diff options
| author |   Mike Frysinger <vapier@gentoo.org> | 2005-10-20 17:09:21 +0000 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2005-10-20 17:09:21 +0000 |
| commit | bb833597ed7b7b0e4398e007ee9297734036fc48 (patch) | |
| tree | 0edb0a2c502c7c7d16bba006fddaa1d8f8a34fae /app-backup/flexbackup | |
| parent | Fix typ-o. (diff) | |
| download | gentoo-2-bb833597ed7b7b0e4398e007ee9297734036fc48.tar.gz gentoo-2-bb833597ed7b7b0e4398e007ee9297734036fc48.tar.bz2 gentoo-2-bb833597ed7b7b0e4398e007ee9297734036fc48.zip | |
Version bump for security #105000.
(Portage version: 2.0.53_rc5)
Diffstat (limited to 'app-backup/flexbackup')
| -rw-r--r-- | app-backup/flexbackup/ChangeLog | 10 | ||||
| -rw-r--r-- | app-backup/flexbackup/files/digest-flexbackup-1.2.1-r1 | 1 | ||||
| -rw-r--r-- | app-backup/flexbackup/files/flexbackup-1.2.1-CAN-2005-2965.patch | 39 | ||||
| -rw-r--r-- | app-backup/flexbackup/flexbackup-1.2.1-r1.ebuild | 47 |
4 files changed, 95 insertions, 2 deletions
diff --git a/app-backup/flexbackup/ChangeLog b/app-backup/flexbackup/ChangeLog index 9989aa068942..60574d553a03 100644 --- a/app-backup/flexbackup/ChangeLog +++ b/app-backup/flexbackup/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for app-backup/flexbackup -# Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-backup/flexbackup/ChangeLog,v 1.2 2005/07/04 07:21:10 robbat2 Exp $ +# Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/app-backup/flexbackup/ChangeLog,v 1.3 2005/10/20 17:09:21 vapier Exp $ + +*flexbackup-1.2.1-r1 (20 Oct 2005) + + 20 Oct 2005; Mike Frysinger <vapier@gentoo.org> + +files/flexbackup-1.2.1-CAN-2005-2965.patch, +flexbackup-1.2.1-r1.ebuild: + Version bump for security #105000. 04 Jul 2005; Robin H. Johnson <robbat2@gentoo.org> +metadata.xml, +flexbackup-1.2.0-r1.ebuild, +flexbackup-1.2.1.ebuild: diff --git a/app-backup/flexbackup/files/digest-flexbackup-1.2.1-r1 b/app-backup/flexbackup/files/digest-flexbackup-1.2.1-r1 new file mode 100644 index 000000000000..1627b7f3c29d --- /dev/null +++ b/app-backup/flexbackup/files/digest-flexbackup-1.2.1-r1 @@ -0,0 +1 @@ +MD5 4955c89dbee354248f354a9bf0a480dd flexbackup-1.2.1.tar.gz 80158 diff --git a/app-backup/flexbackup/files/flexbackup-1.2.1-CAN-2005-2965.patch b/app-backup/flexbackup/files/flexbackup-1.2.1-CAN-2005-2965.patch new file mode 100644 index 000000000000..b98590666ff2 --- /dev/null +++ b/app-backup/flexbackup/files/flexbackup-1.2.1-CAN-2005-2965.patch @@ -0,0 +1,39 @@ +Fix insecure tempfile usage + +http://bugs.gentoo.org/105000 + +--- flexbackup ++++ flexbackup +@@ -269,6 +269,7 @@ if (($::mode !~ m/^(list|extract|restore + untie(%::index); + } + ++system ('rm', '-rf', $cfg::tmpdir) if (defined($cfg::deltmpdir)); + exit(0); + + ###################################################################### +@@ -2725,6 +2726,13 @@ sub optioncheck { + &checkvar(\$cfg::prefix,'prefix','exist',''); + &checkvar(\$cfg::sprefix,'sprefix','exist',''); + ++ # Create a subdirectory inside /tmp ++ if ($cfg::tmpdir eq '/tmp') { ++ $cfg::tmpdir = $cfg::tmpdir .'/'.$$; ++ mkdir ($cfg::tmpdir) || die "Can't create temporary directory, $!"; ++ $cfg::deltmpdir = 1; ++ } ++ + if (@::errors) { + print $::msg "Errors:\n"; + while(@::errors) { +@@ -5236,8 +5244,8 @@ sub test_bufferprog { + # Create a script which tests the buffer program + open(SCR,"> $tmp_script") || die; + print SCR "#!/bin/sh\n"; +- print SCR "tmp_data=/tmp/bufftest\$\$.txt\n"; +- print SCR "tmp_err=/tmp/bufftest\$\$.err\n"; ++ print SCR "tmp_data=\`tempfile\`\n"; ++ print SCR "tmp_err=\`tempfile\`\n"; + print SCR "echo testme > \$tmp_data\n"; + print SCR "$buffer_cmd > /dev/null 2> \$tmp_err < \$tmp_data\n"; + print SCR "res=\$?\n"; diff --git a/app-backup/flexbackup/flexbackup-1.2.1-r1.ebuild b/app-backup/flexbackup/flexbackup-1.2.1-r1.ebuild new file mode 100644 index 000000000000..9247cd9d6141 --- /dev/null +++ b/app-backup/flexbackup/flexbackup-1.2.1-r1.ebuild @@ -0,0 +1,47 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-backup/flexbackup/flexbackup-1.2.1-r1.ebuild,v 1.1 2005/10/20 17:09:21 vapier Exp $ + +inherit eutils + +DESCRIPTION="Flexible backup script using perl" +HOMEPAGE="http://flexbackup.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~hppa ~ppc x86" +IUSE="" + +RDEPEND="dev-lang/perl + sys-apps/findutils + app-arch/tar + app-arch/mt-st" + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}"/${P}-CAN-2005-2965.patch + sed -i \ + -e '/^\$type = /s:afio:tar:' \ + -e "/^\$buffer = /s:'buffer':'false':" \ + flexbackup.conf || die +} + +src_install() { + dodir /etc /usr/bin /usr/share/man/man{1,5} + make install \ + PREFIX="${D}"/usr \ + CONFFILE="${D}"/etc/flexbackup.conf \ + || die + + dodoc CHANGES CREDITS INSTALL README TODO + dohtml faq.html +} + +pkg_postinst() { + einfo "Please edit your /etc/flexbackup.conf file to suit your" + einfo "needs. If you are using devfs, the tape device should" + einfo "be set to /dev/tapes/tape0/mtn. If you need to use any" + einfo "archiver other than tar, please emerge it separately." +} |