Habe IPFire auf LFS 6.2 gebracht.

[people/teissler/ipfire-2.x.git] / src / patches / bzip2-1.0.3-bzgrep_security-1.patch

diff --git a/src/patches/bzip2-1.0.3-bzgrep_security-1.patch b/src/patches/bzip2-1.0.3-bzgrep_security-1.patch
new file mode 100644 (file)
index 0000000..dab627d
--- /dev/null
+++ b/src/patches/bzip2-1.0.3-bzgrep_security-1.patch
@@ -0,0 +1,35 @@
+Submitted By: Ken Moffat <ken@kenmoffat.uklinux.net>
+Date: 2005-08-09
+Initial Package Version: 1.0.3
+Upstream Status: Unknown.
+Origin: Jyri Ryska (RedHat) for fedora3
+Description: Fixes filename sanitisation in bzgrep.
+ This fixes CAN-2005-0758 (if a user can be tricked into running
+bzgrep in an untrusted directory containing files with carefully
+crafted filenames, arbitrary commands could be executed as the user
+running bzgrep).  Risk is reported as low.  I've modified it to force
+the interpreter to be bash, some of the other shells in use won't
+like the bash syntax.
+
+diff -Naur bzip2-1.0.3/bzgrep bzip2-1.0.3-new/bzgrep
+--- bzip2-1.0.3/bzgrep 2004-10-09 12:29:32.000000000 +0100
++++ bzip2-1.0.3-new/bzgrep     2005-08-09 21:36:37.000000000 +0100
+@@ -1,4 +1,4 @@
+-#!/bin/sh
++#!/bin/bash
+ 
+ # Bzgrep wrapped for bzip2, 
+ # adapted from zgrep by Philippe Troin <phil@fifi.org> for Debian GNU/Linux.
+@@ -63,7 +63,11 @@
+     bzip2 -cdfq "$i" | $grep $opt "$pat"
+     r=$?
+   else
+-    bzip2 -cdfq "$i" | $grep $opt "$pat" | sed "s|^|${i}:|"
++    j=${i//\\/\\\\}
++    j=${j//|/\\|}
++    j=${j//&/\\&}
++    j=`printf "%s" "$j" | tr '\n' ' '`
++    bzip2 -cdfq "$i" | $grep $opt "$pat" | sed "s|^|${j}:|"
+     r=$?
+   fi
+   test "$r" -ne 0 && res="$r"