diff options
author | abs <abs> | 2000-10-02 16:43:44 +0000 |
---|---|---|
committer | abs <abs> | 2000-10-02 16:43:44 +0000 |
commit | 2861a77b234c38e5948c224796d5291c25b8b27d (patch) | |
tree | 2d0bdb443ac84cb49ebe545948a670ee245fb44a /sysutils/cfengine | |
parent | 361ebd67e0dc051e3fdbe34af17e4cc08ab3b2c9 (diff) | |
download | pkgsrc-2861a77b234c38e5948c224796d5291c25b8b27d.tar.gz |
Update to 1.5.3nb3:
Always pass %s to syslog to avoid potential format string exploit.
(Action based on alert by Pekka Savola on Bugtraq)
Diffstat (limited to 'sysutils/cfengine')
-rw-r--r-- | sysutils/cfengine/Makefile | 4 | ||||
-rw-r--r-- | sysutils/cfengine/files/patch-sum | 15 | ||||
-rw-r--r-- | sysutils/cfengine/patches/patch-aa | 74 | ||||
-rw-r--r-- | sysutils/cfengine/patches/patch-ab | 76 | ||||
-rw-r--r-- | sysutils/cfengine/patches/patch-ac | 22 | ||||
-rw-r--r-- | sysutils/cfengine/patches/patch-ad | 61 | ||||
-rw-r--r-- | sysutils/cfengine/patches/patch-ae | 29 | ||||
-rw-r--r-- | sysutils/cfengine/patches/patch-af | 63 | ||||
-rw-r--r-- | sysutils/cfengine/patches/patch-ag | 46 |
9 files changed, 223 insertions, 167 deletions
diff --git a/sysutils/cfengine/Makefile b/sysutils/cfengine/Makefile index 2e3be49fbb2..8fd694d1fe2 100644 --- a/sysutils/cfengine/Makefile +++ b/sysutils/cfengine/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.5 2000/02/03 11:25:11 abs Exp $ +# $NetBSD: Makefile,v 1.6 2000/10/02 16:43:44 abs Exp $ # DISTNAME= cfengine-1.5.3 -PKGNAME= cfengine-1.5.3nb2 +PKGNAME= cfengine-1.5.3nb3 CATEGORIES= sysutils net MASTER_SITES= ftp://ftp.iu.hioslo.no/pub/cfengine/ \ ftp://ftp.cfengine.webmotion.net/pub/cfengine/ diff --git a/sysutils/cfengine/files/patch-sum b/sysutils/cfengine/files/patch-sum index bff292392ff..4c230b36ad7 100644 --- a/sysutils/cfengine/files/patch-sum +++ b/sysutils/cfengine/files/patch-sum @@ -1,8 +1,9 @@ -$NetBSD: patch-sum,v 1.8 2000/09/13 01:00:48 wiz Exp $ +$NetBSD: patch-sum,v 1.9 2000/10/02 16:43:45 abs Exp $ -MD5 (patch-aa) = ebd4b9f4a796be4616eb8e7dfcd94ff1 -MD5 (patch-ab) = 4e4988a1c3864caf5672684597d7dfc8 -MD5 (patch-ac) = 8e21f9df160a1c36d7e8da66445bd792 -MD5 (patch-ad) = b9992ff1c51e27d616579bc5e3005f11 -MD5 (patch-ae) = a0809132cb27e911e5712252068d3e4c -MD5 (patch-af) = efd8fa5fc2ea034e482fac77e3834ddd +MD5 (patch-aa) = 080c121969552ceaee0aa792e38d9db5 +MD5 (patch-ab) = a108af8ede9d22ac195263eb1688b388 +MD5 (patch-ac) = 1267beae4e140fca6a460efe3963be0e +MD5 (patch-ad) = 9077db4f253ef7671b74d808210cc1fb +MD5 (patch-ae) = bcc9061e201889e52f8c8ff4016183aa +MD5 (patch-af) = a441fbf8fff41ad3fe395fe99d3f040e +MD5 (patch-ag) = aad12a5f1e57a83d1267ec7fdf4f0c81 diff --git a/sysutils/cfengine/patches/patch-aa b/sysutils/cfengine/patches/patch-aa