[oe-commits] [openembedded-core] 51/53: perl: CVE-2018-12015
git at git.openembedded.org
git at git.openembedded.org
Wed Aug 29 14:25:11 UTC 2018
This is an automated email from the git hooks/post-receive script.
rpurdie pushed a commit to branch sumo
in repository openembedded-core.
commit ca005cd857f8e79b135c43526d5b792478a07eb3
Author: Jagadeesh Krishnanjanappa <jkrishnanjanappa at mvista.com>
AuthorDate: Wed Aug 22 17:11:52 2018 +0530
perl: CVE-2018-12015
Remove existing files before overwriting them
Archive should extract only the latest same-named entry.
Extracted regular file should not be writtent into existing block
device (or any other one).
https://rt.cpan.org/Ticket/Display.html?id=125523
Affects perl <= 5.26.2
Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
---
.../perl/perl/CVE-2018-12015.patch | 48 ++++++++++++++++++++++
meta/recipes-devtools/perl/perl_5.24.1.bb | 1 +
2 files changed, 49 insertions(+)
diff --git a/meta/recipes-devtools/perl/perl/CVE-2018-12015.patch b/meta/recipes-devtools/perl/perl/CVE-2018-12015.patch
new file mode 100644
index 0000000..a33deaf
--- /dev/null
+++ b/meta/recipes-devtools/perl/perl/CVE-2018-12015.patch
@@ -0,0 +1,48 @@
+From ae65651eab053fc6dc4590dbb863a268215c1fc5 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar at redhat.com>
+Date: Fri, 8 Jun 2018 11:45:40 +0100
+Subject: [PATCH] [PATCH] Remove existing files before overwriting them
+
+Archive should extract only the latest same-named entry.
+Extracted regular file should not be writtent into existing block
+device (or any other one).
+
+https://rt.cpan.org/Ticket/Display.html?id=125523
+
+CVE: CVE-2018-12015
+Upstream-Status: Backport [https://github.com/jib/archive-tar-new/commit/ae65651eab053fc6dc4590dbb863a268215c1fc5]
+
+Signed-off-by: Chris 'BinGOs' Williams <chris at bingosnet.co.uk>
+Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa at mvista.com>
+---
+ lib/Archive/Tar.pm | 14 ++++++++++++++
+ 1 file changed, 14 insertions(+)
+
+diff --git a/cpan/Archive-Tar/lib/Archive/Tar.pm b/cpan/Archive-Tar/lib/Archive/Tar.pm
+index 6244369..a83975f 100644
+--- a/cpan/Archive-Tar/lib/Archive/Tar.pm
++++ b/cpan/Archive-Tar/lib/Archive/Tar.pm
+@@ -845,6 +845,20 @@ sub _extract_file {
+ return;
+ }
+
++ ### If a file system already contains a block device with the same name as
++ ### the being extracted regular file, we would write the file's content
++ ### to the block device. So remove the existing file (block device) now.
++ ### If an archive contains multiple same-named entries, the last one
++ ### should replace the previous ones. So remove the old file now.
++ ### If the old entry is a symlink to a file outside of the CWD, the new
++ ### entry would create a file there. This is CVE-2018-12015
++ ### <https://rt.cpan.org/Ticket/Display.html?id=125523>.
++ if (-l $full || -e _) {
++ if (!unlink $full) {
++ $self->_error( qq[Could not remove old file '$full': $!] );
++ return;
++ }
++ }
+ if( length $entry->type && $entry->is_file ) {
+ my $fh = IO::File->new;
+ $fh->open( '>' . $full ) or (
+--
+2.13.3
+
diff --git a/meta/recipes-devtools/perl/perl_5.24.1.bb b/meta/recipes-devtools/perl/perl_5.24.1.bb
index bb18c6a..5fed896 100644
--- a/meta/recipes-devtools/perl/perl_5.24.1.bb
+++ b/meta/recipes-devtools/perl/perl_5.24.1.bb
@@ -70,6 +70,7 @@ SRC_URI += " \
file://CVE-2018-6798-2.patch \
file://CVE-2018-6797.patch \
file://CVE-2018-6913.patch \
+ file://CVE-2018-12015.patch \
"
# Fix test case issues
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list