diff options
author | Efraim Flashner <efraim@flashner.co.il> | 2017-12-18 22:37:41 +0200 |
---|---|---|
committer | Efraim Flashner <efraim@flashner.co.il> | 2017-12-18 22:53:46 +0200 |
commit | 91675d50824065cc03304d5bdef5212ceb1ce92d (patch) | |
tree | e339302547ea0a326c07ef607f71a5f13c3ef9e4 /gnu/packages/patches/rsync-CVE-2017-17434-pt2.patch | |
parent | b50a9cc0088c2bf58a3576734afc614f458fa931 (diff) | |
download | guix-91675d50824065cc03304d5bdef5212ceb1ce92d.tar.gz |
gnu: rsync: Patch CVE-2017-{16548,17433,17434}.
* gnu/packages/rsync.scm (rsync)[source]: Add patches. [properties]: Mark CVE-2017-15994 as not relevant. * gnu/packages/patches/rsync-CVE-2017-16548.patch, gnu/packages/patches/rsync-CVE-2017-17433.patch, gnu/packages/patches/rsync-CVE-2017-17433-fix-tests.patch, gnu/packages/patches/rsync-CVE-2017-17434-pt1.patch, gnu/packages/patches/rsync-CVE-2017-17434-pt2.patch: New files. * gnu/local.mk (dist_patch_DATA): Register them.
Diffstat (limited to 'gnu/packages/patches/rsync-CVE-2017-17434-pt2.patch')
-rw-r--r-- | gnu/packages/patches/rsync-CVE-2017-17434-pt2.patch | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/gnu/packages/patches/rsync-CVE-2017-17434-pt2.patch b/gnu/packages/patches/rsync-CVE-2017-17434-pt2.patch new file mode 100644 index 0000000000..fad19d01fb --- /dev/null +++ b/gnu/packages/patches/rsync-CVE-2017-17434-pt2.patch @@ -0,0 +1,39 @@ +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17434 +https://git.samba.org/?p=rsync.git;a=patch;h=70aeb5fddd1b2f8e143276f8d5a085db16c593b9 + +From 70aeb5fddd1b2f8e143276f8d5a085db16c593b9 Mon Sep 17 00:00:00 2001 +From: Jeriko One <jeriko.one@gmx.us> +Date: Thu, 16 Nov 2017 17:05:42 -0800 +Subject: [PATCH] Sanitize xname in read_ndx_and_attrs. + +--- + rsync.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/rsync.c b/rsync.c +index b82e598..a0945ba 100644 +--- a/rsync.c ++++ b/rsync.c +@@ -49,6 +49,7 @@ extern int flist_eof; + extern int file_old_total; + extern int keep_dirlinks; + extern int make_backups; ++extern int sanitize_paths; + extern struct file_list *cur_flist, *first_flist, *dir_flist; + extern struct chmod_mode_struct *daemon_chmod_modes; + #ifdef ICONV_OPTION +@@ -396,6 +397,11 @@ int read_ndx_and_attrs(int f_in, int f_out, int *iflag_ptr, uchar *type_ptr, + if (iflags & ITEM_XNAME_FOLLOWS) { + if ((len = read_vstring(f_in, buf, MAXPATHLEN)) < 0) + exit_cleanup(RERR_PROTOCOL); ++ ++ if (sanitize_paths) { ++ sanitize_path(buf, buf, "", 0, SP_DEFAULT); ++ len = strlen(buf); ++ } + } else { + *buf = '\0'; + len = -1; +-- +1.9.1 + |