From 5827948456201df72a1bd73e87977c569129fb27 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 31 Oct 2012 01:35:35 -0700 Subject: Wed Oct 31 01:34:59 PDT 2012 --- core/e2fsprogs/PKGBUILD | 6 +++--- core/glib2/PKGBUILD | 14 +++----------- core/iproute2/PKGBUILD | 11 ++++++----- core/iptables/PKGBUILD | 7 +++---- core/perl/PKGBUILD | 11 ++++++++--- core/perl/cve-2012-5195.patch | 29 +++++++++++++++++++++++++++++ 6 files changed, 52 insertions(+), 26 deletions(-) create mode 100644 core/perl/cve-2012-5195.patch (limited to 'core') diff --git a/core/e2fsprogs/PKGBUILD b/core/e2fsprogs/PKGBUILD index ddf46799b..775b3eb19 100644 --- a/core/e2fsprogs/PKGBUILD +++ b/core/e2fsprogs/PKGBUILD @@ -1,9 +1,9 @@ -# $Id: PKGBUILD 165284 2012-08-14 20:43:58Z ronald $ +# $Id: PKGBUILD 170002 2012-10-30 23:08:35Z thomas $ # Maintainer: Ronald van Haren # Contributor: judd pkgname=e2fsprogs -pkgver=1.42.5 +pkgver=1.42.6 pkgrel=1 pkgdesc="Ext2/3/4 filesystem utilities" arch=('i686' 'x86_64') @@ -16,7 +16,7 @@ source=("http://downloads.sourceforge.net/sourceforge/${pkgname}/${pkgname}-${pk 'MIT-LICENSE') backup=('etc/mke2fs.conf') install=${pkgname}.install -sha1sums=('41bc6d247238eac65864193e6de941956da493cb' +sha1sums=('cd05cd4205a00d01a6da821660cff386788e9be3' 'f4a0d5b0cdb980e3fedd6f5e7dde0b0ffb7bbdfb') build() { diff --git a/core/glib2/PKGBUILD b/core/glib2/PKGBUILD index 0b4372129..f052bae94 100644 --- a/core/glib2/PKGBUILD +++ b/core/glib2/PKGBUILD @@ -1,8 +1,8 @@ -# $Id: PKGBUILD 163895 2012-07-21 19:19:49Z ibiru $ +# $Id: PKGBUILD 169922 2012-10-30 22:38:41Z thomas $ # Maintainer: Jan de Groot pkgname=glib2 -pkgver=2.32.4 +pkgver=2.34.1 pkgrel=1 pkgdesc="Common C routines used by GTK+ and other libs" url="http://www.gtk.org/" @@ -13,12 +13,8 @@ makedepends=('pkg-config' 'python2') optdepends=('python2: for gdbus-codegen') options=('!libtool' '!docs' '!emptydirs') source=(http://ftp.gnome.org/pub/GNOME/sources/glib/${pkgver%.*}/glib-$pkgver.tar.xz - glib2.sh - glib2.csh revert-warn-glib-compile-schemas.patch) -sha256sums=('a5d742a4fda22fb6975a8c0cfcd2499dd1c809b8afd4ef709bda4d11b167fae2' - '9456872cdedcc639fb679448d74b85b0facf81033e27157d2861b991823b5a2a' - '8d5626ffa361304ad3696493c0ef041d0ab10c857f6ef32116b3e2878ecf89e3' +sha256sums=('6e84dc9d84b104725b34d255421ed7ac3629e49f437d37addde5ce3891c2e2f1' '049240975cd2f1c88fbe7deb28af14d4ec7d2640495f7ca8980d873bb710cc97') build() { @@ -35,10 +31,6 @@ package() { cd glib-$pkgver make completiondir=/usr/share/bash-completion/completions DESTDIR="$pkgdir" install - install -d "$pkgdir/etc/profile.d" - install -m755 "$srcdir/glib2.sh" "$pkgdir/etc/profile.d/" - install -m755 "$srcdir/glib2.csh" "$pkgdir/etc/profile.d/" - for _i in "$pkgdir/usr/share/bash-completion/completions/"*; do chmod -x "$_i" done diff --git a/core/iproute2/PKGBUILD b/core/iproute2/PKGBUILD index 4ce4a46f4..8304e7e4a 100644 --- a/core/iproute2/PKGBUILD +++ b/core/iproute2/PKGBUILD @@ -1,17 +1,18 @@ -# $Id: PKGBUILD 165491 2012-08-20 23:01:53Z allan $ +# $Id: PKGBUILD 170003 2012-10-30 23:08:39Z thomas $ # Maintainer: Ronald van Haren # Contributor: Judd Vinet pkgname=iproute2 -pkgver=3.5.1 -pkgrel=1 +pkgver=3.6.0 +pkgrel=2 pkgdesc="IP Routing Utilities" arch=('i686' 'x86_64') license=('GPL2') url="http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2" -depends=('glibc' 'db') +depends=('glibc' 'db' 'iptables') makedepends=('linux-atm') optdepends=('linux-atm: ATM support') +groups=('base') provides=('iproute') conflicts=('iproute') replaces=('iproute') @@ -20,7 +21,7 @@ backup=('etc/iproute2/ematch_map' 'etc/iproute2/rt_dsfield' 'etc/iproute2/rt_pro 'etc/iproute2/rt_realms' 'etc/iproute2/rt_scopes' 'etc/iproute2/rt_tables') source=(http://www.kernel.org/pub/linux/utils/net/$pkgname/$pkgname-$pkgver.tar.xz