diff options
| author |   Olivier Crête <tester@gentoo.org> | 2007-04-23 18:13:40 +0000 |
|---|---|---|
| committer | Olivier Crête <tester@gentoo.org> | 2007-04-23 18:13:40 +0000 |
| commit | 3d6051ebe1e205beaf4e668403f7c83b7de2cea0 (patch) | |
| tree | 270902489efcddf38c58c9b3efbe5ae8e94ed90f /net-im/amsn | |
| parent | Version bump. (diff) | |
| download | gentoo-2-3d6051ebe1e205beaf4e668403f7c83b7de2cea0.tar.gz gentoo-2-3d6051ebe1e205beaf4e668403f7c83b7de2cea0.tar.bz2 gentoo-2-3d6051ebe1e205beaf4e668403f7c83b7de2cea0.zip | |
Add patches provided by upstream to fix a DoS (bug #175563)
(Portage version: 2.1.2.2)
Diffstat (limited to 'net-im/amsn')
| -rw-r--r-- | net-im/amsn/ChangeLog | 10 | ||||
| -rw-r--r-- | net-im/amsn/amsn-0.94.ebuild | 87 | ||||
| -rw-r--r-- | net-im/amsn/amsn-0.95-r4.ebuild | 71 | ||||
| -rw-r--r-- | net-im/amsn/amsn-0.96-r1.ebuild (renamed from net-im/amsn/amsn-0.96.ebuild) | 11 | ||||
| -rw-r--r-- | net-im/amsn/files/amsn-0.95-dos.patch | 103 | ||||
| -rw-r--r-- | net-im/amsn/files/amsn-0.96-dos.patch | 105 | ||||
| -rw-r--r-- | net-im/amsn/files/digest-amsn-0.94 | 3 | ||||
| -rw-r--r-- | net-im/amsn/files/digest-amsn-0.95-r4 | 3 | ||||
| -rw-r--r-- | net-im/amsn/files/digest-amsn-0.96-r1 (renamed from net-im/amsn/files/digest-amsn-0.96) | 0 |
9 files changed, 300 insertions, 93 deletions
diff --git a/net-im/amsn/ChangeLog b/net-im/amsn/ChangeLog index d8c3ce6cd1f7..0e26dc756dd2 100644 --- a/net-im/amsn/ChangeLog +++ b/net-im/amsn/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for net-im/amsn # Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-im/amsn/ChangeLog,v 1.63 2007/02/22 02:17:15 peper Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-im/amsn/ChangeLog,v 1.64 2007/04/23 18:13:40 tester Exp $ + +*amsn-0.96-r1 (23 Apr 2007) +*amsn-0.95-r4 (23 Apr 2007) + + 23 Apr 2007; <tester@gentoo.org> +files/amsn-0.95-dos.patch, + +files/amsn-0.96-dos.patch, -amsn-0.94.ebuild, +amsn-0.95-r4.ebuild, + -amsn-0.96.ebuild, +amsn-0.96-r1.ebuild: + Add patches provided by upstream to fix a DoS (bug #175563) 22 Feb 2007; Piotr Jaroszyński <peper@gentoo.org> ChangeLog: Transition to Manifest2. diff --git a/net-im/amsn/amsn-0.94.ebuild b/net-im/amsn/amsn-0.94.ebuild deleted file mode 100644 index 1835584c0d31..000000000000 --- a/net-im/amsn/amsn-0.94.ebuild +++ /dev/null @@ -1,87 +0,0 @@ -# Copyright 1999-2006 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-im/amsn/amsn-0.94.ebuild,v 1.11 2006/11/13 15:05:20 flameeyes Exp $ - -S="${WORKDIR}/${P/./_}" -DESCRIPTION="Alvaro's Messenger client for MSN" -SRC_URI="mirror://sourceforge/${PN}/${P/./_}.tar.gz" -HOMEPAGE="http://amsn.sourceforge.net" - -IUSE="gnome kde imlib" - -SLOT="0" -LICENSE="GPL-2" -KEYWORDS="alpha amd64 hppa ppc sparc x86" - - -DEPEND=">=dev-lang/tcl-8.3 - >=dev-lang/tk-8.3 - imlib? ( media-libs/imlib )" - -RDEPEND="${DEPEND} - dev-tcltk/tls - media-gfx/imagemagick" - -src_compile() { - - if use imlib - then - einfo "Compiling the