++ # Use $HOME/.perldbtty$$ if not.
++ my $rv = $ENV{PERLDB_NOTTY} || "$ENV{HOME}/.perldbtty$$";
+
+ # Rendezvous and get the filehandles.
+ my $term_rv = new Term::Rendezvous $rv;
+
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/perl/perl.spec
============================================================================
$ cvs diff -u -r1.97 -r1.98 perl.spec
--- openpkg-src/perl/perl.spec 1 Jan 2005 10:53:25 -0000 1.97
+++ openpkg-src/perl/perl.spec 11 Jan 2005 14:57:34 -0000 1.98
@@ -34,7 +34,7 @@
Group: Language
License: GPL/Artistic
Version: 5.8.6
-Release: 20041129
+Release: 20050111
# list of sources
Source0: ftp://ftp.cpan.org/pub/CPAN/src/perl-%{version}.tar.gz
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [email protected]
