summaryrefslogtreecommitdiff
path: root/system/p7zip/p7zip.SlackBuild
diff options
context:
space:
mode:
Diffstat (limited to 'system/p7zip/p7zip.SlackBuild')
-rw-r--r--system/p7zip/p7zip.SlackBuild21
1 files changed, 18 insertions, 3 deletions
diff --git a/system/p7zip/p7zip.SlackBuild b/system/p7zip/p7zip.SlackBuild
index d2753aa927..e9eb5b372c 100644
--- a/system/p7zip/p7zip.SlackBuild
+++ b/system/p7zip/p7zip.SlackBuild
@@ -23,8 +23,8 @@
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
PRGNAM=p7zip
-VERSION=9.20.1
-BUILD=${BUILD:-1}
+VERSION=${VERSION:-9.20.1}
+BUILD=${BUILD:-2}
TAG=${TAG:-_SBo}
if [ -z "$ARCH" ]; then
@@ -70,7 +70,22 @@ find -L . \
\( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \
-o -perm 511 \) -exec chmod 755 {} \; -o \
\( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
- -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
+ -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
+
+# patch to fix security issues :
+#
+# CVE-2015-1038:
+# p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive.
+# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1038
+# https://sourceforge.net/p/p7zip/bugs/147/#2f9c
+#
+# CVE-2016-2335:
+# 7zip UDF CInArchive::ReadFileItem Code Execution Vulnerability
+# http://www.talosintel.com/reports/TALOS-2016-0094/
+# https://sourceforge.net/p/p7zip/discussion/383043/thread/9d0fb86b/#1dba
+#
+patch -Np1 < $CWD/CVE-2015-1038.patch
+patch -Np1 < $CWD/CVE-2016-2335.patch
make all3 \
OPTFLAGS="$SLKCFLAGS" \