From 1a22e3c2623bda6eede7b5ec41d912325c72ef9e Mon Sep 17 00:00:00 2001 From: ajacoutot Date: Thu, 13 Jul 2017 12:25:52 +0000 Subject: [PATCH] SECURITY fix for CVE-2017-1000083): Evince command injection vulnerability in CBT handler (comics: Remove support for tar and tar-like commands). --- graphics/evince/Makefile | 4 +- .../patch-backend_comics_comics-document_c | 85 +++++++++++++++++++ graphics/evince/patches/patch-configure | 19 +++++ 3 files changed, 107 insertions(+), 1 deletion(-) create mode 100644 graphics/evince/patches/patch-backend_comics_comics-document_c create mode 100644 graphics/evince/patches/patch-configure diff --git a/graphics/evince/Makefile b/graphics/evince/Makefile index cd36e3a53ab..29c511e0c28 100644 --- a/graphics/evince/Makefile +++ b/graphics/evince/Makefile @@ -1,10 +1,12 @@ -# $OpenBSD: Makefile,v 1.147 2017/04/23 21:45:58 ajacoutot Exp $ +# $OpenBSD: Makefile,v 1.148 2017/07/13 12:25:52 ajacoutot Exp $ COMMENT= GNOME document viewer GNOME_PROJECT= evince GNOME_VERSION= 3.24.0 +REVISION= 0 + MAJ_V= 3.0 SUBST_VARS= MAJ_V diff --git a/graphics/evince/patches/patch-backend_comics_comics-document_c b/graphics/evince/patches/patch-backend_comics_comics-document_c new file mode 100644 index 00000000000..ee4ec8b6a28 --- /dev/null +++ b/graphics/evince/patches/patch-backend_comics_comics-document_c @@ -0,0 +1,85 @@ +$OpenBSD: patch-backend_comics_comics-document_c,v 1.1 2017/07/13 12:25:52 ajacoutot Exp $ + +From 717df38fd8509bf883b70d680c9b1b3cf36732ee Mon Sep 17 00:00:00 2001 +From: Bastien Nocera +Date: Thu, 6 Jul 2017 20:02:00 +0200 +Subject: comics: Remove support for tar and tar-like commands + +Index: backend/comics/comics-document.c +--- backend/comics/comics-document.c.orig ++++ backend/comics/comics-document.c +@@ -56,8 +56,7 @@ typedef enum + RARLABS, + GNAUNRAR, + UNZIP, +- P7ZIP, +- TAR ++ P7ZIP + } ComicBookDecompressType; + + typedef struct _ComicsDocumentClass ComicsDocumentClass; +@@ -117,9 +116,6 @@ static const ComicBookDecompressCommand command_usage_ + + /* 7zip */ + {NULL , "%s l -- %s" , "%s x -y %s -o%s", FALSE, OFFSET_7Z}, +- +- /* tar */ +- {"%s -xOf" , "%s -tf %s" , NULL , FALSE, NO_OFFSET} + }; + + static GSList* get_supported_image_extensions (void); +@@ -364,13 +360,6 @@ comics_check_decompress_command (gchar *mime_ + comics_document->command_usage = GNAUNRAR; + return TRUE; + } +- comics_document->selected_command = +- g_find_program_in_path ("bsdtar"); +- if (comics_document->selected_command) { +- comics_document->command_usage = TAR; +- return TRUE; +- } +- + } else if (g_content_type_is_a (mime_type, "application/x-cbz") || + g_content_type_is_a (mime_type, "application/zip")) { + /* InfoZIP's unzip program */ +@@ -396,12 +385,6 @@ comics_check_decompress_command (gchar *mime_ + comics_document->command_usage = P7ZIP; + return TRUE; + } +- comics_document->selected_command = +- g_find_program_in_path ("bsdtar"); +- if (comics_document->selected_command) { +- comics_document->command_usage = TAR; +- return TRUE; +- } + + } else if (g_content_type_is_a (mime_type, "application/x-cb7") || + g_content_type_is_a (mime_type, "application/x-7z-compressed")) { +@@ -423,27 +406,6 @@ comics_check_decompress_command (gchar *mime_ + g_find_program_in_path ("7z"); + if (comics_document->selected_command) { + comics_document->command_usage = P7ZIP; +- return TRUE; +- } +- comics_document->selected_command = +- g_find_program_in_path ("bsdtar"); +- if (comics_document->selected_command) { +- comics_document->command_usage = TAR; +- return TRUE; +- } +- } else if (g_content_type_is_a (mime_type, "application/x-cbt") || +- g_content_type_is_a (mime_type, "application/x-tar")) { +- /* tar utility (Tape ARchive) */ +- comics_document->selected_command = +- g_find_program_in_path ("tar"); +- if (comics_document->selected_command) { +- comics_document->command_usage = TAR; +- return TRUE; +- } +- comics_document->selected_command = +- g_find_program_in_path ("bsdtar"); +- if (comics_document->selected_command) { +- comics_document->command_usage = TAR; + return TRUE; + } + } else { diff --git a/graphics/evince/patches/patch-configure b/graphics/evince/patches/patch-configure new file mode 100644 index 00000000000..778ce41f824 --- /dev/null +++ b/graphics/evince/patches/patch-configure @@ -0,0 +1,19 @@ +$OpenBSD: patch-configure,v 1.3 2017/07/13 12:25:52 ajacoutot Exp $ + +From 717df38fd8509bf883b70d680c9b1b3cf36732ee Mon Sep 17 00:00:00 2001 +From: Bastien Nocera +Date: Thu, 6 Jul 2017 20:02:00 +0200 +Subject: comics: Remove support for tar and tar-like commands + +Index: configure +--- configure.orig ++++ configure +@@ -22338,7 +22338,7 @@ fi + + + if test "x$enable_comics" = "xyes"; then +- COMICS_MIME_TYPES="application/x-cbr;application/x-cbz;application/x-cb7;application/x-cbt;application/x-ext-cbr;application/x-ext-cbz;application/vnd.comicbook+zip;application/x-ext-cb7;application/x-ext-cbt" ++ COMICS_MIME_TYPES="application/x-cbr;application/x-cbz;application/x-cb7;application/x-ext-cbr;application/x-ext-cbz;application/vnd.comicbook+zip;application/x-ext-cb7;" + APPDATA_COMICS_MIME_TYPES=$(echo "$COMICS_MIME_TYPES" | sed -e 's/;/<\/mimetype>\n /g') + if test -z "$EVINCE_MIME_TYPES"; then + EVINCE_MIME_TYPES="${COMICS_MIME_TYPES}"