diff options
| author | Mathieu Arnold <mat@FreeBSD.org> | 2019-08-13 10:31:18 +0000 |
|---|---|---|
| committer | Mathieu Arnold <mat@FreeBSD.org> | 2019-08-13 10:31:18 +0000 |
| commit | 13a7d55681829f5213a8606283ec51633f3c7583 (patch) | |
| tree | 654bf4f2860fbda0d512c7bcadff48f4a6c1d700 /java | |
| parent | Make fetchable again. The distfile was rerolled a week after initial (diff) | |
Force ports depending on a fetch target to actually run checksum.
This prevents an improbable MITM attack on dependencies where the target
is "fetch" and the port is built manuallt. (Which means a port depends
on a dependency being fetched, but not built or anything else.) In this
case, as the target is only "fetch", the distribution files of the
dependency are not checked against the dependency's distinfo file. One
could, in theory, impersonate the dependency's master site and provide a
malicious distribution file.
The ports that could in theory be affected are russian/gd, ukrainian/gd,
and ukrainian/webalizer. They are only affected when building manually,
as when building with poudriere, the *-depends target do not have
network access, and the build would fail if the distribution files are
not already present. (From the dependencies being built normally, where
checksum would have ran.)
The detail is described here:
https://www.reddit.com/r/BSD/comments/br62hm/freebsd_cryptographic_bypass_and_mitmbased/
Reported by: emaste (on IRC)
Reviewed by: swills emaste antoine
MFH: 2019Q3
Differential Revision: https://reviews.freebsd.org/D21230
Notes
Notes:
svn path=/head/; revision=508819
Diffstat (limited to 'java')
0 files changed, 0 insertions, 0 deletions