diff options
author | A. Wilcox <AWilcox@Wilcox-Tech.com> | 2018-07-05 21:33:58 -0500 |
---|---|---|
committer | A. Wilcox <AWilcox@Wilcox-Tech.com> | 2018-07-05 21:33:58 -0500 |
commit | 1015c59625d25cd40bddb3b1c8a0133217c08b5a (patch) | |
tree | b391d6655bc489b222471ae59d9a93c2b3a70a5e | |
parent | 25dbded13a57b4bae4ba219a5d2874b7035d389e (diff) | |
download | packages-1015c59625d25cd40bddb3b1c8a0133217c08b5a.tar.gz packages-1015c59625d25cd40bddb3b1c8a0133217c08b5a.tar.bz2 packages-1015c59625d25cd40bddb3b1c8a0133217c08b5a.tar.xz packages-1015c59625d25cd40bddb3b1c8a0133217c08b5a.zip |
user/libtasn1: split GPL tools out of LGPL lib pkg, fix up
-rw-r--r-- | user/libtasn1/APKBUILD | 50 | ||||
-rw-r--r-- | user/libtasn1/CVE-2017-10790.patch | 55 |
2 files changed, 105 insertions, 0 deletions
diff --git a/user/libtasn1/APKBUILD b/user/libtasn1/APKBUILD new file mode 100644 index 000000000..faf3a82b2 --- /dev/null +++ b/user/libtasn1/APKBUILD @@ -0,0 +1,50 @@ +# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net> +# Maintainer: A. Wilcox <awilfox@adelielinux.org> +pkgname=libtasn1 +pkgver=4.13 +pkgrel=0 +pkgdesc="Highly portable ASN.1 library" +url="https://www.gnu.org/software/libtasn1/" +arch="all" +license="LGPL-2.1+" +makedepends="texinfo" +subpackages="$pkgname-dev $pkgname-doc $pkgname-tools" +source="ftp://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.gz + " + +# secfixes: +# 4.13-r0: +# - CVE-2018-6003 +# 4.12-r1: +# - CVE-2017-10790 + +build() { + cd "$builddir" + CFLAGS="-Wno-error=inline" ./configure \ + --build=$CBUILD \ + --host=$CHOST \ + --prefix=/usr \ + --sysconfdir=/etc \ + --mandir=/usr/share/man \ + --localstatedir=/var + make -j1 +} + +check() { + cd "$builddir" + make check +} + +package() { + cd "$builddir" + make DESTDIR="$pkgdir" install +} + +tools() { + pkgdesc="Tools for parsing and manipulating ASN.1" + license="GPL-3.0+" + mkdir -p "$subpkgdir"/usr + mv -i "$pkgdir"/usr/bin "$subpkgdir"/usr/ +} + +sha512sums="bf5b60a296795e0a8a4a658c0106492393aa7ce698e785256b3427c17215c2a5b6178a61a2043c93ea4334f754eabece20221ac8fef0fd5644086a3891d98a9f libtasn1-4.13.tar.gz" diff --git a/user/libtasn1/CVE-2017-10790.patch b/user/libtasn1/CVE-2017-10790.patch new file mode 100644 index 000000000..eb752c20a --- /dev/null +++ b/user/libtasn1/CVE-2017-10790.patch @@ -0,0 +1,55 @@ +From d8d805e1f2e6799bb2dff4871a8598dc83088a39 Mon Sep 17 00:00:00 2001 +From: Nikos Mavrogiannopoulos <nmav@redhat.com> +Date: Thu, 22 Jun 2017 16:31:37 +0200 +Subject: [PATCH] _asn1_check_identifier: safer access to values read + +Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> +--- + lib/parser_aux.c | 17 ++++++++++++----- + 1 file changed, 12 insertions(+), 5 deletions(-) + +diff --git a/lib/parser_aux.c b/lib/parser_aux.c +index 976ab38..786ea64 100644 +--- a/lib/parser_aux.c ++++ b/lib/parser_aux.c +@@ -955,7 +955,7 @@ _asn1_check_identifier (asn1_node node) + if (p2 == NULL) + { + if (p->value) +- _asn1_strcpy (_asn1_identifierMissing, p->value); ++ _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p->value); + else + _asn1_strcpy (_asn1_identifierMissing, "(null)"); + return ASN1_IDENTIFIER_NOT_FOUND; +@@ -968,9 +968,15 @@ _asn1_check_identifier (asn1_node node) + if (p2 && (type_field (p2->type) == ASN1_ETYPE_DEFAULT)) + { + _asn1_str_cpy (name2, sizeof (name2), node->name); +- _asn1_str_cat (name2, sizeof (name2), "."); +- _asn1_str_cat (name2, sizeof (name2), (char *) p2->value); +- _asn1_strcpy (_asn1_identifierMissing, p2->value); ++ if (p2->value) ++ { ++ _asn1_str_cat (name2, sizeof (name2), "."); ++ _asn1_str_cat (name2, sizeof (name2), (char *) p2->value); ++ _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p2->value); ++ } ++ else ++ _asn1_strcpy (_asn1_identifierMissing, "(null)"); ++ + p2 = asn1_find_node (node, name2); + if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID) || + !(p2->type & CONST_ASSIGN)) +@@ -990,7 +996,8 @@ _asn1_check_identifier (asn1_node node) + _asn1_str_cpy (name2, sizeof (name2), node->name); + _asn1_str_cat (name2, sizeof (name2), "."); + _asn1_str_cat (name2, sizeof (name2), (char *) p2->value); +- _asn1_strcpy (_asn1_identifierMissing, p2->value); ++ _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p2->value); ++ + p2 = asn1_find_node (node, name2); + if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID) + || !(p2->type & CONST_ASSIGN)) +-- +1.9.1 + |