Fix three format security bugs (already fixed upstream, bug #520562).

Package-Manager: portage-2.2.12/cvs/Linux x86_64 Manifest-Sign-Key: 0xA792A613
author: Jeroen Roovers <jer@gentoo.org> 2014-08-22 16:10:03 +0000
committer: Jeroen Roovers <jer@gentoo.org> 2014-08-22 16:10:03 +0000
commit: 39b5545570d7567c77c4344881c2224e7663eda6 (patch)
tree: c0164216a495024c7f567f6b3413ca02109a6ece /net-analyzer/iptraf-ng
parent: bumped EAPI to 5; committed directly to stable as no other changes present an... (diff)
download: historical-39b5545570d7567c77c4344881c2224e7663eda6.tar.gz
historical-39b5545570d7567c77c4344881c2224e7663eda6.tar.bz2
historical-39b5545570d7567c77c4344881c2224e7663eda6.zip
5 files changed, 112 insertions, 6 deletions
diff --git a/net-analyzer/iptraf-ng/ChangeLog b/net-analyzer/iptraf-ng/ChangeLog
index f9bf10fb1857..c148ab30c2b1 100644
--- a/net-analyzer/iptraf-ng/ChangeLog
+++ b/net-analyzer/iptraf-ng/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for net-analyzer/iptraf-ng
 # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/iptraf-ng/ChangeLog,v 1.78 2014/05/06 16:37:23 jer Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/iptraf-ng/ChangeLog,v 1.79 2014/08/22 16:10:02 jer Exp $
+
+*iptraf-ng-1.1.4-r2 (22 Aug 2014)
+
+  22 Aug 2014; Jeroen Roovers <jer@gentoo.org> +iptraf-ng-1.1.4-r2.ebuild,
+  +files/iptraf-ng-1.1.4-printf-format.patch,
+  +files/iptraf-ng-1.1.4-sprintf-format.patch:
+  Fix three format security bugs (already fixed upstream, bug #520562).
 
   06 May 2014; Jeroen Roovers <jer@gentoo.org> -iptraf-ng-1.1.3.1-r2.ebuild,
   -files/iptraf-ng-1.1.3.1-kernel-v3.5-kill-off-token-ring-support.patch:
diff --git a/net-analyzer/iptraf-ng/Manifest b/net-analyzer/iptraf-ng/Manifest
index 643d157b5b61..7f61f97ab34a 100644
--- a/net-analyzer/iptraf-ng/Manifest
+++ b/net-analyzer/iptraf-ng/Manifest
@@ -1,16 +1,19 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA256
 
+AUX iptraf-ng-1.1.4-printf-format.patch 284 SHA256 b9d988ea503c4ea3b14fcdd0761914748d777056549ecc28c90954645d52a178 SHA512 d4b566bfa724209c920b688e3b51c722d05c6e63929d5338ee8dcfa978e0e0ff4ee8dd5e2d5f8a70afe317e2c379171fd28c7d7446a7b24b1efe17f525a5dad1 WHIRLPOOL 0a579a9bd87e4b1c4efe29b9dc8da5dca49df1381e32419a7f5269ce5af708843500c38c4c52729197022217b9751bd8950881b0943091de2c596de0ba49a90f
+AUX iptraf-ng-1.1.4-sprintf-format.patch 551 SHA256 166ec9d6f5f18355c9606f7e3758f114e40a8c3eef8427bbe53de69729a4306a SHA512 d3c49119f1ea5a3664e85b06e949bf574da3a000dcc9a3dcee92ae3d19e6a55a32031dacc4b759e3c63d85100129bb70ad58cbda7e45386da4b1660224198029 WHIRLPOOL 0c3e7d7cdb67a5d2712ceff06d62ca564ed52a95541e31029d69b6c4cb056cee4d940827fa6c5361c90dcc3dd45e0cbf248c3f79890118d0c92370ff99fea587
 AUX iptraf-ng-1.1.4-tcplog_flowrate_msg.patch 330 SHA256 e9c9057612bca5b793ea12a271aabedba7185975edfd5571b9a2a664e31ed236 SHA512 4b0c318ad245a82bb44243e23322f3d71ef4af9b4c86c95911e4da1e8145418ac7b9ee76c7d33bdf05c1189ec782443382de773e228c76f179fab87d5e897ec6 WHIRLPOOL e93af74b32ab84ac2b3e8b23c63591819e3bfa5c4f21a39989fb93f84280015eebb5e76363e1cdb63ccd38db9be26ab12b52f951d93fa76c33cf2a163c7af924
