Mail archive
alpine-aports

[alpine-aports] [PATCH v3.3] main/tar: security upgrade - CVE-2016-6321 - fixes #6399

From: Sergey Lukin <sergej.lukin_at_gmail.com>
Date: Tue, 6 Dec 2016 07:13:53 +0000

---
 main/tar/APKBUILD                                  | 14 +++++++----
 ...tar-extract-pathname-bypass-CVE-2016-6321.patch | 27 ++++++++++++++++++++++
 2 files changed, 36 insertions(+), 5 deletions(-)
 create mode 100644 main/tar/tar-extract-pathname-bypass-CVE-2016-6321.patch
diff --git a/main/tar/APKBUILD b/main/tar/APKBUILD
index be41c1a..30fc230 100644
--- a/main/tar/APKBUILD
+++ b/main/tar/APKBUILD
_at_@ -1,7 +1,7 @@
 # Maintainer: Carlo Landmeter <clandmeter_at_gmail.com>
 pkgname=tar
 pkgver=1.28
-pkgrel=1
+pkgrel=2
 pkgdesc="Utility used to store, backup, and transport files"
 url="http://www.gnu.org"
 arch="all"
_at_@ -11,7 +11,8 @@ install=
 makedepends=
 source="ftp://ftp.gnu.org/gnu/tar/$pkgname-$pkgver.tar.xz
 	ignore-apk-tools-checksums.patch
-	"
+	tar-extract-pathname-bypass-CVE-2016-6321.patch
+        "
 subpackages="$pkgname-doc"
 
 _builddir="$srcdir/$pkgname-$pkgver"
_at_@ -49,8 +50,11 @@ package() {
 }
 
 md5sums="49b6306167724fe48f419a33a5beb857  tar-1.28.tar.xz
-2c4c807811c4ba827f4510dc2a2f8460  ignore-apk-tools-checksums.patch"
+2c4c807811c4ba827f4510dc2a2f8460  ignore-apk-tools-checksums.patch
+b5998fb9f5308f0e9bcf92550bc58a79  tar-extract-pathname-bypass-CVE-2016-6321.patch"
 sha256sums="64ee8d88ec1b47a0961033493f919d27218c41b580138fd6802327462aff22f2  tar-1.28.tar.xz
-4f6330e37e0540f8731256a65fd8ff6de475cf9e3ec9d0245b9dd21d7546713d  ignore-apk-tools-checksums.patch"
+4f6330e37e0540f8731256a65fd8ff6de475cf9e3ec9d0245b9dd21d7546713d  ignore-apk-tools-checksums.patch
+0fceab91f9f5a0669dbdc0642db17bfb9e892aacbfc73d5ec950a6a4d93d274f  tar-extract-pathname-bypass-CVE-2016-6321.patch"
 sha512sums="0e590abb82ef0202a1f659012477c9ff30d035729b7df47c9c8604901fb0bcdd970386dbc9a6256df63cfd7e629617076fea6ce9735213218f69601daa76c486  tar-1.28.tar.xz
-9cde0f1509328bc5fe2cb46642b53c7681c548cf28a2fb83eda7e9374c9c0ad27a0cd55b9c0cc93951def58dafa55ee71cace5493ddcb7966ee94dc5f1099739  ignore-apk-tools-checksums.patch"
+9cde0f1509328bc5fe2cb46642b53c7681c548cf28a2fb83eda7e9374c9c0ad27a0cd55b9c0cc93951def58dafa55ee71cace5493ddcb7966ee94dc5f1099739  ignore-apk-tools-checksums.patch
+abcbcf78b49980ad71476ab1960bf38717e85f73daeba312dcf91816096284387ea39949dc9ff981c02b6f6fd0a3bf6cb6d74133834af3cd61906b4daa06cc9f  tar-extract-pathname-bypass-CVE-2016-6321.patch"
diff --git a/main/tar/tar-extract-pathname-bypass-CVE-2016-6321.patch b/main/tar/tar-extract-pathname-bypass-CVE-2016-6321.patch
new file mode 100644
index 0000000..36ab4ac
--- /dev/null
+++ b/main/tar/tar-extract-pathname-bypass-CVE-2016-6321.patch
_at_@ -0,0 +1,27 @@
+--- a/lib/paxnames.c
++++ b/lib/paxnames.c
+_at_@ -18,6 +18,7 @@
+ #include <system.h>
+ #include <hash.h>
+ #include <paxlib.h>
++#include <quotearg.h>
+ 
+ 
+ /* Hash tables of strings.  */
+_at_@ -114,7 +115,15 @@
+       for (p = file_name + prefix_len; *p; )
+ 	{
+           if (p[0] == '.' && p[1] == '.' && (ISSLASH (p[2]) || !p[2]))
+-	    prefix_len = p + 2 - file_name;
++            {
++	      static char const *const diagnostic[] =
++	      {
++		N_("%s: Member name contains '..'"),
++		N_("%s: Hard link target contains '..'")
++	      };
++	      FATAL_ERROR ((0, 0, _(diagnostic[link_target]),
++	                    quotearg_colon (file_name)));
++	    }
+ 
+ 	  do
+ 	    {
-- 
2.6.6
---
Unsubscribe:  alpine-aports+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-aports+help_at_lists.alpinelinux.org
---
Received on Tue Dec 06 2016 - 07:13:53 GMT