index d33c6fe66b5..c77c8b9c202 100644 --- a/sysutils/cfengine/patches/patch-aa +++ b/sysutils/cfengine/patches/patch-aa @@ -1,21 +1,53 @@ -$NetBSD: patch-aa,v 1.1.1.1 1999/10/10 23:13:07 abs Exp $ ---- contrib/Makefile.in.orig Thu Apr 10 09:19:55 1997 -+++ contrib/Makefile.in Sun Oct 10 23:43:34 1999 -@@ -12,7 +12,7 @@ - datadir = @datadir@ - - INSTALL = @INSTALL@ --INSTALL_PROGRAM = @INSTALL_PROGRAM@ -+INSTALL_SCRIPT = @INSTALL_SCRIPT@ - - MKINSTALLDIR = @top_srcdir@/bin/mkinstalldirs - -@@ -28,7 +28,7 @@ - ${MKINSTALLDIR} ${sbindir} - for x in $?; \ - do \ -- ${INSTALL_PROGRAM} $$x ${sbindir}; \ -+ ${INSTALL_SCRIPT} $$x ${sbindir}; \ - done - - clean: +$NetBSD: patch-aa,v 1.2 2000/10/02 16:43:45 abs Exp $ + +--- configure.orig Mon Oct 25 09:25:53 1999 ++++ configure +@@ -1073,6 +1073,8 @@ + # It thinks the first close brace ends the variable substitution. + test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' + ++test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' ++ + test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' + + +@@ -3984,6 +3986,7 @@ + + + ++if false; then + echo $ac_n "checking for main in -lpthread""... $ac_c" 1>&6 + echo "configure:3989: checking for main in -lpthread" >&5 + ac_lib_var=`echo pthread'_'main | sed 'y%./+-%__p_%'` +@@ -4105,6 +4108,7 @@ + echo "$ac_t""no" 1>&6 + fi + done ++fi + + + echo $ac_n "checking for lchown""... $ac_c" 1>&6 +@@ -4158,6 +4162,7 @@ + echo "$ac_t""no" 1>&6 + fi + ++if false; then + echo $ac_n "checking for pthread_attr_setstacksize""... $ac_c" 1>&6 + echo "configure:4163: checking for pthread_attr_setstacksize" >&5 + if eval "test \"`echo '$''{'ac_cv_func_pthread_attr_setstacksize'+set}'`\" = set"; then +@@ -4353,6 +4358,7 @@ + fi + + fi ++fi + + + # Check whether --enable-DCE or --disable-DCE was given. +@@ -5011,6 +5017,7 @@ + s%@YACC@%$YACC%g + s%@RANLIB@%$RANLIB%g + s%@INSTALL_PROGRAM@%$INSTALL_PROGRAM%g ++s%@INSTALL_SCRIPT@%$INSTALL_SCRIPT%g + s%@INSTALL_DATA@%$INSTALL_DATA%g + s%@PERL@%$PERL%g + s%@TEX@%$TEX%g diff --git a/sysutils/cfengine/patches/patch-ab b/sysutils/cfengine/patches/patch-ab index fde34cc6123..2e1086400a8 100644 --- a/sysutils/cfengine/patches/patch-ab +++ b/sysutils/cfengine/patches/patch-ab @@ -1,56 +1,22 @@ -$NetBSD: patch-ab,v 1.3 2000/09/09 18:11:54 wiz Exp $ +$NetBSD: patch-ab,v 1.4 2000/10/02 16:43:45 abs Exp $ -We don't want to find any installed pthread packages, but there is no -configure switch for this. -- wiz - ---- configure.orig Mon Oct 25 10:25:53 1999 -+++ configure -@@ -1073,6 +1073,8 @@ - # It thinks the first close brace ends the variable substitution. - test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' - -+test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' -+ - test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' - - -@@ -3984,6 +3986,7 @@ - - - -+if false; then - echo $ac_n "checking for main in -lpthread""... $ac_c" 1>&6 - echo "configure:3989: checking for main in -lpthread" >&5 - ac_lib_var=`echo pthread'_'main | sed 'y%./+-%__p_%'` -@@ -4105,6 +4108,7 @@ - echo "$ac_t""no" 1>&6 - fi - done -+fi - - - echo $ac_n "checking for lchown""... $ac_c" 1>&6 -@@ -4158,6 +4162,7 @@ - echo "$ac_t""no" 1>&6 - fi - -+if false; then - echo $ac_n "checking for pthread_attr_setstacksize""... $ac_c" 1>&6 - echo "configure:4163: checking for pthread_attr_setstacksize" >&5 - if eval "test \"`echo '$''{'ac_cv_func_pthread_attr_setstacksize'+set}'`\" = set"; then -@@ -4353,6 +4358,7 @@ - fi - - fi -+fi - - - # Check whether --enable-DCE or --disable-DCE was given. -@@ -5011,6 +5017,7 @@ - s%@YACC@%$YACC%g - s%@RANLIB@%$RANLIB%g - s%@INSTALL_PROGRAM@%$INSTALL_PROGRAM%g -+s%@INSTALL_SCRIPT@%$INSTALL_SCRIPT%g - s%@INSTALL_DATA@%$INSTALL_DATA%g - s%@PERL@%$PERL%g - s%@TEX@%$TEX%g +--- contrib/Makefile.in.orig Thu Apr 10 09:19:55 1997 ++++ contrib/Makefile.in +@@ -12,7 +12,7 @@ + datadir = @datadir@ + + INSTALL = @INSTALL@ +-INSTALL_PROGRAM = @INSTALL_PROGRAM@ ++INSTALL_SCRIPT = @INSTALL_SCRIPT@ + + MKINSTALLDIR = @top_srcdir@/bin/mkinstalldirs + +@@ -28,7 +28,7 @@ + ${MKINSTALLDIR} ${sbindir} + for x in $?; \ + do \ +- ${INSTALL_PROGRAM} $$x ${sbindir}; \ ++ ${INSTALL_SCRIPT} $$x ${sbindir}; \ + done + + clean: diff --git a/sysutils/cfengine/patches/patch-ac b/sysutils/cfengine/patches/patch-ac index 62b7cd50ffb..d0f8062c5ff 100644 --- a/sysutils/cfengine/patches/patch-ac +++ b/sysutils/cfengine/patches/patch-ac @@ -1,11 +1,13 @@ -$NetBSD: patch-ac,v 1.1 1999/11/05 13:52:52 abs Exp $ ---- src/install.c.orig Fri Nov 5 06:44:50 1999 -+++ src/install.c Fri Nov 5 10:38:31 1999 -@@ -153,6 +153,7 @@ - FatalError("Redefinition of basic system variable"); - } - strcpy(VNETMASK,value); -+ AddNetworkClass(VNETMASK); - break; - +$NetBSD: patch-ac,v 1.2 2000/10/02 16:43:45 abs Exp $ + +--- src/encrypt.c.orig Wed Aug 11 10:32:33 1999 ++++ src/encrypt.c +@@ -39,6 +39,8 @@ + #ifdef HAVE_LIBCRYPTO /* must be des.h from OpenSSL */ + # ifdef HAVE_OPENSSL_DES_H + # include <openssl/des.h> ++# else ++# undef HAVE_LIBCRYPTO + # endif + #endif diff --git a/sysutils/cfengine/patches/patch-ad b/sysutils/cfengine/patches/patch-ad index f62af4d4a78..a89a7929989 100644 --- a/sysutils/cfengine/patches/patch-ad +++ b/sysutils/cfengine/patches/patch-ad @@ -1,45 +1,20 @@ -$NetBSD: patch-ad,v 1.3 1999/11/09 19:29:57 abs Exp $ ---- src/misc.c.orig Tue Sep 14 09:46:53 1999 -+++ src/misc.c Tue Nov 9 16:27:25 1999 -@@ -652,3 +652,41 @@ +$NetBSD: patch-ad,v 1.4 2000/10/02 16:43:45 abs Exp $ + +--- src/image.c.orig Tue Sep 14 09:28:09 1999 ++++ src/image.c +@@ -193,9 +193,12 @@ + DeleteItemList(namecache); + } + +-DeleteCompressedArray(ip->inode_cache); +- +-ip->inode_cache = NULL; ++ /* Only flush when exiting initial call to RecursiveImage() */ ++if (strcmp(from,ip->path) == 0) ++ { ++ DeleteCompressedArray(ip->inode_cache); ++ ip->inode_cache = NULL; ++ } - AddClassToHeap(CanonifyName(VDOMAIN)); + cfclosedir(dirh); } -+ -+/*********************************************************************/ -+ -+AddNetworkClass(netmask) -+ -+const char *netmask; -+ -+{ -+struct in_addr ip, -+ nm; -+char *sp, -+ nmbuf[maxvarsize], -+ ipbuf[maxvarsize]; -+ -+ /* -+ * Has to differentiate between cases such as: -+ * 192.168.101.1/24 -> 192.168.101 and -+ * 192.168.101.1/26 -> 192.168.101.0 -+ * We still have the, um... 'interesting' Class C default Network Class -+ * set by GetNameInfo() -+ */ -+ -+ /* This is also a convenient method to ensure valid dotted quad */ -+if ( (nm.s_addr = inet_addr(netmask)) != -1 && -+ (ip.s_addr = inet_addr(VIPADDRESS)) != -1 ) -+ { -+ ip.s_addr &= nm.s_addr; /* Will not work with IPv6 */ -+ strcpy(ipbuf,inet_ntoa(ip)); -+ -+ strcpy(nmbuf,inet_ntoa(nm)); -+ while( (sp = strrchr(nmbuf,'.')) && strcmp(sp,".0") == 0 ) -+ { -+ *sp = 0; -+ *strrchr(ipbuf,'.') = 0; -+ } -+ AddClassToHeap(CanonifyName(ipbuf)); -+ } -+} diff --git a/sysutils/cfengine/patches/patch-ae b/sysutils/cfengine/patches/patch-ae index b9c36a08830..94a0c799a59 100644 --- a/sysutils/cfengine/patches/patch-ae +++ b/sysutils/cfengine/patches/patch-ae @@ -1,19 +1,12 @@ -$NetBSD: patch-ae,v 1.1 1999/11/09 16:14:59 abs Exp $ ---- src/image.c.orig Tue Sep 14 09:28:09 1999 -+++ src/image.c Tue Nov 9 15:37:00 1999 -@@ -193,9 +193,12 @@ - DeleteItemList(namecache); - } - --DeleteCompressedArray(ip->inode_cache); -- --ip->inode_cache = NULL; -+ /* Only flush when exiting initial call to RecursiveImage() */ -+if (strcmp(from,ip->path) == 0) -+ { -+ DeleteCompressedArray(ip->inode_cache); -+ ip->inode_cache = NULL; -+ } +$NetBSD: patch-ae,v 1.2 2000/10/02 16:43:45 abs Exp $ + +--- src/install.c.orig Fri Sep 24 14:00:03 1999 ++++ src/install.c +@@ -153,6 +153,7 @@ + FatalError("Redefinition of basic system variable"); + } + strcpy(VNETMASK,value); ++ AddNetworkClass(VNETMASK); + break; + - cfclosedir(dirh); - } diff --git a/sysutils/cfengine/patches/patch-af b/sysutils/cfengine/patches/patch-af index 7dcfa6ddb92..b46cd10d12c 100644 --- a/sysutils/cfengine/patches/patch-af +++ b/sysutils/cfengine/patches/patch-af @@ -1,13 +1,54 @@ -$NetBSD: patch-af,v 1.1 2000/09/13 01:00:48 wiz Exp $ +$NetBSD: patch-af,v 1.2 2000/10/02 16:43:45 abs