summary refs log tree commit diff
path: root/gnu/packages/patches/perl-archive-tar-CVE-2018-12015.patch
diff options
context:
space:
mode:
authorRicardo Wurmus <rekado@elephly.net>2018-06-29 22:51:23 +0200
committerRicardo Wurmus <rekado@elephly.net>2018-06-29 22:51:23 +0200
commitf1728d43460e63b106dd446e70001d8e100eaf6d (patch)
tree9d211fabf9e200743be49e25d108d58ed88d2f60 /gnu/packages/patches/perl-archive-tar-CVE-2018-12015.patch
parentcda7f4bc8ecf331d623c7d37b01931a46830c648 (diff)
parent373cc3b74a6ad33fddf75c2d773a97b1775bda8e (diff)
downloadguix-f1728d43460e63b106dd446e70001d8e100eaf6d.tar.gz
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu/packages/patches/perl-archive-tar-CVE-2018-12015.patch')
-rw-r--r--gnu/packages/patches/perl-archive-tar-CVE-2018-12015.patch36
1 files changed, 36 insertions, 0 deletions
diff --git a/gnu/packages/patches/perl-archive-tar-CVE-2018-12015.patch b/gnu/packages/patches/perl-archive-tar-CVE-2018-12015.patch
new file mode 100644
index 0000000000..6460cf5855
--- /dev/null
+++ b/gnu/packages/patches/perl-archive-tar-CVE-2018-12015.patch
@@ -0,0 +1,36 @@
+Fix CVE-2018-12015:
+
+https://security-tracker.debian.org/tracker/CVE-2018-12015
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12015
+https://rt.cpan.org/Ticket/Display.html?id=125523
+
+Patch taken from this upstream commit and adapted to apply to
+the bundled copy in the Perl distribution:
+
+https://github.com/jib/archive-tar-new/commit/ae65651eab053fc6dc4590dbb863a268215c1fc5
+
+diff --git a/cpan/Archive-Tar/lib/Archive/Tar.pm b/cpan/Archive-Tar/lib/Archive/Tar.pm
+index 6244369..a83975f 100644
+--- a/cpan/Archive-Tar/lib/Archive/Tar.pm
++++ b/cpan/Archive-Tar/lib/Archive/Tar.pm
+@@ -845,6 +845,20 @@ sub _extract_file {
+         return;
+     }
+ 
++    ### If a file system already contains a block device with the same name as
++    ### the being extracted regular file, we would write the file's content
++    ### to the block device. So remove the existing file (block device) now.
++    ### If an archive contains multiple same-named entries, the last one
++    ### should replace the previous ones. So remove the old file now.
++    ### If the old entry is a symlink to a file outside of the CWD, the new
++    ### entry would create a file there. This is CVE-2018-12015
++    ### <https://rt.cpan.org/Ticket/Display.html?id=125523>.
++    if (-l $full || -e _) {
++	if (!unlink $full) {
++	    $self->_error( qq[Could not remove old file '$full': $!] );
++	    return;
++	}
++    }
+     if( length $entry->type && $entry->is_file ) {
+         my $fh = IO::File->new;
+         $fh->open( $full, '>' ) or (