summary refs log tree commit diff
path: root/gnu/packages/patches/rsync-CVE-2017-17433-fix-tests.patch
diff options
context:
space:
mode:
authorEfraim Flashner <efraim@flashner.co.il>2017-12-18 22:37:41 +0200
committerEfraim Flashner <efraim@flashner.co.il>2017-12-18 22:53:46 +0200
commit91675d50824065cc03304d5bdef5212ceb1ce92d (patch)
treee339302547ea0a326c07ef607f71a5f13c3ef9e4 /gnu/packages/patches/rsync-CVE-2017-17433-fix-tests.patch
parentb50a9cc0088c2bf58a3576734afc614f458fa931 (diff)
downloadguix-91675d50824065cc03304d5bdef5212ceb1ce92d.tar.gz
gnu: rsync: Patch CVE-2017-{16548,17433,17434}.
* gnu/packages/rsync.scm (rsync)[source]: Add patches.
[properties]: Mark CVE-2017-15994 as not relevant.
* gnu/packages/patches/rsync-CVE-2017-16548.patch,
gnu/packages/patches/rsync-CVE-2017-17433.patch,
gnu/packages/patches/rsync-CVE-2017-17433-fix-tests.patch,
gnu/packages/patches/rsync-CVE-2017-17434-pt1.patch,
gnu/packages/patches/rsync-CVE-2017-17434-pt2.patch: New files.
* gnu/local.mk (dist_patch_DATA): Register them.
Diffstat (limited to 'gnu/packages/patches/rsync-CVE-2017-17433-fix-tests.patch')
-rw-r--r--gnu/packages/patches/rsync-CVE-2017-17433-fix-tests.patch42
1 files changed, 42 insertions, 0 deletions
diff --git a/gnu/packages/patches/rsync-CVE-2017-17433-fix-tests.patch b/gnu/packages/patches/rsync-CVE-2017-17433-fix-tests.patch
new file mode 100644
index 0000000000..74bac0fc33
--- /dev/null
+++ b/gnu/packages/patches/rsync-CVE-2017-17433-fix-tests.patch
@@ -0,0 +1,42 @@
+https://git.samba.org/?p=rsync.git;a=patch;h=f5e8a17e093065fb20fea00a29540fe2c7896441
+minor edits were made to get the patch to apply
+
+From f5e8a17e093065fb20fea00a29540fe2c7896441 Mon Sep 17 00:00:00 2001
+From: Wayne Davison <wayned@samba.org>
+Date: Sun, 3 Dec 2017 15:49:56 -0800
+Subject: [PATCH] Fix issue with earlier path-check (fixes "make check") and
+ make a BOOL more explicit.
+
+---
+ checksum.c |  2 +-
+ receiver.c | 10 +++++-----
+ 2 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/receiver.c b/receiver.c
+index 9c46242..75cb00d 100644
+--- a/receiver.c
++++ b/receiver.c
+@@ -574,15 +574,15 @@ int recv_files(int f_in, int f_out, char *local_name)
+ 			file = dir_flist->files[cur_flist->parent_ndx];
+ 		fname = local_name ? local_name : f_name(file, fbuf);
+ 
+-		if (daemon_filter_list.head
+-		    && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0) {
++		if (DEBUG_GTE(RECV, 1))
++			rprintf(FINFO, "recv_files(%s)\n", fname);
++
++		if (daemon_filter_list.head && (*fname != '.' || fname[1] != '\0')
++		 && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0) {
+ 			rprintf(FERROR, "attempt to hack rsync failed.\n");
+ 			exit_cleanup(RERR_PROTOCOL);
+ 		}
+ 
+-		if (DEBUG_GTE(RECV, 1))
+-			rprintf(FINFO, "recv_files(%s)\n", fname);
+-
+ #ifdef SUPPORT_XATTRS
+ 		if (preserve_xattrs && iflags & ITEM_REPORT_XATTR && do_xfers
+ 		 && !(want_xattr_optim && BITS_SET(iflags, ITEM_XNAME_FOLLOWS|ITEM_LOCAL_CHANGE)))
+-- 
+1.9.1
+