From owner-freebsd-ports Mon Jul 9 5:14: 7 2001 Delivered-To: freebsd-ports@freebsd.org Received: from adm.sci-nnov.ru (adm.sci-nnov.ru [195.122.226.2]) by hub.freebsd.org (Postfix) with ESMTP id E53DD37B406 for ; Mon, 9 Jul 2001 05:13:57 -0700 (PDT) (envelope-from 3APA3A@SECURITY.NNOV.RU) Received: from anonymous.sandy.ru (anonymous.sandy.ru [195.122.226.40]) by adm.sci-nnov.ru (8.9.3/Dmiter-4.1-AGK-0.5) with ESMTP id QAA29914; Mon, 9 Jul 2001 16:09:17 +0400 (MSD) Content-Transfer-Encoding: 8bit Date: Mon, 9 Jul 2001 16:09:17 +0400 From: 3APA3A <3APA3A@SECURITY.NNOV.RU> X-Mailer: The Bat! (v1.51) Reply-To: 3APA3A <3APA3A@SECURITY.NNOV.RU> Organization: http://www.security.nnov.ru X-Priority: 3 (Normal) Message-ID: <129438342783.20010709160917@SECURITY.NNOV.RU> To: Kris Kennaway Cc: ports@FreeBSD.ORG Subject: Re[2]: Fwd: UnZip 5.40 port directory traversal In-Reply-To: <20010704175053.F59410@xor.obsecurity.org> References: <12104282149.20010625174836@SECURITY.NNOV.RU> <20010704175053.F59410@xor.obsecurity.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----------D0AD13B3CB9565B" Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org ------------D0AD13B3CB9565B Content-Type: text/plain; charset=Windows-1251 Content-Transfer-Encoding: 8bit Hello Kris, This patches should fix directory traversal and absolute path problems in unzip 5.42 and tar 1.13.19 (I didn't fixed latest release of tar because only 1.13.19 implements dot-dot protection, but has a bug in coding, which makes it unusable. I've notified Paul Eggert about it, sources are on ftp://alpha.gnu.org/gnu/tar/ ). --Thursday, July 05, 2001, 4:50:56 AM, you wrote to 3APA3A@SECURITY.NNOV.RU: KK> On Mon, Jun 25, 2001 at 05:48:36PM +0400, 3APA3A wrote: >> I will be grateful for any kind of reply. SECURITY.NNOV follows >> RFPolicy http://www.wiretrip.net/rfp/policy.html KK> ports@FreeBSD.org is the wrong destination to send emails about KK> security holes in FreeBSD ports; the documented security contact KK> address is security-officer@FreeBSD.org. It was only by accident I KK> discovered these emails. KK> Kris -- ~/3APA3A Ибо факты есть факты, и изложена они лишь для того, чтобы их поняли и в них поверили. (Твен) ------------D0AD13B3CB9565B Content-Type: application/octet-stream; name="unzip-5.42.patch" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="unzip-5.42.patch" KioqIGV4dHJhY3Qub3JpZwlTdW4gSmFuIDE0IDAwOjQwOjIwIDIwMDEKLS0tIGV4dHJhY3QuYwlN b24gSnVsICA5IDE0OjQ1OjQyIDIwMDEKKioqKioqKioqKioqKioqCioqKiAxNTQsMTU5ICoqKioK LS0tIDE1NCwxNjEgLS0tLQogICNpZm5kZWYgV0lORExMCiAgICAgc3RhdGljIFpDT05TVCBjaGFy