diff options
author | Robert Buchholz <rbu@gentoo.org> | 2008-01-10 23:51:35 +0000 |
---|---|---|
committer | Robert Buchholz <rbu@gentoo.org> | 2008-01-10 23:51:35 +0000 |
commit | 4d5d4fa76b63d2dd484d7c3c66edafd49757ecd0 (patch) | |
tree | 6e4dd9fef14e32fdbffa1eea4a798b313ac7b932 /net-ftp | |
parent | Security: Fix a double-fclose vulnerability in the dataconn function (CVE-200... (diff) | |
download | gentoo-2-4d5d4fa76b63d2dd484d7c3c66edafd49757ecd0.tar.gz gentoo-2-4d5d4fa76b63d2dd484d7c3c66edafd49757ecd0.tar.bz2 gentoo-2-4d5d4fa76b63d2dd484d7c3c66edafd49757ecd0.zip |
Security: Fix a double-fclose() vulnerability in the getreply function (CVE-2007-5769, #199206)
(Portage version: 2.1.3.19)
Diffstat (limited to 'net-ftp')
-rw-r--r-- | net-ftp/ftp/ChangeLog | 11 | ||||
-rw-r--r-- | net-ftp/ftp/files/digest-ftp-0.17-r7 | 3 | ||||
-rw-r--r-- | net-ftp/ftp/files/netkit-ftp-0.17-sigseg.patch | 16 | ||||
-rw-r--r-- | net-ftp/ftp/ftp-0.17-r7.ebuild | 53 |
4 files changed, 81 insertions, 2 deletions
diff --git a/net-ftp/ftp/ChangeLog b/net-ftp/ftp/ChangeLog index b814fe51fa0a..4830d7d9bfd9 100644 --- a/net-ftp/ftp/ChangeLog +++ b/net-ftp/ftp/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for net-ftp/ftp -# Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-ftp/ftp/ChangeLog,v 1.28 2007/02/22 02:14:36 peper Exp $ +# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/net-ftp/ftp/ChangeLog,v 1.29 2008/01/10 23:51:34 rbu Exp $ + +*ftp-0.17-r7 (10 Jan 2008) + + 10 Jan 2008; Robert Buchholz <rbu@gentoo.org> + +files/netkit-ftp-0.17-sigseg.patch, +ftp-0.17-r7.ebuild: + Security: Fix a double-fclose() vulnerability in the getreply function + (CVE-2007-5769, #199206) 22 Feb 2007; Piotr Jaroszyński <peper@gentoo.org> ChangeLog: Transition to Manifest2. diff --git a/net-ftp/ftp/files/digest-ftp-0.17-r7 b/net-ftp/ftp/files/digest-ftp-0.17-r7 new file mode 100644 index 000000000000..9a3e99c11894 --- /dev/null +++ b/net-ftp/ftp/files/digest-ftp-0.17-r7 @@ -0,0 +1,3 @@ +MD5 94441610c9b86ef45c4c6ec609444060 netkit-ftp-0.17.tar.gz 53934 +RMD160 ff67bdd1f233e375f7c6e8853906edb0e3bb42a2 netkit-ftp-0.17.tar.gz 53934 +SHA256 61c913299b81a4671ff089aac821329f7db9bc111aa812993dd585798b700349 netkit-ftp-0.17.tar.gz 53934 diff --git a/net-ftp/ftp/files/netkit-ftp-0.17-sigseg.patch b/net-ftp/ftp/files/netkit-ftp-0.17-sigseg.patch new file mode 100644 index 000000000000..0972eb19513d --- /dev/null +++ b/net-ftp/ftp/files/netkit-ftp-0.17-sigseg.patch @@ -0,0 +1,16 @@ +--- netkit-ftp-0.17-orig/ftp/ftp.c 2007-08-06 23:32:49.000000000 +0200 ++++ netkit-ftp-0.17/ftp/ftp.c 2007-08-06 23:31:06.000000000 +0200 +@@ -483,8 +483,10 @@ getreply(int expecteof) + return (0); + } + lostpeer(0); +- fclose(cout); +- cout = NULL; ++ if (cout) { ++ fclose(cout); ++ cout = NULL; ++ } + if (verbose) { + printf("421 Service not available, remote server has closed connection\n"); + (void) fflush(stdout); + diff --git a/net-ftp/ftp/ftp-0.17-r7.ebuild b/net-ftp/ftp/ftp-0.17-r7.ebuild new file mode 100644 index 000000000000..52d28eaf4ce0 --- /dev/null +++ b/net-ftp/ftp/ftp-0.17-r7.ebuild @@ -0,0 +1,53 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-ftp/ftp/ftp-0.17-r7.ebuild,v 1.1 2008/01/10 23:51:34 rbu Exp $ + +inherit eutils toolchain-funcs flag-o-matic + +MY_P=netkit-${P} +S=${WORKDIR}/${MY_P} +DESCRIPTION="Standard Linux FTP client" +HOMEPAGE="http://www.hcs.harvard.edu/~dholland/computers/netkit.html" +SRC_URI="ftp://ftp.uk.linux.org/pub/linux/Networking/netkit/${MY_P}.tar.gz" + +LICENSE="as-is" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="ssl ipv6" + +RDEPEND=">=sys-libs/ncurses-5.2 + ssl? ( dev-libs/openssl )" +DEPEND="${RDEPEND} + >=sys-apps/sed-4" + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}"/${MY_P}-ssl-0.2.patch + epatch "${FILESDIR}"/${MY_P}-ipv6.patch #47507 + epatch "${FILESDIR}"/${MY_P}-dont-strcpy-overlapping.patch #104311 + epatch "${FILESDIR}"/${MY_P}-acct.patch #fedora + epatch "${FILESDIR}"/${MY_P}-locale.patch #fedora + epatch "${FILESDIR}"/${MY_P}-runique_mget.patch #fedora + epatch "${FILESDIR}"/${MY_P}-security.patch #fedora + epatch "${FILESDIR}"/${MY_P}-segv.patch #fedora + epatch "${FILESDIR}"/${MY_P}-custom-cflags.patch + epatch "${FILESDIR}"/${MY_P}-sigseg.patch #fedora, #199206 + append-lfs-flags #101038 +} + +src_compile() { + ./configure \ + --prefix=/usr \ + $(use_enable ssl) \ + $(use_enable ipv6) \ + ${EXTRA_ECONF} \ + || die "configure failed" + emake CC="$(tc-getCC)" LDFLAGS="${LDFLAGS}" || die "make failed" +} + +src_install() { + dobin ftp/ftp || die + doman ftp/ftp.1 ftp/netrc.5 + dodoc ChangeLog README BUGS +} |