 DIST iptraf-ng-1.1.4.tar.gz 583306 SHA256 79140cf07c0cceb1b5723242847a73aa86f5e4f9dccfe8970fda6801d347eb09 SHA512 8cafb0000cec75eb4071156a9e9350ffe6de99cb6386e8f50d05337113872ee50082a30009d85faa02d83633a8e727039791332d600654321b95ca6cfc881774 WHIRLPOOL 442b6091c818f81a4db98999e7a6f0b9a1b58271c49c5758c70fd97c98c8b28c2f83e2824fb5ef434610f117ff071d5cc7335ea5cc01cbb384725018e9781d5d
 EBUILD iptraf-ng-1.1.4-r1.ebuild 1451 SHA256 6bcc20343da63952803c99ffbe9ac2e4dc191b5ef39a6f75f7cdfc2e739d3502 SHA512 9bb891cca1d132e9f4303700e214eb1c7d13fc4ea41b1c5287daa78683ef73e81120bfa4b9830f8da0fef3bc15af207e9fb9f3a22c427367f58e61abaa3880d5 WHIRLPOOL 08832af4bd2a0894137c9ecc307375f3cc776447fd1696add0f8697ea50837882792b6efaf64ce1bf2dff9dfd45f8ee5cc4cdb0444e0551c4477eda065d0deaa
+EBUILD iptraf-ng-1.1.4-r2.ebuild 1551 SHA256 6fa2eef183c71abb54cd8050d6a22ebacf2db9565145fd61d27113fc84667857 SHA512 b7647dd6f179714ac8b0551c54ca21c91db612428f28e7a3992f2fb54354e15900795eb394ab7c6bcccdbaa8b4fd1a03d92632e497a6e5ed253378c5bb52586f WHIRLPOOL 5b35faed67f7a7015b340b77002966eae43fe672fb8fcaf6cd76889c5cae803da0910538d37e7946789edaecc5ec787a88251d29128cbedad7795cbbee1557e2
 EBUILD iptraf-ng-9999.ebuild 1317 SHA256 1c005d0105367e899833811a0cd255cf09399ef4a2122ff1bf126699d6499d4f SHA512 00517b167123e8b6d82ec25a8db88638971948d95ef241f21a629865f5a190ff8250328a5081b1f12b2446636336ffd76d62031ecbfbc7ac0b5c2e9aada44295 WHIRLPOOL 5cba60d70b45d2b94ca371c314615381a2c45e0b508a28b8908cf762267a2a8dcbde12600bddabd9499e8eaa1bee77b345837b0804a616ae9447de61b3c3fd88
-MISC ChangeLog 9937 SHA256 0cba226fe4a8ef9349a0be54c18f84d05e726a8ba96dfdc636905e158b4aa9c4 SHA512 70e57b5cab63cd169a60c184baedf8a596f7bb20a7d0d3e863b23a8cc076bc3da205871c5970c69fe122cb1612c2e2d15c8c20e3fa3b182919842a9082bd8a8e WHIRLPOOL 31edce012052939cee3e7324909ea6385b55b48e73d4f1df867a7a3f9f9e54f43b2606054cb02a99bfda09c60135a93f22a768c3707e54a7eb2feee331cfb505
+MISC ChangeLog 10213 SHA256 04a636f38ac9b04b237cfbade59a0063ddc5cee5373fb41c82c2d44f2c85313b SHA512 fff884c19bc848878b119ea9cd9fad13674fadd9a50f924b03bf885476fdfeed3081503ca14bc510fa92b92a4e648d15d1784706c1f47b45818ac60d0fd70d2b WHIRLPOOL 5b108bcb5773ea11d05c43bb5ae3d972fdde62284b2c960c17994d1d1fc77bc2d46d6afd0d01eb38b446c12b4de0a445520d1105a74eb7a36930ba786af8c155
 MISC metadata.xml 259 SHA256 c1a418dd2aecd1f45aab6255aa581e7ad597001a2d3ada0928dc46820ebb93e7 SHA512 6ceb8a5bc92f0a423befc3485e83cc76d8ab8679fd3db75427ffd9a7c3c99374fb1586c96529339f133797b1fb6efad710c2ab1b2fbd2cd6dd930fcbff569a1a WHIRLPOOL 06d118cb1f3bcbbc2685f71b6ef4fcf0ea7bb8d6a6e5408f0f6b00fd0e82519abffe989e234faeb5789f7a956d129f7c16759f04e41e21062fa6da69cd5f4c02
 -----BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.22 (GNU/Linux)
+Version: GnuPG v2
 
-iEYEAREIAAYFAlNpD8QACgkQVWmRsqeSphOvqwCfd1JhidMApA2DCnn7SY309pmd
-dt4AmgImNB0RvsDH0L8bTXCCm9jR/Bss
-=x+U6
+iEYEAREIAAYFAlP3a1sACgkQVWmRsqeSphNn0QCbBMO9pHh24NtYh7TvZ8pUj7Fs
+RjcAn0/JScTYurIvO46yVDHL4DSnpd4k
+=60En
 -----END PGP SIGNATURE-----
diff --git a/net-analyzer/iptraf-ng/files/iptraf-ng-1.1.4-printf-format.patch b/net-analyzer/iptraf-ng/files/iptraf-ng-1.1.4-printf-format.patch
new file mode 100644
index 000000000000..6bad736e2e44
--- /dev/null
+++ b/net-analyzer/iptraf-ng/files/iptraf-ng-1.1.4-printf-format.patch
@@ -0,0 +1,11 @@
+--- a/src/ipfilter.c
++++ b/src/ipfilter.c
+@@ -146,7 +146,7 @@
+ 				snprintf(msgstr, 60,
+ 					 "Invalid protocol input at or near token \"%s\"",
