ports/85920: Update port: archivers/unzip security fix
Marcus Alves Grando
marcus at corp.grupos.com.br
Fri Sep 9 17:50:10 UTC 2005
>Number: 85920
>Category: ports
>Synopsis: Update port: archivers/unzip security fix
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Fri Sep 09 17:50:09 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: Marcus Alves Grando
>Release: FreeBSD 6.0-BETA4 i386
>Organization:
Grupos Internet S/A
>Environment:
System: FreeBSD marcus.grupos.com.br 6.0-BETA4 FreeBSD 6.0-BETA4 #42: Thu Sep 8 14:29:29 BRT 2005 root at marcus.grupos.com.br:/usr/obj/usr/src/sys/MARCUS i386
>Description:
Security Fix: http://marc.theaimsgroup.com/?l=bugtraq&m=112300046224117&w=2
Obtained from: RedHat
>How-To-Repeat:
>Fix:
--- unzip.patch begins here ---
#
# Fix: http://marc.theaimsgroup.com/?l=bugtraq&m=112300046224117&w=2
#
# Obtained from: RedHat
#
Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/archivers/unzip/Makefile,v
retrieving revision 1.51
diff -u -r1.51 Makefile
--- Makefile 1 Mar 2005 20:24:13 -0000 1.51
+++ Makefile 9 Sep 2005 17:38:55 -0000
@@ -7,7 +7,7 @@
PORTNAME= unzip
PORTVERSION= 5.52
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES?= archivers
MASTER_SITES= ftp://ftp.info-zip.org/pub/infozip/src/ \
${MASTER_SITE_TEX_CTAN:S,%SUBDIR%,tools/zip/info-zip/src/,}
Index: files/patch-unix_unix.c
===================================================================
RCS file: files/patch-unix_unix.c
diff -N files/patch-unix_unix.c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ files/patch-unix_unix.c 9 Sep 2005 17:38:55 -0000
@@ -0,0 +1,36 @@
+--- unix/unix.c.orig Sat Feb 26 16:43:42 2005
++++ unix/unix.c Fri Sep 9 14:36:35 2005
+@@ -1042,6 +1042,16 @@
+ ush z_uidgid[2];
+ int have_uidgid_flg;
+
++/*---------------------------------------------------------------------------
++ Change the file permissions from default ones to those stored in the
++ zipfile.
++ ---------------------------------------------------------------------------*/
++
++#ifndef NO_CHMOD
++ if (fchmod(fileno(G.outfile), 0xffff & G.pInfo->file_attr))
++ perror("chmod (file attributes) error");
++#endif
++
+ fclose(G.outfile);
+
+ /*---------------------------------------------------------------------------
+@@ -1150,16 +1160,6 @@
+ " (warning) cannot set times"));
+ #endif /* ?AOS_VS */
+ }
+-
+-/*---------------------------------------------------------------------------
+- Change the file permissions from default ones to those stored in the
+- zipfile.
+- ---------------------------------------------------------------------------*/
+-
+-#ifndef NO_CHMOD
+- if (chmod(G.filename, filtattr(__G__ G.pInfo->file_attr)))
+- perror("chmod (file attributes) error");
+-#endif
+
+ } /* end function close_outfile() */
+
--- unzip.patch ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list