Remove old insecure version, GLSA 200411-19

5 files changed, 6 insertions, 118 deletions

diff --git a/net-misc/pavuk/ChangeLog b/net-misc/pavuk/ChangeLog
index 445e362f7687..6f5be09669e9 100644
--- a/net-misc/pavuk/ChangeLog
+++ b/net-misc/pavuk/ChangeLog
@@ -1,6 +1,11 @@
 # ChangeLog for net-misc/pavuk
 # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/pavuk/ChangeLog,v 1.14 2004/11/10 10:42:03 sejo Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/pavuk/ChangeLog,v 1.15 2004/11/10 23:05:04 dsd Exp $
+
+  11 Nov 2004; Daniel Drake <dsd@gentoo.org>
+  -files/pavuk-0.9.28-digest_auth.c.patch, -files/pavuk-0.9.28-http.patch,
+  -pavuk-0.9.28-r4.ebuild:
+  Remove old insecure version, GLSA 200411-19
 
   10 Nov 2004; <SeJo@gentoo.org> pavuk-0.9.31.ebuild:
   stable on ppc gsla:70516
diff --git a/net-misc/pavuk/files/digest-pavuk-0.9.28-r4 b/net-misc/pavuk/files/digest-pavuk-0.9.28-r4
deleted file mode 100644
index cdc14b2bba09..000000000000
--- a/net-misc/pavuk/files/digest-pavuk-0.9.28-r4
+++ /dev/null
@@ -1 +0,0 @@
-MD5 d0f7b77bd11322add1f7d52d62afbf78 pavuk-0.9pl28.tgz 968336
diff --git a/net-misc/pavuk/files/pavuk-0.9.28-digest_auth.c.patch b/net-misc/pavuk/files/pavuk-0.9.28-digest_auth.c.patch
deleted file mode 100644
index 9b12207d0a6a..000000000000
--- a/net-misc/pavuk/files/pavuk-0.9.28-digest_auth.c.patch
+++ /dev/null
@@ -1,30 +0,0 @@
---- digest_auth_orig.c	2000-12-03 08:25:44.000000000 -0600
-+++ digest_auth.c	2004-07-24 13:45:50.000000000 -0500
-@@ -87,6 +87,7 @@
- 	return retv;
- }
- 
-+/* PRE: Assumes 'buf' can store 2K */
- char *http_get_digest_auth_str(auth_digest, method, user, pass, urlp, buf)
- http_digest_info *auth_digest;
- char *method;
-@@ -99,14 +100,15 @@
- 	char *a1,*a2,*a3;
- 	char *d = url_encode_str(urlp->p.http.document, URL_PATH_UNSAFE);
- 
--	sprintf(pom, "%s:%s:%s", user, auth_digest->realm, pass);
-+	snprintf(pom, sizeof(pom), "%s:%s:%s", user, auth_digest->realm, pass);
- 	a1 = _md5(pom);
--	sprintf(pom, "%s:%s", method, d);
-+	snprintf(pom, sizeof(pom), "%s:%s", method, d);
- 	a2 = _md5(pom);
--	sprintf(pom, "%s:%s:%s", a1, auth_digest->nonce, a2);
-+	snprintf(pom, sizeof(pom), "%s:%s:%s", a1, auth_digest->nonce, a2);
- 	a3 = _md5(pom);
- 
--	sprintf(buf,
-+	snprintf(buf,
-+		2048,
- 		"Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", response=\"%s\"" , 
- 		user, auth_digest->realm, auth_digest->nonce, d, a3);
- 
diff --git a/net-misc/pavuk/files/pavuk-0.9.28-http.patch b/net-misc/pavuk/files/pavuk-0.9.28-http.patch
deleted file mode 100644
index 88acf6f5e49f..000000000000
--- a/net-misc/pavuk/files/pavuk-0.9.28-http.patch
+++ /dev/null
@@ -1,13 +0,0 @@
