OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 05-Feb-2005 15:12:27
Branch: HEAD Handle: 2005020514122700
Modified files:
openpkg-src/perl perl.patch perl.spec
Log:
Security Fixes:
- PERLIO_DEBUG local root exploit:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0155
- PERLIO_DEBUG buffer overflow:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0156
Summary:
Revision Changes Path
1.15 +34 -0 openpkg-src/perl/perl.patch
1.99 +1 -1 openpkg-src/perl/perl.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/perl/perl.patch
============================================================================
$ cvs diff -u -r1.14 -r1.15 perl.patch
--- openpkg-src/perl/perl.patch 11 Jan 2005 14:57:34 -0000 1.14
+++ openpkg-src/perl/perl.patch 5 Feb 2005 14:12:27 -0000 1.15
@@ -223,6 +223,8 @@
# keep the module symbols with the modules.
lddlflags="$lddlflags -msym -std"
+-----------------------------------------------------------------------------
+
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0452
Race condition in the rmtree function in the File::Path module in
Perl 5.6.1 and 5.8.4 sets read/write permissions for the world,
@@ -267,6 +269,8 @@
if $force_writeable;
print "unlink $root\n" if $verbose;
+-----------------------------------------------------------------------------
+
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0976
Multiple scripts in the perl package in Trustix Secure Linux 1.5
through 2.1, and possibly other operating systems, allows local
@@ -331,3 +335,33 @@
# Rendezvous and get the filehandles.
my $term_rv = new Term::Rendezvous $rv;
+-----------------------------------------------------------------------------
+
+Security Fixes:
+- PERLIO_DEBUG local root exploit:
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0155
+- PERLIO_DEBUG buffer overflow:
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0156
+
+Index: perlio.c
+--- perlio.c.orig Fri Sep 10 08:06:52 2004
++++ perlio.c Tue Feb 1 22:06:52 2005
+@@ -454,7 +454,7 @@ PerlIO_debug(const char *fmt, ...)
+ va_list ap;
+ dSYS;
+ va_start(ap, fmt);
+- if (!dbg) {
++ if (!dbg && !PL_tainting && PL_uid == PL_euid && PL_gid == PL_egid) {
+ char *s = PerlEnv_getenv("PERLIO_DEBUG");
+ if (s && *s)
+ dbg = PerlLIO_open3(s, O_WRONLY | O_CREAT | O_APPEND, 0666);
+@@ -471,7 +471,7 @@ PerlIO_debug(const char *fmt, ...)
+ s = CopFILE(PL_curcop);
+ if (!s)
+ s = "(none)";
+- sprintf(buffer, "%s:%" IVdf " ", s, (IV) CopLINE(PL_curcop));
++ sprintf(buffer, "%.40s:%" IVdf " ", s, (IV) CopLINE(PL_curcop));
+ len = strlen(buffer);
+ vsprintf(buffer+len, fmt, ap);
+ PerlLIO_write(dbg, buffer, strlen(buffer));
+
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/perl/perl.spec
============================================================================
$ cvs diff -u -r1.98 -r1.99 perl.spec
--- openpkg-src/perl/perl.spec 11 Jan 2005 14:57:34 -0000 1.98
+++ openpkg-src/perl/perl.spec 5 Feb 2005 14:12:27 -0000 1.99
@@ -34,7 +34,7 @@
Group: Language
License: GPL/Artistic
Version: 5.8.6
-Release: 20050111
+Release: 20050205
# list of sources
Source0: ftp://ftp.cpan.org/pub/CPAN/src/perl-%{version}.tar.gz
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [email protected]
