diff options
Diffstat (limited to 'system/p7zip/p7zip.SlackBuild')
-rw-r--r-- | system/p7zip/p7zip.SlackBuild | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/system/p7zip/p7zip.SlackBuild b/system/p7zip/p7zip.SlackBuild index d2753aa927..e9eb5b372c 100644 --- a/system/p7zip/p7zip.SlackBuild +++ b/system/p7zip/p7zip.SlackBuild @@ -23,8 +23,8 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. PRGNAM=p7zip -VERSION=9.20.1 -BUILD=${BUILD:-1} +VERSION=${VERSION:-9.20.1} +BUILD=${BUILD:-2} TAG=${TAG:-_SBo} if [ -z "$ARCH" ]; then @@ -70,7 +70,22 @@ find -L . \ \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \ -o -perm 511 \) -exec chmod 755 {} \; -o \ \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \ - -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \; + -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \; + +# patch to fix security issues : +# +# CVE-2015-1038: +# p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive. +# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1038 +# https://sourceforge.net/p/p7zip/bugs/147/#2f9c +# +# CVE-2016-2335: +# 7zip UDF CInArchive::ReadFileItem Code Execution Vulnerability +# http://www.talosintel.com/reports/TALOS-2016-0094/ +# https://sourceforge.net/p/p7zip/discussion/383043/thread/9d0fb86b/#1dba +# +patch -Np1 < $CWD/CVE-2015-1038.patch +patch -Np1 < $CWD/CVE-2016-2335.patch make all3 \ OPTFLAGS="$SLKCFLAGS" \ |