diff options
author | agc <agc> | 2004-04-27 08:45:22 +0000 |
---|---|---|
committer | agc <agc> | 2004-04-27 08:45:22 +0000 |
commit | 13f4c2fa8ec3cddaf1781bc977d8aa2cd3d5a535 (patch) | |
tree | cb288dd56e0bfd7157c3cadd5138f1f7f513f833 | |
parent | bbcecfa0ab44baddce8ce69c65e6f101a93a96da (diff) | |
download | pkgsrc-13f4c2fa8ec3cddaf1781bc977d8aa2cd3d5a535.tar.gz |
Pull up a security fix to the pkgsrc-2004Q1 branch.
Requested by xtraeme in ticket pkgsrc-22.
"Fix XChat's Socks-5 proxy code, see
http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html.
Bump PKGREVISION."
-rw-r--r-- | chat/xchat/distinfo | 3 | ||||
-rw-r--r-- | chat/xchat/patches/patch-aa | 24 |
2 files changed, 26 insertions, 1 deletions
diff --git a/chat/xchat/distinfo b/chat/xchat/distinfo index 6dc0bb4c93d..f21b0eebc1a 100644 --- a/chat/xchat/distinfo +++ b/chat/xchat/distinfo @@ -1,6 +1,7 @@ -$NetBSD: distinfo,v 1.20 2003/01/12 21:49:07 tron Exp $ +$NetBSD: distinfo,v 1.20.6.1 2004/04/27 08:45:22 agc Exp $ SHA1 (xchat-1.8.11.tar.bz2) = 331afd74bc20797c0dec1a7e32fe014efe6cdc0a Size (xchat-1.8.11.tar.bz2) = 850453 bytes +SHA1 (patch-aa) = 98e1efa4e83bcfb76dafeb96176d760738e8021b SHA1 (patch-ad) = 7dec0bd4107febc923031b80b75a1a8a36b0255b SHA1 (patch-ae) = baee878728bb33317258e43919ccabfcf3fd2f4a diff --git a/chat/xchat/patches/patch-aa b/chat/xchat/patches/patch-aa new file mode 100644 index 00000000000..00e14717bb8 --- /dev/null +++ b/chat/xchat/patches/patch-aa @@ -0,0 +1,24 @@ +# Fix broken Socks5 traversal in xchat <= 2.0.8 + +http://mail.nl.linux.org/xchat-announce/2004-04/msg00000.html + +--- src/common/server.c 2004-03-16 15:33:47.000000000 +1100 ++++ src/common/server.c 2004-04-05 15:33:15.000000000 +1000 +@@ -1054,7 +1054,7 @@ + struct sock5_connect1 sc1; + unsigned char *sc2; + unsigned int packetlen, addrlen; +- unsigned char buf[10]; ++ unsigned char buf[260]; + + sc1.version = 5; + sc1.nmethods = 1; +@@ -1095,7 +1095,7 @@ + { + if (recv (sok, buf, 1, 0) != 1) + return 1; +- packetlen = buf[0] + 2; ++ packetlen = buf[0] + 2; /* can't exceed 260 */ + if (recv (sok, buf, packetlen, 0) != packetlen) + return 1; + } |