--- a/usr/src/cmd/gzip/METADATA Tue Feb 19 16:34:31 2013 +0000
+++ b/usr/src/cmd/gzip/METADATA Sun Mar 03 21:42:14 2013 +0000
@@ -1,10 +1,10 @@
NAME: gzip
-VERSION: 1.3.5
+VERSION: 1.5
DESCRIPTION: GNU compression utility
-LICENSE: GPLv2
+LICENSE: GPLv3
PACKAGE: SUNWgzip
PROJECT_URL: http://directory.fsf.org/GNU/gzip.html
-SOURCE_DOWNLOAD: ftp://ftp.gnu.org/gnu/gzip/gzip-1.3.5.tar.gz
+SOURCE_DOWNLOAD: ftp://ftp.gnu.org/gnu/gzip/gzip-1.5.tar.gz
SUPPORT: B
BUGTRAQ: solaris/utility/gzip
OSR: 5227
--- a/usr/src/cmd/gzip/Makefile.sfw Tue Feb 19 16:34:31 2013 +0000
+++ b/usr/src/cmd/gzip/Makefile.sfw Sun Mar 03 21:42:14 2013 +0000
@@ -24,7 +24,7 @@
#
#ident "@(#)Makefile.sfw 1.11 08/02/09 SMI"
-VER=gzip-1.3.5
+VER=gzip-1.5
include ../Makefile.cmd
@@ -56,11 +56,7 @@
$(VER)/configure: $(VER).tar.gz
gzip -dc $(VER).tar.gz | tar xopf -
- (cd $(VER) \
- ; gpatch -p3 --no-backup-if-mismatch < ../gzip-security-diff \
- ; gpatch -p1 --no-backup-if-mismatch < ../gzip-6294656-6283819-diff \
- ; gpatch -p1 --no-backup-if-mismatch < ../gzip.c-message-diff )
- (cd $(VER) ; autoconf -f )
+ touch $(@)
clean:
-rm -rf $(VER)
--- a/usr/src/cmd/gzip/README.patch Tue Feb 19 16:34:31 2013 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,52 +0,0 @@
------------------ 6 Oct. 2006 - update ----------------------
-Previous source patch (gzip.1.3.3.patch) was revised to
-gzip-6294656-6283819-diff
-Security issue CVE-2006-4334
-synopsis: gzip multiple issues (CVE-2006-4335, CVE-2006-4336
-, CVE-2006-4337, CVE-2006-4338)
-Is fixed by gzip-security-diff
-"gzip --version" info is updated by gzip.c-message-diff
-------------------- original text ---------------------------
-The version of Gzip contained in this gate, 1.3.3, is the latest
-version released by the official maintainers. Following the release of
-this version, a number of issues were discovered which affected
-Solaris and for which it was deemed important to release a patch.
-However, the Gzip source code is no longer being maintained by the
-community. As a result, the diff file gzip-1.3.3.patch was created
-which contains the differences between our released version and the
-current official release. This is applied using gpatch during the
-build process.
-
-In order to distinguish the Sun patched version from the official
-community version, the version number as reported by the utility at
-runtime has been changed to: 1.3.3-patch.1
-
-If in the future a new official version of Gzip is released, it should
-be determined whether that later version still contains the problems
-fixed by this patch. If it does not, this patch can be removed from
-the gate and the build process when the later version is integrated
-into the gate. If they are still present, this patch will have to be
-modified to be applicable to that later version before it is
-integrated into the gate.
-
-The patch file contains the following changes:
-
-1) configure : The version number used during build time has been
- modifed as described above.
