From a1922d0ec660fdc1892f2783515f781c090df0a9 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 20 Jan 2012 23:14:48 +0000 Subject: Fri Jan 20 23:14:48 UTC 2012 --- core/openssl/PKGBUILD | 8 +++--- core/perl/PKGBUILD | 8 ++++-- core/perl/digest_eval_hole.diff | 61 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 71 insertions(+), 6 deletions(-) create mode 100644 core/perl/digest_eval_hole.diff (limited to 'core') diff --git a/core/openssl/PKGBUILD b/core/openssl/PKGBUILD index 0b570aa92..c622f21c6 100644 --- a/core/openssl/PKGBUILD +++ b/core/openssl/PKGBUILD @@ -1,8 +1,8 @@ -# $Id: PKGBUILD 146071 2012-01-05 04:59:04Z pierre $ +# $Id: PKGBUILD 146957 2012-01-19 17:48:26Z pierre $ # Maintainer: Pierre Schmitz pkgname=openssl -_ver=1.0.0f +_ver=1.0.0g # use a pacman compatible version scheme pkgver=${_ver/[a-z]/.${_ver//[0-9.]/}} pkgrel=1 @@ -19,8 +19,8 @@ source=("https://www.openssl.org/source/${pkgname}-${_ver}.tar.gz" 'fix-manpages.patch' 'no-rpath.patch' 'ca-dir.patch') -md5sums=('e358705fb4a8827b5e9224a73f442025' - 'fc1673f53946f1e7b408465f272484d8' +md5sums=('07ecbe4324f140d157478637d6beccf1' + '34315cf0fbbd1d18435948eb9712fcdf' '5bbc0655bda2af95bc8eb568963ce8ba' 'dc78d3d06baffc16217519242ce92478' '3bf51be3a1bbd262be46dc619f92aa90') diff --git a/core/perl/PKGBUILD b/core/perl/PKGBUILD index de6e057b6..9fc4a5700 100644 --- a/core/perl/PKGBUILD +++ b/core/perl/PKGBUILD @@ -1,11 +1,11 @@ -# $Id: PKGBUILD 146455 2012-01-11 15:21:16Z stephane $ +# $Id: PKGBUILD 146927 2012-01-19 10:01:03Z bluewind $ # Maintainer: Angel Velasquez # Contributor: kevin # Contributor: judd # Contributor: francois pkgname=perl pkgver=5.14.2 -pkgrel=6 +pkgrel=7 pkgdesc="A highly capable, feature-rich programming language" arch=(i686 x86_64) license=('GPL' 'PerlArtistic') @@ -17,6 +17,7 @@ source=(http://www.cpan.org/src/5.0/perl-${pkgver}.tar.bz2 perlbin.sh perlbin.csh provides.pl +digest_eval_hole.diff 0001-Append-CFLAGS-and-LDFLAGS-to-their-Config.pm-counter.patch) install=perl.install options=('makeflags' '!purge') @@ -24,6 +25,7 @@ md5sums=('04a4c5d3c1f9f19d77daff8e8cd19a26' '5ed2542fdb9a60682f215bd33701e61a' '1f0cbbee783e8a6d32f01be5118e0d5e' '31fc0b5bb4935414394c5cfbec2cb8e5' + '490852b3d77c3b3866d0d75f5fbf5c5d' 'c25d86206d649046538c3daab7874564') build() { @@ -37,6 +39,8 @@ build() { arch_opts="" fi + patch -Np1 -i $srcdir/digest_eval_hole.diff + ./Configure -des -Dusethreads -Duseshrplib -Doptimize="${CFLAGS}" \ -Dprefix=/usr -Dinstallprefix=${pkgdir}/usr -Dvendorprefix=/usr \ -Dprivlib=/usr/share/perl5/core_perl \ diff --git a/core/perl/digest_eval_hole.diff b/core/perl/digest_eval_hole.diff new file mode 100644 index 000000000..47904137b --- /dev/null +++ b/core/perl/digest_eval_hole.diff @@ -0,0 +1,61 @@ +From 4b6a7324284e7435a361c58f7ddb32fc0c635bd0 Mon Sep 17 00:00:00 2001 +From: "Michael G. Schwern" +Date: Mon, 3 Oct 2011 19:05:29 +0100 +Subject: Close the eval "require $module" security hole in + Digest->new($algorithm) + +Also the filter was incomplete. + +Bug-Debian: http://bugs.debian.org/644108 + +Patch-Name: fixes/digest_eval_hole.diff +--- + cpan/Digest/Digest.pm | 6 ++++-- + cpan/Digest/t/security.t | 14 ++++++++++++++ + 2 files changed, 18 insertions(+), 2 deletions(-) + create mode 100644 cpan/Digest/t/security.t + +diff --git a/cpan/Digest/Digest.pm b/cpan/Digest/Digest.pm +index 384dfc8..d714434 100644 +--- a/cpan/Digest/Digest.pm ++++ b/cpan/Digest/Digest.pm +@@ -24,7 +24,7 @@ sub new + shift; # class ignored + my $algorithm = shift; + my $impl = $MMAP{$algorithm} || do { +- $algorithm =~ s/\W+//; ++ $algorithm =~ s/\W+//g; + "Digest::$algorithm"; + }; + $impl = [$impl] unless ref($impl); +@@ -35,7 +35,9 @@ sub new + ($class, @args) = @$class if ref($class); + no strict 'refs'; + unless (exists ${"$class\::"}{"VERSION"}) { +- eval "require $class"; ++ my $pm_file = $class . ".pm"; ++ $pm_file =~ s{::}{/}g; ++ eval { require $pm_file }; + if ($@) { + $err ||= $@; + next; +diff --git a/cpan/Digest/t/security.t b/cpan/Digest/t/security.t +new file mode 100644 +index 0000000..5cba122 +--- /dev/null ++++ b/cpan/Digest/t/security.t +@@ -0,0 +1,14 @@ ++#!/usr/bin/env perl ++ ++# Digest->new() had an exploitable eval ++ ++use strict; ++use warnings; ++ ++use Test::More tests => 1; ++ ++use Digest; ++ ++$LOL::PWNED = 0; ++eval { Digest->new(q[MD;5;$LOL::PWNED = 42]) }; ++is $LOL::PWNED, 0; -- cgit v1.2.3-54-g00ecf