diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2018-05-25 23:29:36 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2018-05-31 15:10:50 -0700 |
commit | 329684b59b8d55dd403c2c59f76d37210ba2f517 (patch) | |
tree | 10421c6ee3bf179d50915cc00d4c15c1b83cb77a /patches/source/rdesktop | |
parent | b76270bf9e6dd375e495fec92140a79a79415d27 (diff) | |
download | current-329684b59b8d55dd403c2c59f76d37210ba2f517.tar.gz |
Fri May 25 23:29:36 UTC 201813.1
patches/packages/glibc-zoneinfo-2018e-noarch-2_slack13.1.txz: Rebuilt.
Handle removal of US/Pacific-New timezone. If we see that the machine is
using this, it will be automatically switched to US/Pacific.
Diffstat (limited to 'patches/source/rdesktop')
-rw-r--r-- | patches/source/rdesktop/rdesktop.CVE-2011-1595.diff | 22 | ||||
-rwxr-xr-x | patches/source/rdesktop/rdesktop.SlackBuild | 117 | ||||
-rw-r--r-- | patches/source/rdesktop/slack-desc | 19 |
3 files changed, 158 insertions, 0 deletions
diff --git a/patches/source/rdesktop/rdesktop.CVE-2011-1595.diff b/patches/source/rdesktop/rdesktop.CVE-2011-1595.diff new file mode 100644 index 00000000..0db8c3bc --- /dev/null +++ b/patches/source/rdesktop/rdesktop.CVE-2011-1595.diff @@ -0,0 +1,22 @@ +--- ./disk.c.orig 2008-02-15 18:13:25.000000000 -0600 ++++ ./disk.c 2011-04-20 20:27:55.978000772 -0500 +@@ -356,6 +356,19 @@ + filename[strlen(filename) - 1] = 0; + sprintf(path, "%s%s", g_rdpdr_device[device_id].local_path, filename); + ++ /* Protect against mailicous servers: ++ somelongpath/.. not allowed ++ somelongpath/../b not allowed ++ somelongpath/..b in principle ok, but currently not allowed ++ somelongpath/b.. ok ++ somelongpath/b..b ok ++ somelongpath/b../c ok ++ */ ++ if (strstr(path, "/..")) ++ { ++ return RD_STATUS_ACCESS_DENIED; ++ } ++ + switch (create_disposition) + { + case CREATE_ALWAYS: diff --git a/patches/source/rdesktop/rdesktop.SlackBuild b/patches/source/rdesktop/rdesktop.SlackBuild new file mode 100755 index 00000000..153bb819 --- /dev/null +++ b/patches/source/rdesktop/rdesktop.SlackBuild @@ -0,0 +1,117 @@ +#!/bin/sh + +# Copyright 2006, 2008, 2009, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=rdesktop +VERSION=${VERSION:-1.6.0} +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-${PKGNAM} +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf ${PKGNAM}-${VERSION} +tar xvf $CWD/${PKGNAM}-$VERSION.tar.bz2 || exit 1 +cd ${PKGNAM}-$VERSION || exit 1 + +zcat $CWD/rdesktop.CVE-2011-1595.diff.gz | patch -p1 --verbose || exit 1 + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Configure: +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-sound=alsa \ + --enable-smartcard \ + --mandir=/usr/man \ + --build=$ARCH-slackware-linux + +# Build and install: +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a \ + COPYING README \ + doc \ + $PKG/usr/doc/${PKGNAM}-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/rdesktop/slack-desc b/patches/source/rdesktop/slack-desc new file mode 100644 index 00000000..283da1cd --- /dev/null +++ b/patches/source/rdesktop/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +rdesktop: rdesktop (Remote Desktop Protocol client) +rdesktop: +rdesktop: rdesktop is a client for Remote Desktop Protocol (RDP), used in a +rdesktop: number of Microsoft products including Windows NT Terminal Server, +rdesktop: Windows 2000 Server, Windows XP, and Windows 2003 Server. +rdesktop: +rdesktop: For more information, see: http://www.rdesktop.org +rdesktop: +rdesktop: +rdesktop: +rdesktop: |