-
-2) gzip.c: [ 6283819 gzip TOCTOU file-permissions vulnerability ]
-
- The code for this fix came from the patch used by the Debian
- community to address the same issue in their distribution, and was
- extracted from the patch downloaded from:
-
-http://security.debian.org/pool/updates/main/g/gzip/gzip_1.3.2-3woody5.diff.gz
-
-3) gzip.c: [ 6294656 gzip vulnerability <=1.3.5: a malicious archive
- may write unintended files when uncompressed with -N ]
-
- The code for this fix came from the patch used by the Debian
- community to address the same issue in their distribution, and was
- extracted from the patch downloaded from:
-
-http://security.debian.org/pool/updates/main/g/gzip/gzip_1.3.2-3woody5.diff.gz
Binary file usr/src/cmd/gzip/gzip-1.3.5.tar.gz has changed
Binary file usr/src/cmd/gzip/gzip-1.5.tar.gz has changed
--- a/usr/src/cmd/gzip/gzip-6294656-6283819-diff Tue Feb 19 16:34:31 2013 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,62 +0,0 @@
---- gzip-1.3.5.orig/gzip.c
-+++ gzip-1.3.5/gzip.c
-@@ -878,8 +878,11 @@
- }
-
- close(ifd);
-- if (!to_stdout && close(ofd)) {
-- write_error();
-+ if (!to_stdout) {
-+ /* Copy modes, times, ownership, and remove the input file */
-+ copy_stat(&istat);
-+ if (close(ofd))
-+ write_error();
- }
- if (method == -1) {
- if (!to_stdout) xunlink (ofname);
-@@ -899,10 +902,6 @@
- }
- fprintf(stderr, "\n");
- }
-- /* Copy modes, times, ownership, and remove the input file */
-- if (!to_stdout) {
-- copy_stat(&istat);
-- }
- }
-
- /* ========================================================================
-@@ -1322,6 +1321,7 @@
- /* Copy the base name. Keep a directory prefix intact. */
- char *p = base_name (ofname);
- char *base = p;
-+ char *base2;
- for (;;) {
- *p = (char)get_char();
- if (*p++ == '\0') break;
-@@ -1329,6 +1329,8 @@
- error("corrupted input -- file name too large");
- }
- }
-+ base2 = base_name (base);
-+ strcpy(base, base2);
- /* If necessary, adapt the name to local OS conventions: */
- if (!list) {
- MAKE_LEGAL_NAME(base);
-@@ -1730,7 +1732,7 @@
- reset_times(ofname, ifstat);
- #endif
- /* Copy the protection modes */
-- if (chmod(ofname, ifstat->st_mode & 07777)) {
-+ if (fchmod(ofd, ifstat->st_mode & 07777)) {
- int e = errno;
- WARN((stderr, "%s: ", progname));
- if (!quiet) {
-@@ -1739,7 +1741,7 @@
- }
- }
- #ifndef NO_CHOWN
-- chown(ofname, ifstat->st_uid, ifstat->st_gid); /* Copy ownership */
-+ (void) fchown(ofd, ifstat->st_uid, ifstat->st_gid); /* Copy ownership */
- #endif
- remove_ofname = 0;
- /* It's now safe to remove the input file: */
--- a/usr/src/cmd/gzip/gzip-security-diff Tue Feb 19 16:34:31 2013 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,200 +0,0 @@
-Index: gnu/usr.bin/gzip/gzip.h
-===================================================================
-RCS file: /home/ncvs/src/gnu/usr.bin/gzip/gzip.h,v
-retrieving revision 1.4
