untrusted comment: signature from openbsd 6.0 base secret key
RWSho3oKSqgLQ6oQmYmWT/1JPk2B3KI/ekIcVcfsQKLPYTKPICxaMJvCf64l3fjAja5RQiISj+76ziwnnTPp17PW7knhT2dyIAg=

OpenBSD 6.0 errata 26, June 04, 2017:

Use fchmod to avoid a race condition in File::Path.
Fixes CVE-2017-6512.

Apply by doing:
   signify -Vep /etc/signify/openbsd-60-base.pub -x 026_perl.patch.sig \
       -m - | (cd /usr/src && patch -p0)

And then install the new file:
   install -o root -g wheel -m 0444 \
       /usr/src/gnu/usr.bin/perl/cpan/File-Path/lib/File/Path.pm \
       /usr/libdata/perl5/File/

Index: gnu/usr.bin/perl/cpan/File-Path/lib/File/Path.pm
===================================================================
RCS file: /cvs/src/gnu/usr.bin/perl/cpan/File-Path/lib/File/Path.pm,v
retrieving revision 1.1.1.2
diff -u -p -u -p -r1.1.1.2 Path.pm
--- gnu/usr.bin/perl/cpan/File-Path/lib/File/Path.pm    24 Mar 2014 14:58:52 -0000      1.1.1.2
+++ gnu/usr.bin/perl/cpan/File-Path/lib/File/Path.pm    1 Jun 2017 22:00:11 -0000
@@ -17,7 +17,7 @@ BEGIN {

use Exporter ();
use vars qw($VERSION @ISA @EXPORT @EXPORT_OK);
-$VERSION   = '2.09';
+$VERSION   = '2.09_01';
@ISA       = qw(Exporter);
@EXPORT    = qw(mkpath rmtree);
@EXPORT_OK = qw(make_path remove_tree);
@@ -284,13 +284,32 @@ sub _rmtree {
            if (!chdir($root)) {
                # see if we can escalate privileges to get in
                # (e.g. funny protection mask such as -w- instead of rwx)
-                $perm &= 07777;
-                my $nperm = $perm | 0700;
-                if (!($arg->{safe} or $nperm == $perm or chmod($nperm, $root))) {
-                    _error($arg, "cannot make child directory read-write-exec", $canon);
-                    next ROOT_DIR;
+                # This uses fchmod to avoid traversing outside of the proper
+                # location (CVE-2017-6512)
+                my $root_fh;
+                if (open($root_fh, '<', $root)) {
+                    my ($fh_dev, $fh_inode) = (stat $root_fh )[0,1];
+                    $perm &= oct '7777';
+                    my $nperm = $perm | oct '700';
+                    local $@;
+                    if (
+                        !(
+                            $arg->{safe}
+                           or $nperm == $perm
+                           or !-d _
+                           or $fh_dev ne $ldev
+                           or $fh_inode ne $lino
+                           or eval { chmod( $nperm, $root_fh ) }
+                        )
+                      )
+                    {
+                        _error( $arg,
+                            "cannot make child directory read-write-exec", $canon );
+                        next ROOT_DIR;
+                    }
+                    close $root_fh;
                }
-                elsif (!chdir($root)) {
+                if (!chdir($root)) {
                    _error($arg, "cannot chdir to child", $canon);
                    next ROOT_DIR;
                }

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.