diff options
author | abs <abs> | 2004-11-29 17:54:03 +0000 |
---|---|---|
committer | abs <abs> | 2004-11-29 17:54:03 +0000 |
commit | 9f3dc29189c691bcb3e0abae4d5944e56fca3563 (patch) | |
tree | 7798e3b8db0e6a50b36bc97d8ebddcaabbd5f9b8 /chat/jabberd2/Makefile | |
parent | 6511a16b81ef2128443d675723300675f6925a72 (diff) | |
download | pkgsrc-9f3dc29189c691bcb3e0abae4d5944e56fca3563.tar.gz |
Update jabberd2 to jabberd-2.0s4nb1, by pulling in patches from
http://www.marquard.net/jabber/#recommended,
specifically patch 58 which fixes the remote exploit listed at:
http://www.securityfocus.com/archive/1/382250
Patches included:
28* patch-jedi8-sm-object_c
Remove incorrect semicolumn from os_object_free() in sm/object.c
29* patch-jedi-mysql-storage
Fixes to mysql storage for boundary conditions
30* patch-base64
Fix length-related issues in base64 decoding routines
31* patch-sm-storage_db
Fixes to storage_db.c to avoid roster corruption: "sm/storage_db
inserts items in the filter hash table with keys which are located
on the stack. This creates confusion when the code later tries to
compare with these keys."
32* patch-nad-escape
Fixes bug in _nad_escape() where escaping ]]> can cause a segfault
when handling large messages where nad_realloc is called.
38* patch-jedi-pgsql-storage
Fixes to pgsql storage for boundary conditions and incorrect buffer
length calculation
46* patch-memleaks
Fix minor memory leaks in digest-md5 authentication and nad_free()
47* patch-ns-fix
Fixes omission of namespace declaration where a namespace has
already been used in the XML stanza
48* patch-sm-nad-triplet
Fixes omission of prefix on attributes processed by nad_parse (e.g.
in queue storage)
49* patch-mod_disco_publish
Corrects check for deleting previously published disco items from
"delete" to "remove" (as per JEP-0030).
50* patch-sm-filter
Alters filter handling and adds mysql/pgsql escaping on filter
strings to allow brackets and apostrophes in resource names that
form part of JIDs stored as roster entries
58* patch-c2s-buffers
Fixes buffer overflow that can lead to segfault in c2s mysql and
pgsql auth modules - see report by icbm (www.venustech.com.cn)
Diffstat (limited to 'chat/jabberd2/Makefile')
-rw-r--r-- | chat/jabberd2/Makefile | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/chat/jabberd2/Makefile b/chat/jabberd2/Makefile index e181810833b..f8f31f2c526 100644 --- a/chat/jabberd2/Makefile +++ b/chat/jabberd2/Makefile @@ -1,7 +1,8 @@ -# $NetBSD: Makefile,v 1.14 2004/11/10 10:34:50 xtraeme Exp $ +# $NetBSD: Makefile,v 1.15 2004/11/29 17:54:03 abs Exp $ # DISTNAME= jabberd-2.0s4 +PKGREVISION= 1 CATEGORIES= chat MASTER_SITES= http://www.jabberstudio.org/files/jabberd2/ @@ -9,6 +10,14 @@ MAINTAINER= xtraeme@NetBSD.org HOMEPAGE= http://jabberd.jabberstudio.org/2/ COMMENT= Instant messaging server (version 2) +PATCH_SITES= http://www.marquard.net/jabber/patches/ +PATCHFILES= patch-jedi8-sm-object_c patch-jedi-mysql-storage patch-base64 \ + patch-sm-storage_db patch-nad-escape patch-jedi-pgsql-storage \ + patch-memleaks patch-ns-fix patch-sm-nad-triplet \ + patch-mod_disco_publish patch-sm-filter patch-c2s-buffers +DIST_SUBDIR= ${PKGNAME_NOREV} + + CONFLICTS= jabberd-[0-9]*:../../chat/jabberd USE_BUILDLINK3= yes |