diff options
| author | tron <tron> | 2009-02-15 11:31:51 +0000 |
|---|---|---|
| committer | tron <tron> | 2009-02-15 11:31:51 +0000 |
| commit | 282322c3791860dd9ab3b0d2cab6e564b360f8a0 (patch) | |
| tree | cab1743e3741f9eeb81f25040598fc7f06a0eb83 /net | |
| parent | 810c1c39fe65d6416dacc404667f30f3a986e1c5 (diff) | |
| download | pkgsrc-282322c3791860dd9ab3b0d2cab6e564b360f8a0.tar.gz | |
Add a patch from the "net-snmp" repository to close the vulnerability
reported in SA33884/CVE-2008-6123.
Diffstat (limited to 'net')
| -rw-r--r-- | net/net-snmp/Makefile | 3 | ||||
| -rw-r--r-- | net/net-snmp/distinfo | 3 | ||||
| -rw-r--r-- | net/net-snmp/patches/patch-ad | 20 |
3 files changed, 24 insertions, 2 deletions
diff --git a/net/net-snmp/Makefile b/net/net-snmp/Makefile index dac81e8ca15..25d7a47c853 100644 --- a/net/net-snmp/Makefile +++ b/net/net-snmp/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.75 2008/11/02 08:30:07 adam Exp $ +# $NetBSD: Makefile,v 1.76 2009/02/15 11:31:51 tron Exp $ DISTNAME= net-snmp-5.4.2.1 +PKGREVISION= 1 CATEGORIES= net MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=net-snmp/} diff --git a/net/net-snmp/distinfo b/net/net-snmp/distinfo index 2c3196d35da..e4b0f92eb7e 100644 --- a/net/net-snmp/distinfo +++ b/net/net-snmp/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.51 2008/11/02 08:30:07 adam Exp $ +$NetBSD: distinfo,v 1.52 2009/02/15 11:31:51 tron Exp $ SHA1 (net-snmp-5.4.2.1.tar.gz) = 4f2df9ea62344fe840f493d0e08abe5de3697862 RMD160 (net-snmp-5.4.2.1.tar.gz) = 2148c42d486ed88f9cfc3ca1d50c68abcd7e3d63 @@ -6,6 +6,7 @@ Size (net-snmp-5.4.2.1.tar.gz) = 5185390 bytes SHA1 (patch-aa) = 34f85e513ace26c1c2b05bb1c4b72a23491861cf SHA1 (patch-ab) = 3227eeb8b54b37813d8b6949f8c6ddc446038bf2 SHA1 (patch-ac) = becbd7d3f7bbd16d6ddd1a6ea5467a127553caa4 +SHA1 (patch-ad) = 4af27886f93bf018f6794c3f8b8dcb9b08389163 SHA1 (patch-ae) = 721e62bb42b6d3787f36316cf2628cd71ae6a6ce SHA1 (patch-af) = 15a18d1a8f3a8ffaba5facb37420668791944d29 SHA1 (patch-ag) = 7021f7238c37635c9c32ceca681fd42aa125437f diff --git a/net/net-snmp/patches/patch-ad b/net/net-snmp/patches/patch-ad new file mode 100644 index 00000000000..64842023ad7 --- /dev/null +++ b/net/net-snmp/patches/patch-ad @@ -0,0 +1,20 @@ +$NetBSD: patch-ad,v 1.7 2009/02/15 11:31:51 tron Exp $ + +Patch for CVE-2008-6123, taken from here: + +http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/branches/V5-4-patches/net-snmp/snmplib/snmpUDPDomain.c?r1=17312&r2=17367&pathrev=17367 + +--- snmplib/snmpUDPDomain.c.orig 2007-10-11 21:46:30.000000000 +0100 ++++ snmplib/snmpUDPDomain.c 2009-02-15 11:21:10.000000000 +0000 +@@ -107,9 +107,9 @@ + sprintf(tmp, "UDP: [%s]->unknown", + inet_ntoa(addr_pair->local_addr)); + } else { +- sprintf(tmp, "UDP: [%s]->", inet_ntoa(addr_pair->local_addr)); +- sprintf(tmp + strlen(tmp), "[%s]:%hd", ++ sprintf(tmp, "UDP: [%s]:%hu->", + inet_ntoa(to->sin_addr), ntohs(to->sin_port)); ++ sprintf(tmp + strlen(tmp), "[%s]", inet_ntoa(addr_pair->local_addr)); + } + return strdup(tmp); + } |