diff options
| author | rtr <rtr> | 2009-02-16 05:24:29 +0000 |
|---|---|---|
| committer | rtr <rtr> | 2009-02-16 05:24:29 +0000 |
| commit | c4e2bbde956808d53f3484da39482dd2c50b676d (patch) | |
| tree | 55ecfd5f83870525e3c35e3a6e047e86bfa4bdc2 | |
| parent | 707b27ef388b69e37f311d91dc0a64ffb72a567e (diff) | |
| download | pkgsrc-c4e2bbde956808d53f3484da39482dd2c50b676d.tar.gz | |
pullup ticket #2700 - requested by tron
net-snmp: security fix
revisions pulled up:
pkgsrc/net/net-snmp/Makefile 1.76
pkgsrc/net/net-snmp/distinfo 1.52
pkgsrc/net/net-snmp/patches/patch-ad 1.7
Module Name: pkgsrc
Committed By: tron
Date: Sun Feb 15 11:31:51 UTC 2009
Modified Files:
pkgsrc/net/net-snmp: Makefile distinfo
Added Files:
pkgsrc/net/net-snmp/patches: patch-ad
Log Message:
Add a patch from the "net-snmp" repository to close the vulnerability
reported in SA33884/CVE-2008-6123.
| -rw-r--r-- | net/net-snmp/Makefile | 3 | ||||
| -rw-r--r-- | net/net-snmp/distinfo | 3 | ||||
| -rw-r--r-- | net/net-snmp/patches/patch-ad | 20 |
3 files changed, 24 insertions, 2 deletions
diff --git a/net/net-snmp/Makefile b/net/net-snmp/Makefile index dac81e8ca15..e674209febb 100644 --- a/net/net-snmp/Makefile +++ b/net/net-snmp/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.75 2008/11/02 08:30:07 adam Exp $ +# $NetBSD: Makefile,v 1.75.2.1 2009/02/16 05:24:29 rtr Exp $ DISTNAME= net-snmp-5.4.2.1 +PKGREVISION= 1 CATEGORIES= net MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=net-snmp/} diff --git a/net/net-snmp/distinfo b/net/net-snmp/distinfo index 2c3196d35da..eb784c3321f 100644 --- a/net/net-snmp/distinfo +++ b/net/net-snmp/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.51 2008/11/02 08:30:07 adam Exp $ +$NetBSD: distinfo,v 1.51.2.1 2009/02/16 05:24:29 rtr Exp $ SHA1 (net-snmp-5.4.2.1.tar.gz) = 4f2df9ea62344fe840f493d0e08abe5de3697862 RMD160 (net-snmp-5.4.2.1.tar.gz) = 2148c42d486ed88f9cfc3ca1d50c68abcd7e3d63 @@ -6,6 +6,7 @@ Size (net-snmp-5.4.2.1.tar.gz) = 5185390 bytes SHA1 (patch-aa) = 34f85e513ace26c1c2b05bb1c4b72a23491861cf SHA1 (patch-ab) = 3227eeb8b54b37813d8b6949f8c6ddc446038bf2 SHA1 (patch-ac) = becbd7d3f7bbd16d6ddd1a6ea5467a127553caa4 +SHA1 (patch-ad) = 4af27886f93bf018f6794c3f8b8dcb9b08389163 SHA1 (patch-ae) = 721e62bb42b6d3787f36316cf2628cd71ae6a6ce SHA1 (patch-af) = 15a18d1a8f3a8ffaba5facb37420668791944d29 SHA1 (patch-ag) = 7021f7238c37635c9c32ceca681fd42aa125437f diff --git a/net/net-snmp/patches/patch-ad b/net/net-snmp/patches/patch-ad new file mode 100644 index 00000000000..d392faa6332 --- /dev/null +++ b/net/net-snmp/patches/patch-ad @@ -0,0 +1,20 @@ +$NetBSD: patch-ad,v 1.6.6.1 2009/02/16 05:24:29 rtr Exp $ + +Patch for CVE-2008-6123, taken from here: + +http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/branches/V5-4-patches/net-snmp/snmplib/snmpUDPDomain.c?r1=17312&r2=17367&pathrev=17367 + +--- snmplib/snmpUDPDomain.c.orig 2007-10-11 21:46:30.000000000 +0100 ++++ snmplib/snmpUDPDomain.c 2009-02-15 11:21:10.000000000 +0000 +@@ -107,9 +107,9 @@ + sprintf(tmp, "UDP: [%s]->unknown", + inet_ntoa(addr_pair->local_addr)); + } else { +- sprintf(tmp, "UDP: [%s]->", inet_ntoa(addr_pair->local_addr)); +- sprintf(tmp + strlen(tmp), "[%s]:%hd", ++ sprintf(tmp, "UDP: [%s]:%hu->", + inet_ntoa(to->sin_addr), ntohs(to->sin_port)); ++ sprintf(tmp + strlen(tmp), "[%s]", inet_ntoa(addr_pair->local_addr)); + } + return strdup(tmp); + } |