diff options
| author | drochner <drochner@pkgsrc.org> | 2011-11-28 15:26:25 +0000 |
|---|---|---|
| committer | drochner <drochner@pkgsrc.org> | 2011-11-28 15:26:25 +0000 |
| commit | bcf12889373dc5d2a966598545b5c59590b4f560 (patch) | |
| tree | 28638a9596ff1c5796beb1868938a5dd852eb137 | |
| parent | fbb41ba2ead98fe444ebf839f4fb02105fedeb8b (diff) | |
| download | pkgsrc-bcf12889373dc5d2a966598545b5c59590b4f560.tar.gz | |
Don't allow '/' characters to be passed to pam_start() by the
PAM helper program. OpenPAM didn't check this, so it could be
tricked into reading arbitrary config files, allowing privilege
escalation.
Standard squid installations don't install the PAM helper SUID, but
depending on local needs, an administrator might choose to do so.
approved by pkg maintainer
bump PKGREV
| -rw-r--r-- | www/squid27/Makefile | 4 | ||||
| -rw-r--r-- | www/squid27/distinfo | 3 | ||||
| -rw-r--r-- | www/squid27/patches/patch-am | 18 | ||||
| -rw-r--r-- | www/squid31/Makefile | 3 | ||||
| -rw-r--r-- | www/squid31/distinfo | 3 | ||||
| -rw-r--r-- | www/squid31/patches/patch-am | 18 |
6 files changed, 44 insertions, 5 deletions
diff --git a/www/squid27/Makefile b/www/squid27/Makefile index 46c29191d73..810be551472 100644 --- a/www/squid27/Makefile +++ b/www/squid27/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.15 2010/12/16 13:47:19 sborrill Exp $ +# $NetBSD: Makefile,v 1.16 2011/11/28 15:26:26 drochner Exp $ DISTNAME= squid-2.7.STABLE9 -PKGREVISION= 1 +PKGREVISION= 2 PKGNAME= ${DISTNAME:S/STABLE//} CATEGORIES= www diff --git a/www/squid27/distinfo b/www/squid27/distinfo index 720ae13f7e3..9feb8aeff3e 100644 --- a/www/squid27/distinfo +++ b/www/squid27/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.9 2010/07/29 03:00:46 taca Exp $ +$NetBSD: distinfo,v 1.10 2011/11/28 15:26:26 drochner Exp $ SHA1 (squid-2.7.STABLE9.tar.bz2) = bd389da9b74fd338e358f6b3f83bd3a1ed4d4f6f RMD160 (squid-2.7.STABLE9.tar.bz2) = bfa7c3dc3ede68646603f3379de35f44d7d8e97d @@ -15,3 +15,4 @@ SHA1 (patch-ai) = a227e6fc622f1bda3fa49406b4d588c1f1f78430 SHA1 (patch-aj) = c5c7cd10a63a5066eee63988775f71758ed5463e SHA1 (patch-ak) = 6863cac0fe9100f4b8c3c05cb321324a4abf0a4c SHA1 (patch-al) = a9e957a90dc6956e59668c297dd8566642baecff +SHA1 (patch-am) = c31f27816578a05a909c4e64a646919d35e04c42 diff --git a/www/squid27/patches/patch-am b/www/squid27/patches/patch-am new file mode 100644 index 00000000000..0d530ca2aed --- /dev/null +++ b/www/squid27/patches/patch-am @@ -0,0 +1,18 @@ +$NetBSD: patch-am,v 1.3 2011/11/28 15:26:26 drochner Exp $ + +protect against CVE-2011-4122 + +--- helpers/basic_auth/PAM/pam_auth.c.orig 2005-05-17 16:56:25.000000000 +0000 ++++ helpers/basic_auth/PAM/pam_auth.c +@@ -188,6 +188,11 @@ start: + exit(1); + } + ++ if (strchr(service, '/')) { ++ fprintf(stderr, "Illegal service '%s'\n", service); ++ exit(1); ++ } ++ + while (fgets(buf, BUFSIZE, stdin)) { + user = buf; + password = strchr(buf, '\n'); diff --git a/www/squid31/Makefile b/www/squid31/Makefile index aad68d445ab..f8fe243673b 100644 --- a/www/squid31/Makefile +++ b/www/squid31/Makefile @@ -1,7 +1,8 @@ -# $NetBSD: Makefile,v 1.34 2011/10/22 17:54:25 tron Exp $ +# $NetBSD: Makefile,v 1.35 2011/11/28 15:26:25 drochner Exp $ DISTNAME= squid-3.1.16 PKGNAME= ${DISTNAME} # Necessary for "pkgsrc/www/squid/options.mk" +PKGREVISION= 1 CATEGORIES= www MASTER_SITES= http://www.squid-cache.org/Versions/v3/3.1/ \ ${SQUID_MASTER_SITES} diff --git a/www/squid31/distinfo b/www/squid31/distinfo index ff21eb43040..25a94252360 100644 --- a/www/squid31/distinfo +++ b/www/squid31/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.31 2011/10/22 17:54:25 tron Exp $ +$NetBSD: distinfo,v 1.32 2011/11/28 15:26:25 drochner Exp $ SHA1 (squid-3.1.16.tar.bz2) = 4d272921155165331205b039cebee2643158b5eb RMD160 (squid-3.1.16.tar.bz2) = df730d0c60b0d16a11c7157c55f1c89b0c6f1f65 @@ -7,5 +7,6 @@ SHA1 (patch-ad) = 2e8c05f220374240e5681efdd46379851c6bb50e SHA1 (patch-ae) = 944c24b28cf11f7a876150f8f0e131af5f3e354d SHA1 (patch-aj) = 9f250b7f645b2ee77243a617c1a7faa5c7956339 SHA1 (patch-al) = 6fec093f8969aed96cb8ffb115d96f9d21ac1f63 +SHA1 (patch-am) = d6d52948f883d983b114c68cffb392cb8295f847 SHA1 (patch-src_base_TidyPointer.h) = d616bc21f7ab640622b7c34cf9da8222d2ddb5cf SHA1 (patch-src_ssl_gadgets.cc) = c631940ffd3fc7f44bc1586169eb4fe13a79ab35 diff --git a/www/squid31/patches/patch-am b/www/squid31/patches/patch-am new file mode 100644 index 00000000000..ed2fa93860d --- /dev/null +++ b/www/squid31/patches/patch-am @@ -0,0 +1,18 @@ +$NetBSD: patch-am,v 1.4 2011/11/28 15:26:26 drochner Exp $ + +protect against CVE-2011-4122 + +--- helpers/basic_auth/PAM/pam_auth.c.orig 2011-10-13 08:30:05.000000000 +0000 ++++ helpers/basic_auth/PAM/pam_auth.c +@@ -196,6 +196,11 @@ start: + exit(1); + } + ++ if (strchr(service, '/')) { ++ fprintf(stderr, "Illegal service '%s'\n", service); ++ exit(1); ++ } ++ + while (fgets(buf, BUFSIZE, stdin)) { + user = buf; + password_buf = strchr(buf, '\n'); |