-diff -u -d -r1.4 gzip.h
---- gnu/usr.bin/gzip/gzip.h 2 May 2004 23:07:49 -0000 1.4
-+++ gnu/usr.bin/gzip/gzip.h 17 Sep 2006 10:58:37 -0000
-@@ -202,6 +202,8 @@
- extern int to_stdout; /* output to stdout (-c) */
- extern int save_orig_name; /* set if original name must be saved */
-
-+#define MIN(a,b) ((a) <= (b) ? (a) : (b))
-+
- #define get_byte() (inptr < insize ? inbuf[inptr++] : fill_inbuf(0))
- #define try_byte() (inptr < insize ? inbuf[inptr++] : fill_inbuf(1))
-
-Index: gnu/usr.bin/gzip/inflate.c
-===================================================================
-RCS file: /home/ncvs/src/gnu/usr.bin/gzip/inflate.c,v
-retrieving revision 1.9
-diff -u -d -r1.9 inflate.c
---- gnu/usr.bin/gzip/inflate.c 13 Aug 2004 05:38:44 -0000 1.9
-+++ gnu/usr.bin/gzip/inflate.c 17 Sep 2006 10:58:37 -0000
-@@ -316,7 +316,7 @@
- {
- *t = (struct huft *)NULL;
- *m = 0;
-- return 0;
-+ return 2;
- }
-
-
-Index: gnu/usr.bin/gzip/unlzh.c
-===================================================================
-RCS file: /home/ncvs/src/gnu/usr.bin/gzip/unlzh.c,v
-retrieving revision 1.5
-diff -u -d -r1.5 unlzh.c
---- gnu/usr.bin/gzip/unlzh.c 27 Aug 1999 23:35:53 -0000 1.5
-+++ gnu/usr.bin/gzip/unlzh.c 17 Sep 2006 10:58:37 -0000
-@@ -148,13 +148,17 @@
- unsigned i, k, len, ch, jutbits, avail, nextcode, mask;
-
- for (i = 1; i <= 16; i++) count[i] = 0;
-- for (i = 0; i < (unsigned)nchar; i++) count[bitlen[i]]++;
-+ for (i = 0; i < (unsigned)nchar; i++) {
-+ if (bitlen[i] > 16)
-+ error("Bad table (case a)\n");
-+ else count[bitlen[i]]++;
-+ }
-
- start[1] = 0;
- for (i = 1; i <= 16; i++)
- start[i + 1] = start[i] + (count[i] << (16 - i));
-- if ((start[17] & 0xffff) != 0)
-- error("Bad table\n");
-+ if ((start[17] & 0xffff) != 0 || tablebits > 16) /* 16 for weight below */
-+ error("Bad table (case b)\n");
-
- jutbits = 16 - tablebits;
- for (i = 1; i <= (unsigned)tablebits; i++) {
-@@ -168,15 +172,15 @@
-
- i = start[tablebits + 1] >> jutbits;
- if (i != 0) {
-- k = 1 << tablebits;
-- while (i != k) table[i++] = 0;
-+ k = MIN(1 << tablebits, DIST_BUFSIZE);
-+ while (i < k) table[i++] = 0;
- }
-
- avail = nchar;
- mask = (unsigned) 1 << (15 - tablebits);
- for (ch = 0; ch < (unsigned)nchar; ch++) {
- if ((len = bitlen[ch]) == 0) continue;
-- nextcode = start[len] + weight[len];
-+ nextcode = MIN(start[len] + weight[len], DIST_BUFSIZE);
- if (len <= (unsigned)tablebits) {
- for (i = start[len]; i < nextcode; i++) table[i] = ch;
- } else {
-@@ -217,7 +221,7 @@
- for (i = 0; i < 256; i++) pt_table[i] = c;
- } else {
- i = 0;
-- while (i < n) {
-+ while (i < MIN(n,NPT)) {
- c = bitbuf >> (BITBUFSIZ - 3);
- if (c == 7) {
- mask = (unsigned) 1 << (BITBUFSIZ - 1 - 3);
-@@ -227,7 +231,7 @@
- pt_len[i++] = c;
- if (i == i_special) {
- c = getbits(2);
-- while (--c >= 0) pt_len[i++] = 0;
-+ while (--c >= 0 && i < NPT) pt_len[i++] = 0;
