gronod/lfs
1
0
Fork 0
mirror of https://git.linuxfromscratch.org/lfs.git synced 2025-03-05 22:04:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add patch for tar re CVE-2006-0300, to fix ticket #1767.

Browse Source 
git-svn-id: http://svn.linuxfromscratch.org/LFS/trunk/BOOK@7520 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689
This commit is contained in:
Ken Moffat 2006-04-14 19:23:22 +00:00
parent 58315ceb90
commit 3477776378
4 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
chapter01/changelog.xml
View File

@ -39,6 +39,9 @@
<listitem>
<para>April 14, 2006</para>
<itemizedlist>
<listitem>
<para>[ken] - Add security patch for tar to address CVE-2006-0300.</para>
</listitem>
<listitem>
<para>[archaic] - Upgraded to man-pages-2.29 and linux-2.6.16.5. No
command changes.</para>

7
chapter03/patches.xml
View File

@ -200,6 +200,13 @@
</listitem>
</varlistentry>
<varlistentry>
<term>Tar Security Fixes Patch - 4 KB:</term>
<listitem>
<para><ulink url="&patches-root;&tar-security_fixes-patch;"/></para>
</listitem>
</varlistentry>
<varlistentry>
<term>Texinfo Multibyte Fixes Patch - 1 KB:</term>
<listitem>

5
chapter06/tar.xml
View File

@ -54,6 +54,11 @@
<screen><userinput>patch -Np1 -i ../&tar-sparse_fix-patch;</userinput></screen>
<para>Recent versions of tar are vulnerable to a buffer overflow from
specially crafted archives. The following patch addresses this:</para>
<screen><userinput>patch -Np1 -i ../&tar-security_fixes-patch;</userinput></screen>
<para>Prepare Tar for compilation:</para>
<screen><userinput>./configure --prefix=/usr --bindir=/bin --libexecdir=/usr/sbin</userinput></screen>

1
patches.ent
View File

@ -46,6 +46,7 @@
<!ENTITY tar-gcc4_fix-patch "tar-&tar-version;-gcc4_fix_tests-1.patch">
<!ENTITY tar-sparse_fix-patch "tar-&tar-version;-sparse_fix-1.patch">
<!ENTITY tar-security_fixes-patch "tar-&tar-version;-security_fixes-1.patch">
<!ENTITY texinfo-multibyte-patch "texinfo-&texinfo-version;-multibyte-1.patch">
<!ENTITY texinfo-tempfile_fix-patch "texinfo-&texinfo-version;-tempfile_fix-2.patch">