tar: remove outdated CVE patch.
Patch was added d95a0b0706
, apparently
based on the one discussed in [1], but using ERROR instead of
FATAL_ERROR. However, per [2], this was fixed in another way, though
upstream seems to not consider it worthy of a CVE.
[1] https://lists.gnu.org/archive/html/bug-tar/2016-10/msg00014.html
[2] https://lists.gnu.org/archive/html/bug-tar/2016-10/msg00016.html
This commit is contained in:
parent
5054d6ae18
commit
8d52b01f92
2 changed files with 1 additions and 28 deletions
srcpkgs/tar
|
@ -1,27 +0,0 @@
|
||||||
--- lib/paxnames.c.orig 2016-04-06 00:04:47.314860045 +0300
|
|
||||||
+++ lib/paxnames.c 2016-04-06 02:08:44.962297881 +0300
|
|
||||||
@@ -18,6 +18,7 @@
|
|
||||||
#include <system.h>
|
|
||||||
#include <hash.h>
|
|
||||||
#include <paxlib.h>
|
|
||||||
+#include <quotearg.h>
|
|
||||||
|
|
||||||
|
|
||||||
/* Hash tables of strings. */
|
|
||||||
@@ -114,7 +115,15 @@
|
|
||||||
for (p = file_name + prefix_len; *p; )
|
|
||||||
{
|
|
||||||
if (p[0] == '.' && p[1] == '.' && (ISSLASH (p[2]) || !p[2]))
|
|
||||||
- prefix_len = p + 2 - file_name;
|
|
||||||
+ {
|
|
||||||
+ static char const *const diagnostic[] =
|
|
||||||
+ {
|
|
||||||
+ N_("%s: Member name contains '..'"),
|
|
||||||
+ N_("%s: Hard link target contains '..'")
|
|
||||||
+ };
|
|
||||||
+ ERROR ((0, 0, _(diagnostic[link_target]),
|
|
||||||
+ quotearg_colon (file_name)));
|
|
||||||
+ }
|
|
||||||
|
|
||||||
do
|
|
||||||
{
|
|
|
@ -1,7 +1,7 @@
|
||||||
# Template file for 'tar'
|
# Template file for 'tar'
|
||||||
pkgname=tar
|
pkgname=tar
|
||||||
version=1.34
|
version=1.34
|
||||||
revision=1
|
revision=2
|
||||||
build_style=gnu-configure
|
build_style=gnu-configure
|
||||||
configure_args="gl_cv_struct_dirent_d_ino=yes"
|
configure_args="gl_cv_struct_dirent_d_ino=yes"
|
||||||
makedepends="acl-devel"
|
makedepends="acl-devel"
|
||||||
|
|
Loading…
Add table
Reference in a new issue