ntfs-3g: 2016.2.22 -> 2017.3.23 closes FS#1722

2019-03-05 18:23:43 +11:00 · 2019-03-05 18:23:43 +11:00 · 0faf87b1a4
commit 0faf87b1a4
parent 87bee1d47a
4 changed files with 18 additions and 58 deletions
--- a/ntfs-3g/.footprint
+++ b/ntfs-3g/.footprint
@ -2,11 +2,11 @@ drwxr-xr-x	root/root	bin/
 -rwxr-xr-x	root/root	bin/lowntfs-3g
 -rwxr-xr-x	root/root	bin/ntfs-3g
 drwxr-xr-x	root/root	lib/
-lrwxrwxrwx	root/root	lib/libntfs-3g.so -> libntfs-3g.so.87.0.0
-lrwxrwxrwx	root/root	lib/libntfs-3g.so.87 -> libntfs-3g.so.87.0.0
-rwxr-xr-x	root/root	lib/libntfs-3g.so.87.0.0
+lrwxrwxrwx	root/root	lib/libntfs-3g.so -> libntfs-3g.so.88.0.0
+lrwxrwxrwx	root/root	lib/libntfs-3g.so.88 -> libntfs-3g.so.88.0.0
+-rwxr-xr-x	root/root	lib/libntfs-3g.so.88.0.0
 drwxr-xr-x	root/root	sbin/
-lrwxrwxrwx	root/root	sbin/fsck.ntfs -> ../bin/ntfsfix
+lrwxrwxrwx	root/root	sbin/fsck.ntfs -> ../usr/bin/ntfsfix
 lrwxrwxrwx	root/root	sbin/mkfs.ntfs -> /usr/sbin/mkntfs
 lrwxrwxrwx	root/root	sbin/mount.lowntfs-3g -> /bin/lowntfs-3g
 lrwxrwxrwx	root/root	sbin/mount.ntfs -> ../bin/ntfs-3g
@ -14,8 +14,6 @@ lrwxrwxrwx	root/root	sbin/mount.ntfs-3g -> /bin/ntfs-3g
 drwxr-xr-x	root/root	usr/
 drwxr-xr-x	root/root	usr/bin/
 -rwxr-xr-x	root/root	usr/bin/ntfs-3g.probe
-rwxr-xr-x	root/root	usr/bin/ntfs-3g.secaudit
-rwxr-xr-x	root/root	usr/bin/ntfs-3g.usermap
 -rwxr-xr-x	root/root	usr/bin/ntfscat
 -rwxr-xr-x	root/root	usr/bin/ntfscluster
 -rwxr-xr-x	root/root	usr/bin/ntfscmp
@ -23,7 +21,9 @@ drwxr-xr-x	root/root	usr/bin/
 -rwxr-xr-x	root/root	usr/bin/ntfsinfo
 -rwxr-xr-x	root/root	usr/bin/ntfsls
 -rwxr-xr-x	root/root	usr/bin/ntfsrecover
+-rwxr-xr-x	root/root	usr/bin/ntfssecaudit
 -rwxr-xr-x	root/root	usr/bin/ntfstruncate
+-rwxr-xr-x	root/root	usr/bin/ntfsusermap
 -rwxr-xr-x	root/root	usr/bin/ntfswipe
 drwxr-xr-x	root/root	usr/include/
 drwxr-xr-x	root/root	usr/include/ntfs-3g/
@ -56,6 +56,7 @@ drwxr-xr-x	root/root	usr/include/ntfs-3g/
 -rw-r--r--	root/root	usr/include/ntfs-3g/ntfstime.h
 -rw-r--r--	root/root	usr/include/ntfs-3g/object_id.h
 -rw-r--r--	root/root	usr/include/ntfs-3g/param.h
+-rw-r--r--	root/root	usr/include/ntfs-3g/plugin.h
 -rw-r--r--	root/root	usr/include/ntfs-3g/realpath.h
 -rw-r--r--	root/root	usr/include/ntfs-3g/reparse.h
 -rw-r--r--	root/root	usr/include/ntfs-3g/runlist.h
