From 50125deceb3d25c05af8acc74aebd0e990845386 Mon Sep 17 00:00:00 2001
From: Ken Moffat <ken@linuxfromscratch.org>
Date: Thu, 18 Aug 2005 15:35:07 +0000
Subject: [PATCH] Added bzgrep security patch

git-svn-id: http://svn.linuxfromscratch.org/LFS/trunk/BOOK@6700 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689
---
 chapter01/changelog.xml | 4 ++++
 chapter03/patches.xml   | 9 ++++++++-
 chapter06/bzip2.xml     | 5 +++++
 general.ent             | 4 ++--
 patches.ent             | 1 +
 5 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/chapter01/changelog.xml b/chapter01/changelog.xml
index 81e033eb3..43af25426 100644
--- a/chapter01/changelog.xml
+++ b/chapter01/changelog.xml
@@ -87,6 +87,7 @@ First a summary, then a detailed log.</para>
 
 <listitem><para>Added:</para>
 <itemizedlist>
+<listitem><para>&bzip2-bzgrep-patch;</para></listitem>
 <listitem><para>&bzip2-docs-patch;</para></listitem>
 <listitem><para>&gcc-linkonce-patch;</para></listitem>
 <listitem><para>&gcc-no_fixincludes-patch;</para></listitem>
@@ -113,6 +114,9 @@ First a summary, then a detailed log.</para>
 </itemizedlist>
 </listitem>
 
+<listitem><para>August 18th, 2005 [ken]: Add a patch to sanitise bzgrep's
+handling of filenames.</para></listitem>
+
 <listitem><para>August 16th, 2005 [matt]: Install sed's man page to
 /usr/share/doc/sed-4.1.4 instead of /usr/share/doc (fixes bug 1600).</para>
 </listitem>
diff --git a/chapter03/patches.xml b/chapter03/patches.xml
index 579741012..a12cedfe6 100644
--- a/chapter03/patches.xml
+++ b/chapter03/patches.xml
@@ -37,8 +37,15 @@ needed to build an LFS system:</para>
 <para><ulink url="&patches-root;&bzip2-docs-patch;"/></para>
 </listitem>
 </varlistentry>
-<varlistentry>
 
+<varlistentry>
+<term>Bzip2 Bzgrep Security Fixes Patch - 1 KB:</term>
+<listitem>
+<para><ulink url="&patches-root;&bzip2-bzgrep-patch;"/></para>
+</listitem>
+</varlistentry>
+
+<varlistentry>
 <term>Coreutils Suppress Uptime, Kill, Su Patch - 15 KB:</term>
 <listitem>
 <para><ulink url="&patches-root;&coreutils-suppress-patch;"/></para>
diff --git a/chapter06/bzip2.xml b/chapter06/bzip2.xml
index 641fb5a25..6b401650f 100644
--- a/chapter06/bzip2.xml
+++ b/chapter06/bzip2.xml
@@ -36,6 +36,11 @@ GCC, Glibc, and Make</seg></seglistitem>
 
 <screen><userinput>patch -Np1 -i ../&bzip2-docs-patch;</userinput></screen>
 
+<para><command>Bzgrep</command> fails to sufficiently sanitise filenames passed
+to it. Apply the following to address this:</para>
+
+<screen><userinput>patch -Np1 -i ../&bzip2-bzgrep-patch;</userinput></screen>
+
 <para>Prepare Bzip2 for compilation with:</para>
 
 <screen><userinput>make -f Makefile-libbz2_so
diff --git a/general.ent b/general.ent
index c9c8ca3de..d5081267e 100644
--- a/general.ent
+++ b/general.ent
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<!ENTITY version "SVN-20050816">
-<!ENTITY releasedate "August 16, 2005">
+<!ENTITY version "SVN-20050818">
+<!ENTITY releasedate "August 18, 2005">
 <!ENTITY milestone "6.2">
 <!ENTITY generic-version "development"> <!-- Use "development", "testing", or "x.y[-pre{x}]" -->
 
diff --git a/patches.ent b/patches.ent
index 1bdda5328..4f344f3e1 100644
--- a/patches.ent
+++ b/patches.ent
@@ -5,6 +5,7 @@
 <!ENTITY bash-avoid_WCONTINUED-patch "bash-&bash-version;-avoid_WCONTINUED-1.patch">
 
 <!ENTITY bzip2-docs-patch "bzip2-&bzip2-version;-install_docs-1.patch">
+<!ENTITY bzip2-bzgrep-patch "bzip2-&bzip2-version;-bzgrep_security-1.patch">
 
 <!ENTITY coreutils-suppress-patch "coreutils-&coreutils-version;-suppress_uptime_kill_su-1.patch">
 <!ENTITY coreutils-uname-patch "coreutils-&coreutils-version;-uname-2.patch">