diff options
author | tron <tron> | 2013-08-21 19:40:13 +0000 |
---|---|---|
committer | tron <tron> | 2013-08-21 19:40:13 +0000 |
commit | e0bd026a648518fc6b077e2bab816c13453eb1ce (patch) | |
tree | 011a9bb9675411c54102ce61e90b05a5eca2b797 /security/putty/patches/patch-import.c | |
parent | e0063410d993e4da3a344775d6af078e97bbb99f (diff) | |
download | pkgsrc-e0bd026a648518fc6b077e2bab816c13453eb1ce.tar.gz |
Pullup ticket #4216 - requested by drochner
security/putty: security update
Revisions pulled up:
- security/putty/Makefile 1.34-1.35
- security/putty/distinfo 1.14-1.15
- security/putty/patches/patch-CVE-2013-4852-1 deleted
- security/putty/patches/patch-CVE-2013-4852-2 deleted
- security/putty/patches/patch-import.c 1.2-1.3
- security/putty/patches/patch-terminal.c deleted
- security/putty/patches/patch-timing.c 1.2
- security/putty/patches/patch-unix_gtkfont_c deleted
- security/putty/patches/patch-unix_gtkwin.c 1.3
- security/putty/patches/patch-unix_uxnet.c 1.2
- security/putty/patches/patch-unix_uxucs.c 1.2
- security/putty/patches/patch-windows_window.c 1.2
---
Module Name: pkgsrc
Committed By: drochner
Date: Tue Aug 6 12:23:37 UTC 2013
Modified Files:
pkgsrc/security/putty: Makefile distinfo
pkgsrc/security/putty/patches: patch-import.c
Added Files:
pkgsrc/security/putty/patches: patch-CVE-2013-4852-1
patch-CVE-2013-4852-2
Log Message:
add patch from upstream to fix possible heap overflow in SSH handshake
due to integer overflow (CVE-2013-4852)
bump PKGREV
---
Module Name: pkgsrc
Committed By: drochner
Date: Wed Aug 7 11:06:39 UTC 2013
Modified Files:
pkgsrc/security/putty: Makefile distinfo
pkgsrc/security/putty/patches: patch-import.c patch-timing.c
patch-unix_gtkwin.c patch-unix_uxnet.c patch-unix_uxucs.c
patch-windows_window.c
Removed Files:
pkgsrc/security/putty/patches: patch-CVE-2013-4852-1
patch-CVE-2013-4852-2 patch-terminal.c patch-unix_gtkfont_c
Log Message:
update to 0.63
This fixes a buffer overflow which was patched in pkgsrc
(CVE-2013-4852), two other buffer overflows (CVE-2013-4206,
CVE-2013-4207), and it clears private keys after use now
(CVE-2013-4208). Other than that, there are mostly bug fixes from 0.62
and a few small features.
Diffstat (limited to 'security/putty/patches/patch-import.c')
-rw-r--r-- | security/putty/patches/patch-import.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/security/putty/patches/patch-import.c b/security/putty/patches/patch-import.c index aa74a4e69ff..7c791965dbd 100644 --- a/security/putty/patches/patch-import.c +++ b/security/putty/patches/patch-import.c @@ -1,8 +1,8 @@ -$NetBSD: patch-import.c,v 1.1 2012/02/22 15:27:16 wiz Exp $ +$NetBSD: patch-import.c,v 1.1.14.1 2013/08/21 19:40:13 tron Exp $ ---- import.c.orig 2010-04-12 11:02:06.000000000 +0000 +--- import.c.orig 2013-07-20 13:15:20.000000000 +0000 +++ import.c -@@ -717,8 +717,8 @@ int openssh_write(const Filename *filena +@@ -725,8 +725,8 @@ int openssh_write(const Filename *filena unsigned char *outblob; int outlen; struct mpint_pos numbers[9]; @@ -13,7 +13,7 @@ $NetBSD: patch-import.c,v 1.1 2012/02/22 15:27:16 wiz Exp $ char zero[1]; unsigned char iv[8]; int ret = 0; -@@ -1513,8 +1513,8 @@ int sshcom_write(const Filename *filenam +@@ -1547,8 +1547,8 @@ int sshcom_write(const Filename *filenam unsigned char *outblob; int outlen; struct mpint_pos numbers[6]; |