diff options
| author | ghen <ghen@pkgsrc.org> | 2007-06-25 18:17:24 +0000 |
|---|---|---|
| committer | ghen <ghen@pkgsrc.org> | 2007-06-25 18:17:24 +0000 |
| commit | 840dad1ac3a38cac20034daf169338a775955158 (patch) | |
| tree | e54b2fca732ca98da6a08bf58714be9e8cd42099 | |
| parent | 75aeafe70907e9ad49f58b314d9ea4d9ae6933c4 (diff) | |
| download | pkgsrc-840dad1ac3a38cac20034daf169338a775955158.tar.gz | |
Pullup ticket 2120 - requested by lkundrak
security fix for bitchx
- pkgsrc/chat/bitchx/Makefile 1.42
- pkgsrc/chat/bitchx/distinfo 1.16
- pkgsrc/chat/bitchx/patches/patch-ar 1.1
Module Name: pkgsrc
Committed By: lkundrak
Date: Mon Jun 25 14:15:21 UTC 2007
Modified Files:
pkgsrc/chat/bitchx: Makefile distinfo
Added Files:
pkgsrc/chat/bitchx/patches: patch-ar
Log Message:
Fix for a security issue, CVE-2007-3360. A malicious server could direct
the client into executing arbitrary code.
| -rw-r--r-- | chat/bitchx/Makefile | 3 | ||||
| -rw-r--r-- | chat/bitchx/distinfo | 3 | ||||
| -rw-r--r-- | chat/bitchx/patches/patch-ar | 21 |
3 files changed, 25 insertions, 2 deletions
diff --git a/chat/bitchx/Makefile b/chat/bitchx/Makefile index ddd84875ab3..868f7659bb9 100644 --- a/chat/bitchx/Makefile +++ b/chat/bitchx/Makefile @@ -1,7 +1,8 @@ -# $NetBSD: Makefile,v 1.40 2007/03/17 13:25:46 rillig Exp $ +# $NetBSD: Makefile,v 1.40.2.1 2007/06/25 18:17:24 ghen Exp $ DISTNAME= ircii-pana-1.1-final PKGNAME= bitchx-1.1 +PKGREVISION= 1 CATEGORIES= chat MASTER_SITES= http://www.bitchx.org/files/source/ \ ftp://ftp.bitchx.org/pub/BitchX/source/ \ diff --git a/chat/bitchx/distinfo b/chat/bitchx/distinfo index 72c30856553..6ad9933bb99 100644 --- a/chat/bitchx/distinfo +++ b/chat/bitchx/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.15 2007/03/17 13:25:46 rillig Exp $ +$NetBSD: distinfo,v 1.15.2.1 2007/06/25 18:17:24 ghen Exp $ SHA1 (ircii-pana-1.1-final.tar.gz) = b25635b62c7ff905b6492a4aaa88c43b5aa164f8 RMD160 (ircii-pana-1.1-final.tar.gz) = 4105de2587964146e2391a26a8a16e3d0059a93f @@ -13,3 +13,4 @@ SHA1 (patch-an) = 59a6dc31a90b88bbffac5bb4629feaa2488afeff SHA1 (patch-ao) = ce6d8d68f39c54e5f174d294b0a72432b95fe89b SHA1 (patch-ap) = 7cc6162de323bf07e52cbad7d4b4b54ac01d105e SHA1 (patch-aq) = 97387bc2f7059f1a864f47ecd611ce62e13cb969 +SHA1 (patch-ar) = 09286c5e21c6b8f6d35ab53146297c2e4f44ad55 diff --git a/chat/bitchx/patches/patch-ar b/chat/bitchx/patches/patch-ar new file mode 100644 index 00000000000..850d6709f97 --- /dev/null +++ b/chat/bitchx/patches/patch-ar @@ -0,0 +1,21 @@ +$NetBSD: patch-ar,v 1.1.2.2 2007/06/25 18:17:25 ghen Exp $ + +This patch fixes CVE-2007-3360 flaw, where a malicious server could +inject a hook possibly executiong malicious code and direct client +into executing it by using bogus hook index. + +--- source/hook.c.orig 2007-06-25 15:41:37.000000000 +0200 ++++ source/hook.c 2007-06-25 15:41:39.000000000 +0200 +@@ -837,6 +837,12 @@ int BX_do_hook (int which, char *format + #ifdef WANT_TCL + int tcl_ret = 0; + #endif ++ ++ /* CVE-2007-3360 boundary check */ ++ if (which >= sizeof(hook_functions)/sizeof(hook_functions[0])) { ++ return NO_ACTION_TAKEN; ++ } ++ + /* + * Figure out where the hooks are for the event type were asserting + */ |