diff options
| author | tron <tron> | 2008-06-12 13:32:23 +0000 |
|---|---|---|
| committer | tron <tron> | 2008-06-12 13:32:23 +0000 |
| commit | 9e3a9d6b2ae4a5e03c192d81e827dc2883ccbcc4 (patch) | |
| tree | 17185aaa32c83975a0b5161a2785d6a325295e9a /net | |
| parent | 4ef3e5c4cefd0695c8fec0fd26fd5ed81ea3e417 (diff) | |
| download | pkgsrc-9e3a9d6b2ae4a5e03c192d81e827dc2883ccbcc4.tar.gz | |
Add patch for CVE-2008-0960 from the Net-SNMP project page on Sourceforge.
Diffstat (limited to 'net')
| -rw-r--r-- | net/net-snmp/Makefile | 4 | ||||
| -rw-r--r-- | net/net-snmp/distinfo | 4 | ||||
| -rw-r--r-- | net/net-snmp/patches/patch-ep | 19 |
3 files changed, 19 insertions, 8 deletions
diff --git a/net/net-snmp/Makefile b/net/net-snmp/Makefile index 9fbcd83c3ef..9583a0b27f4 100644 --- a/net/net-snmp/Makefile +++ b/net/net-snmp/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.69 2008/06/05 19:09:41 christos Exp $ +# $NetBSD: Makefile,v 1.70 2008/06/12 13:32:23 tron Exp $ DISTNAME= net-snmp-5.4.1 -PKGREVISION= 3 +PKGREVISION= 4 CATEGORIES= net MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=net-snmp/} diff --git a/net/net-snmp/distinfo b/net/net-snmp/distinfo index c531f1d8667..5079d7f1f47 100644 --- a/net/net-snmp/distinfo +++ b/net/net-snmp/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.45 2008/06/06 16:18:03 tron Exp $ +$NetBSD: distinfo,v 1.46 2008/06/12 13:32:24 tron Exp $ SHA1 (net-snmp-5.4.1.tar.gz) = ac5ba033c10d53d3057415121f8c4936c643c208 RMD160 (net-snmp-5.4.1.tar.gz) = 3723488dab8d164702a7d55c9c72eeaec07dd50c @@ -42,6 +42,6 @@ SHA1 (patch-eh) = c2dbd651a0fcf6e20b8a9eee68f0ab30763af912 SHA1 (patch-ei) = 7eb4899b08b73c79f1eb8616bcebad38c0fbe148 SHA1 (patch-ej) = c8047a6109bf6b833c56562d48b56b480c4299be SHA1 (patch-el) = f80dc7058b8a60e3be53e5673538f6eb2d173b68 -SHA1 (patch-ep) = 82071d291813078d27552e5e16e1619e3b3a1bc2 +SHA1 (patch-ep) = 84dde63e97065c0776778583ae73e52adaffbd01 SHA1 (patch-es) = c26c048ccbda7e4d28cb0a2263cdaa71befb4f96 SHA1 (patch-et) = 63e31a08413b004608540a28a8fc448966320e7f diff --git a/net/net-snmp/patches/patch-ep b/net/net-snmp/patches/patch-ep index bcd72034dd5..ecf104b40e5 100644 --- a/net/net-snmp/patches/patch-ep +++ b/net/net-snmp/patches/patch-ep @@ -1,8 +1,8 @@ -$NetBSD: patch-ep,v 1.2 2007/02/05 12:06:16 adam Exp $ +$NetBSD: patch-ep,v 1.3 2008/06/12 13:32:24 tron Exp $ ---- snmplib/scapi.c.orig 2006-09-15 14:47:00.000000000 +0200 -+++ snmplib/scapi.c -@@ -272,7 +272,7 @@ sc_generate_keyed_hash(const oid * autht +--- snmplib/scapi.c.orig 2006-09-15 13:47:01.000000000 +0100 ++++ snmplib/scapi.c 2008-06-12 13:58:35.000000000 +0100 +@@ -272,7 +272,7 @@ u_char buf[SNMP_MAXBUF_SMALL]; #if defined(NETSNMP_USE_OPENSSL) || defined(NETSNMP_USE_PKCS11) @@ -11,3 +11,14 @@ $NetBSD: patch-ep,v 1.2 2007/02/05 12:06:16 adam Exp $ #endif DEBUGTRACE; +@@ -563,6 +563,10 @@ + } + + ++ if (maclen != USM_MD5_AND_SHA_AUTH_LEN) { ++ QUITFUN(SNMPERR_GENERR, sc_check_keyed_hash_quit); ++ } ++ + /* + * Generate a full hash of the message, then compare + * the result with the given MAC which may shorter than |