Increase buffer size to avoid overflow found in http://seclists.org/oss-sec/2014/q4/497 Bump PKGREVISION.diff -r1.87 -r1.88 pkgsrc/archivers/unzip/Makefile
(wiz)
@@ -1,18 +1,18 @@ | @@ -1,18 +1,18 @@ | |||
1 | # $NetBSD: Makefile,v 1.87 2014/12/25 16:48:33 wiz Exp $ | 1 | # $NetBSD: Makefile,v 1.88 2015/01/06 14:12:45 wiz Exp $ | |
2 | 2 | |||
3 | DISTNAME= unzip60 | 3 | DISTNAME= unzip60 | |
4 | PKGNAME= unzip-6.0 | 4 | PKGNAME= unzip-6.0 | |
5 | PKGREVISION= 2 | 5 | PKGREVISION= 3 | |
6 | CATEGORIES= archivers | 6 | CATEGORIES= archivers | |
7 | MASTER_SITES= ftp://ftp.info-zip.org/pub/infozip/src/ | 7 | MASTER_SITES= ftp://ftp.info-zip.org/pub/infozip/src/ | |
8 | EXTRACT_SUFX= .tgz | 8 | EXTRACT_SUFX= .tgz | |
9 | 9 | |||
10 | MAINTAINER= wiz@NetBSD.org | 10 | MAINTAINER= wiz@NetBSD.org | |
11 | HOMEPAGE= http://www.info-zip.org/UnZip.html | 11 | HOMEPAGE= http://www.info-zip.org/UnZip.html | |
12 | COMMENT= List, test and extract compressed files in a ZIP archive | 12 | COMMENT= List, test and extract compressed files in a ZIP archive | |
13 | LICENSE= info-zip | 13 | LICENSE= info-zip | |
14 | 14 | |||
15 | REPLACE_SH= unix/zipgrep | 15 | REPLACE_SH= unix/zipgrep | |
16 | 16 | |||
17 | USE_TOOLS+= gmake | 17 | USE_TOOLS+= gmake | |
18 | 18 |
@@ -1,11 +1,12 @@ | @@ -1,11 +1,12 @@ | |||
1 | $NetBSD: distinfo,v 1.25 2014/12/25 16:48:33 wiz Exp $ | 1 | $NetBSD: distinfo,v 1.26 2015/01/06 14:12:45 wiz Exp $ | |
2 | 2 | |||
3 | SHA1 (unzip60.tgz) = abf7de8a4018a983590ed6f5cbd990d4740f8a22 | 3 | SHA1 (unzip60.tgz) = abf7de8a4018a983590ed6f5cbd990d4740f8a22 | |
4 | RMD160 (unzip60.tgz) = 48af66606e9472e45fbb94bc4e285da23d1b89ba | 4 | RMD160 (unzip60.tgz) = 48af66606e9472e45fbb94bc4e285da23d1b89ba | |
5 | Size (unzip60.tgz) = 1376845 bytes | 5 | Size (unzip60.tgz) = 1376845 bytes | |
6 | SHA1 (patch-ab) = 672635c469e0a53ac9808f8155ee38643a8acf69 | 6 | SHA1 (patch-ab) = 672635c469e0a53ac9808f8155ee38643a8acf69 | |
7 | SHA1 (patch-ac) = 27b91401d4d5ecc3842c91dc49c08f42c8646154 | 7 | SHA1 (patch-ac) = 27b91401d4d5ecc3842c91dc49c08f42c8646154 | |
8 | SHA1 (patch-extract.c) = 8dda32c31226129464b9ef85c62051acded4642e | 8 | SHA1 (patch-extract.c) = 8dda32c31226129464b9ef85c62051acded4642e | |
9 | SHA1 (patch-fileio.c) = 910ddb3b847cae92326697a399234b2948555534 | 9 | SHA1 (patch-fileio.c) = 910ddb3b847cae92326697a399234b2948555534 | |
10 | SHA1 (patch-list.c) = 7aa261ecef5e5cc14ad387070560730ff419d635 | |||
10 | SHA1 (patch-process.c) = d6e6ed05ef7c2977353e848d9e9cba2877577812 | 11 | SHA1 (patch-process.c) = d6e6ed05ef7c2977353e848d9e9cba2877577812 | |
11 | SHA1 (patch-unix_unxcfg.h) = b2831f38b2245dacedd4eb2eef12ee1e3cf20613 | 12 | SHA1 (patch-unix_unxcfg.h) = b2831f38b2245dacedd4eb2eef12ee1e3cf20613 |
$NetBSD: patch-list.c,v 1.1 2015/01/06 14:12:45 wiz Exp $
Big-hammer fix for
http://seclists.org/oss-sec/2014/q4/497
--- list.c.orig 2009-02-08 17:11:34.000000000 +0000
+++ list.c
@@ -116,7 +116,7 @@ int list_files(__G) /* return PK-type
ulg acl_size, tot_aclsize=0L, tot_aclfiles=0L;
#endif
min_info info;
- char methbuf[8];
+ char methbuf[80];
static ZCONST char dtype[]="NXFS"; /* see zi_short() */
static ZCONST char Far method[NUM_METHODS+1][8] =
{"Stored", "Shrunk", "Reduce1", "Reduce2", "Reduce3", "Reduce4",