2 files changed, 49 insertions, 0 deletions
diff --git a/meta/recipes-devtools/perl/perl/CVE-2018-12015.patch b/meta/recipes-devtools/perl/perl/CVE-2018-12015.patch
new file mode 100644
index 0000000000..a33deaff6a
--- /dev/null
+++ b/meta/recipes-devtools/perl/perl/CVE-2018-12015.patch
@@ -0,0 +1,48 @@
+From ae65651eab053fc6dc4590dbb863a268215c1fc5 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
+Date: Fri, 8 Jun 2018 11:45:40 +0100
+Subject: [PATCH] [PATCH] Remove existing files before overwriting them
+Archive should extract only the latest same-named entry.
+Extracted regular file should not be writtent into existing block
+device (or any other one).
+https://rt.cpan.org/Ticket/Display.html?id=125523
+CVE: CVE-2018-12015
+Upstream-Status: Backport [https://github.com/jib/archive-tar-new/commit/ae65651eab053fc6dc4590dbb863a268215c1fc5]
+Signed-off-by: Chris 'BinGOs' Williams <chris@bingosnet.co.uk>
+Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
+---
+ lib/Archive/Tar.pm | 14 ++++++++++++++
+ 1 file changed, 14 insertions(+)
+diff --git a/cpan/Archive-Tar/lib/Archive/Tar.pm b/cpan/Archive-Tar/lib/Archive/Tar.pm
+index 6244369..a83975f 100644
+--- a/cpan/Archive-Tar/lib/Archive/Tar.pm
+++ b/cpan/Archive-Tar/lib/Archive/Tar.pm
+@@ -845,6 +845,20 @@ sub _extract_file {
+         return;
+     }
+ 
+    ### If a file system already contains a block device with the same name as
+    ### the being extracted regular file, we would write the file's content
+    ### to the block device. So remove the existing file (block device) now.
+    ### If an archive contains multiple same-named entries, the last one
+    ### should replace the previous ones. So remove the old file now.
+    ### If the old entry is a symlink to a file outside of the CWD, the new
+    ### entry would create a file there. This is CVE-2018-12015
+    ### <https://rt.cpan.org/Ticket/Display.html?id=125523>.
+    if (-l $full || -e _) {
+       if (!unlink $full) {
+           $self->_error( qq[Could not remove old file '$full': $!] );
+           return;
+       }
+    }
+     if( length $entry->type && $entry->is_file ) {
+         my $fh = IO::File->new;
+         $fh->open( '>' . $full ) or (
+-- 
+2.13.3
diff --git a/meta/recipes-devtools/perl/perl_5.24.4.bb b/meta/recipes-devtools/perl/perl_5.24.4.bb
index 87a85a39d4..28f1c249dc 100644
--- a/meta/recipes-devtools/perl/perl_5.24.4.bb
+++ b/meta/recipes-devtools/perl/perl_5.24.4.bb
@@ -64,6 +64,7 @@ SRC_URI += " \
        file://perl-fix-conflict-between-skip_all-and-END.patch \
        file://perl-test-customized.patch \
        file://perl-5.26.1-guard_old_libcrypt_fix.patch \
+        file://CVE-2018-12015.patch \
 "
 # Fix test case issues

diff --git a/meta/recipes-devtools/perl/perl/CVE-2018-12015.patch b/meta/recipes-devtools/perl/perl/CVE-2018-12015.patch new file mode 100644 index 0000000000..a33deaff6a --- /dev/null +++ b/meta/recipes-devtools/perl/perl/CVE-2018-12015.patch
@@ -0,0 +1,48 @@
		1	From ae65651eab053fc6dc4590dbb863a268215c1fc5 Mon Sep 17 00:00:00 2001
		2	From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
		3	Date: Fri, 8 Jun 2018 11:45:40 +0100
		4	Subject: [PATCH] [PATCH] Remove existing files before overwriting them
		5
		6	Archive should extract only the latest same-named entry.
		7	Extracted regular file should not be writtent into existing block
		8	device (or any other one).
		9
		10	https://rt.cpan.org/Ticket/Display.html?id=125523
		11
		12	CVE: CVE-2018-12015
		13	Upstream-Status: Backport [https://github.com/jib/archive-tar-new/commit/ae65651eab053fc6dc4590dbb863a268215c1fc5]
		14
		15	Signed-off-by: Chris 'BinGOs' Williams <chris@bingosnet.co.uk>
		16	Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
		17	---
		18	lib/Archive/Tar.pm \| 14 ++++++++++++++
		19	1 file changed, 14 insertions(+)
		20
		21	diff --git a/cpan/Archive-Tar/lib/Archive/Tar.pm b/cpan/Archive-Tar/lib/Archive/Tar.pm
		22	index 6244369..a83975f 100644
		23	--- a/cpan/Archive-Tar/lib/Archive/Tar.pm
		24	+++ b/cpan/Archive-Tar/lib/Archive/Tar.pm
		25	@@ -845,6 +845,20 @@ sub _extract_file {
		26	return;
		27	}
		28
		29	+ ### If a file system already contains a block device with the same name as
		30	+ ### the being extracted regular file, we would write the file's content
		31	+ ### to the block device. So remove the existing file (block device) now.
		32	+ ### If an archive contains multiple same-named entries, the last one
		33	+ ### should replace the previous ones. So remove the old file now.
		34	+ ### If the old entry is a symlink to a file outside of the CWD, the new
		35	+ ### entry would create a file there. This is CVE-2018-12015
		36	+ ### <https://rt.cpan.org/Ticket/Display.html?id=125523>.
		37	+ if (-l $full \|\| -e _) {
		38	+ if (!unlink $full) {
		39	+ $self->_error( qq[Could not remove old file '$full': $!] );
		40	+ return;
		41	+ }
		42	+ }
		43	if( length $entry->type && $entry->is_file ) {
		44	my $fh = IO::File->new;
		45	$fh->open( '>' . $full ) or (
		46	--
		47	2.13.3
		48


diff --git a/meta/recipes-devtools/perl/perl_5.24.4.bb b/meta/recipes-devtools/perl/perl_5.24.4.bb index 87a85a39d4..28f1c249dc 100644 --- a/meta/recipes-devtools/perl/perl_5.24.4.bb +++ b/meta/recipes-devtools/perl/perl_5.24.4.bb
@@ -64,6 +64,7 @@ SRC_URI += " \
64	file://perl-fix-conflict-between-skip_all-and-END.patch \	64	file://perl-fix-conflict-between-skip_all-and-END.patch \
65	file://perl-test-customized.patch \	65	file://perl-test-customized.patch \
66	file://perl-5.26.1-guard_old_libcrypt_fix.patch \	66	file://perl-5.26.1-guard_old_libcrypt_fix.patch \
		67	file://CVE-2018-12015.patch \
67	"	68	"
68		69
69	# Fix test case issues	70	# Fix test case issues