diff options
author | 2005-07-10 10:02:13 +0000 | |
---|---|---|
committer | 2005-07-10 10:02:13 +0000 | |
commit | 922e0b7711be53947cfd44e99552fcf033808744 (patch) | |
tree | e13e50bcf44cc30c494aa16524f175c294651a84 /net-misc/dhcpcd | |
parent | New version (#95070). (diff) | |
download | historical-922e0b7711be53947cfd44e99552fcf033808744.tar.gz historical-922e0b7711be53947cfd44e99552fcf033808744.tar.bz2 historical-922e0b7711be53947cfd44e99552fcf033808744.zip |
Fixed a potential security hole #98394
Taken from the Debian patchset by Simon Kelly
Punted old ebuilds. r5 becomes r11, r10 becomes r12 - both have fix
Package-Manager: portage-2.0.51.22-r1
Diffstat (limited to 'net-misc/dhcpcd')
-rw-r--r-- | net-misc/dhcpcd/ChangeLog | 13 | ||||
-rw-r--r-- | net-misc/dhcpcd/Manifest | 31 | ||||
-rw-r--r-- | net-misc/dhcpcd/dhcpcd-1.3.22_p4-r11.ebuild (renamed from net-misc/dhcpcd/dhcpcd-1.3.22_p4-r5.ebuild) | 8 | ||||
-rw-r--r-- | net-misc/dhcpcd/dhcpcd-1.3.22_p4-r12.ebuild (renamed from net-misc/dhcpcd/dhcpcd-1.3.22_p4-r10.ebuild) | 5 | ||||
-rw-r--r-- | net-misc/dhcpcd/dhcpcd-1.3.22_p4-r7.ebuild | 59 | ||||
-rw-r--r-- | net-misc/dhcpcd/dhcpcd-1.3.22_p4-r9.ebuild | 70 | ||||
-rw-r--r-- | net-misc/dhcpcd/files/dhcpcd-1.3.22_p4-security.patch | 11 | ||||
-rw-r--r-- | net-misc/dhcpcd/files/digest-dhcpcd-1.3.22_p4-r11 (renamed from net-misc/dhcpcd/files/digest-dhcpcd-1.3.22_p4-r10) | 0 | ||||
-rw-r--r-- | net-misc/dhcpcd/files/digest-dhcpcd-1.3.22_p4-r12 (renamed from net-misc/dhcpcd/files/digest-dhcpcd-1.3.22_p4-r5) | 0 | ||||
-rw-r--r-- | net-misc/dhcpcd/files/digest-dhcpcd-1.3.22_p4-r7 | 3 | ||||
-rw-r--r-- | net-misc/dhcpcd/files/digest-dhcpcd-1.3.22_p4-r9 | 3 |
11 files changed, 42 insertions, 161 deletions
diff --git a/net-misc/dhcpcd/ChangeLog b/net-misc/dhcpcd/ChangeLog index e129a5ee4494..1ba8a4b59f83 100644 --- a/net-misc/dhcpcd/ChangeLog +++ b/net-misc/dhcpcd/ChangeLog @@ -1,6 +1,17 @@ # ChangeLog for net-misc/dhcpcd # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcpcd/ChangeLog,v 1.43 2005/06/03 09:02:54 uberlord Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcpcd/ChangeLog,v 1.44 2005/07/10 10:02:13 uberlord Exp $ + +*dhcpcd-1.3.22_p4-r11 (10 Jul 2005) + + 10 Jul 2005; Roy Marples <uberlord@gentoo.org> + +files/dhcpcd-1.3.22_p4-security.patch, -dhcpcd-1.3.22_p4-r5.ebuild, + +dhcpcd-1.3.22_p4-r12.ebuild, -dhcpcd-1.3.22_p4-r7.ebuild, + -dhcpcd-1.3.22_p4-r9.ebuild, -dhcpcd-1.3.22_p4-r10.ebuild, + +dhcpcd-1.3.22_p4-r11.ebuild: + Fixed a potential security hole #98394 + Taken from the Debian patchset by Simon Kelly + Punted old ebuilds. r5 becomes r11, r10 becomes r12 - both have fix *dhcpcd-1.3.22_p4-r10 (03 Jun 2005) diff --git a/net-misc/dhcpcd/Manifest b/net-misc/dhcpcd/Manifest index b6f2ba43a058..cf4ceee93005 100644 --- a/net-misc/dhcpcd/Manifest +++ b/net-misc/dhcpcd/Manifest @@ -1,25 +1,12 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - -MD5 1e047633de90aa61af62c58f294be932 dhcpcd-1.3.22_p4-r7.ebuild 1882 -MD5 72ed97191f3c741e2050bb69fc2edc55 dhcpcd-1.3.22_p4-r5.ebuild 1942 +MD5 357f1a4753ffe320e39130fc93fac6a6 ChangeLog 8167 MD5 6fe58567b648100d4ff11902921b6889 metadata.xml 165 -MD5 05d70c7a7a21bba5329fe95ee68563b1 dhcpcd-1.3.22_p4-r9.ebuild 2268 -MD5 dc297d271e31f9a14fbb470c8d525164 dhcpcd-1.3.22_p4-r10.ebuild 2757 -MD5 65bc509f0747725d7e0b55426f991c09 ChangeLog 7696 -MD5 f62309143521db696e2229fd34a43fed files/dhcpcd-1.3.22_p4-man.patch 243 -MD5 34b2bd2c58141701c8ba5279c6669e0c files/dhcpcd-1.3.22_p4-optionFQDN.patch 17381 -MD5 daaf0c8fa44a481c8943f585ff870714 files/digest-dhcpcd-1.3.22_p4-r7 224 -MD5 daaf0c8fa44a481c8943f585ff870714 files/digest-dhcpcd-1.3.22_p4-r5 224 +MD5 5e3e719d18a21fda83acfdfe451bbee2 dhcpcd-1.3.22_p4-r11.ebuild 2032 +MD5 1e416fa7f47ae134ef45e0c4eee4b425 dhcpcd-1.3.22_p4-r12.ebuild 2846 MD5 ad580fb02fc1fa72a24fb3c952491bce files/dhcpcd-1.3.22_p4-routemetric.patch 4652 -MD5 e5580d4472c718a772f6e1c700757968 files/dhcpcd-1.3.22_p4-no-iface-down.diff 2606 -MD5 daaf0c8fa44a481c8943f585ff870714 files/digest-dhcpcd-1.3.22_p4-r10 224 +MD5 daaf0c8fa44a481c8943f585ff870714 files/digest-dhcpcd-1.3.22_p4-r12 224 +MD5 e0bb9c921a368634a1e4f77c975c4726 files/dhcpcd-1.3.22_p4-security.patch 340 MD5 be85439617940623ae04f72797bbf3e4 files/dhcpcd-1.3.22_p4-gentoo-config.patch 11908 -MD5 daaf0c8fa44a481c8943f585ff870714 files/digest-dhcpcd-1.3.22_p4-r9 224 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.1 (GNU/Linux) - -iD8DBQFCxHYCgIKl8Uu19MoRAr7/AJwMyly6DjgMFTeAJOxxz7WpFh68cgCfU2U0 -TUj7dPvCLP+Kt32iXoU52RE= -=KO3L ------END PGP SIGNATURE----- +MD5 34b2bd2c58141701c8ba5279c6669e0c files/dhcpcd-1.3.22_p4-optionFQDN.patch 17381 +MD5 daaf0c8fa44a481c8943f585ff870714 files/digest-dhcpcd-1.3.22_p4-r11 224 +MD5 e5580d4472c718a772f6e1c700757968 files/dhcpcd-1.3.22_p4-no-iface-down.diff 2606 +MD5 f62309143521db696e2229fd34a43fed files/dhcpcd-1.3.22_p4-man.patch 243 diff --git a/net-misc/dhcpcd/dhcpcd-1.3.22_p4-r5.ebuild b/net-misc/dhcpcd/dhcpcd-1.3.22_p4-r11.ebuild index 05a06c5ee2d6..e9141c5a53bb 100644 --- a/net-misc/dhcpcd/dhcpcd-1.3.22_p4-r5.ebuild +++ b/net-misc/dhcpcd/dhcpcd-1.3.22_p4-r11.ebuild @@ -1,6 +1,6 @@ -# Copyright 1999-2004 Gentoo Foundation +# Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcpcd/dhcpcd-1.3.22_p4-r5.ebuild,v 1.13 2004/11/04 03:24:53 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcpcd/dhcpcd-1.3.22_p4-r11.ebuild,v 1.1 2005/07/10 10:02:13 uberlord Exp $ inherit gnuconfig flag-o-matic eutils @@ -38,6 +38,10 @@ src_unpack() { #to have physical iface scripts (gmsoft, 11 Nov 2003) epatch ${FILESDIR}/${P}-no-iface-down.diff #remove hard-coded arch stuff (drobbins, 06 Sep 2003) + + # Stop a possible DoS issue - fixes #98394 + epatch "${FILESDIR}"/${P}-security.patch + sed -i "s/ -march=i.86//g" configure sed -i 's:/etc/ntp\.drift:/var/lib/ntp/ntp.drift:' dhcpconfig.c } diff --git a/net-misc/dhcpcd/dhcpcd-1.3.22_p4-r10.ebuild b/net-misc/dhcpcd/dhcpcd-1.3.22_p4-r12.ebuild index 6bb843a27ab0..6fc1baabff59 100644 --- a/net-misc/dhcpcd/dhcpcd-1.3.22_p4-r10.ebuild +++ b/net-misc/dhcpcd/dhcpcd-1.3.22_p4-r12.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcpcd/dhcpcd-1.3.22_p4-r10.ebuild,v 1.2 2005/06/30 22:45:02 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcpcd/dhcpcd-1.3.22_p4-r12.ebuild,v 1.1 2005/07/10 10:02:13 uberlord Exp $ inherit flag-o-matic eutils @@ -54,6 +54,9 @@ src_unpack() { # creates {resolv,ntp,yp}.conf epatch "${FILESDIR}"/${P}-gentoo-config.patch + # Stop a possible DoS issue - fixes #98394 + epatch "${FILESDIR}"/${P}-security.patch + # Make sure we use paths from configure rather than hardcoded crap sed -i \ -e '/^mandir/s:=.*:=@mandir@:' \ diff --git a/net-misc/dhcpcd/dhcpcd-1.3.22_p4-r7.ebuild b/net-misc/dhcpcd/dhcpcd-1.3.22_p4-r7.ebuild deleted file mode 100644 index 99ff6e3fc43f..000000000000 --- a/net-misc/dhcpcd/dhcpcd-1.3.22_p4-r7.ebuild +++ /dev/null @@ -1,59 +0,0 @@ -# Copyright 1999-2004 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcpcd/dhcpcd-1.3.22_p4-r7.ebuild,v 1.1 2004/11/04 18:06:39 vapier Exp $ - -inherit gnuconfig flag-o-matic eutils - -DESCRIPTION="A dhcp client only" -HOMEPAGE="http://www.phystech.com/download/" -SRC_URI="ftp://ftp.phystech.com/pub/${P/_p/-pl}.tar.gz - http://dev.gentoo.org/~drobbins/${P}.diff.bz2 - http://dev.gentoo.org/~drobbins/${P}-keepCacheAndResolv.diff.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86" -IUSE="build static" - -DEPEND="virtual/libc" -PROVIDE="virtual/dhcpc" - -S=${WORKDIR}/${P/_p/-pl} - -src_unpack() { - unpack ${A} - gnuconfig_update - - cd ${S} - #Started working on this patch from an older version I found; then - #discovered that LFS had an updated one. We're using a patch that is - #identical to theirs. It makes dhcpcd FHS-compliant. (drobbins, 06 - #Sep 2003) - epatch ${DISTDIR}/${P}.diff.bz2 - #This next patch from Alwyn Schoeman <alwyn@smart.com.ph> is great; - #it adds a -z (shutdown, keep cache) and various other little tweaks. - #See http://bugs.gentoo.org/show_bug.cgi?id=23428 for more info. - epatch ${DISTDIR}/${P}-keepCacheAndResolv.diff.bz2 - #This patch remove the iface down instruction from dhcpcd allowing us - #to have physical iface scripts (gmsoft, 11 Nov 2003) - epatch ${FILESDIR}/${P}-no-iface-down.diff - #remove hard-coded arch stuff (drobbins, 06 Sep 2003) - sed -i "s/ -march=i.86//g" configure - sed -i 's:/etc/ntp\.drift:/var/lib/ntp/ntp.drift:' dhcpconfig.c -} - -src_compile() { - use static && append-flags -static - econf --prefix=/ || die - emake || die -} - -src_install() { - make install DESTDIR=${D} || die "Install failed" - rm -rf "${D}"/etc - if ! use build ; then - dodoc AUTHORS ChangeLog NEWS README - else - rm -rf ${D}/usr/share - fi -} diff --git a/net-misc/dhcpcd/dhcpcd-1.3.22_p4-r9.ebuild b/net-misc/dhcpcd/dhcpcd-1.3.22_p4-r9.ebuild deleted file mode 100644 index d769681e6385..000000000000 --- a/net-misc/dhcpcd/dhcpcd-1.3.22_p4-r9.ebuild +++ /dev/null @@ -1,70 +0,0 @@ -# Copyright 1999-2005 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/dhcpcd/dhcpcd-1.3.22_p4-r9.ebuild,v 1.1 2005/06/01 17:36:52 uberlord Exp $ - -inherit gnuconfig flag-o-matic eutils - -DESCRIPTION="A dhcp client only" -HOMEPAGE="http://www.phystech.com/download/" -SRC_URI="ftp://ftp.phystech.com/pub/${P/_p/-pl}.tar.gz - http://dev.gentoo.org/~drobbins/${P}.diff.bz2 - http://dev.gentoo.org/~drobbins/${P}-keepCacheAndResolv.diff.bz2" - -LICENSE="GPL-2" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86" -IUSE="build static" - -DEPEND="virtual/libc" -PROVIDE="virtual/dhcpc" - -S="${WORKDIR}/${P/_p/-pl}" - -src_unpack() { - unpack ${A} - gnuconfig_update - - cd "${S}" - #Started working on this patch from an older version I found; then - #discovered that LFS had an updated one. We're using a patch that is - #identical to theirs. It makes dhcpcd FHS-compliant. (drobbins, 06 - #Sep 2003) - epatch "${DISTDIR}"/${P}.diff.bz2 - #This next patch from Alwyn Schoeman <alwyn@smart.com.ph> is great; - #it adds a -z (shutdown, keep cache) and various other little tweaks. - #See http://bugs.gentoo.org/show_bug.cgi?id=23428 for more info. - epatch "${DISTDIR}"/${P}-keepCacheAndResolv.diff.bz2 - #This patch remove the iface down instruction from dhcpcd allowing us - #to have physical iface scripts (gmsoft, 11 Nov 2003) - epatch "${FILESDIR}"/${P}-no-iface-down.diff - #remove hard-coded arch stuff (drobbins, 06 Sep 2003) - sed -i "s/ -march=i.86//g" configure - sed -i 's:/etc/ntp\.drift:/var/lib/ntp/ntp.drift:' dhcpconfig.c - - # Add route metric option -m - fixes #76694 thanks to Andy Dustman - epatch "${FILESDIR}"/${P}-routemetric.patch - - # man page buglet caused by drobbins patch - fixes #78839 - epatch "${FILESDIR}"/${P}-man.patch - - # Allow dhcpcd to use the FQDN option - # fixes #64307 thanks to Kevin F. Quinn - epatch "${FILESDIR}"/${P}-optionFQDN.patch -} - -src_compile() { - use static && append-flags -static - append-flags -DDRAFT_OPTION_FQDN - econf --prefix=/ || die - emake || die -} - -src_install() { - make install DESTDIR="${D}" || die "Install failed" - rm -rf "${D}"/etc - if ! use build ; then - dodoc AUTHORS ChangeLog NEWS README - else - rm -rf "${D}"/usr/share - fi -} diff --git a/net-misc/dhcpcd/files/dhcpcd-1.3.22_p4-security.patch b/net-misc/dhcpcd/files/dhcpcd-1.3.22_p4-security.patch new file mode 100644 index 000000000000..c8d8fb6448de --- /dev/null +++ b/net-misc/dhcpcd/files/dhcpcd-1.3.22_p4-security.patch @@ -0,0 +1,11 @@ +--- client.c.orig 2005-07-10 10:16:43.000000000 +0100 ++++ client.c 2005-07-10 10:22:31.000000000 +0100 +@@ -129,6 +129,8 @@ + default: + if ( p[1] ) + { ++ if (p + 2 + p[1] >= end) ++ goto swend; /* Corrupt packet */ + if ( DhcpOptions.len[*p] == p[1] ) + memcpy(DhcpOptions.val[*p],p+2,p[1]); + else diff --git a/net-misc/dhcpcd/files/digest-dhcpcd-1.3.22_p4-r10 b/net-misc/dhcpcd/files/digest-dhcpcd-1.3.22_p4-r11 index 80b4247cc65e..80b4247cc65e 100644 --- a/net-misc/dhcpcd/files/digest-dhcpcd-1.3.22_p4-r10 +++ b/net-misc/dhcpcd/files/digest-dhcpcd-1.3.22_p4-r11 diff --git a/net-misc/dhcpcd/files/digest-dhcpcd-1.3.22_p4-r5 b/net-misc/dhcpcd/files/digest-dhcpcd-1.3.22_p4-r12 index 80b4247cc65e..80b4247cc65e 100644 --- a/net-misc/dhcpcd/files/digest-dhcpcd-1.3.22_p4-r5 +++ b/net-misc/dhcpcd/files/digest-dhcpcd-1.3.22_p4-r12 diff --git a/net-misc/dhcpcd/files/digest-dhcpcd-1.3.22_p4-r7 b/net-misc/dhcpcd/files/digest-dhcpcd-1.3.22_p4-r7 deleted file mode 100644 index 80b4247cc65e..000000000000 --- a/net-misc/dhcpcd/files/digest-dhcpcd-1.3.22_p4-r7 +++ /dev/null @@ -1,3 +0,0 @@ -MD5 dd627a121e43835bead3ffef5b1a72fd dhcpcd-1.3.22-pl4.tar.gz 148455 -MD5 0960ef5d5070da205ffacd5107492e36 dhcpcd-1.3.22_p4.diff.bz2 1646 -MD5 6a502cc0c572f898f8ba5daa34c37901 dhcpcd-1.3.22_p4-keepCacheAndResolv.diff.bz2 1800 diff --git a/net-misc/dhcpcd/files/digest-dhcpcd-1.3.22_p4-r9 b/net-misc/dhcpcd/files/digest-dhcpcd-1.3.22_p4-r9 deleted file mode 100644 index 80b4247cc65e..000000000000 --- a/net-misc/dhcpcd/files/digest-dhcpcd-1.3.22_p4-r9 +++ /dev/null @@ -1,3 +0,0 @@ -MD5 dd627a121e43835bead3ffef5b1a72fd dhcpcd-1.3.22-pl4.tar.gz 148455 -MD5 0960ef5d5070da205ffacd5107492e36 dhcpcd-1.3.22_p4.diff.bz2 1646 -MD5 6a502cc0c572f898f8ba5daa34c37901 dhcpcd-1.3.22_p4-keepCacheAndResolv.diff.bz2 1800 |