IEZhciBSZXBsYWNlUXVlcnlbXSA9CiAgICAgICAicmVwbGFjZSAlcz8gW3ldZXMsIFtuXW8sIFtB XWxsLCBbTl1vbmUsIFtyXWVuYW1lOiAiOworICAgIHN0YXRpYyBaQ09OU1QgY2hhciBGYXIgVHJh dmVyc2FsV2FybmluZ1tdID0gCisgICAgICAiJXMgc2tpcHBlZCBiZWNhdXNlIG9mIGRpcmVjdG9y eSB0cmF2ZXJzYWxcbiI7CiAgICAgc3RhdGljIFpDT05TVCBjaGFyIEZhciBBc3N1bWVOb25lW10g PSAiIE5VTExcbihhc3N1bWluZyBbTl1vbmUpXG4iOwogICAgIHN0YXRpYyBaQ09OU1QgY2hhciBG YXIgTmV3TmFtZVF1ZXJ5W10gPSAibmV3IG5hbWU6ICI7CiAgICAgc3RhdGljIFpDT05TVCBjaGFy IEZhciBJbnZhbGlkUmVzcG9uc2VbXSA9ICJlcnJvcjogIGludmFsaWQgcmVzcG9uc2UgWyVjXVxu IjsKKioqKioqKioqKioqKioqCioqKiA4NzcsODgyICoqKioKLS0tIDg3OSw4OTMgLS0tLQogICAg ICAgICAgICAgICAgICAgICAgfSAvKiBlbmQgc3dpdGNoICgqYW5zd2VyYnVmKSAqLwogICNlbmRp ZiAvKiA/V0lORExMICovCiAgICAgICAgICAgICAgICAgIH0gLyogZW5kIGlmIChxdWVyeSkgKi8K KyAJCWlmKCpfX0dfXyBHLmZpbGVuYW1lPT0nLycgfHwgIXN0cm5jbXAoX19HX18gRy5maWxlbmFt ZSwgIi4uLyIsIDMpCisgCQkgICAgfHwgc3Ryc3RyKF9fR19fIEcuZmlsZW5hbWUsIi8uLi8iKSl7 CisgICAgICAgICAgICAgICAgICAgICAgICAgc2tpcF9lbnRyeSA9IFNLSVBfWV9FWElTVElORzsK KyAjaWZuZGVmIFdJTkRMTAorICAgICAgICAgICAgICAgICAgICAgSW5mbyhzbGlkZSwgMHg4MSwg KChjaGFyICopc2xpZGUsCisgICAgICAgICAgICAgICAgICAgICAgIExvYWRGYXJTdHJpbmcoVHJh dmVyc2FsV2FybmluZyksCisgICAgICAgICAgICAgICAgICAgICAgIEZuRmlsdGVyMShHLmZpbGVu YW1lKSkpOworICNlbmRpZgorIAkJfQogICAgICAgICAgICAgICAgICBpZiAoc2tpcF9lbnRyeSAh PSBTS0lQX05PKSB7CiAgI2lmZGVmIFdJTkRMTAogICAgICAgICAgICAgICAgICAgICAgaWYgKHNr aXBfZW50cnkgPT0gU0tJUF9ZX0VYSVNUSU5HKSB7Cg== ------------D0AD13B3CB9565B Content-Type: application/octet-stream; name="tar-1.13.19.patch" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="tar-1.13.19.patch" KioqIG1pc2MuYy5vcmlnCVNhdCBKYW4gMTMgMDg6NTk6MjkgMjAwMQotLS0gbWlzYy5jCU1vbiBK dWwgIDkgMTU6NDU6MDkgMjAwMQoqKioqKioqKioqKioqKioKKioqIDIwMSwyMTcgKioqKgogIHsK ICAgIGNoYXIgY29uc3QgKnAgPSBuYW1lICsgRklMRVNZU1RFTV9QUkVGSVhfTEVOIChuYW1lKTsK ICAKICAgIGZvciAoOzspCiAgICAgIHsKISAgICAgICBpZiAocFswXSA9PSAnLicgJiYgcFsxXSA9 PSAnLicgJiYgKElTU0xBU0ggKHBbMl0pIHx8ICFwWzJdKSkKICAJcmV0dXJuIDE7CiAgCiAgICAg ICAgZG8KICAJewohIAkgIGlmICghICpwKyspCiAgCSAgICByZXR1cm4gMDsKICAJfQohICAgICAg IHdoaWxlICghIElTU0xBU0ggKCpwKSk7CiAgICAgIH0KICB9CiAgDAotLS0gMjAxLDIxOCAtLS0t CiAgewogICAgY2hhciBjb25zdCAqcCA9IG5hbWUgKyBGSUxFU1lTVEVNX1BSRUZJWF9MRU4gKG5h bWUpOwogIAorICAgaWYoSVNTTEFTSCAoKnApICkgcmV0dXJuIDE7CiAgICBmb3IgKDs7KQogICAg ICB7CiEgICAgICAgaWYgKHBbMF0gPT0gJy4nICYmIHBbMV0gPT0gJy4nICAmJiAoIXBbMl0gfHwg SVNTTEFTSCAocFsyXSkpKQogIAlyZXR1cm4gMTsKICAKICAgICAgICBkbwogIAl7CiEgCSAgaWYg KCEgKnApCiAgCSAgICByZXR1cm4gMDsKICAJfQohICAgICAgIHdoaWxlICghIElTU0xBU0ggKCpw KyspKTsKICAgICAgfQogIH0KICAMCg== ------------D0AD13B3CB9565B-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message