From 52781afca7fb82d35590e493341c538c5908af08 Mon Sep 17 00:00:00 2001 From: jasper Date: Mon, 7 Jan 2013 20:03:42 +0000 Subject: [PATCH] Security fix for CVE-2012-6076 inkscape: Reads .eps files from /tmp instead of current working directory --- graphics/inkscape/Makefile | 4 +-- ...ch-src_extension_implementation_script_cpp | 25 +++++++++++++++++++ 2 files changed, 27 insertions(+), 2 deletions(-) create mode 100644 graphics/inkscape/patches/patch-src_extension_implementation_script_cpp diff --git a/graphics/inkscape/Makefile b/graphics/inkscape/Makefile index a56116a2864..2a97904ac97 100644 --- a/graphics/inkscape/Makefile +++ b/graphics/inkscape/Makefile @@ -1,9 +1,9 @@ -# $OpenBSD: Makefile,v 1.27 2012/08/26 07:19:26 ajacoutot Exp $ +# $OpenBSD: Makefile,v 1.28 2013/01/07 20:03:42 jasper Exp $ COMMENT= SVG vector drawing application DISTNAME= inkscape-0.48.2 -REVISION= 3 +REVISION= 4 CATEGORIES= graphics MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=inkscape/} diff --git a/graphics/inkscape/patches/patch-src_extension_implementation_script_cpp b/graphics/inkscape/patches/patch-src_extension_implementation_script_cpp new file mode 100644 index 00000000000..f871fc206c5 --- /dev/null +++ b/graphics/inkscape/patches/patch-src_extension_implementation_script_cpp @@ -0,0 +1,25 @@ +$OpenBSD: patch-src_extension_implementation_script_cpp,v 1.1 2013/01/07 20:03:42 jasper Exp $ + +Security fix for CVE-2012-6076 inkscape: Reads .eps files from /tmp instead of current working directory + +Patch taken from Debian: +http://patch-tracker.debian.org/patch/series/view/inkscape/0.48.3.1-1.3/04-fix-LP911146.diff + +--- src/extension/implementation/script.cpp.orig Fri Jul 8 20:25:09 2011 ++++ src/extension/implementation/script.cpp Mon Jan 7 19:10:54 2013 +@@ -936,7 +936,14 @@ int Script::execute (const std::list &in_ + // assemble the rest of argv + std::copy(in_params.begin(), in_params.end(), std::back_inserter(argv)); + if (!filein.empty()) { +- argv.push_back(filein); ++ if(Glib::path_is_absolute(filein)) ++ argv.push_back(filein); ++ else { ++ std::vector buildargs; ++ buildargs.push_back(Glib::get_current_dir()); ++ buildargs.push_back(filein); ++ argv.push_back(Glib::build_filename(buildargs)); ++ } + } + + int stdout_pipe, stderr_pipe;