+ 					 bptr);
+-				tui_error(ANYKEY_MSG, msgstr);
++				tui_error(ANYKEY_MSG, "%s", msgstr);
+ 				doagain = 1;
+ 			} else
+ 				doagain = 0;
diff --git a/net-analyzer/iptraf-ng/files/iptraf-ng-1.1.4-sprintf-format.patch b/net-analyzer/iptraf-ng/files/iptraf-ng-1.1.4-sprintf-format.patch
new file mode 100644
index 000000000000..96f252895cb2
--- /dev/null
+++ b/net-analyzer/iptraf-ng/files/iptraf-ng-1.1.4-sprintf-format.patch
@@ -0,0 +1,20 @@
+--- a/src/othptab.c
++++ b/src/othptab.c
+@@ -410,7 +410,7 @@
+ 				break;
+ 			}
+ 
+-			sprintf(scratchpad, rarp_mac_addr);
++			sprintf(scratchpad, "%s", rarp_mac_addr);
+ 			strcat(msgstring, scratchpad);
+ 			wattrset(table->othpwin, ARPATTR);
+ 			break;
+@@ -485,7 +485,7 @@
+ 		wattrset(table->othpwin, UNKNIPATTR);
+ 		protptr = getprotobynumber(entry->protocol);
+ 		if (protptr != NULL) {
+-			sprintf(protname, protptr->p_aliases[0]);
++			sprintf(protname, "%s", protptr->p_aliases[0]);
+ 		} else {
+ 			sprintf(protname, "IP protocol");
+ 			unknown = 1;
diff --git a/net-analyzer/iptraf-ng/iptraf-ng-1.1.4-r2.ebuild b/net-analyzer/iptraf-ng/iptraf-ng-1.1.4-r2.ebuild
new file mode 100644
index 000000000000..b0583a4d562f
--- /dev/null
+++ b/net-analyzer/iptraf-ng/iptraf-ng-1.1.4-r2.ebuild
@@ -0,0 +1,65 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/iptraf-ng/iptraf-ng-1.1.4-r2.ebuild,v 1.1 2014/08/22 16:10:02 jer Exp $
+
+EAPI=5
+inherit eutils toolchain-funcs
+
+DESCRIPTION="A console-based network monitoring utility"
+HOMEPAGE="http://fedorahosted.org/iptraf-ng/"
+SRC_URI="http://fedorahosted.org/releases/${PN:0:1}/${PN:1:1}/${PN}/${P}.tar.gz"
+
+LICENSE="GPL-2 doc? ( FDL-1.1 )"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+IUSE="doc"
+
+RESTRICT="test"
+
+RDEPEND="
+	>=sys-libs/ncurses-5.7-r7
+"
+DEPEND="
+	${RDEPEND}
+	virtual/os-headers
+	!net-analyzer/iptraf
+"
+
+src_prepare() {
+	sed -i \
+		-e '/^CC =/d' \
+		-e '/^CFLAGS/s:= -g -O2:+= :' \
+		-e '/^LDFLAGS =/d' \
+		-e 's|$(QUIET_[[:alpha:]]*)||g' \
+		Makefile || die
+	sed -i \
+		-e 's|IPTRAF|&-NG|g' \
+		-e 's|IPTraf|&-NG|g' \
+		-e 's|iptraf|&-ng|g' \
+		-e 's|rvnamed|&-ng|g' \
+		-e 's|RVNAMED|&-NG|g' \
+		src/*.8 || die
+
+	epatch "${FILESDIR}"/${P}-tcplog_flowrate_msg.patch
+	epatch "${FILESDIR}"/${P}-printf-format.patch
+	epatch "${FILESDIR}"/${P}-sprintf-format.patch
+}
+
+# configure does not do very much we do not already control
+src_configure() { :; }
+
+src_compile() {
+	tc-export CC
+	CFLAGS+=' -DLOCKDIR=\"/run/lock/iptraf-ng\"'
+	default
+}
+
+src_install() {
+	dosbin {iptraf,rvnamed}-ng
+
+	doman src/*.8
+	dodoc AUTHORS CHANGES FAQ README* RELEASE-NOTES
+	use doc && dohtml -a gif,html,png -r Documentation/*
+
+	keepdir /var/{lib,log}/iptraf-ng #376157
+}
author	Jeroen Roovers <jer@gentoo.org>	2014-08-22 16:10:03 +0000
committer	Jeroen Roovers <jer@gentoo.org>	2014-08-22 16:10:03 +0000
commit	39b5545570d7567c77c4344881c2224e7663eda6 (patch)
tree	c0164216a495024c7f567f6b3413ca02109a6ece /net-analyzer/iptraf-ng
parent	bumped EAPI to 5; committed directly to stable as no other changes present an... (diff)
download	historical-39b5545570d7567c77c4344881c2224e7663eda6.tar.gz historical-39b5545570d7567c77c4344881c2224e7663eda6.tar.bz2 historical-39b5545570d7567c77c4344881c2224e7663eda6.zip