diff options
| author |   Sebastien BALLET | 2016-06-01 02:41:44 +0200 |
|---|---|---|
| committer |   Willy Sudiarto Raharjo | 2016-06-01 02:42:13 +0200 |
| commit | 69627985551482e085150d040ba6f64dea96f383 (patch) | |
| tree | 30390e1e4a12ef90198d5b01a25bec33fdd0b8b6 /system/p7zip/p7zip.SlackBuild | |
| parent | a3356a223185926992cc7cadabb0afd9db401a3d (diff) | |
| download | slackbuilds-69627985551482e085150d040ba6f64dea96f383.tar.gz | |
system/p7zip: Add security patches.
CVE-2015-1038
CVE-2016-2335.
Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
Diffstat (limited to 'system/p7zip/p7zip.SlackBuild')
| -rw-r--r-- | system/p7zip/p7zip.SlackBuild | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/system/p7zip/p7zip.SlackBuild b/system/p7zip/p7zip.SlackBuild index d2753aa927..e9eb5b372c 100644 --- a/system/p7zip/p7zip.SlackBuild +++ b/system/p7zip/p7zip.SlackBuild @@ -23,8 +23,8 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. PRGNAM=p7zip -VERSION=9.20.1 -BUILD=${BUILD:-1} +VERSION=${VERSION:-9.20.1} +BUILD=${BUILD:-2} TAG=${TAG:-_SBo} if [ -z "$ARCH" ]; then @@ -70,7 +70,22 @@ find -L . \ \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \ -o -perm 511 \) -exec chmod 755 {} \; -o \ \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \ - -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \; + -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \; + +# patch to fix security issues : +# +# CVE-2015-1038: +# p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive. +# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1038 +# https://sourceforge.net/p/p7zip/bugs/147/#2f9c +# +# CVE-2016-2335: +# 7zip UDF CInArchive::ReadFileItem Code Execution Vulnerability +# http://www.talosintel.com/reports/TALOS-2016-0094/ +# https://sourceforge.net/p/p7zip/discussion/383043/thread/9d0fb86b/#1dba +# +patch -Np1 < $CWD/CVE-2015-1038.patch +patch -Np1 < $CWD/CVE-2016-2335.patch make all3 \ OPTFLAGS="$SLKCFLAGS" \ |