diff options
| author | drochner <drochner@pkgsrc.org> | 2013-02-08 15:45:42 +0000 |
|---|---|---|
| committer | drochner <drochner@pkgsrc.org> | 2013-02-08 15:45:42 +0000 |
| commit | c8a6049d85130a6661a7eb778cdb0a80e84d0ef2 (patch) | |
| tree | df3db75f30af8f89acade01ef8d3811d2b0e38d2 /www | |
| parent | 54a08f99e1d549bef4a1e6ec20e36a66aa0629e9 (diff) | |
| download | pkgsrc-c8a6049d85130a6661a7eb778cdb0a80e84d0ef2.tar.gz | |
add patch from upstream to fix SASL buffer overflow vulnerability
(CVE-2013-0249), bump PKGREV
Diffstat (limited to 'www')
| -rw-r--r-- | www/curl/Makefile | 4 | ||||
| -rw-r--r-- | www/curl/distinfo | 3 | ||||
| -rw-r--r-- | www/curl/patches/patch-CVE-2013-0249 | 43 |
3 files changed, 47 insertions, 3 deletions
diff --git a/www/curl/Makefile b/www/curl/Makefile index 01c09d9ec04..79a39124d9f 100644 --- a/www/curl/Makefile +++ b/www/curl/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.122 2013/02/06 23:20:52 jperkin Exp $ +# $NetBSD: Makefile,v 1.123 2013/02/08 15:45:42 drochner Exp $ DISTNAME= curl-7.28.1 -PKGREVISION= 2 +PKGREVISION= 3 CATEGORIES= www MASTER_SITES= http://curl.haxx.se/download/ \ ftp://ftp.sunet.se/pub/www/utilities/curl/ diff --git a/www/curl/distinfo b/www/curl/distinfo index d91fa84d1cc..ef03b7ceee4 100644 --- a/www/curl/distinfo +++ b/www/curl/distinfo @@ -1,6 +1,7 @@ -$NetBSD: distinfo,v 1.80 2012/12/06 16:24:29 adam Exp $ +$NetBSD: distinfo,v 1.81 2013/02/08 15:45:42 drochner Exp $ SHA1 (curl-7.28.1.tar.bz2) = b5aff1afc4e40fcb78db7a5e27214e0035756f3d RMD160 (curl-7.28.1.tar.bz2) = d4a0cb79756607c3b573970648d639744f15fc65 Size (curl-7.28.1.tar.bz2) = 2516671 bytes +SHA1 (patch-CVE-2013-0249) = a00098804b17c59905fcd87dc69defc43f2aaf19 SHA1 (patch-aa) = 66dc62384fa8dcd5a68f0f9af8b3c449a46fd250 diff --git a/www/curl/patches/patch-CVE-2013-0249 b/www/curl/patches/patch-CVE-2013-0249 new file mode 100644 index 00000000000..1a5972f2d30 --- /dev/null +++ b/www/curl/patches/patch-CVE-2013-0249 @@ -0,0 +1,43 @@ +$NetBSD: patch-CVE-2013-0249,v 1.1 2013/02/08 15:45:42 drochner Exp $ + +see http://curl.haxx.se/docs/adv_20130206.html + +--- lib/curl_sasl.c.orig 2012-08-08 20:45:18.000000000 +0000 ++++ lib/curl_sasl.c +@@ -345,9 +345,7 @@ CURLcode Curl_sasl_create_digest_md5_mes + snprintf(&HA1_hex[2 * i], 3, "%02x", digest[i]); + + /* Prepare the URL string */ +- strcpy(uri, service); +- strcat(uri, "/"); +- strcat(uri, realm); ++ snprintf(uri, sizeof(uri), "%s/%s", service, realm); + + /* Calculate H(A2) */ + ctxt = Curl_MD5_init(Curl_DIGEST_MD5); +@@ -391,20 +389,11 @@ CURLcode Curl_sasl_create_digest_md5_mes + for(i = 0; i < MD5_DIGEST_LEN; i++) + snprintf(&resp_hash_hex[2 * i], 3, "%02x", digest[i]); + +- strcpy(response, "username=\""); +- strcat(response, userp); +- strcat(response, "\",realm=\""); +- strcat(response, realm); +- strcat(response, "\",nonce=\""); +- strcat(response, nonce); +- strcat(response, "\",cnonce=\""); +- strcat(response, cnonce); +- strcat(response, "\",nc="); +- strcat(response, nonceCount); +- strcat(response, ",digest-uri=\""); +- strcat(response, uri); +- strcat(response, "\",response="); +- strcat(response, resp_hash_hex); ++ snprintf(response, sizeof(response), ++ "username=\"%s\",realm=\"%s\",nonce=\"%s\"," ++ "cnonce=\"%s\",nc=\"%s\",digest-uri=\"%s\",response=%s", ++ userp, realm, nonce, ++ cnonce, nonceCount, uri, resp_hash_hex); + + /* Base64 encode the reply */ + return Curl_base64_encode(data, response, 0, outptr, outlen); |