summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJohannes Ranke <jranke@uni-bremen.de>2017-03-21 10:37:33 +0100
committerJohannes Ranke <jranke@uni-bremen.de>2017-03-21 10:37:33 +0100
commite00c1aed1dbf6343f2914180f898943797586e8c (patch)
tree8a209162e83f77fd797595643f1c9719248c2d5e
parentd49073642498e6140d093de48623efae51be5bf7 (diff)
Changes for security fix of R 3.2.5 in wheezy-cran3
-rwxr-xr-xbackport6
-rw-r--r--wheezy/TALOS-2016-0227.patch35
-rw-r--r--wheezy/_reverts_r-base.sh2
3 files changed, 40 insertions, 3 deletions
diff --git a/backport b/backport
index ed47e2f..1e067bd 100755
--- a/backport
+++ b/backport
@@ -8,7 +8,7 @@ export ARCH
# R version against which the software is compiled
Rversion=3.3.3
reposversion="cran3"
-iteration=0
+iteration=1
# Where the buildresults should be stored and where to look for current backports
rcrandir=/home/jranke/svn/website/www/ranke/r-cran
@@ -24,7 +24,7 @@ rcrandir=/home/jranke/svn/website/www/ranke/r-cran
usage()
{
-echo "Usage: ./backport [options] sourcepackage stretch|jessie"
+echo "Usage: ./backport [options] sourcepackage stretch|jessie|wheezy"
echo "Options:"
echo " -k, --keep Keep copied source package and directory used for package building"
echo " -s, --skip Skip apt-get update/upgrade and pbuilder update"
@@ -60,7 +60,7 @@ pkg=$1
DIST=$2
# Validate distribution argument
-if [ $DIST != "stretch" ] && [ $DIST != "jessie" ]; then usage; exit 1; fi
+if [ $DIST != "stretch" ] && [ $DIST != "jessie" ] && [ $DIST != "wheezy" ]; then usage; exit 1; fi
export DIST
# Set required r-base-dev version for packages build-depending on R
diff --git a/wheezy/TALOS-2016-0227.patch b/wheezy/TALOS-2016-0227.patch
new file mode 100644
index 0000000..f7bc97e
--- /dev/null
+++ b/wheezy/TALOS-2016-0227.patch
@@ -0,0 +1,35 @@
+Index: src/library/grDevices/src/devPS.c
+===================================================================
+--- src/library/grDevices/src/devPS.c (Revision 71663)
++++ src/library/grDevices/src/devPS.c (Revision 71664)
+@@ -513,13 +513,15 @@
+ if (!(fp = R_fopen(R_ExpandFileName(buf), "r"))) return 0;
+ }
+ if (GetNextItem(fp, buf, -1, &state)) return 0; /* encoding name */
+- strcpy(encname, buf+1);
++ strncpy(encname, buf+1, 99);
++ encname[99] = '\0';
+ if (!isPDF) snprintf(enccode, 5000, "/%s [\n", encname);
+ else enccode[0] = '\0';
+ if (GetNextItem(fp, buf, 0, &state)) { fclose(fp); return 0;} /* [ */
+ for(i = 0; i < 256; i++) {
+ if (GetNextItem(fp, buf, i, &state)) { fclose(fp); return 0; }
+- strcpy(encnames[i].cname, buf+1);
++ strncpy(encnames[i].cname, buf+1, 39);
++ encnames[i].cname[39] = '\0';
+ strcat(enccode, " /"); strcat(enccode, encnames[i].cname);
+ if(i%8 == 7) strcat(enccode, "\n");
+ }
+Index: src/library/grDevices/src/devPS.c
+===================================================================
+--- src/library/grDevices/src/devPS.c (Revision 71666)
++++ src/library/grDevices/src/devPS.c (Revision 71667)
+@@ -521,7 +521,7 @@
+ for(i = 0; i < 256; i++) {
+ if (GetNextItem(fp, buf, i, &state)) { fclose(fp); return 0; }
+ strncpy(encnames[i].cname, buf+1, 39);
+- encnames[i].cname[39] = '\0';
++ encnames[i].cname[39] = '\0';
+ strcat(enccode, " /"); strcat(enccode, encnames[i].cname);
+ if(i%8 == 7) strcat(enccode, "\n");
+ }
diff --git a/wheezy/_reverts_r-base.sh b/wheezy/_reverts_r-base.sh
new file mode 100644
index 0000000..df47c30
--- /dev/null
+++ b/wheezy/_reverts_r-base.sh
@@ -0,0 +1,2 @@
+patch -p0 < ../TALOS-2016-0227.patch
+dch -a "debian/control: Apply upstream commits r71664 and r71667 related to CVE-2016-8714 reported as TALOS-2016-0227"

Contact - Imprint