From c4e2bbde956808d53f3484da39482dd2c50b676d Mon Sep 17 00:00:00 2001 From: rtr Date: Mon, 16 Feb 2009 05:24:29 +0000 Subject: pullup ticket #2700 - requested by tron net-snmp: security fix revisions pulled up: pkgsrc/net/net-snmp/Makefile 1.76 pkgsrc/net/net-snmp/distinfo 1.52 pkgsrc/net/net-snmp/patches/patch-ad 1.7 Module Name: pkgsrc Committed By: tron Date: Sun Feb 15 11:31:51 UTC 2009 Modified Files: pkgsrc/net/net-snmp: Makefile distinfo Added Files: pkgsrc/net/net-snmp/patches: patch-ad Log Message: Add a patch from the "net-snmp" repository to close the vulnerability reported in SA33884/CVE-2008-6123. --- net/net-snmp/Makefile | 3 ++- net/net-snmp/distinfo | 3 ++- net/net-snmp/patches/patch-ad | 20 ++++++++++++++++++++ 3 files changed, 24 insertions(+), 2 deletions(-) create mode 100644 net/net-snmp/patches/patch-ad diff --git a/net/net-snmp/Makefile b/net/net-snmp/Makefile index dac81e8ca15..e674209febb 100644 --- a/net/net-snmp/Makefile +++ b/net/net-snmp/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.75 2008/11/02 08:30:07 adam Exp $ +# $NetBSD: Makefile,v 1.75.2.1 2009/02/16 05:24:29 rtr Exp $ DISTNAME= net-snmp-5.4.2.1 +PKGREVISION= 1 CATEGORIES= net MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=net-snmp/} diff --git a/net/net-snmp/distinfo b/net/net-snmp/distinfo index 2c3196d35da..eb784c3321f 100644 --- a/net/net-snmp/distinfo +++ b/net/net-snmp/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.51 2008/11/02 08:30:07 adam Exp $ +$NetBSD: distinfo,v 1.51.2.1 2009/02/16 05:24:29 rtr Exp $ SHA1 (net-snmp-5.4.2.1.tar.gz) = 4f2df9ea62344fe840f493d0e08abe5de3697862 RMD160 (net-snmp-5.4.2.1.tar.gz) = 2148c42d486ed88f9cfc3ca1d50c68abcd7e3d63 @@ -6,6 +6,7 @@ Size (net-snmp-5.4.2.1.tar.gz) = 5185390 bytes SHA1 (patch-aa) = 34f85e513ace26c1c2b05bb1c4b72a23491861cf SHA1 (patch-ab) = 3227eeb8b54b37813d8b6949f8c6ddc446038bf2 SHA1 (patch-ac) = becbd7d3f7bbd16d6ddd1a6ea5467a127553caa4 +SHA1 (patch-ad) = 4af27886f93bf018f6794c3f8b8dcb9b08389163 SHA1 (patch-ae) = 721e62bb42b6d3787f36316cf2628cd71ae6a6ce SHA1 (patch-af) = 15a18d1a8f3a8ffaba5facb37420668791944d29 SHA1 (patch-ag) = 7021f7238c37635c9c32ceca681fd42aa125437f diff --git a/net/net-snmp/patches/patch-ad b/net/net-snmp/patches/patch-ad new file mode 100644 index 00000000000..d392faa6332 --- /dev/null +++ b/net/net-snmp/patches/patch-ad @@ -0,0 +1,20 @@ +$NetBSD: patch-ad,v 1.6.6.1 2009/02/16 05:24:29 rtr Exp $ + +Patch for CVE-2008-6123, taken from here: + +http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/branches/V5-4-patches/net-snmp/snmplib/snmpUDPDomain.c?r1=17312&r2=17367&pathrev=17367 + +--- snmplib/snmpUDPDomain.c.orig 2007-10-11 21:46:30.000000000 +0100 ++++ snmplib/snmpUDPDomain.c 2009-02-15 11:21:10.000000000 +0000 +@@ -107,9 +107,9 @@ + sprintf(tmp, "UDP: [%s]->unknown", + inet_ntoa(addr_pair->local_addr)); + } else { +- sprintf(tmp, "UDP: [%s]->", inet_ntoa(addr_pair->local_addr)); +- sprintf(tmp + strlen(tmp), "[%s]:%hd", ++ sprintf(tmp, "UDP: [%s]:%hu->", + inet_ntoa(to->sin_addr), ntohs(to->sin_port)); ++ sprintf(tmp + strlen(tmp), "[%s]", inet_ntoa(addr_pair->local_addr)); + } + return strdup(tmp); + } -- cgit v1.2.3