summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeroen Roovers <jer@gentoo.org>2012-02-20 12:07:48 +0000
committerJeroen Roovers <jer@gentoo.org>2012-02-20 12:07:48 +0000
commita14a24da3b1f925869dbcb8482a1d6896dd36190 (patch)
treedec1788cc579ae936d8f32b1c70f398aa8a07e6d
parentold (diff)
downloadgentoo-2-a14a24da3b1f925869dbcb8482a1d6896dd36190.tar.gz
gentoo-2-a14a24da3b1f925869dbcb8482a1d6896dd36190.tar.bz2
gentoo-2-a14a24da3b1f925869dbcb8482a1d6896dd36190.zip
Fix insecure file permissions (bug #404983).
(Portage version: 2.2.0_alpha87/cvs/Linux x86_64)
-rw-r--r--www-client/surf/ChangeLog10
-rw-r--r--www-client/surf/files/CVE-2012-0842.patch19
-rw-r--r--www-client/surf/surf-0.4.1-r1.ebuild (renamed from www-client/surf/surf-0.4.1.ebuild)14
3 files changed, 33 insertions, 10 deletions
diff --git a/www-client/surf/ChangeLog b/www-client/surf/ChangeLog
index 4a8a944641fa..997e64599614 100644
--- a/www-client/surf/ChangeLog
+++ b/www-client/surf/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for www-client/surf
-# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/www-client/surf/ChangeLog,v 1.14 2011/08/09 18:51:08 jer Exp $
+# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/www-client/surf/ChangeLog,v 1.15 2012/02/20 12:07:48 jer Exp $
+
+*surf-0.4.1-r1 (20 Feb 2012)
+
+ 20 Feb 2012; Jeroen Roovers <jer@gentoo.org> -surf-0.4.1.ebuild,
+ +surf-0.4.1-r1.ebuild, +files/CVE-2012-0842.patch:
+ Fix insecure file permissions (bug #404983).
09 Aug 2011; Jeroen Roovers <jer@gentoo.org> surf-0.4.1.ebuild:
Add more/better dependencies.
diff --git a/www-client/surf/files/CVE-2012-0842.patch b/www-client/surf/files/CVE-2012-0842.patch
new file mode 100644
index 000000000000..79701cb423d8
--- /dev/null
+++ b/www-client/surf/files/CVE-2012-0842.patch
@@ -0,0 +1,19 @@
+Description: Fix for world readable cookie jar vulnerability
+ This is the patch provided by upstream to fix the world readable
+ cookie jar vulnerability filed as http://bugs.debian.org/659296.
+ Thanks to Peter Hartman from the upstream for quick patch.
+Author: Peter Hartman <peterjohnhartman@gmail.com>
+Last-Update: 2012-02-10
+Bug-Debian: http://bugs.debian.org/659296
+Forwarded: http://lists.suckless.org/dev/1202/10972.html
+--- a/surf.c Wed Feb 01 15:23:39 2012 +0100
++++ b/surf.c Fri Feb 10 11:46:18 2012 -0500
+@@ -127,7 +127,7 @@
+ apath = g_strconcat(g_get_home_dir(), "/", path, NULL);
+ if((p = strrchr(apath, '/'))) {
+ *p = '\0';
+- g_mkdir_with_parents(apath, 0755);
++ g_mkdir_with_parents(apath, 0700);
+ *p = '/';
+ }
+ /* creating file (gives error when apath ends with "/") */
diff --git a/www-client/surf/surf-0.4.1.ebuild b/www-client/surf/surf-0.4.1-r1.ebuild
index fc37c4505f92..ff36b2e207ba 100644
--- a/www-client/surf/surf-0.4.1.ebuild
+++ b/www-client/surf/surf-0.4.1-r1.ebuild
@@ -1,8 +1,8 @@
-# Copyright 1999-2011 Gentoo Foundation
+# Copyright 1999-2012 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/www-client/surf/surf-0.4.1.ebuild,v 1.7 2011/08/09 18:51:08 jer Exp $
+# $Header: /var/cvsroot/gentoo-x86/www-client/surf/surf-0.4.1-r1.ebuild,v 1.1 2012/02/20 12:07:48 jer Exp $
-EAPI="2"
+EAPI=4
inherit eutils savedconfig toolchain-funcs
@@ -39,6 +39,7 @@ pkg_setup() {
}
src_prepare() {
+ epatch "${FILESDIR}"/CVE-2012-0842.patch
sed -i \
-e 's|{|(|g;s|}|)|g' \
-e 's|\t@|\t|g;s|echo|@&|g' \
@@ -48,13 +49,10 @@ src_prepare() {
-e 's|^CFLAGS.*|CFLAGS += -std=c99 -pedantic -Wall $(INCS) $(CPPFLAGS)|g' \
config.mk Makefile || die "sed failed"
restore_config config.h
-}
-
-src_compile() {
- emake CC=$(tc-getCC) || die "emake compile failed"
+ tc-export CC
}
src_install() {
- emake DESTDIR="${D}" PREFIX="/usr" install || die "emake install failed"
+ emake DESTDIR="${D}" PREFIX="/usr" install
save_config config.h
}