rpms/gzip/devel gzip-1.3.5-gunzip-dir.patch, NONE, 1.1 gzip-1.3.5-gzip-perm.patch, 1.1, 1.2 gzip.spec, 1.19, 1.20

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Fri Apr 29 13:15:45 UTC 2005 

Author: varekova

Update of /cvs/dist/rpms/gzip/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv2175

Modified Files:
	gzip-1.3.5-gzip-perm.patch gzip.spec 
Added Files:
	gzip-1.3.5-gunzip-dir.patch 
Log Message:
  fix bug 156269 - CAN-2005-1228 directory traversal bug


gzip-1.3.5-gunzip-dir.patch:
 gzip.c |    2 ++
 1 files changed, 2 insertions(+)

--- NEW FILE gzip-1.3.5-gunzip-dir.patch ---
--- gzip-1.3.5/gzip.c.pom	2005-04-29 14:25:23.000000000 +0200
+++ gzip-1.3.5/gzip.c	2005-04-29 14:24:42.000000000 +0200
@@ -1344,6 +1344,8 @@
 			error("corrupted input -- file name too large");
 		    }
 		}
+		char *base2 = base_name (base);   /* there should be problem with file name */
+		strcpy(base, base2);              /* in this name there can't be path */
                 /* If necessary, adapt the name to local OS conventions: */
                 if (!list) {
                    MAKE_LEGAL_NAME(base);

gzip-1.3.5-gzip-perm.patch:
 gzip.c |   30 ++++++++++++++++--------------
 1 files changed, 16 insertions(+), 14 deletions(-)

Index: gzip-1.3.5-gzip-perm.patch
===================================================================
RCS file: /cvs/dist/rpms/gzip/devel/gzip-1.3.5-gzip-perm.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- gzip-1.3.5-gzip-perm.patch	26 Apr 2005 12:35:16 -0000	1.1
+++ gzip-1.3.5-gzip-perm.patch	29 Apr 2005 13:15:42 -0000	1.2
@@ -4,7 +4,7 @@
      }
  
      close(ifd);
-+    /* ofd ownership and permisions have to be set before close(ofd)*/
++    /* ofd ownership and permissions have to be set before close(ofd)*/
 +    if (!to_stdout) {
 +        if (fchmod(ofd, istat.st_mode & 07777)) {
 +            int e = errno;


Index: gzip.spec
===================================================================
RCS file: /cvs/dist/rpms/gzip/devel/gzip.spec,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- gzip.spec	26 Apr 2005 12:35:16 -0000	1.19
+++ gzip.spec	29 Apr 2005 13:15:42 -0000	1.20
@@ -1,7 +1,7 @@
 Summary: The GNU data compression program.
 Name: gzip
 Version: 1.3.5
-Release: 4
+Release: 5
 License: GPL
 Group: Applications/File
 Source: ftp://alpha.gnu.org/gnu/gzip/gzip-%{version}.tar.gz
@@ -14,6 +14,7 @@
 Patch7: gzip-1.3.3-addsuffix.patch
 Patch8: gzip-1.3.5-zgrep-sed.patch
 Patch9: gzip-1.3.5-gzip-perm.patch
+Patch10: gzip-1.3.5-gunzip-dir.patch
 URL: http://www.gzip.org/
 Prereq: /sbin/install-info
 Requires: mktemp less
@@ -37,6 +38,7 @@
 %patch7 -p1 -b .addsuffix
 %patch8 -p0 -b .sed
 %patch9 -p1 -b .perm
+%patch10 -p1 -b .dir
 
 %build
 export DEFS="NO_ASM"
@@ -82,6 +84,10 @@
 %{_infodir}/gzip.info*
 
 %changelog
+* Fri Apr 29 2005 Ivana Varekova <varekova at redhat.com> 1.3.5-5
+- fix bug 156269 - CAN-2005-1228 directory traversal bug
+ (using the patch from Ulf Harnhammar)
+
 * Tue Apr 26 2005 Ivana Varekova <varekova at redhat.com> 1.3.5-4
 - fix bug 155746 - CAN-2005-0988 Race condition in gzip (patch9)

More information about the fedora-cvs-commits mailing list