@ -69,6 +70,7 @@ drwxr-xr-x	root/root	usr/lib/
 -rw-r--r--	root/root	usr/lib/libntfs-3g.a
 -rwxr-xr-x	root/root	usr/lib/libntfs-3g.la
 lrwxrwxrwx	root/root	usr/lib/libntfs-3g.so -> /lib/libntfs-3g.so
+drwxr-xr-x	root/root	usr/lib/ntfs-3g/
 drwxr-xr-x	root/root	usr/lib/pkgconfig/
 -rw-r--r--	root/root	usr/lib/pkgconfig/libntfs-3g.pc
 drwxr-xr-x	root/root	usr/sbin/
@ -89,8 +91,6 @@ lrwxrwxrwx	root/root	usr/share/man/man8/mount.ntfs-3g.8.gz -> ntfs-3g.8.gz
 lrwxrwxrwx	root/root	usr/share/man/man8/mount.ntfs.8.gz -> ntfs-3g.8.gz
 -rw-r--r--	root/root	usr/share/man/man8/ntfs-3g.8.gz
 -rw-r--r--	root/root	usr/share/man/man8/ntfs-3g.probe.8.gz
-rw-r--r--	root/root	usr/share/man/man8/ntfs-3g.secaudit.8.gz
-rw-r--r--	root/root	usr/share/man/man8/ntfs-3g.usermap.8.gz
 -rw-r--r--	root/root	usr/share/man/man8/ntfscat.8.gz
 -rw-r--r--	root/root	usr/share/man/man8/ntfsclone.8.gz
 -rw-r--r--	root/root	usr/share/man/man8/ntfscluster.8.gz
@ -105,6 +105,8 @@ lrwxrwxrwx	root/root	usr/share/man/man8/mount.ntfs.8.gz -> ntfs-3g.8.gz
 -rw-r--r--	root/root	usr/share/man/man8/ntfsprogs.8.gz
 -rw-r--r--	root/root	usr/share/man/man8/ntfsrecover.8.gz
 -rw-r--r--	root/root	usr/share/man/man8/ntfsresize.8.gz
+-rw-r--r--	root/root	usr/share/man/man8/ntfssecaudit.8.gz
 -rw-r--r--	root/root	usr/share/man/man8/ntfstruncate.8.gz
 -rw-r--r--	root/root	usr/share/man/man8/ntfsundelete.8.gz
+-rw-r--r--	root/root	usr/share/man/man8/ntfsusermap.8.gz
 -rw-r--r--	root/root	usr/share/man/man8/ntfswipe.8.gz
--- a/ntfs-3g/.signature
+++ b/ntfs-3g/.signature
@ -1,6 +1,5 @@
 untrusted comment: verify with /etc/ports/contrib.pub
-RWSagIOpLGJF3xU3ZTxwGfwa+B+X4qrhc3Pz5P1wm0gYRcz0xYR5F35O/tHFw5geRvvLffn4NhrSbzWGBbdFIrjVzO2v9H08lAg=
-SHA256 (Pkgfile) = 81ef09dd630ac7975b324d3d94e60709cc1fb9e3d44e3b743cfaeb0e5c56bc9c
-SHA256 (.footprint) = 70360071ef365088fb11649508adb3b634dc084085e7c869d05492dd1bae376c
-SHA256 (ntfs-3g_ntfsprogs-2016.2.22.tgz) = d7b72c05e4b3493e6095be789a760c9f5f2b141812d5b885f3190c98802f1ea0
-SHA256 (CVE-2017-0358.patch) = 3b81e0f3fe969cdfaa6bc222b3ce4aa3e594e5da72789a6ced8dc0185a5e90ea
+RWSagIOpLGJF36+0POtx/honfKGrgHQXZp4VFa9CWs7e1ihJl9XyLVj6FtUT5G/AKy9uWhutGcJM4+q5r+uVgtDUKn/STKs+xQw=
+SHA256 (Pkgfile) = 695c0054561051aa43375b2e83933353b23c3e8a5be82871ab5b32e27826c153
