diff options
| -rw-r--r-- | gnu/local.mk | 2 | ||||
| -rw-r--r-- | gnu/packages/backup.scm | 26 | ||||
| -rw-r--r-- | gnu/packages/patches/libarchive-CVE-2017-14166.patch | 45 | ||||
| -rw-r--r-- | gnu/packages/patches/libarchive-CVE-2017-14502.patch | 40 |
4 files changed, 5 insertions, 108 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index 9544297f17..45f108e768 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -943,8 +943,6 @@ dist_patch_DATA = \ %D%/packages/patches/liba52-link-with-libm.patch \ %D%/packages/patches/liba52-set-soname.patch \ %D%/packages/patches/liba52-use-mtune-not-mcpu.patch \ - %D%/packages/patches/libarchive-CVE-2017-14166.patch \ - %D%/packages/patches/libarchive-CVE-2017-14502.patch \ %D%/packages/patches/libarchive-CVE-2018-1000877.patch \ %D%/packages/patches/libarchive-CVE-2018-1000878.patch \ %D%/packages/patches/libarchive-CVE-2018-1000880.patch \ diff --git a/gnu/packages/backup.scm b/gnu/packages/backup.scm index c312f23c1a..45b1be2413 100644 --- a/gnu/packages/backup.scm +++ b/gnu/packages/backup.scm @@ -197,18 +197,18 @@ backups (called chunks) to allow easy burning to CD/DVD.") (define-public libarchive (package (name "libarchive") - (replacement libarchive-3.3.3) - (version "3.3.2") + (version "3.3.3") (source (origin (method url-fetch) (uri (string-append "https://libarchive.org/downloads/libarchive-" version ".tar.gz")) - (patches (search-patches "libarchive-CVE-2017-14166.patch" - "libarchive-CVE-2017-14502.patch")) + (patches (search-patches "libarchive-CVE-2018-1000877.patch" + "libarchive-CVE-2018-1000878.patch" + "libarchive-CVE-2018-1000880.patch")) (sha256 (base32 - "1km0mzfl6in7l5vz9kl09a88ajx562rw93ng9h2jqavrailvsbgd")))) + "0bhfncid058p7n1n8v29l6wxm3mhdqfassscihbsxfwz3iwb2zms")))) (build-system gnu-build-system) (inputs `(("zlib" ,zlib) @@ -274,22 +274,6 @@ archive. In particular, note that there is currently no built-in support for random access nor for in-place modification.") (license license:bsd-2))) -(define-public libarchive-3.3.3 - (package - (inherit libarchive) - (version "3.3.3") - (source - (origin - (method url-fetch) - (uri (string-append "https://libarchive.org/downloads/libarchive-" - version ".tar.gz")) - (patches (search-patches "libarchive-CVE-2018-1000877.patch" - "libarchive-CVE-2018-1000878.patch" - "libarchive-CVE-2018-1000880.patch")) - (sha256 - (base32 - "0bhfncid058p7n1n8v29l6wxm3mhdqfassscihbsxfwz3iwb2zms")))))) - (define-public rdup (package (name "rdup") diff --git a/gnu/packages/patches/libarchive-CVE-2017-14166.patch b/gnu/packages/patches/libarchive-CVE-2017-14166.patch deleted file mode 100644 index a122848440..0000000000 --- a/gnu/packages/patches/libarchive-CVE-2017-14166.patch +++ /dev/null @@ -1,45 +0,0 @@ -Fix CVE-2017-14166: - -https://github.com/libarchive/libarchive/issues/935 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166 - -Patch copied from upstream source repository: - -https://github.com/libarchive/libarchive/commit/fa7438a0ff4033e4741c807394a9af6207940d71 - -From fa7438a0ff4033e4741c807394a9af6207940d71 Mon Sep 17 00:00:00 2001 -From: Joerg Sonnenberger <joerg@bec.de> -Date: Tue, 5 Sep 2017 18:12:19 +0200 -Subject: [PATCH] Do something sensible for empty strings to make fuzzers - happy. - ---- - libarchive/archive_read_support_format_xar.c | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) - -diff --git a/libarchive/archive_read_support_format_xar.c b/libarchive/archive_read_support_format_xar.c -index 7a22beb9d..93eeacc5e 100644 ---- a/libarchive/archive_read_support_format_xar.c -+++ b/libarchive/archive_read_support_format_xar.c -@@ -1040,6 +1040,9 @@ atol10(const char *p, size_t char_cnt) - uint64_t l; - int digit; - -+ if (char_cnt == 0) -+ return (0); -+ - l = 0; - digit = *p - '0'; - while (digit >= 0 && digit < 10 && char_cnt-- > 0) { -@@ -1054,7 +1057,10 @@ atol8(const char *p, size_t char_cnt) - { - int64_t l; - int digit; -- -+ -+ if (char_cnt == 0) -+ return (0); -+ - l = 0; - while (char_cnt-- > 0) { - if (*p >= '0' && *p <= '7') diff --git a/gnu/packages/patches/libarchive-CVE-2017-14502.patch b/gnu/packages/patches/libarchive-CVE-2017-14502.patch deleted file mode 100644 index 8e0508afb5..0000000000 --- a/gnu/packages/patches/libarchive-CVE-2017-14502.patch +++ /dev/null @@ -1,40 +0,0 @@ -Fix CVE-2017-14502: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14502 -https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=573 - -Patch copied from upstream source repository: - -https://github.com/libarchive/libarchive/commit/5562545b5562f6d12a4ef991fae158bf4ccf92b6 - -From 5562545b5562f6d12a4ef991fae158bf4ccf92b6 Mon Sep 17 00:00:00 2001 -From: Joerg Sonnenberger <joerg@bec.de> -Date: Sat, 9 Sep 2017 17:47:32 +0200 -Subject: [PATCH] Avoid a read off-by-one error for UTF16 names in RAR - archives. - -Reported-By: OSS-Fuzz issue 573 ---- - libarchive/archive_read_support_format_rar.c | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c -index cbb14c32..751de697 100644 ---- a/libarchive/archive_read_support_format_rar.c -+++ b/libarchive/archive_read_support_format_rar.c -@@ -1496,7 +1496,11 @@ read_header(struct archive_read *a, struct archive_entry *entry, - return (ARCHIVE_FATAL); - } - filename[filename_size++] = '\0'; -- filename[filename_size++] = '\0'; -+ /* -+ * Do not increment filename_size here as the computations below -+ * add the space for the terminating NUL explicitly. -+ */ -+ filename[filename_size] = '\0'; - - /* Decoded unicode form is UTF-16BE, so we have to update a string - * conversion object for it. */ --- -2.15.1 - |