From owner-freebsd-ports-bugs@FreeBSD.ORG Fri Sep 9 17:50:10 2005 Return-Path: X-Original-To: freebsd-ports-bugs@hub.freebsd.org Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8C72416A41F for ; Fri, 9 Sep 2005 17:50:10 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id F39CE43D5A for ; Fri, 9 Sep 2005 17:50:09 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j89Ho9JX017778 for ; Fri, 9 Sep 2005 17:50:09 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j89Ho9B5017777; Fri, 9 Sep 2005 17:50:09 GMT (envelope-from gnats) Resent-Date: Fri, 9 Sep 2005 17:50:09 GMT Resent-Message-Id: <200509091750.j89Ho9B5017777@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Marcus Alves Grando Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F15DD16A41F; Fri, 9 Sep 2005 17:49:36 +0000 (GMT) (envelope-from root@marcus.grupos.com.br) Received: from mail.grupos.com.br (mail.grupos.com.br [200.203.183.72]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7D38343D5F; Fri, 9 Sep 2005 17:49:36 +0000 (GMT) (envelope-from root@marcus.grupos.com.br) Received: from corp.grupos.com.br (unknown [150.162.166.55]) by mail.grupos.com.br (Postfix) with ESMTP id 66D5611E20F; Fri, 9 Sep 2005 14:49:35 -0300 (BRT) Received: from marcus.grupos.com.br (unknown [150.162.166.51]) by corp.grupos.com.br (Postfix) with ESMTP id 46EF654EC; Fri, 9 Sep 2005 14:49:35 -0300 (BRT) Received: from marcus.grupos.com.br (localhost [127.0.0.1]) by marcus.grupos.com.br (8.13.4/8.13.4) with ESMTP id j89HnYpY044283; Fri, 9 Sep 2005 14:49:34 -0300 (BRT) (envelope-from root@marcus.grupos.com.br) Received: (from root@localhost) by marcus.grupos.com.br (8.13.4/8.13.4/Submit) id j89HnXCa044274; Fri, 9 Sep 2005 14:49:33 -0300 (BRT) (envelope-from root) Message-Id: <200509091749.j89HnXCa044274@marcus.grupos.com.br> Date: Fri, 9 Sep 2005 14:49:33 -0300 (BRT) From: Marcus Alves Grando To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: ache@FreeBSD.org Subject: ports/85920: Update port: archivers/unzip security fix X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Marcus Alves Grando List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Sep 2005 17:50:10 -0000 >Number: 85920 >Category: ports >Synopsis: Update port: archivers/unzip security fix >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Fri Sep 09 17:50:09 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Marcus Alves Grando >Release: FreeBSD 6.0-BETA4 i386 >Organization: Grupos Internet S/A >Environment: System: FreeBSD marcus.grupos.com.br 6.0-BETA4 FreeBSD 6.0-BETA4 #42: Thu Sep 8 14:29:29 BRT 2005 root@marcus.grupos.com.br:/usr/obj/usr/src/sys/MARCUS i386 >Description: Security Fix: http://marc.theaimsgroup.com/?l=bugtraq&m=112300046224117&w=2 Obtained from: RedHat >How-To-Repeat: >Fix: --- unzip.patch begins here --- # # Fix: http://marc.theaimsgroup.com/?l=bugtraq&m=112300046224117&w=2 # # Obtained from: RedHat # Index: Makefile =================================================================== RCS file: /home/ncvs/ports/archivers/unzip/Makefile,v retrieving revision 1.51 diff -u -r1.51 Makefile --- Makefile 1 Mar 2005 20:24:13 -0000 1.51 +++ Makefile 9 Sep 2005 17:38:55 -0000 @@ -7,7 +7,7 @@ PORTNAME= unzip PORTVERSION= 5.52 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES?= archivers MASTER_SITES= ftp://ftp.info-zip.org/pub/infozip/src/ \ ${MASTER_SITE_TEX_CTAN:S,%SUBDIR%,tools/zip/info-zip/src/,} Index: files/patch-unix_unix.c =================================================================== RCS file: files/patch-unix_unix.c diff -N files/patch-unix_unix.c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ files/patch-unix_unix.c 9 Sep 2005 17:38:55 -0000 @@ -0,0 +1,36 @@ +--- unix/unix.c.orig Sat Feb 26 16:43:42 2005 ++++ unix/unix.c Fri Sep 9 14:36:35 2005 +@@ -1042,6 +1042,16 @@ + ush z_uidgid[2]; + int have_uidgid_flg; + ++/*--------------------------------------------------------------------------- ++ Change the file permissions from default ones to those stored in the ++ zipfile. ++ ---------------------------------------------------------------------------*/ ++ ++#ifndef NO_CHMOD ++ if (fchmod(fileno(G.outfile), 0xffff & G.pInfo->file_attr)) ++ perror("chmod (file attributes) error"); ++#endif ++ + fclose(G.outfile); + + /*--------------------------------------------------------------------------- +@@ -1150,16 +1160,6 @@ + " (warning) cannot set times")); + #endif /* ?AOS_VS */ + } +- +-/*--------------------------------------------------------------------------- +- Change the file permissions from default ones to those stored in the +- zipfile. +- ---------------------------------------------------------------------------*/ +- +-#ifndef NO_CHMOD +- if (chmod(G.filename, filtattr(__G__ G.pInfo->file_attr))) +- perror("chmod (file attributes) error"); +-#endif + + } /* end function close_outfile() */ + --- unzip.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted: