diff options
| author | bouyer <bouyer@pkgsrc.org> | 2012-09-12 18:37:09 +0000 |
|---|---|---|
| committer | bouyer <bouyer@pkgsrc.org> | 2012-09-12 18:37:09 +0000 |
| commit | 33fd658376b57c591d8db15eb5c71f9783225265 (patch) | |
| tree | b6c0ee0eba12fcc0fb7b5e8b086f22a2f15953ea /net/freeradius2 | |
| parent | 67dc3bb315575d3f5d9169dcec06e429e7ec1882 (diff) | |
| download | pkgsrc-33fd658376b57c591d8db15eb5c71f9783225265.tar.gz | |
Add patch from the freeradius git repository, fixing CVE-2012-3547.
Bump PKGREVISION
Diffstat (limited to 'net/freeradius2')
| -rw-r--r-- | net/freeradius2/Makefile | 4 | ||||
| -rw-r--r-- | net/freeradius2/distinfo | 3 | ||||
| -rw-r--r-- | net/freeradius2/patches/patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c | 15 |
3 files changed, 19 insertions, 3 deletions
diff --git a/net/freeradius2/Makefile b/net/freeradius2/Makefile index 2b80a6c5bda..924aeacc04c 100644 --- a/net/freeradius2/Makefile +++ b/net/freeradius2/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.23 2012/04/03 01:38:18 obache Exp $ +# $NetBSD: Makefile,v 1.24 2012/09/12 18:37:09 bouyer Exp $ DISTNAME= freeradius-server-${RADVER} PKGNAME= ${DISTNAME:S/-server//} -PKGREVISION= 3 +PKGREVISION= 4 CATEGORIES= net MASTER_SITES= ftp://ftp.freeradius.org/pub/freeradius/ EXTRACT_SUFX= .tar.bz2 diff --git a/net/freeradius2/distinfo b/net/freeradius2/distinfo index a75456eba82..c5d91a61a34 100644 --- a/net/freeradius2/distinfo +++ b/net/freeradius2/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.12 2012/03/12 21:54:13 joerg Exp $ +$NetBSD: distinfo,v 1.13 2012/09/12 18:37:09 bouyer Exp $ SHA1 (freeradius-server-2.1.12.tar.bz2) = d80760f5ca854225e262954ce2505c22ef5fc6b2 RMD160 (freeradius-server-2.1.12.tar.bz2) = f951119a54057d2948f6dc28faa4bb2434b416a1 @@ -12,3 +12,4 @@ SHA1 (patch-aj) = 865882e6e6e935276529b98616c9059c555272b9 SHA1 (patch-ak) = 751aba6a3f9716279f3a87871cf7008b7a921f9a SHA1 (patch-al) = 6d68e3e2d7dd50675f142be974b277da0f664c8b SHA1 (patch-man_man5_dictionary.5) = cc662beeb2351501c9761e4ce6fc8402c7907b30 +SHA1 (patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c) = 3e52710e8fa6276beb5ef59d1f6895d27374f3fc diff --git a/net/freeradius2/patches/patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c b/net/freeradius2/patches/patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c new file mode 100644 index 00000000000..e7247416e6e --- /dev/null +++ b/net/freeradius2/patches/patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c @@ -0,0 +1,15 @@ +$NetBSD: patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c,v 1.1 2012/09/12 18:37:10 bouyer Exp $ +Fix CVE-2012-3547, from freerdius git repository: +https://github.com/alandekok/freeradius-server/commit/78e5aed56c36a9231bc91ea5f55b3edf88a9d2a4 + +--- src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c.orig 2012-09-12 20:17:15.000000000 +0200 ++++ src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c 2012-09-12 20:17:18.000000000 +0200 +@@ -531,7 +531,7 @@ + */ + buf[0] = '\0'; + asn_time = X509_get_notAfter(client_cert); +- if ((lookup <= 1) && asn_time && (asn_time->length < MAX_STRING_LEN)) { ++ if ((lookup <= 1) && asn_time && (asn_time->length < sizeof(buf))) { + memcpy(buf, (char*) asn_time->data, asn_time->length); + buf[asn_time->length] = '\0'; + pairadd(&handler->certs, |