diff options
| author |   Jeroen Roovers <jer@gentoo.org> | 2014-08-22 16:10:02 +0000 |
|---|---|---|
| committer | Jeroen Roovers <jer@gentoo.org> | 2014-08-22 16:10:02 +0000 |
| commit | 2d831e6ff1e4cff91ff404526f33ebf738474fda (patch) | |
| tree | 6808e97bbf08129595a6ba6a3c9cc7b0b0b00772 /net-analyzer | |
| parent | bumped EAPI to 5; committed directly to stable as no other changes present an... (diff) | |
| download | gentoo-2-2d831e6ff1e4cff91ff404526f33ebf738474fda.tar.gz gentoo-2-2d831e6ff1e4cff91ff404526f33ebf738474fda.tar.bz2 gentoo-2-2d831e6ff1e4cff91ff404526f33ebf738474fda.zip | |
Fix three format security bugs (already fixed upstream, bug #520562).
(Portage version: 2.2.12/cvs/Linux x86_64, signed Manifest commit with key A792A613)
Diffstat (limited to 'net-analyzer')
4 files changed, 104 insertions, 1 deletions
diff --git a/net-analyzer/iptraf-ng/ChangeLog b/net-analyzer/iptraf-ng/ChangeLog index f9bf10fb1857..c148ab30c2b1 100644 --- a/net-analyzer/iptraf-ng/ChangeLog +++ b/net-analyzer/iptraf-ng/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for net-analyzer/iptraf-ng # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/iptraf-ng/ChangeLog,v 1.78 2014/05/06 16:37:23 jer Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/iptraf-ng/ChangeLog,v 1.79 2014/08/22 16:10:02 jer Exp $ + +*iptraf-ng-1.1.4-r2 (22 Aug 2014) + + 22 Aug 2014; Jeroen Roovers <jer@gentoo.org> +iptraf-ng-1.1.4-r2.ebuild, + +files/iptraf-ng-1.1.4-printf-format.patch, + +files/iptraf-ng-1.1.4-sprintf-format.patch: + Fix three format security bugs (already fixed upstream, bug #520562). 06 May 2014; Jeroen Roovers <jer@gentoo.org> -iptraf-ng-1.1.3.1-r2.ebuild, -files/iptraf-ng-1.1.3.1-kernel-v3.5-kill-off-token-ring-support.patch: diff --git a/net-analyzer/iptraf-ng/files/iptraf-ng-1.1.4-printf-format.patch b/net-analyzer/iptraf-ng/files/iptraf-ng-1.1.4-printf-format.patch new file mode 100644 index 000000000000..6bad736e2e44 --- /dev/null +++ b/net-analyzer/iptraf-ng/files/iptraf-ng-1.1.4-printf-format.patch @@ -0,0 +1,11 @@ +--- a/src/ipfilter.c ++++ b/src/ipfilter.c +@@ -146,7 +146,7 @@ + snprintf(msgstr, 60, + "Invalid protocol input at or near token \"%s\"", + bptr); +- tui_error(ANYKEY_MSG, msgstr); ++ tui_error(ANYKEY_MSG, "%s", msgstr); + doagain = 1; + } else + doagain = 0; diff --git a/net-analyzer/iptraf-ng/files/iptraf-ng-1.1.4-sprintf-format.patch b/net-analyzer/iptraf-ng/files/iptraf-ng-1.1.4-sprintf-format.patch new file mode 100644 index 000000000000..96f252895cb2 --- /dev/null +++ b/net-analyzer/iptraf-ng/files/iptraf-ng-1.1.4-sprintf-format.patch @@ -0,0 +1,20 @@ +--- a/src/othptab.c ++++ b/src/othptab.c +@@ -410,7 +410,7 @@ + break; + } + +- sprintf(scratchpad, rarp_mac_addr); ++ sprintf(scratchpad, "%s", rarp_mac_addr); + strcat(msgstring, scratchpad); + wattrset(table->othpwin, ARPATTR); + break; +@@ -485,7 +485,7 @@ + wattrset(table->othpwin, UNKNIPATTR); + protptr = getprotobynumber(entry->protocol); + if (protptr != NULL) { +- sprintf(protname, protptr->p_aliases[0]); ++ sprintf(protname, "%s", protptr->p_aliases[0]); + } else { + sprintf(protname, "IP protocol"); + unknown = 1; diff --git a/net-analyzer/iptraf-ng/iptraf-ng-1.1.4-r2.ebuild b/net-analyzer/iptraf-ng/iptraf-ng-1.1.4-r2.ebuild new file mode 100644 index 000000000000..b0583a4d562f --- /dev/null +++ b/net-analyzer/iptraf-ng/iptraf-ng-1.1.4-r2.ebuild @@ -0,0 +1,65 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/iptraf-ng/iptraf-ng-1.1.4-r2.ebuild,v 1.1 2014/08/22 16:10:02 jer Exp $ + +EAPI=5 +inherit eutils toolchain-funcs + +DESCRIPTION="A console-based network monitoring utility" +HOMEPAGE="http://fedorahosted.org/iptraf-ng/" +SRC_URI="http://fedorahosted.org/releases/${PN:0:1}/${PN:1:1}/${PN}/${P}.tar.gz" + +LICENSE="GPL-2 doc? ( FDL-1.1 )" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="doc" + +RESTRICT="test" + +RDEPEND=" + >=sys-libs/ncurses-5.7-r7 +" +DEPEND=" + ${RDEPEND} + virtual/os-headers + !net-analyzer/iptraf +" + +src_prepare() { + sed -i \ + -e '/^CC =/d' \ + -e '/^CFLAGS/s:= -g -O2:+= :' \ + -e '/^LDFLAGS =/d' \ + -e 's|$(QUIET_[[:alpha:]]*)||g' \ + Makefile || die + sed -i \ + -e 's|IPTRAF|&-NG|g' \ + -e 's|IPTraf|&-NG|g' \ + -e 's|iptraf|&-ng|g' \ + -e 's|rvnamed|&-ng|g' \ + -e 's|RVNAMED|&-NG|g' \ + src/*.8 || die + + epatch "${FILESDIR}"/${P}-tcplog_flowrate_msg.patch + epatch "${FILESDIR}"/${P}-printf-format.patch + epatch "${FILESDIR}"/${P}-sprintf-format.patch +} + +# configure does not do very much we do not already control +src_configure() { :; } + +src_compile() { + tc-export CC + CFLAGS+=' -DLOCKDIR=\"/run/lock/iptraf-ng\"' + default +} + +src_install() { + dosbin {iptraf,rvnamed}-ng + + doman src/*.8 + dodoc AUTHORS CHANGES FAQ README* RELEASE-NOTES + use doc && dohtml -a gif,html,png -r Documentation/* + + keepdir /var/{lib,log}/iptraf-ng #376157 +} |