Apply fixes for CAN-2004-0452, CAN-2005-0155 and CAN-2005-0156 (#156128).

2005-04-28 23:30:47 +00:00 · 2005-04-28 23:30:47 +00:00 · fb212f209d
commit fb212f209d
parent 2977073dd3
3 changed files with 69 additions and 3 deletions
--- a/perl-5.8.0-rmtree.patch
+++ b/perl-5.8.0-rmtree.patch
@ -0,0 +1,35 @@
+Fix for CAN-2004-0452.  Change chmod's to make files writable/executable
+by the current user only and not by the entire world.  chmod's necessary
+in the first place but at least this makes them less dangerous.  If, for
+some reason the rm process dies halfway through, at worst some files and
+dirs were revoked from others, not made available.
+
+--- perl-5.8.0/lib/File/Path.pm.chmod	2004-11-23 10:41:57.594065752 -0500
+++ perl-5.8.0/lib/File/Path.pm	2004-11-23 10:43:41.453380351 -0500
+@@ -184,7 +184,7 @@
+ 	    # it's also intended to change it to writable in case we have
+ 	    # to recurse in which case we are better than rm -rf for 
+ 	    # subtrees with strange permissions
+-	    chmod(0777, ($Is_VMS ? VMS::Filespec::fileify($root) : $root))
+	    chmod(0700, ($Is_VMS ? VMS::Filespec::fileify($root) : $root))
+ 	      or carp "Can't make directory $root read+writeable: $!"
+ 		unless $safe;
+ 
+@@ -218,7 +218,7 @@
+ 		print "skipped $root\n" if $verbose;
+ 		next;
+ 	    }
+-	    chmod 0777, $root
+	    chmod 0700, $root
+ 	      or carp "Can't make directory $root writeable: $!"
+ 		if $force_writeable;
+ 	    print "rmdir $root\n" if $verbose;
+@@ -240,7 +240,7 @@
+ 		print "skipped $root\n" if $verbose;
+ 		next;
+ 	    }
+-	    chmod 0666, $root
+	    chmod 0600, $root
+ 	      or carp "Can't make file $root writeable: $!"
+ 		if $force_writeable;
+ 	    print "unlink $root\n" if $verbose;
--- a/perl-5.8.5-CAN-2005-0155+0156.patch
+++ b/perl-5.8.5-CAN-2005-0155+0156.patch
@ -0,0 +1,22 @@
+Index: perlio.c
+===================================================================
+--- perlio.c	(revision 4342)
+++ perlio.c	(revision 4346)
+@@ -454,7 +454,7 @@
+     va_list ap;
+     dSYS;
+     va_start(ap, fmt);
+-    if (!dbg) {
+    if (!dbg && !PL_tainting && PL_uid == PL_euid && PL_gid == PL_egid) {
+ 	char *s = PerlEnv_getenv("PERLIO_DEBUG");
+ 	if (s && *s)
+ 	    dbg = PerlLIO_open3(s, O_WRONLY | O_CREAT | O_APPEND, 0666);
+@@ -471,7 +471,7 @@
+ 	s = CopFILE(PL_curcop);
+ 	if (!s)
+ 	    s = "(none)";
+-	sprintf(buffer, "%s:%" IVdf " ", s, (IV) CopLINE(PL_curcop));
+	sprintf(buffer, "%.40s:%" IVdf " ", s, (IV) CopLINE(PL_curcop));
+ 	len = strlen(buffer);
+ 	vsprintf(buffer+len, fmt, ap);
+ 	PerlLIO_write(dbg, buffer, strlen(buffer));
--- a/perl.spec
+++ b/perl.spec
@ -5,7 +5,7 @@
 %define multilib_64_archs x86_64 s390x ppc64 sparc64

 %define perlver 5.8.6
-%define perlrel 9
+%define perlrel 10
 %define perlepoch 3

 Provides: perl(:WITH_PERLIO)
@ -100,6 +100,12 @@ Patch24: perl-5.8.3-empty-rpath.patch
 # mod_perl 2.0.0 RC5 requires CGI.pm 3.08
 Patch25: perl-5.8.6-CGI-3.08.patch

+# CAN-2004-0452 fix
+Patch26: perl-5.8.0-rmtree.patch
+
+# CAN-2005-0155 and CAN-2005-0156 fix
+Patch27: perl-5.8.5-CAN-2005-0155+0156.patch
+
 # arch-specific patches
 Patch100: perl-5.8.1-fpic.patch
 Patch101: perl-5.8.0-libdir64.patch
@ -189,8 +195,6 @@ system to handle Perl scripts.

 %if %{suidperl}
 %package suidperl
-Version: %{perlver}
-Release: %{perlrel}
 Summary: suidperl, for use with setuid perl scripts
 Group: Development/Languages
 Requires: perl = %{perlepoch}:%{perlver}-%{perlrel}
@ -217,6 +221,8 @@ more secure running of setuid perl scripts.
 %patch23 -p1
 %patch24 -p1
 %patch25 -p1
+%patch26 -p1
+%patch27 -p0

 %patch100 -p1

@ -416,6 +422,9 @@ rm -rf $RPM_BUILD_ROOT
 %endif

 %changelog
+* Thu Apr 28 2005 Ville Skyttä <ville.skytta at iki.fi> - 3:5.8.6-10
+- Apply fixes for CAN-2004-0452, CAN-2005-0155 and CAN-2005-0156 (#156128).
+
 * Tue Apr 26 2005 Warren Togami <wtogami@redhat.com. - 3:5.8.6-8
 - -Dinstallusrbinperl=n (#141182 Aaron Sherman)
 - remove 5.8.0 and 5.8.1 ABI compat (#154295)