From ba74260aeb31600cdee80934088739a8e9869f21 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Tue, 1 Feb 2022 08:27:47 +0000 Subject: Tue Feb 1 08:27:47 UTC 2022 kde/kate-21.12.1-x86_64-2.txz: Rebuilt. Fix missing validation of binaries executed via QProcess. Thanks to Heinz Wiesinger. For more information, see: https://kde.org/info/security/advisory-20220131-1.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23853 (* Security fix *) --- source/a/rpm2tgz/rpm2tgz.SlackBuild | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'source/a') diff --git a/source/a/rpm2tgz/rpm2tgz.SlackBuild b/source/a/rpm2tgz/rpm2tgz.SlackBuild index 00ebb5bc..7aae64cb 100755 --- a/source/a/rpm2tgz/rpm2tgz.SlackBuild +++ b/source/a/rpm2tgz/rpm2tgz.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=rpm2tgz VERSION=1.2.2 -BUILD=${BUILD:-5} +BUILD=${BUILD:-6} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -78,10 +78,12 @@ cat $CWD/rpm2targz > $PKG/usr/bin/rpm2targz zcat $CWD/patches/0007-Add-support-for-.txz-packages-and-rpm2txz-symlink.patch.gz | patch -p1 || exit 1 zcat $CWD/patches/0008-Avoid-none-values-in-slack-desc.patch.gz | patch -p1 || exit 1 zcat $CWD/patches/0009-Add-c-option-just-as-makepkg-c-y.patch.gz | patch -p1 || exit 1 - # Make sure that if someone created an RPM with absolute filenames that we - # don't allow it to write all over the / directory when we're just trying - # to extract it to make the .tgz: - zcat $CWD/patches/0010-no-absolute-filenames-extracting-cpio.patch.gz | patch -p1 || exit 1 + ## NO - cpio is stupid and strips the leading '/' from symlinks to absolute + ## paths with --no-absolute-filenames. :-/ + ## Make sure that if someone created an RPM with absolute filenames that we + ## don't allow it to write all over the / directory when we're just trying + ## to extract it to make the .tgz: + #zcat $CWD/patches/0010-no-absolute-filenames-extracting-cpio.patch.gz | patch -p1 || exit 1 # Allow ignoring rpm2cpio error code. Some RPMs can be extracted, but # throw an error anyway. zcat $CWD/patches/0011-ignore-rpm2cpio-error-code.patch.gz | patch -p1 || exit 1 -- cgit v1.2.3