freedesktop notification plugin" - cd ${S}/plugins/traydock - econf || die - make || die - fi -} - -src_install() { - dodir /usr/share/amsn/ - cp -pPR ${S}/* ${D}/usr/share/amsn/ - - # Remove all CVS extra stuff - # not here in this version - # find ${D} -type d -name CVS -exec rm -rf {} \; - - if use gnome - then - dodir /usr/share/applications - cp ${D}/usr/share/amsn/amsn.desktop ${D}/usr/share/applications - einfo "Installing GNOME Icons in /usr/share/pixmaps" - dodir /usr/share/pixmaps - cp -pPR ${S}/icons/32x32/* ${D}/usr/share/pixmaps/ - fi - - - if use kde - then - dodir /usr/share/applnk/Internet - cp ${D}/usr/share/amsn/amsn.desktop ${D}/usr/share/applnk/Internet/ - einfo "Installing KDE Icons in default theme" - dodir /usr/share/pixmaps - cp -pPR ${S}/icons/32x32/* ${D}/usr/share/pixmaps/ - fi - - if use imlib - then - einfo "Installing the freedesktop notification plugin" - dodir /usr/lib/amsn/plugins/traydock - mv ${D}/usr/share/amsn/plugins/traydock/libtray.so ${D}/usr/lib/amsn/plugins/traydock/ - rm -rf ${D}/usr/share/amsn/plugins/traydock/ - ln -s ../../../lib/amsn/plugins/traydock/ ${D}/usr/share/amsn/plugins/ - else - rm -rf ${D}/usr/share/amsn/plugins/traydock - fi - - rm -rf ${D}/usr/share/amsn/plugins/winflash - rm -rf ${D}/usr/share/amsn/plugins/QuickTimeTcl3.1 - rm -rf ${D}/usr/share/amsn/plugins/applescript - rm -rf ${D}/usr/share/amsn/plugins/tclCarbonNotification - rm -rf ${D}/usr/share/amsn/plugins/tclAE2.0 - rm -rf ${D}/usr/share/amsn/utils/ - - dodir /usr/bin/ - ln -s ../share/amsn/amsn ${D}/usr/bin/amsn - - cd ${D}/usr/share/amsn - dodoc TODO README FAQ CREDITS HELP - rm -f TODO -} diff --git a/net-im/amsn/amsn-0.95-r4.ebuild b/net-im/amsn/amsn-0.95-r4.ebuild new file mode 100644 index 000000000000..cba33d21eb0f --- /dev/null +++ b/net-im/amsn/amsn-0.95-r4.ebuild @@ -0,0 +1,71 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-im/amsn/amsn-0.95-r4.ebuild,v 1.1 2007/04/23 18:13:40 tester Exp $ + +inherit eutils fdo-mime + +MY_P=${P/_rc/RC} +S="${WORKDIR}/${MY_P}" + +DESCRIPTION="Alvaro's Messenger client for MSN" +SRC_URI="mirror://sourceforge/${PN}/${MY_P}.tar.bz2" +HOMEPAGE="http://amsn.sourceforge.net" + +RESTRICT="test" + +SLOT="0" +LICENSE="GPL-2" +KEYWORDS="~alpha ~amd64 ~hppa ~ppc ~sparc ~x86" +IUSE="" + +DEPEND=">=dev-lang/tcl-8.4 + >=dev-lang/tk-8.4 + >=dev-tcltk/tls-1.4.1" + +RDEPEND="${DEPEND}" + +src_unpack() { + unpack ${A} + + cd ${S} + epatch ${FILESDIR}/${P}-dos.patch +} + +src_install() { + dodir /usr/share/amsn/ + + sed -i -e 's:Icon=msn.png:Icon=amsn:' "${S}"/amsn.desktop + domenu amsn.desktop + + for res in 32 48 64 96 128; do + insinto /usr/share/icons/hicolor/${res}x${res}/apps + newins ${S}/icons/${res}x${res}/aMSN_${res}.png amsn.png + done + + insinto /usr/share/pixmaps + newins ${S}/icons/32x32/aMSN_32.png amsn.png + + dodoc AGREEMENT TODO README FAQ CREDITS docs/* + + rm -rf GNUGPL AGREEMENT TODO README FAQ CREDITS HELP amsn.desktop icons \ + utils/windows utils/macosx