Exp $ ---- src/encrypt.c.orig Wed Aug 11 11:32:33 1999 -+++ src/encrypt.c -@@ -39,6 +39,8 @@ - #ifdef HAVE_LIBCRYPTO /* must be des.h from OpenSSL */ - # ifdef HAVE_OPENSSL_DES_H - # include <openssl/des.h> -+# else -+# undef HAVE_LIBCRYPTO - # endif - #endif +--- src/log.c.orig Mon Oct 2 17:38:13 2000 ++++ src/log.c +@@ -71,12 +71,12 @@ + + if (LOGGING && (getuid() == 0)) + { +- syslog(LOG_ERR,string,VFQNAME); ++ syslog(LOG_ERR,"%s",string,VFQNAME); + if (strlen(errstr) != 0) + { +- syslog(LOG_ERR,errstr,VFQNAME); +- syslog(LOG_ERR,strerror(errno),VFQNAME); ++ syslog(LOG_ERR,"%s",errstr,VFQNAME); ++ syslog(LOG_ERR,"%s",strerror(errno),VFQNAME); + } + } + break; +@@ -110,11 +110,11 @@ + case cflogonly: + if (LOGGING && getuid() == 0) + { +- syslog(LOG_INFO,string,VFQNAME); ++ syslog(LOG_INFO,"%s",string,VFQNAME); + + if ((errstr == NULL) || (strlen(errstr) > 0)) + { +- syslog(LOG_ERR,errstr,VFQNAME); ++ syslog(LOG_ERR,"%s",errstr,VFQNAME); + } + } + +@@ -125,7 +125,7 @@ + + if (LOGGING && (getuid() == 0)) + { +- syslog(LOG_ERR,string,VFQNAME); ++ syslog(LOG_ERR,"%s",string,VFQNAME); + } + + if (string[strlen(string)-1] != '\n') +@@ -141,8 +141,8 @@ + + if (LOGGING && (getuid() == 0)) + { +- syslog(LOG_ERR,errstr,VFQNAME); +- syslog(LOG_ERR,strerror(errno),VFQNAME); ++ syslog(LOG_ERR,"%s",errstr,VFQNAME); ++ syslog(LOG_ERR,"%s",strerror(errno),VFQNAME); + } + } + return; diff --git a/sysutils/cfengine/patches/patch-ag b/sysutils/cfengine/patches/patch-ag new file mode 100644 index 00000000000..bd8019dc206 --- /dev/null +++ b/sysutils/cfengine/patches/patch-ag @@ -0,0 +1,46 @@ +$NetBSD: patch-ag,v 1.1 2000/10/02 16:43:45 abs Exp $ + +--- src/misc.c.orig Tue Sep 14 09:46:53 1999 ++++ src/misc.c +@@ -652,3 +652,41 @@ + + AddClassToHeap(CanonifyName(VDOMAIN)); + } ++ ++/*********************************************************************/ ++ ++AddNetworkClass(netmask) ++ ++const char *netmask; ++ ++{ ++struct in_addr ip, ++ nm; ++char *sp, ++ nmbuf[maxvarsize], ++ ipbuf[maxvarsize]; ++ ++ /* ++ * Has to differentiate between cases such as: ++ * 192.168.101.1/24 -> 192.168.101 and ++ * 192.168.101.1/26 -> 192.168.101.0 ++ * We still have the, um... 'interesting' Class C default Network Class ++ * set by GetNameInfo() ++ */ ++ ++ /* This is also a convenient method to ensure valid dotted quad */ ++if ( (nm.s_addr = inet_addr(netmask)) != -1 && ++ (ip.s_addr = inet_addr(VIPADDRESS)) != -1 ) ++ { ++ ip.s_addr &= nm.s_addr; /* Will not work with IPv6 */ ++ strcpy(ipbuf,inet_ntoa(ip)); ++ ++ strcpy(nmbuf,inet_ntoa(nm)); ++ while( (sp = strrchr(nmbuf,'.')) && strcmp(sp,".0") == 0 ) ++ { ++ *sp = 0; ++ *strrchr(ipbuf,'.') = 0; ++ } ++ AddClassToHeap(CanonifyName(ipbuf)); ++ } ++} |