storeBackup: 3.5 -> 3.5.2, apply patch for CVE-2020-7040
Changelog: ``` version 3.5.1 storeBackup.pl - linkToRecent didn't work when used for the very first time in a series - added option suppressInfo with key readCheckSums - changed the order of execution: write backup -> sync -> write 'finished' -> write linkToRecent -> delete old backups -> start postcommand storeBackupMergeIsolatedBackup.pl - added option --move storeBackupSearch.pl - option 'backupDir' didn't work (normally not needed) lib/fileDir.pl - more detailed error messages when copying of a file does not succeed lib/checkParam2.pl - overwriting settings from config file via commandline didn't work for options with parameters storeBackup.pl, storeBackupUpdateBackup.pl, linkToDirs.pl - added option --maxHardLinks ---------------------------- version 3.5.2 storeBackup.pl - option --maxHardLinks was not configurable in the configuration file - pipe buffering was changed to new needs since about kernel 5.13 (relevant only if you backup devices) storeBackupRecover.pl - restoring of devices (eg. sda) didn't work because of bug in option checkDevicesDir0 in storeBackup.pl when using more than one directory level like "Devs/Sticks" storeBackupUpdateBackup.pl - added log file entry about number of WARNINGs and ERRORs happend (like at storeBackup.pl) ```
This commit is contained in:
parent
0a42318e55
commit
d10d3fe5d6
2 changed files with 32 additions and 3 deletions
23
pkgs/tools/backup/store-backup/CVE-2020-7040.patch
Normal file
23
pkgs/tools/backup/store-backup/CVE-2020-7040.patch
Normal file
|
@ -0,0 +1,23 @@
|
|||
Index: storeBackup/lib/fileDir.pl
|
||||
===================================================================
|
||||
--- storeBackup.orig/lib/fileDir.pl
|
||||
+++ storeBackup/lib/fileDir.pl
|
||||
@@ -21,7 +21,7 @@
|
||||
|
||||
|
||||
use Digest::MD5 qw(md5_hex);
|
||||
-use Fcntl qw(O_RDWR O_CREAT);
|
||||
+use Fcntl qw(O_RDWR O_CREAT O_WRONLY O_EXCL);
|
||||
use Fcntl ':mode';
|
||||
use POSIX;
|
||||
use Cwd 'abs_path';
|
||||
@@ -482,7 +482,7 @@ sub checkLockFile
|
||||
'-str' => ["creating lock file <$lockFile>"]);
|
||||
|
||||
&::checkDelSymLink($lockFile, $prLog, 0x01);
|
||||
- open(FILE, '>', $lockFile) or
|
||||
+ sysopen(FILE, $lockFile, O_WRONLY | O_CREAT | O_EXCL) or
|
||||
$prLog->print('-kind' => 'E',
|
||||
'-str' => ["cannot create lock file <$lockFile>"],
|
||||
'-exit' => 1);
|
||||
|
|
@ -14,7 +14,7 @@ in
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
|
||||
version = "3.5";
|
||||
version = "3.5.2";
|
||||
|
||||
pname = "store-backup";
|
||||
|
||||
|
@ -25,9 +25,14 @@ stdenv.mkDerivation rec {
|
|||
|
||||
src = fetchurl {
|
||||
url = "https://download.savannah.gnu.org/releases/storebackup/storeBackup-${version}.tar.bz2";
|
||||
sha256 = "0y4gzssc93x6y93mjsxm5b5cdh68d7ffa43jf6np7s7c99xxxz78";
|
||||
hash = "sha256-Ki1DT2zypFFiiMVd9Y8eSX7T+yr8moWMoALmAexjqWU=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
# https://www.openwall.com/lists/oss-security/2020/01/20/3
|
||||
./CVE-2020-7040.patch
|
||||
];
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out/scripts
|
||||
mv * $out
|
||||
|
@ -48,7 +53,8 @@ stdenv.mkDerivation rec {
|
|||
|
||||
PATH=$PATH:${dummyMount}/bin
|
||||
|
||||
|
||||
export USER=test
|
||||
export HOME=$(mktemp -d)
|
||||
{ # simple sanity test, test backup/restore of simple store paths
|
||||
|
||||
mkdir backup
|
||||
|
|
Loading…
Reference in a new issue