Diff between apt-0.9.7.9+deb7u4 and apt-0.9.7.9+deb7u5
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff -ru _1/apt-0.9.7.9+deb7u4/apt-pkg/acquire-item.cc _2/apt-0.9.7.9+deb7u5/apt-pkg/acquire-item.cc | |
| --- _1/apt-0.9.7.9+deb7u4/apt-pkg/acquire-item.cc 2014-09-17 07:30:35.000000000 -0700 | |
| +++ _2/apt-0.9.7.9+deb7u5/apt-pkg/acquire-item.cc 2014-09-22 23:56:57.000000000 -0700 | |
| @@ -970,6 +970,12 @@ | |
| else | |
| Local = true; | |
| + // do not reverify cdrom sources as apt-cdrom may rewrite the Packages | |
| + // file when its doing the indexcopy | |
| + if (RealURI.substr(0,6) == "cdrom:" && | |
| + StringToBool(LookupTag(Message,"IMS-Hit"),false) == true) | |
| + return; | |
| + | |
| // The files timestamp matches | |
| if (!Local && StringToBool(LookupTag(Message,"IMS-Hit"),false) == true) | |
| { | |
| diff -ru _1/apt-0.9.7.9+deb7u4/debian/changelog _2/apt-0.9.7.9+deb7u5/debian/changelog | |
| --- _1/apt-0.9.7.9+deb7u4/debian/changelog 2014-09-18 02:32:09.000000000 -0700 | |
| +++ _2/apt-0.9.7.9+deb7u5/debian/changelog 2014-09-23 00:07:36.000000000 -0700 | |
| @@ -1,3 +1,15 @@ | |
| +apt (0.9.7.9+deb7u5) wheezy-security; urgency=high | |
| + | |
| + * SECURITY UPDATE: | |
| + - methods/http.cc: fix potential buffer overflow, thanks to the | |
| + Google Security Team (CVE-2014-6273) | |
| + * fix regression when Dir::state::lists is set to a relative | |
| + path (closes: 762160) | |
| + * fix regression when cdrom: sources got rewriten by apt-cdrom | |
| + add | |
| + | |
| + -- Michael Vogt <mvo@debian.org> Tue, 23 Sep 2014 08:56:27 +0200 | |
| + | |
| apt (0.9.7.9+deb7u4) wheezy-security; urgency=high | |
| * Fix regression in 0.9.7.9+deb7u3 when file:/// sources | |
| diff -ru _1/apt-0.9.7.9+deb7u4/methods/copy.cc _2/apt-0.9.7.9+deb7u5/methods/copy.cc | |
| --- _1/apt-0.9.7.9+deb7u4/methods/copy.cc 2014-08-20 01:32:37.000000000 -0700 | |
| +++ _2/apt-0.9.7.9+deb7u5/methods/copy.cc 2014-09-23 00:08:18.000000000 -0700 | |
| @@ -55,7 +55,7 @@ | |
| bool CopyMethod::Fetch(FetchItem *Itm) | |
| { | |
| URI Get = Itm->Uri; | |
| - std::string File = Get.Path; | |
| + std::string File = Get.Host + Get.Path; // To account for relative paths | |
| // Stat the file and send a start message | |
| struct stat Buf; | |
| diff -ru _1/apt-0.9.7.9+deb7u4/methods/http.cc _2/apt-0.9.7.9+deb7u5/methods/http.cc | |
| --- _1/apt-0.9.7.9+deb7u4/methods/http.cc 2013-03-01 02:51:21.000000000 -0800 | |
| +++ _2/apt-0.9.7.9+deb7u5/methods/http.cc 2014-09-18 05:26:56.000000000 -0700 | |
| @@ -666,18 +666,14 @@ | |
| URI Uri = Itm->Uri; | |
| // The HTTP server expects a hostname with a trailing :port | |
| - char Buf[1000]; | |
| + std::string Buf; | |
| string ProperHost = Uri.Host; | |
| if (Uri.Port != 0) | |
| { | |
| - sprintf(Buf,":%u",Uri.Port); | |
| + strprintf(Buf,":%u",Uri.Port); | |
| ProperHost += Buf; | |
| } | |
| - // Just in case. | |
| - if (Itm->Uri.length() >= sizeof(Buf)) | |