---- http.c.old	2001-07-30 00:06:40.000000000 +0200
-+++ http.c	2004-06-14 01:33:27.000000000 +0200
-@@ -1111,8 +1111,8 @@
- 	if (!loc)
- 		return -1;
- 
--	if (sscanf(loc, "http://%[.0-9A-Za-z_-]:%d", proxy, &port) < 1)
--		if (sscanf(loc, "%[.0-9A-Za-z_-]:%d", proxy, &port) !=2)
-+	if (sscanf(loc, "http://%255[.0-9A-Za-z_-]:%d", proxy, &port) < 1)
-+		if (sscanf(loc, "%255[.0-9A-Za-z_-]:%d", proxy, &port) !=2)
- 			return -1;
- 
- 	_free(docp->http_proxy);
diff --git a/net-misc/pavuk/pavuk-0.9.28-r4.ebuild b/net-misc/pavuk/pavuk-0.9.28-r4.ebuild
deleted file mode 100644
index 610ddbc49f74..000000000000
--- a/net-misc/pavuk/pavuk-0.9.28-r4.ebuild
+++ /dev/null
@@ -1,73 +0,0 @@
-# Copyright 1999-2004 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/pavuk/pavuk-0.9.28-r4.ebuild,v 1.4 2004/09/24 23:48:50 dsd Exp $
-
-inherit eutils
-
-DESCRIPTION="Web spider and website mirroring tool"
-HOMEPAGE="http://www.pavuk.org/"
-SRC_URI="http://www.pavuk.org/sw/${PN}-0.9pl28.tgz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="ppc sparc x86"
-IUSE="ssl X gtk gnome mozilla socks5 nls"
-
-DEPEND=">=sys-apps/sed-4
-	sys-devel/gettext
-	sys-libs/zlib
-	ssl? ( dev-libs/openssl )
-	X? ( virtual/x11 )
-	gtk? ( =x11-libs/gtk+-1.2* )
-	gnome? ( gnome-base/gnome-libs )
-	mozilla? ( net-www/mozilla )
-	socks5? ( net-misc/tsocks )"
-
-S="${WORKDIR}/${PN}-0.9pl28"
-
-src_unpack() {
-	unpack ${A}
-
-	# When pavuk connects to a web server and the server sends back
-	# the HTTP status code 305 (Use Proxy), pavuk copies data from
-	# the HTTP Location header in an unsafe manner. This leads to a
-	# stack-based buffer overflow with control over EIP.
-	EPATCH_OPTS="${EPATCH_OPTS} -d ${S}/src" \
-		epatch ${FILESDIR}/pavuk-0.9.28-http.patch
-
-	# more flaws.
-	EPATCH_OPTS="${EPATCH_OPTS} -d ${S}/src" \
-		epatch ${FILESDIR}/${PN}-0.9.28-digest_auth.c.patch
-}
-
-src_compile() {
-	econf \
-		--enable-threads \
-		--with-regex=auto \
-		$(use_with X x) \
-		$(use_enable ssl) \
-		$(use_enable gtk) \
-		$(use_enable gnome) \
-		$(use_enable mozilla js) \
-		$(use_enable socks5 socks) \
-		$(use_enable nls) \
-		|| die "econf failed"
-
-	emake || die
-}
-
-src_install() {
-	# fix sandbox violation for gnome .desktop and icon, and gnome menu entry
-	if use gnome
-	then
-		sed -i 's:GNOME_PREFIX = /usr:GNOME_PREFIX = ${D}usr:' Makefile
-		sed -i 's:GNOME_PREFIX = /usr:GNOME_PREFIX = ${D}usr:' icons/Makefile
-		sed -i 's:Type=Internet:Type=Application:' pavuk.desktop
-	fi
-
-	einstall || die
-
-	dodoc README CREDITS FAQ NEWS AUTHORS BUGS \
-		TODO MAILINGLIST ChangeLog wget-pavuk.HOWTO jsbind.txt \
-		pavuk_authinfo.sample  pavukrc.sample
-}