diff options
| author | bsiegert <bsiegert@pkgsrc.org> | 2015-03-21 20:04:39 +0000 |
|---|---|---|
| committer | bsiegert <bsiegert@pkgsrc.org> | 2015-03-21 20:04:39 +0000 |
| commit | 32a5e0d7b090c91556e19808f3ecfcd5fd898b1e (patch) | |
| tree | 4c230842275142536c41320a25b7a1cbe9df8da6 /net/lftp | |
| parent | 2f690bd503038fca4109f6fdec18971890c90dd8 (diff) | |
| download | pkgsrc-32a5e0d7b090c91556e19808f3ecfcd5fd898b1e.tar.gz | |
SECURITY: add a patch to prevent saving of unknown host keys without user
intervention.
Bump PKGREVISION.
Diffstat (limited to 'net/lftp')
| -rw-r--r-- | net/lftp/Makefile | 4 | ||||
| -rw-r--r-- | net/lftp/distinfo | 3 | ||||
| -rw-r--r-- | net/lftp/patches/patch-src_SSH__Access.cc | 16 |
3 files changed, 20 insertions, 3 deletions
diff --git a/net/lftp/Makefile b/net/lftp/Makefile index 03b7f551d2f..f23ff2a6564 100644 --- a/net/lftp/Makefile +++ b/net/lftp/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.108 2014/10/09 14:06:45 wiz Exp $ +# $NetBSD: Makefile,v 1.109 2015/03/21 20:04:39 bsiegert Exp $ DISTNAME= lftp-4.4.6 -PKGREVISION= 3 +PKGREVISION= 4 CATEGORIES= net MASTER_SITES= http://ftp.yar.ru/pub/source/lftp/ \ ftp://ftp.tuwien.ac.at/infosys/browsers/ftp/lftp/ \ diff --git a/net/lftp/distinfo b/net/lftp/distinfo index 783b4a3c6b5..2d3d1f231df 100644 --- a/net/lftp/distinfo +++ b/net/lftp/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.61 2013/05/18 20:23:03 adam Exp $ +$NetBSD: distinfo,v 1.62 2015/03/21 20:04:39 bsiegert Exp $ SHA1 (lftp-4.4.6.tar.xz) = 76a61015adec55c0d6d5eb013d4cf3f108fd96a0 RMD160 (lftp-4.4.6.tar.xz) = 14ed0f6f5076750cb0661364a6e0a751d4512697 @@ -10,4 +10,5 @@ SHA1 (patch-ad) = daf9867bf3d42d82c6abe9200f3e8db8f91319e9 SHA1 (patch-ae) = 4e2506bbadbda97feeabb208cd43c0dff70ed7d3 SHA1 (patch-configure.ac) = 3264108e79adf637fa631dfe3787aa64c6f84743 SHA1 (patch-lib_inttypes.in.h) = 36d4cabc7fd9beef8f93973370ef5125c38ca121 +SHA1 (patch-src_SSH__Access.cc) = 6f5f340f625bad1358b19dfdf5280ab4fef61586 SHA1 (patch-src_module.cc) = 236fe2ce4ff215ddfe44fc86ed43ed00849280b8 diff --git a/net/lftp/patches/patch-src_SSH__Access.cc b/net/lftp/patches/patch-src_SSH__Access.cc new file mode 100644 index 00000000000..a77b155c926 --- /dev/null +++ b/net/lftp/patches/patch-src_SSH__Access.cc @@ -0,0 +1,16 @@ +$NetBSD: patch-src_SSH__Access.cc,v 1.1 2015/03/21 20:04:39 bsiegert Exp $ + +Do not save fingerprints of unknown hosts. +--- src/SSH_Access.cc.orig 2015-03-21 19:58:58.000000000 +0000 ++++ src/SSH_Access.cc +@@ -69,8 +69,8 @@ int SSH_Access::HandleSSHMessage() + } + if(s>=y_len && !strncasecmp(b+s-y_len,y,y_len)) + { +- pty_recv_buf->Put("yes\n"); +- pty_send_buf->Put("yes\n"); ++ pty_recv_buf->Put("no\n"); ++ pty_send_buf->Put("no\n"); + return m; + } + if(!received_greeting && recv_buf->Size()>0) |