Tue Feb 2 17:15:32 2010 UTC ()

Pullup ticket #2895 - requested by taca
gzip: security patch

Revisions pulled up:
- archivers/gzip/Makefile			1.23
- archivers/gzip/distinfo			1.4
- archivers/gzip/patches/patch-ag		1.1
- archivers/gzip/patches/patch-ah		1.1
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Tue Feb  2 14:42:43 UTC 2010

Modified Files:
	pkgsrc/archivers/gzip: Makefile distinfo
Added Files:
	pkgsrc/archivers/gzip/patches: patch-ag patch-ah

Log Message:
Add patches for CVE-2009-2624 and CVE-2010-0001.

Bump PKGREVISION.


(tron)

diff -r1.22 -r1.22.14.1 pkgsrc/archivers/gzip/Makefile
diff -r1.3 -r1.3.14.1 pkgsrc/archivers/gzip/distinfo
diff -r0 -r1.1.2.2 pkgsrc/archivers/gzip/patches/patch-ag
diff -r0 -r1.1.2.2 pkgsrc/archivers/gzip/patches/patch-ah

--- pkgsrc/archivers/gzip/Makefile 2008/09/07 08:02:27 1.22
+++ pkgsrc/archivers/gzip/Makefile 2010/02/02 17:15:32 1.22.14.1

 @@ -1,24 +1,25 @@
-# $NetBSD: Makefile,v 1.22 2008/09/07 08:02:27 dholland Exp $
+# $NetBSD: Makefile,v 1.22.14.1 2010/02/02 17:15:32 tron Exp $
+#
 DISTNAME=	gzip-1.3.12
-PKGREVISION=	2
+PKGREVISION=	3
 SVR4_PKGNAME=	gzip
 CATEGORIES=	archivers
 MASTER_SITES=	${MASTER_SITE_GNU:=gzip/}
 EXTRACT_SUFX=	.tar
 MAINTAINER=	pkgsrc-users@NetBSD.org
 HOMEPAGE=	http://www.gnu.org/software/gzip/gzip.html
 COMMENT=	Compress or expand files
 LICENSE=	gnu-gpl-v2
 PKG_INSTALLATION_TYPES=	overwrite pkgviews
 PKG_DESTDIR_SUPPORT=	user-destdir
 CONFLICTS+=		gzip-base-[0-9]* gzip-info-[0-9]*
 GNU_CONFIGURE=	YES
 MAKE_FLAGS+=	manlinks=so
 INFO_FILES=	yes
 .include "../../mk/bsd.pkg.mk"

--- pkgsrc/archivers/gzip/distinfo 2008/09/07 08:02:27 1.3
+++ pkgsrc/archivers/gzip/distinfo 2010/02/02 17:15:32 1.3.14.1

 @@ -1,11 +1,13 @@
-$NetBSD: distinfo,v 1.3 2008/09/07 08:02:27 dholland Exp $
+$NetBSD: distinfo,v 1.3.14.1 2010/02/02 17:15:32 tron Exp $
 SHA1 (gzip-1.3.12.tar) = 330eb5f1b3dfab13a491352cb00b6573e5b55a5f
 RMD160 (gzip-1.3.12.tar) = 6845dfba2a275f4de488c3fb97e64405838a5005
 Size (gzip-1.3.12.tar) = 1822720 bytes
 SHA1 (patch-aa) = 77b3cb5c2824f88295eb8c8c7c46c4ca23b776c4
 SHA1 (patch-ab) = 42309926f601998b97051aadc31ad44413716029
 SHA1 (patch-ac) = 8ef4b7105ca9b201079f5cf8799642e12184fda4
 SHA1 (patch-ad) = 082ced7d4a89a49b750525cc71bbf9a9abfc5b9e
 SHA1 (patch-ae) = a1d245c5cf055e9bd35fb7e810d5183a71cbfc74
 SHA1 (patch-af) = 28639dbe11ed8ce81bd1c29248b53af6cea55b88
 SHA1 (patch-ag) = 6b499fe28525643bfd5e5ece73fcd221eb9f964f
 SHA1 (patch-ah) = 0f92048912c2e682ba28d93bf5f309774d337790

$NetBSD: patch-ag,v 1.1.2.2 2010/02/02 17:15:32 tron Exp $

Fix for CVE-2009-2624.

--- inflate.c.orig	2006-12-20 23:30:17.000000000 +0000
+++ inflate.c
@@ -335,13 +335,15 @@ int *m;                 /* maximum looku
   } while (--i);
   if (c[0] == n)                /* null input--all zero length codes */
   {
-    q = (struct huft *) malloc (2 * sizeof *q);
+    q = (struct huft *) malloc (3 * sizeof *q);
     if (!q)
       return 3;
-    hufts += 2;
+    hufts += 3;
     q[0].v.t = (struct huft *) NULL;
     q[1].e = 99;    /* invalid code marker */
     q[1].b = 1;
+    q[2].e = 99;    /* invalid code marker */
+    q[2].b = 1;
     *t = q + 1;
     *m = 1;
     return 0;

$NetBSD: patch-ah,v 1.1.2.2 2010/02/02 17:15:32 tron Exp $

Fix for CVE-2010-0001.

--- unlzw.c.orig	2006-12-11 18:54:39.000000000 +0000
+++ unlzw.c
@@ -248,7 +248,8 @@ int unlzw(in, out)
 	int  o;
 
     resetbuf:
-	e = insize-(o = (posbits>>3));
+	o = posbits >> 3;
+	e = o <= insize ? insize - o : 0;
 
 	for (i = 0 ; i < e ; ++i) {
 	    inbuf[i] = inbuf[i+o];