From fb212f209de5f898b0494fd21636028f00c1c8df Mon Sep 17 00:00:00 2001 From: Warren Togami Date: Thu, 28 Apr 2005 23:30:47 +0000 Subject: [PATCH] Apply fixes for CAN-2004-0452, CAN-2005-0155 and CAN-2005-0156 (#156128). --- perl-5.8.0-rmtree.patch | 35 +++++++++++++++++++++++++++++ perl-5.8.5-CAN-2005-0155+0156.patch | 22 ++++++++++++++++++ perl.spec | 15 ++++++++++--- 3 files changed, 69 insertions(+), 3 deletions(-) create mode 100644 perl-5.8.0-rmtree.patch create mode 100644 perl-5.8.5-CAN-2005-0155+0156.patch diff --git a/perl-5.8.0-rmtree.patch b/perl-5.8.0-rmtree.patch new file mode 100644 index 0000000..340b2a4 --- /dev/null +++ b/perl-5.8.0-rmtree.patch @@ -0,0 +1,35 @@ +Fix for CAN-2004-0452. Change chmod's to make files writable/executable +by the current user only and not by the entire world. chmod's necessary +in the first place but at least this makes them less dangerous. If, for +some reason the rm process dies halfway through, at worst some files and +dirs were revoked from others, not made available. + +--- perl-5.8.0/lib/File/Path.pm.chmod 2004-11-23 10:41:57.594065752 -0500 ++++ perl-5.8.0/lib/File/Path.pm 2004-11-23 10:43:41.453380351 -0500 +@@ -184,7 +184,7 @@ + # it's also intended to change it to writable in case we have + # to recurse in which case we are better than rm -rf for + # subtrees with strange permissions +- chmod(0777, ($Is_VMS ? VMS::Filespec::fileify($root) : $root)) ++ chmod(0700, ($Is_VMS ? VMS::Filespec::fileify($root) : $root)) + or carp "Can't make directory $root read+writeable: $!" + unless $safe; + +@@ -218,7 +218,7 @@ + print "skipped $root\n" if $verbose; + next; + } +- chmod 0777, $root ++ chmod 0700, $root + or carp "Can't make directory $root writeable: $!" + if $force_writeable; + print "rmdir $root\n" if $verbose; +@@ -240,7 +240,7 @@ + print "skipped $root\n" if $verbose; + next; + } +- chmod 0666, $root ++ chmod 0600, $root + or carp "Can't make file $root writeable: $!" + if $force_writeable; + print "unlink $root\n" if $verbose; diff --git a/perl-5.8.5-CAN-2005-0155+0156.patch b/perl-5.8.5-CAN-2005-0155+0156.patch new file mode 100644 index 0000000..8b8b49b --- /dev/null +++ b/perl-5.8.5-CAN-2005-0155+0156.patch @@ -0,0 +1,22 @@ +Index: perlio.c +=================================================================== +--- perlio.c (revision 4342) ++++ perlio.c (revision 4346) +@@ -454,7 +454,7 @@ + va_list ap; + dSYS; + va_start(ap, fmt); +- if (!dbg) { ++ if (!dbg && !PL_tainting && PL_uid == PL_euid && PL_gid == PL_egid) { + char *s = PerlEnv_getenv("PERLIO_DEBUG"); + if (s && *s) + dbg = PerlLIO_open3(s, O_WRONLY | O_CREAT | O_APPEND, 0666); +@@ -471,7 +471,7 @@ + s = CopFILE(PL_curcop); + if (!s) + s = "(none)"; +- sprintf(buffer, "%s:%" IVdf " ", s, (IV) CopLINE(PL_curcop)); ++ sprintf(buffer, "%.40s:%" IVdf " ", s, (IV) CopLINE(PL_curcop)); + len = strlen(buffer); + vsprintf(buffer+len, fmt, ap); + PerlLIO_write(dbg, buffer, strlen(buffer)); diff --git a/perl.spec b/perl.spec index 0356a16..91b8480 100644 --- a/perl.spec +++ b/perl.spec @@ -5,7 +5,7 @@ %define multilib_64_archs x86_64 s390x ppc64 sparc64 %define perlver 5.8.6 -%define perlrel 9 +%define perlrel 10 %define perlepoch 3 Provides: perl(:WITH_PERLIO) @@ -100,6 +100,12 @@ Patch24: perl-5.8.3-empty-rpath.patch # mod_perl 2.0.0 RC5 requires CGI.pm 3.08 Patch25: perl-5.8.6-CGI-3.08.patch +# CAN-2004-0452 fix +Patch26: perl-5.8.0-rmtree.patch + +# CAN-2005-0155 and CAN-2005-0156 fix +Patch27: perl-5.8.5-CAN-2005-0155+0156.patch + # arch-specific patches Patch100: perl-5.8.1-fpic.patch Patch101: perl-5.8.0-libdir64.patch @@ -189,8 +195,6 @@ system to handle Perl scripts. %if %{suidperl} %package suidperl -Version: %{perlver} -Release: %{perlrel} Summary: suidperl, for use with setuid perl scripts Group: Development/Languages Requires: perl = %{perlepoch}:%{perlver}-%{perlrel} @@ -217,6 +221,8 @@ more secure running of setuid perl scripts. %patch23 -p1 %patch24 -p1 %patch25 -p1 +%patch26 -p1 +%patch27 -p0 %patch100 -p1 @@ -416,6 +422,9 @@ rm -rf $RPM_BUILD_ROOT %endif %changelog +* Thu Apr 28 2005 Ville Skyttä - 3:5.8.6-10 +- Apply fixes for CAN-2004-0452, CAN-2005-0155 and CAN-2005-0156 (#156128). + * Tue Apr 26 2005 Warren Togami