| - abort(); | |
| - | |
| /* Build the request. We include a keep-alive header only for non-proxy | |
| requests. This is to tweak old http/1.0 servers that do support keep-alive | |
| but not HTTP/1.1 automatic keep-alive. Doing this with a proxy server | |
| @@ -685,32 +681,34 @@ | |
| pass it on, HTTP/1.1 says the connection should default to keep alive | |
| and we expect the proxy to do this */ | |
| if (Proxy.empty() == true || Proxy.Host.empty()) | |
| - sprintf(Buf,"GET %s HTTP/1.1\r\nHost: %s\r\nConnection: keep-alive\r\n", | |
| + strprintf(Buf, "GET %s HTTP/1.1\r\nHost: %s\r\nConnection: keep-alive\r\n", | |
| QuoteString(Uri.Path,"~").c_str(),ProperHost.c_str()); | |
| else | |
| { | |
| /* Generate a cache control header if necessary. We place a max | |
| cache age on index files, optionally set a no-cache directive | |
| and a no-store directive for archives. */ | |
| - sprintf(Buf,"GET %s HTTP/1.1\r\nHost: %s\r\n", | |
| + strprintf(Buf,"GET %s HTTP/1.1\r\nHost: %s\r\n", | |
| Itm->Uri.c_str(),ProperHost.c_str()); | |
| } | |
| // generate a cache control header (if needed) | |
| if (_config->FindB("Acquire::http::No-Cache",false) == true) | |
| { | |
| - strcat(Buf,"Cache-Control: no-cache\r\nPragma: no-cache\r\n"); | |
| + Buf += "Cache-Control: no-cache\r\nPragma: no-cache\r\n"; | |
| } | |
| else | |
| { | |
| if (Itm->IndexFile == true) | |
| { | |
| - sprintf(Buf+strlen(Buf),"Cache-Control: max-age=%u\r\n", | |
| - _config->FindI("Acquire::http::Max-Age",0)); | |
| + std::string Tmp; | |
| + strprintf(Tmp, "Cache-Control: max-age=%u\r\n", | |
| + _config->FindI("Acquire::http::Max-Age",0)); | |
| + Buf += Tmp; | |
| } | |
| else | |
| { | |
| if (_config->FindB("Acquire::http::No-Store",false) == true) | |
| - strcat(Buf,"Cache-Control: no-store\r\n"); | |
| + Buf += "Cache-Control: no-store\r\n"; | |
| } | |
| } | |
| @@ -724,7 +722,7 @@ | |
| size_t const filepos = Itm->Uri.find_last_of('/'); | |
| string const file = Itm->Uri.substr(filepos + 1); | |
| if (flExtension(file) == file) | |
| - strcat(Buf,"Accept: text/*\r\n"); | |
| + Buf += "Accept: text/*\r\n"; | |
| } | |
| string Req = Buf; | |
| @@ -734,7 +732,7 @@ | |
| if (stat(Itm->DestFile.c_str(),&SBuf) >= 0 && SBuf.st_size > 0) | |
| { | |
| // In this case we send an if-range query with a range header | |
| - sprintf(Buf,"Range: bytes=%lli-\r\nIf-Range: %s\r\n",(long long)SBuf.st_size - 1, | |
| + strprintf(Buf, "Range: bytes=%lli-\r\nIf-Range: %s\r\n",(long long)SBuf.st_size - 1, | |
| TimeRFC1123(SBuf.st_mtime).c_str()); | |
| Req += Buf; | |
| } | |
| @@ -742,7 +740,7 @@ | |
| { | |
| if (Itm->LastModified != 0) | |
| { | |
| - sprintf(Buf,"If-Modified-Since: %s\r\n",TimeRFC1123(Itm->LastModified).c_str()); | |
| + strprintf(Buf,"If-Modified-Since: %s\r\n",TimeRFC1123(Itm->LastModified).c_str()); | |
| Req += Buf; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment