diff options
| author |   Markos Chandras <hwoarang@gentoo.org> | 2011-05-04 19:43:06 +0000 |
|---|---|---|
| committer | Markos Chandras <hwoarang@gentoo.org> | 2011-05-04 19:43:06 +0000 |
| commit | 79069f7fb24ed34a5a4a0cd061c6cb0b16a552e6 (patch) | |
| tree | ad95ad7d7f763dcf4f2c3686cd87385f968c8271 /net-analyzer/fail2ban | |
| parent | Stable on amd64 wrt bug #344059 (diff) | |
| download | gentoo-2-79069f7fb24ed34a5a4a0cd061c6cb0b16a552e6.tar.gz gentoo-2-79069f7fb24ed34a5a4a0cd061c6cb0b16a552e6.tar.bz2 gentoo-2-79069f7fb24ed34a5a4a0cd061c6cb0b16a552e6.zip | |
Apply patch for CVE-2009-5023. Bug #364883
(Portage version: 2.1.9.46/cvs/Linux x86_64)
Diffstat (limited to 'net-analyzer/fail2ban')
| -rw-r--r-- | net-analyzer/fail2ban/ChangeLog | 8 | ||||
| -rw-r--r-- | net-analyzer/fail2ban/fail2ban-0.8.4-r3.ebuild | 70 | ||||
| -rw-r--r-- | net-analyzer/fail2ban/files/fail2ban-0.8.4-cve2009-5023.patch | 45 |
3 files changed, 122 insertions, 1 deletions
diff --git a/net-analyzer/fail2ban/ChangeLog b/net-analyzer/fail2ban/ChangeLog index 75543a3fd7f3..15efa91998b6 100644 --- a/net-analyzer/fail2ban/ChangeLog +++ b/net-analyzer/fail2ban/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-analyzer/fail2ban # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/fail2ban/ChangeLog,v 1.65 2011/03/21 11:31:15 xarthisius Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/fail2ban/ChangeLog,v 1.66 2011/05/04 19:43:06 hwoarang Exp $ + +*fail2ban-0.8.4-r3 (04 May 2011) + + 04 May 2011; Markos Chandras <hwoarang@gentoo.org> +fail2ban-0.8.4-r3.ebuild, + +files/fail2ban-0.8.4-cve2009-5023.patch: + Apply patch for CVE-2009-5023. Bug #364883 21 Mar 2011; Kacper Kowalik <xarthisius@gentoo.org> fail2ban-0.8.4-r2.ebuild: ppc/ppc64 stable wrt #351803 diff --git a/net-analyzer/fail2ban/fail2ban-0.8.4-r3.ebuild b/net-analyzer/fail2ban/fail2ban-0.8.4-r3.ebuild new file mode 100644 index 000000000000..fac815b22d83 --- /dev/null +++ b/net-analyzer/fail2ban/fail2ban-0.8.4-r3.ebuild @@ -0,0 +1,70 @@ +# Copyright 1999-2011 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/fail2ban/fail2ban-0.8.4-r3.ebuild,v 1.1 2011/05/04 19:43:06 hwoarang Exp $ + +EAPI="3" +PYTHON_DEPEND="2" + +inherit distutils eutils + +DESCRIPTION="Bans IP that make too many password failures" +HOMEPAGE="http://fail2ban.sourceforge.net/" +SRC_URI="mirror://sourceforge/fail2ban/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~hppa ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd" +IUSE="" + +RDEPEND="net-misc/whois + virtual/mta + net-firewall/iptables" + +pkg_setup() { + python_set_active_version 2 + python_pkg_setup +} + +src_prepare() { + epatch "${FILESDIR}"/${P}-hashlib.patch \ + "${FILESDIR}"/${P}-sshd-breakin.patch \ + "${FILESDIR}"/gentoo-initd_create_run_dir.patch \ + "${FILESDIR}"/${P}-cve2009-5023.patch + distutils_src_prepare +} + +src_install() { + distutils_src_install + + newconfd files/gentoo-confd fail2ban + newinitd files/gentoo-initd fail2ban + dodoc ChangeLog README TODO || die "dodoc failed" + doman man/*.1 || die "doman failed" + + # Use INSTALL_MASK if you do not want to touch /etc/logrotate.d. + # See http://thread.gmane.org/gmane.linux.gentoo.devel/35675 + insinto /etc/logrotate.d + newins "${FILESDIR}"/${PN}-logrotate ${PN} || die +} + +pkg_preinst() { + has_version "<${CATEGORY}/${PN}-0.7" + previous_less_than_0_7=$? +} + +pkg_postinst() { + distutils_pkg_postinst + + if [[ $previous_less_than_0_7 = 0 ]] ; then + elog + elog "Configuration files are now in /etc/fail2ban/" + elog "You probably have to manually update your configuration" + elog "files before restarting Fail2ban!" + elog + elog "Fail2ban is not installed under /usr/lib anymore. The" + elog "new location is under /usr/share." + elog + elog "You are upgrading from version 0.6.x, please see:" + elog "http://www.fail2ban.org/wiki/index.php/HOWTO_Upgrade_from_0.6_to_0.8" + fi +} diff --git a/net-analyzer/fail2ban/files/fail2ban-0.8.4-cve2009-5023.patch b/net-analyzer/fail2ban/files/fail2ban-0.8.4-cve2009-5023.patch new file mode 100644 index 000000000000..d1b69a44c0d5 --- /dev/null +++ b/net-analyzer/fail2ban/files/fail2ban-0.8.4-cve2009-5023.patch @@ -0,0 +1,45 @@ +Index: config/action.d/mail-buffered.conf +=================================================================== +--- config/action.d/mail-buffered.conf (revision 766) ++++ config/action.d/mail-buffered.conf (revision 767) +@@ -81,7 +81,7 @@ + + # Default temporary file + # +-tmpfile = /tmp/fail2ban-mail.txt ++tmpfile = /var/run/fail2ban/tmp-mail.txt + + # Destination/Addressee of the mail + # +Index: config/action.d/sendmail-buffered.conf +=================================================================== +--- config/action.d/sendmail-buffered.conf (revision 766) ++++ config/action.d/sendmail-buffered.conf (revision 767) +@@ -101,5 +101,5 @@ + + # Default temporary file + # +-tmpfile = /tmp/fail2ban-mail.txt ++tmpfile = /var/run/fail2ban/tmp-mail.txt + +Index: config/action.d/dshield.conf +=================================================================== +--- config/action.d/dshield.conf (revision 766) ++++ config/action.d/dshield.conf (revision 767) +@@ -206,5 +206,5 @@ + # Notes.: Base name of temporary files used for buffering + # Values: [ STRING ] Default: /tmp/fail2ban-dshield + # +-tmpfile = /tmp/fail2ban-dshield ++tmpfile = /var/run/fail2ban/tmp-dshield + +Index: config/action.d/mynetwatchman.conf +=================================================================== +--- config/action.d/mynetwatchman.conf (revision 766) ++++ config/action.d/mynetwatchman.conf (revision 767) +@@ -141,4 +141,4 @@ + # Notes.: Base name of temporary files + # Values: [ STRING ] Default: /tmp/fail2ban-mynetwatchman + # +-tmpfile = /tmp/fail2ban-mynetwatchman ++tmpfile = /var/run/fail2ban/tmp-mynetwatchman |