iproute2-fhs.patch) -sha1sums=('461f3e97d84264a597176de3ba94633114959df5' +sha1sums=('6fa16fd2158d0f289ef454cad46555ead1c33c2d' '35b8cf2dc94b73eccad427235c07596146cd6f6c') build() { diff --git a/core/iptables/PKGBUILD b/core/iptables/PKGBUILD index e8cc3b315..9d9328d81 100644 --- a/core/iptables/PKGBUILD +++ b/core/iptables/PKGBUILD @@ -1,9 +1,9 @@ -# $Id: PKGBUILD 165282 2012-08-14 20:43:06Z ronald $ +# $Id: PKGBUILD 170004 2012-10-30 23:08:48Z thomas $ # Maintainer: Ronald van Haren # Contributor: Thomas Baechler pkgname=iptables -pkgver=1.4.15 +pkgver=1.4.16.2 pkgrel=1 pkgdesc='Linux kernel packet control tool' arch=('i686' 'x86_64') @@ -28,7 +28,7 @@ source=("http://www.iptables.org/projects/iptables/files/${pkgname}-${pkgver}.ta ip6tables.service iptables-flush) backup=(etc/conf.d/iptables) -sha1sums=('56ab3b143af2ad443c9652db3a38ef8869cd2207' +sha1sums=('6fd368c4f6c31752011a716cccd951601157a493' '5bb6fa526665cdd728c26f0f282f5a51f220cf88' '2db68906b603e5268736f48c8e251f3a49da1d75' '83b3363878e3660ce23b2ad325b53cbd6c796ecf' @@ -43,7 +43,6 @@ sha1sums=('56ab3b143af2ad443c9652db3a38ef8869cd2207' '5c4eb4ea88c302e8ff98f435a11dd59b00f4d8b9' 'f1f16f44c6a5547b6f251d13007fe6585761e8b0' 'e7abda09c61142121b6695928d3b71ccd8fdf73a') - build() { cd "${srcdir}/${pkgname}-${pkgver}" diff --git a/core/perl/PKGBUILD b/core/perl/PKGBUILD index f8fe56971..5052a5c65 100644 --- a/core/perl/PKGBUILD +++ b/core/perl/PKGBUILD @@ -1,11 +1,12 @@ -# $Id: PKGBUILD 165149 2012-08-11 20:00:01Z bluewind $ -# Maintainer: Angel Velasquez +# $Id: PKGBUILD 169818 2012-10-30 11:27:57Z bluewind $ +# Maintainer: Florian Pritz +# Contributor: Angel Velasquez # Contributor: kevin # Contributor: judd # Contributor: francois pkgname=perl pkgver=5.16.1 -pkgrel=1 +pkgrel=2 pkgdesc="A highly capable, feature-rich programming language" arch=(i686 x86_64) license=('GPL' 'PerlArtistic') @@ -16,12 +17,14 @@ changelog=ChangeLog source=(http://www.cpan.org/src/5.0/perl-${pkgver}.tar.bz2 perlbin.sh perlbin.csh +cve-2012-5195.patch provides.pl) install=perl.install options=('makeflags' '!purge') md5sums=('b87358e2c461a898cfd7c334e7dd8993' '5ed2542fdb9a60682f215bd33701e61a' '1f0cbbee783e8a6d32f01be5118e0d5e' + 'ba61b3b393b763b4f0b9e2f06757815a' '999c3eea6464860704abbb055a0f0896') # workaround to let the integrity check find the correct provides array @@ -32,6 +35,8 @@ fi build() { cd ${srcdir}/${pkgname}-${pkgver} + patch -i "$srcdir/cve-2012-5195.patch" -p1 + if [ "${CARCH}" = "x86_64" ]; then # for x86_64 arch_opts="-Dcccdlflags='-fPIC'" diff --git a/core/perl/cve-2012-5195.patch b/core/perl/cve-2012-5195.patch new file mode 100644 index 000000000..a995194c6 --- /dev/null +++ b/core/perl/cve-2012-5195.patch @@ -0,0 +1,29 @@ +commit b11b0d3ef18a35595a07a06c91fa4f27c9cacf5b +Author: Andy Dougherty +Date: Thu Sep 27 09:52:18 2012 -0400 + + avoid calling memset with a negative count + + Poorly written perl code that allows an attacker to specify the count to + perl's 'x' string repeat operator can already cause a memory exhaustion + denial-of-service attack. A flaw in versions of perl before 5.15.5 can + escalate that into a heap buffer overrun; coupled with versions of glibc + before 2.16, it possibly allows the execution of arbitrary code. + + The flaw addressed to this commit has been assigned identifier + CVE-2012-5195. + +diff --git a/util.c b/util.c +index 171456f..34f5fa9 100644 +--- a/util.c ++++ b/util.c +@@ -3416,6 +3416,9 @@ Perl_repeatcpy(register char *to, register const char *from, I32 len, register I + { + PERL_ARGS_ASSERT_REPEATCPY; + ++ if (count < 0) ++ Perl_croak_nocontext("%s",PL_memory_wrap); ++ + if (len == 1) + memset(to, *from, count); + else if (count) { -- cgit v1.2.3-54-g00ecf