diff options
Diffstat (limited to 'dev-perl/Convert-ASN1')
-rw-r--r-- | dev-perl/Convert-ASN1/Convert-ASN1-0.270.0-r1.ebuild | 27 | ||||
-rw-r--r-- | dev-perl/Convert-ASN1/Manifest | 2 | ||||
-rw-r--r-- | dev-perl/Convert-ASN1/files/Convert-ASN1-0.270.0-CVE-2013-7488.patch | 45 |
3 files changed, 74 insertions, 0 deletions
diff --git a/dev-perl/Convert-ASN1/Convert-ASN1-0.270.0-r1.ebuild b/dev-perl/Convert-ASN1/Convert-ASN1-0.270.0-r1.ebuild new file mode 100644 index 000000000000..99a786a4ec70 --- /dev/null +++ b/dev-perl/Convert-ASN1/Convert-ASN1-0.270.0-r1.ebuild @@ -0,0 +1,27 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +DIST_AUTHOR=GBARR +DIST_VERSION=0.27 +inherit perl-module + +DESCRIPTION="Standard en/decode of ASN.1 structures" + +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x86-macos ~sparc-solaris ~x86-solaris" +IUSE="test" +RESTRICT="!test? ( test )" + +BDEPEND=" + >=virtual/perl-ExtUtils-MakeMaker-6.300.0 + test? ( + >=virtual/perl-Math-BigInt-1.997.0 + >=virtual/perl-Test-Simple-0.900.0 + ) +" +PATCHES=( + "${FILESDIR}/${P}-perl-526.patch" + "${FILESDIR}/${PN}-0.270.0-CVE-2013-7488.patch" +) diff --git a/dev-perl/Convert-ASN1/Manifest b/dev-perl/Convert-ASN1/Manifest index 576e1e82f29a..27247aa469be 100644 --- a/dev-perl/Convert-ASN1/Manifest +++ b/dev-perl/Convert-ASN1/Manifest @@ -1,4 +1,6 @@ +AUX Convert-ASN1-0.270.0-CVE-2013-7488.patch 1362 BLAKE2B 670b391c12cfa89051440fae8e796248b1f70695b95f47ad0bf420034b8b669a757b380be94ec530e6e692440170fd1b804e3c75b38d82bd5bccc41ea6083ff2 SHA512 6b4da9b77f9b7f7b0cb096858848568ca0ca2e52e359b53bb860965051356e310cfd5b916bcc16e0ac0562f4383aa2b9dbace394ca6e690b5aa39f44c850b5ef AUX Convert-ASN1-0.270.0-perl-526.patch 6189 BLAKE2B 93614ec863a4a90e195fb7e99e4e4a6b729fa1d154a85d9d9f72232ff9cdca50868d5ba320653853ae6da5d612533d57cb9470c56ad2e01e979613cf628509bb SHA512 a6805154a0b7da8af86c101521b74d88562e34f95890ab62221bd7d0d03a41a1dcc82b26eb79383d84274abbb9ed4c683f627e75434062b7cf0984b340f5192c DIST Convert-ASN1-0.27.tar.gz 74081 BLAKE2B 14929ec5f25ac85465204fb8f584384c5c65e73cb3ee5bfd9510a9bb2580e7c1a86f485af99ab7cd83813914ae6e277020720d26af8d2bda54acdd06fff7e984 SHA512 253bc0c1b2919841497a95bcbd05825217a3013c7f789fd9f3d389808fb015daca91f5c149797574bf32d38e94efb7f1d8df62e9e4c13928ec3b978cc9fd6fe8 +EBUILD Convert-ASN1-0.270.0-r1.ebuild 675 BLAKE2B 0611093a48c2e35bc4e989b7bde0062ea851868e10c82c7adfeeda25e47288717b14db7559ef8aa79669f5eec2e4ad56b031f15f3478e432c901908afc5d8f04 SHA512 784cca97c52362af554e641540104c9fb4aa3b06b5e2c7458cb986fb9ff59e40f2ca50d732f7e1ae55e307deff2ff6cf440ae4fae706767bd2c8913c5754c833 EBUILD Convert-ASN1-0.270.0.ebuild 654 BLAKE2B 91f2a2ee6944fd0a713bc60d0f46dadb51888fb0ffa3d5e259a800df0daf1844578771d4f04b1bb29462b9562f45fa3ffa465273d4b17e96a5dbb0c7b4869398 SHA512 0b84c807e0e3306a8e87b8803362b9eb466cb4997505766c8b7b99c8b65ad7fcb9c7420d950ea738d01ffda5451326c3d6bafc5d5c4dc99187b965a725479ae3 MISC metadata.xml 396 BLAKE2B 835109f7d055b2dad36326d3f8cff1c08596d68b70a2688a7800c5c7baaea3e3282d491e1b2a321aa2ea1d510a4f9cc69448ca3193317d08abff39717ca3c25d SHA512 8e9334d912a55b1da2071790da0a113a4f841babee48bcecbee7943c5a242548d7d4ae9cfbc8840bf29712444ea28090e784713929a0437c9086648c774357bf diff --git a/dev-perl/Convert-ASN1/files/Convert-ASN1-0.270.0-CVE-2013-7488.patch b/dev-perl/Convert-ASN1/files/Convert-ASN1-0.270.0-CVE-2013-7488.patch new file mode 100644 index 000000000000..1922eceaa300 --- /dev/null +++ b/dev-perl/Convert-ASN1/files/Convert-ASN1-0.270.0-CVE-2013-7488.patch @@ -0,0 +1,45 @@ +From ce148a2e0872b708450005cf0b3a944014aae990 Mon Sep 17 00:00:00 2001 +From: Dana Jacobsen <dana@acm.org> +Date: Tue, 29 Oct 2013 08:37:48 -0700 +Subject: [PATCH 1/2] Fix unsafe decoding in indef case + +Bug: https://github.com/gbarr/perl-Convert-ASN1/pull/15 +--- + lib/Convert/ASN1/_decode.pm | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/lib/Convert/ASN1/_decode.pm b/lib/Convert/ASN1/_decode.pm +index e811e8d..eb2b584 100644 +--- a/lib/Convert/ASN1/_decode.pm ++++ b/lib/Convert/ASN1/_decode.pm +@@ -685,6 +685,7 @@ sub _scan_indef { + if((ord($tag) & 0x1f) == 0x1f) { + my $b; + do { ++ return if $pos >= $end; + $tag .= substr($_[0],$pos++,1); + $b = ord substr($tag,-1); + } while($b & 0x80); + +From 8125d99e15596fee1b5f904ed74a76bccf54082d Mon Sep 17 00:00:00 2001 +From: Dana Jacobsen <dana@acm.org> +Date: Tue, 29 Oct 2013 08:53:09 -0700 +Subject: [PATCH 2/2] Add second part of position check + +Bug: https://github.com/gbarr/perl-Convert-ASN1/pull/15 +--- + lib/Convert/ASN1/_decode.pm | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/lib/Convert/ASN1/_decode.pm b/lib/Convert/ASN1/_decode.pm +index eb2b584..67b95aa 100644 +--- a/lib/Convert/ASN1/_decode.pm ++++ b/lib/Convert/ASN1/_decode.pm +@@ -679,6 +679,7 @@ sub _scan_indef { + $pos += 2; + next; + } ++ return if $pos >= $end; + + my $tag = substr($_[0], $pos++, 1); + |