docs lang/LANG-HOWTO debian + + insinto /usr/share/amsn/ + insopts -m644 + doins -r "${S}"/* + + dosym ../share/amsn/amsn /usr/bin/amsn + dosym ../share/amsn/amsn-remote /usr/bin/amsn-remote + dosym ../share/amsn/amsn-remote-CLI /usr/bin/amsn-remote-CLI + chmod +x "${D}"/usr/share/amsn/amsn + chmod +x "${D}"/usr/share/amsn/amsn-remote + chmod +x "${D}"/usr/share/amsn/amsn-remote-CLI + +} + +pkg_postinst() { + fdo-mime_desktop_database_update + fdo-mime_mime_database_update + ewarn "You might have to remove ~/.amsn prior to running as user if amsn hangs on start-up." +} + diff --git a/net-im/amsn/amsn-0.96.ebuild b/net-im/amsn/amsn-0.96-r1.ebuild index b5aee73b73e9..705e99bda906 100644 --- a/net-im/amsn/amsn-0.96.ebuild +++ b/net-im/amsn/amsn-0.96-r1.ebuild @@ -1,6 +1,6 @@ -# Copyright 1999-2006 Gentoo Foundation +# Copyright 1999-2007 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-im/amsn/amsn-0.96.ebuild,v 1.3 2006/12/21 20:16:01 tester Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-im/amsn/amsn-0.96-r1.ebuild,v 1.1 2007/04/23 18:13:40 tester Exp $ inherit eutils fdo-mime gnome2-utils @@ -27,6 +27,13 @@ DEPEND=">=dev-lang/tcl-8.4 RDEPEND="${DEPEND}" +src_unpack() { + unpack ${A} + + cd ${S} + epatch ${FILESDIR}/${P}-dos.patch +} + src_install() { make rpm-install INSTALL_PREFIX=${D} diff --git a/net-im/amsn/files/amsn-0.95-dos.patch b/net-im/amsn/files/amsn-0.95-dos.patch new file mode 100644 index 000000000000..dfd211e99814 --- /dev/null +++ b/net-im/amsn/files/amsn-0.95-dos.patch @@ -0,0 +1,103 @@ +diff -u amsn-0.95_OLD/config.tcl amsn-0.95/config.tcl +--- amsn-0.95_OLD/config.tcl 2005-12-22 03:06:24.000000000 +0100 ++++ amsn-0.95/config.tcl 2007-04-23 19:37:54.000000000 +0200 +@@ -1324,7 +1324,12 @@ + while { $tries < 5 } { + set Port [GetRandomProfilePort] + status_log "LockProfile: Got random port $Port\n" blue +- if { [catch {socket -server lockSvrNew -myaddr localhost $Port} newlockSock] == 0 } { ++ if { [::config::getKey enableremote] == 1} { ++ set cmd "socket -server lockSvrNew $Port" ++ } else { ++ set cmd "socket -myaddr 127.0.0.1 -server lockSvrNew $Port" ++ } ++ if { [catch {eval $cmd} newlockSock] == 0 } { + # Got one + LoginList changelock 0 $email $Port + set lockSock $newlockSock +diff -u amsn-0.95_OLD/remote.tcl amsn-0.95/remote.tcl +--- amsn-0.95_OLD/remote.tcl 2005-12-22 03:06:24.000000000 +0100 ++++ amsn-0.95/remote.tcl 2007-04-23 19:40:41.000000000 +0200 +@@ -9,6 +9,7 @@ + set remote_auth 0 + set remote_sock_lock 0 + set remote_sock 0 ++ set remote_authtimer 0 + } + + proc remote_check_online { } { +@@ -20,6 +21,11 @@ + } + } + ++proc remote_touchauthtimer {} { ++ global remote_authtimer ++ set remote_authtimer 0 ++} ++ + namespace eval ::remote { + + # connect +@@ -235,6 +241,11 @@ + proc read_remote { command sock } { + global remote_auth remote_sock + ++ if { [::config::getKey enableremote] != 1} { ++ close $sock ++ return ++ } ++ + if { "$remote_sock" != "$sock" } { + set remote_temp_sock $remote_sock + init_remote $sock +@@ -247,6 +258,9 @@ + + + if {$command != ""} { ++ #AIM-FIX: Make command a real quoted list, or it will raise ++ #errors when containing braces ++ set command [split $command] + if { $remote_auth == 0 } { + authenticate "$command" "$sock" + } elseif { [catch {eval "::remote::$command" } res] } { +@@ -264,26 +278,27 @@ + } + + proc authenticate { command sock } { +- global remotemd5key remote_auth remote_sock_lock ++ global remotemd5key remote_auth remote_sock_lock remote_authtimer userchatto ++ ++ if {$remote_authtimer} { ++ close $sock ++ return ++ } + + if { $command == "auth" } { + set remotemd5key "[md5keygen]" + write_remote "auth $remotemd5key" + } elseif { [lindex $command 0] == "auth2" && [info exists remotemd5key] } { + if { "[lindex $command 1]" == "[::md5::hmac $remotemd5key [list [::config::getKey remotepassword]]]" } { +- if { [::config::getKey enableremote] == 1 } { +- set remote_auth 1 +- set remote_sock_lock $sock +- write_remote "Authentication successfull" +- } else { +- write_remote "User disabled remote control" +- } ++ set remote_auth 1 ++ set remote_sock_lock $sock ++ catch { unset userchatto } ++ write_remote "Authentication successfull" + } else { +- if { [::config::getKey enableremote] == 1 } { +- write_remote "Authentication failed" +- } else { +- write_remote "User disabled remote control" +- } ++ set remote_authtimer 1 ++ after 3000 [list remote_touchauthtimer] ++ vwait remote_authtimer ++ write_remote "Authentication failed" + } + unset remotemd5key + } else {
\ No newline at end of file diff --git a/net-im/amsn/files/amsn-0.96-dos.patch b/net-im/amsn/files/amsn-0.96-dos.patch new file mode 100644 index 000000000000..398248d29a92 --- /dev/null +++ b/net-im/amsn/files/amsn-0.96-dos.patch @@ -0,0 +1,105 @@ +diff -u amsn-0.96_OLD/config.tcl amsn-0.96/config.tcl +--- amsn-0.96_OLD/config.tcl 2006-09-06 19:08:18.000000000 +0200 ++++ amsn-0.96/config.tcl 2007-04-23 19:43:12.000000000 +0200 +@@ -1357,7 +1357,12 @@ + while { $tries < 5 } { + set Port [GetRandomProfilePort] + status_log "LockProfile: Got random port $Port\n" blue +- if { [catch {socket -server lockSvrNew $Port} newlockSock] == 0 } { ++ if { [::config::getKey enableremote] == 1} { ++ set cmd "socket -server lockSvrNew $Port" ++ } else { ++ set cmd "socket -myaddr 127.0.0.1 -server lockSvrNew $Port" ++ } ++ if { [catch {eval $cmd} newlockSock] == 0 } { + LoginList changelock 0 $email $Port + set lockSock $newlockSock + break +diff -u amsn-0.96_OLD/remote.tcl amsn-0.96/remote.tcl +--- amsn-0.96_OLD/remote.tcl 2006-10-08 05:13:58.000000000 +0200 ++++ amsn-0.96/remote.tcl 2007-04-23 19:50:30.000000000 +0200 +@@ -9,6 +9,7 @@ + set remote_auth 0 + set remote_sock_lock 0 + set remote_sock 0 ++ set remote_authtimer 0 + } + + proc remote_check_online { } { +@@ -20,6 +21,11 @@ + } + } + ++proc remote_touchauthtimer {} { ++ global remote_authtimer ++ set remote_authtimer 0 ++} ++ + namespace eval ::remote { + + # connect +@@ -240,6 +246,11 @@ + proc read_remote { command sock } { + global remote_auth remote_sock + ++ if { [::config::getKey enableremote] != 1} { ++ close $sock ++ return ++ } ++ + if { "$remote_sock" != "$sock" } { + set remote_temp_sock $remote_sock + init_remote $sock +@@ -252,6 +263,9 @@ + + + if {$command != ""} { ++ #AIM-FIX: Make command a real quoted list, or it will raise ++ #errors when containing braces ++ set command [split $command] + if { $remote_auth == 0 } { + authenticate "$command" "$sock" + } elseif { [catch {eval "::remote::$command" } res] } { +@@ -269,28 +283,28 @@ + } + + proc authenticate { command sock } { +- global remotemd5key remote_auth remote_sock_lock ++ global remotemd5key remote_auth remote_sock_lock remote_authtimer + global userchatto + ++ if {$remote_authtimer} { ++ close $sock ++ return ++ } ++ + if { $command == "auth" } { + set remotemd5key "[md5keygen]" + write_remote "auth $remotemd5key" + } elseif { [lindex $command 0] == "auth2" && [info exists remotemd5key] } { + if { "[lindex $command 1]" == "[::md5::hmac $remotemd5key [list [::config::getKey remotepassword]]]" } { +- if { [::config::getKey enableremote] == 1 } { +- set remote_auth 1 +- set remote_sock_lock $sock +- catch { unset userchatto } +- write_remote "Authentication successfull" +- } else { +- write_remote "User disabled remote control" +- } ++ set remote_auth 1 ++ set remote_sock_lock $sock ++ catch { unset userchatto } ++ write_remote "Authentication successfull" + } else { +- if { [::config::getKey enableremote] == 1 } { +- write_remote "Authentication failed" +- } else { +- write_remote "User disabled remote control" +- } ++ set remote_authtimer 1 ++ after 3000 [list remote_touchauthtimer] ++ vwait remote_authtimer ++ write_remote "Authentication failed" + } + unset remotemd5key + } else {
\ No newline at end of file diff --git a/net-im/amsn/files/digest-amsn-0.94 b/net-im/amsn/files/digest-amsn-0.94 deleted file mode 100644 index 434a1a722cd6..000000000000 --- a/net-im/amsn/files/digest-amsn-0.94 +++ /dev/null @@ -1,3 +0,0 @@ -MD5 7b7db9225342bb6c59b873ec90882e22 amsn-0_94.tar.gz 2293874 -RMD160 184a5fd1ff08e02420a5e85a96b58be39f64c796 amsn-0_94.tar.gz 2293874 -SHA256 a30df92d1f13ecd790cd77c4699c427b094df62bf7011e743cdd8198a265738c amsn-0_94.tar.gz 2293874 diff --git a/net-im/amsn/files/digest-amsn-0.95-r4 b/net-im/amsn/files/digest-amsn-0.95-r4 new file mode 100644 index 000000000000..5c826108199f --- /dev/null +++ b/net-im/amsn/files/digest-amsn-0.95-r4 @@ -0,0 +1,3 @@ +MD5 d0ea6e858601133c5abbfbbb5c84c8da amsn-0.95.tar.bz2 4460547 +RMD160 7729b10907292eb413d1f5a6488c506f38599173 amsn-0.95.tar.bz2 4460547 +SHA256 3ded8ea3f5e6570f643d9036d3ffdf3104ab4bab2973ee0ccf933e332d8d46ba amsn-0.95.tar.bz2 4460547 diff --git a/net-im/amsn/files/digest-amsn-0.96 b/net-im/amsn/files/digest-amsn-0.96-r1 index 5c0e08b2b66d..5c0e08b2b66d 100644 --- a/net-im/amsn/files/digest-amsn-0.96 +++ b/net-im/amsn/files/digest-amsn-0.96-r1 |