- }
- }
- while (i < nn) pt_len[i++] = 0;
-@@ -247,7 +251,7 @@
- for (i = 0; i < 4096; i++) c_table[i] = c;
- } else {
- i = 0;
-- while (i < n) {
-+ while (i < MIN(n,NC)) {
- c = pt_table[bitbuf >> (BITBUFSIZ - 8)];
- if (c >= NT) {
- mask = (unsigned) 1 << (BITBUFSIZ - 1 - 8);
-@@ -255,14 +259,14 @@
- if (bitbuf & mask) c = right[c];
- else c = left [c];
- mask >>= 1;
-- } while (c >= NT);
-+ } while (c >= NT && (mask || c != left[c]));
- }
- fillbuf((int) pt_len[c]);
- if (c <= 2) {
- if (c == 0) c = 1;
- else if (c == 1) c = getbits(4) + 3;
- else c = getbits(CBIT) + 20;
-- while (--c >= 0) c_len[i++] = 0;
-+ while (--c >= 0 && i < NC) c_len[i++] = 0;
- } else c_len[i++] = c - 2;
- }
- while (i < NC) c_len[i++] = 0;
-@@ -291,7 +295,7 @@
- if (bitbuf & mask) j = right[j];
- else j = left [j];
- mask >>= 1;
-- } while (j >= NC);
-+ } while (j >= NC && (mask || j != left[j]));
- }
- fillbuf((int) c_len[j]);
- return j;
-@@ -308,7 +312,7 @@
- if (bitbuf & mask) j = right[j];
- else j = left [j];
- mask >>= 1;
-- } while (j >= NP);
-+ } while (j >= NP && (mask || j != left[j]));
- }
- fillbuf((int) pt_len[j]);
- if (j != 0) j = ((unsigned) 1 << (j - 1)) + getbits((int) (j - 1));
-@@ -355,7 +359,7 @@
- while (--j >= 0) {
- buffer[r] = buffer[i];
- i = (i + 1) & (DICSIZ - 1);
-- if (++r == count) return r;
-+ if (++r >= count) return r;
- }
- for ( ; ; ) {
- c = decode_c();
-@@ -365,14 +369,14 @@
- }
- if (c <= UCHAR_MAX) {
- buffer[r] = c;
-- if (++r == count) return r;
-+ if (++r >= count) return r;
- } else {
- j = c - (UCHAR_MAX + 1 - THRESHOLD);
- i = (r - decode_p() - 1) & (DICSIZ - 1);
- while (--j >= 0) {
- buffer[r] = buffer[i];
- i = (i + 1) & (DICSIZ - 1);
-- if (++r == count) return r;
-+ if (++r >= count) return r;
- }
- }
- }
-Index: gnu/usr.bin/gzip/unpack.c
-===================================================================
-RCS file: /home/ncvs/src/gnu/usr.bin/gzip/unpack.c,v
-retrieving revision 1.6
-diff -u -d -r1.6 unpack.c
---- gnu/usr.bin/gzip/unpack.c 27 Aug 1999 23:35:54 -0000 1.6
-+++ gnu/usr.bin/gzip/unpack.c 17 Sep 2006 10:58:37 -0000
-@@ -12,7 +12,6 @@
- #include "gzip.h"
- #include "crypt.h"
-
--#define MIN(a,b) ((a) <= (b) ? (a) : (b))
- /* The arguments must not have side effects. */
-
- #define MAX_BITLEN 25
-@@ -132,7 +131,7 @@
- /* Remember where the literals of this length start in literal[] : */
- lit_base[len] = base;
- /* And read the literals: */
-- for (n = leaves[len]; n > 0; n--) {
-+ for (n = leaves[len]; n > 0 && base < LITERALS; n--) {
- literal[base++] = (uch)get_byte();
- }
- }
-@@ -168,7 +167,7 @@
- prefixp = &prefix_len[1<<peek_bits];
- for (len = 1; len <= peek_bits; len++) {
- int prefixes = leaves[len] << (peek_bits-len); /* may be 0 */
-- while (prefixes--) *--prefixp = (uch)len;
-+ while (prefixes-- && prefixp > prefix_len) *--prefixp = (uch)len;
- }
