1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-24 04:33:24 +00:00
freebsd-ports/shells
Kai Knoblich 0578e68df8 shells/rssh: Apply fixes for basename(3) handling and some security issues
basename(3) has been changed to be POSIX compliant in r308264. This implies
that it can possibly write to the passed string. shells/rssh passes a const
string, so it always crashes on invocation with FreeBSD 12 and later. The
new patches remedy this issue. [1] [2]

During further tests and research came to light that there were also
recently discovered security issues with the parsing of rsync/scp command
line arguments and insufficient sanitization of environment variables when
using rysnc.

The corresponding fixes have been incorporated to the new patches and the
already existing patch for the RSYNC option has been tightened for the
argument parsing. Please note that with this patch the scp option "-3" can
no longer be used. [3]

Furthermore, another patch was applied to make this port a bit more secure.
That patch handles a buffer allocation issue for an error message. [4]

PR:		235121
Submitted by:	topical@gmx.net (first version) [1], Jason Harris (maintainer) [2]
Approved by:	tcberner (mentor)
Obtained from:	Debian [3] [4]
MFH:		2019Q1
Security:	d193aa9f-3f8c-11e9-9a24-6805ca0b38e8
Differential Revision:	https://reviews.freebsd.org/D19474
2019-03-06 20:45:26 +00:00
..
44bsd-csh
ammonite New port: shells/ammonite 2019-02-18 17:01:53 +00:00
bash Do not attempt to build 'loadables' in the install target when the static build 2019-02-21 09:32:08 +00:00
bash-completion
bash-static
bashc
bicon
ch
dash
envy
es
esh
fd
fish shells/fish: upgrade to 3.0.2 2019-02-24 22:51:18 +00:00
flash
heirloom-sh
hs-shelly
ibsh
jailkit shells/jailkit: Update to 2.20 2019-02-04 12:56:12 +00:00
klish
ksh93
ksh93-devel Update to the latest att/ast github commit. 2019-02-27 03:48:05 +00:00
lshell
mksh
nologinmsg
oksh shells/oksh: Convert to options helpers 2019-02-01 06:11:19 +00:00
osh
p5-Bash-Completion
p5-Shell-Perl
p5-Term-Bash-Completion-Generator
p5-Term-ShellUI
pdksh
pear-PHP_Shell
psh
rc
rssh shells/rssh: Apply fixes for basename(3) handling and some security issues 2019-03-06 20:45:26 +00:00
sash
scponly shells/scponly: fix segfault on FreeBSD 12 and newer 2019-02-25 13:37:48 +00:00
shell-include
sparforte
tcsh_nls
tcshrc
v7sh
viewglob
vshnu
wcd
xonsh
zsh Update to 5.7.1 2019-02-05 17:58:51 +00:00
zsh-antigen
zsh-completions Add zsh-completions 0.30.0 2019-01-27 19:56:10 +00:00
zsh-navigation-tools
Makefile New port: shells/ammonite 2019-02-18 17:01:53 +00:00