+SHA256 (.footprint) = 54022ff9296f3929e5a2dd4856246a0e6d4a505eb27df38e15c6da82da1ae504
+SHA256 (ntfs-3g_ntfsprogs-2017.3.23.tgz) = 3e5a021d7b761261836dcb305370af299793eedbded731df3d6943802e1262d5
--- a/ntfs-3g/CVE-2017-0358.patch
+++ b/ntfs-3g/CVE-2017-0358.patch
@ -1,38 +0,0 @@
-http://seclists.org/oss-sec/2017/q1/259
-CVE-2017-0358 ntfs-3g: modprobe influence vulnerability via environment variables
--- ntfs-3g/src/lowntfs-3g.c	2016-12-31 08:56:59.011749600 +0100
-+++ ntfs-3g/src/lowntfs-3g.c	2017-01-05 14:41:52.041473700 +0100
-@@ -3827,13 +3827,14 @@
- 	struct stat st;
- 	pid_t pid;
- 	const char *cmd = "/sbin/modprobe";
-+	char *env = (char*)NULL;
- 	struct timespec req = { 0, 100000000 };   /* 100 msec */
- 	fuse_fstype fstype;
-         
- 	if (!stat(cmd, &st) && !geteuid()) {
- 		pid = fork();
- 		if (!pid) {
-			execl(cmd, cmd, "fuse", NULL);
-+			execle(cmd, cmd, "fuse", NULL, &env);
- 			_exit(1);
- 		} else if (pid != -1)
- 			waitpid(pid, NULL, 0);
--- ntfs-3g/src/ntfs-3g.c	2017-02-04 23:30:23.825889593 +0100
-+++ ntfs-3g/src/nfts-3g.c	2017-02-04 23:30:42.572542756 +0100
-@@ -3612,13 +3612,14 @@
- 	struct stat st;
- 	pid_t pid;
- 	const char *cmd = "/sbin/modprobe";
-+	char *env = (char*)NULL;
- 	struct timespec req = { 0, 100000000 };   /* 100 msec */
- 	fuse_fstype fstype;
- 	
- 	if (!stat(cmd, &st) && !geteuid()) {
- 		pid = fork();
- 		if (!pid) {
-			execl(cmd, cmd, "fuse", NULL);
-+			execle(cmd, cmd, "fuse", NULL, &env);
- 			_exit(1);
- 		} else if (pid != -1)
- 			waitpid(pid, NULL, 0);
--- a/ntfs-3g/Pkgfile
+++ b/ntfs-3g/Pkgfile
@ -4,16 +4,13 @@
 # Depends on: fuse

 name=ntfs-3g
-version=2016.2.22
-release=4
-source=(https://tuxera.com/opensource/ntfs-3g_ntfsprogs-$version.tgz
-	CVE-2017-0358.patch)
+version=2017.3.23
+release=1
+source=(https://tuxera.com/opensource/ntfs-3g_ntfsprogs-$version.tgz)

 build() {
 	cd ntfs-3g_ntfsprogs-$version

-	patch -p1 -i $SRC/CVE-2017-0358.patch
-
 	install -d $PKG/lib

 	./configure \
@ -27,7 +24,7 @@ build() {
 	make DESTDIR=$PKG install

 	ln -s ../bin/ntfs-3g $PKG/sbin/mount.ntfs
-	ln -s ../bin/ntfsfix $PKG/sbin/fsck.ntfs
+	ln -s ../usr/bin/ntfsfix $PKG/sbin/fsck.ntfs

 	ln -s ntfs-3g.8 $PKG/usr/share/man/man8/mount.ntfs.8
 	ln -s ntfsfix.8 $PKG//usr/share/man/man8/fsck.ntfs.8