- /* The length of all other codes is unknown: */
- while (prefixp > prefix_len) *--prefixp = 0;
--- a/usr/src/cmd/gzip/gzip.c-message-diff Tue Feb 19 16:34:31 2013 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,11 +0,0 @@
---- gzip-1.3.5/gzip.c-orig Fri Oct 6 05:44:06 2006
-+++ gzip-1.3.5/gzip.c Fri Oct 6 05:48:53 2006
-@@ -427,6 +427,8 @@
- #endif
- printf ("\n");
- printf ("Written by Jean-loup Gailly.\n");
-+ printf ("patched for Sun BugIDs 6294656 6283819\n");
-+ printf ("patched for CVE-2006-4334, CVE-2006-4335, CVE-2006-4336, CVE-2006-4337, CVE-2006-4338\n");
- }
-
- local void progerror (string)
--- a/usr/src/cmd/gzip/install-gzip Tue Feb 19 16:34:31 2013 +0000
+++ b/usr/src/cmd/gzip/install-gzip Sun Mar 03 21:42:14 2013 +0000
@@ -58,34 +58,20 @@
cd ${VERS}
# install info page for gzip
-_install N gzip.info ${INFODIR}/gzip.info 444
+_install N doc/gzip.info ${INFODIR}/gzip.info 444
install-info --dir-file=${INFODIR}/dir ${INFODIR}/gzip.info >/dev/null 2>&1
-for i in zdiff zgrep zforce
+for i in zcat zcmp zdiff zegrep zfgrep zforce zgrep zless zmore znew
do
_install S ${i} ${BINDIR}/g${i} 555
done
-_install H ${BINDIR}/gzgrep ${BINDIR}/gzegrep
-_install H ${BINDIR}/gzgrep ${BINDIR}/gzfgrep
-_install H ${BINDIR}/gzdiff ${BINDIR}/gzcmp
-
-_install S gzexe ${BINDIR}/gzexe 555
+for i in gunzip gzexe
+do
+ _install S ${i} ${BINDIR}/${i} 555
+done
_install E gzip ${BINDIR}/gzip 555
-_install H ${BINDIR}/gzip ${BINDIR}/gunzip
-_install H ${BINDIR}/gzip ${BINDIR}/gzcat
-
-rm -f ${BINDIR}/gznew
-sed s/znew/gznew/g znew > ${BINDIR}/gznew
-chmod 555 ${BINDIR}/gznew
-
-rm -f ${BINDIR}/gzmore
-sed s/zmore/gzmore/g zmore > ${BINDIR}/gzmore
-chmod 555 ${BINDIR}/gzmore
-
-_install S zless ${BINDIR}/gzless 555
-
exit 0
--- a/usr/src/pkgdefs/SUNWgzip/pkginfo.tmpl Tue Feb 19 16:34:31 2013 +0000
+++ b/usr/src/pkgdefs/SUNWgzip/pkginfo.tmpl Sun Mar 03 21:42:14 2013 +0000
@@ -37,7 +37,7 @@
SUNW_PKGTYPE="usr"
MAXINST="1000"
CATEGORY="system"
-DESC="The GNU Zip (gzip) compression utility 1.3.5"
+DESC="The GNU Zip (gzip) compression utility 1.5"
VENDOR="COMPANY"
HOTLINE="Please contact your local service provider"
EMAIL=""
--- a/usr/src/pkgdefs/SUNWgzip/prototype_com Tue Feb 19 16:34:31 2013 +0000
+++ b/usr/src/pkgdefs/SUNWgzip/prototype_com Sun Mar 03 21:42:14 2013 +0000
@@ -46,13 +46,13 @@
#
d none usr 755 root sys
d none usr/bin 755 root bin
-l none usr/bin/gunzip=gzip
-l none usr/bin/gzcat=gzip
-l none usr/bin/gzcmp=gzdiff
+f none usr/bin/gunzip 555 root bin
+f none usr/bin/gzcat 555 root bin
+f none usr/bin/gzcmp 555 root bin
f none usr/bin/gzdiff 555 root bin
-l none usr/bin/gzegrep=gzgrep
+f none usr/bin/gzegrep 555 root bin
f none usr/bin/gzexe 555 root bin
-l none usr/bin/gzfgrep=gzgrep
+f none usr/bin/gzfgrep 555 root bin
f none usr/bin/gzforce 555 root bin
f none usr/bin/gzgrep 555 root bin
f none usr/bin/gzip 555 root bin