summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobert Buchholz <rbu@gentoo.org>2008-01-10 23:51:35 +0000
committerRobert Buchholz <rbu@gentoo.org>2008-01-10 23:51:35 +0000
commit4d5d4fa76b63d2dd484d7c3c66edafd49757ecd0 (patch)
tree6e4dd9fef14e32fdbffa1eea4a798b313ac7b932 /net-ftp
parentSecurity: Fix a double-fclose vulnerability in the dataconn function (CVE-200... (diff)
downloadgentoo-2-4d5d4fa76b63d2dd484d7c3c66edafd49757ecd0.tar.gz
gentoo-2-4d5d4fa76b63d2dd484d7c3c66edafd49757ecd0.tar.bz2
gentoo-2-4d5d4fa76b63d2dd484d7c3c66edafd49757ecd0.zip
Security: Fix a double-fclose() vulnerability in the getreply function (CVE-2007-5769, #199206)
(Portage version: 2.1.3.19)
Diffstat (limited to 'net-ftp')
-rw-r--r--net-ftp/ftp/ChangeLog11
-rw-r--r--net-ftp/ftp/files/digest-ftp-0.17-r73
-rw-r--r--net-ftp/ftp/files/netkit-ftp-0.17-sigseg.patch16
-rw-r--r--net-ftp/ftp/ftp-0.17-r7.ebuild53
4 files changed, 81 insertions, 2 deletions
diff --git a/net-ftp/ftp/ChangeLog b/net-ftp/ftp/ChangeLog
index b814fe51fa0a..4830d7d9bfd9 100644
--- a/net-ftp/ftp/ChangeLog
+++ b/net-ftp/ftp/ChangeLog
@@ -1,6 +1,13 @@
# ChangeLog for net-ftp/ftp
-# Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-ftp/ftp/ChangeLog,v 1.28 2007/02/22 02:14:36 peper Exp $
+# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/ftp/ChangeLog,v 1.29 2008/01/10 23:51:34 rbu Exp $
+
+*ftp-0.17-r7 (10 Jan 2008)
+
+ 10 Jan 2008; Robert Buchholz <rbu@gentoo.org>
+ +files/netkit-ftp-0.17-sigseg.patch, +ftp-0.17-r7.ebuild:
+ Security: Fix a double-fclose() vulnerability in the getreply function
+ (CVE-2007-5769, #199206)
22 Feb 2007; Piotr Jaroszyński <peper@gentoo.org> ChangeLog:
Transition to Manifest2.
diff --git a/net-ftp/ftp/files/digest-ftp-0.17-r7 b/net-ftp/ftp/files/digest-ftp-0.17-r7
new file mode 100644
index 000000000000..9a3e99c11894
--- /dev/null
+++ b/net-ftp/ftp/files/digest-ftp-0.17-r7
@@ -0,0 +1,3 @@
+MD5 94441610c9b86ef45c4c6ec609444060 netkit-ftp-0.17.tar.gz 53934
+RMD160 ff67bdd1f233e375f7c6e8853906edb0e3bb42a2 netkit-ftp-0.17.tar.gz 53934
+SHA256 61c913299b81a4671ff089aac821329f7db9bc111aa812993dd585798b700349 netkit-ftp-0.17.tar.gz 53934
diff --git a/net-ftp/ftp/files/netkit-ftp-0.17-sigseg.patch b/net-ftp/ftp/files/netkit-ftp-0.17-sigseg.patch
new file mode 100644
index 000000000000..0972eb19513d
--- /dev/null
+++ b/net-ftp/ftp/files/netkit-ftp-0.17-sigseg.patch
@@ -0,0 +1,16 @@
+--- netkit-ftp-0.17-orig/ftp/ftp.c 2007-08-06 23:32:49.000000000 +0200
++++ netkit-ftp-0.17/ftp/ftp.c 2007-08-06 23:31:06.000000000 +0200
+@@ -483,8 +483,10 @@ getreply(int expecteof)
+ return (0);
+ }
+ lostpeer(0);
+- fclose(cout);
+- cout = NULL;
++ if (cout) {
++ fclose(cout);
++ cout = NULL;
++ }
+ if (verbose) {
+ printf("421 Service not available, remote server has closed connection\n");
+ (void) fflush(stdout);
+
diff --git a/net-ftp/ftp/ftp-0.17-r7.ebuild b/net-ftp/ftp/ftp-0.17-r7.ebuild
new file mode 100644
index 000000000000..52d28eaf4ce0
--- /dev/null
+++ b/net-ftp/ftp/ftp-0.17-r7.ebuild
@@ -0,0 +1,53 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/ftp/ftp-0.17-r7.ebuild,v 1.1 2008/01/10 23:51:34 rbu Exp $
+
+inherit eutils toolchain-funcs flag-o-matic
+
+MY_P=netkit-${P}
+S=${WORKDIR}/${MY_P}
+DESCRIPTION="Standard Linux FTP client"
+HOMEPAGE="http://www.hcs.harvard.edu/~dholland/computers/netkit.html"
+SRC_URI="ftp://ftp.uk.linux.org/pub/linux/Networking/netkit/${MY_P}.tar.gz"
+
+LICENSE="as-is"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+IUSE="ssl ipv6"
+
+RDEPEND=">=sys-libs/ncurses-5.2
+ ssl? ( dev-libs/openssl )"
+DEPEND="${RDEPEND}
+ >=sys-apps/sed-4"
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+ epatch "${FILESDIR}"/${MY_P}-ssl-0.2.patch
+ epatch "${FILESDIR}"/${MY_P}-ipv6.patch #47507
+ epatch "${FILESDIR}"/${MY_P}-dont-strcpy-overlapping.patch #104311
+ epatch "${FILESDIR}"/${MY_P}-acct.patch #fedora
+ epatch "${FILESDIR}"/${MY_P}-locale.patch #fedora
+ epatch "${FILESDIR}"/${MY_P}-runique_mget.patch #fedora
+ epatch "${FILESDIR}"/${MY_P}-security.patch #fedora
+ epatch "${FILESDIR}"/${MY_P}-segv.patch #fedora
+ epatch "${FILESDIR}"/${MY_P}-custom-cflags.patch
+ epatch "${FILESDIR}"/${MY_P}-sigseg.patch #fedora, #199206
+ append-lfs-flags #101038
+}
+
+src_compile() {
+ ./configure \
+ --prefix=/usr \
+ $(use_enable ssl) \
+ $(use_enable ipv6) \
+ ${EXTRA_ECONF} \
+ || die "configure failed"
+ emake CC="$(tc-getCC)" LDFLAGS="${LDFLAGS}" || die "make failed"
+}
+
+src_install() {
+ dobin ftp/ftp || die
+ doman ftp/ftp.1 ftp/netrc.5
+ dodoc ChangeLog README BUGS
+}