update to p5-Archive-Zip-1.64
Fixes CVE-2018-10860 (directory traversal), from Charlene Wendling, thanks!
This commit is contained in:
kn
parent
e376ae4b0c
commit
ae1f077f54
@ -1,22 +1,22 @@
|
||||
# $OpenBSD: Makefile,v 1.31 2016/11/02 22:28:52 jasper Exp $
|
||||
# $OpenBSD: Makefile,v 1.32 2018/12/11 21:29:30 kn Exp $
|
||||
|
||||
COMMENT = perl interface to ZIP files
|
||||
|
||||
MODULES = cpan
|
||||
PKG_ARCH = *
|
||||
|
||||
DISTNAME = Archive-Zip-1.59
|
||||
DISTNAME = Archive-Zip-1.64
|
||||
|
||||
CATEGORIES = archivers
|
||||
|
||||
# Perl
|
||||
PERMIT_PACKAGE_CDROM = Yes
|
||||
|
||||
TEST_DEPENDS = archivers/zip \
|
||||
devel/p5-Test-MockModule \
|
||||
devel/p5-Test-Pod
|
||||
TEST_DEPENDS = archivers/unzip \
|
||||
archivers/zip \
|
||||
devel/p5-Test-MockModule
|
||||
|
||||
pre-configure:
|
||||
find ${WRKSRC} -type f -name \*.orig -exec rm {} \;
|
||||
find ${WRKSRC} -type f -name \*.orig -delete
|
||||
|
||||
.include <bsd.port.mk>
|
||||
|
||||
@ -1,2 +1,2 @@
|
||||
SHA256 (Archive-Zip-1.59.tar.gz) = eksbCqQ65yMbsyEuhqtrU4clYl3wboJ3LD2iTIsm510=
|
||||
SIZE (Archive-Zip-1.59.tar.gz) = 192151
|
||||
SHA256 (Archive-Zip-1.64.tar.gz) = 3l+E8hSAODY9VXsfoz9Y7cIIER94n3KZ/j2PbhG00X0=
|
||||
SIZE (Archive-Zip-1.64.tar.gz) = 192005
|
||||
|
||||
@ -1,43 +0,0 @@
|
||||
$OpenBSD: patch-lib_Archive_Zip_Member_pm,v 1.3 2016/11/02 22:28:52 jasper Exp $
|
||||
|
||||
http://rt.cpan.org/Public/Bug/Display.html?id=61930
|
||||
|
||||
--- lib/Archive/Zip/Member.pm.orig Thu Aug 11 22:06:33 2016
|
||||
+++ lib/Archive/Zip/Member.pm Wed Nov 2 20:27:03 2016
|
||||
@@ -304,7 +304,7 @@ sub _mapPermissionsToUnix {
|
||||
if ($format == FA_AMIGA) {
|
||||
$attribs = $attribs >> 17 & 7; # Amiga RWE bits
|
||||
$mode = $attribs << 6 | $attribs << 3 | $attribs;
|
||||
- return $mode;
|
||||
+ return sprintf("%d", $mode);
|
||||
}
|
||||
|
||||
if ($format == FA_THEOS) {
|
||||
@@ -324,7 +324,10 @@ sub _mapPermissionsToUnix {
|
||||
|| $format == FA_QDOS
|
||||
|| $format == FA_TANDEM) {
|
||||
$mode = $attribs >> 16;
|
||||
- return $mode if $mode != 0 or not $self->localExtraField;
|
||||
+ if( $mode != 0 or not $self->localExtraField) {
|
||||
+ $mode = sprintf("%d", $mode);
|
||||
+ return sprintf("%d", $mode);
|
||||
+ }
|
||||
|
||||
# warn("local extra field is: ", $self->localExtraField, "\n");
|
||||
|
||||
@@ -360,9 +363,13 @@ sub _mapPermissionsToUnix {
|
||||
|
||||
# keep previous $mode setting when its "owner"
|
||||
# part appears to be consistent with DOS attribute flags!
|
||||
- return $mode if ($mode & 0700) == (0400 | $attribs << 6);
|
||||
+ if( ( $mode & 0700 ) == ( 0400 | $attribs << 6 )) {
|
||||
+ $mode = sprintf("%d", $mode);
|
||||
+ return sprintf("%d", $mode);
|
||||
+ }
|
||||
$mode = 0444 | $attribs << 6 | $attribs << 3 | $attribs;
|
||||
- return $mode;
|
||||
+ $mode = sprintf("%d", $mode);
|
||||
+ return sprintf("%d", $mode);
|
||||
}
|
||||
|
||||
sub unixFileAttributes {
|
||||
@ -1,12 +0,0 @@
|
||||
$OpenBSD: patch-t_10_chmod_t,v 1.2 2015/11/20 15:15:21 ajacoutot Exp $
|
||||
|
||||
http://rt.cpan.org/Public/Bug/Display.html?id=61930
|
||||
|
||||
--- t/10_chmod.t.orig Wed Jun 17 20:42:51 2015
|
||||
+++ t/10_chmod.t Fri Nov 20 16:04:14 2015
|
||||
@@ -1,4 +1,4 @@
|
||||
-#!/usr/bin/perl
|
||||
+#!/usr/bin/perl -T
|
||||
|
||||
use strict;
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user