diff options
author | Aaron Walker <ka0ttic@gentoo.org> | 2005-10-27 12:34:09 +0000 |
---|---|---|
committer | Aaron Walker <ka0ttic@gentoo.org> | 2005-10-27 12:34:09 +0000 |
commit | cee49ce7ff61b02cb005c183a57a8cdb64c73ec9 (patch) | |
tree | d0fa275b42d71f728378ba56578ce2afa3515fe6 /net-analyzer | |
parent | Marked stable on x86. (diff) | |
download | historical-cee49ce7ff61b02cb005c183a57a8cdb64c73ec9.tar.gz historical-cee49ce7ff61b02cb005c183a57a8cdb64c73ec9.tar.bz2 historical-cee49ce7ff61b02cb005c183a57a8cdb64c73ec9.zip |
Revision bump; added patch from bug #109348 that fixes a DoS (CVE-2005-3313).
Package-Manager: portage-2.0.53_rc6
Diffstat (limited to 'net-analyzer')
-rw-r--r-- | net-analyzer/ethereal/ChangeLog | 9 | ||||
-rw-r--r-- | net-analyzer/ethereal/Manifest | 17 | ||||
-rw-r--r-- | net-analyzer/ethereal/ethereal-0.10.13-r1.ebuild | 112 | ||||
-rw-r--r-- | net-analyzer/ethereal/files/digest-ethereal-0.10.13-r1 | 1 | ||||
-rw-r--r-- | net-analyzer/ethereal/files/ethereal-0.10.13-fix-irc-loop-DoS-CVE-2005-3313.diff | 20 |
5 files changed, 151 insertions, 8 deletions
diff --git a/net-analyzer/ethereal/ChangeLog b/net-analyzer/ethereal/ChangeLog index bd01435d7b68..f8f05c951743 100644 --- a/net-analyzer/ethereal/ChangeLog +++ b/net-analyzer/ethereal/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for net-analyzer/ethereal # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ethereal/ChangeLog,v 1.143 2005/10/24 23:28:23 yoswink Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ethereal/ChangeLog,v 1.144 2005/10/27 12:34:09 ka0ttic Exp $ + +*ethereal-0.10.13-r1 (27 Oct 2005) + + 27 Oct 2005; Aaron Walker <ka0ttic@gentoo.org> + +files/ethereal-0.10.13-fix-irc-loop-DoS-CVE-2005-3313.diff, + +ethereal-0.10.13-r1.ebuild: + Revision bump; added patch from bug #109348 that fixes a DoS (CVE-2005-3313). 24 Oct 2005; Jose Luis Rivero <yoswink@gentoo.org> ethereal-0.10.13.ebuild: diff --git a/net-analyzer/ethereal/Manifest b/net-analyzer/ethereal/Manifest index 114abe52cdac..eb30a4d54cc9 100644 --- a/net-analyzer/ethereal/Manifest +++ b/net-analyzer/ethereal/Manifest @@ -1,17 +1,20 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -MD5 826c74670c9b90a8c55077f5199bcac0 ethereal-0.10.13.ebuild 3361 +MD5 14a28642f7b731d1082f30d85df80786 ChangeLog 12001 MD5 f8df469837b3a964d556a54c89c4dd7e ethereal-0.10.12.ebuild 3472 -MD5 94c2612227acf6e9d1bb1d6dfa8239fb ChangeLog 11741 -MD5 17a9be2cf8cb9f24e7e5b398392483b4 metadata.xml 224 +MD5 30c5563e8a9280159059ebda57e6d3f2 ethereal-0.10.13-r1.ebuild 3470 +MD5 826c74670c9b90a8c55077f5199bcac0 ethereal-0.10.13.ebuild 3361 MD5 34bd8a0285aea402be479f40304aa947 files/digest-ethereal-0.10.12 70 MD5 ce9e77144029b2f1104aa92c1927f4e9 files/digest-ethereal-0.10.13 70 +MD5 ce9e77144029b2f1104aa92c1927f4e9 files/digest-ethereal-0.10.13-r1 70 MD5 e37a324c1e08bfd08a70fd5958dadeb4 files/ethereal-0.10.12-fix-encrypted-conflict.diff 2838 +MD5 e58b082ef143490cd14bbd423d5e7f4d files/ethereal-0.10.13-fix-irc-loop-DoS-CVE-2005-3313.diff 612 +MD5 17a9be2cf8cb9f24e7e5b398392483b4 metadata.xml 224 -----BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.1 (GNU/Linux) +Version: GnuPG v1.4.2 (GNU/Linux) -iD8DBQFDXW4/3og80iZgVQgRApxaAKCBTF8iqCPt9TfbnnlOYsUjOBNH/wCfcU+v -1vdWUDzrdQJ4yeZ6Gp6p+wA= -=omti +iD8DBQFDYMlZEZCkKN40op4RAiurAJ4locw+NTYkStenBtcsBpWIBFcfEQCgn29t +IUiIO8rYes8FPYSyyzjJ9Mo= +=a7zO -----END PGP SIGNATURE----- diff --git a/net-analyzer/ethereal/ethereal-0.10.13-r1.ebuild b/net-analyzer/ethereal/ethereal-0.10.13-r1.ebuild new file mode 100644 index 000000000000..af6d76e9921c --- /dev/null +++ b/net-analyzer/ethereal/ethereal-0.10.13-r1.ebuild @@ -0,0 +1,112 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ethereal/ethereal-0.10.13-r1.ebuild,v 1.1 2005/10/27 12:34:09 ka0ttic Exp $ + +inherit libtool flag-o-matic eutils + +DESCRIPTION="A commercial-quality network protocol analyzer" +HOMEPAGE="http://www.ethereal.com/" +#SRC_URI="http://www.ethereal.com/distribution/${P}.tar.bz2" +SRC_URI="mirror://gentoo/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~ia64 ~ppc ~ppc64 ~sparc ~x86" +IUSE="adns gtk ipv6 snmp ssl kerberos" + +RDEPEND=">=sys-libs/zlib-1.1.4 + snmp? ( >=net-analyzer/net-snmp-5.1.1 ) + >=dev-util/pkgconfig-0.15.0 + gtk? ( >=dev-libs/glib-2.0.4 + =x11-libs/gtk+-2* + x11-libs/pango + dev-libs/atk ) + !gtk? ( =dev-libs/glib-1.2* ) + ssl? ( >=dev-libs/openssl-0.9.6e ) + virtual/libpcap + >=dev-libs/libpcre-4.2 + adns? ( net-libs/adns ) + kerberos? ( virtual/krb5 )" + +DEPEND="${RDEPEND} + dev-lang/perl + sys-devel/bison + sys-devel/flex + sys-apps/sed" + +src_unpack() { + unpack ${A} + cd ${S} + epatch ${FILESDIR}/${P}-fix-irc-loop-DoS-CVE-2005-3313.diff +} + +src_compile() { + + replace-flags -O? -O + + # Fix gcc-3.4 segfault #49238 + #[ "`gcc-version`" == "3.4" ] && append-flags -fno-unroll-loops + + local myconf + + if use gtk; then + einfo "Building with gtk support" + else + einfo "Building without gtk support" + myconf="${myconf} --disable-ethereal" + # the asn1 plugin needs gtk + sed -i -e '/plugins.asn1/d' Makefile.in || die "sed failed" + sed -i -e '/^SUBDIRS/s/asn1//' plugins/Makefile.in || die "sed failed" + fi + + econf \ + $(use_with ssl) \ + $(use_enable ipv6) \ + $(use_with adns) \ + $(use_with kerberos krb5) \ + $(use_with snmp net-snmp) \ + $(use_enable gtk gtk2) \ + --without-ucd-snmp \ + --enable-dftest \ + --enable-randpkt \ + --sysconfdir=/etc/ethereal \ + --enable-editcap \ + --enable-capinfos \ + --enable-text2pcap \ + --enable-dftest \ + --enable-randpkt \ + ${myconf} || die "bad ./configure" + + # fixes an access violation caused by libnetsnmp - see bug 79068 + use snmp && export MIBDIRS="${D}/usr/share/snmp/mibs" + + emake || die "compile problem" +} + +src_install() { + dodir /usr/lib/ethereal/plugins/${PV} + make DESTDIR="${D}" install || die + + dodoc AUTHORS ChangeLog INSTALL.* NEWS README* + + insinto /usr/share/icons/hicolor/16x16/apps + newins "${S}"/image/hi16-app-ethereal.png ethereal.png + insinto /usr/share/icons/hicolor/32x32/apps + newins "${S}"/image/hi32-app-ethereal.png ethereal.png + insinto /usr/share/icons/hicolor/48x48/apps + newins "${S}"/image/hi48-app-ethereal.png ethereal.png + make_desktop_entry ethereal "Ethereal" ethereal +} + +pkg_postinst() { + ewarn "Due to a history of security flaws in this piece of software, it may contain more flaws." + ewarn "To protect yourself against malicious damage due to potential flaws in this product we recommend" + ewarn "you take the following security precautions when running ethereal in an untrusted environment:" + ewarn "do no run any longer than you need to;" + ewarn "use in a root jail - prefereably one that has been hardened with grsec like rootjail protections;" + ewarn "use a hardened operating system;" + ewarn "do not listen to addition interfaces;" + ewarn "if possible, run behind a firewall;" + ewarn "take a capture with tcpdump and analyze the contents offline running ethereal as a the least privileged user;" + ewarn "and subscribe to ethereal's announce list to be notified of newly discovered vulnerabilities." +} diff --git a/net-analyzer/ethereal/files/digest-ethereal-0.10.13-r1 b/net-analyzer/ethereal/files/digest-ethereal-0.10.13-r1 new file mode 100644 index 000000000000..5048d2238514 --- /dev/null +++ b/net-analyzer/ethereal/files/digest-ethereal-0.10.13-r1 @@ -0,0 +1 @@ +MD5 9998cb4907a70925d33292bae89530d4 ethereal-0.10.13.tar.gz 10213459 diff --git a/net-analyzer/ethereal/files/ethereal-0.10.13-fix-irc-loop-DoS-CVE-2005-3313.diff b/net-analyzer/ethereal/files/ethereal-0.10.13-fix-irc-loop-DoS-CVE-2005-3313.diff new file mode 100644 index 000000000000..fe5f879c82e8 --- /dev/null +++ b/net-analyzer/ethereal/files/ethereal-0.10.13-fix-irc-loop-DoS-CVE-2005-3313.diff @@ -0,0 +1,20 @@ +--- trunk/epan/dissectors/packet-irc.c 2005/09/23 21:33:02 15985 ++++ trunk/epan/dissectors/packet-irc.c 2005/10/24 02:35:43 16290 +@@ -86,6 +86,17 @@ + * Find the end of the line. + */ + linelen = tvb_find_line_end(tvb, offset, -1, &next_offset, FALSE); ++ if (next_offset == offset) { ++ /* ++ * XXX - we really want the "show data a ++ * line at a time" loops in various ++ * dissectors to do reassembly and to ++ * throw an exception if there's no ++ * line ending in the current packet ++ * and we're not doing reassembly. ++ */ ++ break; ++ } + + if (linelen != 0) + { |