diff options
Diffstat (limited to 'source/xap/rdesktop')
| -rw-r--r-- | source/xap/rdesktop/rdesktop.CVE-2011-1595.diff | 22 | ||||
| -rwxr-xr-x | source/xap/rdesktop/rdesktop.SlackBuild | 11 |
2 files changed, 5 insertions, 28 deletions
diff --git a/source/xap/rdesktop/rdesktop.CVE-2011-1595.diff b/source/xap/rdesktop/rdesktop.CVE-2011-1595.diff deleted file mode 100644 index 0db8c3bc2..000000000 --- a/source/xap/rdesktop/rdesktop.CVE-2011-1595.diff +++ /dev/null @@ -1,22 +0,0 @@ ---- ./disk.c.orig 2008-02-15 18:13:25.000000000 -0600 -+++ ./disk.c 2011-04-20 20:27:55.978000772 -0500 -@@ -356,6 +356,19 @@ - filename[strlen(filename) - 1] = 0; - sprintf(path, "%s%s", g_rdpdr_device[device_id].local_path, filename); - -+ /* Protect against mailicous servers: -+ somelongpath/.. not allowed -+ somelongpath/../b not allowed -+ somelongpath/..b in principle ok, but currently not allowed -+ somelongpath/b.. ok -+ somelongpath/b..b ok -+ somelongpath/b../c ok -+ */ -+ if (strstr(path, "/..")) -+ { -+ return RD_STATUS_ACCESS_DENIED; -+ } -+ - switch (create_disposition) - { - case CREATE_ALWAYS: diff --git a/source/xap/rdesktop/rdesktop.SlackBuild b/source/xap/rdesktop/rdesktop.SlackBuild index 5e1ae2e2e..ba6c67728 100755 --- a/source/xap/rdesktop/rdesktop.SlackBuild +++ b/source/xap/rdesktop/rdesktop.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2006, 2008, 2009, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2006, 2008, 2009, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,8 +22,8 @@ PKGNAM=rdesktop -VERSION=${VERSION:-1.6.0} -BUILD=${BUILD:-2} +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-3} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -56,11 +56,9 @@ mkdir -p $TMP $PKG cd $TMP rm -rf ${PKGNAM}-${VERSION} -tar xvf $CWD/${PKGNAM}-$VERSION.tar.bz2 || exit 1 +tar xvf $CWD/${PKGNAM}-$VERSION.tar.?z* || exit 1 cd ${PKGNAM}-$VERSION || exit 1 -zcat $CWD/rdesktop.CVE-2011-1595.diff.gz | patch -p1 --verbose || exit 1 - # Make sure ownerships and permissions are sane: chown -R root:root . find . \ @@ -76,6 +74,7 @@ CFLAGS="$SLKCFLAGS" \ --libdir=/usr/lib${LIBDIRSUFFIX} \ --with-sound=alsa \ --enable-smartcard \ + --with-ipv6 \ --mandir=/usr/man \ --build=$ARCH-slackware-linux |