diff options
author | Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com> | 2018-08-22 17:30:32 +0530 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-08-23 07:50:01 +0100 |
commit | 227a6c1acbd0e5f582d64dd683b044c9b35306dc (patch) | |
tree | 32d08959499a72f5dcf4e8524be03885c2daa069 /meta | |
parent | 79c8c364719440bc42f551a14b40bb7bae8901dd (diff) | |
download | poky-227a6c1acbd0e5f582d64dd683b044c9b35306dc.tar.gz |
perl: CVE-2018-12015
Remove existing files before overwriting them
Archive should extract only the latest same-named entry.
Extracted regular file should not be writtent into existing block
device (or any other one).
https://rt.cpan.org/Ticket/Display.html?id=125523
Affects perl <= 5.26.2
(From OE-Core rev: 037b205e89ae4c7d638a5c15d64f60e16facbaa2)
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta')
-rw-r--r-- | meta/recipes-devtools/perl/perl/CVE-2018-12015.patch | 48 | ||||
-rw-r--r-- | meta/recipes-devtools/perl/perl_5.24.4.bb | 1 |
2 files changed, 49 insertions, 0 deletions
diff --git a/meta/recipes-devtools/perl/perl/CVE-2018-12015.patch b/meta/recipes-devtools/perl/perl/CVE-2018-12015.patch new file mode 100644 index 0000000000..a33deaff6a --- /dev/null +++ b/meta/recipes-devtools/perl/perl/CVE-2018-12015.patch | |||
@@ -0,0 +1,48 @@ | |||
1 | From ae65651eab053fc6dc4590dbb863a268215c1fc5 Mon Sep 17 00:00:00 2001 | ||
2 | From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com> | ||
3 | Date: Fri, 8 Jun 2018 11:45:40 +0100 | ||
4 | Subject: [PATCH] [PATCH] Remove existing files before overwriting them | ||
5 | |||
6 | Archive should extract only the latest same-named entry. | ||
7 | Extracted regular file should not be writtent into existing block | ||
8 | device (or any other one). | ||
9 | |||
10 | https://rt.cpan.org/Ticket/Display.html?id=125523 | ||
11 | |||
12 | CVE: CVE-2018-12015 | ||
13 | Upstream-Status: Backport [https://github.com/jib/archive-tar-new/commit/ae65651eab053fc6dc4590dbb863a268215c1fc5] | ||
14 | |||
15 | Signed-off-by: Chris 'BinGOs' Williams <chris@bingosnet.co.uk> | ||
16 | Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com> | ||
17 | --- | ||
18 | lib/Archive/Tar.pm | 14 ++++++++++++++ | ||
19 | 1 file changed, 14 insertions(+) | ||
20 | |||
21 | diff --git a/cpan/Archive-Tar/lib/Archive/Tar.pm b/cpan/Archive-Tar/lib/Archive/Tar.pm | ||
22 | index 6244369..a83975f 100644 | ||
23 | --- a/cpan/Archive-Tar/lib/Archive/Tar.pm | ||
24 | +++ b/cpan/Archive-Tar/lib/Archive/Tar.pm | ||
25 | @@ -845,6 +845,20 @@ sub _extract_file { | ||
26 | return; | ||
27 | } | ||
28 | |||
29 | + ### If a file system already contains a block device with the same name as | ||
30 | + ### the being extracted regular file, we would write the file's content | ||
31 | + ### to the block device. So remove the existing file (block device) now. | ||
32 | + ### If an archive contains multiple same-named entries, the last one | ||
33 | + ### should replace the previous ones. So remove the old file now. | ||
34 | + ### If the old entry is a symlink to a file outside of the CWD, the new | ||
35 | + ### entry would create a file there. This is CVE-2018-12015 | ||
36 | + ### <https://rt.cpan.org/Ticket/Display.html?id=125523>. | ||
37 | + if (-l $full || -e _) { | ||
38 | + if (!unlink $full) { | ||
39 | + $self->_error( qq[Could not remove old file '$full': $!] ); | ||
40 | + return; | ||
41 | + } | ||
42 | + } | ||
43 | if( length $entry->type && $entry->is_file ) { | ||
44 | my $fh = IO::File->new; | ||
45 | $fh->open( '>' . $full ) or ( | ||
46 | -- | ||
47 | 2.13.3 | ||
48 | |||
diff --git a/meta/recipes-devtools/perl/perl_5.24.4.bb b/meta/recipes-devtools/perl/perl_5.24.4.bb index 87a85a39d4..28f1c249dc 100644 --- a/meta/recipes-devtools/perl/perl_5.24.4.bb +++ b/meta/recipes-devtools/perl/perl_5.24.4.bb | |||
@@ -64,6 +64,7 @@ SRC_URI += " \ | |||
64 | file://perl-fix-conflict-between-skip_all-and-END.patch \ | 64 | file://perl-fix-conflict-between-skip_all-and-END.patch \ |
65 | file://perl-test-customized.patch \ | 65 | file://perl-test-customized.patch \ |
66 | file://perl-5.26.1-guard_old_libcrypt_fix.patch \ | 66 | file://perl-5.26.1-guard_old_libcrypt_fix.patch \ |
67 | file://CVE-2018-12015.patch \ | ||
67 | " | 68 | " |
68 | 69 | ||
69 | # Fix test case issues | 70 | # Fix test case issues |