diff options
| author | spz <spz> | 2012-09-15 10:27:14 +0000 |
|---|---|---|
| committer | spz <spz> | 2012-09-15 10:27:14 +0000 |
| commit | 661f6cd4d8bef48272804808c295e797d41d33ad (patch) | |
| tree | 46279393b55321b82675dbc678ea293345824201 | |
| parent | 5c365d9125aea8e1e34da43be89d02b5d8030231 (diff) | |
| download | pkgsrc-661f6cd4d8bef48272804808c295e797d41d33ad.tar.gz | |
Pullup ticket #3921 - requested by bouyer
net/freeradius2: security patch
Revisions pulled up:
- net/freeradius2/Makefile 1.24
- net/freeradius2/distinfo 1.13
- net/freeradius2/patches/patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c 1.1
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: bouyer
Date: Wed Sep 12 18:37:10 UTC 2012
Modified Files:
pkgsrc/net/freeradius2: Makefile distinfo
Added Files:
pkgsrc/net/freeradius2/patches:
patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c
Log Message:
Add patch from the freeradius git repository, fixing CVE-2012-3547.
Bump PKGREVISION
To generate a diff of this commit:
cvs rdiff -u -r1.23 -r1.24 pkgsrc/net/freeradius2/Makefile
cvs rdiff -u -r1.12 -r1.13 pkgsrc/net/freeradius2/distinfo
cvs rdiff -u -r0 -r1.1 \
pkgsrc/net/freeradius2/patches/patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c
| -rw-r--r-- | net/freeradius2/Makefile | 4 | ||||
| -rw-r--r-- | net/freeradius2/distinfo | 3 | ||||
| -rw-r--r-- | net/freeradius2/patches/patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c | 15 |
3 files changed, 19 insertions, 3 deletions
diff --git a/net/freeradius2/Makefile b/net/freeradius2/Makefile index 2b80a6c5bda..755add1b796 100644 --- a/net/freeradius2/Makefile +++ b/net/freeradius2/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.23 2012/04/03 01:38:18 obache Exp $ +# $NetBSD: Makefile,v 1.23.4.1 2012/09/15 10:27:14 spz Exp $ DISTNAME= freeradius-server-${RADVER} PKGNAME= ${DISTNAME:S/-server//} -PKGREVISION= 3 +PKGREVISION= 4 CATEGORIES= net MASTER_SITES= ftp://ftp.freeradius.org/pub/freeradius/ EXTRACT_SUFX= .tar.bz2 diff --git a/net/freeradius2/distinfo b/net/freeradius2/distinfo index a75456eba82..7ce8178d199 100644 --- a/net/freeradius2/distinfo +++ b/net/freeradius2/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.12 2012/03/12 21:54:13 joerg Exp $ +$NetBSD: distinfo,v 1.12.4.1 2012/09/15 10:27:14 spz Exp $ SHA1 (freeradius-server-2.1.12.tar.bz2) = d80760f5ca854225e262954ce2505c22ef5fc6b2 RMD160 (freeradius-server-2.1.12.tar.bz2) = f951119a54057d2948f6dc28faa4bb2434b416a1 @@ -12,3 +12,4 @@ SHA1 (patch-aj) = 865882e6e6e935276529b98616c9059c555272b9 SHA1 (patch-ak) = 751aba6a3f9716279f3a87871cf7008b7a921f9a SHA1 (patch-al) = 6d68e3e2d7dd50675f142be974b277da0f664c8b SHA1 (patch-man_man5_dictionary.5) = cc662beeb2351501c9761e4ce6fc8402c7907b30 +SHA1 (patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c) = 3e52710e8fa6276beb5ef59d1f6895d27374f3fc diff --git a/net/freeradius2/patches/patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c b/net/freeradius2/patches/patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c new file mode 100644 index 00000000000..8d2fbc47eb1 --- /dev/null +++ b/net/freeradius2/patches/patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c @@ -0,0 +1,15 @@ +$NetBSD: patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c,v 1.1.2.2 2012/09/15 10:27:14 spz Exp $ +Fix CVE-2012-3547, from freerdius git repository: +https://github.com/alandekok/freeradius-server/commit/78e5aed56c36a9231bc91ea5f55b3edf88a9d2a4 + +--- src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c.orig 2012-09-12 20:17:15.000000000 +0200 ++++ src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c 2012-09-12 20:17:18.000000000 +0200 +@@ -531,7 +531,7 @@ + */ + buf[0] = '\0'; + asn_time = X509_get_notAfter(client_cert); +- if ((lookup <= 1) && asn_time && (asn_time->length < MAX_STRING_LEN)) { ++ if ((lookup <= 1) && asn_time && (asn_time->length < sizeof(buf))) { + memcpy(buf, (char*) asn_time->data, asn_time->length); + buf[asn_time->length] = '\0'; + pairadd(&handler->certs, |