Commit d824c74b authored by Leonardo Arena's avatar Leonardo Arena

main/perl: security fix (CVE-2018-12015)

Fixes #8983
parent 07d81b1f
......@@ -3,7 +3,7 @@
# Contributor: Valery Kartel <valery.kartel@gmail.com>
pkgname=perl
pkgver=5.26.2
pkgrel=0
pkgrel=1
pkgdesc="Larry Wall's Practical Extraction and Report Language"
url="http://www.perl.org/"
arch="all"
......@@ -14,10 +14,13 @@ depends_dev="perl-utils"
makedepends="bzip2-dev zlib-dev"
subpackages="$pkgname-doc $pkgname-dev $pkgname-utils::noarch miniperl"
source="http://www.cpan.org/src/5.0/perl-$pkgver.tar.gz
CVE-2018-12015.patch
"
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
# 5.26.2-r1:
# - CVE-2018-12015
# 5.26.2-r0:
# - CVE-2018-6797
# - CVE-2018-6798
......@@ -151,4 +154,5 @@ utils() {
done
}
sha512sums="166d767f748a911b969fc8008069f087927cbdd9ee21b375b31e5feb5afc2be8d80d68f8c291accee6fdf3be90e9dc2fc870cb9c0bd1cc68c6e001e4ed38d564 perl-5.26.2.tar.gz"
sha512sums="166d767f748a911b969fc8008069f087927cbdd9ee21b375b31e5feb5afc2be8d80d68f8c291accee6fdf3be90e9dc2fc870cb9c0bd1cc68c6e001e4ed38d564 perl-5.26.2.tar.gz
feda381bd3230443341b99135bac4d6010e9d28b619d9fb57f2dda2c29b8877f012f76d31631e5227ef79e73e0b2b162548fa24704752e61f10c05d015c68916 CVE-2018-12015.patch"
From ae65651eab053fc6dc4590dbb863a268215c1fc5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
Date: Fri, 8 Jun 2018 11:45:40 +0100
Subject: [PATCH] [PATCH] Remove existing files before overwriting them
Archive should extract only the latest same-named entry.
Extracted regular file should not be writtent into existing block
device (or any other one).
https://rt.cpan.org/Ticket/Display.html?id=125523
Signed-off-by: Chris 'BinGOs' Williams <chris@bingosnet.co.uk>
---
lib/Archive/Tar.pm | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/cpan/Archive-Tar/lib/Archive/Tar.pm b/lib/Archive/Tar.pm
index 6244369..a83975f 100644
--- a/cpan/Archive-Tar/lib/Archive/Tar.pm
+++ b/cpan/Archive-Tar/lib/Archive/Tar.pm
@@ -845,6 +845,20 @@ sub _extract_file {
return;
}
+ ### If a file system already contains a block device with the same name as
+ ### the being extracted regular file, we would write the file's content
+ ### to the block device. So remove the existing file (block device) now.
+ ### If an archive contains multiple same-named entries, the last one
+ ### should replace the previous ones. So remove the old file now.
+ ### If the old entry is a symlink to a file outside of the CWD, the new
+ ### entry would create a file there. This is CVE-2018-12015
+ ### <https://rt.cpan.org/Ticket/Display.html?id=125523>.
+ if (-l $full || -e _) {
+ if (!unlink $full) {
+ $self->_error( qq[Could not remove old file '$full': $!] );
+ return;
+ }
+ }
if( length $entry->type && $entry->is_file ) {
my $fh = IO::File->new;
$fh->open( $full, '>' ) or (
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment